commit curl for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package curl for openSUSE:Factory checked in 
at 2013-02-18 13:46:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/curl (Old)
 and      /work/SRC/openSUSE:Factory/.curl.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "curl", Maintainer is "vci...@suse.com"

Changes:
--------
--- /work/SRC/openSUSE:Factory/curl/curl.changes        2013-02-07 
14:16:03.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.curl.new/curl.changes   2013-02-18 
13:46:24.000000000 +0100
@@ -1,0 +2,7 @@
+Sun Feb 17 17:04:34 UTC 2013 - crrodrig...@opensuse.org
+
+- Add curl-secure-getenv.patch: Use secure_getenv if available.
+  libcurl might be linked to a program where "secure execution" is
+  required.
+
+-------------------------------------------------------------------

New:
----
  curl-secure-getenv.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ curl.spec ++++++
--- /var/tmp/diff_new_pack.zSHdGA/_old  2013-02-18 13:46:26.000000000 +0100
+++ /var/tmp/diff_new_pack.zSHdGA/_new  2013-02-18 13:46:26.000000000 +0100
@@ -34,6 +34,7 @@
 Patch:          libcurl-ocloexec.patch
 Patch1:         dont-mess-with-rpmoptflags.diff
 Patch2:         curl-CVE-2013-0249.patch
+Patch3:         curl-secure-getenv.patch
 # Use rpmbuild -D 'VERIFY_SIG 1' to verify signature during build or run 
one-shot check by "gpg-offline --verify --package=curl curl-*.asc".
 %if 0%{?VERIFY_SIG}
 BuildRequires:  gpg-offline
@@ -100,7 +101,7 @@
 %patch
 %patch1
 %patch2 -p1
-
+%patch3
 %build
 autoreconf -fi
 # local hack to make curl-config --libs stop printing libraries it depends on



++++++ curl-secure-getenv.patch ++++++
--- lib/getenv.c.orig
+++ lib/getenv.c
@@ -31,6 +31,14 @@
 
 #include "memdebug.h"
 
+#ifndef HAVE_SECURE_GETENV
+#  ifdef HAVE__SECURE_GETENV
+#    define secure_getenv __secure_getenv
+#  else
+#    error neither secure_getenv nor __secure_getenv is available
+#  endif
+#endif
+
 static
 char *GetEnv(const char *variable)
 {
@@ -45,7 +53,7 @@ char *GetEnv(const char *variable)
     ExpandEnvironmentStringsA(temp, env, sizeof(env));
   return (env[0] != '\0')?strdup(env):NULL;
 #else
-  char *env = getenv(variable);
+  char *env = secure_getenv(variable);
 #ifdef __VMS
   if(env && strcmp("HOME",variable) == 0)
     env = decc_translate_vms(env);
--- configure.ac.orig
+++ configure.ac
@@ -3480,6 +3480,8 @@ if test "x$want_curldebug_assumed" = "xy
   ac_configure_args="$ac_configure_args --enable-curldebug"
 fi
 
+AC_CHECK_FUNCS([__secure_getenv secure_getenv])
+
 AC_CONFIG_FILES([Makefile \
            docs/Makefile \
            docs/examples/Makefile \
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org