From 9c613ade7a7157d51db227e9070e8de555ae3053 Mon Sep 17 00:00:00 2001
From: Steve Holme <steve_holme@hotmail.com>
Date: Sun, 26 Oct 2014 14:26:39 +0000
Subject: sspi: Only call CompleteAuthToken() when complete is needed

Don't call CompleteAuthToken() after InitializeSecurityContext() has
returned SEC_I_CONTINUE_NEEDED as this return code only indicates the
function should be called again after receiving a response back from
the server.

This only affected the Digest and NTLM authentication code.
---
 lib/curl_ntlm_msgs.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'lib/curl_ntlm_msgs.c')

diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c
index 1edefd7a2..f0c502d2a 100644
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@@ -497,10 +497,10 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
                                                ntlm->context, &type_1_desc,
                                                &attrs, &tsDummy);
 
-  if(status == SEC_I_COMPLETE_AND_CONTINUE ||
-     status == SEC_I_CONTINUE_NEEDED)
+  if(status == SEC_I_COMPLETE_NEEDED ||
+     status == SEC_I_COMPLETE_AND_CONTINUE)
     s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
-  else if(status != SEC_E_OK)
+  else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED)
     return CURLE_RECV_ERROR;
 
   size = type_1_buf.cbBuffer;
-- 
cgit v1.2.3