You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
167 lines
5.3 KiB
167 lines
5.3 KiB
From bf614e0e8a231b820160ebca2bc13afeee44c683 Mon Sep 17 00:00:00 2001 |
|
From: Isaac Boukris <iboukris@gmail.com> |
|
Date: Fri, 27 Jan 2017 00:42:28 +0200 |
|
Subject: [PATCH 1/3] authneg: clear auth.multi flag at http_done |
|
|
|
This flag is meant for the current request based on authentication |
|
state, once the request is done we can clear the flag. |
|
|
|
Also change auth.multi to auth.multipass for better readability. |
|
|
|
Fixes https://github.com/curl/curl/issues/1095 |
|
Closes https://github.com/curl/curl/pull/1326 |
|
|
|
Signed-off-by: Isaac Boukris <iboukris@gmail.com> |
|
Reported-by: Michael Kaufmann |
|
|
|
Upstream-commit: 5278462c32a70cd972a8cc824a38f164151d6c6d |
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com> |
|
--- |
|
lib/http.c | 11 ++++++++--- |
|
lib/urldata.h | 4 ++-- |
|
2 files changed, 10 insertions(+), 5 deletions(-) |
|
|
|
diff --git a/lib/http.c b/lib/http.c |
|
index db37cf9..9419bff 100644 |
|
--- a/lib/http.c |
|
+++ b/lib/http.c |
|
@@ -585,10 +585,10 @@ output_auth_headers(struct connectdata *conn, |
|
proxy?"Proxy":"Server", auth, |
|
proxy?(conn->proxyuser?conn->proxyuser:""): |
|
(conn->user?conn->user:"")); |
|
- authstatus->multi = (!authstatus->done) ? TRUE : FALSE; |
|
+ authstatus->multipass = (!authstatus->done) ? TRUE : FALSE; |
|
} |
|
else |
|
- authstatus->multi = FALSE; |
|
+ authstatus->multipass = FALSE; |
|
|
|
return CURLE_OK; |
|
} |
|
@@ -1402,6 +1402,11 @@ CURLcode Curl_http_done(struct connectdata *conn, |
|
struct SessionHandle *data = conn->data; |
|
struct HTTP *http =data->state.proto.http; |
|
|
|
+ /* Clear multipass flag. If authentication isn't done yet, then it will get |
|
+ * a chance to be set back to true when we output the next auth header */ |
|
+ data->state.authhost.multipass = FALSE; |
|
+ data->state.authproxy.multipass = FALSE; |
|
+ |
|
Curl_unencode_cleanup(conn); |
|
|
|
#ifdef USE_HTTP_NEGOTIATE |
|
@@ -1738,7 +1743,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) |
|
if(result) |
|
return result; |
|
|
|
- if((data->state.authhost.multi || data->state.authproxy.multi) && |
|
+ if((data->state.authhost.multipass || data->state.authproxy.multipass) && |
|
(httpreq != HTTPREQ_GET) && |
|
(httpreq != HTTPREQ_HEAD)) { |
|
/* Auth is required and we are not authenticated yet. Make a PUT or POST |
|
diff --git a/lib/urldata.h b/lib/urldata.h |
|
index 3e6ace5..7e0c30d 100644 |
|
--- a/lib/urldata.h |
|
+++ b/lib/urldata.h |
|
@@ -1143,8 +1143,8 @@ struct auth { |
|
this resource */ |
|
bool done; /* TRUE when the auth phase is done and ready to do the *actual* |
|
request */ |
|
- bool multi; /* TRUE if this is not yet authenticated but within the auth |
|
- multipass negotiation */ |
|
+ bool multipass; /* TRUE if this is not yet authenticated but within the |
