I'm back from auth NEGOTIATE... I found that my proxy server also accepts auth NTLM - so far so good. But I can't authenticate successfully somehow.
I'm not that experienced in authentication mechanism, but I found some curiosities playing with your httpclient with sasl. I modified your test_http.php with my credentials and tested:
Server says to my inital request:
S HTTP/1.1 407 Proxy Authentication Required
S Proxy-Authenticate: NEGOTIATE
S Proxy-Authenticate: NTLM
S Cache-Control: no-cache
S Pragma: no-cache
S Content-Type: text/html; charset=utf-8
S Proxy-Connection: close
S Set-Cookie: BCSI-CS-ac57f34e119b7619=2; Path=/
S Connection: close
S Content-Length: 1434
Part of my second request is something like:
C Proxy-Authorization: NTLM TlRMTVNTUAABAAAABzIAAAAAAAAgAAAAAAAAACAAAAA=
C Cookie: BCSI-CS-ac57f34e119b7619=2;
The Authorization string doesn't differ if I fill in my credentials or if I leave them blank:
If I fill in
then these strings are added at the end of the above authorization string base64-encoded (after decode -> clear text)
If I fetch the first authorization string from a browser request (with succesful auth), it is 12 characters longer, and after base64-decode all data after "NTLMSSP" is binary.
Is it possible that there is a bug in your auth NTLM class?... or I'm I doing something totally weird?