[Libreoffice-commits] core.git: download.lst external/curl
Thomas Arnhold
thomas at arnhold.org
Sun May 11 13:48:34 PDT 2014
download.lst | 3
external/curl/NSS-support-for-CERTINFO-feature.patch | 391 -------------------
external/curl/UnpackedTarball_curl.mk | 1
3 files changed, 2 insertions(+), 393 deletions(-)
New commits:
commit 21236b9890f37c2cf58f8b8acdf4d52f0b7c6fca
Author: Thomas Arnhold <thomas at arnhold.org>
Date: Sun May 11 04:08:04 2014 +0200
upgrade to curl-7.36.0
CERTINFO was included upstream:
commit f6c335d63f2da025a0a3efde1fe59e3bb7189b70
Author: Patrick Monnerat <pm at datasphere.ch>
Date: Wed Oct 30 11:12:06 2013 +0100
NSS: support for CERTINFO feature
Change-Id: I83de2fd863f9387b83b5ebcbec70cbe6df7681d4
Reviewed-on: https://gerrit.libreoffice.org/9307
Tested-by: LibreOffice gerrit bot <gerrit at libreoffice.org>
Reviewed-by: Thomas Arnhold <thomas at arnhold.org>
Tested-by: Thomas Arnhold <thomas at arnhold.org>
diff --git a/download.lst b/download.lst
index 2bca393..221e9cc 100644
--- a/download.lst
+++ b/download.lst
@@ -19,7 +19,8 @@ export COINMP_MD5SUM := 1cce53bf4b40ae29790d2c5c9f8b1129
export COINMP_TARBALL := CoinMP-1.7.6.tgz
export CPPUNIT_TARBALL := ac4781e01619be13461bb2d562b94a7b-cppunit-1.13.1.tar.gz
export CT2N_TARBALL := 451ccf439a36a568653b024534669971-ConvertTextToNumber-1.3.2.oxt
-export CURL_TARBALL := 57409d6bf0bd97053b8378dbe0cadcef-curl-7.33.0.tar.bz2
+export CURL_MD5SUM := e6d1f9d1b59da5062109ffe14e0569a4
+export CURL_TARBALL := curl-7.36.0.tar.bz2
export DBGHELP_DLL := 13fbc2e8b37ddf28181dd6d8081c2b8e-dbghelp.dll
export EBOOK_MD5SUM := 2f1ceaf2ac8752ed278e175447d9b978
export EBOOK_TARBALL := libe-book-0.0.3.tar.bz2
diff --git a/external/curl/NSS-support-for-CERTINFO-feature.patch b/external/curl/NSS-support-for-CERTINFO-feature.patch
deleted file mode 100644
index 7976a08..0000000
--- a/external/curl/NSS-support-for-CERTINFO-feature.patch
+++ /dev/null
@@ -1,391 +0,0 @@
-From f6c335d63f2da025a0a3efde1fe59e3bb7189b70 Mon Sep 17 00:00:00 2001
-From: Patrick Monnerat <pm at datasphere.ch>
-Date: Wed, 30 Oct 2013 11:12:06 +0100
-Subject: [PATCH] NSS: support for CERTINFO feature
-
----
- docs/libcurl/curl_easy_getinfo.3 | 6 +--
- docs/libcurl/curl_easy_setopt.3 | 5 +-
- lib/hostcheck.c | 4 +-
- lib/nss.c | 46 ++++++++++++++++--
- lib/url.c | 3 +-
- lib/x509asn1.c | 100 +++++++++++++++++++++++++--------------
- lib/x509asn1.h | 4 +-
- 7 files changed, 119 insertions(+), 49 deletions(-)
-
-diff --git a/docs/libcurl/curl_easy_getinfo.3 b/docs/libcurl/curl_easy_getinfo.3
-index 62d8ae4..db0f4d6 100644
---- a/docs/libcurl/curl_easy_getinfo.3
-+++ b/docs/libcurl/curl_easy_getinfo.3
-@@ -5,7 +5,7 @@
- .\" * | (__| |_| | _ <| |___
- .\" * \___|\___/|_| \_\_____|
- .\" *
--.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel at haxx.se>, et al.
-+.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel at haxx.se>, et al.
