Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CURLOPT_HTTPAUTH(3)	   curl_easy_setopt options	   CURLOPT_HTTPAUTH(3)

NAME
       CURLOPT_HTTPAUTH	- set HTTP server authentication methods to try

SYNOPSIS
       #include	<curl/curl.h>

       CURLcode	curl_easy_setopt(CURL *handle, CURLOPT_HTTPAUTH, long bitmask);

DESCRIPTION
       Pass  a	long  as parameter, which is set to a bitmask, to tell libcurl
       which authentication method(s) you want it to use speaking to  the  re-
       mote server.

       The  available  bits  are  listed  below.  If more than one bit is set,
       libcurl will first query	the site to see	which  authentication  methods
       it  supports  and  then pick the	best one you allow it to use. For some
       methods,	this will induce an extra network round-trip. Set  the	actual
       name  and  password with	the CURLOPT_USERPWD(3) option or with the CUR-
       LOPT_USERNAME(3)	and the	CURLOPT_PASSWORD(3) options.

       For authentication with a proxy,	see CURLOPT_PROXYAUTH(3).

       CURLAUTH_BASIC
	      HTTP Basic authentication. This is the default choice,  and  the
	      only  method  that is in wide-spread use and supported virtually
	      everywhere. This sends the user name and password	over the  net-
	      work in plain text, easily captured by others.

       CURLAUTH_DIGEST
	      HTTP Digest authentication.  Digest authentication is defined in
	      RFC2617 and is a more secure way to do authentication over  pub-
	      lic networks than	the regular old-fashioned Basic	method.

       CURLAUTH_DIGEST_IE
	      HTTP  Digest authentication with an IE flavor.  Digest authenti-
	      cation is	defined	in RFC2617 and is a more secure	way to do  au-
	      thentication over	public networks	than the regular old-fashioned
	      Basic method. The	IE flavor is simply that libcurl  will	use  a
	      special  "quirk"	that IE	is known to have used before version 7
	      and that some servers require the	client to use.

       CURLAUTH_NEGOTIATE
	      HTTP Negotiate (SPNEGO) authentication. Negotiate	authentication
	      is defined in RFC	4559 and is the	most secure way	to perform au-
	      thentication over	HTTP.

	      You need to build	libcurl	with a	suitable  GSS-API  library  or
	      SSPI on Windows for this to work.

       CURLAUTH_NTLM
	      HTTP  NTLM  authentication.  A proprietary protocol invented and
	      used by Microsoft. It uses a challenge-response and hash concept
	      similar  to  Digest,  to	prevent	the password from being	eaves-
	      dropped.

	      You need to build	libcurl	with either  OpenSSL,  GnuTLS  or  NSS
	      support  for  this  option  to work, or build libcurl on Windows
	      with SSPI	support.

       CURLAUTH_NTLM_WB
	      NTLM delegating to winbind helper. Authentication	 is  performed
	      by  a  separate binary application that is executed when needed.
	      The name of the application is specified at compile time but  is
	      typically	/usr/bin/ntlm_auth

	      Note  that  libcurl  will	fork when necessary to run the winbind
	      application and kill it  when  complete,	calling	 waitpid()  to
	      await  its  exit	when done. On POSIX operating systems, killing
	      the process will cause a SIGCHLD signal to be raised (regardless
	      of  whether  CURLOPT_NOSIGNAL(3)	is set), which must be handled
	      intelligently by the application.	In particular, the application
	      must  not	unconditionally	call wait() in its SIGCHLD signal han-
	      dler to avoid being subject to a race condition.	This  behavior
	      is subject to change in future versions of libcurl.

       CURLAUTH_ANY
	      This  is	a  convenience macro that sets all bits	and thus makes
	      libcurl pick any it finds	suitable. libcurl  will	 automatically
	      select the one it	finds most secure.

       CURLAUTH_ANYSAFE
	      This  is a convenience macro that	sets all bits except Basic and
	      thus makes libcurl pick any it finds suitable. libcurl will  au-
	      tomatically select the one it finds most secure.

       CURLAUTH_ONLY
	      This is a	meta symbol. OR	this value together with a single spe-
	      cific auth value to force	libcurl	 to  probe  for	 un-restricted
	      auth and if not, only that single	auth algorithm is acceptable.

DEFAULT
       CURLAUTH_BASIC

PROTOCOLS
       HTTP

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl)	{
	 CURLcode ret;
	 curl_easy_setopt(curl,	CURLOPT_URL, "https://example.com/");
	 /* allow whatever auth	the server speaks */
	 curl_easy_setopt(curl,	CURLOPT_HTTPAUTH, CURLAUTH_ANY);
	 curl_easy_setopt(curl,	CURLOPT_USERPWD, "james:bond");
	 ret = curl_easy_perform(curl);
       }

AVAILABILITY
       Option Added in 7.10.6.

       CURLAUTH_DIGEST_IE was added added in 7.19.3

       CURLAUTH_ONLY was added in 7.21.3

       CURLAUTH_NTLM_WB	was added in 7.22.0

RETURN VALUE
       Returns	CURLE_OK  if  the option is supported, CURLE_UNKNOWN_OPTION if
       not, or CURLE_NOT_BUILT_IN if the bitmask specified  no	supported  au-
       thentication methods.

SEE ALSO
       CURLOPT_PROXYAUTH(3), CURLOPT_USERPWD(3),

libcurl	7.54.1			 May 30, 2017		   CURLOPT_HTTPAUTH(3)

NAME | SYNOPSIS | DESCRIPTION | DEFAULT | PROTOCOLS | EXAMPLE | AVAILABILITY | RETURN VALUE | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=CURLOPT_HTTPAUTH&sektion=3&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help