curl/tests/data/test69

<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<data>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data>

# This is supposed to be returned when the server gets a first
# Authorization: NTLM line passed-in from the client
<data1001>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

This is not the real page either!
</data1001>

# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</data1002>

<datacheck>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</datacheck>

</reply>

# Client-side
<client>
<features>
NTLM
</features>
<server>
http
</server>
 <name>
HTTP with NTLM, Basic or Wild-and-crazy authorization
 </name>
 <command>
http://%HOSTIP:%HTTPPORT/69 -u testuser:testpass --anyauth
</command>
</client>

# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
# We strip off a large chunk of the type-2 NTLM message since it depends on
# the local host name and thus differs on different machines!
<strippart>
s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/
</strippart>
<protocol>
GET /69 HTTP/1.1
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*

GET /69 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*

GET /69 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*

</protocol>
</verify>
</testcase>
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`<testcase>`
keywords added 2005-04-22 17:59:08 -04:00			`<info>`
			`<keywords>`
			`HTTP`
			`HTTP GET`
			`HTTP NTLM auth`
			`</keywords>`
			`</info>`
new tests 2003-06-26 07:45:04 -04:00			`# Server-side`
			`<reply>`
			`<data>`
modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`HTTP/1.1 401 Authorization Required swsclose`
new tests 2003-06-26 07:45:04 -04:00			`Server: Apache/1.3.27 (Darwin) PHP/4.1.2`
			`WWW-Authenticate: Basic`
			`WWW-Authenticate: Wild-and-crazy`
			`WWW-Authenticate: NTLM`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 26`
new tests 2003-06-26 07:45:04 -04:00
			`This is not the real page`
			`</data>`

			`# This is supposed to be returned when the server gets a first`
			`# Authorization: NTLM line passed-in from the client`
			`<data1001>`
			`HTTP/1.1 401 Now gimme that second request of crap`
			`Server: Microsoft-IIS/5.0`
modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`Content-Length: 34`
new tests 2003-06-26 07:45:04 -04:00			`Content-Type: text/html; charset=iso-8859-1`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

			`This is not the real page either!`
			`</data1001>`

			`# This is supposed to be returned when the server gets the second`
			`# Authorization: NTLM line passed-in from the client`
			`<data1002>`
modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`HTTP/1.1 200 Things are fine in server land swsclose`
new tests 2003-06-26 07:45:04 -04:00			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
new tests 2003-06-26 07:45:04 -04:00
			`Finally, this is the real page!`
			`</data1002>`

			`<datacheck>`
modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`HTTP/1.1 401 Authorization Required swsclose`
new tests 2003-06-26 07:45:04 -04:00			`Server: Apache/1.3.27 (Darwin) PHP/4.1.2`
			`WWW-Authenticate: Basic`
			`WWW-Authenticate: Wild-and-crazy`
			`WWW-Authenticate: NTLM`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 26`
new tests 2003-06-26 07:45:04 -04:00
			`HTTP/1.1 401 Now gimme that second request of crap`
			`Server: Microsoft-IIS/5.0`
modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`Content-Length: 34`
new tests 2003-06-26 07:45:04 -04:00			`Content-Type: text/html; charset=iso-8859-1`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

modified to work fine with the new persistant connection working test suite HTTP server 2003-07-19 19:57:08 -04:00			`HTTP/1.1 200 Things are fine in server land swsclose`
new tests 2003-06-26 07:45:04 -04:00			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
new tests 2003-06-26 07:45:04 -04:00
			`Finally, this is the real page!`
			`</datacheck>`

			`</reply>`

			`# Client-side`
			`<client>`
			`<features>`
Make NTLM tests depend on the NTLM feature at not SSL, since the NTLM support is no longer only present when built with SSL support. 2005-03-21 03:14:32 -05:00			`NTLM`
new tests 2003-06-26 07:45:04 -04:00			`</features>`
			`<server>`
			`http`
			`</server>`
			`<name>`
			`HTTP with NTLM, Basic or Wild-and-crazy authorization`
			`</name>`
			`<command>`
Now the test servers and test cases can run on a custom port number. There's no fixed port numbers in use anymore. Starting now, the default ports the servers use are 8990 - 8993. There's no option to modify these yet, but changing the $base option in the top of the runtests.pl script. 2004-09-08 04:08:38 -04:00			`http://%HOSTIP:%HTTPPORT/69 -u testuser:testpass --anyauth`
new tests 2003-06-26 07:45:04 -04:00			`</command>`
A minor "syntax error" in numerous test files corrected 2005-01-25 16:45:03 -05:00			`</client>`
new tests 2003-06-26 07:45:04 -04:00
			`# Verify data after the test has been "shot"`
			`<verify>`
			`<strip>`
			`^User-Agent:.*`
			`</strip>`
Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. 2006-04-05 08:35:48 -04:00			`# We strip off a large chunk of the type-2 NTLM message since it depends on`
			`# the local host name and thus differs on different machines!`
			`<strippart>`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/`
Fixed some tag typos in the test data files. 2007-01-17 15:36:56 -05:00			`</strippart>`
new tests 2003-06-26 07:45:04 -04:00			`<protocol>`
			`GET /69 HTTP/1.1`
			`User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
Modified the default HTTP Accept: header to only be Accept: / 2004-02-09 07:46:41 -05:00			`Accept: /`
new tests 2003-06-26 07:45:04 -04:00
			`GET /69 HTTP/1.1`
NTLM2 session response support 2006-06-07 10:14:04 -04:00			`Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=`
new tests 2003-06-26 07:45:04 -04:00			`User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
Modified the default HTTP Accept: header to only be Accept: / 2004-02-09 07:46:41 -05:00			`Accept: /`
new tests 2003-06-26 07:45:04 -04:00
			`GET /69 HTTP/1.1`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA`
new tests 2003-06-26 07:45:04 -04:00			`User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
Modified the default HTTP Accept: header to only be Accept: / 2004-02-09 07:46:41 -05:00			`Accept: /`
new tests 2003-06-26 07:45:04 -04:00
			`</protocol>`
			`</verify>`
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`</testcase>`