[curl/f22] Resolves: #1187531 - fix a spurious connect failure on dual-stacked hosts
Kamil Dudka
kdudka at fedoraproject.org
Mon Feb 23 13:10:16 UTC 2015
commit 4663387c9b7b44aa26c8dd190fc43939d6f135a6
Author: Kamil Dudka <kdudka at redhat.com>
Date: Mon Feb 23 13:46:07 2015 +0100
Resolves: #1187531 - fix a spurious connect failure on dual-stacked hosts
0001-curl-7.40.0-e08a12d.patch | 105 +++++++++++++++++++++++++++++++++++++++++
curl.spec | 9 +++-
2 files changed, 113 insertions(+), 1 deletion(-)
---
diff --git a/0001-curl-7.40.0-e08a12d.patch b/0001-curl-7.40.0-e08a12d.patch
new file mode 100644
index 0000000..a2cb1a2
--- /dev/null
+++ b/0001-curl-7.40.0-e08a12d.patch
@@ -0,0 +1,105 @@
+From 1fa4384ff6cde36d95943eac6e71ac1b8754d3da Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka at redhat.com>
+Date: Mon, 16 Feb 2015 17:00:05 +0100
+Subject: [PATCH 1/2] connect: avoid skipping an IPv4 address
+
+... in case the protocol versions are mixed in a DNS response
+(IPv6 -> IPv4 -> IPv6).
+
+Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
+
+Upstream-commit: 92835ca5d87850ae0c670d66bd73af391b34cdc3
+Signed-off-by: Kamil Dudka <kdudka at redhat.com>
+---
+ lib/connect.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/lib/connect.c b/lib/connect.c
+index 5a60d14..1728e56 100644
+--- a/lib/connect.c
++++ b/lib/connect.c
+@@ -542,6 +542,7 @@ static CURLcode trynextip(struct connectdata *conn,
+ int sockindex,
+ int tempindex)
+ {
++ const int other = tempindex ^ 1;
+ CURLcode result = CURLE_COULDNT_CONNECT;
+
+ /* First clean up after the failed socket.
+@@ -572,8 +573,11 @@ static CURLcode trynextip(struct connectdata *conn,
+ }
+
+ while(ai) {
+- while(ai && ai->ai_family != family)
+- ai = ai->ai_next;
++ if(conn->tempaddr[other]) {
++ /* we can safely skip addresses of the other protocol family */
++ while(ai && ai->ai_family != family)
++ ai = ai->ai_next;
++ }
+
+ if(ai) {
+ result = singleipconnect(conn, ai, &conn->tempsock[tempindex]);
+--
+2.1.0
+
+
+From 85cf6e9b9d42ab70ab73484787d4eaa89734531b Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka at redhat.com>
+Date: Mon, 16 Feb 2015 17:16:57 +0100
+Subject: [PATCH 2/2] connect: wait for IPv4 connection attempts
+
+... even if the last IPv6 connection attempt has failed.
+
+Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
+
+Upstream-commit: e08a12dab1a410c94bf75aef04251bf64c127eb6
+Signed-off-by: Kamil Dudka <kdudka at redhat.com>
+---
+ lib/connect.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/lib/connect.c b/lib/connect.c
+index 1728e56..5182965 100644
+--- a/lib/connect.c
++++ b/lib/connect.c
+@@ -753,6 +753,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
+ }
+
+ for(i=0; i<2; i++) {
++ const int other = i ^ 1;
+ if(conn->tempsock[i] == CURL_SOCKET_BAD)
+ continue;
+
+@@ -782,7 +783,6 @@ CURLcode Curl_is_connected(struct connectdata *conn,
+ else if(rc == CURL_CSELECT_OUT) {
+ if(verifyconnect(conn->tempsock[i], &error)) {
+ /* we are connected with TCP, awesome! */
+- int other = i ^ 1;
+
+ /* use this socket from now on */
+ conn->sock[sockindex] = conn->tempsock[i];
+@@ -824,6 +824,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
+ data->state.os_errno = error;
+ SET_SOCKERRNO(error);
+ if(conn->tempaddr[i]) {
++ CURLcode status;
+ char ipaddress[MAX_IPADR_LEN];
+ Curl_printable_address(conn->tempaddr[i], ipaddress, MAX_IPADR_LEN);
+ infof(data, "connect to %s port %ld failed: %s\n",
+@@ -832,7 +833,11 @@ CURLcode Curl_is_connected(struct connectdata *conn,
+ conn->timeoutms_per_addr = conn->tempaddr[i]->ai_next == NULL ?
+ allow : allow / 2;
+
+- result = trynextip(conn, sockindex, i);
++ status = trynextip(conn, sockindex, i);
++ if(status != CURLE_COULDNT_CONNECT
++ || conn->tempsock[other] == CURL_SOCKET_BAD)
++ /* the last attempt failed and no other sockets remain open */
++ result = status;
+ }
+ }
+ }
+--
+2.1.0
+
diff --git a/curl.spec b/curl.spec
index 4a0018d..3656242 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,12 +1,15 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.40.0
-Release: 1%{?dist}
+Release: 2%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
Source2: curlbuild.h
+# fix a spurious connect failure on dual-stacked hosts (#1187531)
+Patch1: 0001-curl-7.40.0-e08a12d.patch
+
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
@@ -118,6 +121,7 @@ documentation of the library, too.
%setup -q
# upstream patches
+%patch1 -p1
# Fedora patches
%patch101 -p1
@@ -240,6 +244,9 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4
%changelog
+* Mon Feb 23 2015 Kamil Dudka <kdudka at redhat.com> 7.40.0-2
+- fix a spurious connect failure on dual-stacked hosts (#1187531)
+
* Thu Jan 08 2015 Kamil Dudka <kdudka at redhat.com> 7.40.0-1
- new upstream release (fixes CVE-2014-8150)
More information about the scm-commits
mailing list