http: fix CONNECT_ONLY with Negotiate authentication #655

Closed
wants to merge 1 commit into
from

Projects

None yet

4 participants

@MarcelRaad
Member

Since 79b9d5f, connections were closed immediately before the libcurl user had a chance to extract the socket if Negotiate authentication was used. If CURLOPT_CONNECT_ONLY is set, it is the user's responsibility to decide when to close the connection.

This pull request is the same as #520, but without the HTTP status code check.

@MarcelRaad MarcelRaad http: fix CONNECT_ONLY with Negotiate authentication
CONNECT_ONLY connections were closed immediately before the user had a chance
to extract the socket when the proxy required Negotiate authentication.
b4172c3
@frenche
Contributor
frenche commented Apr 26, 2016

As mention over #520 this look OK to me.

@sithglan
Contributor

I hit this regression as well. Please apply.

@bagder bagder added a commit that closed this pull request Apr 26, 2016
@MarcelRaad @bagder MarcelRaad + bagder CONNECT_ONLY: don't close connection on GSS 401/407 reponses
Previously, connections were closed immediately before the user had a
chance to extract the socket when the proxy required Negotiate
authentication.

This regression was brought in with the security fix in commit
79b9d5f

Closes #655
c2b3f26
@bagder bagder closed this in c2b3f26 Apr 26, 2016
@bagder
Member
bagder commented Apr 26, 2016

Thanks everyone for your help and contributions!

@MarcelRaad MarcelRaad deleted the MarcelRaad:connect_only_negotiate branch Apr 27, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment