diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2008-03-01 22:32:03 +0000 | 
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2008-03-01 22:32:03 +0000 | 
| commit | 590f0358d86c402f94b329f2ce0d612cbb749c95 (patch) | |
| tree | b49594ecbc71c0c9473c307875437101867b8f29 | |
| parent | 115446be3784f996cd4927191db55ae1613a897f (diff) | |
- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
  a re-used connection where both requests used Negotiate.
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | RELEASE-NOTES | 4 | ||||
| -rw-r--r-- | TODO-RELEASE | 2 | ||||
| -rw-r--r-- | lib/http.c | 8 | ||||
| -rw-r--r-- | lib/http_negotiate.c | 5 | 
5 files changed, 17 insertions, 6 deletions
| @@ -6,6 +6,10 @@                                    Changelog +Daniel S (1 Mar 2008) +- Anatoli Tubman found and fixed a crash with Negotiate authentication used on +  a re-used connection where both requests used Negotiate. +  Guenter Knauf (26 Feb 2008)  - Kaspar Brand provided a patch to support server name indication (RFC 4366). diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 71195e25a..a940cf07a 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -32,6 +32,7 @@ This release includes the following bugfixes:   o test case 405 failures with GnuTLS builds   o crash when connection cache size is 1 and Curl_do() failed   o GnuTLS-built libcurl can now be forced to prefer SSLv3 + o crash when doing Negotiate again on a re-used connection  This release includes the following known bugs: @@ -50,6 +51,7 @@ advice from friends like these:   Michal Marek, Dmitry Kurochkin, Niklas Angebrand, Günter Knauf, Yang Tse,   Dan Fandrich, Mike Hommey, Pooyan McSporran, Jerome Muffat-Meridol, - Kaspar Brand, Gautam Kachroo, Zmey Petroff, Georg Lippitsch, Sam Listopad + Kaspar Brand, Gautam Kachroo, Zmey Petroff, Georg Lippitsch, Sam Listopad, + Anatoli Tubman          Thanks! (and sorry if I forgot to mention someone) diff --git a/TODO-RELEASE b/TODO-RELEASE index 65289df2b..10787e68e 100644 --- a/TODO-RELEASE +++ b/TODO-RELEASE @@ -6,8 +6,6 @@ To be addressed before 7.18.1 (planned release: April 2008)  123 - Mike Protts' SFTP resume download -124 - Anatoli Tubman's fix for a Negotiate: crash -  125 - Michal Marek's typechecker-gcc work  126 - diff --git a/lib/http.c b/lib/http.c index 45cabd4b6..59a275d0d 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2358,6 +2358,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)                    te                  ); +    /* +     * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM +     * with basic and digest, it will be freed anyway by the next request +     */ + +    Curl_safefree (conn->allocptr.userpwd); +    conn->allocptr.userpwd = NULL; +      if(result)        return result; diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index c584e28a6..5baa58426 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -5,7 +5,7 @@   *                            | (__| |_| |  _ <| |___   *                             \___|\___/|_| \_\_____|   * - * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.   *   * This software is licensed as described in the file COPYING, which   * you should have received as part of this distribution. The terms @@ -255,7 +255,6 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)  {    struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:      &conn->data->state.negotiate; -  OM_uint32 minor_status;    char *encoded = NULL;    int len; @@ -309,7 +308,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)      aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",              neg_ctx->protocol, encoded);    free(encoded); -  gss_release_buffer(&minor_status, &neg_ctx->output_token); +  Curl_cleanup_negotiate (conn->data);    return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;  } | 
