fetchers/curl: Restrict AUTH to BASIC

cURL will prevent channel reuse if NTLM auth is enabled because
NTLM authenticates a channel not a request.  As such we were
unable to reuse curl handles since we handed off connection
reuse to curl instead of our own handle cache.  This mitigates
the effect, though curl authors are looking at fixing it upstream
too.

Fixes: #2707

Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This commit is contained in:
Daniel Silverstone 2019-10-21 10:01:52 +01:00
parent 813d0c70fe
commit a5766db2b9

View File

@ -840,7 +840,7 @@ static CURLcode fetch_curl_set_options(struct curl_fetch_info *f)
} }
if ((auth = urldb_get_auth_details(f->url, NULL)) != NULL) { if ((auth = urldb_get_auth_details(f->url, NULL)) != NULL) {
SETOPT(CURLOPT_HTTPAUTH, CURLAUTH_ANY); SETOPT(CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
SETOPT(CURLOPT_USERPWD, auth); SETOPT(CURLOPT_USERPWD, auth);
} else { } else {
SETOPT(CURLOPT_USERPWD, NULL); SETOPT(CURLOPT_USERPWD, NULL);