Bug 1757643
Summary: | curl does not send Authorization header when receiving WWW-Authenticate header twice | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Hisanobu Okuda <hokuda> |
Component: | curl | Assignee: | Kamil Dudka <kdudka> |
Status: | CLOSED ERRATA | QA Contact: | Daniel Rusek <drusek> |
Severity: | high | Docs Contact: | |
Priority: | urgent | ||
Version: | 6.10 | CC: | drusek, fkrska, kdudka, msekleta, pamadio, thozza |
Target Milestone: | rc | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | curl-7.19.7-54.el6_10 | Doc Type: | Bug Fix |
Doc Text: |
Cause:
libcurl's internal state machine used for HTTP authentication got confused by a duplicated WWW-Authenticate header in the HTTP response.
Consequence:
libcurl did not send the Authorization header in the subsequent HTTP request and continued without the authentication.
Fix:
libcurl's internal state machine used for HTTP authentication was extended to handle this case properly.
Result:
HTTP authentication now works as expected in this case.
|
Story Points: | --- |
Clone Of: | 1754736 | Environment: | |
Last Closed: | 2019-12-17 10:51:39 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1754736 | ||
Bug Blocks: |
Comment 3
Kamil Dudka
2019-10-02 10:02:16 UTC
Development Management has reviewed and declined this request. You may appeal this decision by using your Red Hat support channels, who will make certain the issue receives the proper prioritization with product and development management. https://www.redhat.com/support/process/production/#howto Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:4253 |