curl: Enable following redirects
authorTobias Brunner <tobias@strongswan.org>
Mon, 26 Jun 2017 08:29:17 +0000 (10:29 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 27 Jul 2017 11:15:43 +0000 (13:15 +0200)
The maximum number of redirects can be limited. The functionality can also
be disabled.

Fixes #2366.

conf/Makefile.am
conf/plugins/curl.opt [new file with mode: 0644]
src/libstrongswan/plugins/curl/curl_fetcher.c

index de21103..87319db 100644 (file)
@@ -36,6 +36,7 @@ plugins = \
        plugins/bypass-lan.opt \
        plugins/certexpire.opt \
        plugins/coupling.opt \
+       plugins/curl.opt \
        plugins/dhcp.opt \
        plugins/dnscert.opt \
        plugins/duplicheck.opt \
diff --git a/conf/plugins/curl.opt b/conf/plugins/curl.opt
new file mode 100644 (file)
index 0000000..90efa12
--- /dev/null
@@ -0,0 +1,3 @@
+charon.plugins.curl.redir = -1
+       Maximum number of redirects followed by the plugin, set to 0 to disable
+       following redirects, set to -1 for no limit.
index 541d2a2..b52b35b 100644 (file)
@@ -58,6 +58,11 @@ struct private_curl_fetcher_t {
         * Timeout for a transfer
         */
        long timeout;
+
+       /**
+        * Maximum number of redirects to follow
+        */
+       long redir;
 };
 
 /**
@@ -116,6 +121,8 @@ METHOD(fetcher_t, fetch, status_t,
                curl_easy_setopt(this->curl, CURLOPT_TIMEOUT, this->timeout);
        }
        curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, CONNECT_TIMEOUT);
+       curl_easy_setopt(this->curl, CURLOPT_FOLLOWLOCATION, TRUE);
+       curl_easy_setopt(this->curl, CURLOPT_MAXREDIRS, this->redir);
        curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)curl_cb);
        curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, &data);
        if (this->headers)
@@ -260,6 +267,8 @@ curl_fetcher_t *curl_fetcher_create()
                },
                .curl = curl_easy_init(),
                .cb = fetcher_default_callback,
+               .redir = lib->settings->get_int(lib->settings, "%s.plugins.curl.redir",
+                                                                               -1, lib->ns),
        );
 
        if (!this->curl)