aboutsummaryrefslogtreecommitdiff
path: root/tests/data/test540
diff options
context:
space:
mode:
authorIsaac Boukris <iboukris@gmail.com>2017-03-23 21:28:28 +0200
committerJay Satiro <raysatiro@yahoo.com>2017-03-28 03:54:43 -0400
commit7975d10cf8a3fe9b35867509b9ef10d06614eb3a (patch)
tree1285a6d7bfd9bb69e1b765d4fa9c1eba00503fb8 /tests/data/test540
parentb04e4ebdd87619d7235ac574275ed11f2a540721 (diff)
http: Fix proxy connection reuse with basic-auth
When using basic-auth, connections and proxy connections can be re-used with different Authorization headers since it does not authenticate the connection (like NTLM does). For instance, the below command should re-use the proxy connection, but it currently doesn't: curl -v -U alice:a -x http://localhost:8181 http://localhost/ --next -U bob:b -x http://localhost:8181 http://localhost/ This is a regression since refactoring of ConnectionExists() as part of: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151 Fix the above by removing the username and password compare when re-using proxy connection at proxy_info_matches(). However, this fix brings back another bug would make curl to re-print the old proxy-authorization header of previous proxy basic-auth connection because it wasn't cleared. For instance, in the below command the second request should fail if the proxy requires authentication, but would succeed after the above fix (and before aforementioned commit): curl -v -U alice:a -x http://localhost:8181 http://localhost/ --next -x http://localhost:8181 http://localhost/ Fix this by clearing conn->allocptr.proxyuserpwd after use unconditionally, same as we do for conn->allocptr.userpwd. Also fix test 540 to not expect digest auth header to be resent when connection is reused. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Closes https://github.com/curl/curl/pull/1350
Diffstat (limited to 'tests/data/test540')
-rw-r--r--tests/data/test54013
1 files changed, 13 insertions, 0 deletions
diff --git a/tests/data/test540 b/tests/data/test540
index 8decaea9d..8391cbe78 100644
--- a/tests/data/test540
+++ b/tests/data/test540
@@ -11,6 +11,9 @@ multi
# Server-side
<reply>
+<servercmd>
+connection-monitor
+</servercmd>
# this is returned first since we get no proxy-auth
<data>
@@ -40,6 +43,10 @@ Content-Length: 21
Server: no
Nice proxy auth sir!
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"
+Content-Length: 33
+
HTTP/1.1 200 OK
Content-Length: 21
Server: no
@@ -88,10 +95,16 @@ Proxy-Connection: Keep-Alive
GET http://test.remote.example.com/path/540 HTTP/1.1
Host: custom.set.host.name
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://test.remote.example.com/path/540 HTTP/1.1
+Host: custom.set.host.name
Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/540", response="ca507dcf189196b6a5374d3233042261"
Accept: */*
Proxy-Connection: Keep-Alive
+[DISCONNECT]
</protocol>
</verify>
</testcase>