Update credentials on cached http-connections

When sending a second request with implied credentials the connection
used may be cached as a connection without credentials, and thereby
incorrectly reused later for other connections with different implied
credentials.

This patch updates the credentials a cached http-connection is using
before sending a request on it.

Task-number: QTBUG-39456
Change-Id: I1609234136a89c32e00432a67720cd62a73a488a
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>

1 files changed, 6 insertions, 5 deletions

diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp
index 365ce55f2b..6caf118c59 100644
--- a/src/network/access/qhttpnetworkconnection.cpp
+++ b/src/network/access/qhttpnetworkconnection.cpp
@@ -385,11 +385,12 @@ void QHttpNetworkConnectionPrivate::copyCredentials(int fromChannel, QAuthentica
     Q_ASSERT(auth);
 
     // NTLM is a multi phase authentication. Copying credentials between authenticators would mess things up.
-    if (!isProxy && channels[fromChannel].authMethod == QAuthenticatorPrivate::Ntlm)
-        return;
-    if (isProxy && channels[fromChannel].proxyAuthMethod == QAuthenticatorPrivate::Ntlm)
-        return;
-
+    if (fromChannel >= 0) {
+        if (!isProxy && channels[fromChannel].authMethod == QAuthenticatorPrivate::Ntlm)
+            return;
+        if (isProxy && channels[fromChannel].proxyAuthMethod == QAuthenticatorPrivate::Ntlm)
+            return;
+    }
 
     // select another channel
     QAuthenticator* otherAuth = 0;