summaryrefslogtreecommitdiff
path: root/src/lib/auditor_api_curl_defaults.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-03-03 17:14:00 +0100
committerChristian Grothoff <christian@grothoff.org>2020-03-03 17:14:00 +0100
commita9b3c564bdd80ad6d3db0d0c493144956c64368d (patch)
tree0d6b2e480eb87802f26d2c323d07d8a89b8f7268 /src/lib/auditor_api_curl_defaults.c
parent97fb6b0091ca089b997febf691be2038223a8d21 (diff)
downloadexchange-a9b3c564bdd80ad6d3db0d0c493144956c64368d.tar.gz
exchange-a9b3c564bdd80ad6d3db0d0c493144956c64368d.tar.bz2
exchange-a9b3c564bdd80ad6d3db0d0c493144956c64368d.zip
rename BANK_excecute_wire_transfer to BANK_transfer, improve error handling when curl_easy_init() fails
Diffstat (limited to 'src/lib/auditor_api_curl_defaults.c')
-rw-r--r--src/lib/auditor_api_curl_defaults.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/src/lib/auditor_api_curl_defaults.c b/src/lib/auditor_api_curl_defaults.c
index 15c60862..d8c6f619 100644
--- a/src/lib/auditor_api_curl_defaults.c
+++ b/src/lib/auditor_api_curl_defaults.c
@@ -19,7 +19,6 @@
* @brief curl easy handle defaults
* @author Florian Dold
*/
-
#include "auditor_api_curl_defaults.h"
@@ -30,7 +29,7 @@
* @param url URL to query
*/
CURL *
-TAL_curl_easy_get (const char *url)
+TALER_AUDITOR_curl_easy_get_ (const char *url)
{
CURL *eh;
struct GNUNET_AsyncScopeSave scope;
@@ -38,15 +37,25 @@ TAL_curl_easy_get (const char *url)
GNUNET_async_scope_get (&scope);
eh = curl_easy_init ();
-
+ if (NULL == eh)
+ return NULL;
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_URL,
url));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
+ CURLOPT_FOLLOWLOCATION,
+ 1L));
+ /* limit MAXREDIRS to 5 as a simple security measure against
+ a potential infinite loop caused by a malicious target */
+ GNUNET_assert (CURLE_OK ==
+ curl_easy_setopt (eh,
+ CURLOPT_MAXREDIRS,
+ 5L));
+ GNUNET_assert (CURLE_OK ==
+ curl_easy_setopt (eh,
CURLOPT_TCP_FASTOPEN,
1L));
-
return eh;
}