moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 14:35:03 -05:00
Code Issues Releases Wiki Activity

NTLM: handle auth for only a single request

Browse Source 
Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed.  However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).

Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.

Closes #363
This commit is contained in:
Isaac Boukris 2015-08-04 02:20:23 +03:00 committed by Daniel Stenberg
parent 7f11259eb7
commit fe6049f04b
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/curl_ntlm.c
View File

@ -84,7 +84,11 @@ CURLcode Curl_input_ntlm(struct connectdata *conn,
ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */ ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */
} }
else { else {
if(ntlm->state == NTLMSTATE_TYPE3) { if(ntlm->state == NTLMSTATE_LAST) {
infof(conn->data, "NTLM auth restarted\n");
Curl_http_ntlm_cleanup(conn);
}
else if(ntlm->state == NTLMSTATE_TYPE3) {
infof(conn->data, "NTLM handshake rejected\n"); infof(conn->data, "NTLM handshake rejected\n");
Curl_http_ntlm_cleanup(conn); Curl_http_ntlm_cleanup(conn);
ntlm->state = NTLMSTATE_NONE; ntlm->state = NTLMSTATE_NONE;
@ -211,6 +215,9 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy)
case NTLMSTATE_TYPE3: case NTLMSTATE_TYPE3:
/* connection is already authenticated, /* connection is already authenticated,
* don't send a header in future requests */ * don't send a header in future requests */
ntlm->state = NTLMSTATE_LAST;
case NTLMSTATE_LAST:
Curl_safefree(*allocuserpwd); Curl_safefree(*allocuserpwd);
authp->done = TRUE; authp->done = TRUE;
break; break;