cURL / Mailing Lists / curl-library / Single Mail


Re: Kerberos v5 FTP?

From: Daniel Stenberg <>
Date: Thu, 21 Jun 2007 23:44:54 +0200 (CEST)

On Thu, 21 Jun 2007, Thomas J. Moore wrote:

> Has anyone worked on krb5/gssapi support for FTP? I tried searching the
> mailing list archives, but did not see anything useful.

I've not seen any.

> I have access to a kerberized FTP server that requires clear-text data, and
> have made a patch which supports that server. I also tested it a bit with
> the "standard" MIT krb5 ftpd using "private" and "safe" data, and it seems
> to work.


> I found in the process several bugs which would've affected krb4 support as
> well, so I doubt it even works. This leads me to wonder whether or not krb4
> support should even be retained.

Well, I don't know of any users of ftp-krb4. Not now and not in the past, so I
must agree that I don't see any strong need or desire from anyone to keep it
around. Especially when it doesn't work...

> Maybe it should just be renamed to krb5 instead of adding a new option (as I
> did). Maybe it could fall back to krb4 if krb5 doesn't work, like the MIT
> krb5 ftp client does.

Fallback sounds like a good idea if it isn't a lot of work. I mean, you're our
first krb5 user and since you wanted krb5 you don't want krb4, so falling back
to krb4 won't make you happy and as we already agreed, nobody else cares for
krb4 either... :-)

> Should I send the patch (1055 lines, 38k/11k.gz) to this list?

Please do!

> Is anyone interested? Note that the changes aren't complete in that they
> probably don't conform to curl standards (whatever they may be) and as
> stated above, maybe it could be integrated differently.

We can offer comments and review of your work on this list. If you want your
work incorporated into the main sources, it should not deviate too much from
our existing standards.

(But I personally have no need for krb5 nor do I have access to anything that
uses it so I won't even be able to test it.)

  Commercial curl and libcurl Technical Support:
Received on 2007-06-21