]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6081703) | patch
netrc: address several netrc parser flaws
authorDaniel Stenberg <daniel@haxx.se>
Fri, 15 Nov 2024 10:06:36 +0000 (11:06 +0100)
committerDaniel Stenberg <daniel@haxx.se>
Sun, 17 Nov 2024 10:33:56 +0000 (11:33 +0100)
commite9b9bbac22c26cf67316fa8e6c6b9e831af31949
treed0d210c25e5493ced074fff3afdaabb56b7ff2adtree | snapshot
parent6081703bd9610f04f5badf607b5c344b541231e6commit | diff
netrc: address several netrc parser flaws

- make sure that a match that returns a username also returns a
  password, that should be blank if no password is found

- fix handling of multiple logins for same host where the password/login
  order might be reversed.

- reject credentials provided in the .netrc if they contain ASCII control
  codes - if the used protocol does not support such (like HTTP and WS do)

Reported-by: Harry Sintonen
Add test 478, 479 and 480 to verify. Updated unit 1304.

Closes #15586
lib/netrc.c diff | blob | blame | history
lib/url.c diff | blob | blame | history
tests/data/Makefile.am diff | blob | blame | history
tests/data/test478 [new file with mode: 0644] blob
tests/data/test479 [new file with mode: 0644] blob
tests/data/test480 [new file with mode: 0644] blob
tests/unit/unit1304.c diff | blob | blame | history
Mirror of https://github.com/curl/curl.git