*** include/curl/curl.h.orig Mon Dec 8 03:01:29 2003 --- include/curl/curl.h Mon Dec 8 05:48:02 2003 *************** *** 715,720 **** --- 715,725 ---- */ CINIT(FTP_SSL, LONG, 116), + /* Disables one or more URL protocols. The disabled protocols are a bitmask + of the CURLPROT_* flags. */ + CINIT(DISABLEPROTOCOLS, LONG, 117), + + CURLOPT_LASTENTRY /* the last unused */ } CURLoption; *************** *** 1135,1140 **** --- 1140,1158 ---- CURLSH *curl_share_init(void); CURLSHcode curl_share_setopt(CURLSH *, CURLSHoption option, ...); CURLSHcode curl_share_cleanup(CURLSH *); + + /**************************************************************************** + * Bitflags for disabling protocols + */ + #define CURLPROT_GOPHER (1<<1) + #define CURLPROT_HTTP (1<<2) + #define CURLPROT_HTTPS (1<<3) + #define CURLPROT_FTP (1<<4) + #define CURLPROT_TELNET (1<<5) + #define CURLPROT_DICT (1<<6) + #define CURLPROT_LDAP (1<<7) + #define CURLPROT_FILE (1<<8) + #define CURLPROT_FTPS (1<<9) /**************************************************************************** * Structures for querying information about the curl library at runtime. *** lib/urldata.h.orig Thu Dec 4 03:00:09 2003 --- lib/urldata.h Mon Dec 8 05:48:16 2003 *************** *** 399,413 **** long protocol; /* PROT_* flags concerning the protocol set */ #define PROT_MISSING (1<<0) ! #define PROT_GOPHER (1<<1) ! #define PROT_HTTP (1<<2) ! #define PROT_HTTPS (1<<3) ! #define PROT_FTP (1<<4) ! #define PROT_TELNET (1<<5) ! #define PROT_DICT (1<<6) ! #define PROT_LDAP (1<<7) ! #define PROT_FILE (1<<8) ! #define PROT_FTPS (1<<9) #define PROT_SSL (1<<10) /* protocol requires SSL */ /* the particular host we use, in two different ways */ --- 399,420 ---- long protocol; /* PROT_* flags concerning the protocol set */ #define PROT_MISSING (1<<0) ! ! /* Constants for the PROT_* for the actual protocols have been moved to ! * include/curl/curl.h and renamed CURLPROT_*. If you add a new protocol ! * you should update that list as well. ! */ ! #define PROT_GOPHER CURLPROT_GOPHER ! #define PROT_HTTP CURLPROT_HTTP ! #define PROT_HTTPS CURLPROT_HTTPS ! #define PROT_FTP CURLPROT_FTP ! #define PROT_TELNET CURLPROT_TELNET ! #define PROT_DICT CURLPROT_DICT ! #define PROT_LDAP CURLPROT_LDAP ! #define PROT_FILE CURLPROT_FILE ! #define PROT_FTPS CURLPROT_FTPS ! /* End of contants in include/curl/curl.h */ ! #define PROT_SSL (1<<10) /* protocol requires SSL */ /* the particular host we use, in two different ways */ *************** *** 830,835 **** --- 837,844 ---- int ip_version; long max_filesize; /* Maximum file size to download */ + + long disableprotocols; /* bitmask of disabled protocols */ /* Here follows boolean settings that define how to behave during this session. They are STATIC, set by libcurl users or at least initially *** lib/url.c.orig Wed Dec 3 03:00:11 2003 --- lib/url.c Mon Dec 8 05:48:29 2003 *************** *** 1258,1263 **** --- 1258,1270 ---- data->set.ftp_ssl = va_arg(param, long); break; + case CURLOPT_DISABLEPROTOCOLS: + /* + * Set the mask of protocols to disable + */ + data->set.disableprotocols = va_arg(param, long); + break; + default: /* unknown tag and its companion, just ignore: */ return CURLE_FAILED_INIT; /* correct this */ *************** *** 2356,2361 **** --- 2363,2373 ---- *************************************************************/ if (strequal(conn->protostr, "HTTP")) { + if (data->set.disableprotocols & PROT_HTTP) + { + failf(data, "HTTP support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } #ifndef CURL_DISABLE_HTTP conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_HTTP; *************** *** 2373,2378 **** --- 2385,2395 ---- } else if (strequal(conn->protostr, "HTTPS")) { #if defined(USE_SSLEAY) && !defined(CURL_DISABLE_HTTP) + if (data->set.disableprotocols & (PROT_HTTP|PROT_HTTPS)) + { + failf(data, "HTTPS support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_HTTPS; *************** *** 2392,2397 **** --- 2409,2419 ---- } else if (strequal(conn->protostr, "GOPHER")) { #ifndef CURL_DISABLE_GOPHER + if (data->set.disableprotocols & PROT_GOPHER) + { + failf(data, "GOPHER support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_GOPHER; conn->remote_port = PORT_GOPHER; *************** *** 2418,2423 **** --- 2440,2450 ---- char *type; if(strequal(conn->protostr, "FTPS")) { + if (data->set.disableprotocols & (PROT_FTP|PROT_FTPS)) + { + failf(data, "FTPS support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } #ifdef USE_SSLEAY conn->protocol |= PROT_FTPS|PROT_SSL; conn->ssl[SECONDARYSOCKET].use = TRUE; /* send data securely */ *************** *** 2427,2433 **** return CURLE_UNSUPPORTED_PROTOCOL; #endif /* !USE_SSLEAY */ } ! conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_FTP; conn->remote_port = PORT_FTP; --- 2454,2464 ---- return CURLE_UNSUPPORTED_PROTOCOL; #endif /* !USE_SSLEAY */ } ! if (data->set.disableprotocols & PROT_FTP) ! { ! failf(data, "FTP support has been disabled"); ! return CURLE_UNSUPPORTED_PROTOCOL; ! } conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_FTP; conn->remote_port = PORT_FTP; *************** *** 2445,2450 **** --- 2476,2486 ---- return CURLE_UNSUPPORTED_PROTOCOL; } #ifndef CURL_DISABLE_HTTP + if (data->set.disableprotocols & PROT_HTTP) + { + failf(data, "HTTP support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->curl_do = Curl_http; conn->curl_done = Curl_http_done; #else *************** *** 2496,2501 **** --- 2532,2542 ---- } else if(strequal(conn->protostr, "TELNET")) { #ifndef CURL_DISABLE_TELNET + if (data->set.disableprotocols & PROT_TELNET) + { + failf(data, "TELNET support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } /* telnet testing factory */ conn->protocol |= PROT_TELNET; *************** *** 2511,2516 **** --- 2552,2562 ---- } else if (strequal(conn->protostr, "DICT")) { #ifndef CURL_DISABLE_DICT + if (data->set.disableprotocols & PROT_DICT) + { + failf(data, "DICT support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->protocol |= PROT_DICT; conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_DICT; *************** *** 2524,2529 **** --- 2570,2580 ---- } else if (strequal(conn->protostr, "LDAP")) { #ifndef CURL_DISABLE_LDAP + if (data->set.disableprotocols & PROT_LDAP) + { + failf(data, "LDAP support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->protocol |= PROT_LDAP; conn->port = (data->set.use_port && data->state.allow_port)? data->set.use_port:PORT_LDAP; *************** *** 2537,2542 **** --- 2588,2598 ---- } else if (strequal(conn->protostr, "FILE")) { #ifndef CURL_DISABLE_FILE + if (data->set.disableprotocols & PROT_FILE) + { + failf(data, "FILE support has been disabled"); + return CURLE_UNSUPPORTED_PROTOCOL; + } conn->protocol |= PROT_FILE; conn->curl_do = Curl_file; *** docs/libcurl/curl_easy_setopt.3.orig Mon Dec 8 05:54:38 2003 --- docs/libcurl/curl_easy_setopt.3 Mon Dec 8 06:06:51 2003 *************** *** 640,645 **** --- 640,666 ---- NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers. + .IP CURLOPT_DISABLEPROTOCOLS + Pass a long as parameter, which is set to a bitmask. This allows you to + disable specific protocols at runtime. (Added in 7.11.0) + .RS + .IP CURLPROT_HTTP + Disables the HTTP and HTTPS protocols + .IP CURLPROT_HTTPS + Disables the HTTPS protocol + .IP CURLPROT_FTP + Disables the FTP and FTPS protocols + .IP CURLPROT_GOPHER + Disables the GOPHER protocol + .IP CURLPROT_TELNET + Disables the TELNET protocol + .IP CURLPROT_LDAP + Disables the LDAP protocol + .IP CURLPROT_DICT + Disables the DICT protocol + .IP CURLPROT_FILE + Disables the FILE protocol + .RE .SH CONNECTION OPTIONS .IP CURLOPT_TIMEOUT Pass a long as parameter containing the maximum time in seconds that you allow *** docs/libcurl/curl_easy_setopt.html.orig Mon Dec 8 06:07:12 2003 --- docs/libcurl/curl_easy_setopt.html Mon Dec 8 06:07:00 2003 *************** *** 284,290 ****

