summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2020-07-27 02:33:27 +0000
committerSam James <sam@gentoo.org>2020-07-27 03:15:18 +0000
commitf0cf742462897b3ddeb3705b7d606e0f98bf2c5e (patch)
tree81f2b8f1618f8165f01e1d343e4c12ed2f84f3c7 /net-misc/curl/files/curl-fix-cpu-load.patch
parentsys-fs/fuseiso: security cleanup (diff)
downloadgentoo-f0cf742462897b3ddeb3705b7d606e0f98bf2c5e.tar.gz
gentoo-f0cf742462897b3ddeb3705b7d606e0f98bf2c5e.tar.bz2
gentoo-f0cf742462897b3ddeb3705b7d606e0f98bf2c5e.zip
net-misc/curl: security cleanup
Closes: https://bugs.gentoo.org/729374 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-misc/curl/files/curl-fix-cpu-load.patch')
-rw-r--r--net-misc/curl/files/curl-fix-cpu-load.patch94
1 files changed, 0 insertions, 94 deletions
diff --git a/net-misc/curl/files/curl-fix-cpu-load.patch b/net-misc/curl/files/curl-fix-cpu-load.patch
deleted file mode 100644
index fb20641b5b2..00000000000
--- a/net-misc/curl/files/curl-fix-cpu-load.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-Fixes https://bugs.gentoo.org/727352
-
-From 2a41e236716da4c41ebc1132bd36d9273bd0321f Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Mon, 8 Jun 2020 14:05:22 +0200
-Subject: [PATCH] socks: detect connection close during handshake
-
-The SOCKS4/5 state machines weren't properly terminated when the proxy
-connection got closed, leading to a busy-loop.
-
-Reported-By: zloi-user on github
-Fixes #5532
-Closes #5542
----
- lib/socks.c | 32 ++++++++++++++++++++++++++++----
- 1 file changed, 28 insertions(+), 4 deletions(-)
-
-diff --git a/lib/socks.c b/lib/socks.c
-index 4c1af7b9de7..b2215fef30c 100644
---- a/lib/socks.c
-+++ b/lib/socks.c
-@@ -382,6 +382,11 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
- curl_easy_strerror(result));
- return CURLE_COULDNT_CONNECT;
- }
-+ else if(!result && !actualread) {
-+ /* connection closed */
-+ failf(data, "connection to proxy closed");
-+ return CURLE_COULDNT_CONNECT;
-+ }
- else if(actualread != sx->outstanding) {
- /* remain in reading state */
- sx->outstanding -= actualread;
-@@ -592,6 +597,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
- failf(data, "Unable to receive initial SOCKS5 response.");
- return CURLE_COULDNT_CONNECT;
- }
-+ else if(!result && !actualread) {
-+ /* connection closed */
-+ failf(data, "Connection to proxy closed");
-+ return CURLE_COULDNT_CONNECT;
-+ }
- else if(actualread != sx->outstanding) {
- /* remain in reading state */
- sx->outstanding -= actualread;
-@@ -717,15 +727,19 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
- failf(data, "Unable to receive SOCKS5 sub-negotiation response.");
- return CURLE_COULDNT_CONNECT;
- }
-- if(actualread != sx->outstanding) {
-+ else if(!result && !actualread) {
-+ /* connection closed */
-+ failf(data, "connection to proxy closed");
-+ return CURLE_COULDNT_CONNECT;
-+ }
-+ else if(actualread != sx->outstanding) {
- /* remain in state */
- sx->outstanding -= actualread;
- sx->outp += actualread;
- return CURLE_OK;
- }
--
- /* ignore the first (VER) byte */
-- if(socksreq[1] != 0) { /* status */
-+ else if(socksreq[1] != 0) { /* status */
- failf(data, "User was rejected by the SOCKS5 server (%d %d).",
- socksreq[0], socksreq[1]);
- return CURLE_COULDNT_CONNECT;
-@@ -890,6 +904,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
- failf(data, "Failed to receive SOCKS5 connect request ack.");
- return CURLE_COULDNT_CONNECT;
- }
-+ else if(!result && !actualread) {
-+ /* connection closed */
-+ failf(data, "connection to proxy closed");
-+ return CURLE_COULDNT_CONNECT;
-+ }
- else if(actualread != sx->outstanding) {
- /* remain in state */
- sx->outstanding -= actualread;
-@@ -967,7 +986,12 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
- failf(data, "Failed to receive SOCKS5 connect request ack.");
- return CURLE_COULDNT_CONNECT;
- }
-- if(actualread != sx->outstanding) {
-+ else if(!result && !actualread) {
-+ /* connection closed */
-+ failf(data, "connection to proxy closed");
-+ return CURLE_COULDNT_CONNECT;
-+ }
-+ else if(actualread != sx->outstanding) {
- /* remain in state */
- sx->outstanding -= actualread;
- sx->outp += actualread;