On Thu, 15 Mar 2012, Ellié Computing Open Source Program wrote:
The scenario is the following:
- the user enters valid authentication information (e.g. login/pwd)
- libcurl connects correctly
- the user finally want to use agent connection or private key (I enter "foo"
for the path, "bar" for the password to verify it's really wrong), and want
to verify that the new credential are ok
- it connects as well :( reusing the previous connection, rather than
authenticating again
where should I search in the code to fix that?
lib/url.c:ConnectionExists() is the function that checks if a new request can
re-use an existing connection. Different credentials like user+password should
certainly not allow a SSH connection to be re-used (although a HTTP connection
can be re-used even with new credentials).
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
