mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 00:28:48 -05:00
http_negotiate_sspi: Fixed endless unauthorized loop in commit 6bc76194e8
If the server rejects our authentication attempt and curl hasn't called CompleteAuthToken() then the status variable will be SEC_I_CONTINUE_NEEDED and not SEC_E_OK. As such the existing detection mechanism for determining whether or not the authentication process has finished is not sufficient. However, the WWW-Authenticate: Negotiate header line will not contain any data when the server has exhausted the negotiation, so we can use that coupled with the already allocated context pointer.
This commit is contained in:
parent
524833e155
commit
f8af8606a5
@ -117,9 +117,14 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
|||||||
|
|
||||||
len = strlen(header);
|
len = strlen(header);
|
||||||
if(!len) {
|
if(!len) {
|
||||||
/* first call in a new negotation, we have to acquire credentials,
|
/* Is this the first call in a new negotiation? */
|
||||||
and allocate memory for the context */
|
if(neg_ctx->context) {
|
||||||
|
/* The server rejected our authentication and hasn't suppled any more
|
||||||
|
negotiation mechanisms */
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* We have to acquire credentials and allocate memory for the context */
|
||||||
neg_ctx->credentials = malloc(sizeof(CredHandle));
|
neg_ctx->credentials = malloc(sizeof(CredHandle));
|
||||||
neg_ctx->context = malloc(sizeof(CtxtHandle));
|
neg_ctx->context = malloc(sizeof(CtxtHandle));
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user