cURL / Mailing Lists / curl-library / Single Mail

curl-library

NTLM, HTTP 100 Continue, and IIS 6 / .NET 1.1

From: Alan Pinstein <apinstein_at_mac.com>
Date: Wed, 24 Mar 2004 00:22:05 -0500

Hi all-

I am using libcurl 7.11.1 to do Web Services with a .NET app. While it
works fine against IIS 5 / .NET 1.0, it fails against IIS 6 /.NET 1.1.
Fortunately my work has an MSDN universal, but I would like to get your
opinion on the expected behavior of IIS...

Interestingly, libcurl 7.10.7 could successfully talk .NET with NTLM to
IIS 6/.NET 1.1. It seems that in 7.10.7 the SOAP message (POST body)
was sent with each "request" during the NTLM handshake. This is
obviously inefficient if your POST body is large, so it seems that in
newer versions of libcurl this has been optimized, and libcurl instead
DOES NOT send the POST body, opting instead to send an "Expect:
100-continue" header, and only passing on the POST body when the server
responds with "HTTP 100 Continue". Sadly it seems that IIS 6, something
about either the NTLM handshake or the HTTP 100 stuff is not working
properly in 7.11.1:

--------- libcurl 7.11.1 talking to IIS 6.0/.NET 1.1 ---------------
010.000.001.101.50729-065.161.004.200.00080: POST
/mediabinwebservice/MediaBinServer.asmx HTTP/1.1
Host: mediabin.interwoven.com
Pragma: no-cache
Accept: */*
User-Agent:MediaBin Mac Native Client
Content-Type:text/xml; charset=utf-8
SOAPAction:"http://www.mediabin.com/GetMediaBinServerName"
Content-Length: 308
Expect: 100-continue

065.161.004.200.00080-010.000.001.101.50729: HTTP/1.1 401 Unauthorized
Content-Length: 1656
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="mediabin.interwoven.com"
X-Powered-By: ASP.NET
Date: Wed, 24 Mar 2004 05:12:03 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<!-- a very big HTML page -->
</HTML>

010.000.001.101.50729-065.161.004.200.00080: POST
/mediabinwebservice/MediaBinServer.asmx HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA=
Host: mediabin.interwoven.com
Pragma: no-cache
Accept: */*
User-Agent:MediaBin Mac Native Client
Content-Type:text/xml; charset=utf-8
SOAPAction:"http://www.mediabin.com/GetMediaBinServerName"
Content-Length: 308
Expect: 100-continue

065.161.004.200.00080-010.000.001.101.50729: HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 24 Mar 2004 05:12:03 GMT
Connection: close
Content-Length: 35

<h1>Bad Request (Invalid Verb)</h1>
------------------------

I am hoping someone could provide an opinion as to whether IIS 6 is
misbehaving in this circumstance, or whether instead libcurl is.

It almost seems that the NTLM handshake it acting funny. It's either
that or something to do with HTTP 100-Continue...

For reference, when I connect with libcurl-7.11.1 to IIS 5.0/.NET 1.0,
libcurl can talk .NET with NTLM just fine. It seems to use a different
approach in this case:

------------------------ libcurl 7.11.1 talking to IIS 5.0/.NET 1.0
------------------
010.000.001.101.50652-010.000.001.108.00080: POST
/mediabinwebservice/MediaBinServer.asmx HTTP/1.1
Host: 10.0.1.108
Pragma: no-cache
Accept: */*
User-Agent:MediaBin Mac Native Client
Content-Type:text/xml; charset=utf-8
SOAPAction:"http://www.mediabin.com/GetMediaBinServerName"
Content-Length: 308
Expect: 100-continue

010.000.001.108.00080-010.000.001.101.50652: HTTP/1.1 100 Continue
Server: Microsoft-IIS/5.0
Date: Wed, 24 Mar 2004 05:04:37 GMT

010.000.001.101.50652-010.000.001.108.00080: <?xml version="1.0"
encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<GetMediaBinServerName xmlns="http://www.mediabin.com" />
</soap:Body>
</soap:Envelope>
010.000.001.108.00080-010.000.001.101.50652: HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Wed, 24 Mar 2004 05:04:37 GMT
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="10.0.1.108"
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1517

<html>
<!-- a very big HTML page -->
</html>

010.000.001.101.50652-010.000.001.108.00080: POST
/mediabinwebservice/MediaBinServer.asmx HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA=
Host: 10.0.1.108
Pragma: no-cache
Accept: */*
User-Agent:MediaBin Mac Native Client
Content-Type:text/xml; charset=utf-8
SOAPAction:"http://www.mediabin.com/GetMediaBinServerName"
Content-Length: 308
Expect: 100-continue

010.000.001.101.50652-010.000.001.108.00080: <?xml version="1.0"
encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<GetMediaBinServerName xmlns="http://www.mediabin.com" />
</soap:Body>
</soap:Envelope>
010.000.001.108.00080-010.000.001.101.50652: HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Wed, 24 Mar 2004 05:04:39 GMT
WWW-Authenticate: NTLM
TlRMTVNTUAACAAAAAAAAADAAAAACAgAAlZX/LXI5ceYAAAAAAAAAAAAAAAAwAAAA
Content-Length: 4033
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html dir=ltr>
<!-- a very big HTML page -->
</html>

010.000.001.101.50652-010.000.001.108.00080: POST
/mediabinwebservice/MediaBinServer.asmx HTTP/1.1
Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAE0AAAAAAAAAZQAAAAAAAABAAAAADQANAEAAAAAAAAAATQAAAAAA
AABlAAAAAYIAAGFkbWluaXN0cmF0b3KmBCTJa4n481uTDMKbdDBS2mmqUV3ybaQ=
Host: 10.0.1.108
Pragma: no-cache
Accept: */*
User-Agent:MediaBin Mac Native Client
Content-Type:text/xml; charset=utf-8
SOAPAction:"http://www.mediabin.com/GetMediaBinServerName"
Content-Length: 308

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<GetMediaBinServerName xmlns="http://www.mediabin.com" />
</soap:Body>
</soap:Envelope>
010.000.001.108.00080-010.000.001.101.50652: HTTP/1.1 100 Continue
Server: Microsoft-IIS/5.0
Date: Wed, 24 Mar 2004 05:04:39 GMT

010.000.001.108.00080-010.000.001.101.50652: HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Wed, 24 Mar 2004 05:04:39 GMT
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Content-Length: 641

<?xml version="1.0" encoding="utf-8"?><soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Header><wsu:
Timestamp
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"><wsu:
Created>2004-03-24T05:04:39Z</wsu:Created><wsu:Expires>2004-03-24T05:
09:39Z</wsu:Expires></wsu:Timestamp></soap:Header><soap:
Body><GetMediaBinServerNameResponse
xmlns="http://www.mediabin.com"><GetMediaBinServerNameResult>MediaBin
Server on
APINSTEIN2KS</GetMediaBinServerNameResult></
GetMediaBinServerNameResponse></soap:Body></soap:Envelope>
------------------------

Microsoft is in fact being very helpful and responsive, and I'd like to
give them as much good information as I can both to fix my situation
and improve libcurl.

Thanks in advance,

Alan Pinstein
Received on 2004-03-24