moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-10-31 23:55:01 -04:00
Code Issues Releases Wiki Activity
028391df5d
curl/tests/data/test90

194 lines
6.1 KiB
Plaintext
Raw Normal View History

Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools.
2007-01-22 21:25:56 -05:00
<testcase>
keyword update
2005-04-27 05:59:47 -04:00
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
--anyauth
followlocation
</keywords>
</info>
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
# Server-side
<reply>
<data>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 26
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
This is not the real page
</data>
# This is supposed to be returned when the server gets a first
# Authorization: NTLM line passed-in from the client
<data1001>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
This is not the real page either!
</data1001>
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 301 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Connection: close
Location: /you/900010
</data1002>
# This is the first reply after the redirection
<data10>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 26
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
This is not the real page
</data10>
<data1011>
HTTP/1.1 401 Now gimme that second round of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
This is not the real page either!
</data1011>
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1012>
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 32
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
Finally, this is the real page!
</data1012>
<datacheck>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 26
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
HTTP/1.1 301 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Connection: close
Location: /you/900010
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 26
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
HTTP/1.1 401 Now gimme that second round of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring.
2006-11-25 08:32:04 -05:00
Content-Length: 32
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<features>
Make NTLM tests depend on the NTLM feature at not SSL, since the NTLM support is no longer only present when built with SSL support.
2005-03-21 03:14:32 -05:00
NTLM
tests: Disabled NTLM tests when running with SSPI enabled
2013-12-28 15:22:22 -05:00
!SSPI
tests: Disabled NTLM tests for non-debug builds Added required "debug" feature, missed in commit 1c9aaa0bac, as NTLMv2 calls Curl_rand() which can only be fixed to a specific entropy in debug builds.
2014-06-11 13:12:48 -04:00
debug
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
</features>
<server>
http
</server>
<name>
HTTP with NTLM via --anyauth, and then follow-location with NTLM again
</name>
NTLM tests: boost coverage by forcing the hostname A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-29 18:47:49 -04:00
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
Make the LD_PRELOAD path absolute in the tests that use it In some situations, libtool will change directories and perform a link step before executing the libtest test app. Since LD_PRELOAD is in effect for this entire process, the path to the binary must be absolute so it will be valid no matter in which directory the app is running.
2010-08-16 16:36:04 -04:00
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
NTLM tests: boost coverage by forcing the hostname A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-29 18:47:49 -04:00
</setenv>
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
<command>
Now the test servers and test cases can run on a custom port number. There's no fixed port numbers in use anymore. Starting now, the default ports the servers use are 8990 - 8993. There's no option to modify these yet, but changing the $base option in the top of the runtests.pl script.
2004-09-08 04:08:38 -04:00
http://%HOSTIP:%HTTPPORT/90 -u testuser:testpass --anyauth -L
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
</command>
NTLM tests: boost coverage by forcing the hostname A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-29 18:47:49 -04:00
<precheck>
chkhostname curlhost
</precheck>
A minor "syntax error" in numerous test files corrected
2005-01-25 16:45:03 -05:00
</client>
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /90 HTTP/1.1
Replaced 127.0.0.1 with %HOSTIP where possible
2007-09-14 15:32:31 -04:00
Host: %HOSTIP:%HTTPPORT
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
GET /90 HTTP/1.1
http: always send Host: header as first header ...after the method line: "Since the Host field-value is critical information for handling a request, a user agent SHOULD generate Host as the first header field following the request-line." / RFC 7230 section 5.4 Additionally, this will also make libcurl ignore multiple specified custom Host: headers and only use the first one. Test 1121 has been updated accordingly Bug: http://curl.haxx.se/bug/view.cgi?id=1491 Reported-by: Rainer Canavan
2015-03-11 19:50:46 -04:00
Host: %HOSTIP:%HTTPPORT
NTLM2 session response support
2006-06-07 10:14:04 -04:00
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
GET /90 HTTP/1.1
http: always send Host: header as first header ...after the method line: "Since the Host field-value is critical information for handling a request, a user agent SHOULD generate Host as the first header field following the request-line." / RFC 7230 section 5.4 Additionally, this will also make libcurl ignore multiple specified custom Host: headers and only use the first one. Test 1121 has been updated accordingly Bug: http://curl.haxx.se/bug/view.cgi?id=1491 Reported-by: Rainer Canavan
2015-03-11 19:50:46 -04:00
Host: %HOSTIP:%HTTPPORT
NTLM: set a fake entropy for debug builds with CURL_ENTROPY set Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-03-20 06:17:40 -04:00
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
GET /you/900010 HTTP/1.1
Replaced 127.0.0.1 with %HOSTIP where possible
2007-09-14 15:32:31 -04:00
Host: %HOSTIP:%HTTPPORT
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
GET /you/900010 HTTP/1.1
http: always send Host: header as first header ...after the method line: "Since the Host field-value is critical information for handling a request, a user agent SHOULD generate Host as the first header field following the request-line." / RFC 7230 section 5.4 Additionally, this will also make libcurl ignore multiple specified custom Host: headers and only use the first one. Test 1121 has been updated accordingly Bug: http://curl.haxx.se/bug/view.cgi?id=1491 Reported-by: Rainer Canavan
2015-03-11 19:50:46 -04:00
Host: %HOSTIP:%HTTPPORT
NTLM2 session response support
2006-06-07 10:14:04 -04:00
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
GET /you/900010 HTTP/1.1
http: always send Host: header as first header ...after the method line: "Since the Host field-value is critical information for handling a request, a user agent SHOULD generate Host as the first header field following the request-line." / RFC 7230 section 5.4 Additionally, this will also make libcurl ignore multiple specified custom Host: headers and only use the first one. Test 1121 has been updated accordingly Bug: http://curl.haxx.se/bug/view.cgi?id=1491 Reported-by: Rainer Canavan
2015-03-11 19:50:46 -04:00
Host: %HOSTIP:%HTTPPORT
NTLM: set a fake entropy for debug builds with CURL_ENTROPY set Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-03-20 06:17:40 -04:00
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBALIBPdoGahtQQ8gQ7TJrKTYzMjM0NDIzNBFnpKw8B1BLcb456sVeozgBAQAAAAAAAACAPtXesZ0BMzIzNDQyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Modified the default HTTP Accept: header to only be Accept: */*
2004-02-09 07:46:41 -05:00
Accept: */*
Test 90 added: --anyauth that picks NTLM with a redirect and then another NTLM request.
2003-09-15 18:29:41 -04:00
</protocol>
</verify>
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => &amp; ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools.
2007-01-22 21:25:56 -05:00
</testcase>
Reference in New Issue Copy Permalink