<testcase> <info> <keywords> POP3 SASL SASL AUTH NTLM SASL AUTH PLAIN SASL DOWNGRADE RFC1734 RFC5034 </keywords> </info> # # Server-side <reply> <servercmd> AUTH NTLM PLAIN REPLY "AUTH NTLM" + REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful </servercmd> <data> From: me@somewhere To: fake@nowhere body -- yours sincerely </data> </reply> # # Client-side <client> <server> pop3 </server> <features> NTLM !SSPI </features> <name> POP3 NTLM authentication with SASL downgrade </name> <setenv> # we force our own host name, in order to make the test machine independent CURL_GETHOSTNAME=curlhost # we try to use the LD_PRELOAD hack, if not a debug build LD_PRELOAD=%PWD/libtest/.libs/libhostname.so </setenv> <command> pop3://%HOSTIP:%POP3PORT/880 -u user:secret </command> <precheck> chkhostname curlhost </precheck> </client> # # Verify data after the test has been "shot" <verify> <protocol> CAPA AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= * AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA== RETR 880 QUIT </protocol> </verify> </testcase>