-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define USE_WIN32_CRYPTO when using CMake on Windows #4717
Define USE_WIN32_CRYPTO when using CMake on Windows #4717
Conversation
It looks like this is causing a bunch of test failures in some builds according to appveyor. It appears NTLM auth strings have changed and/or there's missing smb/smbs protocol in curl-config. |
The protocols SMB and SMBS don't get set properly in |
The issue with NTLM is that previous non-SSL builds would not enable NTLM and so the NTLM tests would be skipped. Defining |
Ok. How long has it been like that? Will anyone notice if we make SSL required for NTLM during build? If that can't or shouldn't be changed then I'm tempted to at least make it required during tests. I don't know of a way we can support NTLM testing the non-SSL builds without separate tests since the auth strings are different. |
Probably, yes. Until some years ago, I used to build libcurl without SSL support but with NTLM support (for proxy authentication) through SSPI and relied on that.
+1 |
Always. Before this patch, CMake didn't support NTLM without SSL. |
Prior to this change tests that required NTLM feature did not require SSL feature. There are pending changes to cmake builds that will allow enabling NTLM in non-SSL builds in Windows. In that case the NTLM auth strings created are different from what is expected by the NTLM tests and they fail: "The issue with NTLM is that previous non-SSL builds would not enable NTLM and so the NTLM tests would be skipped." Assisted-by: marc-groundctl@users.noreply.github.com Ref: curl#4717 (comment) Closes #xxxx
Please rebase off of #4768 |
5d7dc08
to
de331f3
Compare
Prior to this change tests that required NTLM feature did not require SSL feature. There are pending changes to cmake builds that will allow enabling NTLM in non-SSL builds in Windows. In that case the NTLM auth strings created are different from what is expected by the NTLM tests and they fail: "The issue with NTLM is that previous non-SSL builds would not enable NTLM and so the NTLM tests would be skipped." Assisted-by: marc-groundctl@users.noreply.github.com Ref: #4717 (comment) Closes #4768
Test 168 is failing in two builds but I can't figure out why. Coincidence? You can rebase on master now, I landed #4768 earlier this evening. |
The underlying reason that tests 168 and 335 fail sometimes is that they send extra data that curl is supposed to ignore, but curl ignores this data by closing the connection without reading the data, and so if that happens before the test sws server can finish writing it then |
ec5142e
to
d0b8742
Compare
Prior to this change the swsbounce check in service_connection could fail because prevtestno and prevpartno were not set, which would cause the wrong response data to be sent to some tests and cause them to fail. Ref: #4717 (comment)
Thanks, I've landed the test fix. |
CMakeLists.txt
Outdated
@@ -1199,6 +1204,14 @@ if(BUILD_TESTING) | |||
add_subdirectory(tests) | |||
endif() | |||
|
|||
# NTLM support requires crypto function adaptions from various SSL libs | |||
# TODO alternative SSL libs tests for SSP1, GNUTLS, NSS | |||
if(NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR USE_WINDOWS_SSPI OR USE_DARWINSSL OR USE_MBEDTLS OR USE_WIN32_CRYPTO)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is missing NSS and SECTRANSP (what I'm pretty sure replaces DARWINSSL). Is there a reason for that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, that's a mistake.
The tests for this new commit are failing because the SMTP server is going down. When test 900 first connects, the sockfilt server attempts to write to stdout, but that fails with I see no reason for the pipe to have closed, I can't reproduce this locally, and I can't see any way the most recent commit could have caused this, so I'm inclined to chalk this up to Windows or perl doing something weird and this being a spurious failure. Certainly the later test failures are spurious, since they're all caused by the SMTP server not being up. |
Thanks. I'm not sure what's up with the SMTP server going down. I will open up a separate issue for that. |
This is necessary for SMB support when using SSPI (which is on when using WinSSL). It is unconditionally defined in config-win32.h, so this just adds it to the CMake build as well.