From: Stefan Bühler <buehler@teamviewer.com>
Date: Mon, 24 Nov 2014 08:23:07 +0000 (+0100)
Subject: HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request
X-Git-Tag: curl-7_40_0~223
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=87c4abb611c2b7038edc27c08b001d577eb14bd9;p=curl

HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request

Sending NTLM/Negotiate header again after successful authentication
breaks the connection with certain Proxies and request types (POST to MS
Forefront).
---

diff --git a/lib/http.c b/lib/http.c
index d32a01271..c56689893 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2323,12 +2323,27 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       );
 
   /*
-   * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
-   * with basic and digest, it will be freed anyway by the next request
+   * Free userpwd for Negotiate/NTLM. Cannot reuse as it is associated with
+   * the connection and shouldn't be repeated over it either.
    */
+  switch (data->state.authhost.picked) {
+  case CURLAUTH_NEGOTIATE:
+  case CURLAUTH_NTLM:
+  case CURLAUTH_NTLM_WB:
+    Curl_safefree(conn->allocptr.userpwd);
+    break;
+  }
 
-  Curl_safefree (conn->allocptr.userpwd);
-  conn->allocptr.userpwd = NULL;
+  /*
+   * Same for proxyuserpwd
+   */
+  switch (data->state.authproxy.picked) {
+  case CURLAUTH_NEGOTIATE:
+  case CURLAUTH_NTLM:
+  case CURLAUTH_NTLM_WB:
+    Curl_safefree(conn->allocptr.proxyuserpwd);
+    break;
+  }
 
   if(result)
     return result;