moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Code Issues Releases Wiki Activity

NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth

Browse Source 
Problem: if CURLOPT_FORBID_REUSE is set, requests using NTLM failed
since NTLM requires multiple requests that re-use the same connection
for the authentication to work

Solution: Ignore the forbid reuse flag in case the NTLM authentication
handshake is in progress, according to the NTLM state flag.

Fixed known bug #77.
This commit is contained in:
Frank Meier 2014-08-22 14:54:41 +02:00 committed by Daniel Stenberg
parent 98633c2a19
commit 63a0bd4270
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/KNOWN_BUGS
View File

@ -51,10 +51,6 @@ may have been fixed since this was written!
any file at all. Like when using FTP. any file at all. Like when using FTP.
http://curl.haxx.se/bug/view.cgi?id=1063 http://curl.haxx.se/bug/view.cgi?id=1063
77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it
"abuses" the underlying connection re-use system and if connections are
forced to close they break the NTLM support.
76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on 76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on
that platform), and long is only 32 bits. It makes it impossible for that platform), and long is only 32 bits. It makes it impossible for
curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET

8
lib/url.c
View File

@ -5859,7 +5859,8 @@ CURLcode Curl_done(struct connectdata **connp,
} }
/* if data->set.reuse_forbid is TRUE, it means the libcurl client has /* if data->set.reuse_forbid is TRUE, it means the libcurl client has
forced us to close this no matter what we think. forced us to close this connection. This is ignored for requests taking
place in a NTLM authentication handshake
if conn->bits.close is TRUE, it means that the connection should be if conn->bits.close is TRUE, it means that the connection should be
closed in spite of all our efforts to be nice, due to protocol closed in spite of all our efforts to be nice, due to protocol
@ -5871,7 +5872,10 @@ CURLcode Curl_done(struct connectdata **connp,
we can add code that keep track of if we really must close it here or not, we can add code that keep track of if we really must close it here or not,
but currently we have no such detail knowledge. but currently we have no such detail knowledge.
*/ */
if(data->set.reuse_forbid || conn->bits.close || premature) {
if((data->set.reuse_forbid && !(conn->ntlm.state == NTLMSTATE_TYPE2 ||
conn->proxyntlm.state == NTLMSTATE_TYPE2))
|| conn->bits.close || premature) {
CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */ CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */
/* If we had an error already, make sure we return that one. But /* If we had an error already, make sure we return that one. But