cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH 0/6] Fix SPNEGO to work comprehensively throughout curl

From: David Woodhouse <dwmw2_at_infradead.org>
Date: Thu, 17 Jul 2014 16:20:12 +0100

On Thu, 2014-07-17 at 15:47 +0200, Michael Osipov wrote:
>
> Servers:
> - Apache 2.2.27 on FreeBSD with mod_spnego (MIT Kerberos 1.12.1)

Was that the one offering the duplicate 'WWW-Authenticate: Negotiate'
headers? I think you fixed it to stop doing that... but could you break
it again, and test?

I think I broke Kamil's recent fix¹ for that degenerate case, but we
could probably cope again if we just do the following:

--- a/lib/http.c
+++ b/lib/http.c
@@ -790,8 +790,6 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
             /* we received GSS auth info and we dealt with it fine */
             negdata->state = GSS_AUTHRECV;
           }
- else
- data->state.authproblem = TRUE;
         }
       }
     }

I'd test this myself but... I can't actually remember which server I
discovered this with, and stupidly didn't put that information into the
bug I filed.

-- 
dwmw2
¹ https://github.com/bagder/curl/commit/ec5fde24

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

  • application/x-pkcs7-signature attachment: smime.p7s
Received on 2014-07-17