From 4c187043c5aac57f354ebb96cc6ff3263411e98d Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Tue, 30 Jul 2019 12:59:35 +0200 Subject: http_negotiate: improve handling of gss_init_sec_context() failures If HTTPAUTH_GSSNEGOTIATE was used for a POST request and gss_init_sec_context() failed, the POST request was sent with empty body. This commit also restores the original behavior of `curl --fail --negotiate`, which was changed by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59. Add regression tests 2077 and 2078 to cover this. Fixes #3992 Closes #4171 --- tests/data/Makefile.inc | 3 ++- tests/data/test2077 | 42 ++++++++++++++++++++++++++++++++++++++ tests/data/test2078 | 54 +++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 tests/data/test2077 create mode 100644 tests/data/test2078 (limited to 'tests') diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 693e53d7c..3ed4a03e4 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -199,7 +199,8 @@ test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \ test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \ test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \ test2064 test2065 test2066 test2067 test2068 test2069 \ - test2071 test2072 test2073 test2074 test2075 test2076 \ + test2071 test2072 test2073 test2074 test2075 test2076 test2077 \ +test2078 \ test2080 \ test2100 \ \ diff --git a/tests/data/test2077 b/tests/data/test2077 new file mode 100644 index 000000000..0c600f5c3 --- /dev/null +++ b/tests/data/test2077 @@ -0,0 +1,42 @@ + + + +HTTP +HTTP GET +GSS-API + + + +# Server-side + + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + +This IS the real page! + + + +# Client-side + + +http + + +GSS-API + + +curl --fail --negotiate to unauthenticated service fails + + +http://%HOSTIP:%HTTPPORT/2077 -u : --fail --negotiate + + + +# Verify data after the test has been "shot" + + +0 + + + diff --git a/tests/data/test2078 b/tests/data/test2078 new file mode 100644 index 000000000..99bc2dbee --- /dev/null +++ b/tests/data/test2078 @@ -0,0 +1,54 @@ + + + +HTTP +HTTP GET +GSS-API + + + +# Server-side + + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + +This IS the real page! + + + +# Client-side + + +http + + +GSS-API + + +curl --negotiate should not send empty POST request only + + +http://%HOSTIP:%HTTPPORT/2078 -u : --negotiate --data name=value + + + +# Verify data after the test has been "shot" + + +0 + + +^User-Agent:.* + + +POST /2078 HTTP/1.1 +Host: 127.0.0.1:8990 +Accept: */* +Content-Length: 10 +Content-Type: application/x-www-form-urlencoded + +name=value + + + -- cgit v1.2.3