[libsoup/gnome-3-22] Can't access sites that request closing the connection during 401

[Tomas Popela <tpopela src gnome org>]

commit d90798b2e823b1c85bddc5cb22aedbce9e39fbbd
Author: Tomas Popela <tpopela redhat com>
Date:   Wed Jun 14 11:46:42 2017 +0200

    Can't access sites that request closing the connection during 401
    
    When a 401 message is received, a new token is generated and saved in
    the SoupNegotiateConnectionState's respose header. Later when the connection is
    closed (as requested by the server), the state is destroyed together with
    the response header. When a new request is being created and we are asked for
    the connection authorization, the newly created connection state doesn't have it
    set. At this point if the connection state is newly created, generate a new token
    together with the response header that will be returned as the connection
    authorization.
    
    Also modify how the warning from the soup_gss_build_response is printed
    to differentiate if there was a failure during soup_gss_client_init or
    soup_gss_client_step.

 libsoup/soup-auth-negotiate.c |   29 +++++++++++++++++++++++++++--
 1 files changed, 27 insertions(+), 2 deletions(-)
---
diff --git a/libsoup/soup-auth-negotiate.c b/libsoup/soup-auth-negotiate.c
index 4b2a51f..7b4ec69 100644
--- a/libsoup/soup-auth-negotiate.c
+++ b/libsoup/soup-auth-negotiate.c
@@ -188,7 +188,29 @@ soup_auth_negotiate_get_connection_authorization (SoupConnectionAuth *auth,
        SoupNegotiateConnectionState *conn = state;
        char *header = NULL;
 
-       if (conn->state == SOUP_NEGOTIATE_RECEIVED_CHALLENGE) {
+       if (conn->state == SOUP_NEGOTIATE_NEW) {
+               GError *err = NULL;
+
+               if (!check_auth_trusted_uri (auth, msg)) {
+                       conn->state = SOUP_NEGOTIATE_FAILED;
+                       return NULL;
+               }
+
+               if (!soup_gss_build_response (conn, SOUP_AUTH (auth), &err)) {
+                       /* FIXME: report further upward via
+                        * soup_message_get_error_message  */
+                       if (conn->initialized)
+                               g_warning ("gssapi step failed: %s", err->message);
+                       else
+                               g_warning ("gssapi init failed: %s", err->message);
+                       conn->state = SOUP_NEGOTIATE_FAILED;
+                       g_clear_error (&err);
+
+                       return NULL;
+               }
+       }
+
+       if (conn->response_header) {
                header = conn->response_header;
                conn->response_header = NULL;
                conn->state = SOUP_NEGOTIATE_SENT_RESPONSE;
@@ -251,7 +273,10 @@ soup_auth_negotiate_update_connection (SoupConnectionAuth *auth, SoupMessage *ms
                } else {
                        /* FIXME: report further upward via
                         * soup_message_get_error_message  */
-                       g_warning ("gssapi step failed: %s", err->message);
+                       if (conn->initialized)
+                               g_warning ("gssapi step failed: %s", err->message);
+                       else
+                               g_warning ("gssapi init failed: %s", err->message);
                        success = FALSE;
                }
        } else if (!strncmp (header, "Negotiate ", 10)) {