curl-library
Re: NTLM auth to server when Negotiate is used with a proxy is broken in libcurl 7.51.0
Date: Wed, 22 Mar 2017 14:30:25 +0000
Sorry for spamming, but I compiled some builds of curl in order to find the
build in which the bug was introduced and I think I found it: 7.39.0 works
but 7.40.0 does not. I hope this helps.
On 22 March 2017 at 13:58, Marton Legeny <
marton.legeny_at_actual-experience.com> wrote:
> I've just compiled 7.35.0 on the same OS (MacOS Sierra) with options:
>
> --with-darwinssl
> --with-gssapi
>
> curl -V output:
>
> curl 7.35.0 (x86_64-apple-darwin16.3.0) libcurl/7.35.0 SecureTransport
> zlib/1.2.8
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3
> pop3s rtsp smtp smtps telnet tftp
> Features: GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz
>
> And the problematic command is working nicely.
>
> On 22 March 2017 at 13:45, Marton Legeny <marton.legeny_at_actual-
> experience.com> wrote:
>
>> Hello Thomas,
>>
>> I've compiled curl 7.53.1 and re-executed the test but, unfortunately,
>> I'm still facing the same problem.
>>
>> > User-Agent: curl/7.53.1
>> > Accept: */*
>> > Proxy-Connection: Keep-Alive
>> >
>> < HTTP/1.1 407 Unauthorized
>> < Server: Zscaler/5.3
>> < Cache-control: no-cache
>> < Content-Length: 0
>> < Proxy-Authenticate: Negotiate
>> <
>> * Connection #0 to host gateway.zscloud.net left intact
>> * Maximum (50) redirects followed
>> curl: (47) Maximum (50) redirects followed
>>
>> Cheers,
>> Marton
>>
>> On 22 March 2017 at 12:49, Thomas Glanzmann <thomas_at_glanzmann.de> wrote:
>>
>>> Hello Marton,
>>>
>>> > But it doesn't work on MacOS Sierra with libcurl 7.51.0:
>>>
>>> can you upgrade to the newest version (7.53.1)? There was a bug which
>>> has been fixed last April regarding closing a connection with NTLM
>>> authentication. Maybe this solves your problem.
>>>
>>> Cheers,
>>> Thomas
>>> -------------------------------------------------------------------
>>> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
>>> Etiquette: https://curl.haxx.se/mail/etiquette.html
>>
>>
>>
>>
>> --
>>
>> *MARTON LEGENY*
>> Software Tester
>> *Actual Experience*
>> Bath, UK
>> HQ +44 1225 585 868 <+44%201225%20585868>
>> www.actual-experience.com | @actualwork <https://twitter.com/actualwork>
>> | LinkedIn <https://www.linkedin.com/company/actual-experience-ltd> |
>> Facebook <https://www.facebook.com/ActualCrowd%20>
>>
>>
>
>
> --
>
> *MARTON LEGENY*
> Software Tester
> *Actual Experience*
> Bath, UK
> HQ +44 1225 585 868 <+44%201225%20585868>
> www.actual-experience.com | @actualwork <https://twitter.com/actualwork> |
> LinkedIn <https://www.linkedin.com/company/actual-experience-ltd> |
> Facebook <https://www.facebook.com/ActualCrowd%20>
>
>
-- *MARTON LEGENY* Software Tester *Actual Experience* Bath, UK HQ +44 1225 585 868 www.actual-experience.com | @actualwork <https://twitter.com/actualwork> | LinkedIn <https://www.linkedin.com/company/actual-experience-ltd> | Facebook <https://www.facebook.com/ActualCrowd%20> -- Registered Office: Actual Experience plc Quay House, The Ambury, Bath BA1 1UA, Registered No. 06838738, VAT No. 971 9696 56 The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Although we routinely screen for viruses, addressees should check this e-mail and any attachment for viruses. We make no warranty as to absence of viruses in this e-mail or any attachments.
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-03-22