- Constantine Sapuntzakis posted bug report #2813123

(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  problem:

  Url A is accessed using auth. Url A redirects to Url B (on a different
  server0. Url B reuses a persistent connection. Url B has auth, even though
  it's on a different server.

  Note: if Url B does not reuse a persistent connection, auth is not sent.
This commit is contained in:
Daniel Stenberg 2009-07-08 07:00:40 +00:00
parent 2aaff16a87
commit 5cf78472e1
3 changed files with 36 additions and 13 deletions

23
CHANGES
View File

@ -6,6 +6,27 @@
Changelog Changelog
Daniel Stenberg (8 Jul 2009)
- Constantine Sapuntzakis posted bug report #2813123
(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
problem:
Url A is accessed using auth. Url A redirects to Url B (on a different
server0. Url B reuses a persistent connection. Url B has auth, even though
it's on a different server.
Note: if Url B does not reuse a persistent connection, auth is not sent.
reason:
data->state.first_host is not initialized becuase Curl_http_connect is not
called when a connection is reused.
Solution:
move initialization of data->state.first_host to Curl_http. No code before
Curl_http uses data->state.first_host anyway.
Guenter Knauf (4 Jul 2009) Guenter Knauf (4 Jul 2009)
- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a - Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
couple of both IPv4 and IPv6 autobuilds. couple of both IPv4 and IPv6 autobuilds.
@ -125,7 +146,7 @@ Daniel Stenberg (4 June 2009)
knows it will just get a 401/407 back. If the app then replaced the knows it will just get a 401/407 back. If the app then replaced the
Content-Length header, it caused the server to wait for input that libcurl Content-Length header, it caused the server to wait for input that libcurl
wouldn't send. Aaron Oneal reported this problem in bug report #2799008 wouldn't send. Aaron Oneal reported this problem in bug report #2799008
http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix. (http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
Yang Tse (4 Jun 2009) Yang Tse (4 Jun 2009)
- Igor Novoseltsev provided patches and information, that after some - Igor Novoseltsev provided patches and information, that after some

View File

@ -31,6 +31,7 @@ This release includes the following bugfixes:
o ftp credentials are added to the url if needed for http proxies o ftp credentials are added to the url if needed for http proxies
o curl -o - sends data to stdout using binary mode on windows o curl -o - sends data to stdout using binary mode on windows
o fixed the separators for "array" style string that CURLINFO_CERTINFO returns o fixed the separators for "array" style string that CURLINFO_CERTINFO returns
o auth problem over several hosts with re-used connection
This release includes the following known bugs: This release includes the following known bugs:
@ -42,6 +43,7 @@ advice from friends like these:
Yang Tse, Daniel Fandrich, Kamil Dudka, Caolan McNamara, Frank McGeough, Yang Tse, Daniel Fandrich, Kamil Dudka, Caolan McNamara, Frank McGeough,
Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg, Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg,
Aaron Oneal, Igor Novoseltsev, Eric Wong, Bill Hoffman, Daniel Steinberg, Aaron Oneal, Igor Novoseltsev, Eric Wong, Bill Hoffman, Daniel Steinberg,
Fabian Keil, Michal Marek, Reuven Wachtfogel, Markus Koetter Fabian Keil, Michal Marek, Reuven Wachtfogel, Markus Koetter,
Constantine Sapuntzakis
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

View File

@ -1780,17 +1780,6 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
} }
#endif /* CURL_DISABLE_PROXY */ #endif /* CURL_DISABLE_PROXY */
if(!data->state.this_is_a_follow) {
/* this is not a followed location, get the original host name */
if(data->state.first_host)
/* Free to avoid leaking memory on multiple requests*/
free(data->state.first_host);
data->state.first_host = strdup(conn->host.name);
if(!data->state.first_host)
return CURLE_OUT_OF_MEMORY;
}
if(conn->protocol & PROT_HTTPS) { if(conn->protocol & PROT_HTTPS) {
/* perform SSL initialization */ /* perform SSL initialization */
if(data->state.used_interface == Curl_if_multi) { if(data->state.used_interface == Curl_if_multi) {
@ -2094,6 +2083,17 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
else else
http = data->state.proto.http; http = data->state.proto.http;
if(!data->state.this_is_a_follow) {
/* this is not a followed location, get the original host name */
if(data->state.first_host)
/* Free to avoid leaking memory on multiple requests*/
free(data->state.first_host);
data->state.first_host = strdup(conn->host.name);
if(!data->state.first_host)
return CURLE_OUT_OF_MEMORY;
}
if( (conn->protocol&(PROT_HTTP|PROT_FTP)) && if( (conn->protocol&(PROT_HTTP|PROT_FTP)) &&
data->set.upload) { data->set.upload) {
httpreq = HTTPREQ_PUT; httpreq = HTTPREQ_PUT;