On Mon, 14 Feb 2005, Christopher R. Palmer wrote:

> Using tcpdump I see that the following data is exchanged:
>
> 1. curl sends unauthenticated header (but no post data)
> 2. web server responds with 401
> 3. curl sends ntlm type 1 packet

You can see the same things by using curl's option --trace-ascii ;-)

What curl version is this? I trust you at least tried this with the latest
version to make sure we haven't fixed it since? The 'anyauth' magic has been
written, rewritten and yet again rewritten (yes a third time). I believe the
last version is the correct version as this was debated, discussed and tested
a lot.

If so, can you show us the --trace-ascii output of the failure? (edit out
sensitive info before you post)

> Having tracked down the problem to this point I realize that I now getting
> well out of league for looking at it on my own. Is this a curl bug or an
> IIS bug?

When this question arises it often is of no importance since people will want
curl to work against IIS, even if it would do the wrong thing... In that
light, it is always curl's problem to do right.

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html