Hello I am using libcurl built from 7.37 with gssapi support and I am facing the following problem: When running my application on a centos machine joined into an Active Directory Domain and accessing url's over a squid 3.10 proxy that uses NTLM Authentication I get an error when trying to use linux system credentials. Code snippet is the following: curl_easy_setopt(curl_handle,CURL_PROXYAUTH,CURLAUTH_NTLM | CURLAUTH_NTLM_WB | CURLAUTH_GSSNEGOTIATE); curl_easy_setopt(curl_handle,CURL_PROXYUSERPWD,":"); curl_easy_perform(curl_handle) ; I can see in curl logs the message that NTLM authentication is required by proxy and my program tries to authenticate with user '' and then  NTLM handshake is droped (see logs below) < HTTP/1.0 407 Proxy Authentication Required < Server: squid/3.1.10 < Mime-Version: 1.0 < Date: Wed, 28 May 2014 14:49:07 GMT < Content-Type: text/html < Content-Length: 3569 < X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 < Vary: Accept-Language < Content-Language: en < Proxy-Authenticate: NTLM < ....................... (removed lines to make it smaller) < Connection: close <  * Ignore 3569 bytes of response-body * Rewind stream after send * Received HTTP code 407 from proxy after CONNECT * Found bundle for host 10.164.28.110: 0x8c20118 * Hostname was found in DNS cache *   Trying 10.164.28.11... * Connected to 10.164.28.11 (10.164.28.11) port 3128 (#1) * Establish HTTP proxy tunnel to 10.164.28.110:443 * Proxy auth using NTLM with user  '' > CONNECT 10.164.28.110:443 HTTP/1.1 Host: 10.164.28.110:443 Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= ..... < HTTP/1.0 407 Proxy Authentication Required < Server: squid/3.1.10 < Mime-Version: 1.0 < Date: Wed, 28 May 2014 14:49:07 GMT < Content-Type: text/html < Content-Length: 3653 < X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 < Vary: Accept-Language < Content-Language: en < Proxy-Authenticate: NTLM TlRMTVNTUAACAAAACgAKADAAAAAGgokATOG9P9hhSKUAAAAAAAAAAFAAUAA6AAAAVEVTVExBQjNBRAIAFABUAEUAUwBUAEwAQQBCADMAQQBEAAEAFABBAFUAVABIAC0AUABSAE8AWABZAAQAAAADABQAYQB1AHQAaAAtAHAAcgBvAHgAeQAAAAAA < Connection: keep-alive <  * Ignore 3653 bytes of response-body * Rewind stream after send * TUNNEL_STATE switched to: 0 * Establish HTTP proxy tunnel to 10.164.28.110:443 * Proxy auth using NTLM with user '' > CONNECT 10.164.28.110:443 HTTP/1.1 Host: 10.164.28.110:443 Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACAAIAAWAAAAAAAAADYAAAAAAAAANgAAAAJAAkA2AAAAAAAAAAAAAAABoKJAJ4XsdWDwiGyV/yEebt+Rchyqw+5jS7fdWC53gEL1d8wZ4YYgrEZw78BAQAAAAAAAIBxCu6Des8BcqsPuY0u33UAAAAAAgAUAFQARQBTAFQATABBAEIAMwBBAEQAAQAUAEEAVQBUAEgALQBQAFIATwBYAFkABAAAAAMAFABhAHUAdABoAC0AcAByAG8AeAB5AAAAAAAAAAAAY2VudG9zLXBy User-Agent: SentinelCloud.On-premisesClient/1.0 Proxy-Connection: Keep-Alive Keep-Alive:false Content-Type:text/xml < HTTP/1.0 407 Proxy Authentication Required < Server: squid/3.1.10 < Mime-Version: 1.0 < Date: Wed, 28 May 2014 14:49:07 GMT < Content-Type: text/html < Content-Length: 3909 < X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 < Vary: Accept-Language < Content-Language: en < Proxy-Authenticate: NTLM * NTLM handshake rejected * Authentication problem. Ignoring this. Same code snippet works on Windows machine if libcurl is compiled with USE_WINDOWS_SSPI. Is there a known problem in curl for running this way in linux ? thanks horatiu

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-05-30