login options: remove the ;[options] support from CURLOPT_USERPWD

To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>

3 files changed, 11 insertions, 2 deletions

diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index 2f9cd5afb..c1687328d 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -74,6 +74,7 @@ struct Configurable {
                     0 => -s is used to NOT show errors
                     1 => -S has been used to show errors */
   char *userpwd;
+  char *login_options;
   char *tls_username;
   char *tls_password;
   char *tls_authtype;
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index d0feb71ed..542bea022 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -218,6 +218,7 @@ static const struct LongShort aliases[]= {
   {"El", "tlspassword",              TRUE},
   {"Em", "tlsauthtype",              TRUE},
   {"En", "ssl-allow-beast",          FALSE},
+  {"Eo", "login-options",            TRUE},
   {"f",  "fail",                     FALSE},
   {"F",  "form",                     TRUE},
   {"Fs", "form-string",              TRUE},
@@ -1366,10 +1367,15 @@ ParameterError getparameter(char *flag,    /* f or -long-flag */
         else
           return PARAM_LIBCURL_DOESNT_SUPPORT;
         break;
-      case 'n': /* no empty SSL fragments */
+      case 'n': /* no empty SSL fragments, --ssl-allow-beast */
         if(curlinfo->features & CURL_VERSION_SSL)
           config->ssl_allow_beast = toggle;
         break;
+
+      case 'o': /* --login-options */
+        GetStr(&config->login_options, nextarg);
+        break;
+
       default: /* certificate file */
       {
         char *certname, *passphrase;
@@ -1687,7 +1693,7 @@ ParameterError getparameter(char *flag,    /* f or -long-flag */
     }
     break;
     case 'u':
-      /* user:password;options  */
+      /* user:password  */
       GetStr(&config->userpwd, nextarg);
       cleanarg(nextarg);
       break;
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 7b43691bb..7cb807734 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1051,6 +1051,8 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[])
           my_setopt(curl, CURLOPT_NETRC_FILE, config->netrc_file);
 
         my_setopt(curl, CURLOPT_TRANSFERTEXT, config->use_ascii?1L:0L);
+        if(config->login_options)
+          my_setopt_str(curl, CURLOPT_LOGIN_OPTIONS, config->login_options);
         my_setopt_str(curl, CURLOPT_USERPWD, config->userpwd);
         my_setopt_str(curl, CURLOPT_RANGE, config->range);
         my_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);