From b3b5011d0708d6c8509ca58b3d3cd91a1a498fa8 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Nov 26 2019 10:40:56 +0000
Subject: import curl-7.29.0-54.el7_7.1


---

diff --git a/SOURCES/0072-curl-7.29.0-dup-auth-header.patch b/SOURCES/0072-curl-7.29.0-dup-auth-header.patch
new file mode 100644
index 0000000..a3c9cd3
--- /dev/null
+++ b/SOURCES/0072-curl-7.29.0-dup-auth-header.patch
@@ -0,0 +1,32 @@
+From d0aa55d27584b37b350721422849b510845a25bf Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Mon, 5 May 2014 14:49:30 +0200
+Subject: [PATCH] http: avoid auth failure on a duplicated header
+
+... 'WWW-Authenticate: Negotiate' received from server
+
+Reported by: David Woodhouse
+Bug: https://bugzilla.redhat.com/1093348
+
+Upstream-commit: ec5fde24de5ddd1910730f0cbac5e77820b26eb9
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/http.c b/lib/http.c
+index a6be452..46734c4 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -750,7 +750,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
+           infof(data, "Authentication problem. Ignoring this.\n");
+           data->state.authproblem = TRUE;
+         }
+-        else {
++        else if(data->state.negotiate.state == GSS_AUTHNONE) {
+           neg = Curl_input_negotiate(conn, (bool)(httpcode == 407), start);
+           if(neg == 0) {
+             DEBUGASSERT(!data->req.newurl);
+-- 
+2.20.1
+
diff --git a/SPECS/curl.spec b/SPECS/curl.spec
index 0535712..57e0411 100644
--- a/SPECS/curl.spec
+++ b/SPECS/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.29.0
-Release: 54%{?dist}
+Release: 54%{?dist}.1
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
@@ -214,6 +214,9 @@ Patch68:  0068-curl-7.29.0-CVE-2018-14618.patch
 # prevent curl --rate-limit from hanging on file URLs (#1281969)
 Patch69:  0069-curl-7.29.0-file-limit-rate.patch
 
+# fix auth failure with duplicated WWW-Authenticate header (#1754736)
+Patch72:  0072-curl-7.29.0-dup-auth-header.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.29.0-multilib.patch
 
@@ -413,6 +416,7 @@ documentation of the library, too.
 %patch67 -p1
 %patch68 -p1
 %patch69 -p1
+%patch72 -p1
 
 # regenerate Makefile.in files
 aclocal -I m4
@@ -528,6 +532,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Mon Oct 07 2019 Kamil Dudka <kdudka@redhat.com> - 7.29.0-54.el7_7.1
+- fix auth failure with duplicated WWW-Authenticate header (#1754736)
+
 * Mon Jun 03 2019 Kamil Dudka <kdudka@redhat.com> - 7.29.0-54
 - make `curl --tlsv1` backward compatible (#1672639)