From a9b3c564bdd80ad6d3db0d0c493144956c64368d Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Tue, 3 Mar 2020 17:14:00 +0100
Subject: rename BANK_excecute_wire_transfer to BANK_transfer, improve error
 handling when curl_easy_init() fails

---
 src/lib/auditor_api_curl_defaults.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'src/lib/auditor_api_curl_defaults.c')

diff --git a/src/lib/auditor_api_curl_defaults.c b/src/lib/auditor_api_curl_defaults.c
index 15c60862..d8c6f619 100644
--- a/src/lib/auditor_api_curl_defaults.c
+++ b/src/lib/auditor_api_curl_defaults.c
@@ -19,7 +19,6 @@
  * @brief curl easy handle defaults
  * @author Florian Dold
  */
-
 #include "auditor_api_curl_defaults.h"
 
 
@@ -30,7 +29,7 @@
  * @param url URL to query
  */
 CURL *
-TAL_curl_easy_get (const char *url)
+TALER_AUDITOR_curl_easy_get_ (const char *url)
 {
   CURL *eh;
   struct GNUNET_AsyncScopeSave scope;
@@ -38,15 +37,25 @@ TAL_curl_easy_get (const char *url)
   GNUNET_async_scope_get (&scope);
 
   eh = curl_easy_init ();
-
+  if (NULL == eh)
+    return NULL;
   GNUNET_assert (CURLE_OK ==
                  curl_easy_setopt (eh,
                                    CURLOPT_URL,
                                    url));
+  GNUNET_assert (CURLE_OK ==
+                 curl_easy_setopt (eh,
+                                   CURLOPT_FOLLOWLOCATION,
+                                   1L));
+  /* limit MAXREDIRS to 5 as a simple security measure against
+     a potential infinite loop caused by a malicious target */
+  GNUNET_assert (CURLE_OK ==
+                 curl_easy_setopt (eh,
+                                   CURLOPT_MAXREDIRS,
+                                   5L));
   GNUNET_assert (CURLE_OK ==
                  curl_easy_setopt (eh,
                                    CURLOPT_TCP_FASTOPEN,
                                    1L));
-
   return eh;
 }
-- 
cgit v1.2.3