From 63a28e9fc262c8da692d18b38eeb0b85dd597a9b Mon Sep 17 00:00:00 2001
From: Pierre-Jean Texier <pjtexier@koncepto.io>
Date: Wed, 24 Jun 2020 14:21:17 +0200
Subject: curl: upgrade 7.70.0 -> 7.71.0

This release includes the following changes:

  - CURLOPT_SSL_OPTIONS: optional use of Windows' CA store (with openssl) [10]
  - setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency [31]
  - setopt: support certificate options in memory with struct curl_blob [41]
  - tool: Add option --retry-all-errors to retry on any error [27]

This release includes the following bugfixes:

  - CVE-2020-8177: curl overwrite local file with -J [111]
  - CVE-2020-8169: Partial password leak over DNS on HTTP redirect [48]
  - *_sspi: fix bad uses of CURLE_NOT_BUILT_IN [21]
  - all: fix codespell errors [75]
  - altsvc: bump to h3-29 [114]
  ...

See full changelog: https://curl.haxx.se/changes.html#7_71_0

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-support/curl/curl_7.70.0.bb | 84 --------------------------------
 meta/recipes-support/curl/curl_7.71.0.bb | 83 +++++++++++++++++++++++++++++++
 2 files changed, 83 insertions(+), 84 deletions(-)
 delete mode 100644 meta/recipes-support/curl/curl_7.70.0.bb
 create mode 100644 meta/recipes-support/curl/curl_7.71.0.bb

(limited to 'meta/recipes-support')

diff --git a/meta/recipes-support/curl/curl_7.70.0.bb b/meta/recipes-support/curl/curl_7.70.0.bb
deleted file mode 100644
index bb25677ef7..0000000000
--- a/meta/recipes-support/curl/curl_7.70.0.bb
+++ /dev/null
@@ -1,84 +0,0 @@
-SUMMARY = "Command line tool and library for client-side URL transfers"
-HOMEPAGE = "http://curl.haxx.se/"
-BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"
-SECTION = "console/network"
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531"
-
-SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
-           file://0001-replace-krb5-config-with-pkg-config.patch \
-"
-
-SRC_URI[md5sum] = "db69aa37476dfdf9abaa2fb01b8bbf1a"
-SRC_URI[sha256sum] = "a50bfe62ad67a24f8b12dd7fd655ac43a0f0299f86ec45b11354f25fbb5829d0"
-
-CVE_PRODUCT = "curl libcurl"
-inherit autotools pkgconfig binconfig multilib_header
-
-PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib"
-PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose zlib"
-PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose zlib"
-
-# 'ares' and 'threaded-resolver' are mutually exclusive
-PACKAGECONFIG[ares] = "--enable-ares,--disable-ares,c-ares,,,threaded-resolver"
-PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli"
-PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual"
-PACKAGECONFIG[dict] = "--enable-dict,--disable-dict,"
-PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls"
-PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher,"
-PACKAGECONFIG[imap] = "--enable-imap,--disable-imap,"
-PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
-PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5"
-PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,"
-PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps,"
-PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2"
-PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2"
-PACKAGECONFIG[mbedtls] = "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls"
-PACKAGECONFIG[mqtt] = "--enable-mqtt,--disable-mqtt,"
-PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2"
-PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3,"
-PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy,"
-PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump"
-PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp,"
-PACKAGECONFIG[smb] = "--enable-smb,--disable-smb,"
-PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp,"
-PACKAGECONFIG[ssl] = "--with-ssl --with-random=/dev/urandom,--without-ssl,openssl"
-PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss"
-PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet,"
-PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp,"
-PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares"
-PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose"
-PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib"
-
-EXTRA_OECONF = " \
-    --disable-libcurl-option \
-    --disable-ntlm-wb \
-    --enable-crypto-auth \
-    --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \
-    --without-libmetalink \
-    --without-libpsl \
-    --enable-debug \
-    --enable-optimize \
-    --disable-curldebug \
-"
-
-do_install_append_class-target() {
-	# cleanup buildpaths from curl-config
-	sed -i \
-	    -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
-	    -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \
-	    -e 's|${DEBUG_PREFIX_MAP}||g' \
-	    ${D}${bindir}/curl-config
-}
-
-PACKAGES =+ "lib${BPN}"
-
-FILES_lib${BPN} = "${libdir}/lib*.so.*"
-RRECOMMENDS_lib${BPN} += "ca-certificates"
-
-FILES_${PN} += "${datadir}/zsh"
-
-inherit multilib_script
-MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config"
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/meta/recipes-support/curl/curl_7.71.0.bb b/meta/recipes-support/curl/curl_7.71.0.bb
new file mode 100644
index 0000000000..c1abe01380
--- /dev/null
+++ b/meta/recipes-support/curl/curl_7.71.0.bb
@@ -0,0 +1,83 @@
+SUMMARY = "Command line tool and library for client-side URL transfers"
+HOMEPAGE = "http://curl.haxx.se/"
+BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker"
+SECTION = "console/network"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531"
+
+SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
+           file://0001-replace-krb5-config-with-pkg-config.patch \
+"
+
+SRC_URI[sha256sum] = "600f00ac2481a89548a4141ddf983fd9386165e1960bac91d0a1c81dca5dd341"
+
+CVE_PRODUCT = "curl libcurl"
+inherit autotools pkgconfig binconfig multilib_header
+
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib"
+PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose zlib"
+PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose zlib"
+
+# 'ares' and 'threaded-resolver' are mutually exclusive
+PACKAGECONFIG[ares] = "--enable-ares,--disable-ares,c-ares,,,threaded-resolver"
+PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli"
+PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual"
+PACKAGECONFIG[dict] = "--enable-dict,--disable-dict,"
+PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls"
+PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher,"
+PACKAGECONFIG[imap] = "--enable-imap,--disable-imap,"
+PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
+PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5"
+PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,"
+PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps,"
+PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2"
+PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2"
+PACKAGECONFIG[mbedtls] = "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls"
+PACKAGECONFIG[mqtt] = "--enable-mqtt,--disable-mqtt,"
+PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2"
+PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3,"
+PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy,"
+PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump"
+PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp,"
+PACKAGECONFIG[smb] = "--enable-smb,--disable-smb,"
+PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp,"
+PACKAGECONFIG[ssl] = "--with-ssl --with-random=/dev/urandom,--without-ssl,openssl"
+PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss"
+PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet,"
+PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp,"
+PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver,,,,ares"
+PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose"
+PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib"
+
+EXTRA_OECONF = " \
+    --disable-libcurl-option \
+    --disable-ntlm-wb \
+    --enable-crypto-auth \
+    --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \
+    --without-libmetalink \
+    --without-libpsl \
+    --enable-debug \
+    --enable-optimize \
+    --disable-curldebug \
+"
+
+do_install_append_class-target() {
+	# cleanup buildpaths from curl-config
+	sed -i \
+	    -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
+	    -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \
+	    -e 's|${DEBUG_PREFIX_MAP}||g' \
+	    ${D}${bindir}/curl-config
+}
+
+PACKAGES =+ "lib${BPN}"
+
+FILES_lib${BPN} = "${libdir}/lib*.so.*"
+RRECOMMENDS_lib${BPN} += "ca-certificates"
+
+FILES_${PN} += "${datadir}/zsh"
+
+inherit multilib_script
+MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config"
+
+BBCLASSEXTEND = "native nativesdk"
-- 
cgit 1.2.3-korg