From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] curl: Update to version 7.87.0 Date: Thu, 29 Dec 2022 11:21:24 +0000 Message-ID: In-Reply-To: <20221227120002.12161-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4284363972799340576==" List-Id: --===============4284363972799340576== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > - Update from version 7.86.0 to 7.87.0 > - Update of rootfile > - version 7.87.0 changed hoiw it deals with deprecated typecheck expression= s. This caused > zabbix_agentd build to fail. Curl developers created a commit to fix thi= s in next > version release. Added as patch here. Should be able to be removed with = next curl > update. > - Changelog > curl and libcurl 7.87.0 > This release includes the following changes: > o curl: add --url-query [52] > o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75] > o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47] > o openssl: reduce CA certificate bundle reparsing by caching [11] > o version: add a feature names array to curl_version_info_data [67] > This release includes the following bugfixes: > o altsvc: fix rejection of negative port numbers [144] > o aws_sigv4: consult x-%s-content-sha256 for payload hash [102] > o aws_sigv4: fix typos in aws_sigv4.c [101] > o base64: better alloc size [124] > o base64: encode without using snprintf [123] > o base64: faster base64 decoding [120] > o build: assume assert.h is always available [111] > o build: assume errno.h is always available [110] > o c-hyper: CONNECT respones are not server responses [137] > o c-hyper: fix multi-request mechanism [115] > o CI: Change FreeBSD image from 12.3 to 12.4 [108] > o CI: LGTM.com will be shut down in December 2022 [112] > o ci: Remove zuul fuzzing job as it's superseded by CIFuzz > o cmake: check for cross-compile, not for toolchain [54] > o CMake: fix build with `CURL_USE_GSSAPI` [78] > o cmake: really enable warnings with clang [25] > o cmake: set the soname on the shared library [140] > o cmdline-opts/gen.pl: fix the linkifier [64] > o cmdline-opts/page-footer: remove long option nroff formatting > o config-mac: define HAVE_SYS_IOCTL_H [107] > o config-mac: fix typo: size_T -> size_t [125] > o config-mac: remove HAVE_SYS_SELECT_H [116] > o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41] > o configure: require fork for NTLM-WB [36] > o contributors.sh: actually use $CURLWWW instead of just setting it [129] > o cookie: compare cookie prefixes case insensitively [14] > o cookie: expire cookies at once when max-age is negative [45] > o cookie: open cookie jar as a binary file [89] > o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90] > o curl-rustls.m4: on macOS, rustls also needs the Security framework [44] > o curl.h: include on SerenityOS [104] > o curl.h: name all public function parameters [118] > o curl.h: reword comment to not use deprecated option [132] > o curl: override the numeric locale and set "C" by force [60] > o curl: timeout in the read callback [15] > o curl_endian: remove Curl_write64_le from header [81] > o curl_get_line: allow last line without newline char [88] > o curl_path: do not add '/' if homedir ends with one [4] > o curl_url_get.3: remove spurious backtick [127] > o curl_url_set.3: document CURLU_DISALLOW_USER [139] > o curl_url_set.3: fix typo [148] > o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1] > o CURLOPT_COOKIEFILE.3: advice =3D> advise [131] > o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31] > o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130] > o CURLOPT_POST.3: Explain setting to 0 changes request type [61] > o docs/curl_ws_send: Fixed typo in websocket docs [114] > o docs/EARLY-RELEASE.md: how to determine an early release [37] > o docs/examples: spell correction ('Retrieve') [119] > o docs/INSTALL.md: expand on static builds [62] > o docs/WEBSOCKET.md: explain the URL use [71] > o docs: add missing parameters for --retry flag [2] > o docs: add more "SEE ALSO" links to CA related pages [82] > o docs: explain the noproxy CIDR notation support [17] > o docs: extend the dump-header documentation [150] > o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13] > o examples/10-at-a-time: fix possible skipped final transfers [85] > o examples: update descriptions [83] > o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96] > o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10] > o GHA: clarify workflows permissions, set least possible privilege [79] > o GHA: NSS use clang instead of clang-9 [103] > o gnutls: use common gnutls init and verify code for ngtcp2 [98] > o headers: