]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 65c7e4f) | patch
sasl: make login option string override http auth
authorPatrick Monnerat <patrick@monnerat.net>
Thu, 25 Jan 2024 12:58:19 +0000 (13:58 +0100)
committerJay Satiro <raysatiro@yahoo.com>
Fri, 26 Jan 2024 07:58:21 +0000 (02:58 -0500)
commit7b2d98dfadf209108aa7772ee21ae42e3dab219f
tree0e557a52796d629a0e9a7df18516827719e37d47tree
parent65c7e4f92b2da4276f40f9f6dc50a43cb5cfcaa8commit | diff
sasl: make login option string override http auth

- Use http authentication mechanisms as a default, not a preset.

Consider http authentication options which are mapped to SASL options as
a default (overriding the hardcoded default mask for the protocol) that
is ignored if a login option string is given.

Prior to this change, if some HTTP auth options were given, sasl mapped
http authentication options to sasl ones but merged them with the login
options.

That caused problems with the cli tool that sets the http login option
CURLAUTH_BEARER as a side-effect of --oauth2-bearer, because this flag
maps to more than one sasl mechanisms and the latter cannot be cleared
individually by the login options string.

New test 992 checks this.

Fixes https://github.com/curl/curl/issues/10259
Closes https://github.com/curl/curl/pull/12790
lib/curl_sasl.c diff | blob | blame | history
tests/data/Makefile.inc diff | blob | blame | history
tests/data/test992 [new file with mode: 0644] blob
Mirror of https://github.com/curl/curl.git