curl/tests/data/test834
Steve Holme eb84ca3ea8 sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
RFC 4616 specifies the authzid is optional in the client authentication
message and that the server will derive the authorisation identity
(authzid) from the authentication identity (authcid) when not specified
by the client.
2019-04-22 12:29:49 +01:00

77 lines
1.3 KiB
Plaintext

<testcase>
<info>
<keywords>
IMAP
SASL
SASL AUTH NTLM
SASL AUTH PLAIN
SASL DOWNGRADE
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH NTLM PLAIN
REPLY "AUTHENTICATE NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
To: fake@nowhere
body
--
yours sincerely
</data>
</reply>
#
# Client-side
<client>
<server>
imap
</server>
<features>
NTLM
!SSPI
</features>
<name>
IMAP NTLM authentication with SASL downgrade
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
'imap://%HOSTIP:%IMAPPORT/834/;MAILINDEX=1' -u user:secret
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
A003 AUTHENTICATE PLAIN
AHVzZXIAc2VjcmV0
A004 SELECT 834
A005 FETCH 1 BODY[]
A006 LOGOUT
</protocol>
</verify>
</testcase>