merchant

Merchant backend to process payments, run by merchants
Log | Files | Refs | Submodules | README | LICENSE
commit 84b7ef357a50bafc2480a3f696e33e073fa65cde
parent e8460651653a1e5ec7ee3fcb6f2724b1732c6a5a
Author: Christian Grothoff <christian@grothoff.org>
Date:   Mon,  8 Jan 2024 19:22:00 +0100

improve curl backwards compatibility, de-duplicate code

Diffstat:

Msrc/lib/merchant_api_curl_defaults.c | 23++---------------------


1 file changed, 2 insertions(+), 21 deletions(-)

diff --git a/src/lib/merchant_api_curl_defaults.c b/src/lib/merchant_api_curl_defaults.c
@@ -38,33 +38,14 @@ TALER_MERCHANT_curl_easy_get_ (const char *url)
                  curl_easy_setopt (eh,
                                    CURLOPT_URL,
                                    url));
-  GNUNET_assert (CURLE_OK ==
-                 curl_easy_setopt (eh,
-                                   CURLOPT_FOLLOWLOCATION,
-                                   1L));
-  if (0 == strcasecmp (url,
-                       "https://"))
-    GNUNET_assert (CURLE_OK ==
-                   curl_easy_setopt (eh,
-                                     CURLOPT_REDIR_PROTOCOLS_STR,
-                                     "https"));
-  else
-    GNUNET_assert (CURLE_OK ==
-                   curl_easy_setopt (eh,
-                                     CURLOPT_REDIR_PROTOCOLS_STR,
-                                     "http,https"));
+  TALER_curl_set_secure_redirect_policy (eh,
+                                         url);
   /* Enable compression (using whatever curl likes), see
      https://curl.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html  */
   GNUNET_break (CURLE_OK ==
                 curl_easy_setopt (eh,
                                   CURLOPT_ACCEPT_ENCODING,
                                   ""));
-  /* limit MAXREDIRS to 5 as a simple security measure against
-     a potential infinite loop caused by a malicious target */
-  GNUNET_assert (CURLE_OK ==
-                 curl_easy_setopt (eh,
-                                   CURLOPT_MAXREDIRS,
-                                   5L));
   GNUNET_assert (CURLE_OK ==
                  curl_easy_setopt (eh,
                                    CURLOPT_TCP_FASTOPEN,