5d9fc28fa7
A) Normal non-proxy HTTP: - no more "Pragma: no-cache" (this only makes sense to proxies) B) Non-CONNECT HTTP request over proxy: - "Pragma: no-cache" is used (like before) - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies) C) CONNECT HTTP request over proxy: - "Host: [name]:[port]" - "Proxy-Connection: Keep-alive"
50 lines
1.1 KiB
Plaintext
50 lines
1.1 KiB
Plaintext
# Server-side
|
|
<reply>
|
|
<data1001 nocheck=1>
|
|
HTTP/1.0 407 BAD BOY
|
|
Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
|
|
Server: swsclose
|
|
Content-Type: text/html
|
|
|
|
Even though it's the response code that triggers authentication, we're
|
|
using NTLM and the server isn't, so we should fail. We know the server
|
|
isn't because there's no Proxy-Authorization: NTLM header
|
|
</data1001>
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<features>
|
|
NTLM
|
|
</features>
|
|
<server>
|
|
http
|
|
</server>
|
|
<name>
|
|
HTTP GET asking for --proxy-ntlm when some other authentication is required
|
|
</name>
|
|
<command>
|
|
http://%HOSTIP:%HTTPPORT/162 --proxy http://%HOSTIP:%HTTPPORT --proxy-user foo:bar --proxy-ntlm --fail
|
|
</command>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent: curl/.*
|
|
</strip>
|
|
<protocol>
|
|
GET http://127.0.0.1:%HTTPPORT/162 HTTP/1.1
|
|
Proxy-Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA=
|
|
User-Agent: curl/7.8.1-pre3 (sparc-sun-solaris2.7) libcurl 7.8.1-pre3 (OpenSSL 0.9.6a) (krb4 enabled)
|
|
Host: 127.0.0.1:%HTTPPORT
|
|
Pragma: no-cache
|
|
Accept: */*
|
|
Proxy-Connection: Keep-Alive
|
|
|
|
</protocol>
|
|
<errorcode>
|
|
22
|
|
</errorcode>
|
|
</verify>
|