summaryrefslogtreecommitdiffstats
path: root/0003-curl-7.21.7-5538904.patch
diff options
context:
space:
mode:
Diffstat (limited to '0003-curl-7.21.7-5538904.patch')
-rw-r--r--0003-curl-7.21.7-5538904.patch131
1 files changed, 131 insertions, 0 deletions
diff --git a/0003-curl-7.21.7-5538904.patch b/0003-curl-7.21.7-5538904.patch
new file mode 100644
index 0000000..1374ad8
--- /dev/null
+++ b/0003-curl-7.21.7-5538904.patch
@@ -0,0 +1,131 @@
+From 9698db7fd56b08cc8f9bdeb2182bc9afdbcb4f90 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 12 Aug 2011 14:48:32 +0200
+Subject: [PATCH 1/2] added --delegation
+
+Using this option with an argument being set to one of
+none/policy/always instructs libcurl how to deal with GSS
+credentials. Or rather how it tells the server that delegation is fine
+or not.
+
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/main.c | 29 ++++++++++++++++++++++++++---
+ 1 files changed, 26 insertions(+), 3 deletions(-)
+
+diff --git a/src/main.c b/src/main.c
+index d85bf62..3a2595c 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -659,6 +659,7 @@ struct Configurable {
+ basically each given URL to transfer */
+ struct OutStruct *outs;
+ bool xattr; /* store metadata in extended attributes */
++ long gssapi_delegation;
+ };
+
+ #define WARN_PREFIX "Warning: "
+@@ -817,6 +818,7 @@ static void help(void)
+ " --data-binary <data> HTTP POST binary data (H)",
+ " --data-urlencode <name=data/name@filename> "
+ "HTTP POST data url encoded (H)",
++ " --delegation STRING GSS-API delegation permission",
+ " --digest Use HTTP Digest Authentication (H)",
+ " --disable-eprt Inhibit using EPRT or LPRT (F)",
+ " --disable-epsv Inhibit using EPSV (F)",
+@@ -1823,6 +1825,18 @@ static int sockoptcallback(void *clientp, curl_socket_t curlfd,
+ return 0;
+ }
+
++static long delegation(struct Configurable *config,
++ char *str)
++{
++ if(curlx_raw_equal("none", str))
++ return CURLGSSAPI_DELEGATION_NONE;
++ if(curlx_raw_equal("policy", str))
++ return CURLGSSAPI_DELEGATION_POLICY_FLAG;
++ if(curlx_raw_equal("always", str))
++ return CURLGSSAPI_DELEGATION_FLAG;
++ warnf(config, "unrecognized delegation method '%s', using none\n", str);
++ return CURLGSSAPI_DELEGATION_NONE;
++}
+
+ static ParameterError getparameter(char *flag, /* f or -long-flag */
+ char *nextarg, /* NULL if unset */
+@@ -1942,6 +1956,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
+ {"$D", "proto", TRUE},
+ {"$E", "proto-redir", TRUE},
+ {"$F", "resolve", TRUE},
++ {"$G", "delegation", TRUE},
+ {"0", "http1.0", FALSE},
+ {"1", "tlsv1", FALSE},
+ {"2", "sslv2", FALSE},
+@@ -2516,6 +2531,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
+ if(err)
+ return err;
+ break;
++ case 'G': /* --delegation LEVEL */
++ config->gssapi_delegation = delegation(config, nextarg);
++ break;
+ }
+ break;
+ case '#': /* --progress-bar */
+@@ -5564,9 +5582,14 @@ operate(struct Configurable *config, int argc, argv_item_t argv[])
+ /* new in 7.21.3 */
+ my_setopt(curl, CURLOPT_RESOLVE, config->resolve);
+
+- /* TODO: new in ### */
+- curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
+- curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
++ /* new in 7.21.4 */
++ my_setopt_str(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
++ my_setopt_str(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
++
++ /* new in 7.22.0 */
++ if(config->gssapi_delegation)
++ my_setopt_str(curl, CURLOPT_GSSAPI_DELEGATION,
++ config->gssapi_delegation);
+
+ retry_numretries = config->req_retry;
+
+--
+1.7.4.4
+
+
+From 8e404e1c3846cc98a1977514af5b0432ae2de755 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 12 Aug 2011 23:51:41 +0200
+Subject: [PATCH 2/2] docs: --delegation
+
+
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ docs/curl.1 | 12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+
+diff --git a/docs/curl.1 b/docs/curl.1
+index 812b2eb..eee3481 100644
+--- a/docs/curl.1
++++ b/docs/curl.1
+@@ -320,6 +320,18 @@ URL-encode that data and pass it on in the POST. The name part gets an equal
+ sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
+ name is expected to be URL-encoded already.
+ .RE
++.IP "--delegation LEVEL"
++Set \fILEVEL\fP to tell the server what it is allowed to delegate when it
++comes to user credentials. Used with GSS/kerberos.
++.RS
++.IP "none"
++Don't allow any delegation.
++.IP "policy"
++Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
++service ticket, which is a matter of realm policy.
++.IP "always"
++Unconditionally allow the server to delegate.
++.RE
+ .IP "--digest"
+ (HTTP) Enables HTTP Digest authentication. This is a authentication that
+ prevents the password from being sent over the wire in clear text. Use this in
+--
+1.7.4.4
+