|
 |
9d7d3f |
From bf614e0e8a231b820160ebca2bc13afeee44c683 Mon Sep 17 00:00:00 2001
|
|
|
9d7d3f |
From: Isaac Boukris <iboukris@gmail.com>
|
|
|
9d7d3f |
Date: Fri, 27 Jan 2017 00:42:28 +0200
|
|
|
9d7d3f |
Subject: [PATCH 1/3] authneg: clear auth.multi flag at http_done
|
|
|
9d7d3f |
|
|
|
9d7d3f |
This flag is meant for the current request based on authentication
|
|
|
9d7d3f |
state, once the request is done we can clear the flag.
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Also change auth.multi to auth.multipass for better readability.
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Fixes https://github.com/curl/curl/issues/1095
|
|
|
9d7d3f |
Closes https://github.com/curl/curl/pull/1326
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
|
|
|
9d7d3f |
Reported-by: Michael Kaufmann
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Upstream-commit: 5278462c32a70cd972a8cc824a38f164151d6c6d
|
|
|
9d7d3f |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
9d7d3f |
---
|
|
|
9d7d3f |
lib/http.c | 11 ++++++++---
|
|
|
9d7d3f |
lib/urldata.h | 4 ++--
|
|
|
9d7d3f |
2 files changed, 10 insertions(+), 5 deletions(-)
|
|
|
9d7d3f |
|
|
|
9d7d3f |
diff --git a/lib/http.c b/lib/http.c
|
|
|
9d7d3f |
index db37cf9..9419bff 100644
|
|
|
9d7d3f |
--- a/lib/http.c
|
|
|
9d7d3f |
+++ b/lib/http.c
|
|
|
9d7d3f |
@@ -585,10 +585,10 @@ output_auth_headers(struct connectdata *conn,
|
|
|
9d7d3f |
proxy?"Proxy":"Server", auth,
|
|
|
9d7d3f |
proxy?(conn->proxyuser?conn->proxyuser:""):
|
|
|
9d7d3f |
(conn->user?conn->user:""));
|
|
|
9d7d3f |
- authstatus->multi = (!authstatus->done) ? TRUE : FALSE;
|
|
|
9d7d3f |
+ authstatus->multipass = (!authstatus->done) ? TRUE : FALSE;
|
|
|
9d7d3f |
}
|
|
|
9d7d3f |
else
|
|
|
9d7d3f |
- authstatus->multi = FALSE;
|
|
|
9d7d3f |
+ authstatus->multipass = FALSE;
|
|
|
9d7d3f |
|
|
|
9d7d3f |
return CURLE_OK;
|
|
|
9d7d3f |
}
|
|
|
9d7d3f |
@@ -1402,6 +1402,11 @@ CURLcode Curl_http_done(struct connectdata *conn,
|
|
|
9d7d3f |
struct SessionHandle *data = conn->data;
|
|
|
9d7d3f |
struct HTTP *http =data->state.proto.http;
|
|
|
9d7d3f |
|
|
|
9d7d3f |
+ /* Clear multipass flag. If authentication isn't done yet, then it will get
|
|
|
9d7d3f |
+ * a chance to be set back to true when we output the next auth header */
|
|
|
9d7d3f |
+ data->state.authhost.multipass = FALSE;
|
|
|
9d7d3f |
+ data->state.authproxy.multipass = FALSE;
|
|
|
9d7d3f |
+
|
|
|
9d7d3f |
Curl_unencode_cleanup(conn);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
#ifdef USE_HTTP_NEGOTIATE
|
|
|
9d7d3f |
@@ -1738,7 +1743,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
|
|
|
9d7d3f |
if(result)
|
|
|
9d7d3f |
return result;
|
|
|
9d7d3f |
|
|
|
9d7d3f |
- if((data->state.authhost.multi || data->state.authproxy.multi) &&
|
|
|
9d7d3f |
+ if((data->state.authhost.multipass || data->state.authproxy.multipass) &&
|
|
|
9d7d3f |
(httpreq != HTTPREQ_GET) &&
|
|
|
9d7d3f |
(httpreq != HTTPREQ_HEAD)) {
|
|
|
9d7d3f |
/* Auth is required and we are not authenticated yet. Make a PUT or POST
|
|
|
9d7d3f |
diff --git a/lib/urldata.h b/lib/urldata.h
|
|
|
9d7d3f |
index 3e6ace5..7e0c30d 100644
|
|
|
9d7d3f |
--- a/lib/urldata.h
|
|
|
9d7d3f |
+++ b/lib/urldata.h
|
|
|
9d7d3f |
@@ -1143,8 +1143,8 @@ struct auth {
|
|
|
9d7d3f |
this resource */
|
|
|
9d7d3f |
bool done; /* TRUE when the auth phase is done and ready to do the *actual*
|
|
|
9d7d3f |
request */
|
|
|
9d7d3f |
- bool multi; /* TRUE if this is not yet authenticated but within the auth
|
|
|
9d7d3f |
- multipass negotiation */
|
|
|
9d7d3f |
+ bool multipass; /* TRUE if this is not yet authenticated but within the
|
|
|
9d7d3f |
+ auth multipass negotiation */
|
|
|
9d7d3f |
bool iestyle; /* TRUE if digest should be done IE-style or FALSE if it should
|
|
|
9d7d3f |
be RFC compliant */
|
|
|
9d7d3f |