- .\" *
- .\" * This software is licensed as described in the file COPYING, which
- .\" * you should have received as part of this distribution. The terms
-@@ -219,8 +219,8 @@ done. The struct reports how many certs it found and then you can extract info
- for each of those certs by following the linked lists. The info chain is
- provided in a series of data in the format "name:content" where the content is
- for the specific named data. See also the certinfo.c example. NOTE: this
--option is only available in libcurl built with OpenSSL support. (Added in
--7.19.1)
-+option is only available in libcurl built with OpenSSL, NSS, GSKit or QsoSSL
-+support. (Added in 7.19.1)
- .IP CURLINFO_CONDITION_UNMET
- Pass a pointer to a long to receive the number 1 if the condition provided in
- the previous request didn't match (see \fICURLOPT_TIMECONDITION\fP). Alas, if
-diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
-index f58c8fb..2887483 100644
---- a/docs/libcurl/curl_easy_setopt.3
-+++ b/docs/libcurl/curl_easy_setopt.3
-@@ -2549,9 +2549,10 @@ is ignored.
-
- .IP CURLOPT_CERTINFO
- Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
--this enabled, libcurl (if built with OpenSSL) will extract lots of information
-+this enabled, libcurl (if built with OpenSSL, NSS, GSKit or QsoSSL) will
-+extract lots of information
- and data about the certificates in the certificate chain used in the SSL
--connection. This data is then possible to extract after a transfer using
-+connection. This data may then be retrieved after a transfer using
- \fIcurl_easy_getinfo(3)\fP and its option \fICURLINFO_CERTINFO\fP. (Added in
- 7.19.1)
- .IP CURLOPT_RANDOM_FILE
-diff --git a/lib/hostcheck.c b/lib/hostcheck.c
-index abd1fa0..4be5baa 100644
---- a/lib/hostcheck.c
-+++ b/lib/hostcheck.c
-@@ -23,7 +23,7 @@
- #include "curl_setup.h"
-
- #if defined(USE_SSLEAY) || defined(USE_AXTLS) || defined(USE_QSOSSL) || \
-- defined(USE_GSKIT)
-+ defined(USE_GSKIT) || defined(USE_NSS)
- /* these backends use functions from this file */
-
- #include "hostcheck.h"
-@@ -94,4 +94,4 @@ int Curl_cert_hostcheck(const char *match_pattern, const char *hostname)
- return 0;
- }
-
--#endif /* SSLEAY or AXTLS or QSOSSL or GSKIT */
-+#endif /* SSLEAY or AXTLS or QSOSSL or GSKIT or NSS */
-diff --git a/lib/nss.c b/lib/nss.c
-index 43576e6..2562fcf 100644
---- a/lib/nss.c
-+++ b/lib/nss.c
-@@ -653,6 +653,10 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
- CERTCertificate *cert;
-+ CERTCertificate *cert2;
-+ CERTCertificate *cert3;
-+ PRTime now;
-+ int i;
-
- if(SSL_GetChannelInfo(sock, &channel, sizeof channel) ==
- SECSuccess && channel.length == sizeof channel &&
-@@ -663,11 +667,45 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
- }
- }
-
-- infof(conn->data, "Server certificate:\n");
--
- cert = SSL_PeerCertificate(sock);
-- display_cert_info(conn->data, cert);
-- CERT_DestroyCertificate(cert);
-+
-+ if(cert) {
-+ infof(conn->data, "Server certificate:\n");
-+
-+ if(!conn->data->set.ssl.certinfo) {
-+ display_cert_info(conn->data, cert);
-+ CERT_DestroyCertificate(cert);
-+ }
-+ else {
-+ /* Count certificates in chain. */
-+ now = PR_Now();
-+ i = 1;
-+ if(!cert->isRoot) {
-+ cert2 = CERT_FindCertIssuer(cert, now, certUsageSSLCA);
-+ while(cert2) {
-+ i++;
-+ if(cert2->isRoot) {
-+ CERT_DestroyCertificate(cert2);
-+ break;
-+ }
-+ cert3 = CERT_FindCertIssuer(cert2, now, certUsageSSLCA);
-+ CERT_DestroyCertificate(cert2);
-+ cert2 = cert3;
-+ }
-+ }
-+ Curl_ssl_init_certinfo(conn->data, i);
-+ for(i = 0; cert; cert = cert2) {
-+ Curl_extract_certinfo(conn, i++, cert->derCert.data,
-+ cert->derCert.data + cert->derCert.len);
-+ if(cert->isRoot) {
-+ CERT_DestroyCertificate(cert);
-+ break;
-+ }
-+ cert2 = CERT_FindCertIssuer(cert, now, certUsageSSLCA);
-+ CERT_DestroyCertificate(cert);
-+ }
-+ }
-+ }
-
- return;
- }
-diff --git a/lib/url.c b/lib/url.c
-index e86fbc2..03c7607 100644
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -1926,7 +1926,8 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
- data->set.ssl.fsslctxp = va_arg(param, void *);
