File curl-CVE-2023-27538.patch of Package curl.28980
From af369db4d3833272b8ed443f7fcc2e757a0872eb Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 10 Mar 2023 08:22:51 +0100
Subject: [PATCH] url: fix the SSH connection reuse check
Reported-by: Harry Sintonen
Closes #10735
---
lib/url.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: curl-7.66.0/lib/url.c
===================================================================
--- curl-7.66.0.orig/lib/url.c
+++ curl-7.66.0/lib/url.c
@@ -1244,8 +1244,7 @@ ConnectionExists(struct Curl_easy *data,
; /* noop for the following ifdef and else clauses */
}
#ifdef USE_SSH
- else if(get_protocol_family(needle->handler->protocol) == CURLPROTO_SFTP ||
- get_protocol_family(needle->handler->protocol) == CURLPROTO_SCP ) {
+ else if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
if(!ssh_config_matches(needle, check))
continue;
}
Index: curl-7.66.0/lib/urldata.h
===================================================================
--- curl-7.66.0.orig/lib/urldata.h
+++ curl-7.66.0/lib/urldata.h
@@ -68,6 +68,7 @@
#define PROTO_FAMILY_POP3 (CURLPROTO_POP3|CURLPROTO_POP3S)
#define PROTO_FAMILY_SMB (CURLPROTO_SMB|CURLPROTO_SMBS)
#define PROTO_FAMILY_SMTP (CURLPROTO_SMTP|CURLPROTO_SMTPS)
+#define PROTO_FAMILY_SSH (CURLPROTO_SCP|CURLPROTO_SFTP)
#define DEFAULT_CONNCACHE_SIZE 5