Set unrestricted auth option

Signed-off-by: Juha Kallioinen <juha.kallioinen@jolla.com>
sailfishos · Nov 6, 2013 · 67c3c44 · 67c3c44
1 parent 486566d
commit 67c3c44
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 0 deletions.
diff --git a/libzypp-12.2.0-unrestricted-auth.patch b/libzypp-12.2.0-unrestricted-auth.patch
@@ -0,0 +1,14 @@
+diff -Naur a/zypp/media/MediaCurl.cc b/zypp/media/MediaCurl.cc
+--- a/zypp/media/MediaCurl.cc	2012-09-12 12:15:22.000000000 +0300
++++ b/zypp/media/MediaCurl.cc	2013-11-06 01:16:40.147685130 +0200
+@@ -591,6 +591,10 @@
+   // follow any Location: header that the server sends as part of
+   // an HTTP header (#113275)
+   SET_OPTION(CURLOPT_FOLLOWLOCATION, 1L);
++  // send user credentials to all hosts the site may redirect to.
++  // see "man curl" and acknowledge the potential security breach when
++  // using --location-trusted
++  SET_OPTION(CURLOPT_UNRESTRICTED_AUTH, 1L);
+   // 3 redirects seem to be too few in some cases (bnc #465532)
+   SET_OPTION(CURLOPT_MAXREDIRS, 6L);
+
diff --git a/libzypp.changes b/libzypp.changes
@@ -1,3 +1,6 @@
+* Wed Nov 06 2013 Juha Kallioinen <juha.kallioinen@jolla.com> - 12.2.0
+- set unrestricted auth curl option
+
 * Fri Sep 20 2013 Juha Kallioinen <juha.kallioinen@jollamobile.com> - 12.2.0
 - rework netrc patch to also work in non-interactive client (zypper) mode
 

diff --git a/libzypp.spec b/libzypp.spec
@@ -28,6 +28,7 @@ Patch0:         libzypp-11.1.0-remove-timestamp.patch
 Patch1:         use_gpg2.patch
 Patch2:         libzypp-12.2.0-enable-netrc-optional.patch
 Patch3:         tnhl-workaround.patch
+Patch4:         libzypp-12.2.0-unrestricted-auth.patch
 
 %description
 Package, Patch, Pattern, and Product Management
@@ -82,6 +83,7 @@ Authors:
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 mkdir build