aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2005-04-25 21:39:48 +0000
committerDaniel Stenberg <daniel@haxx.se>2005-04-25 21:39:48 +0000
commit01165e08e0d131b399fba2190f17af67e66f0888 (patch)
treeedabecf2359b409ed1e10f450ace39e859a31807
parent6e1633a6c5f88479998a1e0675818c9d97d9ed90 (diff)
Fred New reported a bug where we used Basic auth and user name and password in
.netrc, and when following a Location: the subsequent requests didn't properly use the auth as found in the netrc file. Added test case 257 to verify my fix.
-rw-r--r--CHANGES5
-rw-r--r--lib/http.c1
-rw-r--r--lib/netrc.c8
-rw-r--r--lib/url.c12
-rw-r--r--lib/urldata.h1
-rw-r--r--tests/data/Makefile.am2
-rw-r--r--tests/data/test257108
7 files changed, 130 insertions, 7 deletions
diff --git a/CHANGES b/CHANGES
index 49582ae2e..90b67081c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,11 @@
Daniel (25 April 2005)
+- Fred New reported a bug where we used Basic auth and user name and password
+ in .netrc, and when following a Location: the subsequent requests didn't
+ properly use the auth as found in the netrc file. Added test case 257 to
+ verify my fix.
+
- Based on feedback from Cory Nelson, I added some preprocessor magic in
*/setup.h and */config-win32.h to build fine with VS2005 on x64.
diff --git a/lib/http.c b/lib/http.c
index c3c805956..f61ce42c4 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -465,6 +465,7 @@ Curl_http_output_auth(struct connectdata *conn,
/* To prevent the user+password to get sent to other than the original
host due to a location-follow, we do some weirdo checks here */
if(!data->state.this_is_a_follow ||
+ conn->bits.netrc ||
!data->state.first_host ||
curl_strequal(data->state.first_host, conn->host.name) ||
data->set.http_disable_hostname_check_before_authentication) {
diff --git a/lib/netrc.c b/lib/netrc.c
index e43140ac3..9b56dd4a2 100644
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -103,7 +103,7 @@ int Curl_parsenetrc(char *host,
char *override = curl_getenv("CURL_DEBUG_NETRC");
if (override) {
- printf("NETRC: overridden " NETRC " file: %s\n", home);
+ fprintf(stderr, "NETRC: overridden " NETRC " file: %s\n", override);
netrcfile = override;
netrc_alloc = TRUE;
}
@@ -171,7 +171,7 @@ int Curl_parsenetrc(char *host,
/* and yes, this is our host! */
state=HOSTVALID;
#ifdef _NETRC_DEBUG
- printf("HOST: %s\n", tok);
+ fprintf(stderr, "HOST: %s\n", tok);
#endif
retcode=0; /* we did find our host */
}
@@ -188,7 +188,7 @@ int Curl_parsenetrc(char *host,
else {
strncpy(login, tok, LOGINSIZE-1);
#ifdef _NETRC_DEBUG
- printf("LOGIN: %s\n", login);
+ fprintf(stderr, "LOGIN: %s\n", login);
#endif
}
state_login=0;
@@ -197,7 +197,7 @@ int Curl_parsenetrc(char *host,
if (state_our_login || !specific_login) {
strncpy(password, tok, PASSWORDSIZE-1);
#ifdef _NETRC_DEBUG
- printf("PASSWORD: %s\n", password);
+ fprintf(stderr, "PASSWORD: %s\n", password);
#endif
}
state_password=0;
diff --git a/lib/url.c b/lib/url.c
index e75c29043..fb9c5905d 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3147,15 +3147,23 @@ static CURLcode CreateConnection(struct SessionHandle *data,
user, passwd);
}
+ conn->bits.netrc = FALSE;
if (data->set.use_netrc != CURL_NETRC_IGNORED) {
if(Curl_parsenetrc(conn->host.name,
user, passwd,
data->set.netrc_file)) {
- infof(data, "Couldn't find host %s in the " DOT_CHAR "netrc file, using defaults\n",
+ infof(data, "Couldn't find host %s in the " DOT_CHAR
+ "netrc file, using defaults\n",
conn->host.name);
}
- else
+ else {
+ /* set bits.netrc TRUE to remember that we got the name from a .netrc
+ file, so that it is safe to use even if we followed a Location: to a
+ different host or similar. */
+ conn->bits.netrc = TRUE;
+
conn->bits.user_passwd = 1; /* enable user+password */
+ }
}
/* If our protocol needs a password and we have none, use the defaults */
diff --git a/lib/urldata.h b/lib/urldata.h
index a3b2c25ff..9bd245980 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -420,6 +420,7 @@ struct ConnectBits {
bool ftp_use_lprt; /* As set with CURLOPT_FTP_USE_EPRT, but if we find out
LPRT doesn't work we disable it for the forthcoming
requests */
+ bool netrc; /* name+password provided by netrc */
};
struct hostname {
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index ccc7023fe..8a63ce3dd 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -35,7 +35,7 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
test229 test233 test234 test235 test236 test520 test237 test238 \
test239 test243 test245 test246 test247 test248 test249 test250 \
test251 test252 test253 test254 test255 test521 test522 test523 \
- test256
+ test256 test257
# The following tests have been removed from the dist since they no longer
# work. We need to fix the test suite's FTPS server first, then bring them
diff --git a/tests/data/test257 b/tests/data/test257
new file mode 100644
index 000000000..88a872c09
--- /dev/null
+++ b/tests/data/test257
@@ -0,0 +1,108 @@
+<info>
+<keywords>
+HTTP
+HTTP GET
+followlocation
+netrc
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 301 This is a weirdo text message swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: http://anotherone.com/2570002
+Connection: close
+
+This server reply is for testing a simple Location: following
+
+</data>
+<data2>
+HTTP/1.1 302 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: http://athird.com/2570003
+
+If this is received, the location following worked
+
+</data2>
+<data3>
+HTTP/1.1 200 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+
+If this is received, the location following worked
+
+</data3>
+<datacheck>
+HTTP/1.1 301 This is a weirdo text message swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: http://anotherone.com/2570002
+Connection: close
+
+HTTP/1.1 302 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: http://athird.com/2570003
+
+HTTP/1.1 200 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+
+If this is received, the location following worked
+
+</datacheck>
+</reply>
+
+# Client-side
+<client>
+<features>
+netrc_debug
+</features>
+<server>
+http
+</server>
+ <name>
+HTTP Location: following with --netrc-optional
+ </name>
+ <command>
+http://supersite.com/want/257 -L -x http://%HOSTIP:%HTTPPORT --netrc-optional
+</command>
+
+# netrc auth for two out of three sites:
+<file name="log/netrc">
+machine supersite.com login user1 password passwd1
+machine anotherone.com login user2 password passwd2
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://supersite.com/want/257 HTTP/1.1
+Authorization: Basic dXNlcjE6cGFzc3dkMQ==
+User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: supersite.com
+Pragma: no-cache
+Accept: */*
+
+GET http://anotherone.com/2570002 HTTP/1.1
+Authorization: Basic dXNlcjI6cGFzc3dkMg==
+User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: anotherone.com
+Pragma: no-cache
+Accept: */*
+
+GET http://athird.com/2570003 HTTP/1.1
+User-Agent: curl/7.14.0-CVS (i686-pc-linux-gnu) libcurl/7.14.0-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: athird.com
+Pragma: no-cache
+Accept: */*
+
+</protocol>
+</verify>