diff options
| author | Brad King <brad.king@kitware.com> | 2023-02-17 18:36:27 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2023-02-17 18:51:03 (GMT) |
| commit | ccdc358f49029b210828a5178e24f74333ef0bd0 (patch) | |
| tree | f3cef2193b83dcbf608af3c7fdbb6e7a31798635 | |
| parent | 29dc3e7722048e20f238eaed861324b925ba6399 (diff) | |
| download | CMake-ccdc358f49029b210828a5178e24f74333ef0bd0.zip CMake-ccdc358f49029b210828a5178e24f74333ef0bd0.tar.gz CMake-ccdc358f49029b210828a5178e24f74333ef0bd0.tar.bz2 | |
curl: Backport upstream curl fixes for no_proxy to CMake 3.25 release
CMake 3.25 updated to curl 7.86, which had some `no_proxy` regressions.
Backport upstream curl fixes:
* commit `b830f9ba9` (noproxy: fix tail-matching)
* commit `b1953c193` (noproxy: tailmatch like in 7.85.0 and earlier)
* commit `60453483b` (noproxy: guard against empty hostnames)
CMake 3.26 already updated to curl 7.87, and has the fixes.
Fixes: #24426
| -rw-r--r-- | Utilities/cmcurl/lib/noproxy.c | 45 |
1 files changed, 35 insertions, 10 deletions
diff --git a/Utilities/cmcurl/lib/noproxy.c b/Utilities/cmcurl/lib/noproxy.c index 81f1e09..7c4f4d5 100644 --- a/Utilities/cmcurl/lib/noproxy.c +++ b/Utilities/cmcurl/lib/noproxy.c @@ -117,6 +117,13 @@ enum nametype { ****************************************************************/ bool Curl_check_noproxy(const char *name, const char *no_proxy) { + /* + * If we don't have a hostname at all, like for example with a FILE + * transfer, we have nothing to interrogate the noproxy list with. + */ + if(!name || name[0] == '\0') + return FALSE; + /* no_proxy=domain1.dom,host.domain2.dom * (a comma-separated list of hosts which should * not be proxied, or an asterisk to override @@ -149,9 +156,14 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) } else { unsigned int address; + namelen = strlen(name); if(1 == Curl_inet_pton(AF_INET, name, &address)) type = TYPE_IPV4; - namelen = strlen(name); + else { + /* ignore trailing dots in the host name */ + if(name[namelen - 1] == '.') + namelen--; + } } while(*p) { @@ -173,16 +185,29 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) if(tokenlen) { switch(type) { case TYPE_HOST: - if(*token == '.') { - ++token; - --tokenlen; - /* tailmatch */ - match = (tokenlen <= namelen) && - strncasecompare(token, name + (namelen - tokenlen), namelen); + /* ignore trailing dots in the token to check */ + if(token[tokenlen - 1] == '.') + tokenlen--; + + if(tokenlen && (*token == '.')) { + /* ignore leading token dot as well */ + token++; + tokenlen--; } - else - match = (tokenlen == namelen) && - strncasecompare(token, name, namelen); + /* A: example.com matches 'example.com' + B: www.example.com matches 'example.com' + C: nonexample.com DOES NOT match 'example.com' + */ + if(tokenlen == namelen) + /* case A, exact match */ + match = strncasecompare(token, name, namelen); + else if(tokenlen < namelen) { + /* case B, tailmatch domain */ + match = (name[namelen - tokenlen - 1] == '.') && + strncasecompare(token, name + (namelen - tokenlen), + tokenlen); + } + /* case C passes through, not a match */ break; case TYPE_IPV4: /* FALLTHROUGH */ |