diff options
author | Daniel Stenberg <daniel@haxx.se> | 2009-03-02 23:05:31 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2009-03-02 23:05:31 +0000 |
commit | 042cc1f69ec0878f542667cb684378869f859911 (patch) | |
tree | c906f85632eb6018fadb153a4c5cdd2fe48072a5 /lib/urldata.h | |
parent | 90b804d3fa74e9d4fe260c889e9ccebdb7aaa3b1 (diff) |
- David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
which previous libcurl versions (by design) can be tricked to access an
arbitrary local/different file instead of a remote one when
CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
together this the addition of two new setopt options for controlling this
new behavior:
o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
excludes the FILE and SCP protocols and thus you nee to explicitly allow
them in your app if you really want that behavior.
o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
using the primary URL option. This is useful if you want to allow a user or
other outsiders control what URL to pass to libcurl and yet not allow all
protocols libcurl may have been built to support.
Diffstat (limited to 'lib/urldata.h')
-rw-r--r-- | lib/urldata.h | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/lib/urldata.h b/lib/urldata.h index 6969f1ebb..a50ede005 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -891,19 +891,26 @@ struct connectdata { long connectindex; /* what index in the connection cache connects index this particular struct has */ long protocol; /* PROT_* flags concerning the protocol set */ -#define PROT_MISSING (1<<0) -#define PROT_HTTP (1<<2) -#define PROT_HTTPS (1<<3) -#define PROT_FTP (1<<4) -#define PROT_TELNET (1<<5) -#define PROT_DICT (1<<6) -#define PROT_LDAP (1<<7) -#define PROT_FILE (1<<8) -#define PROT_FTPS (1<<9) -#define PROT_SSL (1<<10) /* protocol requires SSL */ -#define PROT_TFTP (1<<11) -#define PROT_SCP (1<<12) -#define PROT_SFTP (1<<13) +#define PROT_HTTP CURLPROTO_HTTP +#define PROT_HTTPS CURLPROTO_HTTPS +#define PROT_FTP CURLPROTO_FTP +#define PROT_TELNET CURLPROTO_TELNET +#define PROT_DICT CURLPROTO_DICT +#define PROT_LDAP CURLPROTO_LDAP +#define PROT_FILE CURLPROTO_FILE +#define PROT_FTPS CURLPROTO_FTPS +#define PROT_TFTP CURLPROTO_TFTP +#define PROT_SCP CURLPROTO_SCP +#define PROT_SFTP CURLPROTO_SFTP + +/* CURLPROTO_TFTP (1<<11) is currently the highest used bit in the public + bitmask. We make sure we use "private bits" above the first 16 to make + things easier. */ + +#define PROT_EXTMASK 0xffff + +#define PROT_SSL (1<<22) /* protocol requires SSL */ +#define PROT_MISSING (1<<23) #define PROT_CLOSEACTION PROT_FTP /* these ones need action before socket close */ @@ -1533,6 +1540,8 @@ struct UserDefined { via an HTTP proxy */ char *str[STRING_LAST]; /* array of strings, pointing to allocated memory */ unsigned int scope; /* address scope for IPv6 */ + long allowed_protocols; + long redir_protocols; #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) long socks5_gssapi_nec; /* flag to support nec socks5 server */ #endif |