Ralph Mitchell reported a flaw when you used a proxy with auth, and you

                                  Changelog

Daniel (19 February 2005)

- Ralph Mitchell reported a flaw when you used a proxy with auth, and you

  requested data from a host and then followed a redirect to another

  host. libcurl then didn't use the proxy-auth properly in the second request,

  due to the host-only check for original host name wrongly being extended to

  the proxy auth as well. Added test case 233 to verify the flaw and that the

  fix removed the problem.

Daniel (18 February 2005)

- Mike Dobbs reported a mingw build failure due to the lack of

  BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by

This release includes the following bugfixes:

 o proxy auth bug when following redirects to another host

 o socket leak when local bind failed

 o HTTP POST with --anyauth picking NTLM

 o SSL problems when downloading exactly 16KB data

advice from friends like these:

 Gisle Vanem, David Byron, Marty Kuhrt, Maruko, Eric Vergnaud, Christopher

 R. Palmer, Mike Dobbs, David in bug report #1124588

 R. Palmer, Mike Dobbs, David in bug report #1124588, Ralph Mitchell

        Thanks! (and sorry if I forgot to mention someone)

       and if this is one single bit it'll be used instantly. */

    authproxy->picked = authproxy->want;

  /* To prevent the user+password to get sent to other than the original

     host due to a location-follow, we do some weirdo checks here */

  if(!data->state.this_is_a_follow ||

     !data->state.first_host ||

     curl_strequal(data->state.first_host, conn->host.name) ||

     data->set.http_disable_hostname_check_before_authentication) {

  /* Send proxy authentication header if needed */

  if (conn->bits.httpproxy &&

      (conn->bits.tunnel_proxy == proxytunnel)) {

       with it */

    authproxy->done = TRUE;

  /* To prevent the user+password to get sent to other than the original

     host due to a location-follow, we do some weirdo checks here */

  if(!data->state.this_is_a_follow ||

     !data->state.first_host ||

     curl_strequal(data->state.first_host, conn->host.name) ||

     data->set.http_disable_hostname_check_before_authentication) {

    /* Send web authentication header if needed */

    {

      auth = NULL;

 test223 test224 test206 test207 test208 test209 test213 test240	\

 test241 test242 test519 test214 test215 test216 test217 test218	\

 test199 test225 test226 test227 test230 test231 test232 test228	\

 test229

 test229 test233

# The following tests have been removed from the dist since they no longer

# work. We need to fix the test suite's FTPS server first, then bring them

#

# Server-side

<reply>

<data>

HTTP/1.1 302 OK

Date: Thu, 09 Nov 2010 14:49:00 GMT

Server: test-server/fake swsclose

Content-Type: text/html

Funny-head: yesyes

Location: http://goto.second.host.now/2330002

Content-Length: 8

Connection: close

contents

</data>

<data2>

HTTP/1.1 200 OK

Date: Thu, 09 Nov 2010 14:49:00 GMT

Server: test-server/fake swsclose

Content-Type: text/html

Funny-head: yesyes

contents

</data2>

<datacheck>

HTTP/1.1 302 OK

Date: Thu, 09 Nov 2010 14:49:00 GMT

Server: test-server/fake swsclose

Content-Type: text/html

Funny-head: yesyes

Location: http://goto.second.host.now/2330002

Content-Length: 8

Connection: close

HTTP/1.1 200 OK

Date: Thu, 09 Nov 2010 14:49:00 GMT

Server: test-server/fake swsclose

Content-Type: text/html

Funny-head: yesyes

contents

</datacheck>

</reply>

#

# Client-side

<client>

<server>

http

</server>

 <name>

HTTP, proxy, site+proxy auth and Location: to new host

 </name>

 <command>

http://first.host.it.is/we/want/that/page/233 -x %HOSTIP:%HTTPPORT --user iam:myself --proxy-user testing:this --location

</command>

</client>

#

# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET http://first.host.it.is/we/want/that/page/233 HTTP/1.1

Proxy-Authorization: Basic dGVzdGluZzp0aGlz

Authorization: Basic aWFtOm15c2VsZg==

Host: first.host.it.is

Pragma: no-cache

Accept: */*

GET http://goto.second.host.now/2330002 HTTP/1.1

Proxy-Authorization: Basic dGVzdGluZzp0aGlz

Host: goto.second.host.now

Pragma: no-cache

Accept: */*

</protocol>

</verify>