curl/tests/data/test150

<testcase>

<!-- Server-side -->
<reply>

<!-- no <data> in this test since we have NTLM from the start

This is supposed to be returned when the server gets a first
Authorization: NTLM line passed-in from the client -->

<data1001>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

This is not the real page either!
</data1001>

# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</data1002>

<datacheck>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</datacheck>

</reply>

# Client-side
<client>
<features>
NTLM
</features>
<server>
http
</server>
 <name>
HTTP with NTLM authorization and --fail
 </name>
 <command>
http://%HOSTIP:%HTTPPORT/150 -u testuser:testpass --ntlm --fail
</command>
</client>

# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
# We strip off a large chunk of the type-2 NTLM message since it depends on
# the local host name and thus differs on different machines!
<strippart>
s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/
</strippart>
<protocol>
GET /150 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*

GET /150 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*

</protocol>
</verify>
</testcase>
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`<testcase>`

			`<!-- Server-side -->`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`<reply>`

Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`<!-- no <data> in this test since we have NTLM from the start`

			`This is supposed to be returned when the server gets a first`
			`Authorization: NTLM line passed-in from the client -->`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00
			`<data1001>`
			`HTTP/1.1 401 Now gimme that second request of crap`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
			`Content-Length: 34`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

			`This is not the real page either!`
			`</data1001>`

			`# This is supposed to be returned when the server gets the second`
			`# Authorization: NTLM line passed-in from the client`
			`<data1002>`
			`HTTP/1.1 200 Things are fine in server land swsclose`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00
			`Finally, this is the real page!`
			`</data1002>`

			`<datacheck>`
			`HTTP/1.1 401 Now gimme that second request of crap`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
			`Content-Length: 34`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

			`HTTP/1.1 200 Things are fine in server land swsclose`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00
			`Finally, this is the real page!`
			`</datacheck>`

			`</reply>`

			`# Client-side`
			`<client>`
			`<features>`
Make NTLM tests depend on the NTLM feature at not SSL, since the NTLM support is no longer only present when built with SSL support. 2005-03-21 03:14:32 -05:00			`NTLM`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`</features>`
			`<server>`
			`http`
			`</server>`
			`<name>`
			`HTTP with NTLM authorization and --fail`
			`</name>`
			`<command>`
Now the test servers and test cases can run on a custom port number. There's no fixed port numbers in use anymore. Starting now, the default ports the servers use are 8990 - 8993. There's no option to modify these yet, but changing the $base option in the top of the runtests.pl script. 2004-09-08 04:08:38 -04:00			`http://%HOSTIP:%HTTPPORT/150 -u testuser:testpass --ntlm --fail`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`</command>`
A minor "syntax error" in numerous test files corrected 2005-01-25 16:45:03 -05:00			`</client>`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00
			`# Verify data after the test has been "shot"`
			`<verify>`
			`<strip>`
			`^User-Agent:.*`
			`</strip>`
Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. 2006-04-05 08:35:48 -04:00			`# We strip off a large chunk of the type-2 NTLM message since it depends on`
			`# the local host name and thus differs on different machines!`
			`<strippart>`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/`
Fixed some tag typos in the test data files. 2007-01-17 15:36:56 -05:00			`</strippart>`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`<protocol>`
			`GET /150 HTTP/1.1`
NTLM2 session response support 2006-06-07 10:14:04 -04:00			`Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`Accept: /`

			`GET /150 HTTP/1.1`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
David Byron's new test cases for the --fail and auth stuff. 2004-03-30 01:41:33 -05:00			`Accept: /`

			`</protocol>`
			`</verify>`
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`</testcase>`