cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Windows SSPI Schannel implementation ready

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 11 Jun 2012 23:00:05 +0200 (CEST)

On Mon, 11 Jun 2012, Steve Holme wrote:

> We had discussed that SSPI was a library / provider of security features
> such a Security Contexts (GSS-Nego, NTLM, etc...) and now SSL and as such
> should not appear on the features list in the same way that OpenSSL or
> GNUTLS don't.

I agree with this, generally. However in this case...

> Do we need to keep this in for API compatibility? NTLM, GSS-Negotiate and
> SSL tell the developer the features that the Windows SSPI library provides.

Yes. We need to make existing libcurl-using source code keep compilign so we
need the define to remain in the header file. We also probably need to provide
the bit in the struct so that the ABI remain the same for existing code.

We added SSPI in the curl output and as a feature bit once upon the time
partly because libcurl built with SSPI provides certain features that libcurl
without SSPI doesn't possess (I'm thinking of the ability to magically use the
logged in user's username + password) so a user might in fact want to figure
out if that ability exists or not.

I hope none of you mind very much that I intend to bring it back again?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2012-06-11