cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH 4/6] Deprecate GSS-Negotiate related macros due to bad naming

From: Michael Osipov <1983-01-06_at_gmx.net>
Date: Sat, 19 Jul 2014 15:54:08 +0200

Am 2014-07-19 00:17, schrieb Daniel Stenberg:
> On Thu, 17 Jul 2014, Michael Osipov wrote:
>
>> case 'l': /* --negotiate */
>> if(toggle) {
>> - if(curlinfo->features & CURL_VERSION_GSSNEGOTIATE)
>> - config->authtype |= CURLAUTH_GSSNEGOTIATE;
>> + if(curlinfo->features & CURL_VERSION_GSSAPI ||
>> + curlinfo->features & CURL_VERSION_SSPI)
>> + config->authtype |= CURLAUTH_NEGOTIATE;
>
> It feels strange that you want this done in patch 4 and then in patch 5
> you again change this very code again. Can you squash them instead to a
> single change?

Oh yes, you are correct that was an oversight. Simply an intermediate
misuse. I will squash and reroll.

> Is there a point in using both terms Negotiate and SPNEGO in symbol
> names if SPNEGO is required to do Negotiate?

Actually not, I have retained --negotiate for backwards compat. SPNEGO
[1] is required to perform Negotiate over HTTP [2] and any other
transport, e.g. SMTP, LDAP, IMAP, etc. via SASL.

In general, you need CURLAUTH_SPNEGO and CURL_VERSION_SPNEGO only. I
have added them in preperations of a more generalized approach of auth
in curl, e.g., SASL with GSS-API through Kerberos and SPNEGO. I
discussed this with Steve recently. That's is why you see the added TODOs.

If you'd like, I can complete that generalized change with *_SPNEGO,
replace internal symbols and deprecate external ones:

- USE_SPNEGO only
- CURLAUTH_NEGOTIATE would alias CURLAUTH_SPNEGO
- --negotiate aliased to --spnego, --proxy.. repesctively

When Steve would add GSS-API support to SASL auth, we could easily do:

$ curl --(kerberos|spnego) -u : --verbose
ldap://active-directory.example.com/...
or
$ curl --(kerberos|spnego|negotiate) -u : --verbose
http://example.com/repos/git/secret.git

WDYT?

Michael

PS: I'll squash when you say to what extent.

[1] http://tools.ietf.org/html/rfc4178
[2] http://tools.ietf.org/html/rfc4559
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-07-19

This message: [ Message body ]
Next message: Alessandro Ghedini: "[PATCH] CURLOPT_CHUNK_BGN_FUNCTION: fix typo"
Previous message: Michael Osipov: "Re: the mail problem (was Re: Announce for release 7.37.1?)"
In reply to: Daniel Stenberg: "Re: [PATCH 4/6] Deprecate GSS-Negotiate related macros due to bad naming"
Next in thread: Michael Osipov: "[PATCH 6/6] Improve inline GSS-API naming in code documentation"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]