curl-users
Re: how to use --proxy-negotiate, exactly?
Date: Mon, 2 Mar 2009 14:02:21 +0100 (CET)
On Mon, 2 Mar 2009, Brian J. Murrell wrote:
This thread is now taken over to the curl-library list from curl-users. The
thread so far can be viewed here =>
http://curl.haxx.se/mail/archive-2009-02/index.html#90
>> Assuming we can do that check for both HTTP@ and KHTTP@ we might still
>> be able to get away with the single bit.
>
> Indeed. I had thought about this a few hours ago myself. Keeping it
> simple, we could change up the:
>
> auth="GSS-Negotiate";
> if(!negdata->context)
> /* if explicitly selected it isn't inited at this point */
> ret = Curl_input_negotiate(conn, proxy, auth);
>
> with:
>
> auth="GSS-Negotiate";
> if(!negdata->context)
> /* if explicitly selected it isn't inited at this point */
> if ((ret = Curl_input_negotiate(conn, proxy, auth)) < 0) {
> auth="Negotiate";
> ret = Curl_input_negotiate(conn, proxy, auth);
>
> }
>
> in addition to a "neg_ctx->server_name = NULL;" in the "if(GSS_ERROR
> (major_status))" condition at the end of Curl_input_negotiate() so that
> subsequent calls will fall into get_gss_name();
>
> The only side effect is the printing of a:
>
> * gss_init_sec_context() failed: : Server not found in Kerberos database
Right. I think the logic that tries both versions should rather be moved into
the Curl_input_negotiate() function and that could then avoid doing that fail
output while "probing".
>> If not, I don't see any reason why shouldn't add a bit if it makes or
>> allows (lib)curl to behave better.
>
> Great. We seem to be on the same page then. I'd surely like to avoid it if
> possible, but am willing to accept another bit if no other clean way can be
> found.
Well, if we exclude SPNEGO for a while (which isn't even certain to still be
working afaik) and we do the try-both approach I think we're still functional
with the current single bit.
Are you up to provide an patch based on what we've discussed so far?
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2009-03-02