On Thu, 22 Apr 2004, David Byron wrote:

> Here's the testcase that fails. I'm starting to refamiliarize myself with
> the data structures involved here, but if someone else can point me to the
> right info to consider in Curl_http_should_fail before I figure it out...

1. I needed this little patch to make the test case work for me (the server
detects the NTLM type-1 message and decides to send back "part 1001" which
means <data1001> instead of <data>):

--- test162~ 2004-04-22 20:28:14.000000000 +0200
+++ test162 2004-04-22 21:07:42.000000000 +0200
@@ -1,6 +1,6 @@
 # Server-side
 <reply>
-<data nocheck=1>
+<data1001 nocheck=1>
 HTTP/1.0 407 BAD BOY
 Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
 Server: swsclose
@@ -9,7 +9,7 @@
 Even though it's the response code that triggers authentication, we're
 using NTLM and the server isn't, so we should fail. We know the server
 isn't because there's no Proxy-Authorization: NTLM header
-</data>
+</data1001>
 </reply>

 # Client-side

2. The key to success for you is probably that the available authentications
  (bitmask) from the server response are stored in data->info.proxyauthavail
  and data->info.httpauthavail, while data->set.httpauth and
  data->set.proxyauth are the (bitmask) authentications we want/allow/might
  use.

-- 
     Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
      Dedicated custom curl help for hire: http://haxx.se/curl.html