cURL / Mailing Lists / curl-library / Single Mail


RE: cURL fails to POST to NTLM protected IIS6 server when using ANY authentication with post size le

From: Greg Morse <>
Date: Mon, 30 Jul 2007 13:07:07 -0700

I am suggesting a fix and attaching two test scripts along with providing a publicly accessible test IIS 6 NTLM server. The attachments are curl_test.c and curl_test.php which gives some choice depending on if you are more comfortable with C or PHP (probably C). In the test scripts I provide a username and password to a public HTTP server I will provide for the next week or so while this is being confirmed/tested.
Keep in mind again this bug is masked in Windows on version 7.15.3 due to a bug in select.c with regards to EINVAL when calling select. So it is probably easier to confirm and fix this on Linux. My fix:File: http.cFunction: perhapsrewindOffending line (broken, consistently): if(!conn->bits.authneg)Correction (tested, working): if(!conn->bits.authneg && ((data->state.authhost.picked == CURLAUTH_NTLM) && (data->state.authhost.want == CURLAUTH_NTLM)) || ((data->state.authproxy.picked == CURLAUTH_NTLM) && (data->state.authproxy.want == CURLAUTH_NTLM))) Explanation: we should not rewindaftersend with NTLM when using a non predetermined authentication method since this is still only the authentication method query that just happened to determine credentials are actually required and that the server is not allowing anonymous access. NTLM rewind should only be done when NTLM was the only wanted method.
Interested to hear your thoughts,
Missed the show?  Watch videos of the Live Earth Concert on MSN.

Received on 2007-07-30