curl/tests/data/test169
Jay Satiro 9603c8299f tests: Change NTLM tests to require SSL
Prior to this change tests that required NTLM feature did not require
SSL feature.

There are pending changes to cmake builds that will allow enabling NTLM
in non-SSL builds in Windows. In that case the NTLM auth strings created
are different from what is expected by the NTLM tests and they fail:

"The issue with NTLM is that previous non-SSL builds would not enable
NTLM and so the NTLM tests would be skipped."

Assisted-by: marc-groundctl@users.noreply.github.com

Ref: https://github.com/curl/curl/pull/4717#issuecomment-566218729

Closes https://github.com/curl/curl/pull/4768
2019-12-31 02:47:53 -05:00

132 lines
4.0 KiB
Plaintext

<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP proxy
HTTP proxy NTLM auth
HTTP Digest auth
</keywords>
</info>
# Server-side
<reply>
# this is returned first since we get no proxy-auth
<data>
HTTP/1.1 407 Authorization Required to proxy me my dear swsclose
Proxy-Authenticate: NTLM
And you should ignore this data.
</data>
# then this is returned since we get no server-auth
<data1000>
HTTP/1.1 200 Authorizated fine
Content-Length: 27
Welcome to the end station
</data1000>
<data1001>
HTTP/1.1 407 NTLM type-1 received sending back type-2
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
This is not the real page either!
</data1001>
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 401 You now need to authenticate with the host
Server: Microsoft-IIS/5.0
WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef"
Content-Length: 46
Content-Type: text/html; charset=iso-8859-1
We have not authenticated with the server yet
</data1002>
<datacheck>
HTTP/1.1 407 NTLM type-1 received sending back type-2
Server: Microsoft-IIS/5.0
Content-Length: 34
Content-Type: text/html; charset=iso-8859-1
Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
HTTP/1.1 401 You now need to authenticate with the host
Server: Microsoft-IIS/5.0
WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef"
Content-Length: 46
Content-Type: text/html; charset=iso-8859-1
HTTP/1.1 200 Authorizated fine
Content-Length: 27
Welcome to the end station
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<features>
NTLM
SSL
!SSPI
debug
proxy
</features>
<name>
HTTP with proxy-requiring-NTLM to site-requiring-Digest
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://data.from.server.requiring.digest.hohoho.com/169 --proxy http://%HOSTIP:%HTTPPORT --proxy-user testuser:testpass --proxy-ntlm --digest --user digest:alot
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent: curl/.*
</strip>
<protocol>
GET http://data.from.server.requiring.digest.hohoho.com/169 HTTP/1.1
Host: data.from.server.requiring.digest.hohoho.com
Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/7.12.0-CVS (i686-pc-linux-gnu) libcurl/7.12.0-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.3
Accept: */*
Proxy-Connection: Keep-Alive
GET http://data.from.server.requiring.digest.hohoho.com/169 HTTP/1.1
Host: data.from.server.requiring.digest.hohoho.com
Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADQzMjE1MzIxAAAAAAAAAAAAAAAAAAAAADj3hs3u3j0kgJqCrLM+74BmaoNHDfIJjHRlc3R1c2VyY3VybGhvc3Q=
User-Agent: curl/7.12.0-CVS (i686-pc-linux-gnu) libcurl/7.12.0-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.3
Accept: */*
Proxy-Connection: Keep-Alive
GET http://data.from.server.requiring.digest.hohoho.com/169 HTTP/1.1
Host: data.from.server.requiring.digest.hohoho.com
Authorization: Digest username="digest", realm="r e a l m", nonce="abcdef", uri="/169", response="95d48591985a03c4b49cb962aa7bd3e6"
User-Agent: curl/7.12.0-CVS (i686-pc-linux-gnu) libcurl/7.12.0-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.3
Accept: */*
Proxy-Connection: Keep-Alive
</protocol>
</verify>
</testcase>