krb4 and CURLOPT_KRBLEVEL
Date: Sat, 15 Nov 2014 15:43:09 +0000
As some of you are aware krb4 support was dropped from curl and libcurl in
However, there have been a few references to this feature left around either
in source code or documentation - some of which I have been cleaning out or
marking as deprecated recently.
There is one that I'm not sure what to do with!!
The curl command line tool supports --krb LEVEL and in its usages sets the
CURLOPT_KRBLEVEL option in libcurl - but only if KRB4 support has been
detected "if(curlinfo->features & CURL_VERSION_KERBEROS4)" in
I have prepared a patch to remove this (see attached), however, from reading
the libcurl code (security.c) and associated comments it seems more of a
generic "Kerberos" option. Does anyone know if it is used for Kerberos 5 at
If so, then should we update the option so that it is enabled when KERBEROS5
support is detected or shall I continue to remove it as planned?
If we remove it, should we tidy up the libcurl code, removing it and marking
CURLOPT_KRBLEVEL as deprecated?
Please note: From what I know this option is only currently used by the FTP
Other than removing it, the main reason I ask is... Do I need to support
this as part of the SASL Kerberos 5 work I am doing - either in the SSPI
code that I added in August, or the new GSS-API code that I am currently
Received on 2014-11-15