HTTP HTTP GET HTTP NTLM auth --anyauth followlocation # Server-side HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic WWW-Authenticate: Wild-and-crazy WWW-Authenticate: NTLM Content-Type: text/html; charset=iso-8859-1 Content-Length: 26 This is not the real page # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client HTTP/1.1 401 Now gimme that second request of crap Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 34 WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client HTTP/1.1 301 Things are fine in server land swsclose Server: Microsoft-IIS/5.0 Connection: close Location: /you/%TESTNUMBER0010 # This is the first reply after the redirection HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic WWW-Authenticate: Wild-and-crazy WWW-Authenticate: NTLM Content-Type: text/html; charset=iso-8859-1 Content-Length: 26 This is not the real page HTTP/1.1 401 Now gimme that second round of crap Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 34 WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client HTTP/1.1 200 Things are fine in server land swsclose Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic WWW-Authenticate: Wild-and-crazy WWW-Authenticate: NTLM Content-Type: text/html; charset=iso-8859-1 Content-Length: 26 HTTP/1.1 401 Now gimme that second request of crap Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 34 WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== HTTP/1.1 301 Things are fine in server land swsclose Server: Microsoft-IIS/5.0 Connection: close Location: /you/%TESTNUMBER0010 HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic WWW-Authenticate: Wild-and-crazy WWW-Authenticate: NTLM Content-Type: text/html; charset=iso-8859-1 Content-Length: 26 HTTP/1.1 401 Now gimme that second round of crap Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 34 WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== HTTP/1.1 200 Things are fine in server land swsclose Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! # Client-side NTLM SSL !SSPI debug http HTTP with NTLM via --anyauth, and then follow-location with NTLM again # we force our own host name, in order to make the test machine independent CURL_GETHOSTNAME=curlhost # we try to use the LD_PRELOAD hack, if not a debug build LD_PRELOAD=%PWD/libtest/.libs/libhostname.so http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -L chkhostname curlhost # Verify data after the test has been "shot" GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= User-Agent: curl/%VERSION Accept: */* GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADQzMjE1MzIxAAAAAAAAAAAAAAAAAAAAADj3hs3u3j0kgJqCrLM+74BmaoNHDfIJjHRlc3R1c2VyY3VybGhvc3Q= User-Agent: curl/%VERSION Accept: */* GET /you/%TESTNUMBER0010 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* GET /you/%TESTNUMBER0010 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= User-Agent: curl/%VERSION Accept: */* GET /you/%TESTNUMBER0010 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADYzMjE3MzIxAAAAAAAAAAAAAAAAAAAAAEcJ4YHOeb5ga2TCPwDhkyUIuHjBUHcLaHRlc3R1c2VyY3VybGhvc3Q= User-Agent: curl/%VERSION Accept: */*