diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2009-03-02 23:05:31 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2009-03-02 23:05:31 +0000 |
| commit | 042cc1f69ec0878f542667cb684378869f859911 (patch) | |
| tree | c906f85632eb6018fadb153a4c5cdd2fe48072a5 /include | |
| parent | 90b804d3fa74e9d4fe260c889e9ccebdb7aaa3b1 (diff) | |
- David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
which previous libcurl versions (by design) can be tricked to access an
arbitrary local/different file instead of a remote one when
CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
together this the addition of two new setopt options for controlling this
new behavior:
o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
excludes the FILE and SCP protocols and thus you nee to explicitly allow
them in your app if you really want that behavior.
o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
using the primary URL option. This is useful if you want to allow a user or
other outsiders control what URL to pass to libcurl and yet not allow all
protocols libcurl may have been built to support.
Diffstat (limited to 'include')
| -rw-r--r-- | include/curl/curl.h | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/include/curl/curl.h b/include/curl/curl.h index 69fe45757..8d952caab 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -550,6 +550,21 @@ typedef enum { CURLFTPMETHOD_LAST /* not an option, never use */ } curl_ftpmethod; +/* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */ +#define CURLPROTO_HTTP (1<<0) +#define CURLPROTO_HTTPS (1<<1) +#define CURLPROTO_FTP (1<<2) +#define CURLPROTO_FTPS (1<<3) +#define CURLPROTO_SCP (1<<4) +#define CURLPROTO_SFTP (1<<5) +#define CURLPROTO_TELNET (1<<6) +#define CURLPROTO_LDAP (1<<7) +#define CURLPROTO_LDAPS (1<<8) +#define CURLPROTO_DICT (1<<9) +#define CURLPROTO_FILE (1<<10) +#define CURLPROTO_TFTP (1<<11) +#define CURLPROTO_ALL (~0) /* enable everything */ + /* long may be 32 or 64 bits, but we should never depend on anything else but 32 */ #define CURLOPTTYPE_LONG 0 @@ -1185,6 +1200,18 @@ typedef enum { /* Socks Service */ CINIT(SOCKS5_GSSAPI_NEC, LONG, 180), + /* set the bitmask for the protocols that are allowed to be used for the + transfer, which thus helps the app which takes URLs from users or other + external inputs and want to restrict what protocol(s) to deal + with. Defaults to CURLPROTO_ALL. */ + CINIT(PROTOCOLS, LONG, 181), + + /* set the bitmask for the protocols that libcurl is allowed to follow to, + as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs + to be set in both bitmasks to be allowed to get redirected to. Defaults + to all protocols except FILE and SCP. */ + CINIT(REDIR_PROTOCOLS, LONG, 182), + CURLOPT_LASTENTRY /* the last unused */ } CURLoption; |