Fred New reported a bug where we used Basic auth and user name and password in
.netrc, and when following a Location: the subsequent requests didn't properly use the auth as found in the netrc file. Added test case 257 to verify my fix.
This commit is contained in:
Родитель
6e1633a6c5
Коммит
01165e08e0
5
CHANGES
5
CHANGES
|
@ -8,6 +8,11 @@
|
|||
|
||||
|
||||
Daniel (25 April 2005)
|
||||
- Fred New reported a bug where we used Basic auth and user name and password
|
||||
in .netrc, and when following a Location: the subsequent requests didn't
|
||||
properly use the auth as found in the netrc file. Added test case 257 to
|
||||
verify my fix.
|
||||
|
||||
- Based on feedback from Cory Nelson, I added some preprocessor magic in
|
||||
*/setup.h and */config-win32.h to build fine with VS2005 on x64.
|
||||
|
||||
|
|
|
@ -465,6 +465,7 @@ Curl_http_output_auth(struct connectdata *conn,
|
|||
/* To prevent the user+password to get sent to other than the original
|
||||
host due to a location-follow, we do some weirdo checks here */
|
||||
if(!data->state.this_is_a_follow ||
|
||||
conn->bits.netrc ||
|
||||
!data->state.first_host ||
|
||||
curl_strequal(data->state.first_host, conn->host.name) ||
|
||||
data->set.http_disable_hostname_check_before_authentication) {
|
||||
|
|
|
@ -103,7 +103,7 @@ int Curl_parsenetrc(char *host,
|
|||
char *override = curl_getenv("CURL_DEBUG_NETRC");
|
||||
|
||||
if (override) {
|
||||
printf("NETRC: overridden " NETRC " file: %s\n", home);
|
||||
fprintf(stderr, "NETRC: overridden " NETRC " file: %s\n", override);
|
||||
netrcfile = override;
|
||||
netrc_alloc = TRUE;
|
||||
}
|
||||
|
@ -171,7 +171,7 @@ int Curl_parsenetrc(char *host,
|
|||
/* and yes, this is our host! */
|
||||
state=HOSTVALID;
|
||||
#ifdef _NETRC_DEBUG
|
||||
printf("HOST: %s\n", tok);
|
||||
fprintf(stderr, "HOST: %s\n", tok);
|
||||
#endif
|
||||
retcode=0; /* we did find our host */
|
||||
}
|
||||
|
@ -188,7 +188,7 @@ int Curl_parsenetrc(char *host,
|
|||
else {
|
||||
strncpy(login, tok, LOGINSIZE-1);
|
||||
#ifdef _NETRC_DEBUG
|
||||
printf("LOGIN: %s\n", login);
|
||||
fprintf(stderr, "LOGIN: %s\n", login);
|
||||
#endif
|
||||
}
|
||||
state_login=0;
|
||||
|
@ -197,7 +197,7 @@ int Curl_parsenetrc(char *host,
|
|||
if (state_our_login || !specific_login) {
|
||||
strncpy(password, tok, PASSWORDSIZE-1);
|
||||
#ifdef _NETRC_DEBUG
|
||||
printf("PASSWORD: %s\n", password);
|
||||
fprintf(stderr, "PASSWORD: %s\n", password);
|
||||
#endif
|
||||
}
|
||||
state_password=0;
|
||||
|
|
12
lib/url.c
12
lib/url.c
|
@ -3147,15 +3147,23 @@ static CURLcode CreateConnection(struct SessionHandle *data,
|
|||
user, passwd);
|
||||
}
|
||||
|
||||
conn->bits.netrc = FALSE;
|
||||
if (data->set.use_netrc != CURL_NETRC_IGNORED) {
|
||||
if(Curl_parsenetrc(conn->host.name,
|
||||
user, passwd,
|
||||
data->set.netrc_file)) {
|
||||
infof(data, "Couldn't find host %s in the " DOT_CHAR "netrc file, using defaults\n",
|
||||
infof(data, "Couldn't find host %s in the " DOT_CHAR
|
||||
"netrc file, using defaults\n",
|
||||
conn->host.name);
|
||||
}
|
||||
else
|
||||
else {
|
||||
/* set bits.netrc TRUE to remember that we got the name from a .netrc
|
||||
file, so that it is safe to use even if we followed a Location: to a
|
||||
different host or similar. */
|
||||
conn->bits.netrc = TRUE;
|
||||
|
||||
conn->bits.user_passwd = 1; /* enable user+password */
|
||||
}
|
||||
}
|
||||
|
||||
/* If our protocol needs a password and we have none, use the defaults */
|
||||
|
|
|
@ -420,6 +420,7 @@ struct ConnectBits {
|
|||
bool ftp_use_lprt; /* As set with CURLOPT_FTP_USE_EPRT, but if we find out
|
||||
LPRT doesn't work we disable it for the forthcoming
|
||||
requests */
|
||||
bool netrc; /* name+password provided by netrc */
|
||||
};
|
||||
|
||||
struct hostname {
|
||||
|
|
|
@ -35,7 +35,7 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
|
|||
test229 test233 test234 test235 test236 test520 test237 test238 \
|
||||
test239 test243 test245 test246 test247 test248 test249 test250 \
|
||||
test251 test252 test253 test254 test255 test521 test522 test523 \
|
||||
test256
|
||||
test256 test257
|
||||
|
||||
# The following tests have been removed from the dist since they no longer
|
||||
# work. We need to fix the test suite's FTPS server first, then bring them
|
||||
|
|
|
@ -0,0 +1,108 @@
|
|||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
followlocation
|
||||
netrc
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 301 This is a weirdo text message swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Location: http://anotherone.com/2570002
|
||||
Connection: close
|
||||
|
||||
This server reply is for testing a simple Location: following
|
||||
|
||||
</data>
|
||||
<data2>
|
||||
HTTP/1.1 302 Followed here fine swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Location: http://athird.com/2570003
|
||||
|
||||
If this is received, the location following worked
|
||||
|
||||
</data2>
|
||||
<data3>
|
||||
HTTP/1.1 200 Followed here fine swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
|
||||
If this is received, the location following worked
|
||||
|
||||
</data3>
|
||||
<datacheck>
|
||||
HTTP/1.1 301 This is a weirdo text message swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Location: http://anotherone.com/2570002
|
||||
Connection: close
|
||||
|
||||
HTTP/1.1 302 Followed here fine swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Location: http://athird.com/2570003
|
||||
|
||||
HTTP/1.1 200 Followed here fine swsclose
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
|
||||
If this is received, the location following worked
|
||||
|
||||
</datacheck>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<features>
|
||||
netrc_debug
|
||||
</features>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<name>
|
||||
HTTP Location: following with --netrc-optional
|
||||
</name>
|
||||
<command>
|
||||
http://supersite.com/want/257 -L -x http://%HOSTIP:%HTTPPORT --netrc-optional
|
||||
</command>
|
||||
|
||||
# netrc auth for two out of three sites:
|
||||
<file name="log/netrc">
|
||||
machine supersite.com login user1 password passwd1
|
||||
machine anotherone.com login user2 password passwd2
|
||||
</file>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET http://supersite.com/want/257 HTTP/1.1
|
||||
Authorization: Basic dXNlcjE6cGFzc3dkMQ==
|
||||
User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: supersite.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
|
||||
GET http://anotherone.com/2570002 HTTP/1.1
|
||||
Authorization: Basic dXNlcjI6cGFzc3dkMg==
|
||||
User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: anotherone.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
|
||||
GET http://athird.com/2570003 HTTP/1.1
|
||||
User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: athird.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
Загрузка…
Ссылка в новой задаче