Tests 1013 and 1014 for my mbed TLS autobuilds are failing, due to invalid output of curl-config --features and --protocols. The problem is that the configure check that determines if SMB and NTLM support is available is incomplete compared to the compile-time check. These are only available if mbed TLS enables MD4 support which it doesn't by default as its comment explains: "Uncomment to enable support for (rare) MD4-signed X.509 certs". The configure check, however, only looks to see that mbed TLS is enabled at all.
It would be ugly to have to replicate that check in both places, but it's already pretty ugly NEARLY duplicating that checks for each of the features in both places. Ideally, the same compile-time check could be used in the configure script by including the same .h file, but there's a chicken and egg problem in that those files can't be included before the config.h file is written, which isn't done until the configure run is complete, which isn't complete until the check for those features is done. Maybe the answer is to require that mbed TLS have MD4 support available when enabling SMB or NTLM with a compile-time assertion. If it's not available, the compile will fail unless the user explicitly disables SMB and NTLM at configure time. This might be pretty unfriendly, though, since NTLM can only be disabled with --disable-crypto-auth which disables all other cryptographic authentication methods at the same time, and the code itself appears to work despite curl-config being wrong. ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
