From 8288862b7ecc4a48de97fa8e56ab45b2b1a78a14 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 13 Jun 2003 10:15:55 +0000
Subject: [PATCH] Cris Bailiff's patch that should make us do NTLM correctly.
 When we've authenticated our connection, we can continue without any
 Authorization: headers as long as our connection is maintained.

---
 lib/http_ntlm.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 8f1db89837..0668077840 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -367,7 +367,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
       return CURLE_OUT_OF_MEMORY; /* FIX TODO */
   }
   else {
-    /* We are not in the first state, create a type-3 message */
+    if(NTLMSTATE_TYPE2 == data->state.ntlm.state) {
+      /* We received the type-2 already, create a type-3 message */
 
     /*
       My test-IE session sent this type-3:
@@ -557,6 +558,17 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
     else
       return CURLE_OUT_OF_MEMORY; /* FIX TODO */
 
+      data->state.ntlm.state = NTLMSTATE_TYPE3; /* we sent a type-3 */
+
+    } else 
+      if(NTLMSTATE_TYPE3 == data->state.ntlm.state) {
+        /* connection is already authenticated,
+         * don't send a header in future requests */
+          if(conn->allocptr.userpwd) {
+            free(conn->allocptr.userpwd);
+            conn->allocptr.userpwd=NULL;
+          }
+      }
   }
 
   return CURLE_OK;
-- 
GitLab