From patchwork Tue Jul 28 18:33:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 1337953 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=tkos.co.il Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BGQL34Nxmz9sSd for ; Wed, 29 Jul 2020 04:33:47 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 937CF84D0A; Tue, 28 Jul 2020 18:33:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hNmju58PkiRY; Tue, 28 Jul 2020 18:33:42 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id B94B3849B7; Tue, 28 Jul 2020 18:33:42 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id B407A1BF28E for ; Tue, 28 Jul 2020 18:33:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id A944B88085 for ; Tue, 28 Jul 2020 18:33:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbd30z5TrQPh for ; Tue, 28 Jul 2020 18:33:40 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mx.tkos.co.il (unknown [192.115.133.116]) by whitealder.osuosl.org (Postfix) with ESMTPS id 9719F8808E for ; Tue, 28 Jul 2020 18:33:39 +0000 (UTC) Received: from tarshish.tkos.co.il (unknown [10.0.8.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx.tkos.co.il (Postfix) with ESMTPS id A8C1D440A17; Tue, 28 Jul 2020 21:33:17 +0300 (IDT) From: Baruch Siach To: buildroot@busybox.net Date: Tue, 28 Jul 2020 21:33:29 +0300 Message-Id: <0d5ec0a6230311820188e71d6a650fd58e74ee11.1595961209.git.baruch@tkos.co.il> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 Subject: [Buildroot] [PATCH] package/libcurl: fix build against gnutls with proxy disabled X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Add upstream patch (#4) fixing build with gnutls when BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled. Patch #4 depends on #3 to apply so add this one as well. Fixes: http://autobuild.buildroot.net/results/31d7204869ff71319ea055688c919a646bfb200b/ http://autobuild.buildroot.net/results/f8d2fb919475cdff4a36ad93071048ee09193b98/ http://autobuild.buildroot.net/results/2f07a0ac1240a6040a3509d2ebf06906a31fd172/ Signed-off-by: Baruch Siach --- ...nutls-Fetch-backend-when-using-proxy.patch | 29 ++++ ...ir-the-build-with-CURL_DISABLE_PROXY.patch | 125 ++++++++++++++++++ 2 files changed, 154 insertions(+) create mode 100644 package/libcurl/0003-gnutls-Fetch-backend-when-using-proxy.patch create mode 100644 package/libcurl/0004-gnutls-repair-the-build-with-CURL_DISABLE_PROXY.patch diff --git a/package/libcurl/0003-gnutls-Fetch-backend-when-using-proxy.patch b/package/libcurl/0003-gnutls-Fetch-backend-when-using-proxy.patch new file mode 100644 index 000000000000..4e5ad2536576 --- /dev/null +++ b/package/libcurl/0003-gnutls-Fetch-backend-when-using-proxy.patch @@ -0,0 +1,29 @@ +From 691df98d51955f7f24b34332ad867b6d69093ae0 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan +Date: Fri, 26 Jun 2020 08:59:24 +0000 +Subject: [PATCH] gnutls: Fetch backend when using proxy + +Fixes: 89865c149 ("gnutls: remove the BACKEND define kludge") +Signed-off-by: Alex Kiernan +Signed-off-by: Baruch Siach +--- +Upstream status: commit 691df98d51955f7f24b34332ad867b6d69093ae0 + + lib/vtls/gtls.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c +index 9b4c3659acc5..02d0825e5ac7 100644 +--- a/lib/vtls/gtls.c ++++ b/lib/vtls/gtls.c +@@ -1382,6 +1382,7 @@ static bool Curl_gtls_data_pending(const struct connectdata *conn, + res = TRUE; + + connssl = &conn->proxy_ssl[connindex]; ++ backend = connssl->backend; + if(backend->session && + 0 != gnutls_record_check_pending(backend->session)) + res = TRUE; +-- +2.27.0 + diff --git a/package/libcurl/0004-gnutls-repair-the-build-with-CURL_DISABLE_PROXY.patch b/package/libcurl/0004-gnutls-repair-the-build-with-CURL_DISABLE_PROXY.patch new file mode 100644 index 000000000000..4f8a72c6ea56 --- /dev/null +++ b/package/libcurl/0004-gnutls-repair-the-build-with-CURL_DISABLE_PROXY.patch @@ -0,0 +1,125 @@ +From 0fda8db95c98f1e08a830ec5dbccb24e0994a9e3 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan +Date: Fri, 