From 85f5539c4bed08e58c1ea4d00fdc903e9abb2951 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Wed, 27 Apr 2022 19:56:47 +0200
Subject: [PATCH] curl: 7.82.0 -> 7.83.0

https://curl.se/changes.html#7_83_0
https://curl.se/docs/CVE-2022-22576.html
https://curl.se/docs/CVE-2022-27774.html
https://curl.se/docs/CVE-2022-27775.html
https://curl.se/docs/CVE-2022-27776.html

Fixes: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776
---
 .../curl/7.82.0-openssl-fix-CN-check.patch    | 30 -------------------
 pkgs/tools/networking/curl/default.nix        |  5 ++--
 2 files changed, 2 insertions(+), 33 deletions(-)
 delete mode 100644 pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch

diff --git a/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch b/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch
deleted file mode 100644
index 5d84f5124995..000000000000
--- a/pkgs/tools/networking/curl/7.82.0-openssl-fix-CN-check.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Tue, 8 Mar 2022 13:38:13 +0100
-Subject: [PATCH] openssl: fix CN check error code
-
-Due to a missing 'else' this returns error too easily.
-
-Regressed in: d15692ebb
-
-Reported-by: Kristoffer Gleditsch
-Fixes #8559
-Closes #8560
----
- lib/vtls/openssl.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
-index 0b79fc50a9c5..4618beeb3867 100644
---- a/lib/vtls/openssl.c
-+++ b/lib/vtls/openssl.c
-@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
-               memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
-               peer_CN[peerlen] = '\0';
-             }
--            result = CURLE_OUT_OF_MEMORY;
-+            else
-+              result = CURLE_OUT_OF_MEMORY;
-           }
-         }
-         else /* not a UTF8 name */
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix
index a4056fd28a92..d3258e0a946b 100644
--- a/pkgs/tools/networking/curl/default.nix
+++ b/pkgs/tools/networking/curl/default.nix
@@ -54,19 +54,18 @@ assert zstdSupport -> zstd != null;
 
 stdenv.mkDerivation rec {
   pname = "curl";
-  version = "7.82.0";
+  version = "7.83.0";
 
   src = fetchurl {
     urls = [
       "https://curl.haxx.se/download/${pname}-${version}.tar.bz2"
       "https://github.com/curl/curl/releases/download/${lib.replaceStrings ["."] ["_"] pname}-${version}/${pname}-${version}.tar.bz2"
     ];
-    sha256 = "sha256-RtmgQAozQI/ZkncLBKRKdDSzA28ugImsKLV1c9WdNx8=";
+    sha256 = "sha256-JHx+x1IcQljmVjTlKScNIU/jKWmXHMy3KEXnqkaDH5Y=";
   };
 
   patches = [
     ./7.79.1-darwin-no-systemconfiguration.patch
-    ./7.82.0-openssl-fix-CN-check.patch
   ];
 
   outputs = [ "bin" "dev" "out" "man" "devdoc" ];