cURL / Mailing Lists / curl-library / Single Mail


Re: PATCH: Curl Sanity patch for spnego authentication

From: Kevin Swift <>
Date: Tue, 24 Sep 2013 09:20:15 +0000

Date: Mon, 23 Sep 2013 19:44:18 +0100
From: "Markus Moeller" <>
To: "libcurl development" <>
Subject: Re: PATCH: Curl Sanity patch for spnego authentication
Message-ID: <00A875024B50435F9CD538537169318A_at_Ultrabook1>
Content-Type: text/plain; charset="iso-8859-1"

> I can only repeat the spnego code is for more than 4 years not needed as the Kerberos libraries can now handle spnego token. Why are you still using it ?
> Can you show me a case where it is needed ?


I have been trying to get SPNEGO working with fallback to NTLM (rather than using kerberos). Should this work out of the box? To do this I built curl with fbopenssl and have had to make a few changes to handle the 3-way protocol for NTLM and change the default gss mech to NTLM. Should I have started from a different base? For example using the Heimdal library to handle everything and ignoring the fbopenssl SPNEGO code? BTW it's not yet working so this is an experiment-in-progress. I'm also planning on trying the Heimdal library only today.

Apologies if the format of this message is incorrect I've just subscribed and had to reply via the digest.



List admin:
Received on 2013-09-24