From: Steve Holme <steve_holme@hotmail.com>
Date: Tue, 5 Aug 2014 23:12:53 +0000 (+0100)
Subject: http_negotiate_sspi: Fixed endless unauthorized loop in commit 6bc76194e8
X-Git-Tag: curl-7_38_0~140
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f8af8606a5420e2cfb17f2f32d750b6b2e7b52f9;p=thirdparty%2Fcurl.git

http_negotiate_sspi: Fixed endless unauthorized loop in commit 6bc76194e8

If the server rejects our authentication attempt and curl hasn't
called CompleteAuthToken() then the status variable will be
SEC_I_CONTINUE_NEEDED and not SEC_E_OK.

As such the existing detection mechanism for determining whether or not
the authentication process has finished is not sufficient.

However, the WWW-Authenticate: Negotiate header line will not contain
any data when the server has exhausted the negotiation, so we can use
that coupled with the already allocated context pointer.
---

diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c
index 3c5680c4fd..8e63914956 100644
--- a/lib/http_negotiate_sspi.c
+++ b/lib/http_negotiate_sspi.c
@@ -117,9 +117,14 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
 
   len = strlen(header);
   if(!len) {
-    /* first call in a new negotation, we have to acquire credentials,
-       and allocate memory for the context */
+    /* Is this the first call in a new negotiation? */
+    if(neg_ctx->context) {
+      /* The server rejected our authentication and hasn't suppled any more
+         negotiation mechanisms */
+      return -1;
+    }
 
+    /* We have to acquire credentials and allocate memory for the context */
     neg_ctx->credentials = malloc(sizeof(CredHandle));
     neg_ctx->context = malloc(sizeof(CtxtHandle));