http: avoid auth failure on a duplicated header

kdudka · kdudka · commit ec5fde24de5d · 2014-05-09T13:44:04.000+02:00
... 'WWW-Authenticate: Negotiate' received from server Reported by: David Woodhouse Bug: https://bugzilla.redhat.com/1093348
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
@@ -64,6 +64,7 @@ This release includes the following bugfixes:
  o curl_multi_cleanup: ignore SIGPIPE better [13]
  o schannel: don't use the connect-timeout during send [14]
  o mprintf: allow %.s with data not being zero terminated
+ o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15]
 
 This release includes the following known bugs:
 
@@ -96,3 +97,4 @@ References to bug reports and discussions on issues:
  [12] = http://curl.haxx.se/mail/lib-2014-04/0161.html
  [13] = http://thread.gmane.org/gmane.comp.version-control.git/238242
  [14] = http://curl.haxx.se/bug/view.cgi?id=1352
+ [15] = https://bugzilla.redhat.com/1093348
diff --git a/lib/http.c b/lib/http.c
@@ -780,7 +780,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
           infof(data, "Authentication problem. Ignoring this.\n");
           data->state.authproblem = TRUE;
         }
-        else {
+        else if(data->state.negotiate.state == GSS_AUTHNONE) {
           neg = Curl_input_negotiate(conn, proxy, auth);
           if(neg == 0) {
             DEBUGASSERT(!data->req.newurl);

Original file line number	Diff line number	Diff line change
`@@ -780,7 +780,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,`
`780`	`780`	`infof(data, "Authentication problem. Ignoring this.\n");`
`781`	`781`	`data->state.authproblem = TRUE;`
`782`	`782`	`}`
`783`		`- else {`
	`783`	`+ else if(data->state.negotiate.state == GSS_AUTHNONE) {`
`784`	`784`	`neg = Curl_input_negotiate(conn, proxy, auth);`
`785`	`785`	`if(neg == 0) {`
`786`	`786`	`DEBUGASSERT(!data->req.newurl);`