Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http_ntlm: Remove duplicate NSS initialisation #3935

Closed
wants to merge 1 commit into from

Conversation

@captain-caveman2k
Copy link
Member

@captain-caveman2k captain-caveman2k commented May 23, 2019

Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.

@jay jay requested a review from kdudka May 24, 2019
@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch 3 times, most recently from 476fa9b to 6c174bc May 27, 2019
@jay
Copy link
Member

@jay jay commented Jun 3, 2019

Please save this until after the release, I don't know that it will break anything but why risk it.

@kdudka
Copy link
Collaborator

@kdudka kdudka commented Jun 4, 2019

I agree that compilation errors need to be fixed. In any case, calling Curl_nss_force_init() multiple times is safe -- all the subsequent calls are no-ops (unless Curl_nss_cleanup() is called in between).

@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch from 6c174bc to 4832b93 Jun 5, 2019
@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch from 4832b93 to 36c82bd Jun 22, 2019
@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch 2 times, most recently from 680724c to fb66c62 Aug 4, 2019
@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch from fb66c62 to b6a5085 Sep 27, 2019
@kdudka
kdudka approved these changes Sep 30, 2019
Copy link
Collaborator

@kdudka kdudka left a comment

As I understand it, the code was made redundant by commit 33be9e2.

Assuming Curl_auth_decode_ntlm_type2_message() is always called before any NSS crypto is used on the way from Curl_output_ntlm(), the code should be safe to remove. But, to be honest, I do not know how NTLM works exactly.

If NTLM tests pass with libcurl-linked libcurl, this change is good to go in from my point of view.

@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch from b6a5085 to d357dc9 Oct 15, 2019
@kdudka
kdudka approved these changes Oct 16, 2019
Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.
@captain-caveman2k captain-caveman2k force-pushed the captain-caveman2k:nss branch from d357dc9 to e696c35 Nov 21, 2019
@bagder bagder closed this in bb8cf05 Nov 28, 2019
@captain-caveman2k captain-caveman2k deleted the captain-caveman2k:nss branch Feb 1, 2020
@lock lock bot locked as resolved and limited conversation to collaborators May 5, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.