ok, got it!
thinking loud, basically, when request is made, for example one way hash from password can be stored in the cached connection (probably somewhere in connectdata struct) and then next time new request is made to the same host, password from new request needs to be checked against stored hash and if they are same, ntlm connection can be shared (without expensive type1, type2, type3 message exchanges).
 

    On Tuesday, 24 October 2017, 15:47:49 GMT+1, Daniel Stenberg <daniel_at_haxx.se> wrote:
 
 On Tue, 24 Oct 2017, Alibek Joraev wrote:

> this would not work for all connection types. for example, for NTLM,
> connection should not be shared among handles, right? there was related
> vulnerability some time ago ( https://curl.haxx.se/docs/adv_20140129.html ).

We can still share NTLM authenticated connections, and we do. We just need to
make sure that we only reuse connections that have the same credentials.

-- 
  / daniel.haxx.se
  

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-10-24