tests/data/test2025 - third_party/curl - Git at Google

 <?xml version="1.0" encoding="US-ASCII"?>
 <testcase>
 <info>
 <keywords>
 HTTP
 HTTP GET
 HTTP Basic auth
 HTTP NTLM auth
 NTLM
 </keywords>
 </info>
 # Server-side
 <reply>

 <!-- Alternate the order that Basic and NTLM headers appear in responses to
 ensure that the order does not matter. -->

 <!-- First request has Basic auth, wrong password -->
 <data100 crlf="headers">
 HTTP/1.1 401 Sorry wrong password
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 </data100>

 <!-- Second request has NTLM auth, right password -->
 <data200 crlf="headers">
 HTTP/1.1 401 Need Basic or NTLM auth
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Basic realm="testrealm"
 WWW-Authenticate: NTLM

 This is not the real page!
 </data200>

 <data1201 crlf="headers">
 HTTP/1.1 401 NTLM intermediate
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 This is still not the real page!
 </data1201>

 <data1202 crlf="headers">
 HTTP/1.1 200 Things are fine in server land
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </data1202>

 <!-- Third request has Basic auth, wrong password -->
 <data300 crlf="headers">
 HTTP/1.1 401 Sorry wrong password (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 </data300>

 <!-- Fourth request has NTLM auth, wrong password -->
 <data400 crlf="headers">
 HTTP/1.1 401 Need Basic or NTLM auth (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Basic realm="testrealm"
 WWW-Authenticate: NTLM

 This is not the real page!
 </data400>

 <data1401 crlf="headers">
 HTTP/1.1 401 NTLM intermediate (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 This is still not the real page!
 </data1401>

 <data1402 crlf="headers">
 HTTP/1.1 401 Sorry wrong password (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 </data1402>

 <!-- Fifth request has NTLM auth, right password -->
 <data500 crlf="headers">
 HTTP/1.1 401 Need Basic or NTLM auth (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Basic realm="testrealm"
 WWW-Authenticate: NTLM

 This is not the real page!
 </data500>

 <data1501 crlf="headers">
 HTTP/1.1 401 NTLM intermediate (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 This is still not the real page!
 </data1501>

 <data1502 crlf="headers">
 HTTP/1.1 200 Things are fine in server land (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </data1502>

 <datacheck crlf="headers">
 HTTP/1.1 401 Sorry wrong password
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 HTTP/1.1 401 NTLM intermediate
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 HTTP/1.1 200 Things are fine in server land
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 HTTP/1.1 401 Sorry wrong password (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 HTTP/1.1 401 NTLM intermediate (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 HTTP/1.1 401 Sorry wrong password (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: NTLM
 WWW-Authenticate: Basic realm="testrealm"

 This is a bad password page!
 HTTP/1.1 401 NTLM intermediate (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 33
 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

 HTTP/1.1 200 Things are fine in server land (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </datacheck>

 </reply>

 # Client-side
 <client>
 <features>
 NTLM
 SSL
 !SSPI
 </features>
 <server>
 http
 </server>
 <tool>
 lib2023
 </tool>

 <name>
 HTTP authorization retry (Basic switching to NTLM)
 </name>
 <command>
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic ntlm
 </command>
 </client>

 # Verify data after the test has been "shot"
 <verify>
 <protocol crlf="headers">
 GET /%TESTNUMBER0100 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Basic %b64[testuser:wrongpass]b64%
 Accept: */*

 GET /%TESTNUMBER0200 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
 Accept: */*

 GET /%TESTNUMBER0200 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04=
 Accept: */*

 GET /%TESTNUMBER0300 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Basic %b64[testuser:wrongpass]b64%
 Accept: */*

 GET /%TESTNUMBER0400 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
 Accept: */*

 GET /%TESTNUMBER0400 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
 Accept: */*

 GET /%TESTNUMBER0500 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
 Accept: */*

 GET /%TESTNUMBER0500 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04=
 Accept: */*

