proxy: make ConnectionExists() check credential of proxyconnections too

Previously it only compared credentials if the requested needle
connection wasn't using a proxy. This caused NTLM authentication
failures when using proxies as the authentication code wasn't send on
the connection where the challenge arrived.

Added test 1215 to verify: NTLM server authentication through a proxy
(This is a modified copy of test 67)

1 files changed, 12 insertions, 11 deletions

diff --git a/lib/url.c b/lib/url.c
index 33876478b..4399162a9 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2974,6 +2974,18 @@ ConnectionExists(struct SessionHandle *data,
           continue;
       }
 
+      if((needle->handler->protocol & CURLPROTO_FTP) ||
+         ((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) {
+         /* This is FTP or HTTP+NTLM, verify that we're using the same name
+            and password as well */
+         if(!strequal(needle->user, check->user) ||
+            !strequal(needle->passwd, check->passwd)) {
+            /* one of them was different */
+            continue;
+         }
+         credentialsMatch = TRUE;
+      }
+
       if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL ||
          (needle->bits.httpproxy && check->bits.httpproxy &&
           needle->bits.tunnel_proxy && check->bits.tunnel_proxy &&
@@ -3007,17 +3019,6 @@ ConnectionExists(struct SessionHandle *data,
               continue;
             }
           }
-          if((needle->handler->protocol & CURLPROTO_FTP) ||
-             ((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) {
-            /* This is FTP or HTTP+NTLM, verify that we're using the same name
-               and password as well */
-            if(!strequal(needle->user, check->user) ||
-               !strequal(needle->passwd, check->passwd)) {
-              /* one of them was different */
-              continue;
-            }
-            credentialsMatch = TRUE;
-          }
           match = TRUE;
         }
       }