Home Explore Help
Sign In
OWEALs
/
curl
mirror of https://github.com/curl/curl.git
2
0
Fork 0
Files Issues 8 Wiki
Tree: 47438daa60
Branches Tags
curl
/
tests
/
data
/
test2030

test2030 7.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297 
  1. <testcase>
    2. 

  2. <info>
    3. 

  3. <keywords>
    4. 

  4. HTTP
    5. 

  5. HTTP GET
    6. 

  6. HTTP Digest auth
    7. 

  7. HTTP NTLM auth
    8. 

  8. </keywords>
    9. 

  9. </info>
    10. 

  10. # Server-side
    11. 

  11. <reply>
    12. 

  12. 

  13. <!-- Alternate the order that Digest and NTLM headers appear in responses to
    14. 

  14. ensure that the order doesn't matter. -->
    15. 

  15. 

  16. <!--
    17. 

  17. 

  18.  Explanation for the duplicate 400 requests:
    19. 

  19. 

  20.  libcurl doesn't detect that a given Digest password is wrong already on the
    21. 

  21.  first 401 response (as the data400 gives). libcurl will instead consider the
    22. 

  22.  new response just as a duplicate and it sends another and detects the auth
    23. 

  23.  problem on the second 401 response!
    24. 

  24. 

  25. -->
    26. 

  26. 

  27. 

  28. <!-- First request has NTLM auth, wrong password -->
    29. 

  29. <data100>
    30. 

  30. HTTP/1.1 401 Need Digest or NTLM auth
    31. 

  31. Server: Microsoft-IIS/5.0
    32. 

  32. Content-Type: text/html; charset=iso-8859-1
    33. 

  33. Content-Length: 27
    34. 

  34. WWW-Authenticate: NTLM
    35. 

  35. WWW-Authenticate: Digest realm="testrealm", nonce="1"
    36. 

  36. 

  37. This is not the real page!
    38. 

  38. </data100>
    39. 

  39. 

  40. <data1101>
    41. 

  41. HTTP/1.1 401 NTLM intermediate
    42. 

  42. Server: Microsoft-IIS/5.0
    43. 

  43. Content-Type: text/html; charset=iso-8859-1
    44. 

  44. Content-Length: 33
    45. 

  45. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    46. 

  46. 

  47. This is still not the real page!
    48. 

  48. </data1101>
    49. 

  49. 

  50. <data1102>
    51. 

  51. HTTP/1.1 401 Sorry wrong password
    52. 

  52. Server: Microsoft-IIS/5.0
    53. 

  53. Content-Type: text/html; charset=iso-8859-1
    54. 

  54. Content-Length: 29
    55. 

  55. WWW-Authenticate: Digest realm="testrealm", nonce="2"
    56. 

  56. WWW-Authenticate: NTLM
    57. 

  57. 

  58. This is a bad password page!
    59. 

  59. </data1102>
    60. 

  60. 

  61. <!-- Second request has Digest auth, right password -->
    62. 

  62. <data200>
    63. 

  63. HTTP/1.1 401 Need Digest or NTLM auth (2)
    64. 

  64. Server: Microsoft-IIS/5.0
    65. 

  65. Content-Type: text/html; charset=iso-8859-1
    66. 

  66. Content-Length: 27
    67. 

  67. WWW-Authenticate: NTLM
    68. 

  68. WWW-Authenticate: Digest realm="testrealm", nonce="3"
    69. 

  69. 

  70. This is not the real page!
    71. 

  71. </data200>
    72. 

  72. 

  73. <data1200>
    74. 

  74. HTTP/1.1 200 Things are fine in server land
    75. 

  75. Server: Microsoft-IIS/5.0
    76. 

  76. Content-Type: text/html; charset=iso-8859-1
    77. 

  77. Content-Length: 32
    78. 

  78. 

  79. Finally, this is the real page!
    80. 

  80. </data1200>
    81. 

  81. 

  82. <!-- Third request has NTLM auth, wrong password -->
    83. 

  83. <data300>
    84. 

  84. HTTP/1.1 401 Need Digest or NTLM auth (3)
    85. 

  85. Server: Microsoft-IIS/5.0
    86. 

  86. Content-Type: text/html; charset=iso-8859-1
    87. 

  87. Content-Length: 27
    88. 

  88. WWW-Authenticate: Digest realm="testrealm", nonce="4"
    89. 

  89. WWW-Authenticate: NTLM
    90. 

  90. 

  91. This is not the real page!
    92. 

  92. </data300>
    93. 

  93. 

  94. <data1301>
    95. 

