curl-library
Re: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections
Date: Tue, 1 Apr 2014 08:16:00 +0200 (CEST)
On Mon, 31 Mar 2014, myriachan_at_cox.net wrote:
> "creditials" should be "credentials". Sadly, this would make the line
> longer than 80 characters, and moving "request" to the next line would blow
> past the 80 limit on that line, too. Change "as opposed to" to "instead
> of".
Thanks! Will fix.
> Also, I had to modify this patch's url.c change to get it to apply to
> 7.33.0. Does this look right?
>
> if((!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) ||
> ((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) {
Yes, that seems like a decent adaption. We put the "needle->handler->protocol
& CURLPROTO_HTTP" check into the 'wantNTLM' assignment itself at the top in
later versions but either way is fine.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2014-04-01