[curl/f19] Resolves: #1118917 - handle cookies with numerical IPv6 address
Kamil Dudka
kdudka at fedoraproject.org
Mon Jul 14 13:14:33 UTC 2014
commit b2b2c57e7da78bb9076304a138453db914b992a7
Author: Kamil Dudka <kdudka at redhat.com>
Date: Mon Jul 14 15:04:52 2014 +0200
Resolves: #1118917 - handle cookies with numerical IPv6 address
0023-curl-7.29.0-85b9dc80.patch | 145 +++++++++++++++++++++++++++++++++++++++
curl.spec | 9 ++-
2 files changed, 153 insertions(+), 1 deletions(-)
---
diff --git a/0023-curl-7.29.0-85b9dc80.patch b/0023-curl-7.29.0-85b9dc80.patch
new file mode 100644
index 0000000..b5f39f1
--- /dev/null
+++ b/0023-curl-7.29.0-85b9dc80.patch
@@ -0,0 +1,145 @@
+From 65b07615f776ab24ed1a4f112e036b6ccb797c49 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel at haxx.se>
+Date: Tue, 21 May 2013 23:28:59 +0200
+Subject: [PATCH] Curl_cookie_add: handle IPv6 hosts
+
+1 - don't skip host names with a colon in them in an attempt to bail out
+on HTTP headers in the cookie file parser. It was only a shortcut anyway
+and trying to parse a file with HTTP headers will still be handled, only
+slightly slower.
+
+2 - don't skip domain names based on number of dots. The original
+netscape cookie spec had this oddity mentioned and while our code
+decreased the check to only check for two, the existing cookie spec has
+no such dot counting required.
+
+Bug: http://curl.haxx.se/bug/view.cgi?id=1221
+Reported-by: Stefan Neis
+Upstream-commit: 85b9dc80232d1d7d48ee4dea6db5a2263ee68efd
+Signed-off-by: Kamil Dudka <kdudka at redhat.com>
+---
+ lib/cookie.c | 89 ++++++++++++++++--------------------------------------------
+ 1 file changed, 24 insertions(+), 65 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index d4fd78a..ac4d89c 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -184,6 +184,9 @@ static void strstore(char **str, const char *newstr)
+ *
+ * Add a single cookie line to the cookie keeping object.
+ *
++ * Be aware that sometimes we get an IP-only host name, and that might also be
++ * a numerical IPv6 address.
++ *
+ ***************************************************************************/
+
+ struct Cookie *
+@@ -290,70 +293,32 @@ Curl_cookie_add(struct SessionHandle *data,
+ }
+ }
+ else if(Curl_raw_equal("domain", name)) {
+- /* note that this name may or may not have a preceding dot, but
+- we don't care about that, we treat the names the same anyway */
+-
+- const char *domptr=whatptr;
+- const char *nextptr;
+- int dotcount=1;
+-
+- /* Count the dots, we need to make sure that there are enough
+- of them. */
++ /* Now, we make sure that our host is within the given domain,
++ or the given domain is not valid and thus cannot be set. */
+
+ if('.' == whatptr[0])
+- /* don't count the initial dot, assume it */
+- domptr++;
+-
+- do {
+- nextptr = strchr(domptr, '.');
+- if(nextptr) {
+- if(domptr != nextptr)
+- dotcount++;
+- domptr = nextptr+1;
++ whatptr++; /* ignore preceding dot */
++
++ if(!domain || tailmatch(whatptr, domain)) {
++ const char *tailptr=whatptr;
++ if(tailptr[0] == '.')
++ tailptr++;
++ strstore(&co->domain, tailptr); /* don't prefix w/dots
++ internally */
++ if(!co->domain) {
++ badcookie = TRUE;
++ break;
+ }
+- } while(nextptr);
+-
+- /* The original Netscape cookie spec defined that this domain name
+- MUST have three dots (or two if one of the seven holy TLDs),
+- but it seems that these kinds of cookies are in use "out there"
+- so we cannot be that strict. I've therefore lowered the check
+- to not allow less than two dots. */
+-
+- if(dotcount < 2) {
+- /* Received and skipped a cookie with a domain using too few
+- dots. */
+- badcookie=TRUE; /* mark this as a bad cookie */
+- infof(data, "skipped cookie with illegal dotcount domain: %s\n",
+- whatptr);
++ co->tailmatch=TRUE; /* we always do that if the domain name was
++ given */
+ }
+ else {
+- /* Now, we make sure that our host is within the given domain,
+- or the given domain is not valid and thus cannot be set. */
+-
+- if('.' == whatptr[0])
+- whatptr++; /* ignore preceding dot */
+-
+- if(!domain || tailmatch(whatptr, domain)) {
+- const char *tailptr=whatptr;
+- if(tailptr[0] == '.')
+- tailptr++;
+- strstore(&co->domain, tailptr); /* don't prefix w/dots
+- internally */
+- if(!co->domain) {
+- badcookie = TRUE;
+- break;
+- }
+- co->tailmatch=TRUE; /* we always do that if the domain name was
+- given */
+- }
+- else {
+- /* we did not get a tailmatch and then the attempted set domain
+- is not a domain to which the current host belongs. Mark as
+- bad. */
+- badcookie=TRUE;
+- infof(data, "skipped cookie with bad tailmatch domain: %s\n",
+- whatptr);
+- }
++ /* we did not get a tailmatch and then the attempted set domain
++ is not a domain to which the current host belongs. Mark as
++ bad. */
++ badcookie=TRUE;
++ infof(data, "skipped cookie with bad tailmatch domain: %s\n",
++ whatptr);
+ }
+ }
+ else if(Curl_raw_equal("version", name)) {
+@@ -512,12 +477,6 @@ Curl_cookie_add(struct SessionHandle *data,
+
+ firstptr=strtok_r(lineptr, "\t", &tok_buf); /* tokenize it on the TAB */
+
+- /* Here's a quick check to eliminate normal HTTP-headers from this */
+- if(!firstptr || strchr(firstptr, ':')) {
+- free(co);
+- return NULL;
+- }
+-
+ /* Now loop through the fields and init the struct we already have
+ allocated */
+ for(ptr=firstptr, fields=0; ptr && !badcookie;
+--
+1.9.3
+
diff --git a/curl.spec b/curl.spec
index 9be1629..c32f418 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.29.0
-Release: 20%{?dist}
+Release: 21%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
@@ -70,6 +70,9 @@ Patch21: 0021-curl-7.29.0-ec5fde24.patch
# acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option (#1098711)
Patch22: 0022-curl-7.29.0-f63603de.patch
+# handle cookies with numerical IPv6 address (#1118917)
+Patch23: 0023-curl-7.29.0-85b9dc80.patch
+
# patch making libcurl multilib ready
Patch101: 0101-curl-7.29.0-multilib.patch
@@ -199,6 +202,7 @@ documentation of the library, too.
%patch20 -p1
%patch21 -p1
%patch22 -p1
+%patch23 -p1
# Fedora patches
%patch101 -p1
@@ -319,6 +323,9 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4
%changelog
+* Mon Jul 14 2014 Kamil Dudka <kdudka at redhat.com> 7.29.0-21
+- handle cookies with numerical IPv6 address (#1118917)
+
* Mon Jun 02 2014 Kamil Dudka <kdudka at redhat.com> 7.29.0-20
- acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option (#1098711)
More information about the scm-commits
mailing list