diff options
author | Daniel Stenberg <daniel@haxx.se> | 2008-03-01 22:32:03 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2008-03-01 22:32:03 +0000 |
commit | 590f0358d86c402f94b329f2ce0d612cbb749c95 (patch) | |
tree | b49594ecbc71c0c9473c307875437101867b8f29 /lib | |
parent | 115446be3784f996cd4927191db55ae1613a897f (diff) |
- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
a re-used connection where both requests used Negotiate.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/http.c | 8 | ||||
-rw-r--r-- | lib/http_negotiate.c | 5 |
2 files changed, 10 insertions, 3 deletions
diff --git a/lib/http.c b/lib/http.c index 45cabd4b6..59a275d0d 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2358,6 +2358,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) te ); + /* + * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM + * with basic and digest, it will be freed anyway by the next request + */ + + Curl_safefree (conn->allocptr.userpwd); + conn->allocptr.userpwd = NULL; + if(result) return result; diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index c584e28a6..5baa58426 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -255,7 +255,6 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) { struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg: &conn->data->state.negotiate; - OM_uint32 minor_status; char *encoded = NULL; int len; @@ -309,7 +308,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "", neg_ctx->protocol, encoded); free(encoded); - gss_release_buffer(&minor_status, &neg_ctx->output_token); + Curl_cleanup_negotiate (conn->data); return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK; } |