26 Jun 2020 09:08:32 +0000 +Subject: [PATCH] gnutls: repair the build with `CURL_DISABLE_PROXY` + +`http_proxy`/`proxy_ssl`/`tunnel_proxy` will not be available in `conn` +if `CURL_DISABLE_PROXY` is enabled. Repair the build with that +configuration. + +Signed-off-by: Alex Kiernan +Closes #5645 +Signed-off-by: Baruch Siach +--- +Upstream status: commit 0fda8db95c98f1e08a830ec5dbccb24e0994a9e3 + + lib/vtls/gtls.c | 30 +++++++++++++++++++++++++++--- + 1 file changed, 27 insertions(+), 3 deletions(-) + +diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c +index 02d0825e5ac7..75331388cc13 100644 +--- a/lib/vtls/gtls.c ++++ b/lib/vtls/gtls.c +@@ -399,10 +399,15 @@ gtls_connect_step1(struct connectdata *conn, + #endif + const char *prioritylist; + const char *err = NULL; ++#ifndef CURL_DISABLE_PROXY + const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : + conn->host.name; + long * const certverifyresult = SSL_IS_PROXY() ? + &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; ++#else ++ const char * const hostname = conn->host.name; ++ long * const certverifyresult = &data->set.ssl.certverifyresult; ++#endif + + if(connssl->state == ssl_connection_complete) + /* to make us tolerant against being called more than once for the +@@ -620,8 +625,11 @@ gtls_connect_step1(struct connectdata *conn, + gnutls_datum_t protocols[2]; + + #ifdef USE_NGHTTP2 +- if(data->set.httpversion >= CURL_HTTP_VERSION_2 && +- (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { ++ if(data->set.httpversion >= CURL_HTTP_VERSION_2 ++#ifndef CURL_DISABLE_PROXY ++ && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) ++#endif ++ ) { + protocols[cur].data = (unsigned char *)NGHTTP2_PROTO_VERSION_ID; + protocols[cur].size = NGHTTP2_PROTO_VERSION_ID_LEN; + cur++; +@@ -694,12 +702,15 @@ gtls_connect_step1(struct connectdata *conn, + } + } + ++#ifndef CURL_DISABLE_PROXY + if(conn->proxy_ssl[sockindex].use) { + transport_ptr = conn->proxy_ssl[sockindex].backend->session; + gnutls_transport_push = Curl_gtls_push_ssl; + gnutls_transport_pull = Curl_gtls_pull_ssl; + } +- else { ++ else ++#endif ++ { + /* file descriptor for the socket */ + transport_ptr = &conn->sock[sockindex]; + gnutls_transport_push = Curl_gtls_push; +@@ -828,10 +839,15 @@ gtls_connect_step3(struct connectdata *conn, + unsigned int bits; + gnutls_protocol_t version = gnutls_protocol_get_version(session); + #endif ++#ifndef CURL_DISABLE_PROXY + const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : + conn->host.name; + long * const certverifyresult = SSL_IS_PROXY() ? + &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; ++#else ++ const char * const hostname = conn->host.name; ++ long * const certverifyresult = &data->set.ssl.certverifyresult; ++#endif + + /* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */ + ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session), +@@ -1112,8 +1128,12 @@ gtls_connect_step3(struct connectdata *conn, + } + #endif + if(!rc) { ++#ifndef CURL_DISABLE_PROXY + const char * const dispname = SSL_IS_PROXY() ? + conn->http_proxy.host.dispname : conn->host.dispname; ++#else ++ const char * const dispname = conn->host.dispname; ++#endif + + if(SSL_CONN_CONFIG(verifyhost)) { + failf(data, "SSL: certificate subject name (%s) does not match " +@@ -1381,11 +1401,13 @@ static bool Curl_gtls_data_pending(const struct connectdata *conn, + 0 != gnutls_record_check_pending(backend->session)) + res = TRUE; + ++#ifndef CURL_DISABLE_PROXY + connssl = &conn->proxy_ssl[connindex]; + backend = connssl->backend; + if(backend->session && + 0 != gnutls_record_check_pending(backend->session)) + res = TRUE; ++#endif + + return res; + } +@@ -1434,7 +1456,9 @@ static void close_one(struct ssl_connect_data *connssl) + static void Curl_gtls_close(struct connectdata *conn, int sockindex) + { + close_one(&conn->ssl[sockindex]); ++#ifndef CURL_DISABLE_PROXY + close_one(&conn->proxy_ssl[sockindex]); ++#endif + } + + /* +-- +2.27.0 +