cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Confusing options with --negotiate

From: <1983-01-06_at_gmx.net>
Date: Thu, 03 Nov 2011 10:53:49 +0100

> On Thu, 3 Nov 2011, 1983-01-06_at_gmx.net wrote:
>
> > I have finally managed to compile cURL 7.22 with Negotiate support but
> spent
> > some stupid hours to figure out that I need to pass '-u :' as fake
> option.
> > What is the reason behind this? This is quite confusing. Negotiate
> should
> > work transparently without that fake switch.
>
> KNOWN_BUGS #10:
>
> 10. To get HTTP Negotiate authentication to work fine, you need to provide
> a
> (fake) user name (this concerns both curl and the lib) because the code
> wrongly only considers authentication if there's a user name provided.
> http://curl.haxx.se/bug/view.cgi?id=1004841. How?
> http://curl.haxx.se/mail/lib-2004-08/0182.html

That was quick! Thanks for the enlightment. This is a long standing bug. I assume that there is no timeframe for this?! I'd be more than happy to test a patch in our environment.

Quoting your mail:
"Since I have no server or tests that use HTTP Negotiate I need some input from
somone that do: how do we know if we have Negotiate-credentials enough to use
the Negotiate authentication (as an alternative for checking for a set user
name)?"

You could take on the same approach libneon does. It simply assumes that the credential cache is available and tries to negotiate and fail silently if there is none. Their source is pretty simple to understand. Have a look at ne_auth.c line 505 [1] and following.

Mike

[1] http://svn.webdav.org/repos/projects/neon/tags/0.29.6/src/ne_auth.c

-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2011-11-03