ucb/source/ucp/webdav-curl/CurlSession.cxx | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-)
New commits: commit 4e9c1938df3fb13c73910ac4019b66a1924b6d5f Author: Michael Stahl <michael.st...@allotropia.de> AuthorDate: Wed Nov 24 16:01:04 2021 +0100 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Thu Nov 25 18:54:11 2021 +0100 ucb: webdav-curl: NTLM is both system and not-system authentication Leave it to libcurl collapse the wave function. Change-Id: Idb51ebaec8b68a7c7fadcae2ae13b3b63ba1db79 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125788 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.st...@allotropia.de> diff --git a/ucb/source/ucp/webdav-curl/CurlSession.cxx b/ucb/source/ucp/webdav-curl/CurlSession.cxx index 1c9da506df8e..aacc6bbed48e 100644 --- a/ucb/source/ucp/webdav-curl/CurlSession.cxx +++ b/ucb/source/ucp/webdav-curl/CurlSession.cxx @@ -1307,11 +1307,21 @@ auto CurlProcessor::ProcessRequest( if (ret == 0) { + // NTLM may either use a password requested + // from the user, or from the system via SSPI + // so i guess it should not be disabled here + // regardless of the state of the system auth + // checkbox, particularly since SSPI is only + // available on WNT. + // Additionally, "Negotiate" has a "legacy" + // mode that is actually just NTLM according to + // https://curl.se/rfc/ntlm.html#ntlmHttpAuthentication + // so there's nothing in authSystem that can be + // disabled here. roAuth.emplace(userName, passWord, - authAvail - & ((userName.isEmpty() && passWord.isEmpty()) - ? authSystem - : ~authSystem)); + ((userName.isEmpty() && passWord.isEmpty()) + ? (authAvail & authSystem) + : authAvail)); isRetry = true; // Acquire is only necessary in case of success. guard.Acquire();