Bugs item #707003, was opened at 2003-03-20 11:03
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=707003&group_id=976

Category: libcurl
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Michael Churchill (hankcowdog)
Assigned to: Daniel Stenberg (bagder)
Summary: Does not send Authorization: header when reusing connection

Initial Comment:
Submitted by: Mike Churchill churchil_at_hiwaay.net

SCOPE OF PROBLEM
-----------------------
Broken in 7.10.1 and 7.10.3 (and perhaps others). Get
401 error even when providing proper user:password
information

PROBLEM
----------
Can't retreive an .htaccess limited URL if a non-htaccess
URL requested earlier via the same connection. The
Authorization: line is not sent even if set for the 2nd URL
via CURLOPT_USERPWD.

HOW TO REPRODUCE PROBLEM
------------------------------------
Requested the robots.txt file from a site. Then
requested an .htaccess limited page from the same site.
Used:
curl_easy_setopt(curl_handle, CURLOPT_USERPWD,
UserPassword);
to set the user:password prior to the 2nd request.

If the connection is still open and therefore reused, the
Authorization: HTTP header IS NOT SENT.

If I pause long enough (via sleep() or running in
debugger and waiting long enough), then the connection
was closed and a new connection opened. This new
connection DID send the Authorization: line and fetch the
file correctly. Only when a connection is opened without
an USERPWD, and then is reused after setting the
USERPWD does the problem occur.

LIBCURL VERBOSE OUTPUT
-------------------------------
Here is the (sanitized) HTTP Request from the first fetch:
* About to connect() to www.somesite.com:80
* Connected to www.somesite.com (XXX.XXX.XXX.XXX)
port 80
> GET /robots.txt HTTP/1.1
Cookie:
Host: www.somesite.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, */*

* Connection #0 left intact
* Re-using existing connection! (#0)
* Connected to (XXX.XXX.XXX.XXX) port 80
> GET /restricteddir/ HTTP/1.1
Cookie:
Host: www.somesite.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, */*

* Connection #0 left intact
==============================
And this is what it looks like when the connection closes
between fetches (code remains unchanged):

* About to connect() to www.somesite.com:80
* Connected to www.somesite.com (XXX.XXX.XXX.XXX)
port 80
> GET /robots.txt HTTP/1.1
Cookie:
Host: www.somesite.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, */*

* Connection #0 left intact
((AT THIS POINT I PAUSED IN THE DEBUGGER FOR 1
MINUTE TO FORCE THE CONNECTION TO CLOSE, THEN
CONTINUED))

* Connection 0 seems to be dead!
* Closing connection #0

* About to connect() to www.somesite.com:80
* Connected to www.somesite.com (XXX.XXX.XXX.XXX)
port 80
> GET /restricteddir/ HTTP/1.1
Authorization: Basic dXNlcjp0aGVwYXNzd29yZA==
Cookie:
Host: www.somesite.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, */*

* Connection #0 left intact

((NOTE THAT THE AUTHORIZATION: LINE IS PRESENT
THIS TIME))

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=707003&group_id=976

-------------------------------------------------------
This SF.net email is sponsored by: Tablet PC.
Does your code think in ink? You could win a Tablet PC.
Get a free Tablet PC hat just for playing. What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
Received on 2003-03-20