tests: add initial gssapi test using stub implementation

  CPPFLAGS="$save_CPPFLAGS"

fi

build_libstubgss=no

if test x"$want_gss" = "xyes"; then

  build_libstubgss=yes

fi

AM_CONDITIONAL(BUILD_STUB_GSS, test "x$build_libstubgss" = "xyes")

dnl -------------------------------------------------------------

dnl parse --with-default-ssl-backend so it can be validated below

dnl -------------------------------------------------------------

C) If a HTTP request is NTLM type-1, it adds 1001 to num

D) If a HTTP request is NTLM type-3, it adds 1002 to num

E) If a HTTP request is Basic and num is already >=1000, it adds 1 to num

F) If a HTTP request is Negotiate, num gets incremented by one for each

request with Negotiate authorization header on the same test case.

Dynamically changing num in this way allows the test harness to be used to

test authentication negotiation where several different requests must be sent

unittest

unix-sockets

WinSSL

ld_preload

as well as each protocol that curl supports.  A protocol only needs to be

specified if it is different from the server (useful when the server

test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \

test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \

test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \

test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055

test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \

test2056 test2057

<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP Negotiate auth (stub krb5)

</keywords>

</info>

# Server-side

<reply>

<!-- First request, expect 401 Negotiate -->

<data>

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate

Content-Length: 13

Not yet sir!

</data>

<!-- Second request, expect success in one shot -->

<data1>

HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate RA==

Content-Length: 15

Nice auth sir!

</data1>

<datacheck>

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate

Content-Length: 13

HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate RA==

Content-Length: 15

Nice auth sir!

</datacheck>

</reply>

# Client-side

<client>

<server>

http

</server>

<name>

HTTP Negotiate authentication (stub krb5)

</name>

<features>

GSS-API

ld_preload

!debug

</features>

<setenv>

LD_PRELOAD=%PWD/libtest/.libs/libstubgss.so

CURL_STUB_GSS_CREDS="KRB5_Alice"

</setenv>

<command>

-u: --negotiate http://%HOSTIP:%HTTPPORT/2056

</command>

</client>

# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /2056 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*

GET /2056 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Authorization: Negotiate IktSQjVfQWxpY2UiOkhUVFBAMTI3LjAuMC4xOjE6QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQQ==

Accept: */*

</protocol>

</verify>

</testcase>

<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP Negotiate auth (stub ntlm)

</keywords>

</info>

# Server-side

<reply>

<!-- First request, expect 401 Negotiate -->

<data>

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate

Content-Length: 13

Not yet sir!

</data>

<!-- Second request, expect 401 (ntlm challenge) -->

<data1>

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate Qw==

Content-Length: 19

Still not yet sir!

</data1>

<!-- Third request, expect success  -->

<data2>

HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate RA==

Content-Length: 15

Nice auth sir!

</data2>

<datacheck>

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate

Content-Length: 13

HTTP/1.1 401 Authorization Required

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate Qw==

Content-Length: 19

HTTP/1.1 200 Things are fine in server land

Server: Microsoft-IIS/7.0

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate RA==

Content-Length: 15

Nice auth sir!

</datacheck>

</reply>

# Client-side

<client>

<server>

http

</server>

<name>

HTTP Negotiate authentication (stub ntlm)

</name>

<features>

GSS-API

ld_preload

!debug

</features>

<setenv>

LD_PRELOAD=%PWD/libtest/.libs/libstubgss.so

CURL_STUB_GSS_CREDS="NTLM_Alice"

</setenv>

<command>

-u: --negotiate http://%HOSTIP:%HTTPPORT/2057

</command>

</client>

# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /2057 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*

GET /2057 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Authorization: Negotiate Ik5UTE1fQWxpY2UiOkhUVFBAMTI3LjAuMC4xOjI6QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQQ==

Accept: */*

GET /2057 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Authorization: Negotiate Ik5UTE1fQWxpY2UiOkhUVFBAMTI3LjAuMC4xOjM6QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQQ==

Accept: */*

</protocol>

</verify>

</testcase>