diff options
-rw-r--r-- | libsoup/soup-auth-ntlm.c | 11 | ||||
-rw-r--r-- | tests/ntlm-test.c | 8 |
2 files changed, 11 insertions, 8 deletions
diff --git a/libsoup/soup-auth-ntlm.c b/libsoup/soup-auth-ntlm.c index ddb6b2ed..926fd4a8 100644 --- a/libsoup/soup-auth-ntlm.c +++ b/libsoup/soup-auth-ntlm.c @@ -303,12 +303,15 @@ soup_auth_ntlm_update_connection (SoupConnectionAuth *auth, SoupMessage *msg, if (conn->state > SOUP_NTLM_SENT_REQUEST) { if (priv->password_state == SOUP_NTLM_PASSWORD_ACCEPTED) { /* We know our password is correct, so a 401 - * means "permission denied". Since the conn - * state is now FAILED, the auth is no longer - * is_ready() for this message, so this will - * cause a "retrying" authenticate signal. + * means "permission denied". The code can't deal + * with re-authenticating correctly, so make sure + * we don't try. */ conn->state = SOUP_NTLM_FAILED; + if (soup_message_is_keepalive (msg)) { + soup_message_headers_append (msg->response_headers, + "Connection", "close"); + } return TRUE; } diff --git a/tests/ntlm-test.c b/tests/ntlm-test.c index a0e02ab4..11d40c3a 100644 --- a/tests/ntlm-test.c +++ b/tests/ntlm-test.c @@ -456,12 +456,12 @@ do_ntlm_round (SoupURI *base_uri, gboolean use_ntlm, SOUP_STATUS_UNAUTHORIZED); /* 8. Server accepts Basic or NTLM from either user. - * Alice-via-NTLM is still authenticated at this point from #6, - * and Bob-via-NTLM is authenticated from #7, so neither - * of them will do anything. + * NTLM users will try NTLM without getting a prompt (their + * previous NTLM connections will have been closed by the 401 + * from /basic). Non-NTLM users will be prompted for either. */ do_message (session, base_uri, "/either", - !use_ntlm, FALSE, + !use_ntlm, use_ntlm, !use_ntlm, !use_ntlm && user != NULL, user != NULL ? SOUP_STATUS_OK : SOUP_STATUS_UNAUTHORIZED); |