http: do not require a user name when using CURLAUTH_NEGOTIATE

In order to get Negotiate (SPNEGO) authentication to work in HTTP you
used to be required to provide a (fake) user name (th

http: do not require a user name when using CURLAUTH_NEGOTIATE

In order to get Negotiate (SPNEGO) authentication to work in HTTP you
used to be required to provide a (fake) user name (this concerned both
curl and the lib) because the code wrongly only considered
authentication if there was a user name provided, as in:

curl -u : --negotiate https://example.com/

This commit leverages the `struct auth` want member to figure out if the
user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
setting a user name both in curl and the lib.

Signed-off-by: Marin Hannache <git@mareo.fr>
Reported-by: Enrico Scholz
Fixes https://sourceforge.net/p/curl/bugs/440/
Fixes #1161
Closes #9047

show more ...

tests: use %TESTNUMBER instead of fixed number

This makes the tests easier to copy and relocate to other test numbers
without having to update content.

Closes #6738

http_negotiate: improve handling of gss_init_sec_context() failures

If HTTPAUTH_GSSNEGOTIATE was used for a POST request and
gss_init_sec_context() failed, the POST request was sent

http_negotiate: improve handling of gss_init_sec_context() failures

If HTTPAUTH_GSSNEGOTIATE was used for a POST request and
gss_init_sec_context() failed, the POST request was sent
with empty body. This commit also restores the original
behavior of `curl --fail --negotiate`, which was changed
by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59.

Add regression tests 2077 and 2078 to cover this.

Fixes #3992
Closes #4171

show more ...