curl/tests/data/test155

<testcase>
# Server-side
<reply>
<servercmd>
auth_required
</servercmd>
<data>
HTTP/1.1 401 NTLM Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
WWW-Authenticate: Basic realm="gimme all yer s3cr3ts"
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Connection: close

moo
</data>

# This is supposed to be returned when the server gets a first
# Authorization: NTLM line passed-in from the client
<data1001>
HTTP/1.1 401 Type-1 received, send back type-2
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

This is not the real page either!
</data1001>

# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 200 Type-3 Recevied and all Things are fine swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</data1002>

<datacheck>
HTTP/1.1 401 NTLM Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
WWW-Authenticate: Basic realm="gimme all yer s3cr3ts"
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Connection: close

HTTP/1.1 401 Type-1 received, send back type-2
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

HTTP/1.1 200 Type-3 Recevied and all Things are fine swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</datacheck>

</reply>

# Client-side
<client>
<features>
NTLM
</features>
<server>
http
</server>
 <name>
HTTP PUT with --anyauth authorization (picking NTLM)
 </name>
 <command>
http://%HOSTIP:%HTTPPORT/155 -T log/put155 -u testuser:testpass --anyauth
</command>
<file name="log/put155">
This is data we upload with PUT
a second line
line three
four is the number of lines
</file>
</client>

# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
# We strip off a large chunk of the type-2 NTLM message since it depends on
# the local host name and thus differs on different machines!
<strippart>
s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/
</strippart>
<protocol>
PUT /155 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 85
Expect: 100-continue

PUT /155 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 0
Expect: 100-continue

PUT /155 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 85
Expect: 100-continue

This is data we upload with PUT
a second line
line three
four is the number of lines
</protocol>
</verify>
</testcase>
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`<testcase>`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`# Server-side`
			`<reply>`
			`<servercmd>`
			`auth_required`
			`</servercmd>`
			`<data>`
			`HTTP/1.1 401 NTLM Authorization Required swsclose`
			`Server: Apache/1.3.27 (Darwin) PHP/4.1.2`
			`WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"`
			`WWW-Authenticate: Basic realm="gimme all yer s3cr3ts"`
			`WWW-Authenticate: NTLM`
			`Content-Type: text/html; charset=iso-8859-1`
			`Connection: close`

			`moo`
			`</data>`

			`# This is supposed to be returned when the server gets a first`
			`# Authorization: NTLM line passed-in from the client`
			`<data1001>`
			`HTTP/1.1 401 Type-1 received, send back type-2`
			`Server: Microsoft-IIS/5.0`
			`Content-Length: 34`
			`Content-Type: text/html; charset=iso-8859-1`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

			`This is not the real page either!`
			`</data1001>`

			`# This is supposed to be returned when the server gets the second`
			`# Authorization: NTLM line passed-in from the client`
			`<data1002>`
			`HTTP/1.1 200 Type-3 Recevied and all Things are fine swsclose`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00
			`Finally, this is the real page!`
			`</data1002>`

			`<datacheck>`
			`HTTP/1.1 401 NTLM Authorization Required swsclose`
			`Server: Apache/1.3.27 (Darwin) PHP/4.1.2`
			`WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"`
			`WWW-Authenticate: Basic realm="gimme all yer s3cr3ts"`
			`WWW-Authenticate: NTLM`
			`Content-Type: text/html; charset=iso-8859-1`
			`Connection: close`

			`HTTP/1.1 401 Type-1 received, send back type-2`
			`Server: Microsoft-IIS/5.0`
			`Content-Length: 34`
			`Content-Type: text/html; charset=iso-8859-1`
			`WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==`

