[libsoup/gnome-3-24] Can't access sites that request closing the connection during 401

[Tomas Popela <tpopela src gnome org>]

commit 40bc6a81c1adf80484388f7e577e98095b3802ee
Author: Tomas Popela <tpopela redhat com>
Date:   Wed Jun 14 11:46:42 2017 +0200

    Can't access sites that request closing the connection during 401
    
    When a 401 message is received, a new token is generated and saved in
    the SoupNegotiateConnectionState's respose header. Later when the connection is
    closed (as requested by the server), the state is destroyed together with
    the response header. When a new request is being created and we are asked for
    the connection authorization, the newly created connection state doesn't have it
    set. At this point if the connection state is newly created, generate a new token
    together with the response header that will be returned as the connection
    authorization.
    
    Also modify how the warning from the soup_gss_build_response is printed
    to differentiate if there was a failure during soup_gss_client_init or
    soup_gss_client_step.

 libsoup/soup-auth-negotiate.c |   29 +++++++++++++++++++++++++++--
 1 files changed, 27 insertions(+), 2 deletions(-)
---
diff --git a/libsoup/soup-auth-negotiate.c b/libsoup/soup-auth-negotiate.c
index 78c56b8..811ee1c 100644
--- a/libsoup/soup-auth-negotiate.c
+++ b/libsoup/soup-auth-negotiate.c
@@ -188,7 +188,29 @@ soup_auth_negotiate_get_connection_authorization (SoupConnectionAuth *auth,
        SoupNegotiateConnectionState *conn = state;
        char *header = NULL;
 
-       if (conn->state == SOUP_NEGOTIATE_RECEIVED_CHALLENGE) {
+       if (conn->state == SOUP_NEGOTIATE_NEW) {
+               GError *err = NULL;
+
+               if (!check_auth_trusted_uri (auth, msg)) {
+                       conn->state = SOUP_NEGOTIATE_FAILED;
+                       return NULL;
+               }
+
+               if (!soup_gss_build_response (conn, SOUP_AUTH (auth), &err)) {
+                       /* FIXME: report further upward via
+                        * soup_message_get_error_message  */
+                       if (conn->initialized)
+                               g_warning ("gssapi step failed: %s", err->message);
+                       else
+                               g_warning ("gssapi init failed: %s", err->message);
+                       conn->state = SOUP_NEGOTIATE_FAILED;
+                       g_clear_error (&err);
+
+                       return NULL;
+               }
+       }
+
+       if (conn->response_header) {
                header = conn->response_header;
                conn->response_header = NULL;
                conn->state = SOUP_NEGOTIATE_SENT_RESPONSE;
@@ -251,7 +273,10 @@ soup_auth_negotiate_update_connection (SoupConnectionAuth *auth, SoupMessage *ms
                } else {
                        /* FIXME: report further upward via
                         * soup_message_get_error_message  */
-                       g_warning ("gssapi step failed: %s", err->message);
+                       if (conn->initialized)
+                               g_warning ("gssapi step failed: %s", err->message);
+                       else
+                               g_warning ("gssapi init failed: %s", err->message);
                        success = FALSE;
                }
        } else if (!strncmp (header, "Negotiate ", 10)) {