aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/url.c109
-rw-r--r--tests/data/Makefile.am2
-rw-r--r--tests/data/test26447
3 files changed, 99 insertions, 59 deletions
diff --git a/lib/url.c b/lib/url.c
index 4ccd27438..469e6b33c 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2502,11 +2502,11 @@ static CURLcode CreateConnection(struct SessionHandle *data,
"%" MAX_CURL_PASSWORD_LENGTH_TXT "[^\n]",
proxyuser, proxypasswd);
- conn->proxyuser = strdup(proxyuser);
+ conn->proxyuser = curl_unescape(proxyuser,0);
if(!conn->proxyuser)
return CURLE_OUT_OF_MEMORY;
- conn->proxypasswd = strdup(proxypasswd);
+ conn->proxypasswd = curl_unescape(proxypasswd,0);
if(!conn->proxypasswd)
return CURLE_OUT_OF_MEMORY;
}
@@ -2611,62 +2611,6 @@ static CURLcode CreateConnection(struct SessionHandle *data,
}
if(proxy && *proxy) {
- /* we have a proxy here to set */
- char *ptr;
- char proxyuser[MAX_CURL_USER_LENGTH];
- char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
-
- char *fineptr;
-
- /* skip the possible protocol piece */
- ptr=strstr(proxy, "://");
- if(ptr)
- ptr += 3;
- else
- ptr = proxy;
-
- fineptr = ptr;
-
- /* check for an @-letter */
- ptr = strchr(ptr, '@');
- if(ptr && (2 == sscanf(fineptr,
- "%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
- "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
- proxyuser, proxypasswd))) {
- CURLcode res = CURLE_OK;
-
- /* found user and password, rip them out */
- Curl_safefree(conn->proxyuser);
- conn->proxyuser = strdup(proxyuser);
-
- if(!conn->proxyuser)
- res = CURLE_OUT_OF_MEMORY;
- else {
- Curl_safefree(conn->proxypasswd);
- conn->proxypasswd = strdup(proxypasswd);
-
- if(!conn->proxypasswd)
- res = CURLE_OUT_OF_MEMORY;
- }
-
- if(CURLE_OK == res) {
- conn->bits.proxy_user_passwd = TRUE; /* enable it */
- ptr = strdup(ptr+1); /* the right side of the @-letter */
-
- if(ptr) {
- free(proxy); /* free the former proxy string */
- proxy = ptr; /* now use this instead */
- }
- else
- res = CURLE_OUT_OF_MEMORY;
- }
-
- if(res) {
- free(proxy); /* free the allocated proxy string */
- return res;
- }
- }
-
data->change.proxy = proxy;
data->change.proxy_alloc=TRUE; /* this needs to be freed later */
conn->bits.httpproxy = TRUE;
@@ -2944,6 +2888,7 @@ static CURLcode CreateConnection(struct SessionHandle *data,
/* We use 'proxyptr' to point to the proxy name from now on... */
char *proxyptr=proxydup;
char *portptr;
+ char *atsign;
if(NULL == proxydup) {
failf(data, "memory shortage");
@@ -2960,6 +2905,54 @@ static CURLcode CreateConnection(struct SessionHandle *data,
if(endofprot)
proxyptr = endofprot+3;
+ /* Is there a username and password given in this proxy url? */
+ atsign = strchr(proxyptr, '@');
+ if(atsign) {
+ char proxyuser[MAX_CURL_USER_LENGTH];
+ char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
+
+ if(2 == sscanf(proxyptr,
+ "%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
+ "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
+ proxyuser, proxypasswd)) {
+ CURLcode res = CURLE_OK;
+
+ /* found user and password, rip them out. note that we are
+ unescaping them, as there is otherwise no way to have a
+ username or password with reserved characters like ':' in
+ them. */
+ Curl_safefree(conn->proxyuser);
+ conn->proxyuser = curl_unescape(proxyuser,0);
+
+ if(!conn->proxyuser)
+ res = CURLE_OUT_OF_MEMORY;
+ else {
+ Curl_safefree(conn->proxypasswd);
+ conn->proxypasswd = curl_unescape(proxypasswd,0);
+
+ if(!conn->proxypasswd)
+ res = CURLE_OUT_OF_MEMORY;
+ }
+
+ if(CURLE_OK == res) {
+ conn->bits.proxy_user_passwd = TRUE; /* enable it */
+ atsign = strdup(atsign+1); /* the right side of the @-letter */
+
+ if(atsign) {
+ free(proxydup); /* free the former proxy string */
+ proxydup = proxyptr = atsign; /* now use this instead */
+ }
+ else
+ res = CURLE_OUT_OF_MEMORY;
+ }
+
+ if(res) {
+ free(proxydup); /* free the allocated proxy string */
+ return res;
+ }
+ }
+ }
+
/* start scanning for port number at this point */
portptr = proxyptr;
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index eb386854f..e198940a8 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -32,4 +32,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
test231 test232 test228 test229 test233 test234 test235 test236 test520 \
test237 test238 test239 test243 test245 test246 test247 test248 test249 \
test250 test251 test252 test253 test254 test255 test521 test522 test523 \
- test256 test257 test258 test259 test260 test261 test262 test263
+ test256 test257 test258 test259 test260 test261 test262 test263 test264
diff --git a/tests/data/test264 b/tests/data/test264
new file mode 100644
index 000000000..bdee38f40
--- /dev/null
+++ b/tests/data/test264
@@ -0,0 +1,47 @@
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP proxy
+HTTP proxy Basic auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Type: text/html
+
+the content would go here
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP with proxy string including http:// and user+password
+ </name>
+ <command>
+http://we.want.that.site.com/264 -x http://fake:user@%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://we.want.that.site.com/264 HTTP/1.1
+Proxy-Authorization: Basic ZmFrZTp1c2Vy
+Host: we.want.that.site.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>