From 25f611ca4279927d38327b3c8b4a9f81702cd127 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 31 Mar 2003 04:41:05 +0000
Subject: Guillaume Cottenceau's patch that adds CURLOPT_UNRESTRICTED_AUTH that
 disables the host name check in the FOLLOWLOCATION code. With that option
 set, libcurl will send user+password to all hosts.

---
 lib/http.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/http.c')

diff --git a/lib/http.c b/lib/http.c
index 850731ce3..1a9bd2a1d 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -663,7 +663,8 @@ CURLcode Curl_http(struct connectdata *conn)
        host due to a location-follow, we do some weirdo checks here */
     if(!data->state.this_is_a_follow ||
        !data->state.auth_host ||
-       curl_strequal(data->state.auth_host, conn->hostname)) {
+       curl_strequal(data->state.auth_host, conn->hostname) ||
+       data->set.http_disable_hostname_check_before_authentication) {
       sprintf(data->state.buffer, "%s:%s",
               data->state.user, data->state.passwd);
       if(Curl_base64_encode(data->state.buffer, strlen(data->state.buffer),
-- 
cgit v1.2.3