moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity
be285cde3f
curl/tests/data/test69
Daniel Stenberg be285cde3f Michele Bini modified the NTLM code to work for his "weird IIS case" 
(http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
function in addition to the LM one and making some other adjustments in the
order the different parts of the data block are sent in the Type-2 reply.
Inspiration for this work was taken from the Firefox NTLM implementation.

I edited the existing 21(!) NTLM test cases to run fine with these news. Due
to the fact that we now properly include the host name in the Type-2 message
the test cases now only compare parts of that chunk.
2006-04-05 12:35:48 +00:00

112 lines
3.2 KiB
Plaintext
Raw Blame History

<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<data>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
This is not the real page
</data>
# This is supposed to be returned when the server gets a first
# Authorization: NTLM line passed-in from the client
<data1001>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
This is not the real page either!
</data1001>
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Finally, this is the real page!
</data1002>
<datacheck>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<features>
NTLM
</features>
<server>
http
</server>
<name>
HTTP with NTLM, Basic or Wild-and-crazy authorization
</name>
<command>
http://%HOSTIP:%HTTPPORT/69 -u testuser:testpass --anyauth
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
# We strip off a large chunk of the type-2 NTLM message since it depends on
# the local host name and thus differs on different machines!
<strippart>
s/^(Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAEAA).*/$1/
</strippart)
<protocol>
GET /69 HTTP/1.1
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:%HTTPPORT
Accept: */*
GET /69 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIAAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:%HTTPPORT
Accept: */*
GET /69 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAEAA
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:%HTTPPORT
Accept: */*
</protocol>
</verify>
Reference in New Issue View Git Blame Copy Permalink