diff options
| author | Dominik Hölzl <dominik.hoelzl@fabasoft.at> | 2018-09-10 09:18:01 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2019-03-14 09:26:03 +0100 |
| commit | 6c6035532383e300c712e4c1cd9fdd749ed5cf59 (patch) | |
| tree | 6c883e4d5db1cc8d609dae507033424fae8423d1 /lib/vauth | |
| parent | dd8a19f8a05b59394d1ab33c09497e8db884742a (diff) | |
| download | curl-6c6035532383e300c712e4c1cd9fdd749ed5cf59.tar.gz | |
Negotiate: fix for HTTP POST with Negotiate
* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
also indicate the last challenge request (only works with disabled
Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
Reset/Cleanup negotiate after authentication if no persistent
authentication
* apply changes introduced with #2546 for negotiate rewind logic
Fixes #1261
Closes #1975
Diffstat (limited to 'lib/vauth')
| -rw-r--r-- | lib/vauth/spnego_gssapi.c | 7 | ||||
| -rw-r--r-- | lib/vauth/spnego_sspi.c | 5 |
2 files changed, 11 insertions, 1 deletions
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index 4a48bdd20..7c4bd4b59 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -273,6 +273,11 @@ void Curl_auth_spnego_cleanup(struct negotiatedata *nego) /* Reset any variables */ nego->status = 0; + nego->state = GSS_AUTHNONE; + nego->noauthpersist = FALSE; + nego->havenoauthpersist = FALSE; + nego->havenegdata = FALSE; + nego->havemultiplerequests = FALSE; } #endif /* HAVE_GSSAPI && USE_SPNEGO */ diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index 98c471e58..0171ec52b 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -343,6 +343,11 @@ void Curl_auth_spnego_cleanup(struct negotiatedata *nego) /* Reset any variables */ nego->status = 0; nego->token_max = 0; + nego->state = GSS_AUTHNONE; + nego->noauthpersist = FALSE; + nego->havenoauthpersist = FALSE; + nego->havenegdata = FALSE; + nego->havemultiplerequests = FALSE; } #endif /* USE_WINDOWS_SSPI && USE_SPNEGO */ |