Changelog
+Daniel Stenberg (26 Sep 2009)
+- John P. McCaskey posted a bug report that showed how libcurl did wrong when
+ saving received cookies with no given path, if the path in the request had a
+ query part. That is means a question mark (?) and characters on the right
+ side of that. I wrote test case 1105 and fixed this problem.
+
Kamil Dudka (26 Sep 2009)
- Implemented a protocol independent way to specify blocking direction, used by
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
o cookie expiry date at 1970-jan-1 00:00:00
o libcurl-OpenSSL failed to verify some certs with Subject Alternative Name
o libcurl-OpenSSL can load CRL files with more than one certificate inside
+ o received cookies without explicit path got saved wrong if the URL had a
+ query part
This release includes the following known bugs:
Karl Moerder, Kamil Dudka, Krister Johansen, Andre Guibert de Bruet,
Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson,
- Claes Jakobsson, Sven Anders, Chris Mumford
+ Claes Jakobsson, Sven Anders, Chris Mumford, John P. McCaskey
Thanks! (and sorry if I forgot to mention someone)
*str = strdup(newstr);
}
+
+/*
+ * The memrchr() function is like the memchr() function, except that it
+ * searches backwards from the end of the n bytes pointed to by s instead of
+ * forwards from the front.
+ *
+ * Exists in glibc but is not widely available on other systems.
+ */
+static void *memrchr(const char *s, int c, size_t n)
+{
+ while(n--) {
+ if(s[n] == c)
+ return &s[n];
+ }
+ return NULL;
+}
+
+
/****************************************************************************
*
* Curl_cookie_add()
char *lineptr, /* first character of the line */
const char *domain, /* default domain */
const char *path) /* full path used when this cookie is set,
- used to get default path for the cookie
- unless set */
+ used to get default path for the cookie
+ unless set */
{
struct Cookie *clist;
char name[MAX_NAME];
}
if(!badcookie && !co->path && path) {
- /* no path was given in the header line, set the default */
- char *endslash = strrchr(path, '/');
+ /* No path was given in the header line, set the default.
+ Note that the passed-in path to this function MAY have a '?' and
+ following part that MUST not be stored as part of the path. */
+ char *queryp = strchr(path, '?');
+
+ /* queryp is where the interesting part of the path ends, so now we
+ want to the find the last */
+ char *endslash;
+ if(!queryp)
+ endslash = strrchr(path, '/');
+ else
+ endslash = memrchr(path, '/', queryp - path);
if(endslash) {
size_t pathlen = endslash-path+1; /* include the ending slash */
co->path=malloc(pathlen+1); /* one extra for the zero byte */
# Lines starting with '#' letters are treated as comments.
563
564
-1105
+
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.
-127.0.0.1 FALSE /we/want FALSE 0 foobar name
+127.0.0.1 FALSE /we/want/ FALSE 0 foobar name
.127.0.0.1 TRUE "/silly/" FALSE 0 mismatch this
.0.0.1 TRUE / FALSE 0 partmatch present
-
</file>
</verify>
</testcase>
projects / thirdparty / curl.git / commitdiff
