From c481774298246c2bc2d2c66fa736ce2d4cae69d1 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Mon, 13 Mar 2017 20:07:14 +0100
Subject: [PATCH] curl: update to version 7.53.1

This fixes the following security problem:
* CVE-2017-2629 SSL_VERIFYSTATUS ignored

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 package/network/utils/curl/Makefile           |  6 ++--
 .../patches/001-curl-https-openssl-fix.patch  | 36 -------------------
 .../curl/patches/200-no_docs_tests.patch      |  4 +--
 ...bedtls-disable-runtime-version-check.patch |  2 +-
 4 files changed, 6 insertions(+), 42 deletions(-)
 delete mode 100644 package/network/utils/curl/patches/001-curl-https-openssl-fix.patch

diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile
index 950044a226..d9e906c282 100644
--- a/package/network/utils/curl/Makefile
+++ b/package/network/utils/curl/Makefile
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=curl
-PKG_VERSION:=7.52.1
-PKG_RELEASE:=2
+PKG_VERSION:=7.53.1
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
@@ -18,7 +18,7 @@ PKG_SOURCE_URL:=http://curl.haxx.se/download/ \
 	ftp://ftp.planetmirror.com/pub/curl/ \
 	http://www.mirrormonster.com/curl/download/ \
 	http://curl.mirrors.cyberservers.net/download/
-PKG_HASH:=d16185a767cb2c1ba3d5b9096ec54e5ec198b213f45864a38b3bda4bbf87389b
+PKG_HASH:=1c7207c06d75e9136a944a2e0528337ce76f15b9ec9ae4bb30d703b59bf530e8
 
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=COPYING
diff --git a/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch b/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch
deleted file mode 100644
index 259f618d46..0000000000
--- a/package/network/utils/curl/patches/001-curl-https-openssl-fix.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From a7b38c9dc98481e4a5fc37e51a8690337c674dfb Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Mon, 26 Dec 2016 00:06:33 +0100
-Subject: [PATCH] vtls: s/SSLEAY/OPENSSL
-
-Fixed an old leftover use of the USE_SSLEAY define which would make a
-socket get removed from the applications sockets to monitor when the
-multi_socket API was used, leading to timeouts.
-
-Bug: #1174
----
- lib/vtls/vtls.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
-index b808e1c..707f24b 100644
---- a/lib/vtls/vtls.c
-+++ b/lib/vtls/vtls.c
-@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
-   curlssl_close_all(data);
- }
- 
--#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
-+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
-     defined(USE_DARWINSSL) || defined(USE_NSS)
- /* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */
- int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
-@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn,
-   (void)numsocks;
-   return GETSOCK_BLANK;
- }
--/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
-+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
- #endif
- 
- void Curl_ssl_close(struct connectdata *conn, int sockindex)
diff --git a/package/network/utils/curl/patches/200-no_docs_tests.patch b/package/network/utils/curl/patches/200-no_docs_tests.patch
index 139c05e64b..2fbcf59a41 100644
--- a/package/network/utils/curl/patches/200-no_docs_tests.patch
+++ b/package/network/utils/curl/patches/200-no_docs_tests.patch
@@ -1,6 +1,6 @@
 --- a/Makefile.am
 +++ b/Makefile.am
-@@ -153,7 +153,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
+@@ -152,7 +152,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
  bin_SCRIPTS = curl-config
  
  SUBDIRS = lib src include
@@ -11,7 +11,7 @@
  pkgconfig_DATA = libcurl.pc
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -613,7 +613,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
+@@ -612,7 +612,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP)
  
  bin_SCRIPTS = curl-config
  SUBDIRS = lib src include
diff --git a/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch b/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch
index 22b838daa0..89e057eb91 100644
--- a/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch
+++ b/package/network/utils/curl/patches/310-mbedtls-disable-runtime-version-check.patch
@@ -1,6 +1,6 @@
 --- a/lib/vtls/mbedtls.c
 +++ b/lib/vtls/mbedtls.c
-@@ -724,7 +724,7 @@ void Curl_mbedtls_session_free(void *ptr
+@@ -729,7 +729,7 @@ void Curl_mbedtls_session_free(void *ptr
  
  size_t Curl_mbedtls_version(char *buffer, size_t size)
  {