curl-library
Re: --proxy-ntlm and --fail
Date: Wed, 17 Mar 2004 22:40:07 +0100 (CET)
On Wed, 17 Mar 2004, David Byron wrote:
> The known bug (http://curl.haxx.se/docs/knownbugs.html)
>
> * Using CURLOPT_FAILONERROR (-f/--fail) will make authentication to stop
> working if you use anything but plain Basic auth.
>
> has reared its ugly head again for me. I was able to get by without --ntlm
> and --fail together, but I'd really like to use --proxy-ntlm and --fail
> together. I'm guessing that the fix is the same for both.
I think so, yes.
> I hope to get some time to work on this, but when I looked at it last, it
> was pretty complicated. Any chance someone else is also itching to get this
> fixed? Or maybe that the code has changed such that this isn't so hard
> anymore?
I think the code is still complicated and this problem is still tricky to
solve. If --fail is set and we get a HTTP response code > 400, we probably
need to check if we're using an multi-pass authentication method and if we're
talking with a proxy or a host, and based on that knowledge decide if the http
response code is bad or not.
> As a bit of an aside, I was a bit surprised to find --proxy-ntlm, but no
> --proxy-digest
It would be easy to add, but it has slipped through. I've never heard of
anyone who has a proxy using Digest auth anyway... :-)
> or maybe even --proxy-basic.
It certainly should be added for completeness so that it could be switched
back to Basic, even though basic is the default authentication method for
proxies as well.
> Is the idea that if you specify --proxy-user (and --proxy) you get basic
> authentication and digest isn't supported
proxy-digest is supported for normal HTTP fetches, but it isn't for SSL
fetches over proxy IIRC.
> or is that the code is smart enough to figure out what kind of proxy is out
> there and do the right thing?
Heh, we don't offer --proxy-anyauth either, only --anyauth. :-)
There are just so many options!
-- Daniel Stenberg -- http://curl.haxx.se/ -- http://daniel.haxx.se/ [[ Do not send mails to this email address. They won't reach me. ]]Received on 2004-03-17