guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

150/201: gnu: curl: Update to 7.79.1.

From: guix-commits
Subject: 150/201: gnu: curl: Update to 7.79.1.
Date: Mon, 1 Nov 2021 23:19:04 -0400 (EDT) 
apteryx pushed a commit to branch core-updates-frozen-batched-changes
in repository guix.

commit e2eded6a475308cee63b66af9a51ccb65a9ef0e9
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
AuthorDate: Wed Oct 27 13:42:25 2021 -0400

    gnu: curl: Update to 7.79.1.
    
    * gnu/packages/curl.scm (curl): Update to 7.79.1.  Delete trailing #t.
    [origin]: Remove the upstream curl-7.77-tls-priority-string.patch patch.
    * gnu/packages/patches/curl-7.77-tls-priority-string.patch: Delete it.
    * gnu/local.mk (dist_patch_DATA): De-register it.
---
 gnu/local.mk                                       |  1 -
 gnu/packages/curl.scm                              | 13 ++-
 .../patches/curl-7.77-tls-priority-string.patch    | 98 ----------------------
 3 files changed, 5 insertions(+), 107 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 954527b..303d8ab 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -980,7 +980,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/clucene-contribs-lib.patch               \
   %D%/packages/patches/cube-nocheck.patch                      \
   %D%/packages/patches/curl-use-ssl-cert-env.patch             \
-  %D%/packages/patches/curl-7.77-tls-priority-string.patch     \
   %D%/packages/patches/cursynth-wave-rand.patch                        \
   %D%/packages/patches/cvs-CVE-2017-12836.patch                \
   %D%/packages/patches/cyrus-sasl-ac-try-run-fix.patch         \
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 4c90c7b..6d2f363 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -57,16 +57,15 @@
 (define-public curl
   (package
    (name "curl")
-   (version "7.77.0")
+   (version "7.79.1")
    (source (origin
              (method url-fetch)
              (uri (string-append "https://curl.haxx.se/download/curl-";
                                  version ".tar.xz"))
              (sha256
               (base32
-               "0jsrc97vbghvljic997r9nypc9qqddcil2lzvv032br8ahn5hr0g"))
-             (patches (search-patches "curl-use-ssl-cert-env.patch"
-                                      "curl-7.77-tls-priority-string.patch"))))
+               "129n9hi7rbg3s112chyadhp4y27ppb5i65n12wm77aw2255zf1h6"))
+             (patches (search-patches "curl-use-ssl-cert-env.patch"))))
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"))                             ;1.2 MiB of man3 pages
@@ -112,8 +111,7 @@
             ;; Do not save the configure options to avoid unnecessary 
references.
             (substitute* "curl-config.in"
               (("@CONFIGURE_OPTIONS@")
-               "\"not available\""))
-            #t))
+               "\"not available\""))))
         (add-after
          'install 'move-man3-pages
          (lambda* (#:key outputs #:allow-other-keys)
@@ -122,8 +120,7 @@
                  (doc (assoc-ref outputs "doc")))
              (mkdir-p (string-append doc "/share/man"))
              (rename-file (string-append out "/share/man/man3")
-                          (string-append doc "/share/man/man3"))
-             #t)))
+                          (string-append doc "/share/man/man3")))))
         (replace 'check
           (lambda* (#:key tests? #:allow-other-keys)
             (substitute* "tests/runtests.pl"
diff --git a/gnu/packages/patches/curl-7.77-tls-priority-string.patch 
b/gnu/packages/patches/curl-7.77-tls-priority-string.patch
deleted file mode 100644
index bf1bfa8..0000000
--- a/gnu/packages/patches/curl-7.77-tls-priority-string.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-cURL 7.77.0 would use a bogus TLS priority string favoring older TLS
-protocol versions, which in turn would prevent access to bitbucket.org:
-
-  https://issues.guix.gnu.org/49035
-  https://github.com/curl/curl/pull/7278
-
-This patch fixes it.
-From 
<https://github.com/curl/curl/pull/7278/commits/b98f79f6ecdb708c67f9a0cec56ce48952a54556>.
-
-From b98f79f6ecdb708c67f9a0cec56ce48952a54556 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Fri, 18 Jun 2021 14:54:07 +0200
-Subject: [PATCH] gnutls: set the prefer ciphers in correct order
-
-Reported-by: civodul on github
-Assisted-by: Nikos Mavrogiannopoulos
-Fixes #7277
----
- lib/vtls/gtls.c | 30 +++++++++++++-----------------
- 1 file changed, 13 insertions(+), 17 deletions(-)
-
-diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
-index d9bc5611e8f9..da2af64955c3 100644
---- a/lib/vtls/gtls.c
-+++ b/lib/vtls/gtls.c
-@@ -330,6 +330,9 @@ set_ssl_version_min_max(struct Curl_easy *data,
-       ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
-     }
-   }
-+  else if(ssl_version_max == CURL_SSLVERSION_MAX_DEFAULT) {
-+    ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_3;
-+  }
- 
-   switch(ssl_version | ssl_version_max) {
-   case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_0:
-@@ -338,11 +341,11 @@ set_ssl_version_min_max(struct Curl_easy *data,
-     return CURLE_OK;
-   case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_1:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.0:+VERS-TLS1.1";
-+      "+VERS-TLS1.1:+VERS-TLS1.0";
-     return CURLE_OK;
-   case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_2:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2";
-+      "+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0";
-     return CURLE_OK;
-   case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_TLSv1_1:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
-@@ -350,7 +353,7 @@ set_ssl_version_min_max(struct Curl_easy *data,
-     return CURLE_OK;
-   case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_TLSv1_2:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.1:+VERS-TLS1.2";
-+      "+VERS-TLS1.2:+VERS-TLS1.1";
-     return CURLE_OK;
-   case CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_TLSv1_2:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
-@@ -360,25 +363,17 @@ set_ssl_version_min_max(struct Curl_easy *data,
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
-       "+VERS-TLS1.3";
-     return CURLE_OK;
--  case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_DEFAULT:
--    *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2"
--      ":+VERS-TLS1.3";
-+  case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_3:
-+    *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0";
-     return CURLE_OK;
--  case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_DEFAULT:
-+  case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_TLSv1_3:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.1:+VERS-TLS1.2"
--      ":+VERS-TLS1.3";
-+      "+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1";
-     return CURLE_OK;
--  case CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_DEFAULT:
-+  case CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_TLSv1_3:
-     *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.2"
--      ":+VERS-TLS1.3";
-+      "+VERS-TLS1.3:+VERS-TLS1.2";
-     return CURLE_OK;
--  case CURL_SSLVERSION_TLSv1_3 | CURL_SSLVERSION_MAX_DEFAULT:
--    *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
--      "+VERS-TLS1.2"
--      ":+VERS-TLS1.3";
-     return CURLE_OK;
-   }
- 
-@@ -608,6 +603,7 @@ gtls_connect_step1(struct Curl_easy *data,
-   }
-   else {
- #endif
-+    infof(data, "GnuTLS ciphers: %s\n", prioritylist);
-     rc = gnutls_priority_set_direct(session, prioritylist, &err);
- #ifdef HAVE_GNUTLS_SRP
-   }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]