sspi: Only call CompleteAuthToken() when complete is needed
Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code.
This commit is contained in:
parent
382cee0a77
commit
9c613ade7a
@ -497,10 +497,10 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
|
||||
ntlm->context, &type_1_desc,
|
||||
&attrs, &tsDummy);
|
||||
|
||||
if(status == SEC_I_COMPLETE_AND_CONTINUE ||
|
||||
status == SEC_I_CONTINUE_NEEDED)
|
||||
if(status == SEC_I_COMPLETE_NEEDED ||
|
||||
status == SEC_I_COMPLETE_AND_CONTINUE)
|
||||
s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
|
||||
else if(status != SEC_E_OK)
|
||||
else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED)
|
||||
return CURLE_RECV_ERROR;
|
||||
|
||||
size = type_1_buf.cbBuffer;
|
||||
|
@ -232,10 +232,10 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
||||
&chlg_desc, 0, &ctx,
|
||||
&resp_desc, &attrs, &tsDummy);
|
||||
|
||||
if(status == SEC_I_COMPLETE_AND_CONTINUE ||
|
||||
status == SEC_I_CONTINUE_NEEDED)
|
||||
if(status == SEC_I_COMPLETE_NEEDED ||
|
||||
status == SEC_I_COMPLETE_AND_CONTINUE)
|
||||
s_pSecFn->CompleteAuthToken(&handle, &resp_desc);
|
||||
else if(status != SEC_E_OK) {
|
||||
else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
|
||||
s_pSecFn->FreeCredentialsHandle(&handle);
|
||||
Curl_sspi_free_identity(&identity);
|
||||
Curl_safefree(spn);
|
||||
|
Loading…
Reference in New Issue
Block a user