diff options
author | Michael Stahl <mstahl@redhat.com> | 2017-08-09 17:53:44 +0200 |
---|---|---|
committer | Michael Stahl <mstahl@redhat.com> | 2017-08-09 18:16:33 +0200 |
commit | e845507bc22a166ec172a4b4d9da120a16f8a964 (patch) | |
tree | 3c4ec5b3e7c667224bf08060ec31d03272f1f850 /external/libcmis | |
parent | desktop,extensions: updater: only allow redirects to HTTP/HTTPS (diff) | |
download | core-e845507bc22a166ec172a4b4d9da120a16f8a964.tar.gz core-e845507bc22a166ec172a4b4d9da120a16f8a964.zip |
libcmis: configure curl to only allow redirects to HTTP/HTTPS
Change-Id: I77e90ca955dc1249d259bf01cb107d5b317d8045
Diffstat (limited to 'external/libcmis')
-rw-r--r-- | external/libcmis/UnpackedTarball_cmis.mk | 1 | ||||
-rw-r--r-- | external/libcmis/libcmis-curl-redirects.patch.1 | 24 |
2 files changed, 25 insertions, 0 deletions
diff --git a/external/libcmis/UnpackedTarball_cmis.mk b/external/libcmis/UnpackedTarball_cmis.mk index a29b1e7cd6f8..a993e9fc111e 100644 --- a/external/libcmis/UnpackedTarball_cmis.mk +++ b/external/libcmis/UnpackedTarball_cmis.mk @@ -20,6 +20,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,cmis, \ external/libcmis/libcmis-fix-google-drive-2.patch \ external/libcmis/libcmis-sharepoint-repository-root.patch \ external/libcmis/libcmis-fix-error-handling.patch \ + external/libcmis/libcmis-curl-redirects.patch.1 \ )) ifeq ($(OS),WNT) diff --git a/external/libcmis/libcmis-curl-redirects.patch.1 b/external/libcmis/libcmis-curl-redirects.patch.1 new file mode 100644 index 000000000000..a429598543dc --- /dev/null +++ b/external/libcmis/libcmis-curl-redirects.patch.1 @@ -0,0 +1,24 @@ +configure curl to only allow redirects to HTTP/HTTPS + +--- cmis/src/libcmis/http-session.cxx.orig 2017-08-09 17:39:11.686928636 +0200 ++++ cmis/src/libcmis/http-session.cxx 2017-08-09 17:40:10.398933383 +0200 +@@ -525,6 +525,8 @@ + { + // Redirect + curl_easy_setopt( m_curlHandle, CURLOPT_FOLLOWLOCATION, redirect); ++ // only allow redirect to http:// and https:// ++ curl_easy_setopt(m_curlHandle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); + + // Activate the cookie engine + curl_easy_setopt( m_curlHandle, CURLOPT_COOKIEFILE, "" ); +--- cmis/src/libcmis/sharepoint-session.cxx.orig 2017-08-09 17:39:19.974929306 +0200 ++++ cmis/src/libcmis/sharepoint-session.cxx 2017-08-09 17:39:42.500931127 +0200 +@@ -204,6 +204,8 @@ + { + // Redirect + curl_easy_setopt( m_curlHandle, CURLOPT_FOLLOWLOCATION, redirect); ++ // only allow redirect to http:// and https:// ++ curl_easy_setopt(m_curlHandle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); + + // Activate the cookie engine + curl_easy_setopt( m_curlHandle, CURLOPT_COOKIEFILE, "" ); |