diff --git a/lib/http.c b/lib/http.c
index f976987111..0f826f0596 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2046,6 +2046,9 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
data->state.first_remote_protocol = conn->scheme->protocol;
}
curlx_safefree(aptr->host);
+#ifndef CURL_DISABLE_COOKIES
+ curlx_safefree(data->req.cookiehost);
+#endif
ptr = Curl_checkheaders(data, STRCONST("Host"));
if(ptr && (!data->state.this_is_a_follow ||
@@ -2081,8 +2084,7 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
if(colon)
*colon = 0; /* The host must not include an embedded port number */
}
- curlx_free(aptr->cookiehost);
- aptr->cookiehost = cookiehost;
+ data->req.cookiehost = cookiehost;
}
#endif
@@ -2577,8 +2579,8 @@ static CURLcode http_cookies(struct Curl_easy *data,
if(data->cookies && data->state.cookie_engine) {
bool okay;
- const char *host = data->state.aptr.cookiehost ?
- data->state.aptr.cookiehost : data->conn->host.name;
+ const char *host = data->req.cookiehost ?
+ data->req.cookiehost : data->conn->host.name;
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
result = Curl_cookie_getlist(data, data->conn, &okay, host, &list);
if(!result && okay) {
@@ -3578,8 +3580,8 @@ static CURLcode http_header_s(struct Curl_easy *data,
if(v) {
/* If there is a custom-set Host: name, use it here, or else use
* real peer hostname. */
- const char *host = data->state.aptr.cookiehost ?
- data->state.aptr.cookiehost : conn->host.name;
+ const char *host = data->req.cookiehost ?
+ data->req.cookiehost : conn->host.name;
const bool secure_context = Curl_secure_context(conn, host);
CURLcode result;
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
diff --git a/lib/request.c b/lib/request.c
index a76c1a9b6c..c414383dc0 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -118,6 +118,9 @@ void Curl_req_hard_reset(struct SingleRequest *req, struct Curl_easy *data)
curlx_safefree(req->userpwd);
#ifndef CURL_DISABLE_PROXY
curlx_safefree(req->proxyuserpwd);
+#endif
+#ifndef CURL_DISABLE_COOKIES
+ curlx_safefree(req->cookiehost);
#endif
Curl_client_reset(data);
if(req->sendbuf_init)
diff --git a/lib/request.h b/lib/request.h
index 391493a112..6948d79be7 100644
--- a/lib/request.h
+++ b/lib/request.h
@@ -118,6 +118,9 @@ struct SingleRequest {
#ifndef CURL_DISABLE_PROXY
char *proxyuserpwd; /* proxy auth header */
#endif
+#ifndef CURL_DISABLE_COOKIES
+ char *cookiehost;
+#endif
#ifndef CURL_DISABLE_COOKIES
unsigned char setcookies;
#endif
diff --git a/lib/url.c b/lib/url.c
index 237d674cc9..c8a1fb276e 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -290,7 +290,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
curlx_safefree(data->state.aptr.ref);
curlx_safefree(data->state.aptr.host);
#ifndef CURL_DISABLE_COOKIES
- curlx_safefree(data->state.aptr.cookiehost);
+ curlx_safefree(data->req.cookiehost);
#endif
#ifndef CURL_DISABLE_RTSP
curlx_safefree(data->state.aptr.rtsp_transport);
diff --git a/lib/urldata.h b/lib/urldata.h
index 97f29b000c..f83c006e72 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -804,9 +804,6 @@ struct UrlState {
char *rangeline;
char *ref;
char *host;
-#ifndef CURL_DISABLE_COOKIES
- char *cookiehost;
-#endif
#ifndef CURL_DISABLE_RTSP
char *rtsp_transport;
#endif
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 3003dce03b..673a12d3d2 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -265,7 +265,7 @@ test2309 \
\