add endif comments [51] > o HTTP-COOKIES.md: mention that http://localhost is a secure context [76] > o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70] > o http: do not send PROXY more than once [46] > o http: fix the ::1 comparison for IPv6 localhost for cookies [155] > o http: set 'this_is_a_follow' in the Location: logic [40] > o http: use the IDN decoded name in HSTS checks [154] > o hyper: classify headers as CONNECT and 1XX [56] > o hyper: fix handling of hyper_task's when reusing the same address [33] > o idn: remove Curl_win32_ascii_to_idn [153] > o INSTALL: update operating systems and CPU archs [91] > o KNOWN_BUGS: remove eight entries [50] > o lib1560: add some basic IDN host name tests [151] > o lib: connection filters (cfilter) addition to curl: [43] > o lib: feature deprecation warnings in gcc >=3D 4.3 [58] > o lib: fix some type mismatches and remove unneeded typecasts [12] > o lib: parse numbers with fixed known base 10 [77] > o lib: remove bad set.opt_no_body assignments [42] > o lib: rewind BEFORE request instead of AFTER previous [65] > o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6] > o lib: use size_t or int etc instead of longs [145] > o libcurl-errors.3: remove duplicate word [3] > o libssh2: return error when ssh_hostkeyfunc returns error [121] > o limit-rate.d: see also --rate > o log2changes.pl: wrap long lines at 80 columns [59] > o Makefile.mk: address minor issues [87] > o Makefile.mk: improve a GNU Make hack [122] > o Makefile.mk: portable Makefile.m32 [86] > o maketgz: set the right version in lib/libcurl.plist [53] > o mime: relax easy/mime structures binding [94] > o misc: Fix incorrect spelling [113] > o misc: remove duplicated include files [28] > o misc: typo and grammar fixes [23] > o negtelnetserver.py: have it call its close() method [68] > o netrc.d: provide mutext info [63] > o netware: remove leftover traces [80] > o noproxy: also match with adjacent comma [19] > o noproxy: guard against empty hostnames in noproxy check [136] > o noproxy: tailmatch like in 7.85.0 and earlier [35] > o nroff-scan.pl: detect double highlights > o ntlm: improve comment for encrypt_des [55] > o ntlm: silence ubsan warning about copying from null target_info pointe= r [69] > o openssl/mbedtls: use %d for outputing port with failf (int) [72] > o openssl: prefix errors with '[lib]/[version]: ' [105] > o os400: use platform socklen_t in Curl_getnameinfo_a [18] > o page-header: grammar improvement (display transfer rate) [126] > o proxy: refactor haproxy protocol handling as connection filter [57] > o README.md: remove badges and xmas-tree garnish [9] > o rtsp: fix RTSP auth [49] > o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100] > o runtests: do CRLF replacements per section only [97] > o scripts/checksrc.pl: detect duplicated include files [29] > o sendf: change Curl_read_plain to wrap Curl_recv_plain [48] > o sendf: remove unnecessary if condition [26] > o setup: do not require __MRC__ defined for Mac OS 9 builds [117] > o smb/telnet: do not free the protocol struct in *_done() [152] > o socks: fix username max size is 255 (0xFF) [146] > o spellcheck.words: remove 'github' as an accepted word [22] > o ssl-reqd.d: clarify that this is for upgrading connections only [138] > o strcase: use curl_str(n)equal for case insensitive matches [8] > o styled-output.d: this option does not work on Windows [93] > o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133] > o system.h: support 64-bit curl_off_t for NonStop 32-bit [21] > o test1421: fix typo [109] > o test3026: reduce runtime in legacy mingw builds [73] > o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+ > o tests: add authorityInfoAccess to generated certs [99] > o tests: add HTTP/3 test case, custom location for proper nghttpx [106] > o tls: backends use connection filters for IO, enabling HTTPS-proxy [92] > o tool: determine the correct fopen option for -D [95] > o tool_cfgable: free the ssl_ec_curves on exit [142] > o tool_cfgable: make socks5_gssapi_nec a boolean [128] > o tool_formparse: avoid clobbering on function params [135] > o tool_getparam: make --no-get work as the opposite of --get [39] > o tool_operate: provide better errmsg for -G with bad URL [16] > o tool_operate: when aborting, make sure there is a non-NULL error buffe= r [20] > o tool_paramhlp: free the proto strings on exit [141] > o url: move back the IDN conversion of proxy names [74] > o urlapi: reject more bad letters from the host name: &+() [143] > o urldata: change port num storage to int and unsigned short [66] > o vms: remove SIZEOF_SHORT [134] > o vtls: fix