Am 2014-07-17 17:20, schrieb David Woodhouse:
On Thu, 2014-07-17 at 15:47 +0200, Michael Osipov wrote:
Servers:
- Apache 2.2.27 on FreeBSD with mod_spnego (MIT Kerberos 1.12.1)
Was that the one offering the duplicate 'WWW-Authenticate: Negotiate'
headers? I think you fixed it to stop doing that... but could you break
it again, and test?
I have found and fixed that bug already in that mod already. Tests have
been made with
the fix: https://github.com/lha/mod_spnego/pull/11
But yes, I can break again and test. As far as I remember, it worked anyway.
I think I broke Kamil's recent fix¹ for that degenerate case, but we
could probably cope again if we just do the following:
--- a/lib/http.c
+++ b/lib/http.c
@@ -790,8 +790,6 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
bool proxy,
/* we received GSS auth info and we dealt with it fine */
negdata->state = GSS_AUTHRECV;
}
- else
- data->state.authproblem = TRUE;
}
}
}
I'd test this myself but... I can't actually remember which server I
discovered this with, and stupidly didn't put that information into the
bug I filed.
I do not know whether this will fix but I can change my Tomcat Authenticator
to resemble that faulty server.
Michael
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