  95. HTTP/1.1 401 NTLM intermediate (2)
    96. 

  96. Server: Microsoft-IIS/5.0
    97. 

  97. Content-Type: text/html; charset=iso-8859-1
    98. 

  98. Content-Length: 33
    99. 

  99. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    100. 

  100. 

  101. This is still not the real page!
    102. 

  102. </data1301>
    103. 

  103. 

  104. <data1302>
    105. 

  105. HTTP/1.1 401 Sorry wrong password (2)
    106. 

  106. Server: Microsoft-IIS/5.0
    107. 

  107. Content-Type: text/html; charset=iso-8859-1
    108. 

  108. Content-Length: 29
    109. 

  109. WWW-Authenticate: NTLM
    110. 

  110. WWW-Authenticate: Digest realm="testrealm", nonce="5"
    111. 

  111. 

  112. This is a bad password page!
    113. 

  113. </data1302>
    114. 

  114. 

  115. <!-- Fourth request has Digest auth, wrong password -->
    116. 

  116. <data400>
    117. 

  117. HTTP/1.1 401 Need Digest or NTLM auth (4)
    118. 

  118. Server: Microsoft-IIS/5.0
    119. 

  119. Content-Type: text/html; charset=iso-8859-1
    120. 

  120. Content-Length: 27
    121. 

  121. WWW-Authenticate: Digest realm="testrealm", nonce="6"
    122. 

  122. WWW-Authenticate: NTLM
    123. 

  123. 

  124. This is not the real page!
    125. 

  125. </data400>
    126. 

  126. 

  127. <data1400>
    128. 

  128. HTTP/1.1 401 Sorry wrong password (3)
    129. 

  129. Server: Microsoft-IIS/5.0
    130. 

  130. Content-Type: text/html; charset=iso-8859-1
    131. 

  131. Content-Length: 29
    132. 

  132. WWW-Authenticate: NTLM
    133. 

  133. WWW-Authenticate: Digest realm="testrealm", nonce="7"
    134. 

  134. 

  135. This is a bad password page!
    136. 

  136. </data1400>
    137. 

  137. 

  138. <!-- Fifth request has Digest auth, right password -->
    139. 

  139. <data500>
    140. 

  140. HTTP/1.1 401 Need Digest or NTLM auth (5)
    141. 

  141. Server: Microsoft-IIS/5.0
    142. 

  142. Content-Type: text/html; charset=iso-8859-1
    143. 

  143. Content-Length: 27
    144. 

  144. WWW-Authenticate: Digest realm="testrealm", nonce="8"
    145. 

  145. WWW-Authenticate: NTLM
    146. 

  146. 

  147. This is not the real page!
    148. 

  148. </data500>
    149. 

  149. 

  150. <data1500>
    151. 

  151. HTTP/1.1 200 Things are fine in server land (2)
    152. 

  152. Server: Microsoft-IIS/5.0
    153. 

  153. Content-Type: text/html; charset=iso-8859-1
    154. 

  154. Content-Length: 32
    155. 

  155. 

  156. Finally, this is the real page!
    157. 

  157. </data1500>
    158. 

  158. 

  159. <datacheck>
    160. 

  160. HTTP/1.1 401 NTLM intermediate
    161. 

  161. Server: Microsoft-IIS/5.0
    162. 

  162. Content-Type: text/html; charset=iso-8859-1
    163. 

  163. Content-Length: 33
    164. 

  164. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    165. 

  165. 

  166. HTTP/1.1 401 Sorry wrong password
    167. 

  167. Server: Microsoft-IIS/5.0
    168. 

  168. Content-Type: text/html; charset=iso-8859-1
    169. 

  169. Content-Length: 29
    170. 

  170. WWW-Authenticate: Digest realm="testrealm", nonce="2"
    171. 

  171. WWW-Authenticate: NTLM
    172. 

  172. 

  173. This is a bad password page!
    174. 

  174. HTTP/1.1 200 Things are fine in server land
    175. 

  175. Server: Microsoft-IIS/5.0
    176. 

  176. Content-Type: text/html; charset=iso-8859-1
    177. 

  177. Content-Length: 32
    178. 

  178. 

  179. Finally, this is the real page!
    180. 

  180. HTTP/1.1 401 NTLM intermediate (2)
    181. 

  181. Server: Microsoft-IIS/5.0
    182. 

  182. Content-Type: text/html; charset=iso-8859-1
    183. 

  183. Content-Length: 33
    184. 

  184. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    185. 

  185. 

  186. HTTP/1.1 401 Sorry wrong password (2)
    187. 

  187. Server: Microsoft-IIS/5.0
    188. 

  188. Content-Type: text/html; charset=iso-8859-1
    189. 

  189. Content-Length: 29
    190. 

  190. WWW-Authenticate: NTLM
    191. 

  191. WWW-Authenticate: Digest realm="testrealm", nonce="5"
    192. 

  192. 

