aboutsummaryrefslogtreecommitdiffstats
path: root/main/curl/CVE-2017-2629.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/curl/CVE-2017-2629.patch')
-rw-r--r--main/curl/CVE-2017-2629.patch42
1 files changed, 0 insertions, 42 deletions
diff --git a/main/curl/CVE-2017-2629.patch b/main/curl/CVE-2017-2629.patch
deleted file mode 100644
index 1682d167ed..0000000000
--- a/main/curl/CVE-2017-2629.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From a00a42b4abe8363a46071bb3b43b1b7138f5259b Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Sun, 22 Jan 2017 18:11:55 +0100
-Subject: [PATCH] TLS: make SSL_VERIFYSTATUS work again
-
-The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl
-and thus even if the status couldn't be verified, the connection would
-be allowed and the user would not be told about the failed verification.
-
-Regression since cb4e2be7c6d42ca
-
-CVE-2017-2629
-Bug: https://curl.haxx.se/docs/adv_20170222.html
-
-Reported-by: Marcus Hoffmann
----
- lib/url.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/lib/url.c b/lib/url.c
-index 8d1c0cc7f..7a2274d50 100644
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -4169,12 +4169,15 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
-
- conn->bits.user_passwd = (data->set.str[STRING_USERNAME]) ? TRUE : FALSE;
- conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;
- conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;
-
-+ conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
- conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
- conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
-+ conn->proxy_ssl_config.verifystatus =
-+ data->set.proxy_ssl.primary.verifystatus;
- conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
- conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
-
- conn->ip_version = data->set.ipver;
-
---
-2.11.0
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-12 23:36:46 +0000