curl / Mailing Lists / curl-library / Single Mail


Re: NTLMV2 authentication;

From: Daniel Stenberg via curl-library <>
Date: Fri, 14 Dec 2018 15:38:43 +0100 (CET)

On Fri, 14 Dec 2018, Markus Moeller wrote:

> Yes I mean exactly these tests. I could not yet figure which binary is
> creating the NTLM strings for the tests. I also have not yet checked how
> exactly the NTLM token string is created and I assume there is now some
> random string in hit when using NTLMv2.

These curl tests work like this:

A script reads tests/data/testNNNN where NNNN is the test number. This file is
a test case description in an XML-like description language.

The script then starts one of more test servers as detailed in the test.

curl is fired up using the command line specified in the test file, using the
test servers.

Finally, the script verifies that curl returned the right exit code, store the
right output and used the protocols exactly as the test case specifies.


So, whenever we change curl to work different than before one or more test
cases are *likely* and *presumed* to fail since we change how curl speaks the
protocols. The test cases then need to be updated and told exactly what the
new way of speaking looks like.

In your case, your changing NTLM details so you need tell the tests now what
the new correct strings are instead of the strings that were formerly the
correct ones.

I can only urge you to actually run these tests yourself on your own machine,
see the failures happen and then update them to fix the failures.

So, it is *curl* that sends the protocol string that is now different than
before, because your change modified what curl does for NTLM.

Received on 2018-12-14