-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cookies not sent to dotless host using PSL build #3676
Comments
@Largo2005, I really can't see how test 331 is not verifying a dotless host name that sets cookies that are then used in the second request. Can you modify that test so that it reproduces your problem? Your log output doesn't show, but you're sure the second request actually uses the cookie file the first request saved? The second request reconnects according to the log, which indicates that it doesn't reuse the handle? |
I don't know how you test framework is working so it's difficult for me to adapt the testcase. I will attach the script I'm using and a new trace with "-x" option of bash activate, so you can see all system calls. As a reminder, this script is working properly with curl 7.40.0 which shows that the cookies engine usage is correct... |
As it stores the cookie file, it seems the problem is in the diff --git a/lib/cookie.c b/lib/cookie.c
index 44851a52f..fc27b37f7 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -1345,12 +1345,21 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
matches++;
}
else
goto fail;
}
+ else
+ fprintf(stderr, "cookie-not-matched: %s bad path match: %s != %s\n",
+ co->name, co->spath, path);
}
+ else
+ fprintf(stderr, "cookie-not-matched: %s bad domain match: %s != %s\n",
+ co->name, co->domain, host);
}
+ else
+ fprintf(stderr, "cookie-not-matched: %s not secure: %d\n",
+ co->name, co->secure);
co = co->next;
}
if(matches) {
/* Now we need to make sure that if there is a name appearing more than |
The problem is that |
Here is an example from my local network:
creates cookie.jar with a single entry
Now executing the same curl line again and grepping the output for 'cookie':
|
Thanks @rockdaboot! This is still strange to me, because I can't reproduce that even using the exact same host name, but I think I'm just missing something:
The second invoke includes the cookie in the request that was stored from the first. But I also get a 'myhash' that is d5 / 213 both when the cookie is stored and when the cookies are matched so there's no NULL there for me? What hash does it store the cookies at for you? My test URL returns:
And my
I log the hashes used like this: diff --git a/lib/cookie.c b/lib/cookie.c
index 44851a52f..2dd733f55 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -1064,16 +1064,15 @@ Curl_cookie_add(struct Curl_easy *data,
}
lastc = clist;
clist = clist->next;
}
- if(c->running)
/* Only show this when NOT reading the cookies from a file */
infof(data, "%s cookie %s=\"%s\" for domain %s, path %s, "
- "expire %" CURL_FORMAT_CURL_OFF_T "\n",
+ "expire %" CURL_FORMAT_CURL_OFF_T " myhash %x\n",
replace_old?"Replaced":"Added", co->name, co->value,
- co->domain, co->path, co->expires);
+ co->domain, co->path, co->expires, myhash);
if(!replace_old) {
/* then make the last item point on this new one */
if(lastc)
lastc->next = co;
@@ -1303,10 +1302,12 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
struct Cookie *mainco = NULL;
size_t matches = 0;
bool is_ip;
const size_t myhash = cookiehash(host);
+ fprintf(stderr, "myhash %x\n", myhash);
+
if(!c || !c->cookies[myhash])
return NULL; /* no cookie struct or no cookies in the struct */
/* at first, remove expired cookies */
remove_expired(c); |
With your fprint lines
|
Okay, that's good at least. Can you spot how the pointer ends up NULL then? Does it expire both cookies before Line 1317 in dd8a19f
|
I added a
Which is expected since the 'expires' is 1. Nothing else gets removed. I have to start my IDE before I go any deeper :-) |
To me it looks like |
The later |
Putting a |
Ah, curl's man page gave me a hard time... there was only one cookie option (-c) with a file argument, so I never had a doubt that -c is the right option for reading + writing. Since -b has a '' argument, so I didn't read the description (what for ?). Please update the docs/man page to something like
to catch a fast reader's attention. With
Doing more testing... Curl on Debian unstable:
Curl built from latest master:
|
From a discussion in #3676 Suggested-by: Tim Rühsen
Thanks a lot @rockdaboot. @Largo2005, can you reproduce this issue with current master? |
Checking out So this seems to be fixed after 7.64.0, for PSL and non-PSL builds (tested with current master). The original issue (Cookies aren't saved for hostnames #3649) is not reproducible with current master, neither with PSL nor with non-PSL builds. All on Debian unstable. |
Sorry for this late reply but I have to setup a new mingw64 environment (to be in the same condition as I was) and it took me some time. |
Thanks, so lots of chasing after a bug that was already fixed. Case closed. |
I use a binary version of curl embedded in MSYS2 (freely downloadable at https://www.msys2.org/). This binary is built with the features mentioned above.
My problem is linked to local hostname. The URL I would like curl to connect to is "https://fronteo-keycloak-rmm:8443" (a Redhat SSO server instance). Here is a log (I've removed some useless lines):
Here is the file containing the cookies:
cookies-in.txt
Hope this helps,
Pierre
Originally posted by @Largo2005 in #3649 (comment)
The text was updated successfully, but these errors were encountered: