Hi,
$ curl -v -u luser:pokus ftp://localhost/file
does
> USER luser
> PASS pokus
and works fine.
$ curl -v -x localhost:3128 -u luser:pokus ftp://localhost/file
does
> GET ftp://localhost/file HTTP/1.1
> Authorization: Basic bHVzZXI6cG9rdXM=
and fails at least with squid, because the proxy ignores Authorization:
for ftp.
$ curl -v -x localhost:3128 ftp://luser:po...@localhost/file
does
> GET ftp://luser:po...@localhost/file HTTP/1.1
and works fine.
Maybe this is a squid bug, but I didn't find anything relevant in the
RFCs. The question is: does it make sense for libcurl to insert the
username:password into the url when doing ftp via a proxy? Attached is
an incomplete patch doing this.
Michal
? .gdb_history
? patches
? protocols2.patch
? proxy-ftp-passwd.patch
? tests/tee
? tests/tee2
Index: lib/http.c
===================================================================
RCS file: /cvsroot/curl/curl/lib/http.c,v
retrieving revision 1.420
diff -u -p -r1.420 http.c
--- lib/http.c 5 Jun 2009 06:18:43 -0000 1.420
+++ lib/http.c 8 Jun 2009 09:57:39 -0000
@@ -2061,6 +2061,7 @@ CURLcode Curl_http(struct connectdata *c
CURLcode result=CURLE_OK;
struct HTTP *http;
const char *ppath = data->state.path;
+ char *ppath_pre = NULL;
char ftp_typecode[sizeof(";type=?")] = "";
const char *host = conn->host.name;
const char *te = ""; /* transfer-encoding */
@@ -2289,23 +2290,30 @@ CURLcode Curl_http(struct connectdata *c
}
}
ppath = data->change.url;
- if (data->set.proxy_transfer_mode) {
- /* when doing ftp, append ;type=<a|i> if not present */
- if(checkprefix("ftp://", ppath) || checkprefix("ftps://", ppath)) {
- char *p = strstr(ppath, ";type=");
- if(p && p[6] && p[7] == 0) {
- switch (Curl_raw_toupper(p[6])) {
- case 'A':
- case 'D':
- case 'I':
- break;
- default:
- p = NULL;
+ if(checkprefix("ftp://", ppath)) {
+ if (data->set.proxy_transfer_mode) {
+ /* when doing ftp, append ;type=<a|i> if not present */
+ char *p = strstr(ppath, ";type=");
+ if(p && p[6] && p[7] == 0) {
+ switch (Curl_raw_toupper(p[6])) {
+ case 'A':
+ case 'D':
+ case 'I':
+ break;
+ default:
+ p = NULL;
+ }
}
- }
- if(!p)
- snprintf(ftp_typecode, sizeof(ftp_typecode), ";type=%c",
- data->set.prefer_ascii ? 'a' : 'i');
+ if(!p)
+ snprintf(ftp_typecode, sizeof(ftp_typecode), ";type=%c",
+ data->set.prefer_ascii ? 'a' : 'i');
+ }
+ if (conn->bits.user_passwd && !conn->bits.userpwd_in_url) {
+ /* paste the username:password into the ftp:// url */
+ ppath_pre = aprintf("ftp://%s:%s@", conn->user, conn->passwd); /* FIXME: leak */
+ if (!ppath_pre)
+ return CURLE_OUT_OF_MEMORY;
+ ppath += sizeof("ftp://") - 1;
}
}
}
@@ -2468,7 +2476,7 @@ CURLcode Curl_http(struct connectdata *c
result =
add_bufferf(req_buffer,
"%s " /* GET/HEAD/POST/PUT */
- "%s%s HTTP/%s\r\n" /* path + HTTP version */
+ "%s%s%s HTTP/%s\r\n" /* path + HTTP version */
"%s" /* proxyuserpwd */
"%s" /* userpwd */
"%s" /* range */
@@ -2481,6 +2489,7 @@ CURLcode Curl_http(struct connectdata *c
"%s",/* transfer-encoding */
request,
+ ppath_pre ? ppath_pre : "",
ppath,
ftp_typecode,
httpstring,
Index: lib/url.c
===================================================================
RCS file: /cvsroot/curl/curl/lib/url.c,v
retrieving revision 1.801
diff -u -p -r1.801 url.c
--- lib/url.c 29 May 2009 07:43:43 -0000 1.801
+++ lib/url.c 8 Jun 2009 09:57:39 -0000
@@ -3824,6 +3824,7 @@ static CURLcode parse_url_userpass(struc
* set user/passwd, but doing that first adds more cases here :-(
*/
+ conn->bits.userpwd_in_url = 1;
if(data->set.use_netrc != CURL_NETRC_REQUIRED) {
/* We could use the one in the URL */
Index: lib/urldata.h
===================================================================
RCS file: /cvsroot/curl/curl/lib/urldata.h,v
retrieving revision 1.412
diff -u -p -r1.412 urldata.h
--- lib/urldata.h 11 May 2009 07:53:38 -0000 1.412
+++ lib/urldata.h 8 Jun 2009 09:57:40 -0000
@@ -626,6 +626,7 @@ struct ConnectBits {
EPRT doesn't work we disable it for the forthcoming
requests */
bool netrc; /* name+password provided by netrc */
+ bool userpwd_in_url; /* name+password found in url */
bool done; /* set to FALSE when Curl_do() is called and set to TRUE
when Curl_done() is called, to prevent Curl_done() to