From 37f0e8a32cf9ad0a87f8c60cfa12b65e61be15a9 Mon Sep 17 00:00:00 2001 From: Michael Osipov <1983-01-06@gmx.net> Date: Sat, 2 Aug 2014 13:51:18 +0100 Subject: docs: Update SPNEGO and GSS-API related doc sections Reflect recent changes in SPNEGO and GSS-API code in the docs. Update them with appropriate namings and remove visible spots for GSS-Negotiate. --- docs/libcurl/curl_version_info.3 | 11 ++++++++--- docs/libcurl/libcurl-tutorial.3 | 4 ++-- docs/libcurl/opts/CURLOPT_HTTPAUTH.3 | 14 ++++++-------- docs/libcurl/symbols-in-versions | 2 +- 4 files changed, 17 insertions(+), 14 deletions(-) (limited to 'docs/libcurl') diff --git a/docs/libcurl/curl_version_info.3 b/docs/libcurl/curl_version_info.3 index e04376924..53f0495ad 100644 --- a/docs/libcurl/curl_version_info.3 +++ b/docs/libcurl/curl_version_info.3 @@ -20,7 +20,7 @@ .\" * .\" ************************************************************************** .\" -.TH curl_version_info 3 "18 Feb 2014" "libcurl 7.33.0" "libcurl Manual" +.TH curl_version_info 3 "2 Aug 2014" "libcurl 7.38.0" "libcurl Manual" .SH NAME curl_version_info - returns run-time libcurl version info .SH SYNOPSIS @@ -124,9 +124,14 @@ libcurl was built with support for IDNA, domain names with international letters. (Added in 7.12.0) .IP CURL_VERSION_SSPI libcurl was built with support for SSPI. This is only available on Windows and -makes libcurl use Windows-provided functions for NTLM authentication. It also -allows libcurl to use the current user and the current user's password without +makes libcurl use Windows-provided functions for NTLM, SPNEGO and SASL DIGEST-MD5 +authentication. It also allows libcurl to use the current user credentials without the app having to pass them on. (Added in 7.13.2) +.IP CURL_VERSION_GSSAPI +libcurl was built with support for GSS-API. This makes libcurl use provided +functions for Kerberos and SPNEGO authentication. It also allows libcurl +to use the current user credentials without the app having to pass them on. +(Added in 7.38.0) .IP CURL_VERSION_CONV libcurl was built with support for character conversions, as provided by the CURLOPT_CONV_* callbacks. (Added in 7.15.4) diff --git a/docs/libcurl/libcurl-tutorial.3 b/docs/libcurl/libcurl-tutorial.3 index 018001d7e..17f4c3ff5 100644 --- a/docs/libcurl/libcurl-tutorial.3 +++ b/docs/libcurl/libcurl-tutorial.3 @@ -20,7 +20,7 @@ .\" * .\" ************************************************************************** .\" -.TH libcurl-tutorial 3 "4 Mar 2009" "libcurl" "libcurl programming" +.TH libcurl-tutorial 3 "2 Aug 2014" "libcurl" "libcurl programming" .SH NAME libcurl-tutorial \- libcurl programming tutorial .SH "Objective" @@ -442,7 +442,7 @@ authentication method is called 'Basic', which is sending the name and password in clear-text in the HTTP request, base64-encoded. This is insecure. At the time of this writing, libcurl can be built to use: Basic, Digest, NTLM, -Negotiate, GSS-Negotiate and SPNEGO. You can tell libcurl which one to use +Negotiate (SPNEGO). You can tell libcurl which one to use with \fICURLOPT_HTTPAUTH(3)\fP as in: curl_easy_setopt(easyhandle, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); diff --git a/docs/libcurl/opts/CURLOPT_HTTPAUTH.3 b/docs/libcurl/opts/CURLOPT_HTTPAUTH.3 index 3f0ab12ec..35d75aa50 100644 --- a/docs/libcurl/opts/CURLOPT_HTTPAUTH.3 +++ b/docs/libcurl/opts/CURLOPT_HTTPAUTH.3 @@ -20,7 +20,7 @@ .\" * .\" ************************************************************************** .\" -.TH CURLOPT_HTTPAUTH 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" +.TH CURLOPT_HTTPAUTH 3 "2 Aug 2014" "libcurl 7.38.0" "curl_easy_setopt options" .SH NAME CURLOPT_HTTPAUTH \- set HTTP server authentication methods to try .SH SYNOPSIS @@ -56,14 +56,12 @@ defined in RFC2617 and is a more secure way to do authentication over public networks than the regular old-fashioned Basic method. The IE flavor is simply that libcurl will use a special "quirk" that IE is known to have used before version 7 and that some servers require the client to use. -.IP CURLAUTH_GSSNEGOTIATE -HTTP GSS-Negotiate authentication. The GSS-Negotiate (also known as plain -\&"Negotiate") method was designed by Microsoft and is used in their web -applications. It is primarily meant as a support for Kerberos5 authentication -but may also be used along with other authentication methods. For more -information see IETF draft draft-brezak-spnego-http-04.txt. +.IP CURLAUTH_NEGOTIATE +HTTP Negotiate (SPNEGO) authentication. Negotiate authentication is defined +in RFC 4559 and is the most secure way to perform authentication over HTTP. -You need to build libcurl with a suitable GSS-API library for this to work. +You need to build libcurl with a suitable GSS-API library or SSPI on Windows +for this to work. .IP CURLAUTH_NTLM HTTP NTLM authentication. A proprietary protocol invented and used by Microsoft. It uses a challenge-response and hash concept similar to Digest, to diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 5cbeff091..d4ba61ae1 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -17,7 +17,7 @@ CURLAUTH_ANYSAFE 7.10.6 CURLAUTH_BASIC 7.10.6 CURLAUTH_DIGEST 7.10.6 CURLAUTH_DIGEST_IE 7.19.3 -CURLAUTH_GSSNEGOTIATE 7.10.6 +CURLAUTH_GSSNEGOTIATE 7.10.6 7.38.0 CURLAUTH_NEGOTIATE 7.38.0 CURLAUTH_NONE 7.10.6 CURLAUTH_NTLM 7.10.6 -- cgit v1.2.3