From ef193efa2f1d6d3d111a082810b5ecc28947d16c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 8 Jan 2024 19:18:24 +0100 Subject: improve curl backwards compatibility, de-duplicate code --- src/lib/auditor_api_curl_defaults.c | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) (limited to 'src/lib/auditor_api_curl_defaults.c') diff --git a/src/lib/auditor_api_curl_defaults.c b/src/lib/auditor_api_curl_defaults.c index 1565dfdea..a674f5fd2 100644 --- a/src/lib/auditor_api_curl_defaults.c +++ b/src/lib/auditor_api_curl_defaults.c @@ -19,6 +19,7 @@ * @brief curl easy handle defaults * @author Florian Dold */ +#include "taler_curl_lib.h" #include "auditor_api_curl_defaults.h" @@ -37,33 +38,14 @@ TALER_AUDITOR_curl_easy_get_ (const char *url) curl_easy_setopt (eh, CURLOPT_URL, url)); - GNUNET_assert (CURLE_OK == - curl_easy_setopt (eh, - CURLOPT_FOLLOWLOCATION, - 1L)); - if (0 == strcasecmp (url, - "https://")) - GNUNET_assert (CURLE_OK == - curl_easy_setopt (eh, - CURLOPT_REDIR_PROTOCOLS_STR, - "https")); - else - GNUNET_assert (CURLE_OK == - curl_easy_setopt (eh, - CURLOPT_REDIR_PROTOCOLS_STR, - "http,https")); + TALER_curl_set_secure_redirect_policy (eh, + url); /* Enable compression (using whatever curl likes), see https://curl.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html */ GNUNET_break (CURLE_OK == curl_easy_setopt (eh, CURLOPT_ACCEPT_ENCODING, "")); - /* limit MAXREDIRS to 5 as a simple security measure against - a potential infinite loop caused by a malicious target */ - GNUNET_assert (CURLE_OK == - curl_easy_setopt (eh, - CURLOPT_MAXREDIRS, - 5L)); GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, CURLOPT_TCP_FASTOPEN, -- cgit v1.2.3