 </protocol>
 </verify>
 </testcase>
	<?xml version="1.0" encoding="US-ASCII"?>
	<testcase>
	<info>
	<keywords>
	HTTP
	HTTP GET
	HTTP Basic auth
	HTTP NTLM auth
	NTLM
	</keywords>
	</info>
	# Server-side
	<reply>

	<!-- Alternate the order that Basic and NTLM headers appear in responses to
	ensure that the order does not matter. -->

	<!-- First request has Basic auth, wrong password -->
	<data100 crlf="headers">
	HTTP/1.1 401 Sorry wrong password
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	</data100>

	<!-- Second request has NTLM auth, right password -->
	<data200 crlf="headers">
	HTTP/1.1 401 Need Basic or NTLM auth
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Basic realm="testrealm"
	WWW-Authenticate: NTLM

	This is not the real page!
	</data200>

	<data1201 crlf="headers">
	HTTP/1.1 401 NTLM intermediate
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	This is still not the real page!
	</data1201>

	<data1202 crlf="headers">
	HTTP/1.1 200 Things are fine in server land
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</data1202>

	<!-- Third request has Basic auth, wrong password -->
	<data300 crlf="headers">
	HTTP/1.1 401 Sorry wrong password (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	</data300>

	<!-- Fourth request has NTLM auth, wrong password -->
	<data400 crlf="headers">
	HTTP/1.1 401 Need Basic or NTLM auth (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Basic realm="testrealm"
	WWW-Authenticate: NTLM

	This is not the real page!
	</data400>

	<data1401 crlf="headers">
	HTTP/1.1 401 NTLM intermediate (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	This is still not the real page!
	</data1401>

	<data1402 crlf="headers">
	HTTP/1.1 401 Sorry wrong password (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	</data1402>

	<!-- Fifth request has NTLM auth, right password -->
	<data500 crlf="headers">
	HTTP/1.1 401 Need Basic or NTLM auth (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Basic realm="testrealm"
	WWW-Authenticate: NTLM

	This is not the real page!
	</data500>

	<data1501 crlf="headers">
	HTTP/1.1 401 NTLM intermediate (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	This is still not the real page!
	</data1501>

	<data1502 crlf="headers">
	HTTP/1.1 200 Things are fine in server land (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</data1502>

	<datacheck crlf="headers">
	HTTP/1.1 401 Sorry wrong password
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	HTTP/1.1 401 NTLM intermediate
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	HTTP/1.1 200 Things are fine in server land
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	HTTP/1.1 401 Sorry wrong password (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	HTTP/1.1 401 NTLM intermediate (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	HTTP/1.1 401 Sorry wrong password (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: NTLM
	WWW-Authenticate: Basic realm="testrealm"

	This is a bad password page!
	HTTP/1.1 401 NTLM intermediate (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 33
	WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=

	HTTP/1.1 200 Things are fine in server land (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</datacheck>

	</reply>

	# Client-side
	<client>
	<features>
	NTLM
	SSL
	!SSPI
	</features>
	<server>
	http
	</server>
	<tool>
	lib2023
	</tool>

	<name>
	HTTP authorization retry (Basic switching to NTLM)
	</name>
	<command>
	http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic ntlm
	</command>
	</client>

	# Verify data after the test has been "shot"
	<verify>
	<protocol crlf="headers">
	GET /%TESTNUMBER0100 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Basic %b64[testuser:wrongpass]b64%
	Accept: /

	GET /%TESTNUMBER0200 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
	Accept: /

	GET /%TESTNUMBER0200 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04=
	Accept: /

	GET /%TESTNUMBER0300 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Basic %b64[testuser:wrongpass]b64%
	Accept: /

	GET /%TESTNUMBER0400 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
	Accept: /

	GET /%TESTNUMBER0400 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
	Accept: /

	GET /%TESTNUMBER0500 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM %b64[NTLMSSP%00%01%00%00%00%06%82%08%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00]b64%
	Accept: /

	GET /%TESTNUMBER0500 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04=
	Accept: /

	</protocol>
	</verify>
	</testcase>