aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2008-03-01 22:32:03 +0000
committerDaniel Stenberg <daniel@haxx.se>2008-03-01 22:32:03 +0000
commit590f0358d86c402f94b329f2ce0d612cbb749c95 (patch)
treeb49594ecbc71c0c9473c307875437101867b8f29 /lib
parent115446be3784f996cd4927191db55ae1613a897f (diff)
- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
a re-used connection where both requests used Negotiate.
Diffstat (limited to 'lib')
-rw-r--r--lib/http.c8
-rw-r--r--lib/http_negotiate.c5
2 files changed, 10 insertions, 3 deletions
diff --git a/lib/http.c b/lib/http.c
index 45cabd4b6..59a275d0d 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2358,6 +2358,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
te
);
+ /*
+ * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
+ * with basic and digest, it will be freed anyway by the next request
+ */
+
+ Curl_safefree (conn->allocptr.userpwd);
+ conn->allocptr.userpwd = NULL;
+
if(result)
return result;
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index c584e28a6..5baa58426 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -255,7 +255,6 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
{
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
&conn->data->state.negotiate;
- OM_uint32 minor_status;
char *encoded = NULL;
int len;
@@ -309,7 +308,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",
neg_ctx->protocol, encoded);
free(encoded);
- gss_release_buffer(&minor_status, &neg_ctx->output_token);
+ Curl_cleanup_negotiate (conn->data);
return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
}