> Basic is rather... eh, basic, while NTLM is one mighty complicated way
> of
> authencating. The risk of a bug is a lot higher in curl's NTLM code
> than in
> the Basic code.
>

Sure, I understand. However, if I simply point the exact code to a
machine running
IIS 5.0 / ASP.NET 1.0 (versus iis 6 / .net 1.1) it works perfectly.

All the headers look exactly the same... so I am not yet convinced
*where* the bug is.

Plus, I can use --ntlm to do a simple GET request... it's only the
"SOAP" / POST version that doesn't work.

>> I basically realize that this isn't a libcurl issue, but am hoping
>> that
>> someone else out there might be using libcurl for .net web services
>> and have
>> an idea for me.
>
> Try this first:
>
> On line lib/http_ntlm.c:80 there's an "#undef USE_NTRESPONSES", change
> that to
> "#define USE_NTRESPONSES 1" and rebuild.

hrm. I will give this a shot... since I am building from fink this
could be a bit tricky...

Is this off of 7.11.1-pre1?

>
> I can't say why that would make a difference, but we just got this bug
> report[*] on passwords longer than 14 characters with NTLM where this
> define
> helps and I think it could be worth a shot, it isn't that hard to try.
>
> I guess you don't get many clues from the server logs either when this
> fails?
>

I haven't looked at the server logs; I can, but IIS gives pretty
useless logs.

Alan
Received on 2004-03-15