diff options
| author | Frank Meier <frank.meier@ergon.ch> | 2014-08-22 14:54:41 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2014-08-22 16:05:31 +0200 |
| commit | 63a0bd4270decef04e64fbe497b42f2c9e26c62b (patch) | |
| tree | 34f11e16c3952ab028e389bff296fa9a69f9dd0d | |
| parent | 98633c2a19a9248dbbbb489d57248e113aebc6fa (diff) | |
NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
Problem: if CURLOPT_FORBID_REUSE is set, requests using NTLM failed
since NTLM requires multiple requests that re-use the same connection
for the authentication to work
Solution: Ignore the forbid reuse flag in case the NTLM authentication
handshake is in progress, according to the NTLM state flag.
Fixed known bug #77.
| -rw-r--r-- | docs/KNOWN_BUGS | 4 | ||||
| -rw-r--r-- | lib/url.c | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 409a17703..a21fb194d 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -51,10 +51,6 @@ may have been fixed since this was written! any file at all. Like when using FTP. http://curl.haxx.se/bug/view.cgi?id=1063 -77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it - "abuses" the underlying connection re-use system and if connections are - forced to close they break the NTLM support. - 76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on that platform), and long is only 32 bits. It makes it impossible for curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET @@ -5859,7 +5859,8 @@ CURLcode Curl_done(struct connectdata **connp, } /* if data->set.reuse_forbid is TRUE, it means the libcurl client has - forced us to close this no matter what we think. + forced us to close this connection. This is ignored for requests taking + place in a NTLM authentication handshake if conn->bits.close is TRUE, it means that the connection should be closed in spite of all our efforts to be nice, due to protocol @@ -5871,7 +5872,10 @@ CURLcode Curl_done(struct connectdata **connp, we can add code that keep track of if we really must close it here or not, but currently we have no such detail knowledge. */ - if(data->set.reuse_forbid || conn->bits.close || premature) { + + if((data->set.reuse_forbid && !(conn->ntlm.state == NTLMSTATE_TYPE2 || + conn->proxyntlm.state == NTLMSTATE_TYPE2)) + || conn->bits.close || premature) { CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */ /* If we had an error already, make sure we return that one. But |