On Wed, 25 Sep 2013, Arunav Sanyal wrote:
I use MIT Kebreros 1.11. And I can assure you the library does not handle
SPNEGO token conversion explicitly. Even when I specify different OID.
If you have your own server implementation which directly handles gssapi
tokens, fbopenssl is no longer required. My use case is curl trying to
authenticate with Tomcat 7.40.0 which expects SPNEGO token.
Hello Arunav, Kevin, Markus and the rest!
As I'm a GSS rookie and a SPNEGO cluebie, you need to help me out a little bit
more here!
This discussion is certainly useful and something that benefits us all, but I
have a very hard time to figure out which conclusions to draw and how to
proceed here. Can I get your help please?
Can we start with Arunav's specific patch[1] for SPNEGO that I questioned[2],
he said he agreed to my doubts[3] and yet he seems to say the fixes are fine.
I can't make sense of that and I don't fully grasp how SPNEGO works in
combination with the GSS stuff. Can't you have both enabled in a single
libcurl build?
I would really like an opinion and help on this from someone else who knows
more about this area than I do! Is the patch fine to merge? If not, what's the
problem? If it is, won't a combined SPNEGO + GSS build crash and burn?
[1] = http://curl.haxx.se/mail/lib-2013-09/0095.html
[2] = http://curl.haxx.se/mail/lib-2013-09/0112.html
[3] = http://curl.haxx.se/mail/lib-2013-09/0115.html
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
