romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 08:17:30 +03:00
Code Issues Projects Releases Packages Wiki Activity

sasl: clear canceled mechanism instead of toggling it

Browse source 
Use &= ~authused in SASL_CANCEL (was ^=) to actually remove the offending
mechanism and avoid re-enabling a disabled mech on retry.

Closes #18573
This commit is contained in:
Joshua Rogers 2025-09-16 23:27:23 +05:00 committed by Daniel Stenberg
parent 44a586472b
commit a80abc45a5
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/curl_sasl.c
View file

@ -812,7 +812,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data,
case SASL_CANCEL:
/* Remove the offending mechanism from the supported list */
sasl->authmechs ^= sasl->authused;
sasl->authmechs &= (unsigned short)~sasl->authused;
sasl->authused = SASL_AUTH_NONE;
sasl->curmech = NULL;
/* Start an alternative SASL authentication */
return Curl_sasl_start(sasl, data, sasl->force_ir, progress);