Am 2014-07-13 13:40, schrieb Steve Holme:
On Sun, 13 Jul 2014, David Woodhouse wrote:
There's actually something to be said for ditching
http_negotiate_sspi.c too, and letting Windows use
http_negotiate.c. Let curl_gssapi.c and curl_sspi.c both present
the *same* interface for a generic implementation of
"WWW-Authenticate: Negotiate/Kerberos/NTLM" to use.
On a side note, we are currently missing support for the GSSAPI
mechanism and Winbind NTLM implementation in the email protocols.
Are you implementing SASL your self for curl or do you use CyrusSASL?
I know that Windows has a native SASL impl but that seems to be
available on Windows Server only.
As such my goal is to try and move the authentication code that is in
http_* and curl_ntlm_* into the fairly new sasl modules at some point
this year and keep the http protocol specific bits in files such as
http_negotiate.c - this will probably remove the need for
http_negotitate_sspi.c for example.
Additionally, this will allow us to:
* Support both of these in the email protocols and any other
protocols that can use authentication (For example I want to look at
ldap in more detail afterwards) * Simplify the NTLM code as both
native and SSPI is intermingled making it difficult to follow *
Support third party sasl/authentication modules with relative ease
More than that. I could be completely decoupled from HTTP and used for
any GSS/SSPI-based service, like HTTP, FTP, SMTP, IMAP, etc. The low-end
impl is always the same.
Michael
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
