cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: Problems

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sat, 16 Aug 2008 22:38:41 +0200 (CEST)

On Sat, 16 Aug 2008, jianghao wrote:

Oh my, your response looks all messed up to me. I've tried to manually
separate the quotes from what you've written. Also, note that we discuss
libcurl and libcurl development mainly on the curl-library mailing list, and
not on the curl users list...

> > Curl_base64_encode shouldn't ever be called with a NULL indata. This patch
> > points to a problem in the caller. In which context is this pointer NULL?

> I produced this trouble when I try to use curl to connect a server of
> weblogic815 using Negotiate authentication.You may need to check
> lib/http_negotiate.c. The caller is Curl_output_negotiate, line 316: len =
> Curl_base64_encode(conn->data,neg_ctx->output_token.value,
> neg_ctx->output_token.length,
> &encoded);It occured after server closed the connection.

So "neg_ctx->output_token.value" was NULL at that time?

If so, we should add a check before the Curl_base64_encode() is called there
and bail out if it is. Right?

>> My understanding is that NTLM authenticates the connection, not the
>> session, so it would be impossible to use NTLM if the server closes the
>> connection.

> It's true that NTLM authenticates the connection, but it depends on the
> challenge string sent from server.

Depends how? If I understand you correctly you say that NTLM can still be
negotated for you even if the server drops the connection during the
handshake. I've personally never seen that happen and I didn't know it was
even possible - for the reason already stated that NTLM authenticates the
connection and thus disconnecting makes it strange since then it isn't longer
the same connection for which the autentication started for.

Can you show us your work-around for this problem as a diff -u output? Or even
better, have you thought about or produced a proper fix for it? We have made
some minor NTLM fixes in the current code, so you may want to base any
efforts, tests or further patches on the CVS version and not 7.18.2...

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2008-08-16

This message: [ Message body ]
Next message: Andy Tsouladze: "Re: Multiple `make check' failures of curl-7.18.X"
Previous message: jianghao: "RE: Problems"
In reply to: jianghao: "RE: Problems"
Next in thread: jianghao: "RE: Problems"
Reply: jianghao: "RE: Problems"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]