mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to write the result to a given cookie jar and then never actually call curl_easy_perform() - the given file(s) to read was never read but the output file was written and thus it caused a "funny" result. - While doing some tests for the bug above, I noticed that Firefox generates large numbers (for the expire time) in the cookies.txt file and libcurl didn't treat them properly. Now it does.
This commit is contained in:
parent
362912ff83
commit
a676c18502
11
CHANGES
11
CHANGES
@ -7,6 +7,17 @@
|
|||||||
Changelog
|
Changelog
|
||||||
|
|
||||||
|
|
||||||
|
Daniel (17 August 2005)
|
||||||
|
- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
|
||||||
|
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
|
||||||
|
write the result to a given cookie jar and then never actually call
|
||||||
|
curl_easy_perform() - the given file(s) to read was never read but the
|
||||||
|
output file was written and thus it caused a "funny" result.
|
||||||
|
|
||||||
|
- While doing some tests for the bug above, I noticed that Firefox generates
|
||||||
|
large numbers (for the expire time) in the cookies.txt file and libcurl
|
||||||
|
didn't treat them properly. Now it does.
|
||||||
|
|
||||||
Daniel (15 August 2005)
|
Daniel (15 August 2005)
|
||||||
- Added more verbose "warning" messages to the curl client for cases where it
|
- Added more verbose "warning" messages to the curl client for cases where it
|
||||||
fails to open/read files etc to help users diagnose why it doesn't do what
|
fails to open/read files etc to help users diagnose why it doesn't do what
|
||||||
|
@ -59,6 +59,6 @@ advice from friends like these:
|
|||||||
John McGowan, Georg Wicherski, Andres Garcia, Eric Cooper, Todd Kulesza,
|
John McGowan, Georg Wicherski, Andres Garcia, Eric Cooper, Todd Kulesza,
|
||||||
Tupone Alfredo, Gisle Vanem, David Shaw, Andrew Bushnell, Dan Fandrich,
|
Tupone Alfredo, Gisle Vanem, David Shaw, Andrew Bushnell, Dan Fandrich,
|
||||||
Adrian Schuur, Diego Casorran, Peteris Krumins, Jon Grubbs, Christopher
|
Adrian Schuur, Diego Casorran, Peteris Krumins, Jon Grubbs, Christopher
|
||||||
R. Palmer, Mario Schroeder, Richard Clayton, James Bursa
|
R. Palmer, Mario Schroeder, Richard Clayton, James Bursa, Jeff Pohlmeyer
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
29
lib/cookie.c
29
lib/cookie.c
@ -94,6 +94,8 @@ Example set of cookies:
|
|||||||
#include "strtok.h"
|
#include "strtok.h"
|
||||||
#include "sendf.h"
|
#include "sendf.h"
|
||||||
#include "memory.h"
|
#include "memory.h"
|
||||||
|
#include "share.h"
|
||||||
|
#include "strtoofft.h"
|
||||||
|
|
||||||
/* The last #include file should be: */
|
/* The last #include file should be: */
|
||||||
#ifdef CURLDEBUG
|
#ifdef CURLDEBUG
|
||||||
@ -133,6 +135,27 @@ static bool tailmatch(const char *little, const char *bigone)
|
|||||||
return (bool)strequal(little, bigone+biglen-littlelen);
|
return (bool)strequal(little, bigone+biglen-littlelen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Load cookies from all given cookie files (CURLOPT_COOKIEFILE).
