diff options
Diffstat (limited to 'www/curl/patches/patch-ac')
-rw-r--r-- | www/curl/patches/patch-ac | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/www/curl/patches/patch-ac b/www/curl/patches/patch-ac new file mode 100644 index 00000000000..713c16dba79 --- /dev/null +++ b/www/curl/patches/patch-ac @@ -0,0 +1,47 @@ +$NetBSD: patch-ac,v 1.4.26.1 2009/03/15 15:07:23 tron Exp $ + +Taken from http://curl.haxx.se/CVE-2009-0037/curl-7.18.1-CVE-2009-0037.patch + +--- include/curl/curl.h.orig ++++ include/curl/curl.h +@@ -580,6 +580,21 @@ typedef enum { + CURLFTPMETHOD_LAST /* not an option, never use */ + } curl_ftpmethod; + ++/* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */ ++#define CURLPROTO_HTTP (1<<0) ++#define CURLPROTO_HTTPS (1<<1) ++#define CURLPROTO_FTP (1<<2) ++#define CURLPROTO_FTPS (1<<3) ++#define CURLPROTO_SCP (1<<4) ++#define CURLPROTO_SFTP (1<<5) ++#define CURLPROTO_TELNET (1<<6) ++#define CURLPROTO_LDAP (1<<7) ++#define CURLPROTO_LDAPS (1<<8) ++#define CURLPROTO_DICT (1<<9) ++#define CURLPROTO_FILE (1<<10) ++#define CURLPROTO_TFTP (1<<11) ++#define CURLPROTO_ALL (~0) /* enable everything */ ++ + /* long may be 32 or 64 bits, but we should never depend on anything else + but 32 */ + #define CURLOPTTYPE_LONG 0 +@@ -1188,6 +1203,18 @@ typedef enum { + CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167), + CINIT(SEEKDATA, OBJECTPOINT, 168), + ++ /* set the bitmask for the protocols that are allowed to be used for the ++ transfer, which thus helps the app which takes URLs from users or other ++ external inputs and want to restrict what protocol(s) to deal ++ with. Defaults to CURLPROTO_ALL. */ ++ CINIT(PROTOCOLS, LONG, 181), ++ ++ /* set the bitmask for the protocols that libcurl is allowed to follow to, ++ as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs ++ to be set in both bitmasks to be allowed to get redirected to. Defaults ++ to CURLPROTO_ALL & ~CURLPROTO_FILE. */ ++ CINIT(REDIR_PROTOCOLS, LONG, 182), ++ + CURLOPT_LASTENTRY /* the last unused */ + } CURLoption; + |