From 01d72d81f7e86f9433a81792cd61038506fe0048 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 20 Dec 2014 09:04:54 +0100 Subject: curl: sync with 7.29.0-19 from RHEL-7 (for EL-5) --- 0014-curl-7.29.0-8ae35102.patch | 42 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 0014-curl-7.29.0-8ae35102.patch (limited to '0014-curl-7.29.0-8ae35102.patch') diff --git a/0014-curl-7.29.0-8ae35102.patch b/0014-curl-7.29.0-8ae35102.patch new file mode 100644 index 0000000..9daa26d --- /dev/null +++ b/0014-curl-7.29.0-8ae35102.patch @@ -0,0 +1,42 @@ +From 8683703ef3978983e61329801aecc554aec06055 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Tue, 7 Jan 2014 09:33:54 +0100 +Subject: [PATCH] ConnectionExists: fix NTLM check for new connection + +When the requested authentication bitmask includes NTLM, we cannot +re-use a connection for another username/password as we then risk +re-using NTLM (connection-based auth). + +This has the unfortunate downside that if you include NTLM as a possible +auth, you cannot re-use connections for other usernames/passwords even +if NTLM doesn't end up the auth type used. + +Reported-by: Paras S +Patched-by: Paras S +Bug: http://curl.haxx.se/mail/lib-2014-01/0046.html + +[upstream commit 8ae35102c43d8d06572c3a1292eb6e27e663c78d] + +Signed-off-by: Kamil Dudka +--- + lib/url.c | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/url.c b/lib/url.c +index bddbd91..313ec3e 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -2782,8 +2782,8 @@ ConnectionExists(struct SessionHandle *data, + struct connectdata *check; + struct connectdata *chosen = 0; + bool canPipeline = IsPipeliningPossible(data, needle); +- bool wantNTLM = (data->state.authhost.want==CURLAUTH_NTLM) || +- (data->state.authhost.want==CURLAUTH_NTLM_WB) ? TRUE : FALSE; ++ bool wantNTLM = (data->state.authhost.want & CURLAUTH_NTLM) || ++ (data->state.authhost.want & CURLAUTH_NTLM_WB) ? TRUE : FALSE; + struct connectbundle *bundle; + + /* Look up the bundle with all the connections to this +-- +1.7.1 + -- cgit