[PATCH] SPNEGO version2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2015-02-24 at 16:26 +0100, Nikos Mavrogiannopoulos wrote:
> > We might want to add an openconnect_set_http_auth() function to
> > parallel the openconnect_set_proxy_auth() one?
> 
> No idea. What is the reason for the proxy equivalent? Is it to not
> transparently allow authentication methods that a user doesn't want
> to?

Indeed. In particular there are cases where Negotiate would fail and we
just need to use NTLM instead. And to *enable* Basic auth, which is
disabled by default.

I disabled Basic by default for proxies since the password would be sent
as cleartext. That's not true for general HTTP auth but Basic is
disabled by default there anyway.

I've implemented openconnect_set_http_auth() now.

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150224/55f81e33/attachment.bin>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux