Change #274529
| Category | wget |
| Changed by | Acts1631 <acts1611kjv@proton.me> |
| Changed at | Sat 11 Jul 2026 17:53:01 |
| Repository | https://gitlab.com/gnuwget/wget.git |
| Project | wget |
| Branch | master |
| Revision | d82590289cfa1bc1b772ec5963d869c784189211 |
Comments
http: keep NTLM authorization on its original host * src/http.c (persistent_available_p): Check for different hosts on same authorized connection. For cleartext HTTP, Wget's persistent-connection optimization reuses a socket for a different hostname when that name resolves to the existing peer address. After NTLM authentication succeeds, Wget marks the socket authorized because NTLM is connection-bound. A request for the alternate virtual host can therefore run on the victim host's authenticated connection. This patch refuses a different-hostname reuse when the persistent connection is NTLM-authorized, forcing a new TCP connection. Copyright-paperwork-exempt: Yes
Changed files
- src/http.c