[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 197/219: http_ntlm_wb: Handle auth for only a singl
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 197/219: http_ntlm_wb: Handle auth for only a single request |
|
Date: |
Wed, 22 May 2019 19:18:56 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 7ca7f82ba7c936cc01651e28b2ad92400ad4f7cc
Author: Steve Holme <address@hidden>
AuthorDate: Sat May 18 17:30:16 2019 +0100
http_ntlm_wb: Handle auth for only a single request
Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed. However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).
Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.
Missed in fe6049f0.
---
lib/curl_ntlm_wb.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index fa0ad95fb..80266e2a4 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -356,7 +356,11 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn,
*state = NTLMSTATE_TYPE2; /* We got a type-2 message */
}
else {
- if(*state == NTLMSTATE_TYPE3) {
+ if(*state == NTLMSTATE_LAST) {
+ infof(conn->data, "NTLM auth restarted\n");
+ Curl_http_auth_cleanup_ntlm_wb(conn);
+ }
+ else if(*state == NTLMSTATE_TYPE3) {
infof(conn->data, "NTLM handshake rejected\n");
Curl_http_auth_cleanup_ntlm_wb(conn);
*state = NTLMSTATE_NONE;
@@ -445,6 +449,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
return CURLE_OUT_OF_MEMORY;
conn->response_header = NULL;
break;
+
case NTLMSTATE_TYPE2:
input = aprintf("TT %s\n", conn->challenge_header);
if(!input)
@@ -466,11 +471,14 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
break;
+
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
* don't send a header in future requests */
- free(*allocuserpwd);
- *allocuserpwd = NULL;
+ *state = NTLMSTATE_LAST;
+ /* FALLTHROUGH */
+ case NTLMSTATE_LAST:
+ Curl_safefree(*allocuserpwd);
authp->done = TRUE;
break;
}
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnurl] 197/219: http_ntlm_wb: Handle auth for only a single request,
gnunet <=