Setting HTTP auth method to Digest disregards alternative port number #6397
I write interface library in php using curl. It is basically a primitive JSON-RPC client.
I did this
I set CURLOPT_PORT to 18081, CURLOPT_HTTPAUTH to CURLAUTH_DIGEST, and also set CURLOPT_USERPWD, and CURLOPT_URL to 'http://10.0.0.10/json_rpc'. I also enabled verbose output. Now when I run the rig, this happens:
Apparently curl tries first request without auth to probe for supported methods (which is correct behavior) but then disregards CURLOPT_PORT value for its second request attempt now with properly prepared Digest headers, and resets port to default HTTP for no obvious reason.
I expected the following
I expected the custom CURLOPT_PORT value to be preserved across all HTTP authentication requests however many there are.
curl 7.72.0 (x86_64-pc-linux-gnu) libcurl/7.72.0 OpenSSL/1.1.1i zlib/1.2.11 zstd/1.4.4 libidn2/2.3.0 libssh2/1.9.0_DEV nghttp2/1.41.0
Linux Vecanoi 5.4.80-gentoo-r1 #4 SMP Thu Dec 31 14:32:07 UTC 2020 x86_64 AMD Athlon(tm) X4 840 Quad Core Processor AuthenticAMD GNU/Linux
I found out the code works as intended if I hardcode the port number into URL such as this http://10.0.0.10:18081/json_rpc but then it looks like a dirty hack and what is the point of CURLOPT_PORT if this is the way.
First report of the problem spotted way back in 2006
The text was updated successfully, but these errors were encountered:
When doing HTTP authentication and a port number set with CURLOPT_PORT, the code would previously have the URL's port number override as if it had been a redirect to an absolute URL. Added test 1568 to verify. Reported-by: UrsusArctos on github Fixes #6397