login options: remove the ;[options] support from CURLOPT_USERPWD

To avoid the regression when users pass in passwords containing semi- colons, we now drop the ability to set the login options with the same options. Support for login options in CURLOPT_USERPWD was added in 7.31.0. Test case 83 was modified to verify that colons and semi-colons can be used as part of the password when using -u (CURLOPT_USERPWD). Bug: http://curl.haxx.se/bug/view.cgi?id=1311 Reported-by: Petr Bahula Assisted-by: Steve Holme Signed-off-by: Daniel Stenberg <daniel@haxx.se>
author: Daniel Stenberg <daniel@haxx.se> 2013-12-14 22:39:27 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2013-12-14 22:40:37 +0100
commit: 169fedbdce93ecf14befb6e0e1ce6a2d480252a3 (patch)
tree: a76338bb05eea5e6437424b88365ecf918526c1c /lib
parent: 32b9c30e6705ca2b96b836cd0a8380b6a23478ff (diff)
1 files changed, 6 insertions, 15 deletions
diff --git a/lib/url.c b/lib/url.c
index 7536877ba..5903628c9 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -299,13 +299,11 @@ static CURLcode setstropt(char **charp, char *s)
   return CURLE_OK;
 }
 
-static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp,
-                                  char **optionsp)
+static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)
 {
   CURLcode result = CURLE_OK;
   char *user = NULL;
   char *passwd = NULL;
-  char *options = NULL;
 
   /* Parse the login details if specified. It not then we treat NULL as a hint
      to clear the existing data */
@@ -313,7 +311,7 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp,
     result = parse_login_details(option, strlen(option),
                                  (userp ? &user : NULL),
                                  (passwdp ? &passwd : NULL),
-                                 (optionsp ? &options : NULL));
+                                 NULL);
   }
 
   if(!result) {
@@ -335,12 +333,6 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp,
       Curl_safefree(*passwdp);
       *passwdp = passwd;
     }
-
-    /* Store the options part of option if required */
-    if(optionsp) {
-      Curl_safefree(*optionsp);
-      *optionsp = options;
-    }
   }
 
   return result;
@@ -1553,12 +1545,11 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
 
   case CURLOPT_USERPWD:
     /*
-     * user:password;options to use in the operation
+     * user:password to use in the operation
      */
     result = setstropt_userpwd(va_arg(param, char *),
                                &data->set.str[STRING_USERNAME],
-                               &data->set.str[STRING_PASSWORD],
-                               &data->set.str[STRING_OPTIONS]);
+                               &data->set.str[STRING_PASSWORD]);
     break;
 
   case CURLOPT_USERNAME:
@@ -1577,7 +1568,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
                        va_arg(param, char *));
     break;
 
-  case CURLOPT_OPTIONS:
+  case CURLOPT_LOGIN_OPTIONS:
     /*
      * authentication options to use in the operation
      */
@@ -1662,7 +1653,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
      */
     result = setstropt_userpwd(va_arg(param, char *),
                                &data->set.str[STRING_PROXYUSERNAME],
-                               &data->set.str[STRING_PROXYPASSWORD], NULL);
+                               &data->set.str[STRING_PROXYPASSWORD]);
     break;
   case CURLOPT_PROXYUSERNAME:
     /*
author	Daniel Stenberg <daniel@haxx.se>	2013-12-14 22:39:27 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2013-12-14 22:40:37 +0100
commit	169fedbdce93ecf14befb6e0e1ce6a2d480252a3 (patch)
tree	a76338bb05eea5e6437424b88365ecf918526c1c /lib
parent	32b9c30e6705ca2b96b836cd0a8380b6a23478ff (diff)