Clients don't expect this and therefore might inappropriately reuse the
connection for another user identity (with or without creds).
This is currently more of an issue due to issue 22, example:
curl -v http://myhost/ -u usera:passa --next http://myhost/ -u userb:passb
Closes #36
Reviewed-by: Simo Sorce <simo@redhat.com>
goto done;
}
if (auth_type == AUTH_TYPE_BASIC) {
goto done;
}
if (auth_type == AUTH_TYPE_BASIC) {
+ if (mc) {
+ apr_pool_cleanup_run(mc->parent, mc, mag_conn_destroy);
+ mc = NULL;
+ }
while (maj == GSS_S_CONTINUE_NEEDED) {
gss_release_buffer(&min, &input);
/* output and input are inverted here, this is intentional */
while (maj == GSS_S_CONTINUE_NEEDED) {
gss_release_buffer(&min, &input);
/* output and input are inverted here, this is intentional */