aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2014-10-26 14:26:39 +0000
committerSteve Holme <steve_holme@hotmail.com>2014-10-26 14:33:19 +0000
commit9c613ade7a7157d51db227e9070e8de555ae3053 (patch)
tree1a5eb26c51a9c03606c80a27756061570e5e73da
parent382cee0a7714f091ee9b6143a92abe7e7a3d7cd8 (diff)
sspi: Only call CompleteAuthToken() when complete is needed
Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code.
-rw-r--r--lib/curl_ntlm_msgs.c6
-rw-r--r--lib/curl_sasl_sspi.c6
2 files changed, 6 insertions, 6 deletions
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c
index 1edefd7a2..f0c502d2a 100644
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@@ -497,10 +497,10 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
ntlm->context, &type_1_desc,
&attrs, &tsDummy);
- if(status == SEC_I_COMPLETE_AND_CONTINUE ||
- status == SEC_I_CONTINUE_NEEDED)
+ if(status == SEC_I_COMPLETE_NEEDED ||
+ status == SEC_I_COMPLETE_AND_CONTINUE)
s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
- else if(status != SEC_E_OK)
+ else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED)
return CURLE_RECV_ERROR;
size = type_1_buf.cbBuffer;
diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c
index 3875b9bb7..cdd8b29cf 100644
--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -232,10 +232,10 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
&chlg_desc, 0, &ctx,
&resp_desc, &attrs, &tsDummy);
- if(status == SEC_I_COMPLETE_AND_CONTINUE ||
- status == SEC_I_CONTINUE_NEEDED)
+ if(status == SEC_I_COMPLETE_NEEDED ||
+ status == SEC_I_COMPLETE_AND_CONTINUE)
s_pSecFn->CompleteAuthToken(&handle, &resp_desc);
- else if(status != SEC_E_OK) {
+ else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
s_pSecFn->FreeCredentialsHandle(&handle);
Curl_sspi_free_identity(&identity);
Curl_safefree(spn);