- break;
- #endif
--#if defined(USE_SSLEAY) || defined(USE_QSOSSL) || defined(USE_GSKIT)
-+#if defined(USE_SSLEAY) || defined(USE_QSOSSL) || defined(USE_GSKIT) || \
-+ defined(USE_NSS)
- case CURLOPT_CERTINFO:
- data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE;
- break;
-diff --git a/lib/x509asn1.c b/lib/x509asn1.c
-index 94b89b2..d6aa045 100644
---- a/lib/x509asn1.c
-+++ b/lib/x509asn1.c
-@@ -22,7 +22,7 @@
-
- #include "curl_setup.h"
-
--#if defined(USE_QSOSSL) || defined(USE_GSKIT)
-+#if defined(USE_QSOSSL) || defined(USE_GSKIT) || defined(USE_NSS)
-
- #include <curl/curl.h>
- #include "urldata.h"
-@@ -803,7 +803,7 @@ static const char * dumpAlgo(curl_asn1Element * param,
- return OID2str(oid.beg, oid.end, TRUE);
- }
-
--static void do_pubkey_field(struct SessionHandle *data, int certnum,
-+static void do_pubkey_field(struct SessionHandle * data, int certnum,
- const char * label, curl_asn1Element * elem)
- {
- const char * output;
-@@ -812,8 +812,10 @@ static void do_pubkey_field(struct SessionHandle *data, int certnum,
-
- output = Curl_ASN1tostr(elem, 0);
- if(output) {
-- Curl_ssl_push_certinfo(data, certnum, label, output);
-- infof(data, " %s: %s\n", label, output);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, label, output);
-+ if(!certnum)
-+ infof(data, " %s: %s\n", label, output);
- free((char *) output);
- }
- }
-@@ -845,11 +847,14 @@ static void do_pubkey(struct SessionHandle * data, int certnum,
- len--;
- if(len > 32)
- elem.beg = q; /* Strip leading zero bytes. */
-- infof(data, " RSA Public Key (%lu bits)\n", len);
-- q = curl_maprintf("%lu", len);
-- if(q) {
-- Curl_ssl_push_certinfo(data, certnum, "RSA Public Key", q);
-- free((char *) q);
-+ if(!certnum)
-+ infof(data, " RSA Public Key (%lu bits)\n", len);
-+ if(data->set.ssl.certinfo) {
-+ q = curl_maprintf("%lu", len);
-+ if(q) {
-+ Curl_ssl_push_certinfo(data, certnum, "RSA Public Key", q);
-+ free((char *) q);
-+ }
- }
- /* Generate coefficients. */
- do_pubkey_field(data, certnum, "rsa(n)", &elem);
-@@ -896,6 +901,10 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- size_t i;
- size_t j;
-
-+ if(!data->set.ssl.certinfo)
-+ if(certnum)
-+ return CURLE_OK;
-+
- /* Prepare the certificate information for curl_easy_getinfo(). */
-
- /* Extract the certificate ASN.1 elements. */
-@@ -905,35 +914,44 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- ccp = Curl_DNtostr(&cert.subject);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Subject", ccp);
-- infof(data, "%2d Subject: %s\n", certnum, ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Subject", ccp);
-+ if(!certnum)
-+ infof(data, "%2d Subject: %s\n", certnum, ccp);
- free((char *) ccp);
-
- /* Issuer. */
- ccp = Curl_DNtostr(&cert.issuer);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Issuer", ccp);
-- infof(data, " Issuer: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Issuer", ccp);
-+ if(!certnum)
-+ infof(data, " Issuer: %s\n", ccp);
- free((char *) ccp);
-
- /* Version (always fits in less than 32 bits). */
- version = 0;
- for(ccp = cert.version.beg; ccp < cert.version.end; ccp++)
- version = (version << 8) | *(const unsigned char *) ccp;
-- ccp = curl_maprintf("%lx", version);
-- if(!ccp)
-- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Version", ccp);
-- free((char *) ccp);
-- infof(data, " Version: %lu (0x%lx)\n", version + 1, version);
-+ if(data->set.ssl.certinfo) {
-+ ccp = curl_maprintf("%lx", version);
-+ if(!ccp)
-+ return CURLE_OUT_OF_MEMORY;
-+ Curl_ssl_push_certinfo(data, certnum, "Version", ccp);
-+ free((char *) ccp);
-+ }
-+ if(!certnum)
-+ infof(data, " Version: %lu (0x%lx)\n", version + 1, version);
-
- /* Serial number. */
- ccp = Curl_ASN1tostr(&cert.serialNumber, 0);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Serial Number", ccp);
-- infof(data, " Serial Number: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Serial Number", ccp);
-+ if(!certnum)
-+ infof(data, " Serial Number: %s\n", ccp);
- free((char *) ccp);
-
- /* Signature algorithm .*/
