1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

John Dennis filed bug report #2873666

(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem which
made libcurl loop infinitely when given incorrect credentials when using HTTP
GSS negotiate authentication.
This commit is contained in:
Daniel Stenberg 2009-10-18 00:18:27 +00:00
parent 167a92810a
commit e5ee822745
3 changed files with 11 additions and 1 deletions

View File

@ -7,6 +7,12 @@
Changelog
Daniel Stenberg (18 Oct 2009)
- John Dennis filed bug report #2873666
(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem
which made libcurl loop infinitely when given incorrect credentials when
using HTTP GSS negotiate authentication. He also provided a small and simple
patch for it.
- Kevin Baughman found a double close() problem with libcurl-NSS, as when
libcurl called NSS to close the SSL "session" it also closed the actual
socket.

View File

@ -37,6 +37,7 @@ This release includes the following bugfixes:
o connect next bug
o invalid file name characters handling on Windows
o double close() on the primary socket with libcurl-NSS
o GSS negotiate infinite loop on bad credentials
This release includes the following known bugs:
@ -49,6 +50,6 @@ advice from friends like these:
Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson,
Claes Jakobsson, Sven Anders, Chris Mumford, John P. McCaskey,
Constantine Sapuntzakis, Michael Stillwell, Tom Mueller, Dan Fandrich,
Kevin Baughman
Kevin Baughman, John Dennis
Thanks! (and sorry if I forgot to mention someone)

View File

@ -750,6 +750,9 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
/* we received GSS auth info and we dealt with it fine */
data->state.negotiate.state = GSS_AUTHRECV;
}
else {
data->state.authproblem = TRUE;
}
}
}
else