1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

ConnectionExists: re-use connections better

When allowing NTLM, the re-use connection logic was too focused on
finding an existing NTLM connection to use and didn't properly allow
re-use of other ones. This made the logic not re-use perfectly re-usable
connections.

Added test case 1418 and 1419 to verify.

Regression brought in 8ae35102c (curl 7.35.0)

Reported-by: Jeff King
Bug: http://thread.gmane.org/gmane.comp.version-control.git/242213
This commit is contained in:
Daniel Stenberg 2014-02-16 14:07:56 +01:00
parent f3bae6ed73
commit d765099813
4 changed files with 181 additions and 3 deletions

View File

@ -3133,7 +3133,9 @@ ConnectionExists(struct SessionHandle *data,
*force_reuse = TRUE; *force_reuse = TRUE;
break; break;
} }
else else if(credentialsMatch)
/* this is a backup choice */
chosen = check;
continue; continue;
} }

View File

@ -120,7 +120,7 @@ test1396 \
\ \
test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \ test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
test1408 test1409 test1410 test1412 test1413 test1414 test1415 \ test1408 test1409 test1410 test1412 test1413 test1414 test1415 \
test1416 test1417 \ test1416 test1417 test1418 test1419 \
\ \
test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \ test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \ test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \

107
tests/data/test1418 Normal file
View File

@ -0,0 +1,107 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
connection re-use
</keywords>
</info>
# Server-side
<reply>
<servercmd>
connection-monitor
</servercmd>
<data>
HTTP/1.1 401 Authentication please!
Content-Length: 20
WWW-Authenticate: Digest realm="loonie", nonce="314156592"
WWW-Authenticate: Basic
Please auth with me
</data>
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1000>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Length: 4
moo
</data1000>
<data1003>
HTTP/1.1 200 OK
Server: Another one/1.0
Content-Length: 4
boo
</data1003>
# This is the first reply after the redirection
<data1011>
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
This is not the real page either!
</data1011>
<datacheck>
HTTP/1.1 401 Authentication please!
Content-Length: 20
WWW-Authenticate: Digest realm="loonie", nonce="314156592"
WWW-Authenticate: Basic
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Length: 4
moo
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<features>
crypto
</features>
<name>
HTTP with --anyauth and connection re-use
</name>
<command>
http://%HOSTIP:%HTTPPORT/1418 -u testuser:testpass --anyauth http://%HOSTIP:%HTTPPORT/14180003
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /1418 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /1418 HTTP/1.1
Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/1418", response="986238b7e0077754944c966f56d9bc77"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /14180003 HTTP/1.1
Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/14180003", response="1c6390a67bac3283a9b023402f3b3540"
Host: %HOSTIP:%HTTPPORT
Accept: */*
[DISCONNECT]
</protocol>
</verify>
</testcase>

69
tests/data/test1419 Normal file
View File

@ -0,0 +1,69 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
connection re-use
</keywords>
</info>
# Server-side
<reply>
<servercmd>
connection-monitor
</servercmd>
<data>
HTTP/1.1 200 fine!
Content-Length: 20
Feel free to get it
</data>
<data3>
HTTP/1.1 200 OK
Server: Another one/1.0
Content-Length: 4
boo
</data3>
<datacheck>
HTTP/1.1 200 fine!
Content-Length: 20
Feel free to get it
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
HTTP with --anyauth (but no auth!) and connection re-use
</name>
<command>
http://%HOSTIP:%HTTPPORT/1419 --anyauth http://%HOSTIP:%HTTPPORT/14190003
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /1419 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /14190003 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
[DISCONNECT]
</protocol>
</verify>
</testcase>