cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: curl-7.10.8-pre3

From: Roth, Kevin P. <KPRoth_at_MAPLLC.com>
Date: Wed, 8 Oct 2003 10:40:51 -0400

$ curl -V
curl 7.10.8-pre3 (i686-pc-cygwin) libcurl/7.10.8-pre3 OpenSSL/0.9.7c zlib/1.1.4
Protocols: ftp gopher telnet dict ldap http file https ftps
Features: SSL libz NTLM

TESTDONE: 157 tests out of 157 reported OK: 100%
TESTDONE: 162 tests were considered.
TESTINFO: 5 tests were skipped due to these restraints:
TESTINFO: "lacks netrc_debug" 5 times (130, 131, 132, 133, 134)

SPECTACULAR!

FYI: I see the following during configure:

  checking for inet_pton... no
  checking deeper for inet_pton... but still no

but there are no *errors*.

I tested NTLM authentication, and it works fine also. Except I noticed a few things:

1. When leaving the password off of the command line, like this:
     $ curl --ntlm -u MGROUPNET\\THR -v http://my.url
   I get prompted not just once, but TWICE for my password.
   Is there any chance you could fix up curl to remember the password
   I manually keyed in?

2. On my first attempt, I forgot to double-up the back-slash, like:
     $ curl --ntlm -u MGROUPNET\THR -v http://my.url
                              ^^^
   If the actual user-name being used were output in a verbose line,
   it would probably help. Actually, if both the auth method AND
   the user-name were output, it might be a really nice touch.
   Perhaps something like this:

     * Issue another request to this URL: 'http://my.url'
     * About to connect() to my.url:80
     * Connected to my.url (1.2.3.4) port 80
     * Using NTLM authentication with this UserName: 'MGROUPNET\THR'
> GET /url/ HTTP/1.1
     Authorization: NTLM TlRMTxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
     ...

3. When trying out the new --anyauth flag, like this:
     $ curl -v http://my.url --anyauth
   On a web site that returns the following response headers:
     < HTTP/1.1 401 Access Denied
     < Server: Microsoft-IIS/5.0
     < Date: Wed, 08 Oct 2003 14:34:03 GMT
     < WWW-Authenticate: Negotiate
     < WWW-Authenticate: NTLM
   curl attempted to authentication using NTLM. Problem is, I hadn't
   specified any username or password. So, what credentials was it
   attempting to use??? By the way, the "authentication" failed....

   Could this behavior be improved? Perhaps curl could realize when
   it doesn't have sufficient credentials, and warn the user
   (while permitting the request to fail with the 401 error code)?

Thanks,
- Kevin

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Received on 2003-10-08