diff options
author | Daniel Stenberg <daniel@haxx.se> | 2013-12-14 22:39:27 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2013-12-14 22:40:37 +0100 |
commit | 169fedbdce93ecf14befb6e0e1ce6a2d480252a3 (patch) | |
tree | a76338bb05eea5e6437424b88365ecf918526c1c /lib/url.c | |
parent | 32b9c30e6705ca2b96b836cd0a8380b6a23478ff (diff) |
login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.
Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).
Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
Diffstat (limited to 'lib/url.c')
-rw-r--r-- | lib/url.c | 21 |
1 files changed, 6 insertions, 15 deletions
@@ -299,13 +299,11 @@ static CURLcode setstropt(char **charp, char *s) return CURLE_OK; } -static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp, - char **optionsp) +static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp) { CURLcode result = CURLE_OK; char *user = NULL; char *passwd = NULL; - char *options = NULL; /* Parse the login details if specified. It not then we treat NULL as a hint to clear the existing data */ @@ -313,7 +311,7 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp, result = parse_login_details(option, strlen(option), (userp ? &user : NULL), (passwdp ? &passwd : NULL), - (optionsp ? &options : NULL)); + NULL); } if(!result) { @@ -335,12 +333,6 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp, Curl_safefree(*passwdp); *passwdp = passwd; } - - /* Store the options part of option if required */ - if(optionsp) { - Curl_safefree(*optionsp); - *optionsp = options; - } } return result; @@ -1553,12 +1545,11 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, case CURLOPT_USERPWD: /* - * user:password;options to use in the operation + * user:password to use in the operation */ result = setstropt_userpwd(va_arg(param, char *), &data->set.str[STRING_USERNAME], - &data->set.str[STRING_PASSWORD], - &data->set.str[STRING_OPTIONS]); + &data->set.str[STRING_PASSWORD]); break; case CURLOPT_USERNAME: @@ -1577,7 +1568,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, va_arg(param, char *)); break; - case CURLOPT_OPTIONS: + case CURLOPT_LOGIN_OPTIONS: /* * authentication options to use in the operation */ @@ -1662,7 +1653,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, */ result = setstropt_userpwd(va_arg(param, char *), &data->set.str[STRING_PROXYUSERNAME], - &data->set.str[STRING_PROXYPASSWORD], NULL); + &data->set.str[STRING_PROXYPASSWORD]); break; case CURLOPT_PROXYUSERNAME: /* |