cURL / Mailing Lists / curl-library / Single Mail

curl-library

Patch to allow GSSAPI authentication to a socks5 server

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Sun, 11 Jan 2009 17:51:43 -0000

Please find attached a patch to curl 7.19.2 which adds Socks5 GSSAPI
authentication. It works on Unix and Windows.

I added two options:

--socks5-gssapi-service <servicename> SOCKS5 proxy service name for
gssapi
--socks5-gssapi-nec Compatibility with NEC SOCKS5 server

The default service name for a socks server is rcmd/server-fqdn and the
first option allows you to change it.
Examples
--socks5 proxy-name --socks5-gssapi-service sockd would use
sockd/proxy-name
--socks5 proxy-name --socks5-gssapi-service sockd/real-name would use
sockd/real-name for cases the proxy-name does not match the princpal name.

As part of the gssapi negotiation a protection mode is negotiated. The
rfc1961 says in section 4.3/4.4 it should be protected, but the NEC
reference implementation does not.
The option --socks5-gssapi-nec allows the unprotected exchange of the
protection mode negotiation.

Any feedback is appreciated.

Regards
Markus

application/octet-stream attachment: curl-7.19.2-socks5-gssapi.patch

Received on 2009-01-11

This message: [ Message body ]
Next message: Markus Moeller: "Re: Patch to allow GSSAPI authentication to a socks5 server"
Previous message: Karl M: "RE: Building and using static libcurl on Windows with VS2008"
Next in thread: Markus Moeller: "Re: Patch to allow GSSAPI authentication to a socks5 server"
Reply: Markus Moeller: "Re: Patch to allow GSSAPI authentication to a socks5 server"
Reply: Daniel Stenberg: "Re: Patch to allow GSSAPI authentication to a socks5 server"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]