From 3b60bb725913ce7339aefef0a14b12df4c24db60 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Jun 2005 22:24:10 +0000 Subject: David Shaw's fix that unifies proxy string treatment so that a proxy given with CURLOPT_PROXY can use a http:// prefix and user + password. The user and password fields are now also URL decoded properly. Test case 264 added to verify. --- lib/url.c | 109 +++++++++++++++++++++++-------------------------- tests/data/Makefile.am | 2 +- tests/data/test264 | 47 +++++++++++++++++++++ 3 files changed, 99 insertions(+), 59 deletions(-) create mode 100644 tests/data/test264 diff --git a/lib/url.c b/lib/url.c index 4ccd27438..469e6b33c 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2502,11 +2502,11 @@ static CURLcode CreateConnection(struct SessionHandle *data, "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^\n]", proxyuser, proxypasswd); - conn->proxyuser = strdup(proxyuser); + conn->proxyuser = curl_unescape(proxyuser,0); if(!conn->proxyuser) return CURLE_OUT_OF_MEMORY; - conn->proxypasswd = strdup(proxypasswd); + conn->proxypasswd = curl_unescape(proxypasswd,0); if(!conn->proxypasswd) return CURLE_OUT_OF_MEMORY; } @@ -2611,62 +2611,6 @@ static CURLcode CreateConnection(struct SessionHandle *data, } if(proxy && *proxy) { - /* we have a proxy here to set */ - char *ptr; - char proxyuser[MAX_CURL_USER_LENGTH]; - char proxypasswd[MAX_CURL_PASSWORD_LENGTH]; - - char *fineptr; - - /* skip the possible protocol piece */ - ptr=strstr(proxy, "://"); - if(ptr) - ptr += 3; - else - ptr = proxy; - - fineptr = ptr; - - /* check for an @-letter */ - ptr = strchr(ptr, '@'); - if(ptr && (2 == sscanf(fineptr, - "%" MAX_CURL_USER_LENGTH_TXT"[^:]:" - "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]", - proxyuser, proxypasswd))) { - CURLcode res = CURLE_OK; - - /* found user and password, rip them out */ - Curl_safefree(conn->proxyuser); - conn->proxyuser = strdup(proxyuser); - - if(!conn->proxyuser) - res = CURLE_OUT_OF_MEMORY; - else { - Curl_safefree(conn->proxypasswd); - conn->proxypasswd = strdup(proxypasswd); - - if(!conn->proxypasswd) - res = CURLE_OUT_OF_MEMORY; - } - - if(CURLE_OK == res) { - conn->bits.proxy_user_passwd = TRUE; /* enable it */ - ptr = strdup(ptr+1); /* the right side of the @-letter */ - - if(ptr) { - free(proxy); /* free the former proxy string */ - proxy = ptr; /* now use this instead */ - } - else - res = CURLE_OUT_OF_MEMORY; - } - - if(res) { - free(proxy); /* free the allocated proxy string */ - return res; - } - } - data->change.proxy = proxy; data->change.proxy_alloc=TRUE; /* this needs to be freed later */ conn->bits.httpproxy = TRUE; @@ -2944,6 +2888,7 @@ static CURLcode CreateConnection(struct SessionHandle *data, /* We use 'proxyptr' to point to the proxy name from now on... */ char *proxyptr=proxydup; char *portptr; + char *atsign; if(NULL == proxydup) { failf(data, "memory shortage"); @@ -2960,6 +2905,54 @@ static CURLcode CreateConnection(struct SessionHandle *data, if(endofprot) proxyptr = endofprot+3; + /* Is there a username and password given in this proxy url? */ + atsign = strchr(proxyptr, '@'); + if(atsign) { + char proxyuser[MAX_CURL_USER_LENGTH]; + char proxypasswd[MAX_CURL_PASSWORD_LENGTH]; + + if(2 == sscanf(proxyptr, + "%" MAX_CURL_USER_LENGTH_TXT"[^:]:" + "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]", + proxyuser, proxypasswd)) { + CURLcode res = CURLE_OK; + + /* found user and password, rip them out. note that we are + unescaping them, as there is otherwise no way to have a + username or password with reserved characters like ':' in + them. */ + Curl_safefree(conn->proxyuser); + conn->proxyuser = curl_unescape(proxyuser,0); + + if(!conn->proxyuser) + res = CURLE_OUT_OF_MEMORY; + else { + Curl_safefree(conn->proxypasswd); + conn->proxypasswd = curl_unescape(proxypasswd,0); + + if(!conn->proxypasswd) + res = CURLE_OUT_OF_MEMORY; + } + + if(CURLE_OK == res) { + conn->bits.proxy_user_passwd = TRUE; /* enable it */ + atsign = strdup(atsign+1); /* the right side of the @-letter */ + + if(atsign) { + free(proxydup); /* free the former proxy string */ + proxydup = proxyptr = atsign; /* now use this instead */ + } + else + res = CURLE_OUT_OF_MEMORY; + } + + if(res) { + free(proxydup); /* free the allocated proxy string */ + return res; + } + } + } + /* start scanning for port number at this point */ portptr = proxyptr; diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index eb386854f..e198940a8 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -32,4 +32,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ test231 test232 test228 test229 test233 test234 test235 test236 test520 \ test237 test238 test239 test243 test245 test246 test247 test248 test249 \ test250 test251 test252 test253 test254 test255 test521 test522 test523 \ - test256 test257 test258 test259 test260 test261 test262 test263 + test256 test257 test258 test259 test260 test261 test262 test263 test264 diff --git a/tests/data/test264 b/tests/data/test264 new file mode 100644 index 000000000..bdee38f40 --- /dev/null +++ b/tests/data/test264 @@ -0,0 +1,47 @@ + + +HTTP +HTTP GET +HTTP proxy +HTTP proxy Basic auth + + +# Server-side + + +HTTP/1.1 200 OK swsclose +Date: Thu, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html + +the content would go here + + + +# Client-side + + +http + + +HTTP with proxy string including http:// and user+password + + +http://we.want.that.site.com/264 -x http://fake:user@%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET http://we.want.that.site.com/264 HTTP/1.1 +Proxy-Authorization: Basic ZmFrZTp1c2Vy +Host: we.want.that.site.com +Pragma: no-cache +Accept: */* +Proxy-Connection: Keep-Alive + + + -- cgit v1.2.3