diff options
author | Daniel Stenberg <daniel@haxx.se> | 2021-01-01 23:41:21 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-01-02 23:40:47 +0100 |
commit | 648712eec1eedb05965b9b4d6dd457bda5d70481 (patch) | |
tree | e696618bd90aa6ccbc743f88b72e760045fc8c56 /lib | |
parent | 725ec470e2ca5b1eb01ffee84d432653a8070722 (diff) | |
download | curl-648712eec1eedb05965b9b4d6dd457bda5d70481.tar.gz |
httpauth: make multi-request auth work with custom port
When doing HTTP authentication and a port number set with CURLOPT_PORT,
the code would previously have the URL's port number override as if it
had been a redirect to an absolute URL.
Added test 1568 to verify.
Reported-by: UrsusArctos on github
Fixes #6397
Closes #6400
Diffstat (limited to 'lib')
-rw-r--r-- | lib/multi.c | 4 | ||||
-rw-r--r-- | lib/transfer.c | 9 | ||||
-rw-r--r-- | lib/transfer.h | 7 | ||||
-rw-r--r-- | lib/url.c | 4 |
4 files changed, 15 insertions, 9 deletions
diff --git a/lib/multi.c b/lib/multi.c index bf439bb8e..d3863c1e9 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -2211,7 +2211,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, multi_done(data, result, TRUE); } else if(done) { - followtype follow = FOLLOW_NONE; /* call this even if the readwrite function returned error */ Curl_posttransfer(data); @@ -2219,6 +2218,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* When we follow redirects or is set to retry the connection, we must to go back to the CONNECT state */ if(data->req.newurl || retry) { + followtype follow = FOLLOW_NONE; if(!retry) { /* if the URL is a follow-location and not just a retried request then figure out the URL here */ diff --git a/lib/transfer.c b/lib/transfer.c index 41bdc353d..7b5a0516d 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1537,6 +1537,8 @@ CURLcode Curl_follow(struct Curl_easy *data, bool reachedmax = FALSE; CURLUcode uc; + DEBUGASSERT(type != FOLLOW_NONE); + if(type == FOLLOW_REDIR) { if((data->set.maxredirs != -1) && (data->set.followlocation >= data->set.maxredirs)) { @@ -1568,8 +1570,11 @@ CURLcode Curl_follow(struct Curl_easy *data, } } - if(Curl_is_absolute_url(newurl, NULL, MAX_SCHEME_LEN)) - /* This is an absolute URL, don't allow the custom port number */ + if((type != FOLLOW_RETRY) && + (data->req.httpcode != 401) && (data->req.httpcode != 407) && + Curl_is_absolute_url(newurl, NULL, MAX_SCHEME_LEN)) + /* If this is not redirect due to a 401 or 407 response and an absolute + URL: don't allow a custom port number */ disallowport = TRUE; DEBUGASSERT(data->state.uh); diff --git a/lib/transfer.h b/lib/transfer.h index 178bb58fb..f8915dbd1 100644 --- a/lib/transfer.h +++ b/lib/transfer.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -36,9 +36,8 @@ typedef enum { allow initing to this */ FOLLOW_FAKE, /* only records stuff, not actually following */ FOLLOW_RETRY, /* set if this is a request retry as opposed to a real - redirect following */ - FOLLOW_REDIR, /* a full true redirect */ - FOLLOW_LAST /* never used */ + redirect following */ + FOLLOW_REDIR /* a full true redirect */ } followtype; CURLcode Curl_follow(struct Curl_easy *data, char *newurl, @@ -2003,7 +2003,9 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, } else { unsigned long port = strtoul(data->state.up.port, NULL, 10); - conn->port = conn->remote_port = curlx_ultous(port); + conn->port = conn->remote_port = + (data->set.use_port && data->state.allow_port) ? + (int)data->set.use_port : curlx_ultous(port); } (void)curl_url_get(uh, CURLUPART_QUERY, &data->state.up.query, 0); |