mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
CONNECT_ONLY: don't close connection on GSS 401/407 reponses
Previously, connections were closed immediately before the user had a
chance to extract the socket when the proxy required Negotiate
authentication.
This regression was brought in with the security fix in commit
79b9d5f1a4
Closes #655
This commit is contained in:
parent
e24e1c9cc6
commit
c2b3f264cb
@ -1454,8 +1454,10 @@ CURLcode Curl_http_done(struct connectdata *conn,
|
||||
data->state.negotiate.state == GSS_AUTHSENT) {
|
||||
/* add forbid re-use if http-code != 401/407 as a WA only needed for
|
||||
* 401/407 that signal auth failure (empty) otherwise state will be RECV
|
||||
* with current code */
|
||||
if((data->req.httpcode != 401) && (data->req.httpcode != 407))
|
||||
* with current code.
|
||||
* Do not close CONNECT_ONLY connections. */
|
||||
if((data->req.httpcode != 401) && (data->req.httpcode != 407) &&
|
||||
!data->set.connect_only)
|
||||
connclose(conn, "Negotiate transfer completed");
|
||||
Curl_cleanup_negotiate(data);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user