A non-zero parameter tells the library to prepare for an upload. The CURLOPT_READDATA and CURLOPT_INFILESIZE are also interesting for uploads.

CURLOPT_MAXFILESIZE

Pass a long as parameter. This allows you to specify the maximum size (in bytes) of a file to download. If the file requested is larger than this value, the transfer will not start and CURLE_FILESIZE_EXCEEDED will be returned. !

NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers.

CONNECTION OPTIONS

CURLOPT_TIMEOUT

Pass a long as parameter containing the maximum time in seconds that you allow the libcurl transfer operation to take. Normally, name lookups can take a considerable time and limiting operations to less than a few minutes risk aborting perfectly normal operations. This option will cause curl to use the SIGALRM to enable time-outing system calls. --- 284,310 ----

A non-zero parameter tells the library to prepare for an upload. The CURLOPT_READDATA and CURLOPT_INFILESIZE are also interesting for uploads.

CURLOPT_MAXFILESIZE

Pass a long as parameter. This allows you to specify the maximum size (in bytes) of a file to download. If the file requested is larger than this value, the transfer will not start and CURLE_FILESIZE_EXCEEDED will be returned. !

NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers. !

CURLOPT_DISABLEPROTOCOLS !

Pass a long as parameter, which is set to a bitmask. This allows you to disable specific protocols at runtime. (Added in 7.11.0) !

!

CURLPROT_HTTP !

Disables the HTTP and HTTPS protocols !

CURLPROT_HTTPS !

Disables the HTTPS protocol !

CURLPROT_FTP !

Disables the FTP and FTPS protocols !

CURLPROT_GOPHER !

Disables the GOPHER protocol !

CURLPROT_TELNET !

Disables the TELNET protocol !

CURLPROT_LDAP !

Disables the LDAP protocol !

CURLPROT_DICT !

Disables the DICT protocol !

CURLPROT_FILE !

Disables the FILE protocol !

CONNECTION OPTIONS

CURLOPT_TIMEOUT

Pass a long as parameter containing the maximum time in seconds that you allow the libcurl transfer operation to take. Normally, name lookups can take a considerable time and limiting operations to less than a few minutes risk aborting perfectly normal operations. This option will cause curl to use the SIGALRM to enable time-outing system calls.