Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http_ntlm: Remove duplicate NSS initialisation #3935

Closed
wants to merge 1 commit into from

Conversation

@captain-caveman2k
Copy link
Member

@captain-caveman2k captain-caveman2k commented May 23, 2019

Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.

@jay
Copy link
Member

@jay jay commented Jun 3, 2019

Please save this until after the release, I don't know that it will break anything but why risk it.

@kdudka
Copy link
Collaborator

@kdudka kdudka commented Jun 4, 2019

I agree that compilation errors need to be fixed. In any case, calling Curl_nss_force_init() multiple times is safe -- all the subsequent calls are no-ops (unless Curl_nss_cleanup() is called in between).

kdudka
kdudka approved these changes Sep 30, 2019
Copy link
Collaborator

@kdudka kdudka left a comment

As I understand it, the code was made redundant by commit 33be9e2.

Assuming Curl_auth_decode_ntlm_type2_message() is always called before any NSS crypto is used on the way from Curl_output_ntlm(), the code should be safe to remove. But, to be honest, I do not know how NTLM works exactly.

If NTLM tests pass with libcurl-linked libcurl, this change is good to go in from my point of view.

kdudka
kdudka approved these changes Oct 16, 2019
Given that this is performed by the NTLM code there is no need to
perform the initialisation in the HTTP layer. This also keeps the
initialisation the same as the SASL based protocols and also fixes a
possible compilation issue if both NSS and SSPI were to be used as
multiple SSL backends.
@bagder bagder closed this in bb8cf05 Nov 28, 2019
@captain-caveman2k captain-caveman2k deleted the nss branch Feb 1, 2020
@lock lock bot locked as resolved and limited conversation to collaborators May 5, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants