From 59431c242bf1d93980756fa2db2d08744bfa79d3 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Fri, 11 Jul 2014 10:55:07 +0100
Subject: Use SPNEGO for HTTP Negotiate

This is the correct way to do SPNEGO. Just ask for it

Now I correctly see it trying NTLMSSP authentication when a Kerberos ticket
isn't available. Of course, we bail out when the server responds with the
challenge packet, since we don't expect that. But I'll fix that bug next...
---
 lib/http_negotiate.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/http_negotiate.c')

diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index ccd005bbb..9b01e0a56 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -184,6 +184,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
                                            &minor_status,
                                            &neg_ctx->context,
                                            neg_ctx->server_name,
+                                           TRUE,
                                            GSS_C_NO_CHANNEL_BINDINGS,
                                            &input_token,
                                            &output_token,
-- 
cgit v1.2.3