From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <git-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS31976 209.132.180.0/23
X-Spam-Status: No, score=-2.8 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_HI,
	RCVD_IN_SORBS_SPAM,RP_MATCHES_RCVD shortcircuit=no autolearn=no
	autolearn_force=no version=3.4.0
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by dcvr.yhbt.net (Postfix) with ESMTP id 171701F667
	for <e@80x24.org>; Thu, 10 Aug 2017 23:36:16 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1750909AbdHJXgO (ORCPT <rfc822;e@80x24.org>);
        Thu, 10 Aug 2017 19:36:14 -0400
Received: from sub4.mail.dreamhost.com ([69.163.253.135]:35157 "EHLO
        homiemail-a111.g.dreamhost.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1750735AbdHJXgN (ORCPT
        <rfc822;git@vger.kernel.org>); Thu, 10 Aug 2017 19:36:13 -0400
Received: from homiemail-a111.g.dreamhost.com (localhost [127.0.0.1])
        by homiemail-a111.g.dreamhost.com (Postfix) with ESMTP id 3D0C93C001C16;
        Thu, 10 Aug 2017 16:36:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=jupiterrise.com; h=subject
        :to:cc:references:from:message-id:date:mime-version:in-reply-to
        :content-type:content-transfer-encoding; s=jupiterrise.com; bh=c
        z9mywPFQAUkoUcSds5tyOWbIIw=; b=25RwQ/K6/V1bPn94ewYAEx+xDWyVki7cD
        1CYluK8bplJg39Z9pX9fqc9u92RbT+gqz6h8NKqBhM55SHllqbZbvvR1rlL0tRr7
        Oz2VzsIIFnoJqr8HJIHjdwgWowzRijX1ap9B4wGk9S0lrhre1yFRVWrCaw629/Bk
        maVcQKlOxY=
Received: from merlin.tgcnet.jupiterrise.com (2-106-159-182-static.dk.customer.tdc.net [2.106.159.182])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        (Authenticated sender: tgc99@jupiterrise.com)
        by homiemail-a111.g.dreamhost.com (Postfix) with ESMTPSA id 0895E3C001C15;
        Thu, 10 Aug 2017 16:36:13 -0700 (PDT)
Received: from odin.tgcnet.jupiterrise.com (router.tgcnet.jupiterrise.com [192.168.20.58])
        by merlin.tgcnet.jupiterrise.com (Postfix) with ESMTPSA id 8B00E60608;
        Fri, 11 Aug 2017 01:36:10 +0200 (CEST)
Received: from [IPv6:::1] (localhost [IPv6:::1])
        by odin.tgcnet.jupiterrise.com (Postfix) with ESMTP id CA0FBE800D0;
        Fri, 11 Aug 2017 01:36:09 +0200 (CEST)
Subject: Re: [PATCH 0/4] dropping support for older curl
To:     Jeff King <peff@peff.net>
Cc:     Johannes Schindelin <Johannes.Schindelin@gmx.de>,
        git@vger.kernel.org
Newsgroups: gmane.comp.version-control.git
References: <20170809120024.7phdjzjv54uv5dpz@sigill.intra.peff.net>
 <alpine.DEB.2.21.1.1708092337350.11175@virtualbox>
 <20170809214758.p77fqrwxanb4zn5a@sigill.intra.peff.net>
 <873e1f31-2a96-5b72-2f20-a5816cad1b51@jupiterrise.com>
 <20170810213236.dej4ibsag2lxf5w2@sigill.intra.peff.net>
 <fbd7e636-0087-9c2b-746f-e2413c6d2133@jupiterrise.com>
 <20170810225428.jubkaistxz33ykco@sigill.intra.peff.net>
 <c8a2716d-76ac-735c-57f9-175ca3acbcb0@jupiterrise.com>
 <20170810232315.twkrj32er552bryg@sigill.intra.peff.net>
From:   "Tom G. Christensen" <tgc@jupiterrise.com>
Message-ID: <030356f8-0472-7400-c9f6-7492788dd2d0@jupiterrise.com>
Date:   Fri, 11 Aug 2017 01:36:09 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <20170810232315.twkrj32er552bryg@sigill.intra.peff.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GH
Content-Transfer-Encoding: 7bit
Sender: git-owner@vger.kernel.org
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

On 11/08/17 01:23, Jeff King wrote:
> On Fri, Aug 11, 2017 at 01:17:51AM +0200, Tom G. Christensen wrote:
> 
>>> OK, thanks for double-checking. I'm still puzzled why your build
>>> succeeds and mine does not.
>>
>> I know what's going on now and it's so simple.
>> Red Hats version of curl 7.15.5 includes a number of patches including one
>> that backports support for CURLPROTO_* (as part of a fix for CVE-2009-0037).
>> I haven't checked el6 but I would not be surprised if there where similar
>> things going on there.
> 
> el6 should have it already as part of 7.19.7, right?
> 

Yes of course.

>> So in conclusion version based #ifdefs are misleading when used with curl as
>> shipped with RHEL.
> 
> Yeah, that's certainly an interesting finding. In this case your builds
> are missing out on redirect protection that we _could_ be providing.
> 

Yes and I'm looking into that right now.

> If we do keep the compat ifdefs around this feature, it may be worth
> converting them to "#ifdef CURLPROTO_HTTP" to more directly check the
> feature.
> 

Yes, a feature test would be better.

-tgc