cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Regarding the Support of NTLM with FIPS mode enabled in LibCurl

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Tue, 06 Jan 2015 09:45:59 +0100

On Friday 02 January 2015 17:43:14 Prash Dush wrote:
> Hi Mailer,
>
> Does libCurl support NTLM with FIPS mode enabled on Linux machines.?
>
> I can see there are local implementation in libCurl source Code where local
> implementation of MD4 and MD5 can be used instead of using openssl MD4 and
> MD5 implementation.

Whether the local implementation of MD4/MD5 will be used is decided solely
at the compile time. libcurl never fallbacks to the local implementation
of MD4/MD5 if the crypto backend returns an error. The actual problem is
that the NTLM implementation in libcurl ignores failures of the MD4/MD5/DES
algorithms all over the code. This needs to be fixed I guess.

Kamil

> Is it a kind of right approach to support ntlm with fips.
>
> Please let me know your thoughts...
>
>
> Thanks
> Dushyant
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-01-06

This message: [ Message body ]
Next message: Alex Lyakas: "Re: curl_multi_wait changes timeout to 0 and returns immediately"
Previous message: Alibek Joraev: "Re: Regarding the Support of NTLM with FIPS mode enabled in LibCurl"
In reply to: Prash Dush: "Regarding the Support of NTLM with FIPS mode enabled in LibCurl"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]