David Shaw's fix that unifies proxy string treatment so that a proxy given

with CURLOPT_PROXY can use a http:// prefix and user + password. The user and password fields are now also URL decoded properly. Test case 264 added to verify.
author: Daniel Stenberg <daniel@haxx.se> 2005-06-22 22:24:10 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2005-06-22 22:24:10 +0000
commit: 3b60bb725913ce7339aefef0a14b12df4c24db60 (patch)
tree: 7c2b7b270cf09820f63bef9e7707ec7e148144ac /lib
parent: c73f8e835fa04e3801cc253c6dbf0fb765a29ad8 (diff)
1 files changed, 51 insertions, 58 deletions
diff --git a/lib/url.c b/lib/url.c
index 4ccd27438..469e6b33c 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2502,11 +2502,11 @@ static CURLcode CreateConnection(struct SessionHandle *data,
            "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^\n]",
            proxyuser, proxypasswd);
 
-    conn->proxyuser = strdup(proxyuser);
+    conn->proxyuser = curl_unescape(proxyuser,0);
     if(!conn->proxyuser)
       return CURLE_OUT_OF_MEMORY;
 
-    conn->proxypasswd = strdup(proxypasswd);
+    conn->proxypasswd = curl_unescape(proxypasswd,0);
     if(!conn->proxypasswd)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -2611,62 +2611,6 @@ static CURLcode CreateConnection(struct SessionHandle *data,
         }
 
         if(proxy && *proxy) {
-          /* we have a proxy here to set */
-          char *ptr;
-          char proxyuser[MAX_CURL_USER_LENGTH];
-          char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
-
-          char *fineptr;
-
-          /* skip the possible protocol piece */
-          ptr=strstr(proxy, "://");
-          if(ptr)
-            ptr += 3;
-          else
-            ptr = proxy;
-
-          fineptr = ptr;
-
-          /* check for an @-letter */
-          ptr = strchr(ptr, '@');
-          if(ptr && (2 == sscanf(fineptr,
-                                 "%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
-                                 "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
-                                 proxyuser, proxypasswd))) {
-            CURLcode res = CURLE_OK;
-
-            /* found user and password, rip them out */
-            Curl_safefree(conn->proxyuser);
-            conn->proxyuser = strdup(proxyuser);
-
-            if(!conn->proxyuser)
-              res = CURLE_OUT_OF_MEMORY;
-            else {
-              Curl_safefree(conn->proxypasswd);
-              conn->proxypasswd = strdup(proxypasswd);
-
-              if(!conn->proxypasswd)
-                res = CURLE_OUT_OF_MEMORY;
-            }
-
-            if(CURLE_OK == res) {
-              conn->bits.proxy_user_passwd = TRUE; /* enable it */
-              ptr = strdup(ptr+1); /* the right side of the @-letter */
-
-              if(ptr) {
-                free(proxy); /* free the former proxy string */
-                proxy = ptr; /* now use this instead */
-              }
-              else
-                res = CURLE_OUT_OF_MEMORY;
-            }
-
-            if(res) {
-              free(proxy); /* free the allocated proxy string */
-              return res;
-            }
-          }
-
           data->change.proxy = proxy;
           data->change.proxy_alloc=TRUE; /* this needs to be freed later */
           conn->bits.httpproxy = TRUE;
@@ -2944,6 +2888,7 @@ static CURLcode CreateConnection(struct SessionHandle *data,
     /* We use 'proxyptr' to point to the proxy name from now on... */
     char *proxyptr=proxydup;
     char *portptr;
+    char *atsign;
 
     if(NULL == proxydup) {
       failf(data, "memory shortage");
@@ -2960,6 +2905,54 @@ static CURLcode CreateConnection(struct SessionHandle *data,
     if(endofprot)
       proxyptr = endofprot+3;
 
+    /* Is there a username and password given in this proxy url? */
+    atsign = strchr(proxyptr, '@');
+    if(atsign) {
+      char proxyuser[MAX_CURL_USER_LENGTH];
+      char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
+
+      if(2 == sscanf(proxyptr,
+		     "%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
+		     "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
+		     proxyuser, proxypasswd)) {
+	CURLcode res = CURLE_OK;
+
+	/* found user and password, rip them out.  note that we are
+	   unescaping them, as there is otherwise no way to have a
+	   username or password with reserved characters like ':' in
+	   them. */
+	Curl_safefree(conn->proxyuser);
+	conn->proxyuser = curl_unescape(proxyuser,0);
+
+	if(!conn->proxyuser)
+	  res = CURLE_OUT_OF_MEMORY;
+	else {
+	  Curl_safefree(conn->proxypasswd);
+	  conn->proxypasswd = curl_unescape(proxypasswd,0);
+
+	  if(!conn->proxypasswd)
+	    res = CURLE_OUT_OF_MEMORY;
+	}
+
+	if(CURLE_OK == res) {
+	  conn->bits.proxy_user_passwd = TRUE; /* enable it */
+	  atsign = strdup(atsign+1); /* the right side of the @-letter */
+
+	  if(atsign) {
+	    free(proxydup); /* free the former proxy string */
+	    proxydup = proxyptr = atsign; /* now use this instead */
+	  }
+	  else
+	    res = CURLE_OUT_OF_MEMORY;
+	}
+
+	if(res) {
+	  free(proxydup); /* free the allocated proxy string */
+	  return res;
+	}
+      }
+    }
+
     /* start scanning for port number at this point */
     portptr = proxyptr;
author	Daniel Stenberg <daniel@haxx.se>	2005-06-22 22:24:10 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2005-06-22 22:24:10 +0000
commit	3b60bb725913ce7339aefef0a14b12df4c24db60 (patch)
tree	7c2b7b270cf09820f63bef9e7707ec7e148144ac /lib
parent	c73f8e835fa04e3801cc253c6dbf0fb765a29ad8 (diff)