curl-users
Different behaviour of file upload with NTLM/Negotiate proxy authentication
Date: Sun, 4 Nov 2012 15:17:45 -0000
I am testing file uploads with Negotiate and NTLM proxy authentication. And
it looks like the behaviour is different for NTLM compared to Negotiate.
When I use NTLM the Authorisation header is added but not the POST data, so
I get a wrong result.
Can anybody confirm this ? Any idea where the bug is with NTLM ?
Thank you
Markus
NTLM proxy authentication (missing Content-Type: multipart/form-data;
boundary=----------------------------2f4caf3f7cd8):
> /opt/curl-7.28/bin/curl -v -A "| MSIE |" -U
> "DOMAIN\user" --proxy-ntlm --form file_upload=@/tmp/test.txt --form
> do=test --form subdo=file_upload --form http_submit="Start HTTP upload"
> http://www.csm-testcenter.org/test
Enter proxy password for user 'DOMAIN\user':
* About to connect() to proxy proxy.domain.com port 8080 (#0)
* Trying 192.168.1.200...
* connected
* Connected to proxy.domain.com (192.168.1.200) port 8080 (#0)
* Proxy auth using NTLM with user 'DOMAIN\user'
> POST http://www.csm-testcenter.org/test HTTP/1.1
> Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
> User-Agent: | MSIE |
> Host: www.csm-testcenter.org
> Accept: */*
> Proxy-Connection: Keep-Alive
> Content-Length: 0
>
< HTTP/1.1 200 OK
< Via: 1.1 192.168.1.200 (PROXY)
< Date: Sun, 04 Nov 2012 13:22:53 GMT
< Server: Apache
< X-Cache: MISS from 192.168.1.200
< Content-Type: text/html
< Proxy-Connection: Keep-Alive
< Transfer-Encoding: chunked
<
Negotiate proxy authentication (The -U dd:dd is to get around an issue I
explained in a previous post that negotiate uses a username from the
Kerberos cache and curl can't deal with it):
> /opt/curl-7.28/bin/curl -v -A "| MSIE |" -U dd:dd --proxy-negotiate --form
> file_upload=@/tmp/test.txt --form do=test --form subdo=file_upload --form
> http_submit="Start HTTP upload" http://www.csm-testcenter.org/test
* About to connect() to proxy proxy.domain.com port 8080 (#0)
* Trying 192.168.1.200...
* connected
* Connected to proxy.domain.com (192.168.1.200) port 8080 (#0)
> POST http://www.csm-testcenter.org/test HTTP/1.1
> User-Agent: | MSIE |
> Host: www.csm-testcenter.org
> Accept: */*
> Proxy-Connection: Keep-Alive
> Content-Length: 515
> Expect: 100-continue
> Content-Type: multipart/form-data;
> boundary=----------------------------2f4caf3f7cd8
>
< HTTP/1.1 100 Continue
< HTTP/1.1 407 authenticationrequired
< Content-Type: text/html
< Cache-Control: no-cache
< Content-Length: 3407
< Proxy-Connection: Keep-Alive
< Proxy-Authenticate: Negotiate
< Proxy-Authenticate: NTLM
* HTTP error before end of send, stop sending
<
* Closing connection #0
* Issue another request to this URL: 'http://www.csm-testcenter.org/test'
* About to connect() to proxy proxy.domain.com port 8080 (#0)
* Trying 192.168.1.200...
* connected
* Connected to proxy.domain.com (192.168.1.200) port 8080 (#0)
* Proxy auth using GSS-Negotiate with user 'dd'
> POST http://www.csm-testcenter.org/test HTTP/1.1
> Proxy-Authorization: Negotiate YIICFAYJKoZIhvcSAQICAQBuggIDMIIB/......=
> User-Agent: | MSIE |
> Host: www.csm-testcenter.org
> Accept: */*
> Proxy-Connection: Keep-Alive
> Content-Length: 515
> Expect: 100-continue
> Content-Type: multipart/form-data;
> boundary=----------------------------8995e2e39e1f
>
< HTTP/1.1 100 Continue
< HTTP/1.1 200 OK
< Via: 1.1 192.168.1.200 (PROXY)
< Date: Sun, 04 Nov 2012 13:21:28 GMT
< Server: Apache
< Content-Type: text/html
< Proxy-Connection: Keep-Alive
< Transfer-Encoding: chunked
<
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-11-04