b5c3feda17
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
146 lines
4.6 KiB
Plaintext
146 lines
4.6 KiB
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
HTTP NTLM auth
|
|
followlocation
|
|
</keywords>
|
|
</info>
|
|
# Server-side
|
|
<reply>
|
|
|
|
<!-- no <data> in this test since we have NTLM from the start
|
|
|
|
This is supposed to be returned when the server gets a first
|
|
Authorization: NTLM line passed-in from the client -->
|
|
|
|
<data1001>
|
|
HTTP/1.1 401 Now gimme that second request of crap
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 34
|
|
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
|
|
|
This is not the real page either!
|
|
</data1001>
|
|
|
|
# This is supposed to be returned when the server gets the second
|
|
# Authorization: NTLM line passed-in from the client
|
|
<data1002>
|
|
HTTP/1.1 301 Things are fine in server land swsclose
|
|
Server: Microsoft-IIS/5.0
|
|
Connection: close
|
|
Location: /you/890010
|
|
|
|
</data1002>
|
|
|
|
# This is the first reply after the redirection
|
|
<data1011>
|
|
HTTP/1.1 401 Now gimme that second round of crap
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 34
|
|
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
|
|
|
This is not the real page either!
|
|
</data1011>
|
|
|
|
# This is supposed to be returned when the server gets the second
|
|
# Authorization: NTLM line passed-in from the client
|
|
<data1012>
|
|
HTTP/1.1 200 Things are fine in server land swsclose
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
</data1012>
|
|
|
|
<datacheck>
|
|
HTTP/1.1 401 Now gimme that second request of crap
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 34
|
|
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
|
|
|
HTTP/1.1 301 Things are fine in server land swsclose
|
|
Server: Microsoft-IIS/5.0
|
|
Connection: close
|
|
Location: /you/890010
|
|
|
|
HTTP/1.1 401 Now gimme that second round of crap
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 34
|
|
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
|
|
|
HTTP/1.1 200 Things are fine in server land swsclose
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
</datacheck>
|
|
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<features>
|
|
NTLM
|
|
</features>
|
|
<server>
|
|
http
|
|
</server>
|
|
<name>
|
|
HTTP with NTLM and follow-location
|
|
</name>
|
|
<setenv>
|
|
# we force our own host name, in order to make the test machine independent
|
|
CURL_GETHOSTNAME=curlhost
|
|
# we try to use the LD_PRELOAD hack, if not a debug build
|
|
LD_PRELOAD=./libtest/.libs/libhostname.so
|
|
</setenv>
|
|
<command>
|
|
http://%HOSTIP:%HTTPPORT/89 -u testuser:testpass --ntlm -L
|
|
</command>
|
|
<precheck>
|
|
chkhostname curlhost
|
|
</precheck>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent:.*
|
|
</strip>
|
|
<protocol>
|
|
GET /89 HTTP/1.1
|
|
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
|
|
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /89 HTTP/1.1
|
|
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoKBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q=
|
|
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /you/890010 HTTP/1.1
|
|
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
|
|
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /you/890010 HTTP/1.1
|
|
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoKBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q=
|
|
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|