HTTP HTTP GET HTTP Basic auth HTTP NTLM auth # Server-side HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 Need Basic or NTLM auth Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Basic realm="testrealm" WWW-Authenticate: NTLM This is not the real page! HTTP/1.1 401 NTLM intermediate Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= This is still not the real page! HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 Need Basic or NTLM auth (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Basic realm="testrealm" WWW-Authenticate: NTLM This is not the real page! HTTP/1.1 401 NTLM intermediate (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= This is still not the real page! HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 Need Basic or NTLM auth (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Basic realm="testrealm" WWW-Authenticate: NTLM This is not the real page! HTTP/1.1 401 NTLM intermediate (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= This is still not the real page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 NTLM intermediate Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 NTLM intermediate (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 NTLM intermediate (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 33 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! # Client-side NTLM !SSPI http libauthretry HTTP authorization retry (Basic switching to NTLM) # we force our own host name, in order to make the test machine independent CURL_GETHOSTNAME=curlhost # we try to use the LD_PRELOAD hack, if not a debug build LD_PRELOAD=%PWD/libtest/.libs/libhostname.so http://%HOSTIP:%HTTPPORT/2025 basic ntlm chkhostname curlhost # Verify data after the test has been "shot" ^User-Agent:.* GET /20250100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz Accept: */* GET /20250200 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= Accept: */* GET /20250200 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= Accept: */* GET /20250300 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz Accept: */* GET /20250400 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= Accept: */* GET /20250400 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q= Accept: */* GET /20250500 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= Accept: */* GET /20250500 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= Accept: */*