curl-users
Re: how to use --proxy-negotiate, exactly?
Date: Mon, 23 Feb 2009 16:16:42 +0100 (CET)
On Mon, 23 Feb 2009, Brian J. Murrell wrote:
> output_auth_headers() is testing data->state.negotiate.context for validity
> before calling Curl_output_negotiate(conn, proxy) with proxy == TRUE but in
> Curl_output_negotiate() if proxy == TRUE, neg_ctx is set to
> conn->data->state.proxyneg, not conn->data->state.negotiate (which is used
> for the FALSE case).
Ugh, indeed you're right. Looking at this closer, the code checks for a
*server context* unconditionally in output_auth_headers() instead of checking
the proper proxy OR server context...
What about this patch (against current CVS):
diff -u -r1.411 http.c
--- lib/http.c 2 Feb 2009 16:19:23 -0000 1.411
+++ lib/http.c 23 Feb 2009 15:19:13 -0000
@@ -516,6 +516,10 @@
struct SessionHandle *data = conn->data;
const char *auth=NULL;
CURLcode result = CURLE_OK;
+#ifdef HAVE_GSSAPI
+ struct negotiatedata *negdata = proxy?
+ &data->state.proxyneg:&data->state.negotiate;
+#endif
#ifndef CURL_DISABLE_CRYPTO_AUTH
(void)request;
@@ -524,14 +528,13 @@
#ifdef HAVE_GSSAPI
if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&
- data->state.negotiate.context &&
- !GSS_ERROR(data->state.negotiate.status)) {
+ negdata->context && !GSS_ERROR(negdata->status)) {
auth="GSS-Negotiate";
result = Curl_output_negotiate(conn, proxy);
if(result)
return result;
authstatus->done = TRUE;
- data->state.negotiate.state = GSS_AUTHSENT;
+ negdata->state = GSS_AUTHSENT;
}
else
#endif
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2009-02-23