curl-users
Re: how to use --proxy-negotiate, exactly?
Date: Sun, 1 Mar 2009 12:50:19 +0100 (CET)
On Sun, 1 Mar 2009, Brian J. Murrell wrote:
>> auth="GSS-Negotiate";
>
> Any reason you init this with GSS-Negotiate and not just Negotiate?
Because I had to pick one!
> The difference observed here that with GSS-Negotiate the service name is
> KHTTP_at_server and with Negotiate, it's HTTP_at_server. The latter is correct
> for my usage.
Right, so now we know why the code needs a round-trip to know exactly how to
behave. Possibly it could try both HTTP@ and KHTTP@ so it would work for both
cases. But the code is also sprinkled with logic dependent on HAVE_SPNEGO.
Ideally we'd have someone with access/use for all three kinds as then there
would be the least risk for breakage. But I doubt there's anyone like that
here right now...
> I've actually not yet understood the subtle difference between Negotiate
> and GSS-Negotiate TBH.
Me neither.
> There does seem to be one, yet there is only a single CURLAUTH_* definition
> (and a single command line option to request it) covering both of them, even
> though there does seem to be a subtle difference between how the two
> operate.
They are covered with a single bit just because we've gotten away with that so
far, and we've seen no reason to introduce two separate ones.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2009-03-01