Bug 606819

Summary: curl missing NTLM support
Product: Red Hat Enterprise Linux 6 Reporter: Daniel Yeisley <dyeisley>
Component: curlAssignee: Kamil Dudka <kdudka>
Status: CLOSED CURRENTRELEASE QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: mmalik, mvadkert, notting, ovasik, rrelyea
Target Milestone: rcKeywords: Patch, Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: curl-7.19.7-16.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-10 20:06:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 603783    
Bug Blocks: 599016, 618611    
Attachments:
Description Flags
backport for el6 ovasik: review+

Description Daniel Yeisley 2010-06-22 14:45:37 UTC
Description of problem:
curl in the RHEL 6 beta is missing NTLM support

Version-Release number of selected component (if applicable):
curl 7.19.7

How reproducible:
Always

Steps to Reproduce:
1.  curl -V  
2.  Look at the list of features for NTLM.
3.
  
Actual results:
NTLM not listed in supported features.

[root@ibm-ls22-04 ~]# curl -V
curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.12.4.1 Beta zlib/1.2.3 libidn/1.9 libssh2/1.2.2
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp 
Features: GSS-Negotiate IDN IPv6 Largefile SSL libz 

Expected results:
NTLM is listed in the supported features on RHEL 5.5.

[root@hp-dl380g6-01 ~]# curl -V
curl 7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Protocols: tftp ftp telnet dict ldap http file https ftps 
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz 


Additional info:

Comment 2 RHEL Product and Program Management 2010-06-22 15:13:01 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 7 Kamil Dudka 2010-06-28 10:57:39 UTC
patch proposed upstream:

http://article.gmane.org/gmane.comp.web.curl.library/28462

Comment 8 Kamil Dudka 2010-06-29 10:00:57 UTC
Created attachment 427627 [details]
backport for el6

basically the same as the upstream patch above...

Comment 9 Ondrej Vasik 2010-06-29 14:38:25 UTC
Comment on attachment 427627 [details]
backport for el6

No obvious mistakes, given the fact it was already reviewed by upstream maintainer, ok for me...

Comment 11 Kamil Dudka 2010-06-30 11:16:14 UTC
built as curl-7.19.7-16.el6

Comment 12 Kamil Dudka 2010-06-30 11:43:33 UTC
pushed upstream:

http://github.com/bagder/curl/commit/f3b77e5

Comment 15 Miroslav Vadkerti 2010-07-26 13:46:32 UTC
Curl now contains NTLM support:

:: [   LOG    ] :: Installed:    : curl-7.19.7-16.el6.x86_64

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Test
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Checking for GSS-Negotiate
:: [   PASS   ] :: Checking for IDN
:: [   PASS   ] :: Checking for IPv6
:: [   PASS   ] :: Checking for Largefile
:: [   PASS   ] :: Checking for NTLM
:: [   PASS   ] :: Checking for SSL
:: [   PASS   ] :: Checking for libz

Comment 16 Miroslav Vadkerti 2010-07-26 14:05:28 UTC
We lack infrastructure to test this properly. According to fedora bug on this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=603783#c33
https://bugzilla.redhat.com/show_bug.cgi?id=603783#c22
This bug is not fixed yet.  Flipping back to assigned

Comment 17 Miroslav Vadkerti 2010-07-26 14:09:39 UTC
Please note that RHTS test covers only sanity check if curl is compiled with NTLM support. It DOES NOT do any functional testing.

Comment 18 Miroslav Vadkerti 2010-07-26 14:29:04 UTC
For clarification: this bug is fixed only partially

David Woodhouse      2010-07-26 10:17:00 EDT
Just to be clear: it _does_ work if you provide a password, but the whole point
of NTLM is that the user shouldn't _need_ to provide a password every time; the
system should cache it.

Comment 20 Miroslav Vadkerti 2010-07-27 08:05:17 UTC
Moving back to ON_QA. For NTLM support improvements I will open a new bug for RHEL6.1.

Comment 23 Daniel Yeisley 2010-07-27 12:58:11 UTC
I originally noticed this bug on Fedora while working on a project at a previous job.  I didn't have access to RHEL 6 at the time.  Once at RH I did a quick 'curl -V' and noticed that the same issue existed on RHEL 6.  I opened this bug knowing that once RHEL 6 was released someone from my previous employer would be opening the same bug.  The app in question talked to a web server only once to gain encryption keys and required a password.  This fix *should* be sufficient for this problem.

Comment 24 Miroslav Vadkerti 2010-07-27 13:02:51 UTC
Putting to VERIFIED for curl-7.19.7-16.el6. According to comments 15,23. Possible issue is with NTLM support is tracked for RHEL6.1 in bug 618611.

Comment 25 releng-rhel@redhat.com 2010-11-10 20:06:30 UTC
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.