Hallo, I would like to propose a feature for libcurl: Support for additional environment variables for proxy authentication.
Background: Currently, libcurl provides environment variables to configure a proxy ( https://curl.se/libcurl/c/libcurl-env.html). However, this limits to my understanding authentication towards the proxy to basic authentication (e.g. http://username:password@proxy:8080). However, enterprise scenarios usually require other mechanisms, such as Kerberos. Additionally, many r (e.g. https://cran.r-project.org/web/packages/RCurl/index.html, https://cran.r-project.org/web/packages/curl/index.html), python and other packages for httpclients are mostly based on libcurl (e.g. packages downloading machine learning models, data, geospatial information etc. from the web). They can be trivially be configured using environment variables. Some also can be configured directly in the package, but this is often not possible if they are just a dependency of yet another package and for each of the package the configuration is different. Hence, from a developer point of view it would be nice if they can be configured via environment variables. Proposal: It would be nice if curl could expose an environment variable [scheme]_proxyauth the option CURL_PROXYAUTH ( https://github.com/curl/curl/blob/master/docs/libcurl/opts/CURLOPT_PROXYAUTH.md). Then, people could configure there, for instance, Kerberos authentication (or other supported proxy authentications). Example: Someone would configure HTTP_PROXYAUTH=4 and HTTP_PROXY=http://proxy:8080. All libraries, packages that depend on libcurl would automatically be able to use Kerberos authentication with the proxy without configuring them specially - thus reducing the burden. Just maybe some possible drawback with Kerberos authentication: I noticed that in several libraries you need to specify an empty string as username and password for making Kerberos authentication work (it seems some set null and then it does not work), so we need to make sure for certain type of authentication mechanisms that username and password can be sert to an empty string. What do you think about this proposal? Thank you. Best regards
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
