http_ntlm_wb: Return the correct error on receiving an empty auth message

Missed in fe20826b as it wasn't implemented in http.c in b4d6db83.

Closes #3894

diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index 2400ff09129805ea2c7b4a8a10e2dcaa3700c681..2aa2289b26e6f5f1e20f1a89c2871acf4a6faf94 100644 (file)
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -339,7 +339,7 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn,
                             bool proxy,
                             const char *header)
 {
-  (void) proxy;
+  curlntlm *state = proxy ? &conn->proxy_ntlm_state : &conn->http_ntlm_state;
 
   if(!checkprefix("NTLM", header))
     return CURLE_BAD_CONTENT_ENCODING;
@@ -352,9 +352,17 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn,
     conn->challenge_header = strdup(header);
     if(!conn->challenge_header)
       return CURLE_OUT_OF_MEMORY;
+
+    *state = NTLMSTATE_TYPE2; /* We got a type-2 message */
+  }
+  else {
+    if(*state >= NTLMSTATE_TYPE1) {
+      infof(conn->data, "NTLM handshake failure (internal error)\n");
+      return CURLE_REMOTE_ACCESS_DENIED;
+    }
+
+    *state = NTLMSTATE_TYPE1; /* We should send away a type-1 */
   }
-  else
-    return CURLE_BAD_CONTENT_ENCODING;
 
   return CURLE_OK;
 }