cURL / Mailing Lists / curl-library / Single Mail


RE: curl feature request - Negotiate/SPNEGO with CURLOPT_USERPWD

From: Daniel Stenberg <>
Date: Thu, 2 Aug 2007 18:32:10 +0200 (CEST)

On Thu, 2 Aug 2007, Greg Morse wrote:

> Specifying CURLOPT_USERPWD does not seem to work for Negotiate. Only the
> default cached credential which if not present will cause
> gss_init_sec_context() to fail on opening KRB5CCNAME environment variable
> file (defaults to /tmp/krb5cc_%d where %d is a generated number). An error
> message is printed about this in verbose mode. This does not make great
> sense because KRB5 has not even been negotiated yet and NTLM/KRB4 could
> still be chosen...

Negotiate is another one of the pieces that have no automated tests, I
personally don't use it and not many others seem to either. It has two

1) it doesn't get developed much more than the initial author provided (which
mostly cover what the initial author wanted and that's it)

2) it easily breaks when we develop everything further and there's no
regression testing, automated nor manual

> Question: Why are there no SPNEGO verbose messages

Because nobody added any!

> Also should SPNEGO build the credentials for GSSAPI?

I have no idea.

> Do I even need SPNEGO for what I am doing

I don't know.

  Commercial curl and libcurl Technical Support:
Received on 2007-08-02