			`HTTP/1.1 200 Type-3 Recevied and all Things are fine swsclose`
			`Server: Microsoft-IIS/5.0`
			`Content-Type: text/html; charset=iso-8859-1`
Venkat Akella found out that libcurl did not like HTTP responses that simply responded with a single status line and no headers nor body. Starting now, a HTTP response on a persistent connection (i.e not set to be closed after the response has been taken care of) must have Content-Length or chunked encoding set, or libcurl will simply assume that there is no body. To my horror I learned that we had no less than 57(!) test cases that did bad HTTP responses like this, and even the test http server (sws) responded badly when queried by the test system if it is the test system. So although the actual fix for the problem was tiny, going through all the newly failing test cases got really painful and boring. 2006-11-25 08:32:04 -05:00			`Content-Length: 32`
stricter newline policy 2004-11-29 07:01:07 -05:00
			`Finally, this is the real page!`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`</datacheck>`

			`</reply>`

			`# Client-side`
			`<client>`
require ssl since ntlm needs it 2004-04-06 11:16:07 -04:00			`<features>`
Make NTLM tests depend on the NTLM feature at not SSL, since the NTLM support is no longer only present when built with SSL support. 2005-03-21 03:14:32 -05:00			`NTLM`
require ssl since ntlm needs it 2004-04-06 11:16:07 -04:00			`</features>`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`<server>`
			`http`
			`</server>`
			`<name>`
			`HTTP PUT with --anyauth authorization (picking NTLM)`
			`</name>`
			`<command>`
Now the test servers and test cases can run on a custom port number. There's no fixed port numbers in use anymore. Starting now, the default ports the servers use are 8990 - 8993. There's no option to modify these yet, but changing the $base option in the top of the runtests.pl script. 2004-09-08 04:08:38 -04:00			`http://%HOSTIP:%HTTPPORT/155 -T log/put155 -u testuser:testpass --anyauth`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`</command>`
			`<file name="log/put155">`
			`This is data we upload with PUT`
			`a second line`
			`line three`
			`four is the number of lines`
			`</file>`
			`</client>`

			`# Verify data after the test has been "shot"`
			`<verify>`
			`<strip>`
			`^User-Agent:.*`
			`</strip>`
Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. 2006-04-05 08:35:48 -04:00			`# We strip off a large chunk of the type-2 NTLM message since it depends on`
			`# the local host name and thus differs on different machines!`
			`<strippart>`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA).*/$1/`
Fixed some tag typos in the test data files. 2007-01-17 15:36:56 -05:00			`</strippart>`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`<protocol>`
HTTP "auth done right". See lib/README.httpauth 2004-11-24 11:11:35 -05:00			`PUT /155 HTTP/1.1`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`Accept: /`
HTTP "auth done right". See lib/README.httpauth 2004-11-24 11:11:35 -05:00			`Content-Length: 85`
			`Expect: 100-continue`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00
HTTP "auth done right". See lib/README.httpauth 2004-11-24 11:11:35 -05:00			`PUT /155 HTTP/1.1`
NTLM2 session response support 2006-06-07 10:14:04 -04:00			`Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`Accept: /`
HTTP "auth done right". See lib/README.httpauth 2004-11-24 11:11:35 -05:00			`Content-Length: 0`
			`Expect: 100-continue`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00
			`PUT /155 HTTP/1.1`
cut off a bit more of the type-2 ntlm message since it differs between hosts 2006-04-05 08:46:03 -04:00			`Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAA`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3`
Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 15:32:31 -04:00			`Host: %HOSTIP:%HTTPPORT`
New authentication code added, particularly noticable when doing POST or PUT with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication and when done perform the requested POST. 2004-04-06 11:14:10 -04:00			`Accept: /`
			`Content-Length: 85`
			`Expect: 100-continue`

			`This is data we upload with PUT`
			`a second line`
			`line three`
			`four is the number of lines`
			`</protocol>`
			`</verify>`
Convert (most of) the test data files into genuine XML. A handful still are not, due mainly to the lack of support for XML character entities (e.g. & => & ). This will make it easier to validate test files using tools like xmllint, as well as edit and view them using XML tools. 2007-01-22 21:25:56 -05:00			`</testcase>`