adamwill / rpms / openscap

Forked from rpms/openscap 3 years ago
Clone

Blame SOURCES/openscap-1.3.4-add_compression_support-PR_1557.patch

4def80
From d8518b70b912aa55fc47400173bf6229e40b71d0 Mon Sep 17 00:00:00 2001
4def80
From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= <isimluk@fedoraproject.org>
4def80
Date: Wed, 8 Jul 2020 15:17:31 +0200
4def80
Subject: [PATCH] Make a use of HTTP header content-encoding: gzip if available
4def80
4def80
When fetching remote resources, some servers/CDNs may be able to serve us
4def80
compressed http response even in cases when the original file is not compressed
4def80
XML. libcurl is able to process encoded html for us with no added maintenance
4def80
costs.
4def80
4def80
Attached please find a CURL log of fetching plain XML file from Red Hat CDN:
4def80
4def80
Downloading: https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml
4def80
...
4def80
*   Trying 104.90.105.254:443...
4def80
* Connected to www.redhat.com (104.90.105.254) port 443 (#0)
4def80
* ALPN, offering h2
4def80
* ALPN, offering http/1.1
4def80
* successfully set certificate verify locations:
4def80
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
4def80
  CApath: none
4def80
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
4def80
* ALPN, server accepted to use h2
4def80
* Server certificate:
4def80
*  subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=2945436; C=US; ST=North Carolina; L=Raleigh; O=Red Hat, Inc.; CN=www.redhat.com
4def80
*  start date: Feb 24 00:00:00 2020 GMT
4def80
*  expire date: May 24 12:00:00 2022 GMT
4def80
*  subjectAltName: host "www.redhat.com" matched cert's "www.redhat.com"
4def80
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
4def80
*  SSL certificate verify ok.
4def80
* Using HTTP2, server supports multi-use
4def80
* Connection state changed (HTTP/2 confirmed)
4def80
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
4def80
* Using Stream ID: 1 (easy handle 0x776c3b0)
4def80
> GET /security/data/oval/com.redhat.rhsa-RHEL7.xml HTTP/2
4def80
Host: www.redhat.com
4def80
accept: */*
4def80
accept-encoding: gzip
4def80
4def80
* old SSL session ID is stale, removing
4def80
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
4def80
< HTTP/2 200
4def80
< server: Apache
4def80
< last-modified: Wed, 08 Jul 2020 12:41:28 GMT
4def80
< etag: "7f694279-fca5e0-5a9ed6d376a08"
4def80
< accept-ranges: bytes
4def80
< content-type: text/xml
4def80
< content-encoding: gzip
4def80
< content-length: 1766376
4def80
< date: Wed, 08 Jul 2020 13:15:29 GMT
4def80
< vary: Accept-Encoding
4def80
< strict-transport-security: max-age=31536000
4def80
<
4def80
* Connection #0 to host www.redhat.com left intact
4def80
---
4def80
 src/common/oscap_acquire.c | 1 +
4def80
 1 file changed, 1 insertion(+)
4def80
4def80
diff --git a/src/common/oscap_acquire.c b/src/common/oscap_acquire.c
4def80
index 60ab62c05..551da43f0 100644
4def80
--- a/src/common/oscap_acquire.c
4def80
+++ b/src/common/oscap_acquire.c
4def80
@@ -302,6 +302,7 @@ char* oscap_acquire_url_download(const char *url, size_t* memory_size)
4def80
 	curl_easy_setopt(curl, CURLOPT_URL, url);
4def80
 	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_to_memory_callback);
4def80
 	curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
4def80
+	curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, "");
4def80
 	curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, true);
4def80
 
4def80
 	CURLcode res = curl_easy_perform(curl);