1From ca02a77f05bd5cef20618c8f741aa48b7be0a648 Mon Sep 17 00:00:00 2001 2From: Daniel Stenberg <daniel@haxx.se> 3Date: Tue, 27 Dec 2022 11:50:23 +0100 4Subject: [PATCH] hsts: handle adding the same host name again 5 6It will then use the largest expire time of the two entries. 7 8Conflict: NA 9Reference: https://github.com/curl/curl/commit/ca02a77f05bd5cef20618c8f741aa48b7be0a648 10--- 11 lib/hsts.c | 13 +++++++++++-- 12 1 file changed, 11 insertions(+), 2 deletions(-) 13 14diff --git a/lib/hsts.c b/lib/hsts.c 15index 339237be1c621..8d6723ee587d2 100644 16--- a/lib/hsts.c 17+++ b/lib/hsts.c 18@@ -426,14 +426,23 @@ static CURLcode hsts_add(struct hsts *h, char *line) 19 if(2 == rc) { 20 time_t expires = strcmp(date, UNLIMITED) ? Curl_getdate_capped(date) : 21 TIME_T_MAX; 22- CURLcode result; 23+ CURLcode result = CURLE_OK; 24 char *p = host; 25 bool subdomain = FALSE; 26+ struct stsentry *e; 27 if(p[0] == '.') { 28 p++; 29 subdomain = TRUE; 30 } 31- result = hsts_create(h, p, subdomain, expires); 32+ /* only add it if not already present */ 33+ e = Curl_hsts(h, p, subdomain); 34+ if(!e) 35+ result = hsts_create(h, p, subdomain, expires); 36+ else { 37+ /* the same host name, use the largest expire time */ 38+ if(expires > e->expires) 39+ e->expires = expires; 40+ } 41 if(result) 42 return result; 43 } 44