~ubuntu-branches/ubuntu/saucy/curl/saucy-security

<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP NTLM auth

</keywords>

</info>

# Server-side

<reply>

 

<!-- no <data> in this test since we have NTLM from the start

 

This is supposed to be returned when the server gets a first

Authorization: NTLM line passed-in from the client -->

 

<data1001>

HTTP/1.1 401 Now gimme that second request of crap

Server: Microsoft-IIS/5.0

Content-Type: text/html; charset=iso-8859-1

Content-Length: 34

WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

 

This is not the real page either!

</data1001>

 

# This is supposed to be returned when the server gets the second

# Authorization: NTLM line passed-in from the client

<data1002>

HTTP/1.1 200 Things are fine in server land swsclose

Server: Microsoft-IIS/5.0

Content-Type: text/html; charset=iso-8859-1

Content-Length: 32

 

Finally, this is the real page!

</data1002>

 

<datacheck>

HTTP/1.1 401 Now gimme that second request of crap

Server: Microsoft-IIS/5.0

Content-Type: text/html; charset=iso-8859-1

Content-Length: 34

WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

 

HTTP/1.1 200 Things are fine in server land swsclose

Server: Microsoft-IIS/5.0

Content-Type: text/html; charset=iso-8859-1

Content-Length: 32

 

Finally, this is the real page!

</datacheck>

 

</reply>

 

# Client-side

<client>

<features>

NTLM_WB

debug

</features>

<server>

http

</server>

 <name>

HTTP with NTLM delegation to winbind helper

 </name>

 <setenv>

# we force our own host name, in order to make the test machine independent

CURL_GETHOSTNAME=curlhost

# we try to use the LD_PRELOAD hack, if not a debug build

LD_PRELOAD=%PWD/libtest/.libs/libhostname.so

# set path to fake_auth instead of real ntlm_auth to generate NTLM type1 and type 3 messages

CURL_NTLM_WB_FILE=%PWD/server/fake_ntlm

# set source directory so fake_ntlm can find the test files

CURL_NTLM_AUTH_SRCDIR=%SRCDIR

# set the test number

CURL_NTLM_AUTH_TESTNUM=1310

 </setenv>

 <command>

http://%HOSTIP:%HTTPPORT/1310 -u testuser:anypasswd --ntlm-wb

</command>

<precheck>

chkhostname curlhost

</precheck>

</client>

 

# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /1310 HTTP/1.1

Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAAwAAAA

User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3

Host: %HOSTIP:%HTTPPORT

Accept: */*

 

GET /1310 HTTP/1.1

Authorization: NTLM TlRMTVNTUAADAAAAGAAYAE8AAAAYABgAZwAAAAAAAABAAAAACAAIAEAAAAAHAAcASAAAAAAAAAAAAAAAggEAAHRlc3R1c2VyVU5LTk9XTlpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOQ==

User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3

Host: %HOSTIP:%HTTPPORT

Accept: */*

 

</protocol>

</verify>

# Input and output (type 1 message) for fake_ntlm

<ntlm_auth_type1>

<input>

YR

</input>

<output>

YR TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAAwAAAA

</output>

</ntlm_auth_type1>

# Input and output (type 3 message) for fake_ntlm

<ntlm_auth_type3>

<input>

TT TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

</input>

<output>

KK TlRMTVNTUAADAAAAGAAYAE8AAAAYABgAZwAAAAAAAABAAAAACAAIAEAAAAAHAAcASAAAAAAAAAAAAAAAggEAAHRlc3R1c2VyVU5LTk9XTlpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOQ==

</output>

</ntlm_auth_type3>

</testcase>