From 8683703ef3978983e61329801aecc554aec06055 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 7 Jan 2014 09:33:54 +0100 Subject: [PATCH] ConnectionExists: fix NTLM check for new connection When the requested authentication bitmask includes NTLM, we cannot re-use a connection for another username/password as we then risk re-using NTLM (connection-based auth). This has the unfortunate downside that if you include NTLM as a possible auth, you cannot re-use connections for other usernames/passwords even if NTLM doesn't end up the auth type used. Reported-by: Paras S Patched-by: Paras S Bug: http://curl.haxx.se/mail/lib-2014-01/0046.html [upstream commit 8ae35102c43d8d06572c3a1292eb6e27e663c78d] Signed-off-by: Kamil Dudka --- lib/url.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/url.c b/lib/url.c index bddbd91..313ec3e 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2782,8 +2782,8 @@ ConnectionExists(struct SessionHandle *data, struct connectdata *check; struct connectdata *chosen = 0; bool canPipeline = IsPipeliningPossible(data, needle); - bool wantNTLM = (data->state.authhost.want==CURLAUTH_NTLM) || - (data->state.authhost.want==CURLAUTH_NTLM_WB) ? TRUE : FALSE; + bool wantNTLM = (data->state.authhost.want & CURLAUTH_NTLM) || + (data->state.authhost.want & CURLAUTH_NTLM_WB) ? TRUE : FALSE; struct connectbundle *bundle; /* Look up the bundle with all the connections to this -- 1.7.1