diff options
Diffstat (limited to '0003-curl-7.21.7-5538904.patch')
-rw-r--r-- | 0003-curl-7.21.7-5538904.patch | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/0003-curl-7.21.7-5538904.patch b/0003-curl-7.21.7-5538904.patch new file mode 100644 index 0000000..1374ad8 --- /dev/null +++ b/0003-curl-7.21.7-5538904.patch @@ -0,0 +1,131 @@ +From 9698db7fd56b08cc8f9bdeb2182bc9afdbcb4f90 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Fri, 12 Aug 2011 14:48:32 +0200 +Subject: [PATCH 1/2] added --delegation + +Using this option with an argument being set to one of +none/policy/always instructs libcurl how to deal with GSS +credentials. Or rather how it tells the server that delegation is fine +or not. + +Signed-off-by: Kamil Dudka <kdudka@redhat.com> +--- + src/main.c | 29 ++++++++++++++++++++++++++--- + 1 files changed, 26 insertions(+), 3 deletions(-) + +diff --git a/src/main.c b/src/main.c +index d85bf62..3a2595c 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -659,6 +659,7 @@ struct Configurable { + basically each given URL to transfer */ + struct OutStruct *outs; + bool xattr; /* store metadata in extended attributes */ ++ long gssapi_delegation; + }; + + #define WARN_PREFIX "Warning: " +@@ -817,6 +818,7 @@ static void help(void) + " --data-binary <data> HTTP POST binary data (H)", + " --data-urlencode <name=data/name@filename> " + "HTTP POST data url encoded (H)", ++ " --delegation STRING GSS-API delegation permission", + " --digest Use HTTP Digest Authentication (H)", + " --disable-eprt Inhibit using EPRT or LPRT (F)", + " --disable-epsv Inhibit using EPSV (F)", +@@ -1823,6 +1825,18 @@ static int sockoptcallback(void *clientp, curl_socket_t curlfd, + return 0; + } + ++static long delegation(struct Configurable *config, ++ char *str) ++{ ++ if(curlx_raw_equal("none", str)) ++ return CURLGSSAPI_DELEGATION_NONE; ++ if(curlx_raw_equal("policy", str)) ++ return CURLGSSAPI_DELEGATION_POLICY_FLAG; ++ if(curlx_raw_equal("always", str)) ++ return CURLGSSAPI_DELEGATION_FLAG; ++ warnf(config, "unrecognized delegation method '%s', using none\n", str); ++ return CURLGSSAPI_DELEGATION_NONE; ++} + + static ParameterError getparameter(char *flag, /* f or -long-flag */ + char *nextarg, /* NULL if unset */ +@@ -1942,6 +1956,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ + {"$D", "proto", TRUE}, + {"$E", "proto-redir", TRUE}, + {"$F", "resolve", TRUE}, ++ {"$G", "delegation", TRUE}, + {"0", "http1.0", FALSE}, + {"1", "tlsv1", FALSE}, + {"2", "sslv2", FALSE}, +@@ -2516,6 +2531,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ + if(err) + return err; + break; ++ case 'G': /* --delegation LEVEL */ ++ config->gssapi_delegation = delegation(config, nextarg); ++ break; + } + break; + case '#': /* --progress-bar */ +@@ -5564,9 +5582,14 @@ operate(struct Configurable *config, int argc, argv_item_t argv[]) + /* new in 7.21.3 */ + my_setopt(curl, CURLOPT_RESOLVE, config->resolve); + +- /* TODO: new in ### */ +- curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username); +- curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password); ++ /* new in 7.21.4 */ ++ my_setopt_str(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username); ++ my_setopt_str(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password); ++ ++ /* new in 7.22.0 */ ++ if(config->gssapi_delegation) ++ my_setopt_str(curl, CURLOPT_GSSAPI_DELEGATION, ++ config->gssapi_delegation); + + retry_numretries = config->req_retry; + +-- +1.7.4.4 + + +From 8e404e1c3846cc98a1977514af5b0432ae2de755 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Fri, 12 Aug 2011 23:51:41 +0200 +Subject: [PATCH 2/2] docs: --delegation + + +Signed-off-by: Kamil Dudka <kdudka@redhat.com> +--- + docs/curl.1 | 12 ++++++++++++ + 1 files changed, 12 insertions(+), 0 deletions(-) + +diff --git a/docs/curl.1 b/docs/curl.1 +index 812b2eb..eee3481 100644 +--- a/docs/curl.1 ++++ b/docs/curl.1 +@@ -320,6 +320,18 @@ URL-encode that data and pass it on in the POST. The name part gets an equal + sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the + name is expected to be URL-encoded already. + .RE ++.IP "--delegation LEVEL" ++Set \fILEVEL\fP to tell the server what it is allowed to delegate when it ++comes to user credentials. Used with GSS/kerberos. ++.RS ++.IP "none" ++Don't allow any delegation. ++.IP "policy" ++Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos ++service ticket, which is a matter of realm policy. ++.IP "always" ++Unconditionally allow the server to delegate. ++.RE + .IP "--digest" + (HTTP) Enables HTTP Digest authentication. This is a authentication that + prevents the password from being sent over the wire in clear text. Use this in +-- +1.7.4.4 + |