commit: 3c70da322b14b83f9894c98725b6ffd3c1ea00cb Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Wed Jun 10 20:12:56 2020 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Wed Jun 10 20:12:56 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c70da32
net-misc/curl: remove busy-loop, bug #727352 Closes: https://bugs.gentoo.org/727352 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org> .../{curl-7.70.0.ebuild => curl-7.70.0-r1.ebuild} | 1 + net-misc/curl/files/curl-fix-cpu-load.patch | 94 ++++++++++++++++++++++ 2 files changed, 95 insertions(+) diff --git a/net-misc/curl/curl-7.70.0.ebuild b/net-misc/curl/curl-7.70.0-r1.ebuild similarity index 99% rename from net-misc/curl/curl-7.70.0.ebuild rename to net-misc/curl/curl-7.70.0-r1.ebuild index 6d8ee271731..7b751a4ef1c 100644 --- a/net-misc/curl/curl-7.70.0.ebuild +++ b/net-misc/curl/curl-7.70.0-r1.ebuild @@ -105,6 +105,7 @@ src_prepare() { eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch + eapply "${FILESDIR}"/${PN}-fix-cpu-load.patch sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252 diff --git a/net-misc/curl/files/curl-fix-cpu-load.patch b/net-misc/curl/files/curl-fix-cpu-load.patch new file mode 100644 index 00000000000..fb20641b5b2 --- /dev/null +++ b/net-misc/curl/files/curl-fix-cpu-load.patch @@ -0,0 +1,94 @@ +Fixes https://bugs.gentoo.org/727352 + +From 2a41e236716da4c41ebc1132bd36d9273bd0321f Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <[email protected]> +Date: Mon, 8 Jun 2020 14:05:22 +0200 +Subject: [PATCH] socks: detect connection close during handshake + +The SOCKS4/5 state machines weren't properly terminated when the proxy +connection got closed, leading to a busy-loop. + +Reported-By: zloi-user on github +Fixes #5532 +Closes #5542 +--- + lib/socks.c | 32 ++++++++++++++++++++++++++++---- + 1 file changed, 28 insertions(+), 4 deletions(-) + +diff --git a/lib/socks.c b/lib/socks.c +index 4c1af7b9de7..b2215fef30c 100644 +--- a/lib/socks.c ++++ b/lib/socks.c +@@ -382,6 +382,11 @@ CURLcode Curl_SOCKS4(const char *proxy_user, + curl_easy_strerror(result)); + return CURLE_COULDNT_CONNECT; + } ++ else if(!result && !actualread) { ++ /* connection closed */ ++ failf(data, "connection to proxy closed"); ++ return CURLE_COULDNT_CONNECT; ++ } + else if(actualread != sx->outstanding) { + /* remain in reading state */ + sx->outstanding -= actualread; +@@ -592,6 +597,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user, + failf(data, "Unable to receive initial SOCKS5 response."); + return CURLE_COULDNT_CONNECT; + } ++ else if(!result && !actualread) { ++ /* connection closed */ ++ failf(data, "Connection to proxy closed"); ++ return CURLE_COULDNT_CONNECT; ++ } + else if(actualread != sx->outstanding) { + /* remain in reading state */ + sx->outstanding -= actualread; +@@ -717,15 +727,19 @@ CURLcode Curl_SOCKS5(const char *proxy_user, + failf(data, "Unable to receive SOCKS5 sub-negotiation response."); + return CURLE_COULDNT_CONNECT; + } +- if(actualread != sx->outstanding) { ++ else if(!result && !actualread) { ++ /* connection closed */ ++ failf(data, "connection to proxy closed"); ++ return CURLE_COULDNT_CONNECT; ++ } ++ else if(actualread != sx->outstanding) { + /* remain in state */ + sx->outstanding -= actualread; + sx->outp += actualread; + return CURLE_OK; + } +- + /* ignore the first (VER) byte */ +- if(socksreq[1] != 0) { /* status */ ++ else if(socksreq[1] != 0) { /* status */ + failf(data, "User was rejected by the SOCKS5 server (%d %d).", + socksreq[0], socksreq[1]); + return CURLE_COULDNT_CONNECT; +@@ -890,6 +904,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user, + failf(data, "Failed to receive SOCKS5 connect request ack."); + return CURLE_COULDNT_CONNECT; + } ++ else if(!result && !actualread) { ++ /* connection closed */ ++ failf(data, "connection to proxy closed"); ++ return CURLE_COULDNT_CONNECT; ++ } + else if(actualread != sx->outstanding) { + /* remain in state */ + sx->outstanding -= actualread; +@@ -967,7 +986,12 @@ CURLcode Curl_SOCKS5(const char *proxy_user, + failf(data, "Failed to receive SOCKS5 connect request ack."); + return CURLE_COULDNT_CONNECT; + } +- if(actualread != sx->outstanding) { ++ else if(!result && !actualread) { ++ /* connection closed */ ++ failf(data, "connection to proxy closed"); ++ return CURLE_COULDNT_CONNECT; ++ } ++ else if(actualread != sx->outstanding) { + /* remain in state */ + sx->outstanding -= actualread; + sx->outp += actualread;
