diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-02-12 14:15:42 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2014-02-13 23:25:38 +0100 |
commit | 378af08c99299683eb728fd8f9d3d3ab05f73ec0 (patch) | |
tree | 575721021bc1982ccfdec44e0e12dcbe82a3c04d /lib | |
parent | c021a60bccff0feddfec9d756cd65497eab60b39 (diff) |
ConnectionExists: reusing possible HTTP+NTLM connections better
Make sure that the special NTLM magic we do is for HTTP+NTLM only since
that's where the authenticated connection is a weird non-standard
paradigm.
Regression brought in 8ae35102c (curl 7.35.0)
Bug: http://curl.haxx.se/mail/lib-2014-02/0100.html
Reported-by: Dan Fandrich
Diffstat (limited to 'lib')
-rw-r--r-- | lib/url.c | 36 |
1 files changed, 18 insertions, 18 deletions
@@ -2903,8 +2903,9 @@ ConnectionExists(struct SessionHandle *data, struct connectdata *check; struct connectdata *chosen = 0; bool canPipeline = IsPipeliningPossible(data, needle); - bool wantNTLM = (data->state.authhost.want & CURLAUTH_NTLM) || - (data->state.authhost.want & CURLAUTH_NTLM_WB) ? TRUE : FALSE; + bool wantNTLMhttp = ((data->state.authhost.want & CURLAUTH_NTLM) || + (data->state.authhost.want & CURLAUTH_NTLM_WB)) && + (needle->handler->protocol & CURLPROTO_HTTP) ? TRUE : FALSE; struct connectbundle *bundle; *force_reuse = FALSE; @@ -3059,16 +3060,15 @@ ConnectionExists(struct SessionHandle *data, continue; } - if((needle->handler->protocol & CURLPROTO_FTP) || - ((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) { - /* This is FTP or HTTP+NTLM, verify that we're using the same name - and password as well */ - if(!strequal(needle->user, check->user) || - !strequal(needle->passwd, check->passwd)) { - /* one of them was different */ - continue; - } - credentialsMatch = TRUE; + if((needle->handler->protocol & CURLPROTO_FTP) || wantNTLMhttp) { + /* This is FTP or HTTP+NTLM, verify that we're using the same name + and password as well */ + if(!strequal(needle->user, check->user) || + !strequal(needle->passwd, check->passwd)) { + /* one of them was different */ + continue; + } + credentialsMatch = TRUE; } if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL || @@ -3120,12 +3120,12 @@ ConnectionExists(struct SessionHandle *data, } if(match) { - /* If we are looking for an NTLM connection, check if this is already - authenticating with the right credentials. If not, keep looking so - that we can reuse NTLM connections if possible. (Especially we - must not reuse the same connection if partway through - a handshake!) */ - if(wantNTLM) { + /* If we are looking for an HTTP+NTLM connection, check if this is + already authenticating with the right credentials. If not, keep + looking so that we can reuse NTLM connections if + possible. (Especially we must not reuse the same connection if + partway through a handshake!) */ + if(wantNTLMhttp) { if(credentialsMatch && check->ntlm.state != NTLMSTATE_NONE) { chosen = check; |