|
+ auth multipass negotiation */ |
|
bool iestyle; /* TRUE if digest should be done IE-style or FALSE if it should |
|
be RFC compliant */ |
|
}; |
|
-- |
|
2.13.6 |
|
|
|
|
|
From 8fe4533bc8de3664f8b664fa5ab78739b5ea3d87 Mon Sep 17 00:00:00 2001 |
|
From: Michael Kaufmann <mail@michael-kaufmann.ch> |
|
Date: Sat, 11 Mar 2017 18:22:30 +0100 |
|
Subject: [PATCH 2/3] curl_easy_reset: Also reset the authentication state |
|
|
|
Follow-up to 5278462 |
|
See https://github.com/curl/curl/issues/1095 |
|
|
|
Upstream-commit: 0afbcfd800c45e766e225e4ce273b128ee6a8c25 |
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com> |
|
--- |
|
lib/easy.c | 4 ++++ |
|
1 file changed, 4 insertions(+) |
|
|
|
diff --git a/lib/easy.c b/lib/easy.c |
|
index 13801b2..0e9ba18 100644 |
|
--- a/lib/easy.c |
|
+++ b/lib/easy.c |
|
@@ -670,6 +670,10 @@ void curl_easy_reset(CURL *curl) |
|
|
|
data->progress.flags |= PGRS_HIDE; |
|
data->state.current_speed = -1; /* init to negative == impossible */ |
|
+ |
|
+ /* zero out authentication data: */ |
|
+ memset(&data->state.authhost, 0, sizeof(struct auth)); |
|
+ memset(&data->state.authproxy, 0, sizeof(struct auth)); |
|
} |
|
|
|
/* |
|
-- |
|
2.13.6 |
|
|
|
|
|
From db75a5b82f0b4b24a838fb91e9d3352d4c4c05f2 Mon Sep 17 00:00:00 2001 |
|
From: Michael Kaufmann <mail@michael-kaufmann.ch> |
|
Date: Sat, 11 Mar 2017 20:06:56 +0100 |
|
Subject: [PATCH 3/3] tests: fix the authretry tests |
|
|
|
Do not call curl_easy_reset() between the requests, because the |
|
auth state must be preserved for these tests. |
|
|
|
Follow-up to 0afbcfd |
|
|
|
Upstream-commit: 8d105209933e27293cfc4f224614cea57ddd8372 |
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com> |
|
--- |
|
tests/libtest/libauthretry.c | 5 ----- |
|
1 file changed, 5 deletions(-) |
|
|
|
diff --git a/tests/libtest/libauthretry.c b/tests/libtest/libauthretry.c |
|
index 9576132..6342252 100644 |
|
--- a/tests/libtest/libauthretry.c |
|
+++ b/tests/libtest/libauthretry.c |
|
@@ -111,12 +111,10 @@ int test(char *url) |
|
res = send_wrong_password(curl, url, 100, main_auth_scheme); |
|
if (res != CURLE_OK) |
|
goto test_cleanup; |
|
- curl_easy_reset(curl); |
|
|
|
res = send_right_password(curl, url, 200, fallback_auth_scheme); |
|
if (res != CURLE_OK) |
|
goto test_cleanup; |
|
- curl_easy_reset(curl); |
|
|
|
curl_easy_cleanup(curl); |
|
|
|
@@ -131,17 +129,14 @@ int test(char *url) |
|
res = send_wrong_password(curl, url, 300, main_auth_scheme); |
|
if (res != CURLE_OK) |
|
goto test_cleanup; |
|
- curl_easy_reset(curl); |
|
|
|
res = send_wrong_password(curl, url, 400, fallback_auth_scheme); |
|
if (res != CURLE_OK) |
|
goto test_cleanup; |
|
- curl_easy_reset(curl); |
|
|
|
res = send_right_password(curl, url, 500, fallback_auth_scheme); |
|
if (res != CURLE_OK) |
|
goto test_cleanup; |
|
- curl_easy_reset(curl); |
|
|
|
test_cleanup: |
|
|
|
-- |
|
2.13.6 |
|
|
|
|