From a5766db2b9516dbf02cf2d023d777aef4e0470c1 Mon Sep 17 00:00:00 2001 From: Daniel Silverstone Date: Mon, 21 Oct 2019 10:01:52 +0100 Subject: [PATCH] fetchers/curl: Restrict AUTH to BASIC cURL will prevent channel reuse if NTLM auth is enabled because NTLM authenticates a channel not a request. As such we were unable to reuse curl handles since we handed off connection reuse to curl instead of our own handle cache. This mitigates the effect, though curl authors are looking at fixing it upstream too. Fixes: #2707 Signed-off-by: Daniel Silverstone --- content/fetchers/curl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c index f24e3de86..2644c68d4 100644 --- a/content/fetchers/curl.c +++ b/content/fetchers/curl.c @@ -840,7 +840,7 @@ static CURLcode fetch_curl_set_options(struct curl_fetch_info *f) } if ((auth = urldb_get_auth_details(f->url, NULL)) != NULL) { - SETOPT(CURLOPT_HTTPAUTH, CURLAUTH_ANY); + SETOPT(CURLOPT_HTTPAUTH, CURLAUTH_BASIC); SETOPT(CURLOPT_USERPWD, auth); } else { SETOPT(CURLOPT_USERPWD, NULL);