Bug 953864 - NTLM broken in Curl 7.19.7-35.el6.x86_64
Summary: NTLM broken in Curl 7.19.7-35.el6.x86_64
Keywords:
Status: CLOSED DUPLICATE of bug 799557
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: curl
Version: 6.4
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Kamil Dudka
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-04-19 11:10 UTC by Ruben Püttmann
Modified: 2013-04-20 08:47 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-04-20 08:47:31 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
CentOS 0006402 None None None Never
Red Hat Bugzilla 799557 None CLOSED RHEL-6 libcurl fails when using digest auth and have multiple auth options 2019-09-19 08:35:44 UTC

Description Ruben Püttmann 2013-04-19 11:10:17 UTC
Description of problem:

with the curl version distributed with 6.4 it is not possible to do an ntlm authentification. Upstream is fixed. See also:

http://stackoverflow.com/questions/4341368/curl-always-returns-401-with-ntlm
http://serverfault.com/questions/408421/ntlm-with-curl-returns-401 


Version-Release number of selected component (if applicable):

Curl 7.19.7-35.el6.x86_64 

How reproducible:


curl https://exchangserver/EWS/Exchange.asmx [^] -w %{http_code} --ntlm -u username --verbose --show-error

It will ask you for your password. On centos with curl 7.19.7-35.el6.x86_64 I got an 401 on my debian box with


ruben@work:[~] > curl -V
curl 7.26.0 (i486-pc-linux-gnu) libcurl/7.26.0 OpenSSL/1.0.1c zlib/1.2.7 libidn/1.25 libssh2/1.4.1 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
Features: Debug GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
ruben@work:[~] >

It works.

Comment 1 Kamil Dudka 2013-04-19 12:13:26 UTC
(In reply to comment #0)
> Description of problem:
> 
> with the curl version distributed with 6.4 it is not possible to do an ntlm
> authentification.

Unlikely.  The support for NTLM was introduced in curl-7.19.7-16.el6 (bug #606819) and covered by regression tests.

> Upstream is fixed. See also:
> 
> http://stackoverflow.com/questions/4341368/curl-always-returns-401-with-ntlm
> http://serverfault.com/questions/408421/ntlm-with-curl-returns-401

Those builds use OpenSSL-powered NTLM authentication whereas we use NSS.

> How reproducible:
> 
> 
> curl https://exchangserver/EWS/Exchange.asmx [^] -w %{http_code} --ntlm -u
> username --verbose --show-error
> 
> It will ask you for your password. On centos with curl 7.19.7-35.el6.x86_64
> I got an 401 on my debian box with

Please provide a self-contained reproducer.

Comment 2 Ruben Püttmann 2013-04-19 13:33:48 UTC
I will send you an E-mail with some additional Informations, including some non public stuff.

Comment 4 Ruben Püttmann 2013-04-19 15:35:23 UTC
The Patch from: https://bugzilla.redhat.com/show_bug.cgi?id=799557
fixes teh problem here

Comment 5 Kamil Dudka 2013-04-20 08:47:31 UTC
Thank you for confirming the fix!  I am closing this bug as duplicate...

*** This bug has been marked as a duplicate of bug 799557 ***


Note You need to log in before you can comment on or make changes to this bug.