1 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
new file mode 100644
index 0000000000..063c11712a
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
@@ -0,0 +1,45 @@
+From 2a797e099731facf62a2c675396334bc2ad3bc7c Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 16:24:33 +0200
+Subject: [PATCH] connect: store "conn_remote_port" in the info struct
+To make it available after the connection ended.
+Prerequisite for the patches that address CVE-2022-27774.
+Upstream-Status: Backport [https://github.com/curl/curl/commit/08b8ef4e726ba10f45081ecda5b3cea788d3c839]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/connect.c | 1 +
+ lib/urldata.h | 6 +++++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+diff --git a/lib/connect.c b/lib/connect.c
+index b3d4057..a977d67 100644
+--- a/lib/connect.c
+++ b/lib/connect.c
+@@ -624,6 +624,7 @@ void Curl_persistconninfo(struct connectdata *conn)
+   conn->data->info.conn_scheme = conn->handler->scheme;
+   conn->data->info.conn_protocol = conn->handler->protocol;
+   conn->data->info.conn_primary_port = conn->primary_port;
+  conn->data->info.conn_remote_port = conn->remote_port;
+   conn->data->info.conn_local_port = conn->local_port;
+ }
+ 
+diff --git a/lib/urldata.h b/lib/urldata.h
+index fafb7a3..ab1b267 100644
+--- a/lib/urldata.h
+++ b/lib/urldata.h
+@@ -1148,7 +1148,11 @@ struct PureInfo {
+      reused, in the connection cache. */
+ 
+   char conn_primary_ip[MAX_IPADR_LEN];
+-  long conn_primary_port;
+  long conn_primary_port; /* this is the destination port to the connection,
+                             which might have been a proxy */
+  long conn_remote_port;  /* this is the "remote port", which is the port
+                             number of the used URL, independent of proxy or
+                             not */
+   char conn_local_ip[MAX_IPADR_LEN];
+   long conn_local_port;
+   const char *conn_scheme;

diff --git a/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch new file mode 100644 index 0000000000..063c11712a --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
@@ -0,0 +1,45 @@
	1	From 2a797e099731facf62a2c675396334bc2ad3bc7c Mon Sep 17 00:00:00 2001
	2	From: Daniel Stenberg <daniel@haxx.se>
	3	Date: Mon, 25 Apr 2022 16:24:33 +0200
	4	Subject: [PATCH] connect: store "conn_remote_port" in the info struct
	5
	6	To make it available after the connection ended.
	7
	8	Prerequisite for the patches that address CVE-2022-27774.
	9
	10	Upstream-Status: Backport [https://github.com/curl/curl/commit/08b8ef4e726ba10f45081ecda5b3cea788d3c839]
	11	Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
	12	---
	13	lib/connect.c \| 1 +
	14	lib/urldata.h \| 6 +++++-
	15	2 files changed, 6 insertions(+), 1 deletion(-)
	16
	17	diff --git a/lib/connect.c b/lib/connect.c
	18	index b3d4057..a977d67 100644
	19	--- a/lib/connect.c
	20	+++ b/lib/connect.c
	21	@@ -624,6 +624,7 @@ void Curl_persistconninfo(struct connectdata *conn)
	22	conn->data->info.conn_scheme = conn->handler->scheme;
	23	conn->data->info.conn_protocol = conn->handler->protocol;
	24	conn->data->info.conn_primary_port = conn->primary_port;
	25	+ conn->data->info.conn_remote_port = conn->remote_port;
	26	conn->data->info.conn_local_port = conn->local_port;
	27	}
	28
	29	diff --git a/lib/urldata.h b/lib/urldata.h
	30	index fafb7a3..ab1b267 100644
	31	--- a/lib/urldata.h
	32	+++ b/lib/urldata.h
	33	@@ -1148,7 +1148,11 @@ struct PureInfo {
	34	reused, in the connection cache. */
	35
	36	char conn_primary_ip[MAX_IPADR_LEN];
	37	- long conn_primary_port;
	38	+ long conn_primary_port; /* this is the destination port to the connection,
	39	+ which might have been a proxy */
	40	+ long conn_remote_port; /* this is the "remote port", which is the port
	41	+ number of the used URL, independent of proxy or
	42	+ not */
	43	char conn_local_ip[MAX_IPADR_LEN];
	44	long conn_local_port;
	45	const char *conn_scheme;