Re: [PATCH ] Add new options negotiate-gssapi=service and proxy-negotiate-gssapi-service

Wed, 18 Sep 2013 15:24:58 -0700 

>
> "Arunav Sanyal" <[email protected]> wrote in message 
> news:CAGc_XP+z9DtsYi5juGmkFG=Y7r0-R2sqqK3DiVe_1Hr5Cb=u...@mail.gmail.com...
> Hi
>
> Well markus I was going to set a very similar patch which was required by my 
> organization but you beat me to it.
>
> Some review comments(i am reading your intial proposal of the patch).
>
> 1. Please introduce a new bits variable conn->bits.service_principal / 
> conn->bits.proxy_serviceprincipal. This variable should be set in case string 
> is set.
>
> eg. conn->bits.service_principal= (NULL != 
> (data->set.str[STRING_NEGOTIATE_GSSAPI_SERVICE]));
>
> similarly you can introduce new variable for proxy service
>

Ok shouldn’t be a problem and makes sense if you want to keep the I would say 
non standard KHTTP service name.

> 2. I think nomenclature is incorrect, since it is used elsewhere it can be 
> used in spnego authentication as well.
>

The spnego code can be removed as the newer (I think now more than 5 years)  
Kerberos libraries support spnego natively . I added  that with fbopenssl as a 
library ( I assume you mean the code with HAVE_SPNEGO )

> 3. Please refer to reuse_conn() method in url.c
>
> Here you are copying information between one conn object to another, in case 
> connection does not close in multipass authentication. You have to add copy 
> code for this variable in here. Otherwise copy of conn will contain garbage 
> value.
>

I don’ t understand this. I only set the default values in url.c don’t I .  

>
> I will be happy to help you in any code changes. If I have missed something, 
> please point it out to me.
>
> The reason for these suggestion is because i plan to add many features on top 
> of this in the near future.
>
> Yours sincerely
>
>
> --
>
> Arunav Sanyal
> Graduate student
> B.E (Hons) Computer Science
> BITS Pilani K.K Birla Goa Campus
>
>
> Software Engineer
> INFORMATICA BUSINESS SOLUTIONS
>
>
>
> ---------------------------------------------------------------------------   
>         --
>
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette:  http://curl.haxx.se/mail/etiquette.html


Regards
Markus
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Reply via email to