[GNUnet-SVN] r26062 - gnunet/src/transport

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r26062 - gnunet/src/transport

From:	gnunet
Subject:	[GNUnet-SVN] r26062 - gnunet/src/transport
Date:	Mon, 11 Feb 2013 09:49:41 +0100

Author: wachs
Date: 2013-02-11 09:49:40 +0100 (Mon, 11 Feb 2013)
New Revision: 26062

Modified:
   gnunet/src/transport/plugin_transport_http_client.c
Log:
hotfix for curl vulnerability: libcurl SASL buffer overflow vulnerability 
CVE-2013-0249


Modified: gnunet/src/transport/plugin_transport_http_client.c
===================================================================
--- gnunet/src/transport/plugin_transport_http_client.c 2013-02-10 01:45:56 UTC 
(rev 26061)
+++ gnunet/src/transport/plugin_transport_http_client.c 2013-02-11 08:49:40 UTC 
(rev 26062)
@@ -1237,8 +1237,16 @@
   curl_easy_setopt (s->client_get, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
   curl_easy_setopt (s->client_get, CURLOPT_SSL_VERIFYPEER, 0);
   curl_easy_setopt (s->client_get, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
+#else
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP);
 #endif
+
   curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
+  curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
+  curl_easy_setopt (s->client_get, CURLOPT_URL, s->url);
   //curl_easy_setopt (s->client_get, CURLOPT_HEADERFUNCTION, 
&curl_get_header_cb);
   //curl_easy_setopt (s->client_get, CURLOPT_WRITEHEADER, ps);
   curl_easy_setopt (s->client_get, CURLOPT_READFUNCTION, client_send_cb);
@@ -1256,8 +1264,6 @@
   curl_easy_setopt (ps->recv_endpoint, CURLOPT_TCP_NODELAY, 1);
 #endif
   curl_easy_setopt (s->client_get, CURLOPT_FOLLOWLOCATION, 0);
-  curl_easy_setopt (curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | 
CURLPROTO_HTTPS);
-  curl_easy_setopt (curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
 
   mret = curl_multi_add_handle (s->plugin->curl_multi_handle, s->client_get);
   if (mret != CURLM_OK)
@@ -1301,6 +1307,11 @@
   curl_easy_setopt (s->client_put, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
   curl_easy_setopt (s->client_put, CURLOPT_SSL_VERIFYPEER, 0);
   curl_easy_setopt (s->client_put, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
+#else
+  curl_easy_setopt (s->client_get, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
+  curl_easy_setopt (s->client_get, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP);
 #endif
   curl_easy_setopt (s->client_put, CURLOPT_URL, s->url);
   curl_easy_setopt (s->client_put, CURLOPT_UPLOAD, 1L);

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] r26062 - gnunet/src/transport, gnunet <=

Prev by Date: [GNUnet-SVN] r26061 - gnunet-planetlab/gplmt/contrib
Next by Date: [GNUnet-SVN] r26063 - monkey/trunk/pathologist/src/pathologist
Previous by thread: [GNUnet-SVN] r26061 - gnunet-planetlab/gplmt/contrib
Next by thread: [GNUnet-SVN] r26063 - monkey/trunk/pathologist/src/pathologist
Index(es):
- Date
- Thread