Bug 1315332 - Don't reuse the connection for conn-based auth schemes when asking user for credentials. r=mcmanus
authorHonza Bambas <honzab.moz@firemni.cz>
Tue, 15 Nov 2016 11:00:00 -0500
changeset 324746 1219cdda749644daba4e836c146f8067215900d0
parent 324745 d62d5b78e234941e06b71de9de92788697e1619b
child 324747 2a34ba3cdc1d9c7158cb43bad2eb622dc72f9542
push id24
push usermaklebus@msu.edu
push dateTue, 20 Dec 2016 03:11:33 +0000
reviewersmcmanus
bugs1315332
milestone53.0a1
Bug 1315332 - Don't reuse the connection for conn-based auth schemes when asking user for credentials. r=mcmanus
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
--- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
+++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
@@ -1230,16 +1230,26 @@ nsHttpChannelAuthProvider::PromptForIden
         else
             holder->SetToHttpAuthIdentity(authFlags, ident);
     }
 
     // remember that we successfully showed the user an auth dialog
     if (!proxyAuth)
         mSuppressDefensiveAuth = true;
 
+    if (mConnectionBased) {
+        // Connection can be reset by the server in the meantime user is entering
+        // the credentials.  Result would be just a "Connection was reset" error.
+        // Hence, we drop the current regardless if the user would make it on time
+        // to provide credentials.
+        // It's OK to send the NTLM type 1 message (response to the plain "NTLM"
+        // challenge) on a new connection.
+        mAuthChannel->CloseStickyConnection();
+    }
+
     return rv;
 }
 
 NS_IMETHODIMP nsHttpChannelAuthProvider::OnAuthAvailable(nsISupports *aContext,
                                                          nsIAuthInformation *aAuthInfo)
 {
     LOG(("nsHttpChannelAuthProvider::OnAuthAvailable [this=%p channel=%p]",
         this, mAuthChannel));