* Removes previous CVE patches.
* Uses wolfssl as the default.
choice
prompt "Selected SSL library"
- default LIBCURL_MBEDTLS
+ default LIBCURL_WOLFSSL
config LIBCURL_MBEDTLS
bool "mbed TLS"
include $(TOPDIR)/rules.mk
PKG_NAME:=curl
-PKG_VERSION:=7.66.0
-PKG_RELEASE:=3
+PKG_VERSION:=7.72.0
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://dl.uxnr.de/mirror/curl/ \
https://curl.mirror.anstey.ca/ \
https://curl.askapache.com/download/ \
https://curl.haxx.se/download/
-PKG_HASH:=dbb48088193016d079b97c5c3efde8efa56ada2ebf336e8a97d04eb8e2ed98c1
+PKG_HASH:=0ded0808c4d85f2ee0db86980ae610cc9d165e9ca9da466196cc73c346513713
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
CONFIG_LIBCURL_TLS_SRP \
CONFIG_LIBCURL_UNIX_SOCKETS \
CONFIG_LIBCURL_VERBOSE \
- CONFIG_LIBCURL_NTLM
+ CONFIG_LIBCURL_NTLM \
+ $(if $(CONFIG_LIBCURL_OPENSSL), \
+ CONFIG_OPENSSL_ENGINE \
+ CONFIG_OPENSSL_WITH_COMPRESSION \
+ CONFIG_OPENSSL_WITH_NPN)
include $(INCLUDE_DIR)/package.mk
--without-libidn \
--without-ca-path \
--without-libpsl \
+ --without-zstd \
--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
\
$(call autoconf_bool,CONFIG_IPV6,ipv6) \
\
- $(if $(CONFIG_LIBCURL_WOLFSSL),--with-cyassl="$(STAGING_DIR)/usr",--without-cyassl) \
+ $(if $(CONFIG_LIBCURL_WOLFSSL),--with-wolfssl="$(STAGING_DIR)/usr",--without-wolfssl) \
$(if $(CONFIG_LIBCURL_GNUTLS),--with-gnutls="$(STAGING_DIR)/usr",--without-gnutls) \
$(if $(CONFIG_LIBCURL_OPENSSL),--with-ssl="$(STAGING_DIR)/usr",--without-ssl) \
$(if $(CONFIG_LIBCURL_MBEDTLS),--with-mbedtls="$(STAGING_DIR)/usr",--without-mbedtls) \
--- /dev/null
+From 510d98157f21dee5793c4e975fde3317b6139267 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 24 Aug 2020 16:28:34 +0200
+Subject: [PATCH] configure: fix pkg-config detecting wolfssl
+
+When amending the include path with "/wolfssl", this now properly strips
+off all whitespace from the path variable! Previously this would lead to
+pkg-config builds creating bad command lines.
+
+Closes #5848
+---
+ configure.ac | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -2474,8 +2474,12 @@ if test -z "$ssl_backends" -o "x$OPT_WOL
+ AC_DEFINE(HAVE_WOLFSSL_DES_ECB_ENCRYPT, 1,
+ [if you have wolfSSL_DES_ecb_encrypt])
+ if test -n "$addcflags"; then
+- CPPFLAGS="$addcflags/wolfssl $CPPFLAGS"
+- AC_MSG_NOTICE([Add $addcflags/wolfssl to CPPFLAGS])
++ dnl use a for loop to strip off whitespace
++ for f in $addcflags; do
++ CPPFLAGS="$f/wolfssl $CPPFLAGS"
++ AC_MSG_NOTICE([Add $f/wolfssl to CPPFLAGS])
++ break
++ done
+ else
+ dnl user didn't give a path, so guess/hope they installed wolfssl
+ dnl headers to system default location
+++ /dev/null
-From 1b71bc532bde8621fd3260843f8197182a467ff2 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Thu, 7 Nov 2019 10:13:01 +0100
-Subject: [PATCH] file: on Windows, refuse paths that start with \\
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-... as that might cause an unexpected SMB connection to a given host
-name.
-
-Reported-by: Fernando Muñoz
-CVE-2019-15601
-Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
-
-Signed-off-by: Petr Štetiar <ynezz@true.cz>
----
- lib/file.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/lib/file.c b/lib/file.c
-index d349cd9241cd..166931d7f1ba 100644
---- a/lib/file.c
-+++ b/lib/file.c
-@@ -136,7 +136,7 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
- struct Curl_easy *data = conn->data;
- char *real_path;
- struct FILEPROTO *file = data->req.protop;
-- int fd;
-+ int fd = -1;
- #ifdef DOS_FILESYSTEM
- size_t i;
- char *actual_path;
-@@ -181,7 +181,9 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
- return CURLE_URL_MALFORMAT;
- }
-
-- fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
-+ if(strncmp("\\\\", actual_path, 2))
-+ /* refuse to open path that starts with two backslashes */
-+ fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
- file->path = actual_path;
- #else
- if(memchr(real_path, 0, real_path_len)) {
+++ /dev/null
-From 600a8cded447cd7118ed50142c576567c0cf5158 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Thu, 14 May 2020 14:37:12 +0200
-Subject: [PATCH] url: make the updated credentials URL-encoded in the URL
-
-Found-by: Gregory Jefferis
-Reported-by: Jeroen Ooms
-Added test 1168 to verify. Bug spotted when doing a redirect.
-Bug: https://github.com/jeroen/curl/issues/224
-Closes #5400
----
- lib/url.c | 6 ++--
- tests/data/Makefile.inc | 1 +
- tests/data/test1168 | 78 +++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 83 insertions(+), 2 deletions(-)
- create mode 100644 tests/data/test1168
-
-diff --git a/lib/url.c b/lib/url.c
-index f250f2ff20a..9b8b2bdde64 100644
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -2788,12 +2788,14 @@ static CURLcode override_login(struct Curl_easy *data,
-
- /* for updated strings, we update them in the URL */
- if(user_changed) {
-- uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, 0);
-+ uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp,
-+ CURLU_URLENCODE);
- if(uc)
- return Curl_uc_to_curlcode(uc);
- }
- if(passwd_changed) {
-- uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, 0);
-+ uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp,
-+ CURLU_URLENCODE);
- if(uc)
- return Curl_uc_to_curlcode(uc);
- }
--- a/Makefile.am
+++ b/Makefile.am
-@@ -179,7 +179,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
+@@ -192,7 +192,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
bin_SCRIPTS = curl-config
SUBDIRS = lib src
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcurl.pc
-@@ -290,8 +290,8 @@ cygwinbin:
+@@ -303,8 +303,8 @@ cygwinbin:
# We extend the standard install with a custom hook:
install-data-hook:
- cd include && $(MAKE) install
-- cd docs && $(MAKE) install
-- cd docs/libcurl && $(MAKE) install
-+ #cd docs && $(MAKE) install
-+ #cd docs/libcurl && $(MAKE) install
+ (cd include && $(MAKE) install)
+- (cd docs && $(MAKE) install)
+- (cd docs/libcurl && $(MAKE) install)
++ #(cd docs && $(MAKE) install)
++ #(cd docs/libcurl && $(MAKE) install)
# We extend the standard uninstall with a custom hook:
uninstall-hook:
projects / librecmc / librecmc.git / commitdiff