!332 [sync] PR-325: url: allow DoH transfers to override max connection limit

From: @openeuler-sync-bot Reviewed-by: @jiangheng12 Signed-off-by: @jiangheng12
2024-09-23 12:51:05 +00:00 · 2024-09-23 12:51:05 +00:00 · b1ffd44a2d
commit b1ffd44a2d
parent d94a1c91ab aed9621fe8
2 changed files with 58 additions and 1 deletions
--- a/backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
+++ b/backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
@ -0,0 +1,50 @@
+From b049388d473a9a0189f3180e57e04a39a3793382 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Jun 2024 17:00:05 +0200
+Subject: [PATCH] url: allow DoH transfers to override max connection limit
+
+When reaching the set maximum limit of allowed connections, allow a new
+connection anyway if the transfer is created for the (internal) purpose
+of doing a DoH name resolve. Otherwise, unrelated "normal" transfers can
+starve out new DoH requests making it impossible to name resolve for new
+transfers.
+
+Bug: https://curl.se/mail/lib-2024-06/0001.html
+Reported-by: kartatz
+Closes #13880
+
+Conflict:Curl_disconnect(data, conn_candidate, FALSE); =>
+(void)Curl_disconnect(data, conn_candidate, FALSE);
+Reference:https://github.com/curl/curl/commit/b049388d473a9a0189f3180e57e04a39a3793382
+---
+ lib/url.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index 41e35e153..4eabf0c87 100644
+--- a/lib/url.c
+++ b/lib/url.c
+@@ -3662,10 +3662,16 @@ static CURLcode create_conn(struct Curl_easy *data,
+       conn_candidate = Curl_conncache_extract_oldest(data);
+       if(conn_candidate)
+         (void)Curl_disconnect(data, conn_candidate, FALSE);
+-      else {
+-        infof(data, "No connections available in cache");
+-        connections_available = FALSE;
+-      }
+      else
+#ifndef CURL_DISABLE_DOH
+        if(data->set.dohfor)
+          infof(data, "Allowing DoH to override max connection limit");
+        else
+#endif
+        {
+          infof(data, "No connections available in cache");
+          connections_available = FALSE;
+        }
+     }
+ 
+     if(!connections_available) {
+-- 
+2.33.0
+
--- a/curl.spec
+++ b/curl.spec
@ -6,7 +6,7 @@

 Name:           curl
 Version:        7.79.1
-Release:        31
+Release:        32
 Summary:        Curl is used in command lines or scripts to transfer data
 License:        MIT
 URL:            https://curl.haxx.se/
@ -106,6 +106,7 @@ Patch92:        backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch
 Patch93:        backport-CVE-2024-7264-x509asn1-clean-up-GTime2str.patch
 Patch94:        backport-CVE-2024-7264-x509asn1-unittests-and-fixes-fo.patch
 Patch95:        backport-CVE-2024-8096-gtls-fix-OCSP-stapling-management.patch
+Patch96:        backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch

 BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
 BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
@ -274,6 +275,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_mandir}/man3/*

 %changelog
+* Fri Sep 20 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-32
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:url: allow DoH transfers to override max connection limit
+
 * Thu Sep 12 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-31
 - Type:CVE
 - CVE:CVE-2024-8096