From 87c4abb611c2b7038edc27c08b001d577eb14bd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Mon, 24 Nov 2014 09:23:07 +0100 Subject: HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request Sending NTLM/Negotiate header again after successful authentication breaks the connection with certain Proxies and request types (POST to MS Forefront). --- lib/http.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'lib/http.c') diff --git a/lib/http.c b/lib/http.c index d32a01271..c56689893 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2323,12 +2323,27 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) ); /* - * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM - * with basic and digest, it will be freed anyway by the next request + * Free userpwd for Negotiate/NTLM. Cannot reuse as it is associated with + * the connection and shouldn't be repeated over it either. */ + switch (data->state.authhost.picked) { + case CURLAUTH_NEGOTIATE: + case CURLAUTH_NTLM: + case CURLAUTH_NTLM_WB: + Curl_safefree(conn->allocptr.userpwd); + break; + } - Curl_safefree (conn->allocptr.userpwd); - conn->allocptr.userpwd = NULL; + /* + * Same for proxyuserpwd + */ + switch (data->state.authproxy.picked) { + case CURLAUTH_NEGOTIATE: + case CURLAUTH_NTLM: + case CURLAUTH_NTLM_WB: + Curl_safefree(conn->allocptr.proxyuserpwd); + break; + } if(result) return result; -- cgit v1.2.3