Fix curl --proto and --proto-redir with SSL protocols (https, etc) #97

Closed
wants to merge 1 commit into
from

Projects

None yet

2 participants

@drizzt
drizzt commented Apr 17, 2014

curl --proto and --proto-redir actually does NOT work with SSL protocols.

Test:
curl --proto -https https://github.com
curl -L --proto -http --proto-redir -https http://github.com

@bagder
Member
bagder commented Apr 19, 2014

Thanks for pointing this out and providing a patch.

I don't really like how it is done though. The list of explicit protocols in the code makes it very error prone, and I think the fact you missed a protocol proves this very good. Although I'll admit I haven't yet come up with a really nice approach I've come to piece with.

Secondly, your change doesn't include the redirect protocol check just a few more lines below.

@bagder
Member
bagder commented Apr 20, 2014

Here's my suggested alternative: http://curl.haxx.se/mail/lib-2014-04/0148.html

Please discuss on the list and not here. Closing this.

@bagder bagder closed this Apr 20, 2014
@bagder bagder added a commit that referenced this pull request Apr 23, 2014
@bagder bagder handler: make 'protocol' always specified as a single bit
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.

This fixes --proto and --proto-redir for most SSL protocols.

This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.

Bug: #97
Reported-by: drizzt
710f14e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment