In our PHP application, we need the PHP curl-extension built in a way, that it supports the following features:
I've tried to build curl in a way to achieve this:
I did so with the command line:
nmake /f Makefile.vc mode=dll VC=15 ENABLE_WINSSL=yes DEBUG=no MACHINE=x64 ENABLE_SSPI=no WITH_NGHTTP2=dll WITH_ZLIB=static WITH_SSH2=static WITH_DEVEL=C:\curl\deps-x64
In curls winbuild/
subfolder. Then I compiled the PHP curl extension against the result.
With the result, I have the following incorrect behavior when doing an HTTP request against a web service which offers Basic, Digest, NTLM and Negotiate authentication (an Exchange webservice):
If curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
is used, everything works fine.
If curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
is used, everything works fine, too.
If curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM | CURLAUTH_BASIC);
is used, authentication fails.
The failing request contains an NTLM token which is way too short (seems to be cut off at some point). Some googling indicated that this may be due to curl being compiled to use SSPI. However, I cannot disable SSPI, because WinSSL requires it.
Does anyone know a solution to this? How to get a php-curl extension that fulfills all the above requirements?
I believe the LibCurl here satisfies all that:
https://curl.haxx.se/windows
Using this file:
#include <curl/curl.h>
#include <stdio.h>
int main() {
curl_version_info_data *o = curl_version_info(CURLVERSION_NOW);
printf("SSL: %s\n", o->ssl_version);
printf("NTLM: %d\n", o->features & CURL_VERSION_NTLM);
printf("HTTP/2: %d\n", o->features & CURL_VERSION_HTTP2);
printf("SSH2: %s\n", o->libssh_version);
printf("IPv6: %d\n", o->features & CURL_VERSION_IPV6);
}
Build:
cc https.c `
'-Icurl-7.70.0-win64-mingw\include' `
'-Lcurl-7.70.0-win64-mingw\lib' `
-lcrypt32 `
-lcurl `
-lwldap32 `
-lws2_32
Result:
SSL: OpenSSL/1.1.1g (Schannel)
NTLM: 16
HTTP/2: 65536
SSH2: libssh2/1.9.0
IPv6: 1
I did not build with Visual Studio, but Clang:
https://github.com/mstorsjo/llvm-mingw
Also I am not sure what exactly OpenSSL/1.1.1g (Schannel)
, I guess it means OpenSSL and WinSSL both? If that's not the case, you can build LibCurl yourself with CFG=-winssl
:
https://github.com/nu8/gulf/blob/master/c-https/1-curl.ps1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With