curl/0001-curl-7.47.1-psl-localhost.patch

From 090ee789dda468fe0d9b715ec4e5dc47a948a239 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Wed, 2 Mar 2016 11:07:16 +0100
Subject: [PATCH] cookie: do not refuse cookies for localhost

Closes #658
---
 lib/cookie.c        | 10 ++++++----
 tests/data/test1136 |  1 +
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index d62f446..e5c7b7e 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -788,10 +788,12 @@ Curl_cookie_add(struct SessionHandle *data,
 #ifdef USE_LIBPSL
   /* Check if the domain is a Public Suffix and if yes, ignore the cookie.
      This needs a libpsl compiled with builtin data. */
-  if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {
-    if(psl_is_public_suffix(psl, co->domain)) {
-      infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",
-            co->name, co->domain);
+  if(domain && co->domain && !isip(co->domain)) {
+    if (((psl = psl_builtin()) != NULL)
+        && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
+      infof(data,
+            "cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",
+            co->name, domain, co->domain);
       freecookie(co);
       return NULL;
     }
diff --git a/tests/data/test1136 b/tests/data/test1136
index e42ca06..d3327e8 100644
--- a/tests/data/test1136
+++ b/tests/data/test1136
@@ -58,6 +58,7 @@ http://www.example.ck/1136 http://www.ck/1136 http://z-1.compute-1.amazonaws.com
 
 .www.example.ck	TRUE	/	FALSE	0	test2	allowed2
 .www.ck	TRUE	/	FALSE	0	test4	allowed4
+.z-1.compute-1.amazonaws.com	TRUE	/	FALSE	0	test5	forbidden5
 </file>
 </verify>
 </testcase>
-- 
2.5.0
Resolves: #1308791 - do not refuse cookies for localhost 2016-03-02 10:23:46 +00:00			`From 090ee789dda468fe0d9b715ec4e5dc47a948a239 Mon Sep 17 00:00:00 2001`
			`From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>`
			`Date: Wed, 2 Mar 2016 11:07:16 +0100`
			`Subject: [PATCH] cookie: do not refuse cookies for localhost`

			`Closes #658`
			`---`
			`lib/cookie.c \| 10 ++++++----`
			`tests/data/test1136 \| 1 +`
			`2 files changed, 7 insertions(+), 4 deletions(-)`

			`diff --git a/lib/cookie.c b/lib/cookie.c`
			`index d62f446..e5c7b7e 100644`
			`--- a/lib/cookie.c`
			`+++ b/lib/cookie.c`
			`@@ -788,10 +788,12 @@ Curl_cookie_add(struct SessionHandle *data,`
			`#ifdef USE_LIBPSL`
			`/* Check if the domain is a Public Suffix and if yes, ignore the cookie.`
			`This needs a libpsl compiled with builtin data. */`
			`- if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {`
			`- if(psl_is_public_suffix(psl, co->domain)) {`
			`- infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",`
			`- co->name, co->domain);`
			`+ if(domain && co->domain && !isip(co->domain)) {`
			`+ if (((psl = psl_builtin()) != NULL)`
			`+ && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {`
			`+ infof(data,`
			`+ "cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",`
			`+ co->name, domain, co->domain);`
			`freecookie(co);`
			`return NULL;`
			`}`
			`diff --git a/tests/data/test1136 b/tests/data/test1136`
			`index e42ca06..d3327e8 100644`
			`--- a/tests/data/test1136`
			`+++ b/tests/data/test1136`
			`@@ -58,6 +58,7 @@ http://www.example.ck/1136 http://www.ck/1136 http://z-1.compute-1.amazonaws.com`

			`.www.example.ck TRUE / FALSE 0 test2 allowed2`
			`.www.ck TRUE / FALSE 0 test4 allowed4`
			`+.z-1.compute-1.amazonaws.com TRUE / FALSE 0 test5 forbidden5`
			`</file>`
			`</verify>`
			`</testcase>`
			`--`
			`2.5.0`