43 lines
1.5 KiB
Diff
43 lines
1.5 KiB
Diff
From cbea2fd2c74feabeb6f13b3e3df243b225b3b3ab Mon Sep 17 00:00:00 2001
|
|
From: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
Date: Thu, 6 Dec 2018 17:26:13 +0100
|
|
Subject: [PATCH] NTLM: force the connection to HTTP/1.1
|
|
|
|
Since v7.62.0, cURL tries to use HTTP/2 whenever the server announces
|
|
the capability. However, NTLM authentication only works with HTTP/1.1,
|
|
and will likely remain in that boat (for details, see
|
|
https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/http2-on-iis#when-is-http2-not-supported).
|
|
|
|
When we just found out that we want to use NTLM, and when the current
|
|
connection runs in HTTP/2 mode, let's force the connection to be closed
|
|
and to be re-opened using HTTP/1.1.
|
|
|
|
Fixes https://github.com/curl/curl/issues/3341.
|
|
Closes #3345
|
|
|
|
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
---
|
|
lib/http.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/lib/http.c b/lib/http.c
|
|
index aed7aa80f..7be6f8b92 100644
|
|
--- a/lib/http.c
|
|
+++ b/lib/http.c
|
|
@@ -526,6 +526,12 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
|
|
pickhost = pickoneauth(&data->state.authhost, authmask);
|
|
if(!pickhost)
|
|
data->state.authproblem = TRUE;
|
|
+ if(data->state.authhost.picked == CURLAUTH_NTLM &&
|
|
+ conn->httpversion > 11) {
|
|
+ infof(data, "Forcing HTTP/1.1 for NTLM");
|
|
+ connclose(conn, "Force HTTP/1.1 connection");
|
|
+ conn->data->set.httpversion = CURL_HTTP_VERSION_1_1;
|
|
+ }
|
|
}
|
|
if(conn->bits.proxy_user_passwd &&
|
|
((data->req.httpcode == 407) ||
|
|
--
|
|
2.50.0
|
|
|