Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

url.c: CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH fixes

Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported.

Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE.
  • Loading branch information...
commit df4205c10a459dccd480bdaefd22ef6768a4a49c 1 parent 9421b06
yangtse yangtse authored
Showing with 36 additions and 2 deletions.
  1. +36 −2 lib/url.c
38 lib/url.c
View
@@ -1397,8 +1397,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
* Set HTTP Authentication type BITMASK.
*/
{
+ int bitcheck;
+ bool authbits;
unsigned long auth = va_arg(param, unsigned long);
+ if(auth == CURLAUTH_NONE) {
+ data->set.httpauth = auth;
+ break;
+ }
+
/* the DIGEST_IE bit is only used to set a special marker, for all the
rest we need to handle it as normal DIGEST */
data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
@@ -1419,7 +1426,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
WINDOWS_SSPI */
#endif
- if(!auth)
+
+ /* check if any auth bit lower than CURLAUTH_ONLY is still set */
+ bitcheck = 0;
+ authbits = FALSE;
+ while(bitcheck < 31) {
+ if(auth & (1UL << bitcheck++)) {
+ authbits = TRUE;
+ break;
+ }
+ }
+ if(!authbits)
return CURLE_NOT_BUILT_IN; /* no supported types left! */
data->set.httpauth = auth;
@@ -1461,8 +1478,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
* Set HTTP Authentication type BITMASK.
*/
{
+ int bitcheck;
+ bool authbits;
unsigned long auth = va_arg(param, unsigned long);
+ if(auth == CURLAUTH_NONE) {
+ data->set.proxyauth = auth;
+ break;
+ }
+
/* the DIGEST_IE bit is only used to set a special marker, for all the
rest we need to handle it as normal DIGEST */
data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
@@ -1482,7 +1506,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
WINDOWS_SSPI */
#endif
- if(!auth)
+
+ /* check if any auth bit lower than CURLAUTH_ONLY is still set */
+ bitcheck = 0;
+ authbits = FALSE;
+ while(bitcheck < 31) {
+ if(auth & (1UL << bitcheck++)) {
+ authbits = TRUE;
+ break;
+ }
+ }
+ if(!authbits)
return CURLE_NOT_BUILT_IN; /* no supported types left! */
data->set.proxyauth = auth;
Please sign in to comment.
Something went wrong with that request. Please try again.