hotfix for curl vulnerability: libcurl SASL buffer overflow vulnerability CVE-2013-0249

author: Matthias Wachs <wachs@net.in.tum.de> 2013-02-11 08:49:40 +0000
committer: Matthias Wachs <wachs@net.in.tum.de> 2013-02-11 08:49:40 +0000
commit: 6c23b37c7f45e07fad720aa36c73091f52b459a1 (patch)
tree: 5684e5b9e6adf3fb198b899e728d12fc53da1e8d /src/transport/plugin_transport_http_client.c
parent: 97373cfa1b4d0f7e26a14f35016758a1f3b58406 (diff)
download: gnunet-6c23b37c7f45e07fad720aa36c73091f52b459a1.tar.gz
gnunet-6c23b37c7f45e07fad720aa36c73091f52b459a1.zip
1 files changed, 13 insertions, 2 deletions
diff --git a/src/transport/plugin_transport_http_client.c b/src/transport/plugin_transport_http_client.c
index 02d092832..351687a07 100644
--- a/src/transport/plugin_transport_http_client.c
+++ b/src/transport/plugin_transport_http_client.c
@@ -1237,7 +1237,15 @@ client_connect_get (struct Session *s)
  curl_easy_setopt (s->client_get, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
  curl_easy_setopt (s->client_get, CURLOPT_SSL_VERIFYPEER, 0);
  curl_easy_setopt (s->client_get, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
+#else
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP);
 #endif
+  curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
+  curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
  curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
  //curl_easy_setopt (s->client_get, CURLOPT_HEADERFUNCTION, &curl_get_header_cb);
  //curl_easy_setopt (s->client_get, CURLOPT_WRITEHEADER, ps);
@@ -1256,8 +1264,6 @@ client_connect_get (struct Session *s)
  curl_easy_setopt (ps->recv_endpoint, CURLOPT_TCP_NODELAY, 1);
 #endif
  curl_easy_setopt (s->client_get, CURLOPT_FOLLOWLOCATION, 0);
-  curl_easy_setopt (curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
-  curl_easy_setopt (curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
  mret = curl_multi_add_handle (s->plugin->curl_multi_handle, s->client_get);
  if (mret != CURLM_OK)
@@ -1301,6 +1307,11 @@ client_connect_put (struct Session *s)
  curl_easy_setopt (s->client_put, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
  curl_easy_setopt (s->client_put, CURLOPT_SSL_VERIFYPEER, 0);
  curl_easy_setopt (s->client_put, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
+#else
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP);
 #endif
  curl_easy_setopt (s->client_put, CURLOPT_URL, s->url);
  curl_easy_setopt (s->client_put, CURLOPT_UPLOAD, 1L);
author	Matthias Wachs <wachs@net.in.tum.de>	2013-02-11 08:49:40 +0000
committer	Matthias Wachs <wachs@net.in.tum.de>	2013-02-11 08:49:40 +0000
commit	6c23b37c7f45e07fad720aa36c73091f52b459a1 (patch)
tree	5684e5b9e6adf3fb198b899e728d12fc53da1e8d /src/transport/plugin_transport_http_client.c
parent	97373cfa1b4d0f7e26a14f35016758a1f3b58406 (diff)
download	gnunet-6c23b37c7f45e07fad720aa36c73091f52b459a1.tar.gz gnunet-6c23b37c7f45e07fad720aa36c73091f52b459a1.zip