As some others in previous posts, I'm having problems using wget to fetch files from a remote server that is using NTLM. Fetching the file with curl works, fetching it with wget fails with a "500: Internal Server Error.".
I have tried the latest hg-source of wget and ubuntus current curl. Trying to debug this, I created a ntlm-protected directory on a local iis-server (without ssl) and using wget to fetch from that works fine. Unfortunatly I cannot offer a public test machine but if anyone has any idea what to try, I'm all ears. I have attached the debug output of wget and curl - it seems that the NTLM auth-string is much shorter in the wget-version. The other difference is that curl fetches using http 1.1 while wget uses http 1.0 but I don't think that this matters. -- sven === jabber/xmpp: [EMAIL PROTECTED]
curl -v --ntlm --user "www.srver.company.tl\userna:ZGA\$aaa2" "https://www.srver.company.tl/AAA_Data_Directory/"; * About to connect() to www.srver.company.tl port 443 (#0) * Trying 10.32.32.32... connected * Connected to www.srver.company.tl (10.32.32.32) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Server hello (2): { [data not shown] * SSLv3, TLS handshake, CERT (11): { [data not shown] * SSLv3, TLS handshake, Server finished (14): { [data not shown] * SSLv3, TLS handshake, Client key exchange (16): } [data not shown] * SSLv3, TLS change cipher, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Finished (20): } [data not shown] * SSLv3, TLS change cipher, Client hello (1): { [data not shown] * SSLv3, TLS handshake, Finished (20): { [data not shown] * SSL connection using RC4-MD5 * Server certificate: * subject: /C=DE/ST=Somesta/L=Somecity/O=Somecompany/OU=ABC AAA 8/CN=www.srver.company.tl * start date: 2008-04-01 00:00:00 GMT * expire date: 2009-04-01 23:59:59 GMT * common name: www.srver.company.tl (matched) * issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)05/CN=VeriSign Class 3 Secure Server CA * SSL certificate verify ok. * Server auth using NTLM with user 'www.srver.company.tl\userna' > GET /AAA_Data_Directory/ HTTP/1.1 > Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= > User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g > zlib/1.2.3.3 libidn/1.8 > Host: www.srver.company.tl > Accept: */* > % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0< HTTP/1.1 401 Unauthorized < Content-Length: 1539 < Content-Type: text/html < Server: Microsoft-IIS/6.0 < WWW-Authenticate: NTLM TlRMTVNTUAACAAAABQAFADgAAAAGgooCJjOX/RDWf4MAAAAAAAAAAFwAXAA9AAAABQLODgAAAA9GRVJNSQIACgBGAEUAUgBNAEkAAQAKAEYARQBSAE0ASQAEABoAZgBlAHIAbQBpAC4AcwBwAGwAcwAuAGQAZQADABoAZgBlAHIAbQBpAC4AcwBwAGwAcwAuAGQAZQAAAAAA < X-Powered-By: ASP.NET < Date: Thu, 04 Dec 2008 11:49:13 GMT < * Ignoring the response-body { [data not shown] 100 1539 100 1539 0 0 13881 0 --:--:-- --:--:-- --:--:-- 1502k* Connection #0 to host www.srver.company.tl left intact * Issue another request to this URL: 'https://www.srver.company.tl/AAA_Data_Directory/' * Re-using existing connection! (#0) with host www.srver.company.tl * Connected to www.srver.company.tl (10.32.32.32) port 443 (#0) * Server auth using NTLM with user 'www.srver.company.tl\userna' > GET /AAA_Data_Directory/ HTTP/1.1 > Authorization: NTLM > TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABQAFABwAAAABgAGAIQAAAAHAAcAigAAAAAAAAAAAAAABoKKAj417yok0cJFAAAAAAAAAAAAAAAAAAAAAE04AwS3WB+gD3VTzD3IlkWAvcrMyyQB/3d3dy5mcmVpYS5zaWVtZW5zLmRlaW5zcGVjc2xhbmtlcw== > User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g > zlib/1.2.3.3 libidn/1.8 > Host: www.srver.company.tl > Accept: */* > < HTTP/1.1 200 OK < Content-Length: 455 < Content-Type: text/html < Server: Microsoft-IIS/6.0 < X-Powered-By: ASP.NET < Date: Thu, 04 Dec 2008 11:49:13 GMT < { [data not shown] 100 455 100 455 0 0 3301 0 --:--:-- --:--:-- --:--:-- 3301* Connection #0 to host www.srver.company.tl left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): } [data not shown] <html>data here</html>
./wget -v -d --auth-no-challenge --http-user="www.srver.company.tl\userna" --http-password="ZGA\$aaa2" "https://www.srver.company.tl/AAA_Data_Directory/"; Setting --auth-no-challenge (authnochallenge) to 1 Setting --http-user (httpuser) to www.srver.company.tl\userna Setting --http-password (httppassword) to ZGA$aaa2 DEBUG output created by Wget 1.12-devel (1b4062e24187) on linux-gnu. --2008-12-04 12:48:44-- https://www.srver.company.tl/AAA_Data_Directory/ Auth-without-challenge set, sending Basic credentials. Resolving www.srver.company.tl... 10.32.32.32 Caching www.srver.company.tl => 10.32.32.32 Connecting to www.srver.company.tl|10.32.32.32|:443... connected. Created socket 3. Releasing 0x00000000023ec210 (new refcount 1). Initiating SSL handshake. Handshake successful; connected socket 3 to SSL handle 0x00000000023ec3d0 certificate: subject: /C=DE/ST=Somesta/L=Somecity/O=Somecompany/OU=ABC AAA 8/CN=www.srver.company.tl issuer: /C=DE/ST=Somesta/L=Somecity/O=Somecompany/OU=ABC AAA 8/CN=www.srver.company.tl X509 certificate successfully verified and matches host www.srver.company.tl ---request begin--- GET /AAA_Data_Directory/ HTTP/1.0 User-Agent: Wget/1.12-devel (1b4062e24187) Accept: */* Authorization: Basic d3d3LmZyZWlhLnNpZW1lbnMuZGVcaW5zcGVjOllTRSR4ZHI1 Host: www.srver.company.tl Connection: Keep-Alive ---request end--- HTTP request sent, awaiting response... ---response begin--- HTTP/1.1 401 Unauthorized Content-Length: 1656 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM X-Powered-By: ASP.NET Date: Thu, 04 Dec 2008 11:48:45 GMT Connection: keep-alive ---response end--- 401 Unauthorized Closed 3/SSL 0x00000000023ec3d0 Empty NTLM message, starting transaction. Creating a type-1 NTLM message. Found www.srver.company.tl in host_name_addresses_map (0x23ec210) Connecting to www.srver.company.tl|10.32.32.32|:443... connected. Created socket 3. Releasing 0x00000000023ec210 (new refcount 1). Initiating SSL handshake. Handshake successful; connected socket 3 to SSL handle 0x00000000023ff060 certificate: subject: /C=DE/ST=Somesta/L=Somecity/O=Somecompany/OU=ABC AAA 8/CN=www.srver.company.tl issuer: /C=DE/ST=Somesta/L=Somecity/O=Somecompany/OU=ABC AAA 8/CN=www.srver.company.tl X509 certificate successfully verified and matches host www.srver.company.tl ---request begin--- GET /AAA_Data_Directory/ HTTP/1.0 User-Agent: Wget/1.12-devel (1b4062e24187) Accept: */* Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA= Host: www.srver.company.tl Connection: Keep-Alive ---request end--- HTTP request sent, awaiting response... ---response begin--- HTTP/1.1 500 Internal Server Error Content-Length: 100 Content-Type: text/html Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2008 11:48:45 GMT Connection: close ---response end--- 500 Internal Server Error Closed 3/SSL 0x00000000023ff060 2008-12-04 12:48:45 ERROR 500: Internal Server Error.