|
||||||
|
*/
|
||||||
|
void Curl_cookie_loadfiles(struct SessionHandle *data)
|
||||||
|
{
|
||||||
|
struct curl_slist *list = data->change.cookielist;
|
||||||
|
if(list) {
|
||||||
|
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
|
||||||
|
while(list) {
|
||||||
|
data->cookies = Curl_cookie_init(data,
|
||||||
|
list->data,
|
||||||
|
data->cookies,
|
||||||
|
data->set.cookiesession);
|
||||||
|
list = list->next;
|
||||||
|
}
|
||||||
|
Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
|
||||||
|
curl_slist_free_all(data->change.cookielist); /* clean up list */
|
||||||
|
data->change.cookielist = NULL; /* don't do this again! */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/****************************************************************************
|
/****************************************************************************
|
||||||
*
|
*
|
||||||
* Curl_cookie_add()
|
* Curl_cookie_add()
|
||||||
@ -473,7 +496,7 @@ Curl_cookie_add(struct SessionHandle *data,
|
|||||||
co->secure = (bool)strequal(ptr, "TRUE");
|
co->secure = (bool)strequal(ptr, "TRUE");
|
||||||
break;
|
break;
|
||||||
case 4:
|
case 4:
|
||||||
co->expires = atoi(ptr);
|
co->expires = curlx_strtoofft(ptr, NULL, 10);
|
||||||
break;
|
break;
|
||||||
case 5:
|
case 5:
|
||||||
co->name = strdup(ptr);
|
co->name = strdup(ptr);
|
||||||
@ -832,7 +855,7 @@ static char *get_netscape_format(const struct Cookie *co)
|
|||||||
"%s\t" /* tailmatch */
|
"%s\t" /* tailmatch */
|
||||||
"%s\t" /* path */
|
"%s\t" /* path */
|
||||||
"%s\t" /* secure */
|
"%s\t" /* secure */
|
||||||
"%u\t" /* expires */
|
"%" FORMAT_OFF_T "\t" /* expires */
|
||||||
"%s\t" /* name */
|
"%s\t" /* name */
|
||||||
"%s", /* value */
|
"%s", /* value */
|
||||||
/* Make sure all domains are prefixed with a dot if they allow
|
/* Make sure all domains are prefixed with a dot if they allow
|
||||||
@ -842,7 +865,7 @@ static char *get_netscape_format(const struct Cookie *co)
|
|||||||
co->tailmatch?"TRUE":"FALSE",
|
co->tailmatch?"TRUE":"FALSE",
|
||||||
co->path?co->path:"/",
|
co->path?co->path:"/",
|
||||||
co->secure?"TRUE":"FALSE",
|
co->secure?"TRUE":"FALSE",
|
||||||
(unsigned int)co->expires,
|
co->expires,
|
||||||
co->name,
|
co->name,
|
||||||
co->value?co->value:"");
|
co->value?co->value:"");
|
||||||
}
|
}
|
||||||
|
@ -38,7 +38,7 @@ struct Cookie {
|
|||||||
char *value; /* name = <this> */
|
char *value; /* name = <this> */
|
||||||
char *path; /* path = <this> */
|
char *path; /* path = <this> */
|
||||||
char *domain; /* domain = <this> */
|
char *domain; /* domain = <this> */
|
||||||
long expires; /* expires = <this> */
|
curl_off_t expires; /* expires = <this> */
|
||||||
char *expirestr; /* the plain text version */
|
char *expirestr; /* the plain text version */
|
||||||
bool tailmatch; /* weather we do tail-matchning of the domain name */
|
bool tailmatch; /* weather we do tail-matchning of the domain name */
|
||||||
|
|
||||||
@ -94,8 +94,10 @@ int Curl_cookie_output(struct CookieInfo *, char *);
|
|||||||
|
|
||||||
#if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
|
#if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
|
||||||
#define Curl_cookie_list(x) NULL
|
#define Curl_cookie_list(x) NULL
|
||||||
|
#define Curl_cookie_loadfiles(x)
|
||||||
#else
|
#else
|
||||||
struct curl_slist *Curl_cookie_list(struct SessionHandle *data);
|
struct curl_slist *Curl_cookie_list(struct SessionHandle *data);
|
||||||
|
void Curl_cookie_loadfiles(struct SessionHandle *data);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -1641,25 +1641,9 @@ CURLcode Curl_pretransfer(struct SessionHandle *data)
|
|||||||
data->state.authhost.want = data->set.httpauth;
|
data->state.authhost.want = data->set.httpauth;
|
||||||
data->state.authproxy.want = data->set.proxyauth;
|
data->state.authproxy.want = data->set.proxyauth;
|
||||||
|
|
||||||
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
|
/* If there is a list of cookie files to read, do it now! */
|
||||||
/* If there was a list of cookie files to read and we haven't done it before,
|
if(data->change.cookielist)
|
||||||
do it now! */
|
Curl_cookie_loadfiles(data);
|
||||||
if(data->change.cookielist) {
|
|
||||||
struct curl_slist *list = data->change.cookielist;
|
|
||||||
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
|
|
||||||
while(list) {
|
|
||||||
data->cookies = Curl_cookie_init(data,
|
|
||||||
list->data,
|
|
||||||
data->cookies,
|
|
||||||
data->set.cookiesession);
|
|
||||||
list = list->next;
|
|
||||||
}
|
|
||||||
Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
|
|
||||||
curl_slist_free_all(data->change.cookielist); /* clean up list */
|
|
||||||
data->change.cookielist = NULL; /* don't do this again! */
|
|
||||||
}
|
|
||||||
#endif /* CURL_DISABLE_HTTP */
|
|
||||||
|
|
||||||
|
