RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Description of problem:

with the curl version distributed with 6.4 it is not possible to do an ntlm authentification. Upstream is fixed. See also:

http://stackoverflow.com/questions/4341368/curl-always-returns-401-with-ntlm
http://serverfault.com/questions/408421/ntlm-with-curl-returns-401 


Version-Release number of selected component (if applicable):

Curl 7.19.7-35.el6.x86_64 

How reproducible:


curl https://exchangserver/EWS/Exchange.asmx [^] -w %{http_code} --ntlm -u username --verbose --show-error

It will ask you for your password. On centos with curl 7.19.7-35.el6.x86_64 I got an 401 on my debian box with


ruben@work:[~] > curl -V
curl 7.26.0 (i486-pc-linux-gnu) libcurl/7.26.0 OpenSSL/1.0.1c zlib/1.2.7 libidn/1.25 libssh2/1.4.1 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
Features: Debug GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
ruben@work:[~] >

It works.

(In reply to comment #0)
> Description of problem:
> 
> with the curl version distributed with 6.4 it is not possible to do an ntlm
> authentification.

Unlikely.  The support for NTLM was introduced in curl-7.19.7-16.el6 (bug #606819) and covered by regression tests.

> Upstream is fixed. See also:
> 
> http://stackoverflow.com/questions/4341368/curl-always-returns-401-with-ntlm
> http://serverfault.com/questions/408421/ntlm-with-curl-returns-401

Those builds use OpenSSL-powered NTLM authentication whereas we use NSS.

> How reproducible:
> 
> 
> curl https://exchangserver/EWS/Exchange.asmx [^] -w %{http_code} --ntlm -u
> username --verbose --show-error
> 
> It will ask you for your password. On centos with curl 7.19.7-35.el6.x86_64
> I got an 401 on my debian box with

Please provide a self-contained reproducer.

I will send you an E-mail with some additional Informations, including some non public stuff.

The Patch from: https://bugzilla.redhat.com/show_bug.cgi?id=799557
fixes teh problem here

Thank you for confirming the fix!  I am closing this bug as duplicate...

*** This bug has been marked as a duplicate of bug 799557 ***