cURL / Mailing Lists / curl-library / Single Mail


Re: NTLM state in connections is too strict?

From: Daniel Stenberg <>
Date: Fri, 4 Jan 2013 22:25:48 +0100 (CET)

On Fri, 4 Jan 2013, Joe Mason wrote:

> NTLM (bleah) is a connection-oriented auth protocol


> If a 401 with an NTLM header is ever received on that connection again, curl
> will fail the authentication again immediately:

The only real reason for this that I can think of is that it a fairly crude
way to detect when wrong credentials are used, as then the server will just
send another 401 back.

If a 401 can also mean "re-negotiate" we need a smarter way to detect the
difference between wrong credentials and just start over the handshaking...

List admin:
Received on 2013-01-04