From 17be1a6d0436e18cc1a83ce54b18896ffc8f6be7 Mon Sep 17 00:00:00 2001 From: "ahendrickson@google.com" Date: Tue, 27 Jul 2010 19:20:23 +0000 Subject: Fix for Proxy server authentication without credentials available. This covers the cases using GSSAPI for Negotiate to authenticate to a proxy, where: - The user does not have a TGT (Ticket Generating Ticket), or - The user is unable to get to the TGS (Ticket Granting Server). The bug was that the authentication system tried to reuse the Negotiate handler even though it was not possible for it to succeed, leading to infinite retries. BUG=33033 Test=None Review URL: http://codereview.chromium.org/3040015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53819 0039d316-1c4b-4281-b951-d872f2087c98 --- net/http/http_auth.cc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'net') diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc index ff2ac4f..e6fdfe8 100644 --- a/net/http/http_auth.cc +++ b/net/http/http_auth.cc @@ -31,7 +31,8 @@ void HttpAuth::ChooseBestChallenge( // A connection-based authentication scheme must continue to use the // existing handler object in |*handler|. - if (handler->get() && (*handler)->is_connection_based()) { + if (handler->get() && (*handler)->is_connection_based() && + (disabled_schemes.find((*handler)->scheme()) == disabled_schemes.end())) { const std::string header_name = GetChallengeHeaderName(target); std::string challenge; void* iter = NULL; @@ -57,10 +58,9 @@ void HttpAuth::ChooseBestChallenge( << ErrorToString(rv) << " Challenge: " << cur_challenge; continue; } - if (cur.get() && (!best.get() || best->score() < cur->score())) { - if (disabled_schemes.find(cur->scheme()) == disabled_schemes.end()) - best.swap(cur); - } + if (cur.get() && (!best.get() || best->score() < cur->score()) && + (disabled_schemes.find(cur->scheme()) == disabled_schemes.end())) + best.swap(cur); } handler->swap(best); } -- cgit v1.1