1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

- Igor Novoseltsev brought a patch that introduced two new options to

curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  deprecates the good old CURLOPT_USERPWD since they allow applications to set
  the user name and password independently and perhaps more importantly allow
  both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
This commit is contained in:
Daniel Stenberg 2008-10-08 10:39:43 +00:00
parent 6814907a2c
commit 08cf6780ba
8 changed files with 92 additions and 17 deletions

View File

@ -6,6 +6,13 @@
Changelog Changelog
Daniel Stenberg (8 Oct 2008)
- Igor Novoseltsev brought a patch that introduced two new options to
curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
deprecates the good old CURLOPT_USERPWD since they allow applications to set
the user name and password independently and perhaps more importantly allow
both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
Daniel Fandrich (7 Oct 2008) Daniel Fandrich (7 Oct 2008)
- Changed the handling of read/write errors in Curl_perform() to allow a - Changed the handling of read/write errors in Curl_perform() to allow a
a fresh connection to be made in such cases and the request retransmitted. a fresh connection to be made in such cases and the request retransmitted.

View File

@ -2,7 +2,7 @@ Curl and libcurl 7.19.1
Public curl releases: 107 Public curl releases: 107
Command line options: 128 Command line options: 128
curl_easy_setopt() options: 154 curl_easy_setopt() options: 156
Public functions in libcurl: 58 Public functions in libcurl: 58
Known libcurl bindings: 37 Known libcurl bindings: 37
Contributors: 672 Contributors: 672
@ -14,6 +14,7 @@ This release includes the following changes:
o Added CURLOPT_POSTREDIR o Added CURLOPT_POSTREDIR
o Better detect HTTP 1.0 servers and don't do HTTP 1.1 requests on them o Better detect HTTP 1.0 servers and don't do HTTP 1.1 requests on them
o configure --disable-proxy disables proxy o configure --disable-proxy disables proxy
o Added CURLOPT_USERNAME and CURLOPT_PASSWORD
This release includes the following bugfixes: This release includes the following bugfixes:
@ -48,6 +49,7 @@ advice from friends like these:
Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev, Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev,
Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin, Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,
Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden, Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden,
Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger,
Igor Novoseltsev
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

View File

@ -160,10 +160,10 @@ may have been fixed since this was written!
doesn't do a HEAD first to get the initial size. This needs to be done doesn't do a HEAD first to get the initial size. This needs to be done
manually for HTTP PUT resume to work, and then '-C [index]'. manually for HTTP PUT resume to work, and then '-C [index]'.
7. CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD have no way of providing user names 7. CURLOPT_PROXYUSERPWD has no way of providing user names that contain a
that contain a colon. This can't be fixed easily in a backwards compatible colon. This can't be fixed easily in a backwards compatible way without
way without adding new options (and then, they should most probably allow adding new options. CURLOPT_USERPWD was split into CURLOPT_USERNAME and
setting user name and password separately). CURLOPT_PASSWORD for this reason.
6. libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that 6. libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that
such parts should be sent to the server as 'CWD ' (without an argument). such parts should be sent to the server as 'CWD ' (without an argument).

View File

@ -601,14 +601,34 @@ to prevent accidental information leakage.
Pass a char * as parameter, which should be [user name]:[password] to use for Pass a char * as parameter, which should be [user name]:[password] to use for
the connection to the HTTP proxy. Use \fICURLOPT_PROXYAUTH\fP to decide the connection to the HTTP proxy. Use \fICURLOPT_PROXYAUTH\fP to decide
authentication method. authentication method.
.IP CURLOPT_USERNAME
Pass a char * as parameter, which should be pointing to the zero terminated
user name to use for the transfer.
The CURLOPT_USERNAME option should be used in same way as the
\fICURLOPT_USERPWD\fP is used. In comparison to \fICURLOPT_USERPWD\fP the
CURLOPT_USERNAME allows the username to contain colon, like in following
example: "sip:user@example.com". Note the CURLOPT_USERNAME option is an
alternative way to set the user name. There is no meaning to use it together
with the \fICURLOPT_USERPWD\fP option.
In order to specify the password to be used in conjunction with the user name
use the \fICURLOPT_PASSWORD\fP option. (Added in 7.19.1)
.IP CURLOPT_PASSWORD
Pass a char * as parameter, which should be pointing to the zero terminated
password to use for the transfer.
The CURLOPT_PASSWORD option should be used in conjunction with
as the \fICURLOPT_USERNAME\fP option. (Added in 7.19.1)
.IP CURLOPT_HTTPAUTH .IP CURLOPT_HTTPAUTH
Pass a long as parameter, which is set to a bitmask, to tell libcurl what Pass a long as parameter, which is set to a bitmask, to tell libcurl what
authentication method(s) you want it to use. The available bits are listed authentication method(s) you want it to use. The available bits are listed
below. If more than one bit is set, libcurl will first query the site to see below. If more than one bit is set, libcurl will first query the site to see
what authentication methods it supports and then pick the best one you allow what authentication methods it supports and then pick the best one you allow
it to use. For some methods, this will induce an extra network round-trip. Set it to use. For some methods, this will induce an extra network round-trip. Set
the actual name and password with the \fICURLOPT_USERPWD\fP option. (Added in the actual name and password with the \fICURLOPT_USERPWD\fP option or
7.10.6) with the \fICURLOPT_USERNAME\fP and the \fICURLOPT_USERPASSWORD\fP options.
(Added in 7.10.6)
.RS .RS
.IP CURLAUTH_BASIC .IP CURLAUTH_BASIC
HTTP Basic authentication. This is the default choice, and the only method HTTP Basic authentication. This is the default choice, and the only method

