cURL / Mailing Lists / curl-library / Single Mail

curl-library

Aw: Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password

From: Michael-O <1983-01-06_at_gmx.net>
Date: Thu, 3 Jul 2014 12:40:26 +0200

That behavior is correct.

Gesendet: Donnerstag, 03. Juli 2014 um 12:31 Uhr
Von: "Leonardo Rosati" <geppio1975_at_gmail.com>
An: "libcurl development" <curl-library_at_cool.haxx.se>
Betreff: Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password

I've tried debugging with WireShark with a proxy with negotiation (ISA Server) and CURL does not pass user/password to the proxy even if specified. The machine is authenticated just in case it is part of the domain.
Code in http_negotiate-sspi.c is different from the http_ntlm.c, which, correctly, passes username/password
Anyone has verified negotiation passes credentials?
leonardo

2014-06-27 22:27 GMT+02:00 Michael Osipov <1983-01-06_at_gmx.net>:Am 2014-06-27 11:11, schrieb Leonardo Rosati:
hi,

looking at the source code of http_negotiate-sspi.c the code doesn't use
the user/password in case they are passed by the user, in practice assuming
the proxy to authenticate the connection based on if the machine is in the
domain or not.
instead the code for ntlm is different: it passes user/password in case
they are not empty and so user/password are used for authentication
purposes.

I think the correct behavior is the one for ntlm and therefore the
negotiate method should be changed.I don't think so. The intention in both is to have credentials already present at/after login time. At least for NTLM on Windows and SPNEGO on all platforms.

Michael

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library[http://cool.haxx.se/list/listinfo/curl-library]
Etiquette: http://curl.haxx.se/mail/etiquette.html[http://curl.haxx.se/mail/etiquette.html]------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library[http://cool.haxx.se/list/listinfo/curl-library] Etiquette: http://curl.haxx.se/mail/etiquette.html[http://curl.haxx.se/mail/etiquette.html]

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-07-03

This message: [ Message body ]
Next message: Leonardo Rosati: "Re: Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password"
Previous message: Leonardo Rosati: "Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password"
In reply to: Leonardo Rosati: "Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password"
Next in thread: Leonardo Rosati: "Re: Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password"
Reply: Leonardo Rosati: "Re: Re: http_negotiate_sspi.c in CURL 7.21.7 doesn't allow to pass user/password"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]