diff --git a/ChangeLog b/ChangeLog index 04971607..770a7ade 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,22 @@ +2009-02-19 Tatsuhiro Tsujikawa + + Added --http-auth-challenge option. If it is set to true(by + default), aria2 sends HTTP authorization header only when it is + requested by the server. If false is set, then authorization + header is always sent to the server. This is useful for servers + that don't respond 401 code when authentication is required. + There is an exception: if username and password are embedded in + URI, authorization header is always sent to the server regardless + of this option. + * src/AuthConfigFactory.cc + * src/HttpSkipResponseCommand.cc + * src/OptionHandlerFactory.cc + * src/prefs.cc + * src/prefs.h + * src/usage_text.h + * test/AuthConfigFactoryTest.cc + * test/HttpRequestTest.cc + 2009-02-15 Tatsuhiro Tsujikawa * Release 1.2.0 diff --git a/src/AuthConfigFactory.cc b/src/AuthConfigFactory.cc index c5bf4f9f..054091bf 100644 --- a/src/AuthConfigFactory.cc +++ b/src/AuthConfigFactory.cc @@ -62,21 +62,27 @@ AuthConfigFactory::createAuthConfig(const RequestHandle& request) if(request->getProtocol() == Request::PROTO_HTTP || request->getProtocol() == Request::PROTO_HTTPS) { - if(!request->getUsername().empty()) { - // TODO setting "/" as path. Should we use request->getDir() instead? - updateBasicCred(BasicCred(request->getUsername(), request->getPassword(), - request->getHost(), "/", true)); - return createAuthConfig(request->getUsername(), request->getPassword()); - } - std::deque::const_iterator i = - findBasicCred(request->getHost(), request->getDir()); - if(i == _basicCreds.end()) { - return SharedHandle(); + if(_option->getAsBool(PREF_HTTP_AUTH_CHALLENGE)) { + if(!request->getUsername().empty()) { + // TODO setting "/" as path. Should we use request->getDir() instead? + updateBasicCred(BasicCred(request->getUsername(), request->getPassword(), + request->getHost(), "/", true)); + return createAuthConfig(request->getUsername(), request->getPassword()); + } + std::deque::const_iterator i = + findBasicCred(request->getHost(), request->getDir()); + if(i == _basicCreds.end()) { + return SharedHandle(); + } else { + return createAuthConfig((*i)._user, (*i)._password); + } } else { - return createAuthConfig((*i)._user, (*i)._password); + if(!request->getUsername().empty()) { + return createAuthConfig(request->getUsername(), request->getPassword()); + } else { + return createHttpAuthResolver()->resolveAuthConfig(request->getHost()); + } } - - return createHttpAuthResolver()->resolveAuthConfig(request->getHost()); } else if(request->getProtocol() == Request::PROTO_FTP) { if(!request->getUsername().empty()) { return createAuthConfig(request->getUsername(), request->getPassword()); diff --git a/src/HttpSkipResponseCommand.cc b/src/HttpSkipResponseCommand.cc index 83a5775d..f62be69c 100644 --- a/src/HttpSkipResponseCommand.cc +++ b/src/HttpSkipResponseCommand.cc @@ -159,7 +159,8 @@ bool HttpSkipResponseCommand::processResponse() return prepareForRetry(_httpResponse->getRetryAfter()); } else if(_httpResponse->getResponseStatus() >= HttpHeader::S400) { if(_httpResponse->getResponseStatus() == HttpHeader::S401) { - if(!_httpResponse->getHttpRequest()->authenticationUsed() && + if(e->option->getAsBool(PREF_HTTP_AUTH_CHALLENGE) && + !_httpResponse->getHttpRequest()->authenticationUsed() && e->getAuthConfigFactory()->activateBasicCred (req->getHost(), req->getDir())) { return prepareForRetry(0); diff --git a/src/OptionHandlerFactory.cc b/src/OptionHandlerFactory.cc index a7432944..2a38f6c9 100644 --- a/src/OptionHandlerFactory.cc +++ b/src/OptionHandlerFactory.cc @@ -561,6 +561,15 @@ OptionHandlers OptionHandlerFactory::createOptionHandlers() op->addTag(TAG_HTTP); handlers.push_back(op); } + { + SharedHandle op(new BooleanOptionHandler + (PREF_HTTP_AUTH_CHALLENGE, + TEXT_HTTP_AUTH_CHALLENGE, + V_TRUE, + OptionHandler::OPT_ARG)); + op->addTag(TAG_HTTP); + handlers.push_back(op); + } { SharedHandle op(new ParameterOptionHandler (PREF_HTTP_AUTH_SCHEME, diff --git a/src/prefs.cc b/src/prefs.cc index faaf4091..8b1a4a2e 100644 --- a/src/prefs.cc +++ b/src/prefs.cc @@ -199,6 +199,8 @@ const std::string PREF_CA_CERTIFICATE("ca-certificate"); const std::string PREF_CHECK_CERTIFICATE("check-certificate"); // value: true | false const std::string PREF_USE_HEAD("use-head"); +// value: true | false +const std::string PREF_HTTP_AUTH_CHALLENGE("http-auth-challenge"); /** * Proxy related preferences diff --git a/src/prefs.h b/src/prefs.h index a21f70e3..eb4b5938 100644 --- a/src/prefs.h +++ b/src/prefs.h @@ -203,6 +203,8 @@ extern const