Re: Kerberos v5 FTP?
Date: Tue, 26 Jun 2007 23:42:52 +0200 (CEST)
On Tue, 26 Jun 2007, Thomas J. Moore wrote:
> OK, I've just come back from 4 days away from this, and decided to make a
> few quick changes this morning to have it use the same options as the krb4
> support did. That way, anything using libcurl that supported turning on
> krb4 should work without modifications using krb5 (assuming the newer
> libcurl + gssapi support, and assuming it doesn't check for the krb4
We should make sure the old command line option still works though and not
simply rename it to the new. That is easily made by simply accepting --krb4 as
well as --krb.
> Well, most Linux distributions come with a fairly easy to install kerberos
> server & associated FTP server. How is the kerberos5/gssapi HTTP stuff
> being tested?
It isn't tested in any kind of test suite, only live by users (and I have no
idea how widespread the usage of those features is).
The only minor problems I have with your patch are:
1) it unconditionally makes name resolving use AI_CANONNAME to getaddrinfo()
which will add unnecessary reverse lookups to libcurl resolves that have
no need for them - I would rather like to see that bit get switched on
dynamicly only when that data is actually needed.
2) + /* FIXME: need to free this eventually */
+ ai->ai_canonname = strdup(he->h_name);
... this sounds and looks like a memory leak to me!
-- Commercial curl and libcurl Technical Support: http://haxx.se/curl.htmlReceived on 2007-06-27