diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2021-01-08 16:17:12 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-01-08 16:23:58 +0100 |
| commit | 220abe75795d48a6f7903fd6f6853e503c2e47a4 (patch) | |
| tree | b6f301f2d80b1afa4467b403da6fd14140812790 | |
| parent | 060658f634f7d599ab163eb3bfedfb8b8e23f6e2 (diff) | |
| download | curl-bagder/hyper-authneg.tar.gz | |
http: make 'authneg' also work for Hyperbagder/hyper-authneg
When doing a request with a request body expecting a 401/407 back, that
initial request is sent with a zero content-length. Test 177 and more.
| -rw-r--r-- | lib/c-hyper.c | 2 | ||||
| -rw-r--r-- | lib/http.c | 27 | ||||
| -rw-r--r-- | lib/http.h | 6 | ||||
| -rw-r--r-- | lib/http_proxy.c | 6 | ||||
| -rw-r--r-- | lib/rtsp.c | 5 |
5 files changed, 25 insertions, 21 deletions
diff --git a/lib/c-hyper.c b/lib/c-hyper.c index 19ba8d9b8..4a68ffba0 100644 --- a/lib/c-hyper.c +++ b/lib/c-hyper.c @@ -670,7 +670,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) if(!pq) return CURLE_OUT_OF_MEMORY; } - result = Curl_http_output_auth(conn, method, + result = Curl_http_output_auth(conn, method, httpreq, (pq ? pq : data->state.up.path), FALSE); free(pq); if(result) diff --git a/lib/http.c b/lib/http.c index 42aa84ec0..8bee326f4 100644 --- a/lib/http.c +++ b/lib/http.c @@ -784,6 +784,7 @@ output_auth_headers(struct connectdata *conn, CURLcode Curl_http_output_auth(struct connectdata *conn, const char *request, + Curl_HttpReq httpreq, const char *path, bool proxytunnel) /* TRUE if this is the request setting up the proxy tunnel */ @@ -850,6 +851,17 @@ Curl_http_output_auth(struct connectdata *conn, else authhost->done = TRUE; + if(((authhost->multipass && !authhost->done) || + (authproxy->multipass && !authproxy->done)) && + (httpreq != HTTPREQ_GET) && + (httpreq != HTTPREQ_HEAD)) { + /* Auth is required and we are not authenticated yet. Make a PUT or POST + with content-length zero as a "probe". */ + conn->bits.authneg = TRUE; + } + else + conn->bits.authneg = FALSE; + return result; } @@ -1962,7 +1974,7 @@ void Curl_http_method(struct Curl_easy *data, struct connectdata *conn, if(data->set.opt_no_body) request = "HEAD"; else { - DEBUGASSERT((httpreq > HTTPREQ_NONE) && (httpreq < HTTPREQ_LAST)); + DEBUGASSERT((httpreq >= HTTPREQ_GET) && (httpreq <= HTTPREQ_HEAD)); switch(httpreq) { case HTTPREQ_POST: case HTTPREQ_POST_FORM: @@ -2972,24 +2984,13 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) if(!pq) return CURLE_OUT_OF_MEMORY; } - result = Curl_http_output_auth(conn, request, + result = Curl_http_output_auth(conn, request, httpreq, (pq ? pq : data->state.up.path), FALSE); free(pq); if(result) return result; } - if(((data->state.authhost.multipass && !data->state.authhost.done) - || (data->state.authproxy.multipass && !data->state.authproxy.done)) && - (httpreq != HTTPREQ_GET) && - (httpreq != HTTPREQ_HEAD)) { - /* Auth is required and we are not authenticated yet. Make a PUT or POST - with content-length zero as a "probe". */ - conn->bits.authneg = TRUE; - } - else - conn->bits.authneg = FALSE; - Curl_safefree(data->state.aptr.ref); if(data->change.referer && !Curl_checkheaders(conn, "Referer")) { data->state.aptr.ref = aprintf("Referer: %s\r\n", data->change.referer); diff --git a/lib/http.h b/lib/http.h index b5e6ae915..23add25dd 100644 --- a/lib/http.h +++ b/lib/http.h @@ -24,14 +24,12 @@ #include "curl_setup.h" typedef enum { - HTTPREQ_NONE, /* first in list */ HTTPREQ_GET, HTTPREQ_POST, HTTPREQ_POST_FORM, /* we make a difference internally */ HTTPREQ_POST_MIME, /* we make a difference internally */ HTTPREQ_PUT, - HTTPREQ_HEAD, - HTTPREQ_LAST /* last in list */ + HTTPREQ_HEAD } Curl_HttpReq; #ifndef CURL_DISABLE_HTTP @@ -295,6 +293,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, * * @param conn all information about the current connection * @param request pointer to the request keyword + * @param httpreq is the request type * @param path pointer to the requested path * @param proxytunnel boolean if this is the request setting up a "proxy * tunnel" @@ -304,6 +303,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, CURLcode Curl_http_output_auth(struct connectdata *conn, const char *request, + Curl_HttpReq httpreq, const char *path, bool proxytunnel); /* TRUE if this is the request setting up the proxy tunnel */ diff --git a/lib/http_proxy.c b/lib/http_proxy.c index b7827860c..43bbe73d5 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -263,7 +263,8 @@ static CURLcode CONNECT(struct connectdata *conn, return result; /* Setup the proxy-authorization header, if any */ - result = Curl_http_output_auth(conn, "CONNECT", hostheader, TRUE); + result = Curl_http_output_auth(conn, "CONNECT", HTTPREQ_GET, + hostheader, TRUE); if(!result) { const char *proxyconn = ""; @@ -739,7 +740,8 @@ static CURLcode CONNECT(struct connectdata *conn, result = CURLE_OUT_OF_MEMORY; } /* Setup the proxy-authorization header, if any */ - result = Curl_http_output_auth(conn, "CONNECT", hostheader, TRUE); + result = Curl_http_output_auth(conn, "CONNECT", HTTPREQ_GET, + hostheader, TRUE); if(result) goto error; Curl_safefree(hostheader); diff --git a/lib/rtsp.c b/lib/rtsp.c index e9ee2b36b..a7299e12b 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -385,7 +385,8 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done) } /* setup the authentication headers */ - result = Curl_http_output_auth(conn, p_request, p_stream_uri, FALSE); + result = Curl_http_output_auth(conn, p_request, HTTPREQ_GET, + p_stream_uri, FALSE); if(result) return result; |