http: do not require a user name when using CURLAUTH_NEGOTIATE #9047
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jay
reviewed
Jun 25, 2022
In order to get Negotiate (SPNEGO) authentication to work in HTTP you used to be required to provide a (fake) user name (this concerned both curl and the lib) because the code wrongly only considered authentication if there was a user name provided, as in: curl -u : --negotiate https://example.com/ This commit leverages the `struct auth` want member to figure out if the user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of setting a user name both in curl and the lib. Signed-off-by: Marin Hannache <git@mareo.fr> Reported-by: Enrico Scholz Fixes https://sourceforge.net/p/curl/bugs/440/ Fixes curl#1161
Mareo
force-pushed
the
negotiate-remove-user-name-requirement
branch
from
f9f77a6
to
6215d38
Compare
|
Hello, is there anything more I should do to help this PR moving forward? |
|
Thanks, and sorry for taking so long. |
ptitSeb
pushed a commit
to wasix-org/curl
that referenced
this pull request
Sep 25, 2023
In order to get Negotiate (SPNEGO) authentication to work in HTTP you used to be required to provide a (fake) user name (this concerned both curl and the lib) because the code wrongly only considered authentication if there was a user name provided, as in: curl -u : --negotiate https://example.com/ This commit leverages the `struct auth` want member to figure out if the user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of setting a user name both in curl and the lib. Signed-off-by: Marin Hannache <git@mareo.fr> Reported-by: Enrico Scholz Fixes https://sourceforge.net/p/curl/bugs/440/ Fixes curl#1161 Closes curl#9047
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In order to get Negotiate (SPNEGO) authentication to work in HTTP or
Kerberos V5 in the email protocols, you used to be required to provide a
(fake) user name (this concerns both curl and the lib) because the code
wrongly only considered authentication if there was a user name
provided, as in:
curl -u : --negotiate https://example.com/
This commit leverages the
struct authwant member to figure out if theuser enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
setting a user name both in curl and the lib.
Signed-off-by: Marin Hannache git@mareo.fr
Reported-by: Enrico Scholz
Fixes https://sourceforge.net/p/curl/bugs/440/
Fixes #1161