Bug 1315332 - Don't reuse the connection for conn-based auth schemes when asking user for credentials, r=mcmanus
☠☠ backed out by cb3dc0301552 ☠ ☠
authorHonza Bambas <honzab.moz@firemni.cz>
Sun, 27 Nov 2016 21:24:43 +0100
changeset 324401 132bb5e7c5b8a80c3c3bc51e865a9562f857f1c7
parent 324400 c17948ef9b358c38d267032dc7667142e8c08909
child 324402 8a6c538cf61a70d09a10edfb2cf3bb289b2f6b84
push id24
push usermaklebus@msu.edu
push dateTue, 20 Dec 2016 03:11:33 +0000
reviewersmcmanus
bugs1315332
milestone53.0a1
Bug 1315332 - Don't reuse the connection for conn-based auth schemes when asking user for credentials, r=mcmanus
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
--- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
+++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
@@ -1217,16 +1217,26 @@ nsHttpChannelAuthProvider::PromptForIden
         else
             holder->SetToHttpAuthIdentity(authFlags, ident);
     }
 
     // remember that we successfully showed the user an auth dialog
     if (!proxyAuth)
         mSuppressDefensiveAuth = true;
 
+    if (mConnectionBased) {
+        // Connection can be reset by the server in the meantime user is entering
+        // the credentials.  Result would be just a "Connection was reset" error.
+        // Hence, we drop the current regardless if the user would make it on time
+        // to provide credentials.
+        // It's OK to send the NTLM type 1 message (response to the plain "NTLM"
+        // challenge) on a new connection.
+        mAuthChannel->CloseStickyConnection();
+    }
+
     return rv;
 }
 
 NS_IMETHODIMP nsHttpChannelAuthProvider::OnAuthAvailable(nsISupports *aContext,
                                                          nsIAuthInformation *aAuthInfo)
 {
     LOG(("nsHttpChannelAuthProvider::OnAuthAvailable [this=%p channel=%p]",
         this, mAuthChannel));