http: avoid auth failure on a duplicated header

author Kamil Dudka <kdudka@redhat.com>

Mon, 5 May 2014 12:49:30 +0000 (14:49 +0200)

committer Kamil Dudka <kdudka@redhat.com>

Fri, 9 May 2014 11:44:04 +0000 (13:44 +0200)
author Kamil Dudka <kdudka@redhat.com>
Mon, 5 May 2014 12:49:30 +0000 (14:49 +0200)
committer Kamil Dudka <kdudka@redhat.com>
Fri, 9 May 2014 11:44:04 +0000 (13:44 +0200)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES

index f535d52..1261fe4 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -64,6 +64,7 @@ This release includes the following bugfixes:
   o curl_multi_cleanup: ignore SIGPIPE better [13]
   o schannel: don't use the connect-timeout during send [14]
   o mprintf: allow %.s with data not being zero terminated
+ o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15]
  
  This release includes the following known bugs:
  
@@ -96,3 +97,4 @@ References to bug reports and discussions on issues:
   [12] = http://curl.haxx.se/mail/lib-2014-04/0161.html
   [13] = http://thread.gmane.org/gmane.comp.version-control.git/238242
   [14] = http://curl.haxx.se/bug/view.cgi?id=1352
+ [15] = https://bugzilla.redhat.com/1093348
diff --git a/lib/http.c b/lib/http.c

index fb43349..937d241 100644 (file)
--- a/lib/http.c
+++ b/lib/http.c
@@ -780,7 +780,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
            infof(data, "Authentication problem. Ignoring this.\n");
            data->state.authproblem = TRUE;
          }
-        else {
+        else if(data->state.negotiate.state == GSS_AUTHNONE) {
            neg = Curl_input_negotiate(conn, proxy, auth);
            if(neg == 0) {
              DEBUGASSERT(!data->req.newurl);
author	Kamil Dudka <kdudka@redhat.com>
	Mon, 5 May 2014 12:49:30 +0000 (14:49 +0200)
committer	Kamil Dudka <kdudka@redhat.com>
	Fri, 9 May 2014 11:44:04 +0000 (13:44 +0200)
RELEASE-NOTES		patch \| blob \| history
lib/http.c		patch \| blob \| history