You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
This shouldn't be too hard to implementing but one open question should be clarified for the users: How can the acceptor validate the user response to the challenge without SSPI? If this is possible at all.
The reason will be displayed to describe this comment to others. Learn more.
We currently implement native HTTP Digest without SSPI in lib/http-digest.c and SASL DIGEST-MD5 in curl_sasl.c. I added support for SSPI based DIGEST-MD5 in v7.37.0 but we don't yet support HTTP Digest via SSPI.
I added this to the TODO, as I currently have my head in adding GSSAPI via SSPI at the moment, and a) I didn't want this to be forgotten about and b) in case anyone else wanted to work on this ;-)
We can discuss this move on the libcurl discussion list but in summary I would like to see the following happen:
Add support for HTTP Digest in curl_sasl_sspi::Curl_sasl_create_digest_md5_message() - as the service type is passed in, it shouldn't be too difficult to add the extra information required for HTTP authentication
Move the current HTTP Digest code into curl_sasl::Curl_sasl_create_digest_md5_message()
Fix up http_digest.c to call our SASL function instead
6c6983fThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This shouldn't be too hard to implementing but one open question should be clarified for the users: How can the acceptor validate the user response to the challenge without SSPI? If this is possible at all.
6c6983fThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We currently implement native HTTP Digest without SSPI in lib/http-digest.c and SASL DIGEST-MD5 in curl_sasl.c. I added support for SSPI based DIGEST-MD5 in v7.37.0 but we don't yet support HTTP Digest via SSPI.
I added this to the TODO, as I currently have my head in adding GSSAPI via SSPI at the moment, and a) I didn't want this to be forgotten about and b) in case anyone else wanted to work on this ;-)
We can discuss this move on the libcurl discussion list but in summary I would like to see the following happen: