In our application we use lcb_make_http_request() to retrieve statistics for a bucket (/pools/default/buckets/<bucket_name>). This worked fine in 2.4.7 and 2.7.0.
Now I trying to move 2.7.4 (because of another issue) and notice that the statistics can no longer retrieved: libcouchbase 2.7.4 now adds an Authenticator header with empty username/password to the HTTP request. The earlier versions I mentioned didn’t do that.
A quick look at the code suggests that the only case it will not do that is when cmdflag is set to LCB_CMDHTTP_F_NOUPASS, but seems not possible to set that with lcb_make_http_request().
Is there a way to prevent libcouchbase automagically set (empty) username/password in the outgoing HTTP request for lcb_make_http_request() ?
You can switch over to using the lcb_http3() API, which will prevent it from sending the header. You can still use your legacy callbacks installed via lcb_set_http_callback).
If you look in the source code, you’ll see that lcb_make_http_request() is a simple wrapper around lcb_http3. lcb_http3 should be available in 2.4.7 as well, so I’m not sure you’ll have an issue with that.
In any event, sending an Authentication header when there’s an empty username/password seems like a bug to me. I think I just figured out why…
If you already a patch for the empty username/password I can try that (I build the library from source anyway to use libevent2 on CentOS 6). Else I’ll change it to using the lcb_http3() call.