diff options
-rw-r--r-- | bitbake/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst | 5 | ||||
-rw-r--r-- | bitbake/lib/bb/fetch2/wget.py | 12 |
2 files changed, 16 insertions, 1 deletions
diff --git a/bitbake/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst b/bitbake/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst index 51ab233adc..0fc2d5e699 100644 --- a/bitbake/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst +++ b/bitbake/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst | |||
@@ -229,6 +229,11 @@ downloaded file is useful for avoiding collisions in | |||
229 | :term:`DL_DIR` when dealing with multiple files that | 229 | :term:`DL_DIR` when dealing with multiple files that |
230 | have the same name. | 230 | have the same name. |
231 | 231 | ||
232 | If a username and password are specified in the ``SRC_URI``, a Basic | ||
233 | Authorization header will be added to each request, including across redirects. | ||
234 | To instead limit the Authorization header to the first request, add | ||
235 | "redirectauth=0" to the list of parameters. | ||
236 | |||
232 | Some example URLs are as follows:: | 237 | Some example URLs are as follows:: |
233 | 238 | ||
234 | SRC_URI = "http://oe.handhelds.org/not_there.aac" | 239 | SRC_URI = "http://oe.handhelds.org/not_there.aac" |
diff --git a/bitbake/lib/bb/fetch2/wget.py b/bitbake/lib/bb/fetch2/wget.py index fd9b304961..d48998a98f 100644 --- a/bitbake/lib/bb/fetch2/wget.py +++ b/bitbake/lib/bb/fetch2/wget.py | |||
@@ -112,7 +112,17 @@ class Wget(FetchMethod): | |||
112 | fetchcmd += " -O %s" % shlex.quote(localpath) | 112 | fetchcmd += " -O %s" % shlex.quote(localpath) |
113 | 113 | ||
114 | if ud.user and ud.pswd: | 114 | if ud.user and ud.pswd: |
115 | fetchcmd += " --user=%s --password=%s --auth-no-challenge" % (ud.user, ud.pswd) | 115 | fetchcmd += " --auth-no-challenge" |
116 | if ud.parm.get("redirectauth", "1") == "1": | ||
117 | # An undocumented feature of wget is that if the | ||
118 | # username/password are specified on the URI, wget will only | ||
119 | # send the Authorization header to the first host and not to | ||
120 | # any hosts that it is redirected to. With the increasing | ||
121 | # usage of temporary AWS URLs, this difference now matters as | ||
122 | # AWS will reject any request that has authentication both in | ||
123 | # the query parameters (from the redirect) and in the | ||
124 | # Authorization header. | ||
125 | fetchcmd += " --user=%s --password=%s" % (ud.user, ud.pswd) | ||
116 | 126 | ||
117 | uri = ud.url.split(";")[0] | 127 | uri = ud.url.split(";")[0] |
118 | if os.path.exists(ud.localpath): | 128 | if os.path.exists(ud.localpath): |