From 13ce9031cc3af2accc1be9e93cfc462efe513343 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 5 Nov 2012 23:31:24 +0100 Subject: [PATCH] Curl_pretransfer: clear out unwanted auth methods As a handle can be re-used after having done HTTP auth in a previous request, it must make sure to clear out the HTTP types that aren't wanted in this new request. --- lib/transfer.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/transfer.c b/lib/transfer.c index a00469ee6..3492efd25 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1469,6 +1469,12 @@ CURLcode Curl_pretransfer(struct SessionHandle *data) if(data->set.connecttimeout) Curl_expire(data, data->set.connecttimeout); + + /* In case the handle is re-used and an authentication method was picked + in the session we need to make sure we only use the one(s) we now + consider to be fine */ + data->state.authhost.picked &= data->state.authhost.want; + data->state.authproxy.picked &= data->state.authproxy.want; } return res;