cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: krb4 and CURLOPT_KRBLEVEL

From: Michael Osipov <1983-01-06_at_gmx.net>
Date: Sat, 15 Nov 2014 21:25:32 +0100

Am 2014-11-15 um 17:10 schrieb Dan Fandrich:
> On Sat, Nov 15, 2014 at 03:43:09PM +0000, Steve Holme wrote:
>> The curl command line tool supports --krb LEVEL and in its usages sets the
>> CURLOPT_KRBLEVEL option in libcurl - but only if KRB4 support has been
>> detected "if(curlinfo->features & CURL_VERSION_KERBEROS4)" in
>> tool_getparam.c:696.
>>
>> I have prepared a patch to remove this (see attached), however, from reading
>> the libcurl code (security.c) and associated comments it seems more of a
>> generic "Kerberos" option. Does anyone know if it is used for Kerberos 5 at
>> all?
>
> I don't know the answer to that question, but if someone has a script with
> "--krb 5" said script will fail if this patch goes through. You may want to
> support the option and just print a warning (even if it does nothing else) if
> it's ever used.

There is no such thing as "--krb 5". If you take a look at the man page,
you'll see that you are allowed to pass: "The level must be entered and
should be one of 'clear', 'safe', 'confidential', or 'private'."

Michael

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-11-15