1 files changed, 131 insertions, 0 deletions

diff --git a/0003-curl-7.21.7-5538904.patch b/0003-curl-7.21.7-5538904.patch
new file mode 100644
index 0000000..1374ad8
--- /dev/null
+++ b/0003-curl-7.21.7-5538904.patch
@@ -0,0 +1,131 @@
+From 9698db7fd56b08cc8f9bdeb2182bc9afdbcb4f90 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 12 Aug 2011 14:48:32 +0200
+Subject: [PATCH 1/2] added --delegation
+
+Using this option with an argument being set to one of
+none/policy/always instructs libcurl how to deal with GSS
+credentials. Or rather how it tells the server that delegation is fine
+or not.
+
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/main.c |   29 ++++++++++++++++++++++++++---
+ 1 files changed, 26 insertions(+), 3 deletions(-)
+
+diff --git a/src/main.c b/src/main.c
+index d85bf62..3a2595c 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -659,6 +659,7 @@ struct Configurable {
+                              basically each given URL to transfer */
+   struct OutStruct *outs;
+   bool xattr; /* store metadata in extended attributes */
++  long gssapi_delegation;
+ };
+ 
+ #define WARN_PREFIX "Warning: "
+@@ -817,6 +818,7 @@ static void help(void)
+     "    --data-binary <data> HTTP POST binary data (H)",
+     "    --data-urlencode <name=data/name@filename> "
+     "HTTP POST data url encoded (H)",
++    "    --delegation STRING GSS-API delegation permission",
+     "    --digest        Use HTTP Digest Authentication (H)",
+     "    --disable-eprt  Inhibit using EPRT or LPRT (F)",
+     "    --disable-epsv  Inhibit using EPSV (F)",
+@@ -1823,6 +1825,18 @@ static int sockoptcallback(void *clientp, curl_socket_t curlfd,
+   return 0;
+ }
+ 
++static long delegation(struct Configurable *config,
++                       char *str)
++{
++  if(curlx_raw_equal("none", str))
++    return CURLGSSAPI_DELEGATION_NONE;
++  if(curlx_raw_equal("policy", str))
++    return CURLGSSAPI_DELEGATION_POLICY_FLAG;
++  if(curlx_raw_equal("always", str))
++    return CURLGSSAPI_DELEGATION_FLAG;
++  warnf(config, "unrecognized delegation method '%s', using none\n", str);
++  return CURLGSSAPI_DELEGATION_NONE;
++}
+ 
+ static ParameterError getparameter(char *flag, /* f or -long-flag */
+                                    char *nextarg, /* NULL if unset */
+@@ -1942,6 +1956,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
+     {"$D", "proto",      TRUE},
+     {"$E", "proto-redir", TRUE},
+     {"$F", "resolve",    TRUE},
++    {"$G", "delegation", TRUE},
+     {"0", "http1.0",     FALSE},
+     {"1", "tlsv1",       FALSE},
+     {"2", "sslv2",       FALSE},
+@@ -2516,6 +2531,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
+         if(err)
+           return err;
+         break;
++      case 'G': /* --delegation LEVEL */
++        config->gssapi_delegation = delegation(config, nextarg);
++        break;
+       }
+       break;
+     case '#': /* --progress-bar */
+@@ -5564,9 +5582,14 @@ operate(struct Configurable *config, int argc, argv_item_t argv[])
+           /* new in 7.21.3 */
+           my_setopt(curl, CURLOPT_RESOLVE, config->resolve);
+ 
+-        /* TODO: new in ### */
+-        curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
+-        curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
++        /* new in 7.21.4 */
++        my_setopt_str(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
++        my_setopt_str(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
++
++        /* new in 7.22.0 */
++        if(config->gssapi_delegation)
++          my_setopt_str(curl, CURLOPT_GSSAPI_DELEGATION,
++                        config->gssapi_delegation);
+ 
+         retry_numretries = config->req_retry;
+ 
+-- 
+1.7.4.4
+
+
+From 8e404e1c3846cc98a1977514af5b0432ae2de755 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 12 Aug 2011 23:51:41 +0200
+Subject: [PATCH 2/2] docs: --delegation
+
+
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ docs/curl.1 |   12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+
+diff --git a/docs/curl.1 b/docs/curl.1
+index 812b2eb..eee3481 100644
+--- a/docs/curl.1
++++ b/docs/curl.1
+@@ -320,6 +320,18 @@ URL-encode that data and pass it on in the POST. The name part gets an equal
+ sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
+ name is expected to be URL-encoded already.
+ .RE
++.IP "--delegation LEVEL"
++Set \fILEVEL\fP to tell the server what it is allowed to delegate when it
++comes to user credentials. Used with GSS/kerberos.
++.RS
++.IP "none"
++Don't allow any delegation.
++.IP "policy"
++Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
++service ticket, which is a matter of realm policy.
++.IP "always"
++Unconditionally allow the server to delegate.
++.RE
+ .IP "--digest"
+ (HTTP) Enables HTTP Digest authentication. This is a authentication that
+ prevents the password from being sent over the wire in clear text. Use this in
+-- 
+1.7.4.4
+