romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-06 16:37:30 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/tests/data/test2093
Matthew John Cheetham 0267a63dc0 spnego: add --disable-negotiate-ntlm compile-time option 
Add configure and CMake options to define CURL_DISABLE_NEGOTIATE_NTLM,
which gates the NTLM blocking logic in the SSPI and GSS-API SPNEGO
code paths behind a compile-time flag.

Add a 'SPNEGO-no-NTLM' feature string to curl --version output and
gate the SPNEGO NTLM blocking tests on the negotiate-ntlm-disabled
feature.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
2026-04-14 15:12:50 +01:00

69 lines
1.4 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="US-ASCII"?>
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Negotiate auth (stub krb5)
SPNEGO NTLM disallowed
</keywords>
</info>
# Server-side
<reply>
<data1>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/7.0
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: Negotiate RA==
Content-Length: 15
Nice auth sir!
</data1>
<datacheck>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/7.0
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: Negotiate RA==
Content-Length: 15
Nice auth sir!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
SPNEGO with Kerberos still works when built with CURL_DISABLE_NEGOTIATE_NTLM
</name>
<features>
GSS-API
Debug
negotiate-ntlm-disabled
</features>
<setenv>
CURL_STUB_GSS_CREDS="KRB5_Alice"
</setenv>
<command>
--negotiate http://%HOSTIP:%HTTPPORT/%TESTNUMBER
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<errorcode>
0
</errorcode>
<protocol crlf="headers">
GET /%TESTNUMBER HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Negotiate %b64["KRB5_Alice":HTTP@127.0.0.1:1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64%
User-Agent: curl/%VERSION
Accept: */*
</protocol>
</verify>
</testcase>
Reference in a new issue View git blame Copy permalink