connectionexists: use case sensitive user/password comparisons (b3ee26c5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

lib/url.c

+6 −6

Original line number	Original line	Diff line number	Diff line
	@@ -3394,8 +3394,8 @@ ConnectionExists(struct Curl_easy *data,
	if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {		if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
	/* This protocol requires credentials per connection,		/* This protocol requires credentials per connection,
	so verify that we're using the same name and password as well */		so verify that we're using the same name and password as well */
	if(!strequal(needle->user, check->user) \|\|		if(strcmp(needle->user, check->user) \|\|
	!strequal(needle->passwd, check->passwd)) {		strcmp(needle->passwd, check->passwd)) {
	/* one of them was different */		/* one of them was different */
	continue;		continue;
	}		}
	@@ -3455,8 +3455,8 @@ ConnectionExists(struct Curl_easy *data,
	possible. (Especially we must not reuse the same connection if		possible. (Especially we must not reuse the same connection if
	partway through a handshake!) */		partway through a handshake!) */
	if(wantNTLMhttp) {		if(wantNTLMhttp) {
	if(!strequal(needle->user, check->user) \|\|		if(strcmp(needle->user, check->user) \|\|
	!strequal(needle->passwd, check->passwd))		strcmp(needle->passwd, check->passwd))
	continue;		continue;
	}		}
	else if(check->ntlm.state != NTLMSTATE_NONE) {		else if(check->ntlm.state != NTLMSTATE_NONE) {
	@@ -3470,8 +3470,8 @@ ConnectionExists(struct Curl_easy *data,
	if(!check->proxyuser \|\| !check->proxypasswd)		if(!check->proxyuser \|\| !check->proxypasswd)
	continue;		continue;

	if(!strequal(needle->proxyuser, check->proxyuser) \|\|		if(strcmp(needle->proxyuser, check->proxyuser) \|\|
	!strequal(needle->proxypasswd, check->proxypasswd))		strcmp(needle->proxypasswd, check->proxypasswd))
	continue;		continue;
	}		}
	else if(check->proxyntlm.state != NTLMSTATE_NONE) {		else if(check->proxyntlm.state != NTLMSTATE_NONE) {