build without proxy support [38] > o vtls: localization of state data in filters [84] > o WEBSOCKET.md: fix broken link [30] > o Websocket: fixes for partial frames and buffer updates [7] > o websockets: fix handling of partial frames [32] > o windows: fail early with a missing windres in autotools [5] > o windows: fix linking .rc to shared curl with autotools [24] > o winidn: drop WANT_IDN_PROTOTYPES [27] > o ws: if no connection is around, return error [149] > o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34] > o x509asn1: avoid freeing unallocated pointers [147] >=20 > Signed-off-by: Adolf Belka > --- > config/rootfiles/common/curl | 1 + > lfs/curl | 6 ++- > ...pressions_for_option_info_parameters.patch | 42 +++++++++++++++++++ > 3 files changed, 47 insertions(+), 2 deletions(-) > create mode 100644 src/patches/curl-7.87.0_typecheck_accept_expressions_fo= r_option_info_parameters.patch >=20 > diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl > index 01a5fd792..82e3988d6 100644 > --- a/config/rootfiles/common/curl > +++ b/config/rootfiles/common/curl > @@ -119,6 +119,7 @@ usr/lib/libcurl.so.4.8.0 > #usr/share/man/man3/CURLOPT_CAINFO.3 > #usr/share/man/man3/CURLOPT_CAINFO_BLOB.3 > #usr/share/man/man3/CURLOPT_CAPATH.3 > +#usr/share/man/man3/CURLOPT_CA_CACHE_TIMEOUT.3 > #usr/share/man/man3/CURLOPT_CERTINFO.3 > #usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3 > #usr/share/man/man3/CURLOPT_CHUNK_DATA.3 > diff --git a/lfs/curl b/lfs/curl > index 33678f795..b76c33410 100644 > --- a/lfs/curl > +++ b/lfs/curl > @@ -24,7 +24,7 @@ > =20 > include Config > =20 > -VER =3D 7.86.0 > +VER =3D 7.87.0 > =20 > THISAPP =3D curl-$(VER) > DL_FILE =3D $(THISAPP).tar.xz > @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) > =20 > $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > =20 > -$(DL_FILE)_BLAKE2 =3D a1de7feb229de42bf1deeb5017f97df3b1c10c75fac99bcd0cd2= 1a5dc69b6d8b62520744106d6a113c7a86bd6731dba536a263aabfa22be50d520c43e894acce > +$(DL_FILE)_BLAKE2 =3D b272ec928c5ef1728434630d8910f58834327a30570913df9d47= 921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 > =20 > install : $(TARGET) > =20 > @@ -70,6 +70,8 @@ $(subst %,%_BLAKE2,$(objects)) : > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > @$(PREBUILD) > @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xf $(DIR_DL)/$(DL_FILE) > + # Add upstream patche. > + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/curl-7.87.0_typeche= ck_accept_expressions_for_option_info_parameters.patch > cd $(DIR_APP) && ./configure \ > --prefix=3D/usr \ > --disable-ipv6 \ > diff --git a/src/patches/curl-7.87.0_typecheck_accept_expressions_for_optio= n_info_parameters.patch b/src/patches/curl-7.87.0_typecheck_accept_expression= s_for_option_info_parameters.patch > new file mode 100644 > index 000000000..63b23e309 > --- /dev/null > +++ b/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_= parameters.patch > @@ -0,0 +1,42 @@ > +From curl commit e2aed00 > + > +As expressions can have side effects, evaluate only once. > + > +To enable deprecation reporting only once, get rid of the __typeof__ > +use to define the local temporary variable and use the target type > +(CURLoption/CURLINFO). This also avoids multiple reports on type > +conflicts (if some) by the curlcheck_* macros. > + > +Note that CURLOPT_* and CURLINFO_* symbols may be deprecated, but not > +their values: a curl_easy_setopt call with an integer constant as option > +will never report a deprecation. > + > +Reported-by: Thomas Klausner > +Fixes #10148 > +Closes #10149 > + > + > +--- curl-7.87.0/include/curl/typecheck-gcc.h.orig 2022-12-19 08:48:23.0000= 00000 +0100 > ++++ curl-7.87.0/include/curl/typecheck-gcc.h 2022-12-26 20:39:29.243819395= +0100 > +@@ -42,9 +42,8 @@ > + */ > + #define curl_easy_setopt(handle, option, value) \ > + __extension__({ \ > +- CURL_IGNORE_DEPRECATION(__typeof__(option) _curl_opt =3D option;) = \ > ++ CURLoption _curl_opt =3D (option); = \ > + if(__builtin_constant_p(_curl_opt)) { \ > +- (void) option; \ > + CURL_IGNORE_DEPRECATION( \ > + if(curlcheck_long_option(_curl_opt)) \ > + if(!curlcheck_long(value)) \ > +@@ -120,9 +119,8 @@ > + /* wraps curl_easy_getinfo() with typechecking */ > + #define curl_easy_getinfo(handle, info, arg) \ > + __extension__({ \ > +- CURL_IGNORE_DEPRECATION(__typeof__(info) _curl_info =3D info;) = \ > ++ CURLINFO _curl_info =3D (info); = \ > + if(__builtin_constant_p(_curl_info)) { \ > +- (void) info; \ > + CURL_IGNORE_DEPRECATION( \ > + if(curlcheck_string_info(_curl_info)) \ > + if(!curlcheck_arr((arg), char *)) \ --===============4284363972799340576==--