-@@ -941,24 +959,30 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- cert.signatureAlgorithm.end);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Signature Algorithm", ccp);
-- infof(data, " Signature Algorithm: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Signature Algorithm", ccp);
-+ if(!certnum)
-+ infof(data, " Signature Algorithm: %s\n", ccp);
- free((char *) ccp);
-
- /* Start Date. */
- ccp = Curl_ASN1tostr(&cert.notBefore, 0);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Start Date", ccp);
-- infof(data, " Start Date: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Start Date", ccp);
-+ if(!certnum)
-+ infof(data, " Start Date: %s\n", ccp);
- free((char *) ccp);
-
- /* Expire Date. */
- ccp = Curl_ASN1tostr(&cert.notAfter, 0);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Expire Date", ccp);
-- infof(data, " Expire Date: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Expire Date", ccp);
-+ if(!certnum)
-+ infof(data, " Expire Date: %s\n", ccp);
- free((char *) ccp);
-
- /* Public Key Algorithm. */
-@@ -966,8 +990,10 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- cert.subjectPublicKeyAlgorithm.end);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Public Key Algorithm", ccp);
-- infof(data, " Public Key Algorithm: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Public Key Algorithm", ccp);
-+ if(!certnum)
-+ infof(data, " Public Key Algorithm: %s\n", ccp);
- do_pubkey(data, certnum, ccp, ¶m, &cert.subjectPublicKey);
- free((char *) ccp);
-
-@@ -977,8 +1003,10 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- ccp = Curl_ASN1tostr(&cert.signature, 0);
- if(!ccp)
- return CURLE_OUT_OF_MEMORY;
-- Curl_ssl_push_certinfo(data, certnum, "Signature", ccp);
-- infof(data, " Signature: %s\n", ccp);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Signature", ccp);
-+ if(!certnum)
-+ infof(data, " Signature: %s\n", ccp);
- free((char *) ccp);
-
- /* Generate PEM certificate. */
-@@ -987,7 +1015,7 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- &cp1, &cl1);
- if(cc != CURLE_OK)
- return cc;
-- /* Compute the number of charaters in final certificate string. Format is:
-+ /* Compute the number of characters in final certificate string. Format is:
- -----BEGIN CERTIFICATE-----\n
- <max 64 base64 characters>\n
- .
-@@ -1008,8 +1036,10 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
- i += copySubstring(cp2 + i, "-----END CERTIFICATE-----");
- cp2[i] = '\0';
- free(cp1);
-- Curl_ssl_push_certinfo(data, certnum, "Cert", cp2);
-- infof(data, "%s\n", cp2);
-+ if(data->set.ssl.certinfo)
-+ Curl_ssl_push_certinfo(data, certnum, "Cert", cp2);
-+ if(!certnum)
-+ infof(data, "%s\n", cp2);
- free(cp2);
- return CURLE_OK;
- }
-@@ -1148,4 +1178,4 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
- return CURLE_PEER_FAILED_VERIFICATION;
- }
-
--#endif /* USE_QSOSSL or USE_GSKIT */
-+#endif /* USE_QSOSSL or USE_GSKIT or USE_NSS */
-diff --git a/lib/x509asn1.h b/lib/x509asn1.h
-index 2276b5b..1741d6d 100644
---- a/lib/x509asn1.h
-+++ b/lib/x509asn1.h
-@@ -25,7 +25,7 @@
-
- #include "curl_setup.h"
-
--#if defined(USE_QSOSSL) || defined(USE_GSKIT)
-+#if defined(USE_QSOSSL) || defined(USE_GSKIT) || defined(USE_NSS)
-
- #include "urldata.h"
-
-@@ -125,5 +125,5 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum,
- CURLcode Curl_verifyhost(struct connectdata * conn,
- const char * beg, const char * end);
-
--#endif /* USE_QSOSSL or USE_GSKIT */
-+#endif /* USE_QSOSSL or USE_GSKIT or USE_NSS */
- #endif /* HEADER_CURL_X509ASN1_H */
---
-1.8.4.2
-
diff --git a/external/curl/UnpackedTarball_curl.mk b/external/curl/UnpackedTarball_curl.mk
index f6542e5..2e4d4cc 100644
--- a/external/curl/UnpackedTarball_curl.mk
+++ b/external/curl/UnpackedTarball_curl.mk
@@ -23,7 +23,6 @@ $(eval $(call gb_UnpackedTarball_add_patches,curl,\
external/curl/curl-msvc-schannel.patch.1 \
external/curl/curl-7.26.0_mingw.patch \
external/curl/curl-7.26.0_win-proxy.patch \
- external/curl/NSS-support-for-CERTINFO-feature.patch \
))
ifeq ($(OS),ANDROID)
More information about the Libreoffice-commits
mailing list