cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: problem with NTLM and GSS Negotiate

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 3 Nov 2011 23:31:30 +0100 (CET)

On Fri, 28 Oct 2011, Rene Bernhardt wrote:

> I think that I found a bug in the handling of proxy authentication methods.
> If a proxy ( in our case a Microsoft ISA ) offers several Authentication
> schemes where NTML and Negotiate are offered by the proxy and you tell
> libcurl not to use the Negotiate scheme then the request never returns when
> the proxy answers with its HTTP 407 reply.

Thanks a lot for your research and patch.

You did violate several code rules in your patch though, so I've attached my
cleaned up version of your fix.

I would love if someone using Negotiate could try it out and comment it before
we run with it, as I don't. I'll also try to write up a test case that repeats
the bug on the unpatched code to make me more certain the fix is the right
one.

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

TEXT/x-diff attachment: 0001-HTTP-auth-fix-proxy-Negotiate-bug.patch

Received on 2011-11-03

This message: [ Message body ]
Next message: Alex Loukissas: "Re: download thread hung in poll()"
Previous message: Daniel Stenberg: "RE: POP3 not using same connection for multiple requests when using starttls"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]