cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Libcurl | Kerberos | Support of multiple kerberos tickets.

From: Assaf Shemesh <assafsh_at_checkpoint.com>
Date: Mon, 3 Nov 2014 08:10:34 +0000

Hi All,

I'm new to the list.

I wanted to get your feedback on an additional content that I added to libcurl.

The problem that I want to solved is that a single process can't handle multiple curl requests (curl multi for example) with
Kerberos authentication because the ticket path (KRB5CCNAME) is an environment variable.

The solution that I implemented is adding a new curl opt which is the path of to the ticket, saving it on the libcurl instance,
and before calling gss_init_sec_context I'm changing the environment variable to the one that was configured and
I'm reverting it after the function finish.

It worked because gss_init_sec_context is a synchronous function.

The new curl opt gives different libcurl instances the ability to use different Kerberos tickets in the same process without any security issues (due to same environment variable).

What do you think?

Regards,
Assaf Shemesh | Mobile Access Gateway | * +972.3.258.8074 | * assafsh_at_checkpoint.com<mailto:assafsh_at_checkpoint.com>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-11-03