packages/curl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

url: allow DoH transfers to override max connection limit

Browse Source
This commit is contained in:
sherlock2010 2024-09-20 11:06:39 +00:00
parent cf90c9e7f4
commit bd79cbb34e
2 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch Normal file
View File

@ -0,0 +1,49 @@
From b049388d473a9a0189f3180e57e04a39a3793382 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 4 Jun 2024 17:00:05 +0200
Subject: [PATCH] url: allow DoH transfers to override max connection limit
When reaching the set maximum limit of allowed connections, allow a new
connection anyway if the transfer is created for the (internal) purpose
of doing a DoH name resolve. Otherwise, unrelated "normal" transfers can
starve out new DoH requests making it impossible to name resolve for new
transfers.
Bug: https://curl.se/mail/lib-2024-06/0001.html
Reported-by: kartatz
Closes #13880
Conflict:context adapt
Reference:https://github.com/curl/curl/commit/b049388d473a9a0189f3180e57e04a39a3793382
---
lib/url.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index 41e35e153..4eabf0c87 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3662,10 +3662,16 @@ static CURLcode create_conn(struct Curl_easy *data,
if(conn_candidate)
(void)Curl_disconnect(data, conn_candidate,
/* dead_connection */ FALSE);
- else {
- infof(data, "No connections available in cache\n");
- connections_available = FALSE;
- }
+ else
+#ifndef CURL_DISABLE_DOH
+ if(data->set.dohfor)
+ infof(data, "Allowing DoH to override max connection limit");
+ else
+#endif
+ {
+ infof(data, "No connections available in cache");
+ connections_available = FALSE;
+ }
}
if(!connections_available) {
--
2.33.0

9
curl.spec
View File

@ -6,7 +6,7 @@
Name: curl Name: curl
Version: 7.71.1 Version: 7.71.1
Release: 36 Release: 37
Summary: Curl is used in command lines or scripts to transfer data Summary: Curl is used in command lines or scripts to transfer data
License: MIT License: MIT
URL: https://curl.haxx.se/ URL: https://curl.haxx.se/
@ -85,6 +85,7 @@ Patch172: backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch
Patch173: backport-0001-CVE-2024-7264.patch Patch173: backport-0001-CVE-2024-7264.patch
Patch174: backport-0002-CVE-2024-7264.patch Patch174: backport-0002-CVE-2024-7264.patch
Patch175: backport-CVE-2024-8096-gtls-fix-OCSP-stapling-management.patch Patch175: backport-CVE-2024-8096-gtls-fix-OCSP-stapling-management.patch
Patch176: backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel
BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel
@ -249,6 +250,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Fri Sep 20 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.71.1-37
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:url: allow DoH transfers to override max connection limit
* Thu Sep 12 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.71.1-36 * Thu Sep 12 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.71.1-36
- Type:CVE - Type:CVE
- CVE:CVE-2024-8096 - CVE:CVE-2024-8096