Commit d7650998 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

ConnectionExists: re-use connections better 

When allowing NTLM, the re-use connection logic was too focused on
finding an existing NTLM connection to use and didn't properly allow
re-use of other ones. This made the logic not re-use perfectly re-usable
connections.

Added test case 1418 and 1419 to verify.

Regression brought in 8ae35102 (curl 7.35.0)

Reported-by: Jeff King
Bug: http://thread.gmane.org/gmane.comp.version-control.git/242213
parent f3bae6ed

lib/url.c

+4 −2
Original line number Diff line number Diff line
@@ -3133,7 +3133,9 @@ ConnectionExists(struct SessionHandle *data, 
            *force_reuse = TRUE;

            break;

          }

          else

          else if(credentialsMatch)

            /* this is a backup choice */

            chosen = check;

          continue;

        }

tests/data/Makefile.am

+1 −1
Original line number Diff line number Diff line
@@ -120,7 +120,7 @@ test1396 \ 
\

test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \

test1408 test1409 test1410          test1412 test1413 test1414 test1415 \

test1416 test1417 \

test1416 test1417 test1418 test1419 \

\

test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \

test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \

tests/data/test1418

0 → 100644
+107 −0
Original line number Diff line number Diff line 
<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP NTLM auth

connection re-use

</keywords>

</info>

# Server-side

<reply>

<servercmd>

connection-monitor

</servercmd>



<data>

HTTP/1.1 401 Authentication please!

Content-Length: 20

WWW-Authenticate: Digest realm="loonie", nonce="314156592"

WWW-Authenticate: Basic



Please auth with me

</data>



# This is supposed to be returned when the server gets the second

# Authorization: NTLM line passed-in from the client

<data1000>

HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/5.0

Content-Length: 4



moo

</data1000>



<data1003>

HTTP/1.1 200 OK

Server: Another one/1.0

Content-Length: 4



boo

</data1003>



# This is the first reply after the redirection

<data1011>

HTTP/1.1 200 OK

Server: Microsoft-IIS/5.0

Content-Type: text/html; charset=iso-8859-1

Content-Length: 34



This is not the real page either!

</data1011>



<datacheck>

HTTP/1.1 401 Authentication please!

Content-Length: 20

WWW-Authenticate: Digest realm="loonie", nonce="314156592"

WWW-Authenticate: Basic



HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/5.0

Content-Length: 4



moo

</datacheck>



</reply>



# Client-side

<client>

<server>

http

</server>

<features>

crypto

</features>

 <name>

HTTP with --anyauth and connection re-use

 </name>

 <command>

http://%HOSTIP:%HTTPPORT/1418 -u testuser:testpass --anyauth http://%HOSTIP:%HTTPPORT/14180003

</command>

</client>



# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /1418 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*



GET /1418 HTTP/1.1

Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/1418", response="986238b7e0077754944c966f56d9bc77"

Host: %HOSTIP:%HTTPPORT

Accept: */*



GET /14180003 HTTP/1.1

Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/14180003", response="1c6390a67bac3283a9b023402f3b3540"

Host: %HOSTIP:%HTTPPORT

Accept: */*



[DISCONNECT]

</protocol>

</verify>

</testcase>

tests/data/test1419

0 → 100644
+69 −0
Original line number Diff line number Diff line 
<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP NTLM auth

connection re-use

</keywords>

</info>

# Server-side

<reply>

<servercmd>

connection-monitor

</servercmd>



<data>

HTTP/1.1 200 fine!

Content-Length: 20



Feel free to get it

</data>



<data3>

HTTP/1.1 200 OK

Server: Another one/1.0

Content-Length: 4



boo

</data3>



<datacheck>

HTTP/1.1 200 fine!

Content-Length: 20



Feel free to get it

</datacheck>

</reply>



# Client-side

<client>

<server>

http

</server>

 <name>

HTTP with --anyauth (but no auth!) and connection re-use

 </name>

 <command>

http://%HOSTIP:%HTTPPORT/1419 --anyauth http://%HOSTIP:%HTTPPORT/14190003

</command>

</client>



# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /1419 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*



GET /14190003 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*



[DISCONNECT]

</protocol>

</verify>

</testcase>