Download
Browse source Changelog
Documentation
Project   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Book: Everything curl Report a bug Mail Etiquette
Development
Autobuilds Code Style Contribute Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: NTLMV2 authentication;

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Sat, 17 Nov 2018 18:42:03 +0100 (CET)

On Sat, 17 Nov 2018, Markus Moeller wrote:

(removed curl-users as a recepient)

> Thank you for the pointer, but it seems not to be correctly implement.

That's basically the eternal state of NTLM in a nutshell...

> I did some minor modification to /lib/vauth/ntlm.c to ignore target_info_len
> after which it worked.

Can you perhaps make a full fledged PR out of this suggested change?

> Now I donąt know what is the reason for this check in the code and why it
> makes it work.
>
> Does anybody know ? Can it be fixed (assuming it is wrong as is ) ?

It is only code, I'm sure it can be fixed.

As to *why* it works like this, I would presume that the only safe way to
figure out is to backtrack in the commit history and see if the commit that
brought the change explained it, but I doubt it.

So, we're left to reading the code and trying to figure out why the check is
there... and when I try to, I fail to explain it. =( 

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-11-17