Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http_ntlm: Remove duplicate NSS initialisation #3935

Closed
wants to merge 1 commit into from
Closed

http_ntlm: Remove duplicate NSS initialisation #3935

wants to merge 1 commit into from

Conversation

captain-caveman2k
Copy link
Contributor

Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.

@jay jay requested a review from kdudka May 24, 2019 06:32
@jay
Copy link
Member

jay commented Jun 3, 2019

Please save this until after the release, I don't know that it will break anything but why risk it.

@kdudka
Copy link
Contributor

kdudka commented Jun 4, 2019

I agree that compilation errors need to be fixed. In any case, calling Curl_nss_force_init() multiple times is safe -- all the subsequent calls are no-ops (unless Curl_nss_cleanup() is called in between).

kdudka
kdudka approved these changes Sep 30, 2019
View reviewed changes
Copy link
Contributor

@kdudka kdudka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I understand it, the code was made redundant by commit 33be9e2.

Assuming Curl_auth_decode_ntlm_type2_message() is always called before any NSS crypto is used on the way from Curl_output_ntlm(), the code should be safe to remove. But, to be honest, I do not know how NTLM works exactly.

If NTLM tests pass with libcurl-linked libcurl, this change is good to go in from my point of view.

@captain-caveman2k
http_ntlm: Remove duplicate NSS initialisation
e696c35 
Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.
@bagder bagder closed this in bb8cf05 Nov 28, 2019
@lock lock bot locked as resolved and limited conversation to collaborators May 5, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kdudka kdudka kdudka approved these changes

Assignees
No one assigned
Labels
authentication HTTP
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@captain-caveman2k @jay @kdudka