diff options
author | Daniel Stenberg <daniel@haxx.se> | 2015-04-17 23:23:42 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-04-17 23:23:42 +0200 |
commit | 2eb02480ef9d8a077be333a7cc36e04e722d96b4 (patch) | |
tree | f1dc74ef8caa849ad7f25cd4615382df56dbd8af /lib | |
parent | f70112522f2aad60c0c193721b828c88356a935c (diff) |
Revert "HTTP: don't abort connections with pending Negotiate authentication"
This reverts commit 5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6.
Bug: https://github.com/bagder/curl/issues/223
Reported-by: Michael Osipov
Diffstat (limited to 'lib')
-rw-r--r-- | lib/http.c | 112 |
1 files changed, 30 insertions, 82 deletions
diff --git a/lib/http.c b/lib/http.c index efd6b524b..4c1cfc549 100644 --- a/lib/http.c +++ b/lib/http.c @@ -345,82 +345,6 @@ static bool pickoneauth(struct auth *pick) return picked; } -/* whether to complete request (for authentication) in current connection */ -static bool complete_request(struct connectdata *conn, - curl_off_t remaining_bytes) -{ -#if defined(USE_NTLM) || defined(USE_SPNEGO) - struct SessionHandle *data = conn->data; - bool have_ntlm_or_negotiate = FALSE; - bool auth_started = FALSE; - - /* don't reset connection when we're in NTLM or Negotiate authentication; - * those authenticate the connection - creating a new connection breaks the - * authentication. - */ - -#if defined(USE_NTLM) - /* proxy NTLM authentication */ - if((data->state.authproxy.picked == CURLAUTH_NTLM) || - (data->state.authproxy.picked == CURLAUTH_NTLM_WB)) { - have_ntlm_or_negotiate = TRUE; - auth_started = auth_started - || (conn->proxyntlm.state != NTLMSTATE_NONE); - } - - /* normal NTLM authentication */ - if((data->state.authhost.picked == CURLAUTH_NTLM) || - (data->state.authhost.picked == CURLAUTH_NTLM_WB)) { - have_ntlm_or_negotiate = TRUE; - auth_started = auth_started - || (conn->ntlm.state != NTLMSTATE_NONE); - } -#endif - -#if defined(USE_SPNEGO) - /* proxy Negotiate authentication */ - if(data->state.authproxy.picked == CURLAUTH_NEGOTIATE) { - have_ntlm_or_negotiate = TRUE; - auth_started = auth_started - || (data->state.proxyneg.state != GSS_AUTHNONE); - } - - /* normal Negotiate authentication */ - if(data->state.authhost.picked == CURLAUTH_NEGOTIATE) { - have_ntlm_or_negotiate = TRUE; - auth_started = auth_started - || (data->state.negotiate.state != GSS_AUTHNONE); - } -#endif - - if(have_ntlm_or_negotiate) { - if(remaining_bytes < 2000 || auth_started) { - /* NTLM/Negotiation has started *OR* there is just a little (<2K) - * data left to send, keep on sending. - */ - - /* rewind data when completely done sending! */ - if(!conn->bits.authneg) { - conn->bits.rewindaftersend = TRUE; - infof(data, "Rewind stream after send\n"); - } - - return TRUE; - } - - infof(data, "NTLM/Negotiate send, close instead of sending %" - CURL_FORMAT_CURL_OFF_T " bytes\n", - remaining_bytes); - } -#else - /* unused parameters: */ - (void)conn; - (void)remaining_bytes; -#endif - - return FALSE; -} - /* * Curl_http_perhapsrewind() * @@ -499,12 +423,36 @@ static CURLcode http_perhapsrewind(struct connectdata *conn) conn->bits.rewindaftersend = FALSE; /* default */ if((expectsend == -1) || (expectsend > bytessent)) { - if(conn->bits.close) - /* this is already marked to get closed */ - return CURLE_OK; +#if defined(USE_NTLM) + /* There is still data left to send */ + if((data->state.authproxy.picked == CURLAUTH_NTLM) || + (data->state.authhost.picked == CURLAUTH_NTLM) || + (data->state.authproxy.picked == CURLAUTH_NTLM_WB) || + (data->state.authhost.picked == CURLAUTH_NTLM_WB)) { + if(((expectsend - bytessent) < 2000) || + (conn->ntlm.state != NTLMSTATE_NONE) || + (conn->proxyntlm.state != NTLMSTATE_NONE)) { + /* The NTLM-negotiation has started *OR* there is just a little (<2K) + data left to send, keep on sending. */ + + /* rewind data when completely done sending! */ + if(!conn->bits.authneg) { + conn->bits.rewindaftersend = TRUE; + infof(data, "Rewind stream after send\n"); + } + + return CURLE_OK; + } - if(complete_request(conn, (curl_off_t)(expectsend - bytessent))) - return CURLE_OK; + if(conn->bits.close) + /* this is already marked to get closed */ + return CURLE_OK; + + infof(data, "NTLM send, close instead of sending %" + CURL_FORMAT_CURL_OFF_T " bytes\n", + (curl_off_t)(expectsend - bytessent)); + } +#endif /* This is not NTLM or many bytes left to send: close */ connclose(conn, "Mid-auth HTTP and much data left to send"); @@ -515,7 +463,7 @@ static CURLcode http_perhapsrewind(struct connectdata *conn) } if(bytessent) - /* we rewind now at once since we already sent something */ + /* we rewind now at once since if we already sent something */ return Curl_readrewind(conn); return CURLE_OK; |