cURL / Mailing Lists / curl-library / Single Mail

curl-library

how to obtain a 'unique authentication context' in libcurl?

From: Ellié Computing Open Source Program <opensource_at_elliecomputing.com>
Date: Mon, 30 Jul 2012 11:47:23 +0200

Hi,

while developing the SSH authentication agent patch for libcurl, I have had a problem with false reuse of sftp connections.

The problem came from the fact that part of the authentication information is not born by anything provided to libcurl.

Some examples: provide a private key path, launch a connection, connection OK, change the key file, try to force a reconnection, libcurl will reuse existing connection; same with authentication agent, when changing/removing a key from the list.

Options such as FORBID_REUSE is no-no for sftp continued work for performance reasons, and FRESH_CONNECT might do what is wanted or not, it cannot be used for all but the first request just after authentication information change (else it’s identical to FORBID_REUSE), and because libcurl won’t have cleaned other existing connections, we might end communicate with two (ore more if retrying) different authentication contexts at a time if doing parallel or repeated tasks.

So, I was thinking of an option such as “CULROPT_AUTHENTICATION_CONTEXT_GENERATION” (of course naming here is just a vague idea), it would be 0 by default. It would be tested by the connection reuse algorithm (can reuse only if values in ‘about-to-be-connected’ and reusable connection are equal). The user code of libcurl would increment the value each time it knows the user did special things about authentication information that libcurl cannot be aware of.

Is there another way to do that? or should I propose a patch?

Best regards
Armel Asselin

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-07-30