cURL 和密码包含冒号

Posted

技术标签:

【中文标题】cURL 和密码包含冒号【英文标题】:cURL and password containing colon 【发布时间】:2017-03-22 07:50:22 【问题描述】:

我正在开发 OpenSuse,我尝试通过 cURL 实用程序将数据上传到 dashDB 本地环境。当我使用带有简单密码(没有“特殊”字符)的用户/密码时,它运行良好,但是当密码包含冒号时,它总是失败,无论以何种方式指定一对用户名/密码。

任务工作:

curl -X POST -H "Content-Type: multipart/form-data" -u "myuser:mypassword" "https://my_url" -F loadFile1=@"inputfile"

"result":...,"resultCode":"SUCCESS","errorMessageCode":"NONE","message":"LOAD started successfully."

任务不工作:

curl -X POST -H "Content-Type: multipart/form-data" -u "myuser:my:password" "https://my_url" -F loadFile1=@"inputfile"

Error 401: Basic authorization - bad header

我尝试了一些方法,例如转义冒号,将其替换为 '%3A',将其放入 .netrc 文件中,将其直接放入 url (https://myuser:my:password@my_url) 等,但对于每种情况,它都失败了...

我很确定不是 cURL 失败了,因为当我通过 cURL 对 Cloudant 环境执行类似任务时,密码中带有冒号,它运行良好:

[i1058@lat111 ~]$ curl -X POST -H "Content-Type: application/json" -u "myuser:my:password" http://myuser.cloudant.com/mydb/_bulk_docs -d "@inputfile"
["ok":true,"id":"125ac5859f1e6f0de25e0ed33abd3198","rev":"1-c7e75ed33e6efae85d053acc1008c2c6",...]

任何想法如何指定这样的密码?

编辑:

这是两个执行的标题:

工作执行:

[i1058@lat111 ~]$ curl -X POST -H "Content-Type: multipart/form-data" "https://user1:infotel0@192.168.42.219:8443/dashdb-api/load/local/del/USER1.EMPLOYEE?hasHeaderRow=false&delimiter=','&codePage=1208&hasDateTypes=true&dateFormat="YYYY-MM-DD"" -F loadFile1=@"outfile" -v
* About to connect() to proxy 192.168.42.219 port 3128 (#0)
*   Trying 192.168.42.219...
* Connected to 192.168.42.219 (192.168.42.219) port 3128 (#0)
* Establish HTTP proxy tunnel to 192.168.42.219:8443
* Server auth using Basic with user 'user1'
> CONNECT 192.168.42.219:8443 HTTP/1.1
> Host: 192.168.42.219:8443
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 Connection established
< Date: Wed, 22 Mar 2017 13:24:05 GMT
< Content-Type: text/html
< Proxy-Connection: Keep-Alive
< Via: 1.1 TO-PROXY.****
< Connection: close
< 
* Proxy replied OK to CONNECT request
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
*       subject: CN=localhost,OU=dsweb,O=ibm,C=us
*       start date: Sep 08 17:37:29 2016 GMT
*       expire date: Sep 08 17:37:29 2017 GMT
*       common name: localhost
*       issuer: CN=localhost,OU=dsweb,O=ibm,C=us
* Server auth using Basic with user 'user1'
> POST /dashdb-api/load/local/del/USER1.EMPLOYEE?hasHeaderRow=false&delimiter=','&codePage=1208&hasDateTypes=true&dateFormat=YYYY-MM-DD HTTP/1.1
> Authorization: Basic dXNlcjE6aW5mb3RlbDA=
> User-Agent: curl/7.29.0
> Host: 192.168.42.219:8443
> Accept: */*
> Content-Length: 5260
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=----------------------------cbd0c10a30ab
> 
< HTTP/1.1 100 Continue
< Content-Length: 0
< Date: Wed, 22 Mar 2017 13:24:06 GMT
< HTTP/1.1 200 OK
< Date: Wed, 22 Mar 2017 13:24:06 GMT
< X-Powered-By: Servlet/3.0
< Content-Type: application/json
< Content-Length: 423
< Set-Cookie: dsweb9302=00008jj9QpxOaIwwbWcGZddJ9V8:91d35242-6b49-4d90-9c18-5543188442ec; Path=/; HttpOnly
< Expires: Thu, 01 Dec 1994 16:00:00 GMT
< Cache-Control: no-cache="set-cookie, set-cookie2"
< 
"result":"ROWS_COMMITTED":"","LOAD_LOGFILE":"loadlogs\/load_1982878712_USER1_EMPLOYEE_20170322-132406-UTC.txt","START_TIME":"20170322 13:24:06 UTC","LOAD_STATUS":"RUNNING","LOAD_ID":1982878712,"ROWS_LOADED":"","TABLE":"EMPLOYEE","ROWS_SKIPPED":"","END_TIME":"","SCHEMA":"USER1","ROWS_READ":"","ROWS_DELETED":"","ROWS_REJECTED":"","resultCode":"SUCCESS","errorMessageCode":"NONE","message":"LOAD started successfully."
* Connection #0 to host 192.168.42.219 left intact

然后是失败的:

[i1058@lat111 ~]$ curl -X POST -H "Content-Type: multipart/form-data" "https://user5:infotel%3A0@192.168.42.219:8443/dashdb-api/load/local/del/USER1.EMPLOYEE?hasHeaderRow=false&delimiter=','&codePage=1208&hasDateTypes=true&dateFormat="YYYY-MM-DD"" -F loadFile1=@"outfile" -v       
* About to connect() to proxy 192.168.42.219 port 3128 (#0)
*   Trying 192.168.42.219...
* Connected to 192.168.42.219 (192.168.42.219) port 3128 (#0)
* Establish HTTP proxy tunnel to 192.168.42.219:8443
* Server auth using Basic with user 'user5'
> CONNECT 192.168.42.219:8443 HTTP/1.1
> Host: 192.168.42.219:8443
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 Connection established
< Date: Wed, 22 Mar 2017 13:22:23 GMT
< Content-Type: text/html
< Proxy-Connection: Keep-Alive
< Via: 1.1 TO-PROXY.****
< Connection: close
< 
* Proxy replied OK to CONNECT request
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
*       subject: CN=localhost,OU=dsweb,O=ibm,C=us
*       start date: Sep 08 17:37:29 2016 GMT
*       expire date: Sep 08 17:37:29 2017 GMT
*       common name: localhost
*       issuer: CN=localhost,OU=dsweb,O=ibm,C=us
* Server auth using Basic with user 'user5'
> POST /dashdb-api/load/local/del/USER1.EMPLOYEE?hasHeaderRow=false&delimiter=','&codePage=1208&hasDateTypes=true&dateFormat=YYYY-MM-DD HTTP/1.1
> Authorization: Basic dXNlcjU6aW5mb3RlbDow
> User-Agent: curl/7.29.0
> Host: 192.168.42.219:8443
> Accept: */*
> Content-Length: 5260
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=----------------------------69215f2ae3da
> 
< HTTP/1.1 100 Continue
< Content-Length: 0
< Date: Wed, 22 Mar 2017 13:22:24 GMT
< HTTP/1.1 401 Unauthorized
< Date: Wed, 22 Mar 2017 13:22:24 GMT
< X-Powered-By: Servlet/3.0
< Content-Type: text/html;charset=UTF-8
< $WSEP:                  <-- Here there is something strange??
< Content-Language: en-US
< Set-Cookie: dsweb9302=0000ihijrP8WYwpQW8TCOzRB-gv:91d35242-6b49-4d90-9c18-5543188442ec; Path=/; HttpOnly
< Transfer-Encoding: chunked
< Expires: Thu, 01 Dec 1994 16:00:00 GMT
< Cache-Control: no-cache="set-cookie, set-cookie2"
* HTTP error before end of send, stop sending
< 
Error 401: Basic authorization - bad header
* Closing connection 0
[i1058@lat111 ~]$ curl -X POST -H "Content-Type: multipart/form-data" "https://user5:infotel%3A0@192.168.42.219:8443/dashdb-api/load/local/del/USER1.EMPLOYEE?hasHeaderRow=false&delimiter=','&codePage=1208&hasDateTypes=true&dateFormat="YYYY-MM-DD"" -F loadFile1=@"outfile" 
Error 401: Basic authorization - bad header

【问题讨论】:

如描述中所述,我已经尝试使用 '%3A' 或 '%3a',但没有成功:( 它说“错误的标头”,也许检查您发送的标头会发现什么?我的意思是在输入 URL 时将 URL 编码为 %3a,当用于 -u 选项时,它会在第一个冒号上拆分用户/密码,因此第二个冒号将成为密码的一部分。 我想我已经尝试过了,但要确保我现在重试:"curl ... "https://myuser%3Amy%3Apassword@myurl" ..." 不起作用,我对这个 url 规范是否正确?我用详细选项查看了标题,但我不是专家。对于工作和失败的执行,我有HTTP/1.1 100 Continue,然后我有工作的:&lt; Content-Type: application/json &lt; Content-Length: 423,失败的:&lt; Content-Type: text/html;charset=UTF-8 &lt; $WSEP: &lt; Content-Language: en-US。我不知道这是否意味着什么 您仍然需要 一个 冒号将用户与 URL 中的密码分开。并请添加您回到问题的响应标题! 找到任何解决方案了吗?你试过使用变量吗?将用户和密码存储在不同的变量中,然后使用这些变量运行命令行? 【参考方案1】:

最近在使用需要 username:usergroup 作为用户名传递的 API 进行身份验证时遇到了类似的问题,中间有一个冒号。在 username:usergroup 周围添加双引号对我有用。

这不起作用:

-u "username:usergroup:password"

这确实有效:

-u ""username:usergroup":password"

因此,这应该适用于包含冒号的密码:

-u "username:"password""

【讨论】:

以上是关于cURL 和密码包含冒号的主要内容,如果未能解决你的问题,请参考以下文章

在nodejs中使用--user选项卷曲

使用cURL和用户名和密码?

json的数据里包含冒号怎么处理

从包含冒号 (:) 的查询参数名称中读取值

使用包含冒号、':,' 的变量作为选择器

Linux实验三: shell 编程