pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
curl/curl-disabled-redirect-protocol-message.patch
Pedro Monreal Gonzalez 4faea07c93 Accepting request 856452 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ 
- Update to 7.74.0 
  * Changes:
    hsts: add experimental support for Strict-Transport-Security
  * Bugfixes:
    - Inferior OCSP verification  [bsc#1179593, CVE-2020-8286]
    - FTP wildcard stack overflow [bsc#1179399, CVE-2020-8285]
    - trusting FTP PASV responses [bsc#1179398, CVE-2020-8284]
    - Revert "multi: implement wait using winsock events"
    - openssl: free mem_buf in error path
    - ntlm: avoid malloc(0) on zero length user and domain
    - ngtcp2: use the minimal version of QUIC supported by ngtcp2
    - ngtcp2: advertise h3 ALPN unconditionally
    - file: avoid duplicated code sequence
    - openssl: guard against OOM on context creation
    - docs: document the 8MB input string limit for curl_easy_escape
      and curl_easy_setopt()
    - hsts: add read/write callbacks
    - hsts: add support for Strict-Transport-Security
    - alt-svc: enable by default
    - checksrc: warn on empty line before open brace
    - connect: repair build without ipv6 availability
    - curl.se: new home
    - ftp: retry getpeername for FTP with TCP_FASTOPEN
    - gnutls: fix memory leaks (certfields memory wasn't released)
    - http: pass correct header size to debug callback for chunked post
    - libssh2: fix transport over HTTPS proxy
    - openssl: guard against OOM on context creation
    - openssl: use OPENSSL_init_ssl() with >= 1.1.0
    - Revert "multi: implement wait using winsock events"
    - socks: check for DNS entries with the right port number

OBS-URL: https://build.opensuse.org/request/show/856452
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=288
2020-12-19 18:24:38 +00:00

21 lines
783 B
Diff
Raw Blame History

Index: curl-7.63.0/lib/url.c
===================================================================
--- curl-7.63.0.orig/lib/url.c
+++ curl-7.63.0/lib/url.c
@@ -1976,9 +1976,13 @@ static CURLcode findprotocol(struct Curl
/* it is allowed for "normal" request, now do an extra check if this is
the result of a redirect */
if(data->state.this_is_a_follow &&
- !(data->set.redir_protocols & p->protocol))
+ !(data->set.redir_protocols & p->protocol)) {
/* nope, get out */
- ;
+ failf(data, "Redirect to protocol \"%s\" not supported or disabled in "
+ LIBCURL_NAME, protostr);
+
+ return CURLE_UNSUPPORTED_PROTOCOL;
+ }
else {
/* Perform setup complement if some. */
conn->handler = conn->given = p;
Reference in New Issue View Git Blame Copy Permalink