Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: PATCH: Curl Sanity patch for spnego authentication

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Tue, 24 Sep 2013 22:43:35 +0100

Hi Kevin,

   The spnego implementation with fbopenssl was only added to wrap/unwrap a
gssapi token and make it a spnego token to work with MS servers. This
wrapping/unwrapping is now contained in all the standard Kerberos libraries
(Heimdal/MIT). It was not intended for NTLM.

Regards
Markus

-----Original Message-----
From: Kevin Swift
Sent: Tuesday, September 24, 2013 10:20 AM Newsgroups:
gmane.comp.web.curl.library
To: curl-library_at_cool.haxx.se ; huaraz_at_moeller.plus.com
Subject: Re: PATCH: Curl Sanity patch for spnego authentication

Date: Mon, 23 Sep 2013 19:44:18 +0100
From: "Markus Moeller" <huaraz_at_moeller.plus.com>
To: "libcurl development" <curl-library_at_cool.haxx.se>
Subject: Re: PATCH: Curl Sanity patch for spnego authentication
Message-ID: <00A875024B50435F9CD538537169318A_at_Ultrabook1>
Content-Type: text/plain; charset="iso-8859-1"

> I can only repeat the spnego code is for more than 4 years not needed as
> the Kerberos libraries can now handle spnego token. Why are you still
> using it ?
> Can you show me a case where it is needed ?
>
>Markus

Hi,

I have been trying to get SPNEGO working with fallback to NTLM (rather than
using kerberos). Should this work out of the box? To do this I built curl
with fbopenssl and have had to make a few changes to handle the 3-way
protocol for NTLM and change the default gss mech to NTLM. Should I have
started from a different base? For example using the Heimdal library to
handle everything and ignoring the fbopenssl SPNEGO code? BTW it's not yet
working so this is an experiment-in-progress. I'm also planning on trying
the Heimdal library only today.

Apologies if the format of this message is incorrect I've just subscribed
and had to reply via the digest.

Thanks,

Kevin

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-09-24