Moved the NTLM credentials to the connectdata struct instead, as NTLM

authenticates connections and not single requests. This should make it work
better when we mix requests from multiple hosts. Problem pointed out by
Cris Bailiff.

diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index c1bc929ca6e344575eefb3e177eb4fb0704256fd..c7c5c9eed8ecdd93421098ae7ef214b330fb5498 100644 (file)
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -92,8 +92,6 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
                          char *header) /* rest of the www-authenticate:
                                           header */
 {
-  struct SessionHandle *data=conn->data;
-
   /* skip initial whitespaces */
   while(*header && isspace((int)*header))
     header++;
@@ -122,20 +120,20 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
 
       int size = Curl_base64_decode(header, buffer);
 
-      data->state.ntlm.state = NTLMSTATE_TYPE2; /* we got a type-2 */
+      conn->ntlm.state = NTLMSTATE_TYPE2; /* we got a type-2 */
 
       if(size >= 48)
         /* the nonce of interest is index [24 .. 31], 8 bytes */
-        memcpy(data->state.ntlm.nonce, &buffer[24], 8);
+        memcpy(conn->ntlm.nonce, &buffer[24], 8);
 
       /* at index decimal 20, there's a 32bit NTLM flag field */
 
     }
     else {
-      if(data->state.ntlm.state >= NTLMSTATE_TYPE1)
+      if(conn->ntlm.state >= NTLMSTATE_TYPE1)
         return CURLNTLM_BAD;
 
-      data->state.ntlm.state = NTLMSTATE_TYPE1; /* we should sent away a
+      conn->ntlm.state = NTLMSTATE_TYPE1; /* we should sent away a
                                                   type-1 */
     }
   }
@@ -284,7 +282,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
   char *base64=NULL;
 
   unsigned char ntlm[256]; /* enough, unless the host/domain is very long */
-  switch(data->state.ntlm.state) {
+  switch(conn->ntlm.state) {
   case NTLMSTATE_TYPE1:
   default: /* for the weird cases we (re)start here */
     hostoff = 32;
@@ -392,7 +390,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
       user = data->state.user;
     userlen = strlen(user);
 
-    mkhash(data->state.passwd, &data->state.ntlm.nonce[0], lmresp
+    mkhash(data->state.passwd, &conn->ntlm.nonce[0], lmresp
 #ifdef USE_NTRESPONSES
            , ntresp
 #endif
@@ -519,7 +517,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
     else
       return CURLE_OUT_OF_MEMORY; /* FIX TODO */
 
-    data->state.ntlm.state = NTLMSTATE_TYPE3; /* we sent a type-3 */
+    conn->ntlm.state = NTLMSTATE_TYPE3; /* we sent a type-3 */
     
   }
   break;

diff --git a/lib/urldata.h b/lib/urldata.h
index dab214ce37150969f69db3e9fc6d4fa68f7a25ae..04f999f037b5a4a993590ce3801e19ec7d52d394 100644 (file)
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -528,6 +528,9 @@ struct connectdata {
   curl_read_callback fread; /* function that reads the input */
   void *fread_in;           /* pointer to pass to the fread() above */
 
+  struct ntlmdata ntlm;     /* NTLM differs from other authentication schemes
+                               because it authenticates connections, not
+                               single requests! */
 };
 
 /* The end of connectdata. */
@@ -658,7 +661,6 @@ struct UrlState {
                       is always set TRUE when curl_easy_perform() is called. */
 
   struct digestdata digest;
-  struct ntlmdata ntlm;
 
 #ifdef GSSAPI
   struct negotiatedata negotiate;