diff options
Diffstat (limited to 'Utilities/cmcurl/lib/hsts.c')
| -rw-r--r-- | Utilities/cmcurl/lib/hsts.c | 33 |
1 files changed, 12 insertions, 21 deletions
diff --git a/Utilities/cmcurl/lib/hsts.c b/Utilities/cmcurl/lib/hsts.c index b9fa6f7..e3b686e 100644 --- a/Utilities/cmcurl/lib/hsts.c +++ b/Utilities/cmcurl/lib/hsts.c @@ -18,6 +18,8 @@ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * + * SPDX-License-Identifier: curl + * ***************************************************************************/ /* * The Strict-Transport-Security header is defined in RFC 6797: @@ -35,7 +37,7 @@ #include "sendf.h" #include "strtoofft.h" #include "parsedate.h" -#include "rand.h" +#include "fopen.h" #include "rename.h" #include "strtoofft.h" @@ -154,7 +156,7 @@ CURLcode Curl_hsts_parse(struct hsts *h, const char *hostname, return CURLE_OK; do { - while(*p && ISSPACE(*p)) + while(*p && ISBLANK(*p)) p++; if(Curl_strncasecompare("max-age=", p, 8)) { bool quoted = FALSE; @@ -165,7 +167,7 @@ CURLcode Curl_hsts_parse(struct hsts *h, const char *hostname, return CURLE_BAD_FUNCTION_ARGUMENT; p += 8; - while(*p && ISSPACE(*p)) + while(*p && ISBLANK(*p)) p++; if(*p == '\"') { p++; @@ -198,7 +200,7 @@ CURLcode Curl_hsts_parse(struct hsts *h, const char *hostname, p++; } - while(*p && ISSPACE(*p)) + while(*p && ISBLANK(*p)) p++; if(*p == ';') p++; @@ -354,8 +356,7 @@ CURLcode Curl_hsts_save(struct Curl_easy *data, struct hsts *h, struct Curl_llist_element *n; CURLcode result = CURLE_OK; FILE *out; - char *tempstore; - unsigned char randsuffix[9]; + char *tempstore = NULL; if(!h) /* no cache activated */ @@ -369,17 +370,8 @@ CURLcode Curl_hsts_save(struct Curl_easy *data, struct hsts *h, /* marked as read-only, no file or zero length file name */ goto skipsave; - if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix))) - return CURLE_FAILED_INIT; - - tempstore = aprintf("%s.%s.tmp", file, randsuffix); - if(!tempstore) - return CURLE_OUT_OF_MEMORY; - - out = fopen(tempstore, FOPEN_WRITETEXT); - if(!out) - result = CURLE_WRITE_ERROR; - else { + result = Curl_fopen(data, file, &out, &tempstore); + if(!result) { fputs("# Your HSTS cache. https://curl.se/docs/hsts.html\n" "# This file was generated by libcurl! Edit at your own risk.\n", out); @@ -391,10 +383,10 @@ CURLcode Curl_hsts_save(struct Curl_easy *data, struct hsts *h, break; } fclose(out); - if(!result && Curl_rename(tempstore, file)) + if(!result && tempstore && Curl_rename(tempstore, file)) result = CURLE_WRITE_ERROR; - if(result) + if(result && tempstore) unlink(tempstore); } free(tempstore); @@ -494,8 +486,7 @@ static CURLcode hsts_pull(struct Curl_easy *data, struct hsts *h) /* * Load the HSTS cache from the given file. The text based line-oriented file - * format is documented here: - * https://github.com/curl/curl/wiki/HSTS + * format is documented here: https://curl.se/docs/hsts.html * * This function only returns error on major problems that prevent hsts * handling to work completely. It will ignore individual syntactical errors |