Known bug #47, which confused libcurl if doing NTLM auth over a proxy with

a response that was larger than 16KB is now improved slightly so that now the restriction at 16KB is for the headers only and it should be a rare situation where the response-headers exceed 16KB. Thus, I consider #47 fixed and the header limitation is now known as known bug #48.
2025-01-18 14:04:30 +08:00 · 2007-10-07 08:28:03 +00:00 · 2007-10-07 08:28:03 +00:00 · 08fd1829e0
commit 08fd1829e0
parent 43a4604639
4 changed files with 15 additions and 5 deletions
--- a/7
+++ b/7
@ -6,6 +6,13 @@

                                  Changelog

+Daniel S (7 October 2007)
+- Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
+  a response that was larger than 16KB is now improved slightly so that now
+  the restriction at 16KB is for the headers only and it should be a rare
+  situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
+  and the header limitation is now known as known bug #48.
+
 Daniel S (5 October 2007)
 - Michael Wallner made the CULROPT_COOKIELIST option support a new magic
  string: "FLUSH". Using that will cause libcurl to flush its cookies to the
--- a/2
+++ b/2
@ -5,6 +5,4 @@ To be addressed before 7.17.1 (planned release: November 2007)

 100 - icc segmentation faults

-101 - known bug #47, if a CONNECT response is larger than BUFSIZE
-
 103 -
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@ -3,9 +3,10 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

-47. If a CONNECT response is larger than BUFSIZE when the connection is meant
-  to be kept alive, the function will return prematurely and will confuse the
-  rest of the HTTP protocol code.
+48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the
+  connection is meant to be kept alive (like for NTLM proxy auth), the
+  function will return prematurely and will confuse the rest of the HTTP
+  protocol code. This should be very rare.

 45. libcurl built to support ipv6 uses getaddrinfo() to resolve host names.
  getaddrinfo() sorts the response list which effectively kills how libcurl
--- a/lib/http.c
+++ b/lib/http.c
@ -1342,6 +1342,8 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,

            if(keepon > TRUE) {
              /* This means we are currently ignoring a response-body */
+
+              nread = 0; /* make next read start over in the read buffer */
              if(cl) {
                /* A Content-Length based body: simply count down the counter
                   and make sure to break out of the loop when we're done! */
@ -1399,6 +1401,8 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
                  if(('\r' == line_start[0]) ||
                     ('\n' == line_start[0])) {
                    /* end of response-headers from the proxy */
+                    nread = 0; /* make next read start over in the read
+                                  buffer */
                    if((407 == k->httpcode) && !data->state.authproblem) {
                      /* If we get a 407 response code with content length
                         when we have no auth problem, we must ignore the