From 59431c242bf1d93980756fa2db2d08744bfa79d3 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 11 Jul 2014 10:55:07 +0100 Subject: Use SPNEGO for HTTP Negotiate This is the correct way to do SPNEGO. Just ask for it Now I correctly see it trying NTLMSSP authentication when a Kerberos ticket isn't available. Of course, we bail out when the server responds with the challenge packet, since we don't expect that. But I'll fix that bug next... --- lib/http_negotiate.c | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/http_negotiate.c') diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index ccd005bbb..9b01e0a56 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -184,6 +184,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, &minor_status, &neg_ctx->context, neg_ctx->server_name, + TRUE, GSS_C_NO_CHANNEL_BINDINGS, &input_token, &output_token, -- cgit v1.2.1