-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
http_negotiate: improve handling of gss_init_sec_context() failures
If HTTPAUTH_GSSNEGOTIATE was used for a POST request and gss_init_sec_context() failed, the POST request was sent with empty body. This commit also restores the original behavior of `curl --fail --negotiate`, which was changed by commit 6c60355. Add regression tests 2077 and 2078 to cover this. Fixes #3992 Closes #4171
- Loading branch information
Showing
4 changed files
with
99 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
<testcase> | ||
<info> | ||
<keywords> | ||
HTTP | ||
HTTP GET | ||
GSS-API | ||
</keywords> | ||
</info> | ||
|
||
# Server-side | ||
<reply> | ||
<data> | ||
HTTP/1.1 200 OK swsclose | ||
Content-Length: 23 | ||
|
||
This IS the real page! | ||
</data> | ||
</reply> | ||
|
||
# Client-side | ||
<client> | ||
<server> | ||
http | ||
</server> | ||
<features> | ||
GSS-API | ||
</features> | ||
<name> | ||
curl --fail --negotiate to unauthenticated service fails | ||
</name> | ||
<command> | ||
http://%HOSTIP:%HTTPPORT/2077 -u : --fail --negotiate | ||
</command> | ||
</client> | ||
|
||
# Verify data after the test has been "shot" | ||
<verify> | ||
<errorcode> | ||
0 | ||
</errorcode> | ||
</verify> | ||
</testcase> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
<testcase> | ||
<info> | ||
<keywords> | ||
HTTP | ||
HTTP GET | ||
GSS-API | ||
</keywords> | ||
</info> | ||
|
||
# Server-side | ||
<reply> | ||
<data> | ||
HTTP/1.1 200 OK swsclose | ||
Content-Length: 23 | ||
|
||
This IS the real page! | ||
</data> | ||
</reply> | ||
|
||
# Client-side | ||
<client> | ||
<server> | ||
http | ||
</server> | ||
<features> | ||
GSS-API | ||
</features> | ||
<name> | ||
curl --negotiate should not send empty POST request only | ||
</name> | ||
<command> | ||
http://%HOSTIP:%HTTPPORT/2078 -u : --negotiate --data name=value | ||
</command> | ||
</client> | ||
|
||
# Verify data after the test has been "shot" | ||
<verify> | ||
<errorcode> | ||
0 | ||
</errorcode> | ||
<strip> | ||
^User-Agent:.* | ||
</strip> | ||
<protocol nonewline="yes"> | ||
POST /2078 HTTP/1.1 | ||
Host: 127.0.0.1:8990 | ||
Accept: */* | ||
Content-Length: 10 | ||
Content-Type: application/x-www-form-urlencoded | ||
|
||
name=value | ||
</protocol> | ||
</verify> | ||
</testcase> |