On 2022/11/06 16:20, Christian Weisgerber wrote: > Christian Weisgerber: > > > > I've added https://github.com/curl/curl/issues/9842 > > > > So we wait? > > Here's a diff with the accumulated noproxy fixes, including the > lastest suggested "tailmatch like in 7.85.0 and earlier".
Thanks. OK > Index: Makefile > =================================================================== > RCS file: /cvs/ports/net/curl/Makefile,v > retrieving revision 1.174 > diff -u -p -r1.174 Makefile > --- Makefile 28 Oct 2022 17:59:06 -0000 1.174 > +++ Makefile 6 Nov 2022 15:18:15 -0000 > @@ -1,6 +1,7 @@ > COMMENT= transfer files with FTP, HTTP, HTTPS, etc. > > DISTNAME= curl-7.86.0 > +REVISION= 0 > SHARED_LIBS= curl 26.17 # 12.0 > CATEGORIES= net > HOMEPAGE= https://curl.se/ > Index: patches/patch-lib_noproxy_c > =================================================================== > RCS file: patches/patch-lib_noproxy_c > diff -N patches/patch-lib_noproxy_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-lib_noproxy_c 6 Nov 2022 15:18:15 -0000 > @@ -0,0 +1,95 @@ > +noproxy: also match with adjacent comma > +https://github.com/curl/curl/commit/efc286b7a62af0568fdcbf3c68791c9955182128 > + > +noproxy: fix tail-matching > +https://github.com/curl/curl/commit/b830f9ba9e94acf672cd191993ff679fa888838b > + > +noproxy: tailmatch like in 7.85.0 and earlier > + > +Index: lib/noproxy.c > +--- lib/noproxy.c.orig > ++++ lib/noproxy.c > +@@ -149,9 +149,14 @@ bool Curl_check_noproxy(const char *name, const char * > + } > + else { > + unsigned int address; > ++ namelen = strlen(name); > + if(1 == Curl_inet_pton(AF_INET, name, &address)) > + type = TYPE_IPV4; > +- namelen = strlen(name); > ++ else { > ++ /* ignore trailing dots in the host name */ > ++ if(name[namelen - 1] == '.') > ++ namelen--; > ++ } > + } > + > + while(*p) { > +@@ -173,33 +178,50 @@ bool Curl_check_noproxy(const char *name, const char * > + if(tokenlen) { > + switch(type) { > + case TYPE_HOST: > +- if(*token == '.') { > +- ++token; > +- --tokenlen; > +- /* tailmatch */ > +- match = (tokenlen <= namelen) && > +- strncasecompare(token, name + (namelen - tokenlen), namelen); > ++ /* ignore trailing dots in the token to check */ > ++ if(token[tokenlen - 1] == '.') > ++ tokenlen--; > ++ > ++ if(tokenlen && (*token == '.')) { > ++ /* ignore leading token dot as well */ > ++ token++; > ++ tokenlen--; > + } > +- else > +- match = (tokenlen == namelen) && > +- strncasecompare(token, name, namelen); > ++ /* A: example.com matches 'example.com' > ++ B: www.example.com matches 'example.com' > ++ C: nonexample.com DOES NOT match 'example.com' > ++ */ > ++ if(tokenlen == namelen) > ++ /* case A, exact match */ > ++ match = strncasecompare(token, name, namelen); > ++ else if(tokenlen < namelen) { > ++ /* case B, tailmatch domain */ > ++ match = (name[namelen - tokenlen - 1] == '.') && > ++ strncasecompare(token, name + (namelen - tokenlen), > ++ tokenlen); > ++ } > ++ /* case C passes through, not a match */ > + break; > + case TYPE_IPV4: > + /* FALLTHROUGH */ > + case TYPE_IPV6: { > + const char *check = token; > +- char *slash = strchr(check, '/'); > ++ char *slash; > + unsigned int bits = 0; > + char checkip[128]; > ++ if(tokenlen >= sizeof(checkip)) > ++ /* this cannot match */ > ++ break; > ++ /* copy the check name to a temp buffer */ > ++ memcpy(checkip, check, tokenlen); > ++ checkip[tokenlen] = 0; > ++ check = checkip; > ++ > ++ slash = strchr(check, '/'); > + /* if the slash is part of this token, use it */ > +- if(slash && (slash < &check[tokenlen])) { > ++ if(slash) { > + bits = atoi(slash + 1); > +- /* copy the check name to a temp buffer */ > +- if(tokenlen >= sizeof(checkip)) > +- break; > +- memcpy(checkip, check, tokenlen); > +- checkip[ slash - check ] = 0; > +- check = checkip; > ++ *slash = 0; /* null terminate there */ > + } > + if(type == TYPE_IPV6) > + match = Curl_cidr6_match(name, check, bits); > Index: patches/patch-m4_curl-compilers_m4 > =================================================================== > RCS file: /cvs/ports/net/curl/patches/patch-m4_curl-compilers_m4,v > retrieving revision 1.5 > diff -u -p -r1.5 patch-m4_curl-compilers_m4 > --- patches/patch-m4_curl-compilers_m4 30 Jun 2022 18:11:25 -0000 > 1.5 > +++ patches/patch-m4_curl-compilers_m4 6 Nov 2022 15:18:15 -0000 > @@ -9,7 +9,7 @@ Do not override optimization flags in CF > Index: m4/curl-compilers.m4 > --- m4/curl-compilers.m4.orig > +++ m4/curl-compilers.m4 > -@@ -693,7 +693,7 @@ AC_DEFUN([CURL_SET_COMPILER_OPTIMIZE_OPTS], [ > +@@ -695,7 +695,7 @@ AC_DEFUN([CURL_SET_COMPILER_OPTIMIZE_OPTS], [ > tmp_options="" > tmp_CFLAGS="$CFLAGS" > tmp_CPPFLAGS="$CPPFLAGS" > -- > Christian "naddy" Weisgerber na...@mips.inka.de >