From f78ae415d24b9bd89d6c121c556e411fdb21c6aa Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Fri, 11 Jul 2014 11:09:34 +0100
Subject: [PATCH] Don't clear GSSAPI state between each exchange in the
 negotiation

GSSAPI doesn't work very well if we forget everything ever time.

XX: Is Curl_http_done() the right place to do the final cleanup?
---
 lib/http.c                | 6 ++++++
 lib/http_negotiate.c      | 1 -
 lib/http_negotiate_sspi.c | 1 -
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/http.c b/lib/http.c
index 78791ee1af..91060567e3 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1443,6 +1443,12 @@ CURLcode Curl_http_done(struct connectdata *conn,
 
   Curl_unencode_cleanup(conn);
 
+#ifdef USE_HTTP_NEGOTIATE
+  if(data->state.proxyneg.state == GSS_AUTHSENT ||
+      data->state.negotiate.state == GSS_AUTHSENT)
+    Curl_cleanup_negotiate(data);
+#endif
+
   /* set the proper values (possibly modified on POST) */
   conn->fread_func = data->set.fread_func; /* restore */
   conn->fread_in = data->set.in; /* restore */
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 9b01e0a563..bbad0b4595 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -250,7 +250,6 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
   }
 
   Curl_safefree(encoded);
-  Curl_cleanup_negotiate(conn->data);
 
   return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
 }
diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c
index 8396a61978..236766b16e 100644
--- a/lib/http_negotiate_sspi.c
+++ b/lib/http_negotiate_sspi.c
@@ -268,7 +268,6 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
   else
     conn->allocptr.userpwd = userp;
   free(encoded);
-  Curl_cleanup_negotiate (conn->data);
   return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
 }
 
-- 
GitLab