Menu

#757 NTLM proxy overrides endpoint auth

closed-fixed
http (206)
5
2013-06-21
2008-08-08
No

Problem:

Proxy uses NTLM authentication. Remote endpoint uses basic authentication. Remote endpoint requests a "Connection: close" after sending initial 401 indicating Basic auth requested (the server is mod_php so persistent connections are hard). curl obliges and
closes the connection.

Normally, curl will reopen the connection to the server
and send basic auth on next connection. However, the NTLM cleanup code in Curl_disconnect clobbers the result of the negotiation with the remote endpoint and sets the picked back to the original on the handle (in our case CURLAUTH_ANY).

Patch below separates cleanup for endpoint and proxy so that clobbering doesn't happen.

Discussion

  • Constantine Sapuntzakis

    Patch to preserve endpoint negotiation

     
  • Daniel Stenberg

    Daniel Stenberg - 2008-08-11

    Logged In: YES
    user_id=1110
    Originator: NO

    Thanks a lot, patched applied and committed to CVS just now!

     
  • Daniel Stenberg

    Daniel Stenberg - 2008-08-11
    • status: open --> closed-fixed