moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Code Issues Releases Wiki Activity

ConnectionExists: reusing possible HTTP+NTLM connections better

Browse Source 
Make sure that the special NTLM magic we do is for HTTP+NTLM only since
that's where the authenticated connection is a weird non-standard
paradigm.

Regression brought in 8ae35102c (curl 7.35.0)

Bug: http://curl.haxx.se/mail/lib-2014-02/0100.html
Reported-by: Dan Fandrich
This commit is contained in:
Daniel Stenberg 2014-02-12 14:15:42 +01:00
parent c021a60bcc
commit 378af08c99
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
lib/url.c
View File

@ -2903,8 +2903,9 @@ ConnectionExists(struct SessionHandle *data,
struct connectdata *check; struct connectdata *check;
struct connectdata *chosen = 0; struct connectdata *chosen = 0;
bool canPipeline = IsPipeliningPossible(data, needle); bool canPipeline = IsPipeliningPossible(data, needle);
bool wantNTLM = (data->state.authhost.want & CURLAUTH_NTLM) || bool wantNTLMhttp = ((data->state.authhost.want & CURLAUTH_NTLM) ||
(data->state.authhost.want & CURLAUTH_NTLM_WB) ? TRUE : FALSE; (data->state.authhost.want & CURLAUTH_NTLM_WB)) &&
(needle->handler->protocol & CURLPROTO_HTTP) ? TRUE : FALSE;
struct connectbundle *bundle; struct connectbundle *bundle;
*force_reuse = FALSE; *force_reuse = FALSE;
@ -3059,16 +3060,15 @@ ConnectionExists(struct SessionHandle *data,
continue; continue;
} }
if((needle->handler->protocol & CURLPROTO_FTP) || if((needle->handler->protocol & CURLPROTO_FTP) || wantNTLMhttp) {
((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) { /* This is FTP or HTTP+NTLM, verify that we're using the same name
/* This is FTP or HTTP+NTLM, verify that we're using the same name and password as well */
and password as well */ if(!strequal(needle->user, check->user) ||
if(!strequal(needle->user, check->user) || !strequal(needle->passwd, check->passwd)) {
!strequal(needle->passwd, check->passwd)) { /* one of them was different */
/* one of them was different */ continue;
continue; }
} credentialsMatch = TRUE;
credentialsMatch = TRUE;
} }
if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL || if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL ||
@ -3120,12 +3120,12 @@ ConnectionExists(struct SessionHandle *data,
} }
if(match) { if(match) {
/* If we are looking for an NTLM connection, check if this is already /* If we are looking for an HTTP+NTLM connection, check if this is
authenticating with the right credentials. If not, keep looking so already authenticating with the right credentials. If not, keep
that we can reuse NTLM connections if possible. (Especially we looking so that we can reuse NTLM connections if
must not reuse the same connection if partway through possible. (Especially we must not reuse the same connection if
a handshake!) */ partway through a handshake!) */
if(wantNTLM) { if(wantNTLMhttp) {
if(credentialsMatch && check->ntlm.state != NTLMSTATE_NONE) { if(credentialsMatch && check->ntlm.state != NTLMSTATE_NONE) {
chosen = check; chosen = check;