Bugs item #2956968, was opened at 2010-02-23 01:01
Message generated for change (Comment added) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2956968&group_id=976
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: http
Group: wrong behaviour
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Sidney San Martín (sidneysm)
Assigned to: Daniel Stenberg (bagder)
Summary: Can't PUT file from stdin with https and digest auth
Initial Comment:
I'm unable to PUT a file from stdin (-T -) when using an HTTPS server and digest authentication. If I change any of the three variables (specify a filename on -T, don't use digest auth, or use plain HTTP), the PUT succeeds. Attached is a trace. The command line used to generate it was:
curl --digest -k -u user:pass --trace trace_iphone -T - https://172.20.1.32/file3.txt < file
cURL version 7.20.0.
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-07-06 23:27
Message:
Thanks for the report, this problem is now fixed in the git repository.
To try it out, you either checkout/update your git clone:
http://curl.haxx.se/source.html
or you try tomorrow's daily snapshot: http://curl.haxx.se/snapshots/
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-07-06 16:51
Message:
--anyauth does not work with data from stdin, but that is a separate issue
than this bug really.
I think we should make the --anyauth with "-T -" or "-d @-" etc cause a
warning to get displayed, and it should be documented.
----------------------------------------------------------------------
Comment By: Sidney San Martín (sidneysm)
Date: 2010-07-06 01:21
Message:
Behaves correctly (as far as I can tell)!
I'm still concerned about --anyauth. I believe that the data must be sent
on both attempts in that case, which doesn't work for stdin.
The only option might be providing better handling than "(65) seek
callback returned error 2" and/or a warning in the -T or --anyauth doc.
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-07-05 23:14
Message:
Very convincing arguments and reasoning. I totally buy that's what's going
on.
Can you try the following patch and see if it makes anything better? It is
an attempt to avoid enabling chunked mode while in the auth negotiation
phase so it should not send the "Transfer-Encoding: chunked" that early:
--- a/lib/http.c
+++ b/lib/http.c
@@ -2222,7 +2222,10 @@ CURLcode Curl_http(struct connectdata *conn, bool
*done)
if((conn->protocol&PROT_HTTP) &&
data->set.upload &&
(data->set.infilesize == -1)) {
- if (use_http_1_1(data, conn)) {
+ if(conn->bits.authneg)
+ /* don't enable chunked during auth neg */
+ ;
+ else if(use_http_1_1(data, conn)) {
/* HTTP, upload, unknown file size and not HTTP 1.0 */
data->req.upload_chunky = TRUE;
}
----------------------------------------------------------------------
Comment By: Sidney San Martín (sidneysm)
Date: 2010-07-05 20:00
Message:
I just spent a little while playing around this issue and, but I think I
pinned it down. Let me know if this makes sense. If so, it might be an easy
fix.
HTTPS no longer appears to be related.
When a PUT is made with digest auth (`curl --digest -T file
http://example.com/newfile`), curl performs the initial request with a
Content-Length of 0, and sends no data. The server responds, hopefully with
a WWW-Authenticate header that includes the needed auth information, and
curl makes the request again with the Authorization header, the correct
length, and the request body.
This is broken with chunked uploads. Instead of Content-Length: 0, curl
sends Transfer-Encoding: chunked on the initial request, but sends no data
(i.e. curl still acts as if it sent Content-Length:0). The connection sits
open with the server waiting for data, and curl waiting for a response.
Fix: even with chunked uploads, Content-Length: 0 should be sent in the
initial request for authorization.
Let me know if that doesn't cover it, or if you still need a test server
(the one I've been experimenting with is pretty hacky and noncompliant at
the moment).
----------------------------------------------------------------------
Comment By: Sidney San Martín (sidneysm)
Date: 2010-06-29 00:53
Message:
I've been meaning to set up a test URL; thanks for the poke.
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-06-28 23:48
Message:
Can you please help us out with a URL and command line that repeats this
problem?
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-06-16 09:39
Message:
I don't have any really good way, no.
I did write up a test case for the curl test suite, but that gets really
limited due to how the HTTP test server works so the case doesn't exactly
match how a real-world server acts. Do you have a decent way to repeat the
problem against a public URL?
That, and the eternal question of actually finding time and energy to work
on the issue.
----------------------------------------------------------------------
Comment By: Sidney San Martín (sidneysm)
Date: 2010-06-15 04:10
Message:
You can reproduce the issue manually, right? If not, I'd be happy to help
narrow it down.
If so, I'll stop poking you :) .
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-04-10 14:08
Message:
Thanks. I've had trouble repeating this problem with our test suite, as it
is kind of limited in functionality to run this scenario, but I'll continue
and see if I can't push it into compliance so that I can debug this in this
controlled environment.
----------------------------------------------------------------------
Comment By: Sidney San Martín (sidneysm)
Date: 2010-04-07 01:43
Message:
--anyauth results in different behavior. Where --digest just hangs after
the first Continue (never tries to send any data), --anyauth outputs "curl:
(65) seek callback returned error 2" and exits. --trace shows that it
successfully sends the data once and throws the error after receiving the
401 response and headers.
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-04-06 23:15
Message:
Thanks for reporting this issue and helping us improve curl and libcurl.
We're awaiting feedback in this issue. Due to this, I have set the state
of this issue to pending and it will automatically get closed later on
unless we get further info.
Please consider answering the outstanding questions or providing the
missing info so that we can proceed to resolve this issue!
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2010-04-04 22:58
Message:
What happens if you use --anyauth instead of Digest?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2956968&group_id=976
Received on 2010-07-06