From cde5e35d9b046b224c64936c432d67c9de8bcc9e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 25 Oct 2006 20:40:14 +0000
Subject: Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even
 for the case when 401 or 407 are returned, *IF* no auth credentials have been
 given. The CURLOPT_FAILONERROR option is not possible to make fool-proof for
 401 and 407 cases when auth credentials is given, but we've now covered this
 somewhat more.

You might get some amounts of headers transferred before this situation is
detected, like for when a "100-continue" is received as a response to a
POST/PUT and a 401 or 407 is received immediately afterwards.

Added test 281 to verify this change.
---
 lib/transfer.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'lib/transfer.c')

diff --git a/lib/transfer.c b/lib/transfer.c
index 300b8e9f6..28e3fe476 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -675,10 +675,9 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                  * depending on how authentication is working.  Other codes
                  * are definitely errors, so give up here.
                  */
-                if (data->set.http_fail_on_error &&
-                    (k->httpcode >= 400) &&
-                    (k->httpcode != 401) &&
-                    (k->httpcode != 407)) {
+                if (data->set.http_fail_on_error && (k->httpcode >= 400) &&
+                    ((k->httpcode != 401) || !data->set.userpwd) &&
+                    ((k->httpcode != 407) || !data->set.proxyuserpwd) ) {
 
                   if (data->reqdata.resume_from &&
                       (data->set.httpreq==HTTPREQ_GET) &&
-- 
cgit v1.2.3