curl: upgrade to release 7.83.1

Fixes CVE-2022-27774 CVE-2022-27775 CVE-2022-27776 CVE-2022-27781
plus 6 more CVEs that shouldn't affect LO.

Remove obsolete configure-eval-fix.patch.0.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134225
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 58a3bf5199818e30ef4207213f29692d81b519c6)

upgrade to curl-7.81.0

Change-Id: I0a34239bfb16bf19e25bf374c7f36c4cdf1776c1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128783
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 40a84af1bdd7b3c414a8a78ca32b0951c03f9976)

Change-Id: Ifbd7ff5acf390df1d95d6b8be0dc7751e4753bbe
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134246
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit f668663d63d5b0f37d4727b54585c3b67ab92162)

6 files changed, 10 insertions, 22 deletions

diff --git a/download.lst b/download.lst
index 77b95ee4f2f0..d1c4c4e94bb2 100644
--- a/download.lst
+++ b/download.lst
@@ -27,8 +27,8 @@ export CPPUNIT_SHA256SUM := 3d569869d27b48860210c758c4f313082103a5e58219a7669b52
 export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
 export CT2N_SHA256SUM := 71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
 export CT2N_TARBALL := 1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM := 0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689
-export CURL_TARBALL := curl-7.79.1.tar.xz
+export CURL_SHA256SUM := 2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4
+export CURL_TARBALL := curl-7.83.1.tar.xz
 export EBOOK_SHA256SUM := 7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
 export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
 export EPOXY_SHA256SUM := 002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/ExternalPackage_curl.mk b/external/curl/ExternalPackage_curl.mk
index 943a05147c56..82979b110558 100644
--- a/external/curl/ExternalPackage_curl.mk
+++ b/external/curl/ExternalPackage_curl.mk
@@ -20,7 +20,7 @@ $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.4.dyli
 else ifeq ($(OS),AIX)
 $(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so,lib/.libs/libcurl.so.4))
 else
-$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.7.0))
+$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.so.4,lib/.libs/libcurl.so.4.8.0))
 endif
 
 endif # $(DISABLE_DYNLOADING)
diff --git a/external/curl/ExternalProject_curl.mk b/external/curl/ExternalProject_curl.mk
index 233e79156d96..b4ab0b88e55d 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -42,7 +42,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
 		./configure \
 			$(if $(filter iOS MACOSX,$(OS)),\
 				--with-secure-transport,\
-				$(if $(ENABLE_NSS),--with-nss$(if $(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out"),--without-nss)) \
+				$(if $(ENABLE_NSS),--with-nss$(if $(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out") --with-nss-deprecated,--without-nss)) \
 			--without-ssl --without-gnutls --without-polarssl --without-cyassl --without-axtls --without-mbedtls \
 			--enable-ftp --enable-http --enable-ipv6 \
 			--without-libidn2 --without-libpsl --without-librtmp \
diff --git a/external/curl/UnpackedTarball_curl.mk b/external/curl/UnpackedTarball_curl.mk
index e6e07abe89b3..76c8cc34de38 100644
--- a/external/curl/UnpackedTarball_curl.mk
+++ b/external/curl/UnpackedTarball_curl.mk
@@ -23,7 +23,6 @@ $(eval $(call gb_UnpackedTarball_add_patches,curl,\
 	external/curl/curl-msvc-disable-protocols.patch.1 \
 	external/curl/curl-7.26.0_win-proxy.patch \
 	external/curl/zlib.patch.0 \
-	external/curl/curl-debug.patch.1 \
 ))
 
 ifeq ($(SYSTEM_NSS),)
diff --git a/external/curl/curl-7.26.0_win-proxy.patch b/external/curl/curl-7.26.0_win-proxy.patch
index 46cdcc739d80..1c5469a35479 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -31,7 +31,7 @@
 +{
 +  int bufSize;
 +  char *out = NULL;
-+  if(wStr != NULL) {
++  if(wStr) {
 +    bufSize = WideCharToMultiByte(
 +      CP_ACP,  0, wStr, -1, NULL, 0, NULL, NULL);
 +    out = (char *)malloc(bufSize * sizeof(char));
@@ -63,10 +63,10 @@
 +      ieNoProxy = wstrToCstr(ieProxyConfig->lpszProxyBypass);
 +
 +      /* Convert the ieNoProxy into a proper no_proxy value */
-+      if(NULL != ieNoProxy) {
++      if(ieNoProxy) {
 +        no_proxy = strdup(ieNoProxy);
 +        pos = strpbrk(no_proxy, "; ");
-+        while(NULL != pos) {
++        while(pos) {
 +          no_proxy[pos-no_proxy] = ',';
 +          pos = strpbrk(no_proxy, "; ");
 +        }
@@ -77,9 +77,9 @@
 +        char *tok;
 +        char *saveptr;
 +
-+        if(NULL != ieProxy) {
++        if(ieProxy) {
 +          tok = strtok_s(ieProxy, ";", &saveptr);
-+          if(strchr(tok, '=') == NULL) {
++          if(!strchr(tok, '=')) {
 +            proxy = strdup(ieProxy);
 +          }
 +          else {
@@ -90,7 +90,7 @@
 +              }
 +              tok = strtok_s(NULL, ";", &saveptr);
 +            }
-+            while(NULL != tok);
++            while(tok);
 +          }
 +        }
 +      }
diff --git a/external/curl/curl-debug.patch.1 b/external/curl/curl-debug.patch.1
deleted file mode 100644
index a000913ed335..000000000000
--- a/external/curl/curl-debug.patch.1
+++ /dev/null
@@ -1,11 +0,0 @@
---- curl/lib/vtls/nss.c.orig	2021-10-01 17:34:59.302663021 +0200
-+++ curl/lib/vtls/nss.c	2021-10-01 17:35:55.376666010 +0200
-@@ -955,7 +955,7 @@
-   subject = CERT_NameToAscii(&cert->subject);
-   issuer = CERT_NameToAscii(&cert->issuer);
-   common_name = CERT_GetCommonName(&cert->subject);
--  infof(data, "subject: %s\n", subject);
-+  infof(data, "subject: %s", subject);
- 
-   CERT_GetCertTimes(cert, &notBefore, &notAfter);
-   PR_ExplodeTime(notBefore, PR_GMTParameters, &printableTime);