From f8af8606a5420e2cfb17f2f32d750b6b2e7b52f9 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Wed, 6 Aug 2014 00:12:53 +0100 Subject: http_negotiate_sspi: Fixed endless unauthorized loop in commit 6bc76194e8 If the server rejects our authentication attempt and curl hasn't called CompleteAuthToken() then the status variable will be SEC_I_CONTINUE_NEEDED and not SEC_E_OK. As such the existing detection mechanism for determining whether or not the authentication process has finished is not sufficient. However, the WWW-Authenticate: Negotiate header line will not contain any data when the server has exhausted the negotiation, so we can use that coupled with the already allocated context pointer. --- lib/http_negotiate_sspi.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c index 3c5680c4f..8e6391495 100644 --- a/lib/http_negotiate_sspi.c +++ b/lib/http_negotiate_sspi.c @@ -117,9 +117,14 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, len = strlen(header); if(!len) { - /* first call in a new negotation, we have to acquire credentials, - and allocate memory for the context */ + /* Is this the first call in a new negotiation? */ + if(neg_ctx->context) { + /* The server rejected our authentication and hasn't suppled any more + negotiation mechanisms */ + return -1; + } + /* We have to acquire credentials and allocate memory for the context */ neg_ctx->credentials = malloc(sizeof(CredHandle)); neg_ctx->context = malloc(sizeof(CtxtHandle)); -- cgit v1.2.3