Hi,

$ curl -v -u luser:pokus ftp://localhost/file
does
> USER luser
> PASS pokus
and works fine.

$ curl -v -x localhost:3128 -u luser:pokus ftp://localhost/file
does
> GET ftp://localhost/file HTTP/1.1
> Authorization: Basic bHVzZXI6cG9rdXM=

and fails at least with squid, because the proxy ignores Authorization:
for ftp.

$ curl -v -x localhost:3128  ftp://luser:po...@localhost/file
does
> GET ftp://luser:po...@localhost/file HTTP/1.1

and works fine.

Maybe this is a squid bug, but I didn't find anything relevant in the
RFCs. The question is: does it make sense for libcurl to insert the
username:password into the url when doing ftp via a proxy? Attached is
an incomplete patch doing this.

Michal
? .gdb_history
? patches
? protocols2.patch
? proxy-ftp-passwd.patch
? tests/tee
? tests/tee2
Index: lib/http.c
===================================================================
RCS file: /cvsroot/curl/curl/lib/http.c,v
retrieving revision 1.420
diff -u -p -r1.420 http.c
--- lib/http.c	5 Jun 2009 06:18:43 -0000	1.420
+++ lib/http.c	8 Jun 2009 09:57:39 -0000
@@ -2061,6 +2061,7 @@ CURLcode Curl_http(struct connectdata *c
   CURLcode result=CURLE_OK;
   struct HTTP *http;
   const char *ppath = data->state.path;
+  char *ppath_pre = NULL;
   char ftp_typecode[sizeof(";type=?")] = "";
   const char *host = conn->host.name;
   const char *te = ""; /* transfer-encoding */
@@ -2289,23 +2290,30 @@ CURLcode Curl_http(struct connectdata *c
       }
     }
     ppath = data->change.url;
-    if (data->set.proxy_transfer_mode) {
-      /* when doing ftp, append ;type=<a|i> if not present */
-      if(checkprefix("ftp://";, ppath) || checkprefix("ftps://", ppath)) {
-        char *p = strstr(ppath, ";type=");
-        if(p && p[6] && p[7] == 0) {
-          switch (Curl_raw_toupper(p[6])) {
-          case 'A':
-          case 'D':
-          case 'I':
-            break;
-          default:
-            p = NULL;
+    if(checkprefix("ftp://";, ppath)) {
+      if (data->set.proxy_transfer_mode) {
+        /* when doing ftp, append ;type=<a|i> if not present */
+          char *p = strstr(ppath, ";type=");
+          if(p && p[6] && p[7] == 0) {
+            switch (Curl_raw_toupper(p[6])) {
+            case 'A':
+            case 'D':
+            case 'I':
+              break;
+            default:
+              p = NULL;
+            }
           }
-        }
-        if(!p)
-          snprintf(ftp_typecode, sizeof(ftp_typecode), ";type=%c",
-                   data->set.prefer_ascii ? 'a' : 'i');
+          if(!p)
+            snprintf(ftp_typecode, sizeof(ftp_typecode), ";type=%c",
+                     data->set.prefer_ascii ? 'a' : 'i');
+      }
+      if (conn->bits.user_passwd && !conn->bits.userpwd_in_url) {
+        /* paste the username:password into the ftp:// url */
+        ppath_pre = aprintf("ftp://%s:%s@";, conn->user, conn->passwd); /* FIXME: leak */
+        if (!ppath_pre)
+          return CURLE_OUT_OF_MEMORY;
+        ppath += sizeof("ftp://";) - 1;
       }
     }
   }
@@ -2468,7 +2476,7 @@ CURLcode Curl_http(struct connectdata *c
   result =
     add_bufferf(req_buffer,
                 "%s " /* GET/HEAD/POST/PUT */
-                "%s%s HTTP/%s\r\n" /* path + HTTP version */
+                "%s%s%s HTTP/%s\r\n" /* path + HTTP version */
                 "%s" /* proxyuserpwd */
                 "%s" /* userpwd */
                 "%s" /* range */
@@ -2481,6 +2489,7 @@ CURLcode Curl_http(struct connectdata *c
                 "%s",/* transfer-encoding */
 
                 request,
+                ppath_pre ? ppath_pre : "",
                 ppath,
                 ftp_typecode,
                 httpstring,
Index: lib/url.c
===================================================================
RCS file: /cvsroot/curl/curl/lib/url.c,v
retrieving revision 1.801
diff -u -p -r1.801 url.c
--- lib/url.c	29 May 2009 07:43:43 -0000	1.801
+++ lib/url.c	8 Jun 2009 09:57:39 -0000
@@ -3824,6 +3824,7 @@ static CURLcode parse_url_userpass(struc
        * set user/passwd, but doing that first adds more cases here :-(
        */
 
+      conn->bits.userpwd_in_url = 1;
       if(data->set.use_netrc != CURL_NETRC_REQUIRED) {
         /* We could use the one in the URL */
 
Index: lib/urldata.h
===================================================================
RCS file: /cvsroot/curl/curl/lib/urldata.h,v
retrieving revision 1.412
diff -u -p -r1.412 urldata.h
--- lib/urldata.h	11 May 2009 07:53:38 -0000	1.412
+++ lib/urldata.h	8 Jun 2009 09:57:40 -0000
@@ -626,6 +626,7 @@ struct ConnectBits {
                          EPRT doesn't work we disable it for the forthcoming
                          requests */
   bool netrc;         /* name+password provided by netrc */
+  bool userpwd_in_url; /* name+password found in url */
 
   bool done;          /* set to FALSE when Curl_do() is called and set to TRUE
                          when Curl_done() is called, to prevent Curl_done() to

Reply via email to