HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request

Sending NTLM/Negotiate header again after successful authentication breaks the connection with certain Proxies and request types (POST to MS Forefront).
author: Stefan Bühler <buehler@teamviewer.com> 2014-11-24 09:23:07 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2014-12-04 14:46:13 -0800
commit: 87c4abb611c2b7038edc27c08b001d577eb14bd9 (patch)
tree: 4e841c95a2c814a7e353d6a5477fee3d8b367a4e /lib
parent: 5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6 (diff)
1 files changed, 19 insertions, 4 deletions
diff --git a/lib/http.c b/lib/http.c
index d32a01271..c56689893 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2323,12 +2323,27 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       );
 
   /*
-   * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
-   * with basic and digest, it will be freed anyway by the next request
+   * Free userpwd for Negotiate/NTLM. Cannot reuse as it is associated with
+   * the connection and shouldn't be repeated over it either.
    */
+  switch (data->state.authhost.picked) {
+  case CURLAUTH_NEGOTIATE:
+  case CURLAUTH_NTLM:
+  case CURLAUTH_NTLM_WB:
+    Curl_safefree(conn->allocptr.userpwd);
+    break;
+  }
 
-  Curl_safefree (conn->allocptr.userpwd);
-  conn->allocptr.userpwd = NULL;
+  /*
+   * Same for proxyuserpwd
+   */
+  switch (data->state.authproxy.picked) {
+  case CURLAUTH_NEGOTIATE:
+  case CURLAUTH_NTLM:
+  case CURLAUTH_NTLM_WB:
+    Curl_safefree(conn->allocptr.proxyuserpwd);
+    break;
+  }
 
   if(result)
     return result;
author	Stefan Bühler <buehler@teamviewer.com>	2014-11-24 09:23:07 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2014-12-04 14:46:13 -0800
commit	87c4abb611c2b7038edc27c08b001d577eb14bd9 (patch)
tree	4e841c95a2c814a7e353d6a5477fee3d8b367a4e /lib
parent	5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6 (diff)