View File

@ -1141,6 +1141,10 @@ typedef enum {
working with OpenSSL-powered builds. */ working with OpenSSL-powered builds. */
CINIT(CERTINFO, LONG, 172), CINIT(CERTINFO, LONG, 172),
/* "name" and "pwd" to use when fetching. */
CINIT(USERNAME, OBJECTPOINT, 173),
CINIT(PASSWORD, OBJECTPOINT, 174),
CURLOPT_LASTENTRY /* the last unused */ CURLOPT_LASTENTRY /* the last unused */
} CURLoption; } CURLoption;

View File

@ -196,6 +196,8 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
(option) == CURLOPT_INTERFACE || \ (option) == CURLOPT_INTERFACE || \
(option) == CURLOPT_NETRC_FILE || \ (option) == CURLOPT_NETRC_FILE || \
(option) == CURLOPT_USERPWD || \ (option) == CURLOPT_USERPWD || \
(option) == CURLOPT_USERNAME || \
(option) == CURLOPT_PASSWORD || \
(option) == CURLOPT_PROXYUSERPWD || \ (option) == CURLOPT_PROXYUSERPWD || \
(option) == CURLOPT_ENCODING || \ (option) == CURLOPT_ENCODING || \
(option) == CURLOPT_REFERER || \ (option) == CURLOPT_REFERER || \

View File

@ -1500,7 +1500,45 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
/* /*
* user:password to use in the operation * user:password to use in the operation
*/ */
result = setstropt(&data->set.str[STRING_USERPWD], {
char* userpwd = va_arg(param, char *);
char* separator = strchr(userpwd, ':');
if (separator != NULL) {
/* store username part of option */
char * p;
size_t username_len = (size_t)(separator-userpwd);
p = malloc(username_len+1);
if(!p)
result = CURLE_OUT_OF_MEMORY;
else {
memcpy(p, userpwd, username_len);
p[username_len] = '\0';
data->set.str[STRING_USERNAME] = p;
}
/* store password part of option */
if (result == CURLE_OK) {
result = setstropt(&data->set.str[STRING_PASSWORD], separator+1);
}
}
else {
result = setstropt(&data->set.str[STRING_USERNAME], userpwd);
}
}
break;
case CURLOPT_USERNAME:
/*
* user:password to use in the operation
*/
result = setstropt(&data->set.str[STRING_USERNAME],
va_arg(param, char *));
break;
case CURLOPT_PASSWORD:
/*
* user:password to use in the operation
*/
result = setstropt(&data->set.str[STRING_PASSWORD],
va_arg(param, char *)); va_arg(param, char *));
break; break;
case CURLOPT_POSTQUOTE: case CURLOPT_POSTQUOTE:
@ -3701,12 +3739,13 @@ static void override_userpass(struct SessionHandle *data,
struct connectdata *conn, struct connectdata *conn,
char *user, char *passwd) char *user, char *passwd)
{ {
if(data->set.str[STRING_USERPWD] != NULL) { if(data->set.str[STRING_USERNAME] != NULL) {
/* the name is given, get user+password */ strncpy(user, data->set.str[STRING_USERNAME], MAX_CURL_USER_LENGTH);
sscanf(data->set.str[STRING_USERPWD], user[MAX_CURL_USER_LENGTH-1] = '\0'; /*To be on safe side*/
"%" MAX_CURL_USER_LENGTH_TXT "[^:]:" }
"%" MAX_CURL_PASSWORD_LENGTH_TXT "[^\n]", if(data->set.str[STRING_PASSWORD] != NULL) {
user, passwd); strncpy(passwd, data->set.str[STRING_PASSWORD], MAX_CURL_PASSWORD_LENGTH);
passwd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
} }
conn->bits.netrc = FALSE; conn->bits.netrc = FALSE;
@ -3985,7 +4024,7 @@ static CURLcode create_conn(struct SessionHandle *data,
&& (conn->proxytype == CURLPROXY_HTTP)); && (conn->proxytype == CURLPROXY_HTTP));
conn->bits.user_passwd = (bool)(NULL != data->set.str[STRING_USERPWD]); conn->bits.user_passwd = (bool)(NULL != data->set.str[STRING_USERNAME]);
conn->bits.proxy_user_passwd = (bool)(NULL != data->set.str[STRING_PROXYUSERPWD]); conn->bits.proxy_user_passwd = (bool)(NULL != data->set.str[STRING_PROXYUSERPWD]);
conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy; conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
conn->bits.ftp_use_epsv = data->set.ftp_use_epsv; conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;

View File

@ -1334,10 +1334,11 @@ enum dupstring {
STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */ STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */
STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */ STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */
STRING_USERAGENT, /* User-Agent string */ STRING_USERAGENT, /* User-Agent string */
STRING_USERPWD, /* <user:password>, if used */
STRING_SSH_HOST_PUBLIC_KEY_MD5, /* md5 of host public key in ascii hex */ STRING_SSH_HOST_PUBLIC_KEY_MD5, /* md5 of host public key in ascii hex */
STRING_SSL_CRLFILE, /* crl file to check certificate */ STRING_SSL_CRLFILE, /* crl file to check certificate */
STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */ STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */
STRING_USERNAME, /* <username>, if used */
STRING_PASSWORD, /* <password>, if used */
/* -- end of strings -- */ /* -- end of strings -- */
STRING_LAST /* not used, just an end-of-list marker */ STRING_LAST /* not used, just an end-of-list marker */