};
|
|
|
9d7d3f |
--
|
|
|
9d7d3f |
2.13.6
|
|
|
9d7d3f |
|
|
|
9d7d3f |
|
|
|
9d7d3f |
From 8fe4533bc8de3664f8b664fa5ab78739b5ea3d87 Mon Sep 17 00:00:00 2001
|
|
|
9d7d3f |
From: Michael Kaufmann <mail@michael-kaufmann.ch>
|
|
|
9d7d3f |
Date: Sat, 11 Mar 2017 18:22:30 +0100
|
|
|
9d7d3f |
Subject: [PATCH 2/3] curl_easy_reset: Also reset the authentication state
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Follow-up to 5278462
|
|
|
9d7d3f |
See https://github.com/curl/curl/issues/1095
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Upstream-commit: 0afbcfd800c45e766e225e4ce273b128ee6a8c25
|
|
|
9d7d3f |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
9d7d3f |
---
|
|
|
9d7d3f |
lib/easy.c | 4 ++++
|
|
|
9d7d3f |
1 file changed, 4 insertions(+)
|
|
|
9d7d3f |
|
|
|
9d7d3f |
diff --git a/lib/easy.c b/lib/easy.c
|
|
|
9d7d3f |
index 13801b2..0e9ba18 100644
|
|
|
9d7d3f |
--- a/lib/easy.c
|
|
|
9d7d3f |
+++ b/lib/easy.c
|
|
|
9d7d3f |
@@ -670,6 +670,10 @@ void curl_easy_reset(CURL *curl)
|
|
|
9d7d3f |
|
|
|
9d7d3f |
data->progress.flags |= PGRS_HIDE;
|
|
|
9d7d3f |
data->state.current_speed = -1; /* init to negative == impossible */
|
|
|
9d7d3f |
+
|
|
|
9d7d3f |
+ /* zero out authentication data: */
|
|
|
9d7d3f |
+ memset(&data->state.authhost, 0, sizeof(struct auth));
|
|
|
9d7d3f |
+ memset(&data->state.authproxy, 0, sizeof(struct auth));
|
|
|
9d7d3f |
}
|
|
|
9d7d3f |
|
|
|
9d7d3f |
/*
|
|
|
9d7d3f |
--
|
|
|
9d7d3f |
2.13.6
|
|
|
9d7d3f |
|
|
|
9d7d3f |
|
|
|
9d7d3f |
From db75a5b82f0b4b24a838fb91e9d3352d4c4c05f2 Mon Sep 17 00:00:00 2001
|
|
|
9d7d3f |
From: Michael Kaufmann <mail@michael-kaufmann.ch>
|
|
|
9d7d3f |
Date: Sat, 11 Mar 2017 20:06:56 +0100
|
|
|
9d7d3f |
Subject: [PATCH 3/3] tests: fix the authretry tests
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Do not call curl_easy_reset() between the requests, because the
|
|
|
9d7d3f |
auth state must be preserved for these tests.
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Follow-up to 0afbcfd
|
|
|
9d7d3f |
|
|
|
9d7d3f |
Upstream-commit: 8d105209933e27293cfc4f224614cea57ddd8372
|
|
|
9d7d3f |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
9d7d3f |
---
|
|
|
9d7d3f |
tests/libtest/libauthretry.c | 5 -----
|
|
|
9d7d3f |
1 file changed, 5 deletions(-)
|
|
|
9d7d3f |
|
|
|
9d7d3f |
diff --git a/tests/libtest/libauthretry.c b/tests/libtest/libauthretry.c
|
|
|
9d7d3f |
index 9576132..6342252 100644
|
|
|
9d7d3f |
--- a/tests/libtest/libauthretry.c
|
|
|
9d7d3f |
+++ b/tests/libtest/libauthretry.c
|
|
|
9d7d3f |
@@ -111,12 +111,10 @@ int test(char *url)
|
|
|
9d7d3f |
res = send_wrong_password(curl, url, 100, main_auth_scheme);
|
|
|
9d7d3f |
if (res != CURLE_OK)
|
|
|
9d7d3f |
goto test_cleanup;
|
|
|
9d7d3f |
- curl_easy_reset(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
res = send_right_password(curl, url, 200, fallback_auth_scheme);
|
|
|
9d7d3f |
if (res != CURLE_OK)
|
|
|
9d7d3f |
goto test_cleanup;
|
|
|
9d7d3f |
- curl_easy_reset(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
curl_easy_cleanup(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
@@ -131,17 +129,14 @@ int test(char *url)
|
|
|
9d7d3f |
res = send_wrong_password(curl, url, 300, main_auth_scheme);
|
|
|
9d7d3f |
if (res != CURLE_OK)
|
|
|
9d7d3f |
goto test_cleanup;
|
|
|
9d7d3f |
- curl_easy_reset(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
|
|
|
9d7d3f |
if (res != CURLE_OK)
|
|
|
9d7d3f |
goto test_cleanup;
|
|
|
9d7d3f |
- curl_easy_reset(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
res = send_right_password(curl, url, 500, fallback_auth_scheme);
|
|
|
9d7d3f |
if (res != CURLE_OK)
|
|
|
9d7d3f |
goto test_cleanup;
|
|
|
9d7d3f |
- curl_easy_reset(curl);
|
|
|
9d7d3f |
|
|
|
9d7d3f |
test_cleanup:
|
|
|
9d7d3f |
|
|
|
9d7d3f |
--
|
|
|
9d7d3f |
2.13.6
|
|
|
9d7d3f |
|