1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-18 07:25:14 -05:00
Commit Graph

27 Commits

Author SHA1 Message Date
Markus Moeller
7bcca93459 ntlm: update selection of type 3 response
NTLM2 did not work i.e. no NTLMv2 response was created. Changing the
check seems to work.

Ref: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf

Fixes https://github.com/curl/curl/issues/3286
Closes https://github.com/curl/curl/pull/3287
Closes https://github.com/curl/curl/pull/3415
2019-01-01 11:47:17 +01:00
luz.paz
236402fc2d
cleanup: misc typos in strings and comments
Found via `codespell`

Closes #2389
2018-03-16 11:08:31 +01:00
Daniel Stenberg
73afcfc0ae tests: updated for modified fake random 2017-05-08 23:24:43 +02:00
Daniel Stenberg
a5d994941c http: always send Host: header as first header
...after the method line:

 "Since the Host field-value is critical information for handling a
 request, a user agent SHOULD generate Host as the first header field
 following the request-line." / RFC 7230 section 5.4

Additionally, this will also make libcurl ignore multiple specified
custom Host: headers and only use the first one. Test 1121 has been
updated accordingly

Bug: http://curl.haxx.se/bug/view.cgi?id=1491
Reported-by: Rainer Canavan
2015-03-12 12:15:24 +01:00
Daniel Stenberg
e95ca7cec9 NTLM: set a fake entropy for debug builds with CURL_ENTROPY set
Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.

Also, fake timestamp with CURL_FORCETIME set.

Only when built debug enabled of course.

Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.

create_digest_md5_message: generate base64 instead of hex string

curl_sasl: also fix memory leaks in some OOM situations
2014-06-11 23:15:48 +02:00
Steve Holme
ceacbacd14 tests: Disabled NTLM tests for non-debug builds
Added required "debug" feature, missed in commit 1c9aaa0bac, as NTLMv2
calls Curl_rand() which can only be fixed to a specific entropy in
debug builds.
2014-06-11 21:24:59 +01:00
Daniel Stenberg
42937f87e6 HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue
Without request body there's no point in asking for 100-continue.

Bug: http://curl.haxx.se/bug/view.cgi?id=1349
Reported-by: JimS
2014-04-04 15:46:35 +02:00
Dan Fandrich
c03243576a tests: added missing HTTP NTLM auth keywords
Also, removed an unneeded strippart
2014-03-15 10:54:49 +01:00
Steve Holme
1c9aaa0bac tests: Updated NTLM tests for NTLMv2 type-3 message 2014-01-30 19:14:04 +00:00
Steve Holme
01aaad7442 tests: Disabled NTLM tests when running with SSPI enabled 2013-12-28 20:37:00 +00:00
Fabian Keil
81d96c4421 Add keywords for a couple of currently keyword-less HTTP tests 2012-11-19 10:58:14 +01:00
Dan Fandrich
4d703ee100 Make the LD_PRELOAD path absolute in the tests that use it
In some situations, libtool will change directories and perform
a link step before executing the libtest test app. Since
LD_PRELOAD is in effect for this entire process, the path to the
binary must be absolute so it will be valid no matter in which
directory the app is running.
2010-08-16 13:36:51 -07:00
Kamil Dudka
b5c3feda17 NTLM tests: boost coverage by forcing the hostname
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM
test-cases to override the system implementation of gethostname().  It
makes it possible to test the NTLM authentication for exact match, and
this way test the implementation of MD4 and DES.

If LD_PRELOAD doesn't work, a debug build willl also workk as debug
builds are now made to prefer a specific environment variable and will
then return that content as host name instead of the actual one.

Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-30 00:51:24 +02:00
Dan Fandrich
05e4a3026d Replaced 127.0.0.1 with %HOSTIP where possible 2007-09-14 19:32:31 +00:00
Dan Fandrich
33bea767eb Convert (most of) the test data files into genuine XML. A handful still
are not, due mainly to the lack of support for XML character entities
(e.g. & => & ).  This will make it easier to validate test files using
tools like xmllint, as well as edit and view them using XML tools.
2007-01-23 02:25:56 +00:00
Dan Fandrich
521c4b303d Fixed some tag typos in the test data files. 2007-01-17 20:36:56 +00:00
Daniel Stenberg
da58d03ff7 Venkat Akella found out that libcurl did not like HTTP responses that simply
responded with a single status line and no headers nor body. Starting now, a
HTTP response on a persistent connection (i.e not set to be closed after the
response has been taken care of) must have Content-Length or chunked
encoding set, or libcurl will simply assume that there is no body.

To my horror I learned that we had no less than 57(!) test cases that did bad
HTTP responses like this, and even the test http server (sws) responded badly
when queried by the test system if it is the test system. So although the
actual fix for the problem was tiny, going through all the newly failing test
cases got really painful and boring.
2006-11-25 13:32:04 +00:00
Daniel Stenberg
2bd3033f68 NTLM2 session response support 2006-06-07 14:14:04 +00:00
Daniel Stenberg
b0adcd6a46 cut off a bit more of the type-2 ntlm message since it differs between
hosts
2006-04-05 12:46:03 +00:00
Daniel Stenberg
be285cde3f Michele Bini modified the NTLM code to work for his "weird IIS case"
(http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
function in addition to the LM one and making some other adjustments in the
order the different parts of the data block are sent in the Type-2 reply.
Inspiration for this work was taken from the Firefox NTLM implementation.

I edited the existing 21(!) NTLM test cases to run fine with these news. Due
to the fact that we now properly include the host name in the Type-2 message
the test cases now only compare parts of that chunk.
2006-04-05 12:35:48 +00:00
Daniel Stenberg
5d9fc28fa7 Modified the default HTTP headers used by libcurl:
A) Normal non-proxy HTTP:

 - no more "Pragma: no-cache" (this only makes sense to proxies)

B) Non-CONNECT HTTP request over proxy:

 - "Pragma: no-cache" is used (like before)
 - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies)

C) CONNECT HTTP request over proxy:

 - "Host: [name]:[port]"
 - "Proxy-Connection: Keep-alive"
2005-05-11 09:52:59 +00:00
Daniel Stenberg
3e5a32671c Make NTLM tests depend on the NTLM feature at not SSL, since the NTLM support
is no longer only present when built with SSL support.
2005-03-21 08:14:32 +00:00
Daniel Stenberg
81a3246a56 stricter newline policy 2004-11-29 12:01:07 +00:00
Daniel Stenberg
3e1caa6185 HTTP "auth done right". See lib/README.httpauth 2004-11-24 16:11:35 +00:00
Daniel Stenberg
2b1673c9c8 Now the test servers and test cases can run on a custom port number. There's
no fixed port numbers in use anymore. Starting now, the default ports the
servers use are 8990 - 8993. There's no option to modify these yet, but
changing the $base option in the top of the runtests.pl script.
2004-09-08 08:08:38 +00:00
Daniel Stenberg
a7fd6f9007 require ssl since ntlm needs it 2004-04-06 15:16:07 +00:00
Daniel Stenberg
8ed44e8dfb New authentication code added, particularly noticable when doing POST or PUT
with Digest or NTLM. libcurl will now use HEAD to negotiate the authentication
and when done perform the requested POST.
2004-04-06 15:14:10 +00:00