From 9a1d7f2570aecc332be407dd9f8e6fe72529525a Mon Sep 17 00:00:00 2001
From: sherlock2010 <15151851377@163.com>
Date: Fri, 20 Sep 2024 10:58:26 +0000
Subject: [PATCH] url: allow DoH transfers to override max connection limit

(cherry picked from commit b4efa74dd0f2d7281e4ad2f7a3e65d2426d761e7)
---
 ...ers-to-override-max-connection-limit.patch | 49 +++++++++++++++++++
 curl.spec                                     |  9 +++-
 2 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch

diff --git a/backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch b/backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
new file mode 100644
index 0000000..11e7a50
--- /dev/null
+++ b/backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
@@ -0,0 +1,49 @@
+From b049388d473a9a0189f3180e57e04a39a3793382 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Jun 2024 17:00:05 +0200
+Subject: [PATCH] url: allow DoH transfers to override max connection limit
+
+When reaching the set maximum limit of allowed connections, allow a new
+connection anyway if the transfer is created for the (internal) purpose
+of doing a DoH name resolve. Otherwise, unrelated "normal" transfers can
+starve out new DoH requests making it impossible to name resolve for new
+transfers.
+
+Bug: https://curl.se/mail/lib-2024-06/0001.html
+Reported-by: kartatz
+Closes #13880
+
+Conflict:NA
+Reference:https://github.com/curl/curl/commit/b049388d473a9a0189f3180e57e04a39a3793382
+---
+ lib/url.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index 41e35e153..4eabf0c87 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -3662,10 +3662,16 @@ static CURLcode create_conn(struct Curl_easy *data,
+       conn_candidate = Curl_conncache_extract_oldest(data);
+       if(conn_candidate)
+         Curl_disconnect(data, conn_candidate, FALSE);
+-      else {
+-        infof(data, "No connections available in cache");
+-        connections_available = FALSE;
+-      }
++      else
++#ifndef CURL_DISABLE_DOH
++        if(data->set.dohfor)
++          infof(data, "Allowing DoH to override max connection limit");
++        else
++#endif
++        {
++          infof(data, "No connections available in cache");
++          connections_available = FALSE;
++        }
+     }
+ 
+     if(!connections_available) {
+-- 
+2.33.0
+
diff --git a/curl.spec b/curl.spec
index 8a48965..5325732 100644
--- a/curl.spec
+++ b/curl.spec
@@ -7,7 +7,7 @@
 
 Name:           curl
 Version:        8.4.0
-Release:        9
+Release:        10
 Summary:        Curl is used in command lines or scripts to transfer data
 License:        curl
 URL:            https://curl.se/
@@ -33,6 +33,7 @@ Patch24:        backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch
 Patch25:        backport-CVE-2024-7264-x509asn1-clean-up-GTime2str.patch
 Patch26:        backport-CVE-2024-7264-x509asn1-unittests-and-fixes-fo.patch
 Patch27:        backport-CVE-2024-8096-gtls-fix-OCSP-stapling-management.patch
+Patch28:        backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
 
 BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
 BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
@@ -218,6 +219,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_mandir}/man3/*
 
 %changelog
+* Fri Sep 20 2024 zhouyihang <zhouyihang3@h-partners.com> - 8.4.0-10
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:url: allow DoH transfers to override max connection limit
+
 * Thu Sep 12 2024 zhouyihang <zhouyihang3@h-partners.com> - 8.4.0-9
 - Type:CVE
 - CVE:CVE-2024-8096
-- 
Gitee