Skip to content

curl can't connect thought NTLM proxy with --proxy-any option #876

Closed
@NTMan

Description

@NTMan

curl can't connect thought NTLM proxy with --proxy-any option

$ LD_LIBRARY_PATH=/home/synergy/curl/curl/lib/.libs curl --version
curl 7.43.0 (x86_64-redhat-linux-gnu) libcurl/7.50.0-DEV NSS/3.24 Basic ECC zlib/1.2.8 libidn/1.32 libssh2/1.6.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets Metalink 

$ LD_LIBRARY_PATH=/home/synergy/curl/curl/lib/.libs curl -v --proxy-any http://google.com
* Rebuilt URL to: http://google.com/
*   Trying 172.18.4.7...
* Connected to 172.18.4.7 (172.18.4.7) port 8080 (#0)
> GET http://google.com/ HTTP/1.1
> Host: google.com
> User-Agent: curl/7.43.0
> Accept: */*
> 
< HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied.  )
< Via:1.1 ISAEG
< Proxy-Authenticate: NTLM
< Proxy-Authenticate: Kerberos
< Proxy-Authenticate: Negotiate
< Connection: close
* HTTP/1.1 proxy connection set close!
< Proxy-Connection: close
< Pragma: no-cache
< Cache-Control: no-cache
< Content-Type: text/html
< Content-Length: 2374  
< 
* Closing connection 0
* Issue another request to this URL: 'http://google.com/'
* Hostname 172.18.4.7 was found in DNS cache
*   Trying 172.18.4.7...
* Connected to 172.18.4.7 (172.18.4.7) port 8080 (#1)
> GET http://google.com/ HTTP/1.1
> Host: google.com
> User-Agent: curl/7.43.0
> Accept: */*
> 
< HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied.  )
< Via:1.1 ISAEG
< Proxy-Authenticate: NTLM
< Proxy-Authenticate: Kerberos
* gss_init_sec_context() failed: SPNEGO cannot find mechanisms to negotiate. 
< Proxy-Authenticate: Negotiate
< Connection: close
* HTTP/1.1 proxy connection set close!
< Proxy-Connection: close
< Pragma: no-cache
< Cache-Control: no-cache
< Content-Type: text/html
< Content-Length: 2374  
< 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML dir=ltr><HEAD><TITLE>The page cannot be displayed</TITLE>
<STYLE>A:link {
    FONT: 8pt/11pt verdana; COLOR: #ff0000
}
A:visited {
    FONT: 8pt/11pt verdana; COLOR: #4e4e4e
}
</STYLE>

<META content=NOINDEX name=ROBOTS>
<META http-equiv=Content-Type content="text-html; charset=Windows-1252">

<META content="MSHTML 5.50.4522.1800" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=5 cellPadding=3 width=410>
  <TBODY>
  <TR>
    <TD vAlign=center align=left width=360>
      <H1 style="FONT: 13pt/15pt verdana; COLOR: #000000"><!--Problem-->The page 
      cannot be displayed</H1></TD></TR>
  <TR>
    <TD width=400 colSpan=2><FONT 
      style="FONT: 8pt/11pt verdana; COLOR: #000000">There is a problem with the 
      page you are trying to reach and it cannot be displayed.</FONT></TD></TR>
  <TR>
    <TD width=400 colSpan=2><FONT 
      style="FONT: 8pt/11pt verdana; COLOR: #000000">
      <HR color=#c0c0c0 noShade>

      <P>Please try the following:</P>
      <UL>
        <LI>Click the Refresh button, 
        or try again later.<BR>
        <LI>Open the Web site
         home page, and then look for links to the information you want. 
        <LI>If you typed the page address in the Address bar, make sure that it
        is spelled correctly.<BR>
        <LI>Verify that the Internet access policy on your network allows you
        to view this this page.</LI>
        <LI>If you believe you should be able to view this directory or page, 
        please contact the Web site administrator by using the e-mail address or 
        phone number listed on the Web site
         home page. </LI></UL>
      <H2 style="FONT: 8pt/11pt verdana; COLOR: #000000">HTTP 407 Proxy Authentication Required - The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. (12209)<BR>Internet Security and Acceleration Server</H2>
      <HR color=#c0c0c0 noShade>

      <P>Technical Information (for support personnel)</P>
      <UL>
        <LI>Background:<BR>The gateway could not retrieve the requested page.<P></P></LI>
        <LI>ISA Server: isaeg.east.kronospan.int<BR>
        Via: <BR><BR>Time: 14.06.2016 14:09:49 GMT
        </LI></UL></FONT></TD></TR></TBODY></TABLE></BODY></HTML>
* Closing connection 1

$ LD_LIBRARY_PATH=/home/synergy/curl/curl/lib/.libs /home/synergy/curl/curl/src/curl -V
curl 7.50.0-DEV (x86_64-unknown-linux-gnu) libcurl/7.50.0-DEV NSS/3.24 Basic ECC zlib/1.2.8 libidn/1.32 libssh2/1.6.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets Metalink �

Operating system Fedora 23 and RHEL 7.
This problem occurred if curl compiled with --with-gssapi option.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions