acada8c281
The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/certmonger#efe9c7e6bb83d2d967fc27037dd373ea21c471bf
156 lines
5.4 KiB
Diff
156 lines
5.4 KiB
Diff
From 4347ce74b0001c002cb449b8dd63819634e980ae Mon Sep 17 00:00:00 2001
|
|
From: Rob Crittenden <rcritten@redhat.com>
|
|
Date: Thu, 20 Aug 2020 16:55:36 -0400
|
|
Subject: [PATCH 07/11] Add Referer header option to the submit-h API
|
|
|
|
This will allow IPA API requests that require the Referer header
|
|
to be set.
|
|
---
|
|
src/dogtag.c | 2 +-
|
|
src/scep.c | 6 +++---
|
|
src/submit-d.c | 2 +-
|
|
src/submit-h.c | 20 +++++++++++++++-----
|
|
src/submit-h.h | 1 +
|
|
5 files changed, 21 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/src/dogtag.c b/src/dogtag.c
|
|
index faf81f97..d36ac008 100644
|
|
--- a/src/dogtag.c
|
|
+++ b/src/dogtag.c
|
|
@@ -691,7 +691,7 @@ main(int argc, const char **argv)
|
|
/* Submit the form(s). */
|
|
hctx = NULL;
|
|
while (url != NULL) {
|
|
- hctx = cm_submit_h_init(ctx, method, url, params, NULL, NULL,
|
|
+ hctx = cm_submit_h_init(ctx, method, url, params, NULL, NULL, NULL,
|
|
cainfo, capath, sslcert, sslkey, sslpin,
|
|
cm_submit_h_negotiate_off,
|
|
cm_submit_h_delegate_off,
|
|
diff --git a/src/scep.c b/src/scep.c
|
|
index c74ca574..e384e8da 100644
|
|
--- a/src/scep.c
|
|
+++ b/src/scep.c
|
|
@@ -496,7 +496,7 @@ main(int argc, const char **argv)
|
|
}
|
|
|
|
/* Submit the first request. */
|
|
- hctx = cm_submit_h_init(ctx, "GET", url, params, NULL, NULL,
|
|
+ hctx = cm_submit_h_init(ctx, "GET", url, params, NULL, NULL, NULL,
|
|
cainfo, NULL, NULL, NULL, NULL,
|
|
cm_submit_h_negotiate_off,
|
|
cm_submit_h_delegate_off,
|
|
@@ -593,7 +593,7 @@ main(int argc, const char **argv)
|
|
}
|
|
/* Submit a second HTTP request if we have one to make. */
|
|
if (params2 != NULL) {
|
|
- hctx = cm_submit_h_init(ctx, "GET", url, params2, NULL, NULL,
|
|
+ hctx = cm_submit_h_init(ctx, "GET", url, params2, NULL, NULL, NULL,
|
|
NULL, NULL, NULL, NULL, NULL,
|
|
cm_submit_h_negotiate_off,
|
|
cm_submit_h_delegate_off,
|
|
@@ -794,7 +794,7 @@ main(int argc, const char **argv)
|
|
OP_GET_CA_CERT
|
|
"&message=%d", i++);
|
|
hctx = cm_submit_h_init(ctx, "GET", url, params,
|
|
- NULL, NULL, NULL, NULL,
|
|
+ NULL, NULL, NULL, NULL, NULL,
|
|
NULL, NULL, NULL,
|
|
cm_submit_h_negotiate_off,
|
|
cm_submit_h_delegate_off,
|
|
diff --git a/src/submit-d.c b/src/submit-d.c
|
|
index 3adaa4a6..f1877c34 100644
|
|
--- a/src/submit-d.c
|
|
+++ b/src/submit-d.c
|
|
@@ -1188,7 +1188,7 @@ restart:
|
|
fprintf(stderr, "url = \"%s%s%s\"\n", uri,
|
|
params ? "?" : "", params ? params : "");
|
|
}
|
|
- hctx = cm_submit_h_init(ctx, method, uri, params, NULL, NULL,
|
|
+ hctx = cm_submit_h_init(ctx, method, uri, params, NULL, NULL, NULL,
|
|
cainfo, capath, sslcert, sslkey, sslpin,
|
|
cm_submit_h_negotiate_off,
|
|
cm_submit_h_delegate_off,
|
|
diff --git a/src/submit-h.c b/src/submit-h.c
|
|
index 9b507dbe..c04909b1 100644
|
|
--- a/src/submit-h.c
|
|
+++ b/src/submit-h.c
|
|
@@ -51,7 +51,7 @@
|
|
struct cm_submit_h_context {
|
|
int ret;
|
|
long response_code;
|
|
- char *method, *uri, *args, *accept, *ctype, *cainfo, *capath, *result;
|
|
+ char *method, *uri, *args, *accept, *ctype, *referer, *cainfo, *capath, *result;
|
|
int result_length;
|
|
char *sslcert, *sslkey, *sslpass;
|
|
enum cm_submit_h_opt_negotiate negotiate;
|
|
@@ -66,7 +66,7 @@ struct cm_submit_h_context *
|
|
cm_submit_h_init(void *parent,
|
|
const char *method, const char *uri, const char *args,
|
|
const char *content_type, const char *accept,
|
|
- const char *cainfo, const char *capath,
|
|
+ const char *referer, const char *cainfo, const char *capath,
|
|
const char *sslcert, const char *sslkey, const char *sslpass,
|
|
enum cm_submit_h_opt_negotiate neg,
|
|
enum cm_submit_h_opt_delegate del,
|
|
@@ -84,6 +84,7 @@ cm_submit_h_init(void *parent,
|
|
ctx->ctype = content_type ?
|
|
talloc_strdup(ctx, content_type) :
|
|
NULL;
|
|
+ ctx->referer = referer ? talloc_strdup(ctx, referer) : NULL;
|
|
ctx->accept = accept ? talloc_strdup(ctx, accept) : NULL;
|
|
ctx->cainfo = cainfo ? talloc_strdup(ctx, cainfo) : NULL;
|
|
ctx->capath = capath ? talloc_strdup(ctx, capath) : NULL;
|
|
@@ -180,10 +181,11 @@ cm_submit_h_run(struct cm_submit_h_context *ctx)
|
|
}
|
|
}
|
|
if (ctx->negotiate == cm_submit_h_negotiate_on) {
|
|
-#if defined(CURLOPT_HTTPAUTH) && defined(CURLAUTH_GSSNEGOTIATE)
|
|
+#if defined(CURLAUTH_NEGOTIATE)
|
|
curl_easy_setopt(ctx->curl,
|
|
CURLOPT_HTTPAUTH,
|
|
- CURLAUTH_GSSNEGOTIATE);
|
|
+ CURLAUTH_NEGOTIATE);
|
|
+ curl_easy_setopt(ctx->curl, CURLOPT_USERPWD, ":");
|
|
#else
|
|
cm_log(-1,
|
|
"warning: libcurl doesn't appear to support "
|
|
@@ -243,6 +245,14 @@ cm_submit_h_run(struct cm_submit_h_context *ctx)
|
|
header);
|
|
}
|
|
}
|
|
+ if (ctx->referer != NULL) {
|
|
+ header = talloc_asprintf(ctx, "Referer: %s",
|
|
+ ctx->referer);
|
|
+ if (header != NULL) {
|
|
+ headers = curl_slist_append(headers,
|
|
+ header);
|
|
+ }
|
|
+ }
|
|
curl_easy_setopt(ctx->curl, CURLOPT_HTTPHEADER, headers);
|
|
curl_easy_setopt(ctx->curl, CURLOPT_WRITEFUNCTION,
|
|
append_result);
|
|
@@ -415,7 +425,7 @@ main(int argc, const char **argv)
|
|
}
|
|
|
|
ctx = cm_submit_h_init(NULL, method, url, poptGetArg(pctx),
|
|
- ctype, accept,
|
|
+ ctype, accept, NULL,
|
|
cainfo, capath, sslcert, sslkey, sslpass,
|
|
negotiate, negotiate_delegate,
|
|
clientauth, cm_submit_h_env_modify_on,
|
|
diff --git a/src/submit-h.h b/src/submit-h.h
|
|
index 931cc890..b33544af 100644
|
|
--- a/src/submit-h.h
|
|
+++ b/src/submit-h.h
|
|
@@ -45,6 +45,7 @@ struct cm_submit_h_context *cm_submit_h_init(void *parent,
|
|
const char *args,
|
|
const char *content_type,
|
|
const char *accept,
|
|
+ const char *referer,
|
|
const char *cainfo,
|
|
const char *capath,
|
|
const char *sslcert,
|
|
--
|
|
2.25.4
|
|
|