File curl-CVE-2014-0015-NTLM_connection_reuse.patch of Package curl.openSUSE_13.1_Update

commit 8ae35102c43d8d06572c3a1292eb6e27e663c78d
Author: Daniel Stenberg <daniel@haxx.se>
Date:   Tue Jan 7 09:33:54 2014 +0100

    ConnectionExists: fix NTLM check for new connection
    
    When the requested authentication bitmask includes NTLM, we cannot
    re-use a connection for another username/password as we then risk
    re-using NTLM (connection-based auth).
    
    This has the unfortunate downside that if you include NTLM as a possible
    auth, you cannot re-use connections for other usernames/passwords even
    if NTLM doesn't end up the auth type used.
    
    Reported-by: Paras S
    Patched-by: Paras S
    Bug: http://curl.haxx.se/mail/lib-2014-01/0046.html

diff --git a/lib/url.c b/lib/url.c
index 74d0893..3f85502 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -2886,8 +2886,8 @@ ConnectionExists(struct SessionHandle *data,
   struct connectdata *check;
   struct connectdata *chosen = 0;
   bool canPipeline = IsPipeliningPossible(data, needle);
-  bool wantNTLM = (data->state.authhost.want==CURLAUTH_NTLM) ||
-                  (data->state.authhost.want==CURLAUTH_NTLM_WB) ? TRUE : FALSE;
+  bool wantNTLM = (data->state.authhost.want & CURLAUTH_NTLM) ||
+    (data->state.authhost.want & CURLAUTH_NTLM_WB) ? TRUE : FALSE;
   struct connectbundle *bundle;
 
   *force_reuse = FALSE;