summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/ftp/fetch.c38
1 files changed, 21 insertions, 17 deletions
diff --git a/usr.bin/ftp/fetch.c b/usr.bin/ftp/fetch.c
index 133b6f85596..09707e8f5da 100644
--- a/usr.bin/ftp/fetch.c
+++ b/usr.bin/ftp/fetch.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: fetch.c,v 1.190 2020/02/19 07:29:53 yasuoka Exp $ */
+/* $OpenBSD: fetch.c,v 1.191 2020/02/19 12:39:38 jca Exp $ */
/* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
/*-
@@ -373,6 +373,26 @@ url_get(const char *origline, const char *proxyenv, const char *outfile, int las
errx(1, "%s: URL not permitted", newline);
path = strchr(host, '/'); /* Find path */
+
+#ifndef NOSSL
+ /*
+ * Look for auth header in host.
+ * Basic auth from RFC 2617, valid characters for path are in
+ * RFC 3986 section 3.3.
+ */
+ if (ishttpurl || ishttpsurl) {
+ p = strchr(host, '@');
+ if (p != NULL && (path == NULL || p < path)) {
+ *p++ = '\0';
+ credentials = recode_credentials(host);
+
+ /* Overwrite userinfo */
+ memmove(host, p, strlen(p) + 1);
+ path = strchr(host, '/');
+ }
+ }
+#endif /* !NOSSL */
+
if (EMPTYSTRING(path)) {
if (outfile) { /* No slash, but */
path = strchr(host,'\0'); /* we have outfile. */
@@ -392,22 +412,6 @@ url_get(const char *origline, const char *proxyenv, const char *outfile, int las
}
noslash:
-
-#ifndef NOSSL
- /*
- * Look for auth header in host, since now host does not
- * contain the path. Basic auth from RFC 2617, valid
- * characters for path are in RFC 3986 section 3.3.
- */
- if (ishttpurl || ishttpsurl) {
- if ((p = strchr(host, '@')) != NULL) {
- *p = '\0';
- credentials = recode_credentials(host);
- host = p + 1;
- }
- }
-#endif /* NOSSL */
-
if (outfile)
savefile = outfile;
else {