From bd21fc9d2f266e801f3846cf0dd7e9f183358a43 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sat, 18 May 2019 17:05:04 +0100 Subject: [PATCH] http_ntlm_wb: Return the correct error on receiving an empty auth message Missed in fe20826b as it wasn't implemented in http.c in b4d6db83. Closes #3894 --- lib/curl_ntlm_wb.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c index 2400ff091..2aa2289b2 100644 --- a/lib/curl_ntlm_wb.c +++ b/lib/curl_ntlm_wb.c @@ -339,7 +339,7 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn, bool proxy, const char *header) { - (void) proxy; + curlntlm *state = proxy ? &conn->proxy_ntlm_state : &conn->http_ntlm_state; if(!checkprefix("NTLM", header)) return CURLE_BAD_CONTENT_ENCODING; @@ -352,9 +352,17 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn, conn->challenge_header = strdup(header); if(!conn->challenge_header) return CURLE_OUT_OF_MEMORY; + + *state = NTLMSTATE_TYPE2; /* We got a type-2 message */ + } + else { + if(*state >= NTLMSTATE_TYPE1) { + infof(conn->data, "NTLM handshake failure (internal error)\n"); + return CURLE_REMOTE_ACCESS_DENIED; + } + + *state = NTLMSTATE_TYPE1; /* We should send away a type-1 */ } - else - return CURLE_BAD_CONTENT_ENCODING; return CURLE_OK; } -- 2.40.0