http: do not require a user name when using CURLAUTH_NEGOTIATE #9047
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In order to get Negotiate (SPNEGO) authentication to work in HTTP or
Kerberos V5 in the email protocols, you used to be required to provide a
(fake) user name (this concerns both curl and the lib) because the code
wrongly only considered authentication if there was a user name
provided, as in:
curl -u : --negotiate https://example.com/
This commit leverages the
struct auth
want member to figure out if theuser enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
setting a user name both in curl and the lib.
Signed-off-by: Marin Hannache git@mareo.fr
Reported-by: Enrico Scholz
Fixes https://sourceforge.net/p/curl/bugs/440/
Fixes #1161