cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL and basic authentication.

From: Josef Wolf <jw_at_raven.inka.de>
Date: Fri, 24 Oct 2008 08:38:11 +0200

On Thu, Oct 23, 2008 at 02:56:31PM -0700, Dan Fandrich wrote:

Thanks for your comment, Dan!

> On Thu, Oct 23, 2008 at 10:19:27PM +0200, Daniel Stenberg wrote:
> > On Wed, 22 Oct 2008, Josef Wolf wrote:
> >> int curl_get_credentials (char *user, char *passwd, /* return values */
> >> const char *realm, const char *url,
> >> int isproxy)
> >
> > You'd also want a custom user pointer (for passing on local contexts) and
> > possibly a CURL *. I wonder if a auth type (Basic, Digest, NTLM etc) would
> > be wanted as well.
>
> "If you have a procedure with 10 parameters, you probably missed some."
> - Alan J. Perlis
>
> As many of those arguments as possible that can be turned into
> curl_easy_getinfo options instead should probably be go that way instead.

Good point!

> I'm not completely convinced this callback is worth pursuing, though. Is
> it really that difficult to do something like this pseudocode instead:
>
> curl_easy_perform
> while (CURLINFO_RESPONSE_CODE == 401) {
> realm = CURLINFO_AUTH_REALM
> url = CURLINFO_EFFECTIVE_URL
> ask_user_for_credentials(realm,url)
> CURLOPT_USERPWD
> CURLOPT_HTTPAUTH
> curl_easy_perform
> }

This approach has drawbacks, IMHO.

One drawback is, it mixes error handling with authentication handling.

I agree that it is not difficult when new code is written from scratch
(especially as pseudo-code, when error handling is completely omitted).
But there are countless applications out there using curl. All of
them already have error handling (at least I hope so), which is already
rather complicated in some of them. Integrating the pseudocode into
existing error handling can get hairy and error prone.
Received on 2008-10-24