Blame SOURCES/openscap-1.3.4-add_compression_support-PR_1557.patch

df9d1c
From d8518b70b912aa55fc47400173bf6229e40b71d0 Mon Sep 17 00:00:00 2001
df9d1c
From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= <isimluk@fedoraproject.org>
df9d1c
Date: Wed, 8 Jul 2020 15:17:31 +0200
df9d1c
Subject: [PATCH] Make a use of HTTP header content-encoding: gzip if available
df9d1c
df9d1c
When fetching remote resources, some servers/CDNs may be able to serve us
df9d1c
compressed http response even in cases when the original file is not compressed
df9d1c
XML. libcurl is able to process encoded html for us with no added maintenance
df9d1c
costs.
df9d1c
df9d1c
Attached please find a CURL log of fetching plain XML file from Red Hat CDN:
df9d1c
df9d1c
Downloading: https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml
df9d1c
...
df9d1c
*   Trying 104.90.105.254:443...
df9d1c
* Connected to www.redhat.com (104.90.105.254) port 443 (#0)
df9d1c
* ALPN, offering h2
df9d1c
* ALPN, offering http/1.1
df9d1c
* successfully set certificate verify locations:
df9d1c
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
df9d1c
  CApath: none
df9d1c
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
df9d1c
* ALPN, server accepted to use h2
df9d1c
* Server certificate:
df9d1c
*  subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=2945436; C=US; ST=North Carolina; L=Raleigh; O=Red Hat, Inc.; CN=www.redhat.com
df9d1c
*  start date: Feb 24 00:00:00 2020 GMT
df9d1c
*  expire date: May 24 12:00:00 2022 GMT
df9d1c
*  subjectAltName: host "www.redhat.com" matched cert's "www.redhat.com"
df9d1c
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
df9d1c
*  SSL certificate verify ok.
df9d1c
* Using HTTP2, server supports multi-use
df9d1c
* Connection state changed (HTTP/2 confirmed)
df9d1c
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
df9d1c
* Using Stream ID: 1 (easy handle 0x776c3b0)
df9d1c
> GET /security/data/oval/com.redhat.rhsa-RHEL7.xml HTTP/2
df9d1c
Host: www.redhat.com
df9d1c
accept: */*
df9d1c
accept-encoding: gzip
df9d1c
df9d1c
* old SSL session ID is stale, removing
df9d1c
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
df9d1c
< HTTP/2 200
df9d1c
< server: Apache
df9d1c
< last-modified: Wed, 08 Jul 2020 12:41:28 GMT
df9d1c
< etag: "7f694279-fca5e0-5a9ed6d376a08"
df9d1c
< accept-ranges: bytes
df9d1c
< content-type: text/xml
df9d1c
< content-encoding: gzip
df9d1c
< content-length: 1766376
df9d1c
< date: Wed, 08 Jul 2020 13:15:29 GMT
df9d1c
< vary: Accept-Encoding
df9d1c
< strict-transport-security: max-age=31536000
df9d1c
<
df9d1c
* Connection #0 to host www.redhat.com left intact
df9d1c
---
df9d1c
 src/common/oscap_acquire.c | 1 +
df9d1c
 1 file changed, 1 insertion(+)
df9d1c
df9d1c
diff --git a/src/common/oscap_acquire.c b/src/common/oscap_acquire.c
df9d1c
index 60ab62c05..551da43f0 100644
df9d1c
--- a/src/common/oscap_acquire.c
df9d1c
+++ b/src/common/oscap_acquire.c
df9d1c
@@ -302,6 +302,7 @@ char* oscap_acquire_url_download(const char *url, size_t* memory_size)
df9d1c
 	curl_easy_setopt(curl, CURLOPT_URL, url);
df9d1c
 	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_to_memory_callback);
df9d1c
 	curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
df9d1c
+	curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, "");
df9d1c
 	curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, true);
df9d1c
 
df9d1c
 	CURLcode res = curl_easy_perform(curl);