From 9d6dd7bc1dea42ae8e710aeae714e2a2c290de61 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 10 Mar 2023 09:22:43 +0100 Subject: [PATCH] url: only reuse connections with same GSS delegation Reported-by: Harry Sintonen Closes #10731 Upstream-commit: cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Signed-off-by: Kamil Dudka --- lib/url.c | 6 ++++++ lib/urldata.h | 2 ++ 2 files changed, 8 insertions(+) diff --git a/lib/url.c b/lib/url.c index 3b11b7e..cbbc7f3 100644 --- a/lib/url.c +++ b/lib/url.c @@ -1305,6 +1305,11 @@ ConnectionExists(struct Curl_easy *data, } } + /* GSS delegation differences do not actually affect every connection + and auth method, but this check takes precaution before efficiency */ + if(needle->gssapi_delegation != check->gssapi_delegation) + continue; + if(needle->handler->protocol & (CURLPROTO_SCP|CURLPROTO_SFTP)) { if(!ssh_config_matches(needle, check)) continue; @@ -1949,6 +1954,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data) it may live on without (this specific) Curl_easy */ conn->fclosesocket = data->set.fclosesocket; conn->closesocket_client = data->set.closesocket_client; + conn->gssapi_delegation = data->set.gssapi_delegation; return conn; error: diff --git a/lib/urldata.h b/lib/urldata.h index ce90304..9e16f26 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -856,6 +856,8 @@ struct connectdata { int httpversion; /* the HTTP version*10 reported by the server */ int rtspversion; /* the RTSP version*10 reported by the server */ + unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */ + struct curltime now; /* "current" time */ struct curltime created; /* creation time */ curl_socket_t sock[2]; /* two sockets, the second is used for the data -- 2.39.2