|
||||||
/* Allow data->set.use_port to set which port to use. This needs to be
|
/* Allow data->set.use_port to set which port to use. This needs to be
|
||||||
* disabled for example when we follow Location: headers to URLs using
|
* disabled for example when we follow Location: headers to URLs using
|
||||||
|
78
lib/url.c
78
lib/url.c
@ -227,16 +227,24 @@ CURLcode Curl_close(struct SessionHandle *data)
|
|||||||
Curl_safefree(data->state.headerbuff);
|
Curl_safefree(data->state.headerbuff);
|
||||||
|
|
||||||
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
|
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
|
||||||
if(data->change.cookielist) /* clean up list if any */
|
|
||||||
curl_slist_free_all(data->change.cookielist);
|
|
||||||
|
|
||||||
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
|
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
|
||||||
if(data->set.cookiejar) {
|
if(data->set.cookiejar) {
|
||||||
|
if(data->change.cookielist)
|
||||||
|
/* If there is a list of cookie files to read, do it first so that
|
||||||
|
we have all the told files read before we write the new jar */
|
||||||
|
Curl_cookie_loadfiles(data);
|
||||||
|
|
||||||
/* we have a "destination" for all the cookies to get dumped to */
|
/* we have a "destination" for all the cookies to get dumped to */
|
||||||
if(Curl_cookie_output(data->cookies, data->set.cookiejar))
|
if(Curl_cookie_output(data->cookies, data->set.cookiejar))
|
||||||
infof(data, "WARNING: failed to save cookies in %s\n",
|
infof(data, "WARNING: failed to save cookies in %s\n",
|
||||||
data->set.cookiejar);
|
data->set.cookiejar);
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
if(data->change.cookielist)
|
||||||
|
/* since nothing is written, we can just free the list of cookie file
|
||||||
|
names */
|
||||||
|
curl_slist_free_all(data->change.cookielist); /* clean up list */
|
||||||
|
}
|
||||||
|
|
||||||
if( !data->share || (data->cookies != data->share->cookies) ) {
|
if( !data->share || (data->cookies != data->share->cookies) ) {
|
||||||
Curl_cookie_cleanup(data->cookies);
|
Curl_cookie_cleanup(data->cookies);
|
||||||
@ -2951,44 +2959,44 @@ static CURLcode CreateConnection(struct SessionHandle *data,
|
|||||||
char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
|
char proxypasswd[MAX_CURL_PASSWORD_LENGTH];
|
||||||
|
|
||||||
if(2 == sscanf(proxyptr,
|
if(2 == sscanf(proxyptr,
|
||||||
"%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
|
"%" MAX_CURL_USER_LENGTH_TXT"[^:]:"
|
||||||
"%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
|
"%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
|
||||||
proxyuser, proxypasswd)) {
|
proxyuser, proxypasswd)) {
|
||||||
CURLcode res = CURLE_OK;
|
CURLcode res = CURLE_OK;
|
||||||
|
|
||||||
/* found user and password, rip them out. note that we are
|
/* found user and password, rip them out. note that we are
|
||||||
unescaping them, as there is otherwise no way to have a
|
unescaping them, as there is otherwise no way to have a
|
||||||
username or password with reserved characters like ':' in
|
username or password with reserved characters like ':' in
|
||||||
them. */
|
them. */
|
||||||
Curl_safefree(conn->proxyuser);
|
Curl_safefree(conn->proxyuser);
|
||||||
conn->proxyuser = curl_unescape(proxyuser,0);
|
conn->proxyuser = curl_unescape(proxyuser,0);
|
||||||
|
|
||||||
if(!conn->proxyuser)
|
if(!conn->proxyuser)
|
||||||
res = CURLE_OUT_OF_MEMORY;
|
res = CURLE_OUT_OF_MEMORY;
|
||||||
else {
|
else {
|
||||||
Curl_safefree(conn->proxypasswd);
|
Curl_safefree(conn->proxypasswd);
|
||||||
conn->proxypasswd = curl_unescape(proxypasswd,0);
|
conn->proxypasswd = curl_unescape(proxypasswd,0);
|
||||||
|
|
||||||
if(!conn->proxypasswd)
|
if(!conn->proxypasswd)
|
||||||
res = CURLE_OUT_OF_MEMORY;
|
res = CURLE_OUT_OF_MEMORY;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(CURLE_OK == res) {
|
if(CURLE_OK == res) {
|
||||||
conn->bits.proxy_user_passwd = TRUE; /* enable it */
|
conn->bits.proxy_user_passwd = TRUE; /* enable it */
|
||||||
atsign = strdup(atsign+1); /* the right side of the @-letter */
|
atsign = strdup(atsign+1); /* the right side of the @-letter */
|
||||||
|
|
||||||
if(atsign) {
|
if(atsign) {
|
||||||
free(proxydup); /* free the former proxy string */
|
free(proxydup); /* free the former proxy string */
|
||||||
proxydup = proxyptr = atsign; /* now use this instead */
|
proxydup = proxyptr = atsign; /* now use this instead */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
res = CURLE_OUT_OF_MEMORY;
|
res = CURLE_OUT_OF_MEMORY;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(res) {
|
if(res) {
|
||||||
free(proxydup); /* free the allocated proxy string */
|
free(proxydup); /* free the allocated proxy string */
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user