  193. This is a bad password page!
    194. 

  194. HTTP/1.1 401 Sorry wrong password (3)
    195. 

  195. Server: Microsoft-IIS/5.0
    196. 

  196. Content-Type: text/html; charset=iso-8859-1
    197. 

  197. Content-Length: 29
    198. 

  198. WWW-Authenticate: NTLM
    199. 

  199. WWW-Authenticate: Digest realm="testrealm", nonce="7"
    200. 

  200. 

  201. HTTP/1.1 401 Sorry wrong password (3)
    202. 

  202. Server: Microsoft-IIS/5.0
    203. 

  203. Content-Type: text/html; charset=iso-8859-1
    204. 

  204. Content-Length: 29
    205. 

  205. WWW-Authenticate: NTLM
    206. 

  206. WWW-Authenticate: Digest realm="testrealm", nonce="7"
    207. 

  207. 

  208. This is a bad password page!
    209. 

  209. HTTP/1.1 200 Things are fine in server land (2)
    210. 

  210. Server: Microsoft-IIS/5.0
    211. 

  211. Content-Type: text/html; charset=iso-8859-1
    212. 

  212. Content-Length: 32
    213. 

  213. 

  214. Finally, this is the real page!
    215. 

  215. </datacheck>
    216. 

  216. 

  217. </reply>
    218. 

  218. 

  219. # Client-side
    220. 

  220. <client>
    221. 

  221. <features>
    222. 

  222. NTLM
    223. 

  223. !SSPI
    224. 

  224. </features>
    225. 

  225. <server>
    226. 

  226. http
    227. 

  227. </server>
    228. 

  228. <tool>
    229. 

  229. libauthretry
    230. 

  230. </tool>
    231. 

  231. 

  232.  <name>
    233. 

  233. HTTP authorization retry (NTLM switching to Digest)
    234. 

  234.  </name>
    235. 

  235.  <setenv>
    236. 

  236. # we force our own host name, in order to make the test machine independent
    237. 

  237. CURL_GETHOSTNAME=curlhost
    238. 

  238. # we try to use the LD_PRELOAD hack, if not a debug build
    239. 

  239. LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
    240. 

  240.  </setenv>
    241. 

  241.  <command>
    242. 

  242. http://%HOSTIP:%HTTPPORT/2030 ntlm digest
    243. 

  243. </command>
    244. 

  244. <precheck>
    245. 

  245. chkhostname curlhost
    246. 

  246. </precheck>
    247. 

  247. </client>
    248. 

  248. 

  249. # Verify data after the test has been "shot"
    250. 

  250. <verify>
    251. 

  251. <strip>
    252. 

  252. ^User-Agent:.*
    253. 

  253. </strip>
    254. 

  254. <protocol>
    255. 

  255. GET /20300100 HTTP/1.1
    256. 

  256. Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
    257. 

  257. Host: %HOSTIP:%HTTPPORT
    258. 

  258. Accept: */*
    259. 

  259. 

  260. GET /20300100 HTTP/1.1
    261. 

  261. Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
    262. 

  262. Host: %HOSTIP:%HTTPPORT
    263. 

  263. Accept: */*
    264. 

  264. 

  265. GET /20300200 HTTP/1.1
    266. 

  266. Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20300200", response="2f2d784ba53a0a307758a90e98d25c27"
    267. 

  267. Host: %HOSTIP:%HTTPPORT
    268. 

  268. Accept: */*
    269. 

  269. 

  270. GET /20300300 HTTP/1.1
    271. 

  271. Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
    272. 

  272. Host: %HOSTIP:%HTTPPORT
    273. 

  273. Accept: */*
    274. 

  274. 

  275. GET /20300300 HTTP/1.1
    276. 

  276. Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
    277. 

  277. Host: %HOSTIP:%HTTPPORT
    278. 

  278. Accept: */*
    279. 

  279. 

  280. GET /20300400 HTTP/1.1
    281. 

  281. Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"
    282. 

  282. Host: %HOSTIP:%HTTPPORT
    283. 

  283. Accept: */*
    284. 

  284. 

  285. GET /20300400 HTTP/1.1
    286. 

  286. Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"
    287. 

  287. Host: %HOSTIP:%HTTPPORT
    288. 

  288. Accept: */*
    289. 

  289. 

  290. GET /20300500 HTTP/1.1
    291. 

  291. Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d"
    292. 

  292. Host: %HOSTIP:%HTTPPORT
    293. 

  293. Accept: */*
    294. 

  294. 

  295. </protocol>
    296. 

  296. </verify>
    297. 

  297. </testcase>
    298.