diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2021-02-12 10:27:42 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-02-13 22:36:15 +0100 |
| commit | 46620b97431e19c53ce82e55055c85830f088cf4 (patch) | |
| tree | 672f1b6b90b0dc5dc2693df105ab010def1cd35a /tests | |
| parent | e992770e8d16e4be2a3da8aa2cef5cfc12e22372 (diff) | |
| download | curl-46620b97431e19c53ce82e55055c85830f088cf4.tar.gz | |
http: use credentials from transfer, not connection
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.
The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*
Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.
Fixes #6542
Closes #6545
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/data/Makefile.inc | 2 | ||||
| -rw-r--r-- | tests/data/test134 | 8 | ||||
| -rw-r--r-- | tests/data/test675 | 55 |
3 files changed, 61 insertions, 4 deletions
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 0b0e90d3e..f6e48e3de 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -90,7 +90,7 @@ test635 test636 test637 test638 test639 test640 test641 test642 \ test643 test644 test645 test646 test647 test648 test649 test650 test651 \ test652 test653 test654 test655 test656 test658 test659 test660 test661 \ test662 test663 test664 test665 test666 test667 test668 test669 \ -test670 test671 test672 test673 test674 \ +test670 test671 test672 test673 test674 test675 \ \ test700 test701 test702 test703 test704 test705 test706 test707 test708 \ test709 test710 test711 test712 test713 test714 test715 test716 test717 \ diff --git a/tests/data/test134 b/tests/data/test134 index e314b662e..4ca63accd 100644 --- a/tests/data/test134 +++ b/tests/data/test134 @@ -33,10 +33,12 @@ dr-xr-xr-x 5 0 1 512 Oct 1 1997 usr <server> ftp </server> - <name> +<name> FTP (optional .netrc; programmatic user/passwd) dir list PASV - </name> - <command> +</name> + +# -u overrides netrc which overrides the URL +<command> --netrc-optional --netrc-file log/netrc134 -u romulus:rhemus ftp://mary:mark@%HOSTIP:%FTPPORT/ </command> <file name="log/netrc134" > diff --git a/tests/data/test675 b/tests/data/test675 new file mode 100644 index 000000000..19549dd69 --- /dev/null +++ b/tests/data/test675 @@ -0,0 +1,55 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Basic auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 200 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Type: text/html
+Content-Length: 26 +
+the content would go here +</data> +</reply> + +# Client-side +<client> +<server> +http +</server> + <name> +HTTP connection re-use and different credentials + </name> + +<command> +http://user1:foo1@%HOSTIP:%HTTPPORT/user1/675 http://user2:foo2@%HOSTIP:%HTTPPORT/user2/675 +</command> +<features> +proxy +</features> +</client> + +# Verify data after the test has been "shot" +<verify> +<protocol> +GET /user1/675 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjE6Zm9vMQ==
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /user2/675 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjI6Zm9vMg==
+User-Agent: curl/%VERSION
+Accept: */*
+
+</protocol> +</verify> +</testcase> |