On 2/27/2020 5:26 PM, Daniel Stenberg via curl-library wrote:
On Thu, 27 Feb 2020, Zach Hall via curl-library wrote:
build with command line option ENABLE_SSPI=yes. For our environment
and the
vast majority of our customers' environments, this hasn't caused a
problem,
However for some it causes login failures. I had one of the customers
with
this problem test logging in with a libcurl.dll built with
ENABLE_SSPI=no
installed in our install directory and they could login without issue.
Any clue why this might be happening?
The primary reason we support "ENABLE_SSPI=yes" builds in addition to
having our own native NTLM implmentation is because of the existance
of subtle differences in implementations and what they support.
Unfortunately, NTLM is a tricky beast (in my humble opinion) and to
figure out the exact differences between the implementations we'd have
to run two builds with otherwise same credentials against a fixed
server and try to reverse engineeer and understand what SSPI does and
compare to our own implementation. An interesting task no doubt, but
also challenging and most likely quite time consuming.
The only issue I can think of that may possibly be related is
https://github.com/curl/curl/issues/2120
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
