From ea6531cf32a7c46d2c919f02c6b650e31a458052 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 24 Feb 2009 08:30:09 +0000
Subject: - Brian J. Murrell found out that Negotiate proxy authentication
 didn't work.   It happened because the code used the struct for server-based
 auth all the   time for both proxy and server auth which of course was wrong.

---
 CHANGES       | 5 +++++
 RELEASE-NOTES | 3 ++-
 lib/http.c    | 9 ++++++---
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/CHANGES b/CHANGES
index 62c24de7e..29f5a9ad5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,11 @@
 
                                   Changelog
 
+Daniel Stenberg (24 Feb 2009)
+- Brian J. Murrell found out that Negotiate proxy authentication didn't work.
+  It happened because the code used the struct for server-based auth all the
+  time for both proxy and server auth which of course was wrong.
+
 Daniel Stenberg (23 Feb 2009)
 - After a bug reported by James Cheng I've made curl_easy_getinfo() for
   CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index a5a722123..57e021fdc 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -43,6 +43,7 @@ This release includes the following bugfixes:
  o ease creation of libcurl Mac OS X Framework
  o CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD are -1
    if unknown
+ o Negotiate proxy authentication
 
 This release includes the following known bugs:
 
@@ -55,6 +56,6 @@ advice from friends like these:
  Peter Sylvester, Chad Monroe, Markus Moeller, Yang Tse, Scott Cantor,
  Patrick Scott, Hidemoto Nakada, Jocelyn Jaubert, Andre Guibert de Bruet,
  Kamil Dudka, Patrik Thunstrom, Linus Nielsen Feltzing, Mark Incley,
- Daniel Johnson, James Cheng
+ Daniel Johnson, James Cheng, Brian J. Murrell
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/http.c b/lib/http.c
index dc5066f8a..dfd19dd86 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -516,6 +516,10 @@ output_auth_headers(struct connectdata *conn,
   struct SessionHandle *data = conn->data;
   const char *auth=NULL;
   CURLcode result = CURLE_OK;
+#ifdef HAVE_GSSAPI
+  struct negotiatedata *negdata = proxy?
+    &data->state.proxyneg:&data->state.negotiate;
+#endif
 
 #ifndef CURL_DISABLE_CRYPTO_AUTH
   (void)request;
@@ -524,14 +528,13 @@ output_auth_headers(struct connectdata *conn,
 
 #ifdef HAVE_GSSAPI
   if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&
-     data->state.negotiate.context &&
-     !GSS_ERROR(data->state.negotiate.status)) {
+     negdata->context && !GSS_ERROR(negdata->status)) {
     auth="GSS-Negotiate";
     result = Curl_output_negotiate(conn, proxy);
     if(result)
       return result;
     authstatus->done = TRUE;
-    data->state.negotiate.state = GSS_AUTHSENT;
+    negdata->state = GSS_AUTHSENT;
   }
   else
 #endif
-- 
cgit v1.2.3