[rtorrent] - Adopt insecure SSL patch (as commandline option) (#669251)
konradm
konradm at fedoraproject.org
Thu Jan 13 04:07:00 UTC 2011
commit 74ff2b6641d11ce3d67430242fb7f52b146b2e75
Author: Conrad Meyer <cemeyer at cs.washington.edu>
Date: Wed Jan 12 20:06:46 2011 -0800
- Adopt insecure SSL patch (as commandline option) (#669251)
rtorrent-0.8.7-optional-https-noverify.patch | 41 ++++++++++++++++++++++++++
rtorrent.spec | 9 +++++-
2 files changed, 49 insertions(+), 1 deletions(-)
---
diff --git a/rtorrent-0.8.7-optional-https-noverify.patch b/rtorrent-0.8.7-optional-https-noverify.patch
new file mode 100644
index 0000000..2f771d9
--- /dev/null
+++ b/rtorrent-0.8.7-optional-https-noverify.patch
@@ -0,0 +1,41 @@
+--- rtorrent-0.8.7/src/command_network.cc 2010-10-08 08:33:01.000000000 +1300
++++ rtorrent-0.8.7/src/command_network.cc 2011-01-13 16:21:58.831309734 +1300
+@@ -480,6 +480,7 @@ initialize_command_network() {
+ CMD2_ANY_STRING_V("network.http.proxy_address.set", std::tr1::bind(&core::CurlStack::set_http_proxy, httpStack, std::tr1::placeholders::_2));
+ CMD2_ANY ("network.http.max_open", std::tr1::bind(&core::CurlStack::max_active, httpStack));
+ CMD2_ANY_VALUE_V ("network.http.max_open.set", std::tr1::bind(&core::CurlStack::set_max_active, httpStack, std::tr1::placeholders::_2));
++ CMD2_VAR_BOOL ("network.https.insecure", false);
+
+ CMD2_ANY ("network.send_buffer.size", std::tr1::bind(&torrent::ConnectionManager::send_buffer_size, cm));
+ CMD2_ANY_VALUE_V ("network.send_buffer.size.set", std::tr1::bind(&torrent::ConnectionManager::set_send_buffer_size, cm, std::tr1::placeholders::_2));
+@@ -42,6 +42,7 @@
+ #include <torrent/exceptions.h>
+
+ #include "rak/functional.h"
++#include "rpc/parse_commands.h"
+ #include "curl_get.h"
+ #include "curl_socket.h"
+ #include "curl_stack.h"
+@@ -164,6 +165,11 @@ CurlStack::add_get(CurlGet* get) {
+ if (!m_httpCaCert.empty())
+ curl_easy_setopt(get->handle(), CURLOPT_CAINFO, m_httpCaCert.c_str());
+
++ if (rpc::call_command_value("network.https.insecure")) {
++ curl_easy_setopt(get->handle(), CURLOPT_SSL_VERIFYPEER, 0);
++ curl_easy_setopt(get->handle(), CURLOPT_SSL_VERIFYHOST, 0);
++ }
++
+ base_type::push_back(get);
+
+ if (m_active >= m_maxActive)
+@@ -563,6 +563,10 @@ main(int argc, char** argv) {
+ CMD2_REDIRECT_GENERIC("http_proxy", "network.http.proxy_address.set");
+ CMD2_REDIRECT ("get_http_proxy", "network.http.proxy_address");
+ CMD2_REDIRECT_GENERIC("set_http_proxy", "network.http.proxy_address.set");
++
++ CMD2_REDIRECT ("https_insecure", "network.https.insecure.set");
++ CMD2_REDIRECT ("get_https_insecure", "network.https.insecure");
++ CMD2_REDIRECT_GENERIC("set_https_insecure", "network.https.insecure.set");
+
+ CMD2_REDIRECT ("peer_exchange", "protocol.pex.set");
+ CMD2_REDIRECT ("get_peer_exchange", "protocol.pex");
diff --git a/rtorrent.spec b/rtorrent.spec
index 9e063a5..f6b142a 100644
--- a/rtorrent.spec
+++ b/rtorrent.spec
@@ -3,7 +3,7 @@ Name: rtorrent
License: GPLv2+ with exceptions
Group: Applications/Internet
Version: 0.8.7
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: BitTorrent client based on libtorrent
URL: http://rtorrent.rakshasa.no/
Source0: http://libtorrent.rakshasa.no/downloads/rtorrent-%{version}.tar.gz
@@ -11,6 +11,8 @@ Source0: http://libtorrent.rakshasa.no/downloads/rtorrent-%{version}.tar.g
# see comments at patch below
Patch0: rtorrent-0.8.6-fallocate.patch
Patch1: rtorrent.libxmlrpcFTBFS.patch
+# Add OPTIONAL noverify SSL support (rhbz #669251)
+Patch2: rtorrent-0.8.7-optional-https-noverify.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: curl-devel
@@ -34,6 +36,8 @@ of directories for torrent files to seed and/or download.
%patch0 -p1 -b .fallocate
# http://libtorrent.rakshasa.no/ticket/2327
%patch1 -p1 -b .ftbfs
+# http://libtorrent.rakshasa.no/ticket/1402
+%patch2 -p1 -b .https_noverify
%build
%configure --with-xmlrpc-c
@@ -56,6 +60,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/rtorrent*
%changelog
+* Wed Jan 12 2011 Conrad Meyer <konrad at tylerc.org> - 0.8.7-4
+- Adopt insecure SSL patch (as commandline option) (#669251)
+
* Thu Oct 28 2010 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 0.8.7-3
- manually install the man page to correct location
More information about the scm-commits
mailing list