>> David Woodhouse (8): >> ntlm_wb: Fix hard-coded limit on NTLM auth packet size >> ntlm_wb: Avoid invoking ntlm_auth helper with empty username > > I do not think that this belongs in this patchset because it is > completely unrelated.
It all falls under the heading of making curl work in the corporate environment. Kerberos is fragile and we often have to fall back to NTLM. That's both NTLM in SPNEGO *and* plain 'WWW-Authenticate: NTLM'. It all needs to work. >> Support WWW-Authenticate: Kerberos in place of defunct >> GSS-Negotiate > > I am not convinced by that patch. I assumed you had the same intentions > as me with the entire chain, --kerberos over CURLAUTH_KERBEROS and so > forth. You mix two mechanisms within one code block, spite the same > flow, you cannot on/off any of them separately not do people really know > that curl will do that. Yeah, fair enough. I hate the way that curl doesn't automatically authenticate when it knows how, so I forget about those extra bits. I'll drop that from my tree and revert to commit d850e9b9 which you can use as a base for further work. -- dwmw2 ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