std::string PREF_CA_CERTIFICATE; extern const std::string PREF_CHECK_CERTIFICATE; // value: true | false extern const std::string PREF_USE_HEAD; +// value: true | false +extern const std::string PREF_HTTP_AUTH_CHALLENGE; /**; * Proxy related preferences diff --git a/src/usage_text.h b/src/usage_text.h index a0bacac0..1270d9f2 100644 --- a/src/usage_text.h +++ b/src/usage_text.h @@ -478,3 +478,11 @@ _(" --bt-external-ip=IPADDRESS Specify the external IP address to report to a\ " BitTorrent tracker. Although this function is\n"\ " named 'external', it can accept any kind of IP\n"\ " addresses.") +#define TEXT_HTTP_AUTH_CHALLENGE \ +_(" --http-auth-challenge[=true|false] Send HTTP authorization header only when it\n"\ + " is requested by the server. If false is set, then\n"\ + " authorization header is always sent to the server.\n"\ + " There is an exception: if username and password\n"\ + " are embedded in URI, authorization header is\n"\ + " always sent to the server regardless of this\n"\ + " option.") diff --git a/test/AuthConfigFactoryTest.cc b/test/AuthConfigFactoryTest.cc index 50364fb3..575c7d59 100644 --- a/test/AuthConfigFactoryTest.cc +++ b/test/AuthConfigFactoryTest.cc @@ -14,12 +14,14 @@ class AuthConfigFactoryTest:public CppUnit::TestFixture { CPPUNIT_TEST_SUITE(AuthConfigFactoryTest); CPPUNIT_TEST(testCreateAuthConfig_http); + CPPUNIT_TEST(testCreateAuthConfig_httpNoChallenge); CPPUNIT_TEST(testCreateAuthConfig_ftp); CPPUNIT_TEST(testUpdateBasicCred); CPPUNIT_TEST_SUITE_END(); public: void testCreateAuthConfig_http(); + void testCreateAuthConfig_httpNoChallenge(); void testCreateAuthConfig_ftp(); void testUpdateBasicCred(); }; @@ -34,6 +36,7 @@ void AuthConfigFactoryTest::testCreateAuthConfig_http() Option option; option.put(PREF_NO_NETRC, V_FALSE); + option.put(PREF_HTTP_AUTH_CHALLENGE, V_TRUE); AuthConfigFactory factory(&option); @@ -60,12 +63,11 @@ void AuthConfigFactoryTest::testCreateAuthConfig_http() factory.createAuthConfig(req)->getAuthText()); // See default token in netrc is ignored. - SharedHandle mirrorReq(new Request()); req->setUrl("http://mirror/"); CPPUNIT_ASSERT(!factory.activateBasicCred("mirror", "/")); - CPPUNIT_ASSERT(factory.createAuthConfig(mirrorReq).isNull()); + CPPUNIT_ASSERT(factory.createAuthConfig(req).isNull()); // with Netrc + user defined option.put(PREF_HTTP_USER, "userDefinedUser"); @@ -84,6 +86,52 @@ void AuthConfigFactoryTest::testCreateAuthConfig_http() factory.createAuthConfig(req)->getAuthText()); } +void AuthConfigFactoryTest::testCreateAuthConfig_httpNoChallenge() +{ + SharedHandle req(new Request()); + req->setUrl("http://localhost/download/aria2-1.0.0.tar.bz2"); + + Option option; + option.put(PREF_NO_NETRC, V_FALSE); + + AuthConfigFactory factory(&option); + + // without auth info + CPPUNIT_ASSERT(factory.createAuthConfig(req).isNull()); + + // with Netrc + SharedHandle netrc(new Netrc()); + netrc->addAuthenticator + (SharedHandle(new Authenticator("localhost", + "localhostuser", + "localhostpass", + "localhostacct"))); + netrc->addAuthenticator + (SharedHandle(new DefaultAuthenticator("default", "defaultpassword", "defaultaccount"))); + factory.setNetrc(netrc); + + // not activated + CPPUNIT_ASSERT_EQUAL(std::string("localhostuser:localhostpass"), + factory.createAuthConfig(req)->getAuthText()); + + // See default token in netrc is ignored. + req->setUrl("http://mirror/"); + + CPPUNIT_ASSERT(factory.createAuthConfig(req).isNull()); + + // with Netrc + user defined + option.put(PREF_HTTP_USER, "userDefinedUser"); + option.put(PREF_HTTP_PASSWD, "userDefinedPassword"); + + CPPUNIT_ASSERT_EQUAL(std::string("userDefinedUser:userDefinedPassword"), + factory.createAuthConfig(req)->getAuthText()); + + // username and password in URI + req->setUrl("http://aria2user:aria2password@localhost/download/aria2-1.0.0.tar.bz2"); + CPPUNIT_ASSERT_EQUAL(std::string("aria2user:aria2password"), + factory.createAuthConfig(req)->getAuthText()); +} + void AuthConfigFactoryTest::testCreateAuthConfig_ftp() { SharedHandle req(new Request()); @@ -128,6 +176,7 @@ void AuthConfigFactoryTest::testUpdateBasicCred() { Option option; option.put(PREF_NO_NETRC, V_FALSE); + option.put(PREF_HTTP_AUTH_CHALLENGE, V_TRUE); AuthConfigFactory factory(&option); diff --git a/test/HttpRequestTest.cc b/test/HttpRequestTest.cc index 57fe66f4..ba24a04c 100644 --- a/test/HttpRequestTest.cc +++ b/test/HttpRequestTest.cc @@ -41,7 +41,8 @@ private: public: void setUp() { - _option.reset(new Option()); + _option.reset(new Option()); + _option->put(PREF_HTTP_AUTH_CHALLENGE, V_TRUE); _authConfigFactory.reset(new AuthConfigFactory(_option.get())); }