<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
--anyauth
followlocation
NTLM
</keywords>
</info>
# Server-side
<reply>

<data>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data>

# This is supposed to be returned when the server gets a first
# Authorization: NTLM line passed-in from the client
<data1001>
HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

This is not the real page either!
</data1001>

# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1002>
HTTP/1.1 301 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Connection: close
Location: /you/%TESTNUMBER0010

</data1002>

# This is the first reply after the redirection
<data10>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data10>

<data1011>
HTTP/1.1 401 Now gimme that second round of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

This is not the real page either!
</data1011>

# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
<data1012>
HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</data1012>

<datacheck>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 401 Now gimme that second request of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

HTTP/1.1 301 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Connection: close
Location: /you/%TESTNUMBER0010

HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Basic
WWW-Authenticate: Wild-and-crazy
WWW-Authenticate: NTLM
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 401 Now gimme that second round of crap
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==

HTTP/1.1 200 Things are fine in server land swsclose
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32

Finally, this is the real page!
</datacheck>

</reply>

# Client-side
<client>
<features>
NTLM
SSL
!SSPI
</features>
<server>
http
</server>
<name>
HTTP with NTLM via --anyauth, and then follow-location with NTLM again
</name>
<command>
http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -L
</command>
</client>

# Verify data after the test has been "shot"
<verify>
<protocol>
GET /%TESTNUMBER HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*

GET /%TESTNUMBER HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/%VERSION
Accept: */*

GET /%TESTNUMBER HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04=
User-Agent: curl/%VERSION
Accept: */*

GET /you/%TESTNUMBER0010 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*

GET /you/%TESTNUMBER0010 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: curl/%VERSION
Accept: */*

GET /you/%TESTNUMBER0010 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04=
User-Agent: curl/%VERSION
Accept: */*

</protocol>
</verify>
</testcase>