diff options
| author | Erich Eckner <git@eckner.net> | 2016-07-22 14:00:43 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2016-07-22 14:00:43 +0200 |
| commit | 016acc24d45cee97fc9e23ef83c5213916b6f29f (patch) | |
| tree | d9ff31352e9057d29da8f9e4edd0016d58f59547 /core | |
| parent | 7143a6618fe2614d49701256cdc1fd0dc9b4c748 (diff) | |
| download | crux-patches-016acc24d45cee97fc9e23ef83c5213916b6f29f.tar.xz | |
curl: valid-ip-is-enough-for-ssl-if-only-ip-is-given
Diffstat (limited to 'core')
3 files changed, 28 insertions, 1 deletions
diff --git a/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.Pkgfile.patch b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.Pkgfile.patch new file mode 100644 index 0000000..dce55dd --- /dev/null +++ b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.Pkgfile.patch @@ -0,0 +1,16 @@ +--- Pkgfile 2016-07-21 22:33:02.008231411 +0200 ++++ Pkgfile 2016-07-21 22:33:33.768262647 +0200 +@@ -6,10 +6,12 @@ + name=curl + version=7.50.0 + release=1 +-source=(http://curl.haxx.se/download/$name-$version.tar.lzma) ++source=(http://curl.haxx.se/download/$name-$version.tar.lzma ++ valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch) + + build() { + cd $name-$version ++ patch -p0 -i ../valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch + ./configure --prefix=/usr \ + --enable-ipv6 \ + --without-libidn \ diff --git a/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new new file mode 100644 index 0000000..e458c8c --- /dev/null +++ b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new @@ -0,0 +1,11 @@ +--- lib/vtls/openssl.c 2016-07-21 21:40:37.014958580 +0200 ++++ lib/vtls/openssl.c 2016-07-21 22:22:13.284274185 +0200 +@@ -1117,7 +1117,7 @@ + + /* If a subjectAltName extension of type dNSName is present, that MUST + be used as the identity. / RFC2818 section 3.1 */ +- if(check->type == GEN_DNS) ++ if(check->type == GEN_DNS && strcmp(conn->ip_addr_str,conn->host.name)) + dNSName = TRUE; + + /* only check alternatives of the same type the target is */ diff --git a/core/curl/with-ca-path.Pkgfile.patch b/core/curl/with-ca-path.Pkgfile.patch index 55ef20f..3529a90 100644 --- a/core/curl/with-ca-path.Pkgfile.patch +++ b/core/curl/with-ca-path.Pkgfile.patch @@ -1,6 +1,6 @@ --- Pkgfile 2016-04-27 21:29:05.981945202 +0200 +++ Pkgfile 2016-04-27 22:49:18.883588926 +0200 -@@ -15,6 +15,7 @@ +@@ -17,6 +17,7 @@ --without-libidn \ --without-cyassl \ --enable-threaded-resolver \ |