cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re[2]: NTLM proxy authentification

From: Serge Semashko <ss_at_vba.com.by>
Date: Thu, 31 Jul 2003 14:37:01 +0300

Hello Daniel,

Wednesday, July 30, 2003, 1:27:08 PM, you wrote:

DS> I'm thrilled to see that my proxy adjustments in the NTLM code worked that
DS> nicely, as I haven't been able to test them.
I see. I just was surprised because everything to support proxies is
already in the code but is currently disabled, now I get your point. I
can test curl on NTLM proxy server and also check Digest and Basic
authentication for web server.

DS> Your code also makes some other rather weird assumptions, as it it uses the
'data->>state.authwant' field to trigger the use of NTLM. That field is set to
DS> request NTLM authentication for the target server, not the proxy.
I just made an assumption that CURLOPT_HTTPAUTH option is supposed to
select just security level no matter we connect a web server or proxy.
Well, I was wrong, adding an option like CURLOPT_PROXYAUTH working
similar to CURLOPT_HTTPAUTH will add more configurability (proxies are
usually located in the local network, so they can have relaxed
security settings).

DS> We probably need to add a field to allow being able to set what kind of proxy
DS> authentication you prefer. I don't think we even need to support multiple
DS> authentication schemes when we're speaking proxy. If we do that, then
DS> preventing that initial Basic authentication header will be easily fixed.
The code that is currently used to authenticate access to web pages
can be reused for proxies with almost no changes. Probably the current
code that does basic authentication on proxies will be not needed at
all.

DS> Would you be able to work a bit more on your patch to introduce this?
Yes, I'm working on it now and will post a patch a bit later.

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
Received on 2003-07-31