test2400 test2401 test2402 test2403 test2404 test2405 test2406 test2407 \
\
-test2500 test2501 test2502 test2503 \
+test2500 test2501 test2502 test2503 test2504 \
\
test2600 test2601 test2602 test2603 test2604 test2605 \
\
diff --git a/tests/data/test2504 b/tests/data/test2504
new file mode 100644
index 0000000000..8cec1c8210
--- /dev/null
+++ b/tests/data/test2504
@@ -0,0 +1,52 @@
+
+
+
+
+HTTP
+cookies
+
+
+
+# Server-side
+
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: server.example.com
+Content-Length: 47
+Set-Cookie: sid=SECRET123; Path=/
+
+file contents should appear once for each file
+
+
+
+# Client-side
+
+
+http
+
+
+lib%TESTNUMBER
+
+
+custom Host with cookie, handle reuse, no custom Host:
+
+
+http://%HOSTIP:%HTTPPORT
+
+
+
+# Verify data after the test has been "shot"
+
+
+GET / HTTP/1.1
+Host: victim.internal
+Accept: */*
+
+GET / HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+
+
+
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 713197962c..249c6fda87 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -112,7 +112,7 @@ TESTS_C = \
lib2023.c lib2032.c lib2082.c \
lib2301.c lib2302.c lib2304.c lib2306.c lib2308.c lib2309.c \
lib2402.c lib2404.c lib2405.c \
- lib2502.c \
+ lib2502.c lib2504.c \
lib2700.c \
lib3010.c lib3025.c lib3026.c lib3027.c lib3033.c lib3034.c \
lib3100.c lib3101.c lib3102.c lib3103.c lib3104.c lib3105.c \
diff --git a/tests/libtest/lib2504.c b/tests/libtest/lib2504.c
new file mode 100644
index 0000000000..72b965d6e6
--- /dev/null
+++ b/tests/libtest/lib2504.c
@@ -0,0 +1,93 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Linus Nielsen Feltzing
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "first.h"
+
+#include "testtrace.h"
+
+static size_t sink2504(char *ptr, size_t size, size_t nmemb, void *ud)
+{
+ (void)ptr;
+ (void)ud;
+ return size * nmemb;
+}
+
+static void dump_cookies2504(CURL *h, const char *tag)
+{
+ struct curl_slist *cookies = NULL;
+ struct curl_slist *nc;
+ CURLcode rc = curl_easy_getinfo(h, CURLINFO_COOKIELIST, &cookies);
+
+ curl_mprintf("== %s ==\n", tag);
+ if(rc) {
+ curl_mprintf("getinfo error: %d\n", (int)rc);
+ return;
+ }
+ for(nc = cookies; nc; nc = nc->next)
+ puts(nc->data);
+ curl_slist_free_all(cookies);
+}
+
+static CURLcode test_lib2504(const char *URL)
+{
+ CURL *curl;
+ CURLcode result = CURLE_OUT_OF_MEMORY;
+ struct curl_slist *hdrs = NULL;
+
+ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
+ curl_mfprintf(stderr, "curl_global_init() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ curl = curl_easy_init();
+ if(!curl) {
+ curl_mfprintf(stderr, "curl_easy_init() failed\n");
+ curl_global_cleanup();
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ hdrs = curl_slist_append(hdrs, "Host: victim.internal");
+ if(hdrs) {
+ test_setopt(curl, CURLOPT_WRITEFUNCTION, sink2504);
+ test_setopt(curl, CURLOPT_COOKIEFILE, "");
+ test_setopt(curl, CURLOPT_HTTPHEADER, hdrs);
+ test_setopt(curl, CURLOPT_URL, URL);
+
+ result = curl_easy_perform(curl);
+ curl_mprintf("req1=%d\n", (int)result);
+ dump_cookies2504(curl, "after request 1");
+
+ test_setopt(curl, CURLOPT_HTTPHEADER, NULL);
+ test_setopt(curl, CURLOPT_URL, URL);
+
+ result = curl_easy_perform(curl);
+ curl_mprintf("req2=%d\n", (int)result);
+ dump_cookies2504(curl, "after request 2");
+ }
+test_cleanup:
+ curl_slist_free_all(hdrs);
+ curl_easy_cleanup(curl);
+ curl_global_cleanup();
+
+ return result;
+}