curl-users
Re: authentification fail with password larger than 127 char
From: Daniel Stenberg <daniel_at_haxx.se>
Date: Fri, 16 Dec 2005 11:52:59 +0100 (CET)
Date: Fri, 16 Dec 2005 11:52:59 +0100 (CET)
On Fri, 16 Dec 2005, Jean Jacques Drouin wrote:
> The trace analysis from ethereal shows that - with cURL - only the 127 first
> characters of the password are base64 encoded and sent to the server. My
> password is greater than 127 characters!
>
> I've tried with various lengths of <user>, <filename>.. to see if the limit
> was for the password itself or for the global url length: cURL always takes
> 127 chars of the sole password.
>
> I've not seen something related to such limit in the doc.
Yes indeed, the current code seems to restrict the length to 127 bytes. It is
actually a plain mistake since it keeps a buffer to store up to 255 bytes...
You up to fix it and send us a patch?
-- Commercial curl and libcurl Technical Support: http://haxx.se/curl.htmlReceived on 2005-12-16