diff options
| author | Kamil Dudka <kdudka@redhat.com> | 2014-05-05 14:49:30 +0200 |
|---|---|---|
| committer | Kamil Dudka <kdudka@redhat.com> | 2014-05-09 13:44:04 +0200 |
| commit | ec5fde24de5ddd1910730f0cbac5e77820b26eb9 (patch) | |
| tree | 3a0b3fdc2c0428282f6f0c68419d1c54683bc7de | |
| parent | 1343756742463488c63453723b2bfe002e45c47f (diff) | |
| download | curl-ec5fde24de5ddd1910730f0cbac5e77820b26eb9.tar.gz | |
http: avoid auth failure on a duplicated header
... 'WWW-Authenticate: Negotiate' received from server
Reported by: David Woodhouse
Bug: https://bugzilla.redhat.com/1093348
| -rw-r--r-- | RELEASE-NOTES | 2 | ||||
| -rw-r--r-- | lib/http.c | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f535d525c..1261fe41e 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -64,6 +64,7 @@ This release includes the following bugfixes: o curl_multi_cleanup: ignore SIGPIPE better [13] o schannel: don't use the connect-timeout during send [14] o mprintf: allow %.s with data not being zero terminated + o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15] This release includes the following known bugs: @@ -96,3 +97,4 @@ References to bug reports and discussions on issues: [12] = http://curl.haxx.se/mail/lib-2014-04/0161.html [13] = http://thread.gmane.org/gmane.comp.version-control.git/238242 [14] = http://curl.haxx.se/bug/view.cgi?id=1352 + [15] = https://bugzilla.redhat.com/1093348 diff --git a/lib/http.c b/lib/http.c index fb4334966..937d241a2 100644 --- a/lib/http.c +++ b/lib/http.c @@ -780,7 +780,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, infof(data, "Authentication problem. Ignoring this.\n"); data->state.authproblem = TRUE; } - else { + else if(data->state.negotiate.state == GSS_AUTHNONE) { neg = Curl_input_negotiate(conn, proxy, auth); if(neg == 0) { DEBUGASSERT(!data->req.newurl); |