cURL / Mailing Lists / curl-library / Single Mail


RE: release agony

From: Joe Mason <>
Date: Thu, 26 Jul 2012 15:26:18 +0000

> From: [] on
> behalf of Daniel Stenberg []
> Sent: Wednesday, July 25, 2012 5:25 PM
> To: libcurl hacking
> Subject: release agony
> At least unless the bug is very serious. If you know any really serious bug
> that should make me postpone the release, please let me know. If you have any
> pending bug fix I really should merge before the release, please let me know. is pretty important. Basically none of the auth status (authproblem, auth picked, NTLM state, digest nonce, etc) is cleared between uses of a handle (at least using curl_easy_reset, but possibly even when using curl_easy_init to get a whole new curl handle - I think some of them are held per-connection). Result is that when making a second request which should be entirely independant, weird things happen including: Digest auth ignoring new WWW-Authenticate headers and using an old nonce; NTLM auth printing "NTLM handshake failure (internal error)" because it receives an "NTLM" to begin the handshake and it's still marked as being in the middle of a handshake (even though the previous handshake actually finished); or an auth type which was enabled for the first request being chosen for the second request even though it is not in CURLOPT_AUTH any more, because "picked" is still set from the first request and nobody ever checks t
hat it's still valid.

On the other hand, AFAICT this is not a regression, so maybe it shouldn't block the release.

I tried a couple of fixes that I hoped would be a magic bullet, but all of them fixed one error and caused another one to pop up elsewhere. I'm currently almost done writing a complete suite of test cases for this (done 5 of 9) since the interactions are so complex that we need test coverage before making any changes.

After I post those I'm definitely going to need some help fixing it...

This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.

List admin:
Received on 2012-07-26