2
0

test2027 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245
  1. <testcase>
  2. <info>
  3. <keywords>
  4. HTTP
  5. HTTP GET
  6. HTTP Digest auth
  7. </keywords>
  8. </info>
  9. # Server-side
  10. <reply>
  11. <!--
  12. Explanation for the duplicate 400 requests:
  13. libcurl doesn't detect that a given Digest password is wrong already on the
  14. first 401 response (as the data400 gives). libcurl will instead consider the
  15. new response just as a duplicate and it sends another and detects the auth
  16. problem on the second 401 response!
  17. -->
  18. <!-- First request has Digest auth, wrong password -->
  19. <data100>
  20. HTTP/1.1 401 Need Digest auth
  21. Server: Microsoft-IIS/5.0
  22. Content-Type: text/html; charset=iso-8859-1
  23. Content-Length: 27
  24. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  25. This is not the real page!
  26. </data100>
  27. <data1100>
  28. HTTP/1.1 401 Sorry wrong password
  29. Server: Microsoft-IIS/5.0
  30. Content-Type: text/html; charset=iso-8859-1
  31. Content-Length: 29
  32. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  33. This is a bad password page!
  34. </data1100>
  35. <!-- Second request has Digest auth, right password -->
  36. <data200>
  37. HTTP/1.1 401 Need Digest auth (2)
  38. Server: Microsoft-IIS/5.0
  39. Content-Type: text/html; charset=iso-8859-1
  40. Content-Length: 27
  41. WWW-Authenticate: Digest realm="testrealm", nonce="3"
  42. This is not the real page!
  43. </data200>
  44. <data1200>
  45. HTTP/1.1 200 Things are fine in server land
  46. Server: Microsoft-IIS/5.0
  47. Content-Type: text/html; charset=iso-8859-1
  48. Content-Length: 32
  49. Finally, this is the real page!
  50. </data1200>
  51. <!-- Third request has Digest auth, wrong password -->
  52. <data300>
  53. HTTP/1.1 401 Need Digest auth (3)
  54. Server: Microsoft-IIS/5.0
  55. Content-Type: text/html; charset=iso-8859-1
  56. Content-Length: 27
  57. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  58. This is not the real page!
  59. </data300>
  60. <data1300>
  61. HTTP/1.1 401 Sorry wrong password (2)
  62. Server: Microsoft-IIS/5.0
  63. Content-Type: text/html; charset=iso-8859-1
  64. Content-Length: 29
  65. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  66. This is a bad password page!
  67. </data1300>
  68. <!-- Fourth request has Digest auth, wrong password -->
  69. <data400>
  70. HTTP/1.1 401 Need Digest auth (4)
  71. Server: Microsoft-IIS/5.0
  72. Content-Type: text/html; charset=iso-8859-1
  73. Content-Length: 27
  74. WWW-Authenticate: Digest realm="testrealm", nonce="6"
  75. This is not the real page!
  76. </data400>
  77. <data1400>
  78. HTTP/1.1 401 Sorry wrong password (3)
  79. Server: Microsoft-IIS/5.0
  80. Content-Type: text/html; charset=iso-8859-1
  81. Content-Length: 29
  82. WWW-Authenticate: Digest realm="testrealm", nonce="7"
  83. This is a bad password page!
  84. </data1400>
  85. <!-- Fifth request has Digest auth, right password -->
  86. <data1500>
  87. HTTP/1.1 200 Things are fine in server land (2)
  88. Server: Microsoft-IIS/5.0
  89. Content-Type: text/html; charset=iso-8859-1
  90. Content-Length: 32
  91. Finally, this is the real page!
  92. </data1500>
  93. <datacheck>
  94. HTTP/1.1 401 Need Digest auth
  95. Server: Microsoft-IIS/5.0
  96. Content-Type: text/html; charset=iso-8859-1
  97. Content-Length: 27
  98. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  99. HTTP/1.1 401 Sorry wrong password
  100. Server: Microsoft-IIS/5.0
  101. Content-Type: text/html; charset=iso-8859-1
  102. Content-Length: 29
  103. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  104. This is a bad password page!
  105. HTTP/1.1 200 Things are fine in server land
  106. Server: Microsoft-IIS/5.0
  107. Content-Type: text/html; charset=iso-8859-1
  108. Content-Length: 32
  109. Finally, this is the real page!
  110. HTTP/1.1 401 Need Digest auth (3)
  111. Server: Microsoft-IIS/5.0
  112. Content-Type: text/html; charset=iso-8859-1
  113. Content-Length: 27
  114. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  115. HTTP/1.1 401 Sorry wrong password (2)
  116. Server: Microsoft-IIS/5.0
  117. Content-Type: text/html; charset=iso-8859-1
  118. Content-Length: 29
  119. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  120. This is a bad password page!
  121. HTTP/1.1 401 Sorry wrong password (3)
  122. Server: Microsoft-IIS/5.0
  123. Content-Type: text/html; charset=iso-8859-1
  124. Content-Length: 29
  125. WWW-Authenticate: Digest realm="testrealm", nonce="7"
  126. HTTP/1.1 401 Sorry wrong password (3)
  127. Server: Microsoft-IIS/5.0
  128. Content-Type: text/html; charset=iso-8859-1
  129. Content-Length: 29
  130. WWW-Authenticate: Digest realm="testrealm", nonce="7"
  131. This is a bad password page!
  132. HTTP/1.1 200 Things are fine in server land (2)
  133. Server: Microsoft-IIS/5.0
  134. Content-Type: text/html; charset=iso-8859-1
  135. Content-Length: 32
  136. Finally, this is the real page!
  137. </datacheck>
  138. </reply>
  139. # Client-side
  140. <client>
  141. <server>
  142. http
  143. </server>
  144. <features>
  145. !SSPI
  146. crypto
  147. </features>
  148. <tool>
  149. libauthretry
  150. </tool>
  151. <name>
  152. HTTP authorization retry (Digest)
  153. </name>
  154. <setenv>
  155. # we force our own host name, in order to make the test machine independent
  156. CURL_GETHOSTNAME=curlhost
  157. # we try to use the LD_PRELOAD hack, if not a debug build
  158. LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
  159. </setenv>
  160. <command>
  161. http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest digest
  162. </command>
  163. <precheck>
  164. chkhostname curlhost
  165. </precheck>
  166. </client>
  167. # Verify data after the test has been "shot"
  168. <verify>
  169. <protocol>
  170. GET /%TESTNUMBER0100 HTTP/1.1
  171. Host: %HOSTIP:%HTTPPORT
  172. Accept: */*
  173. GET /%TESTNUMBER0100 HTTP/1.1
  174. Host: %HOSTIP:%HTTPPORT
  175. Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
  176. Accept: */*
  177. GET /%TESTNUMBER0200 HTTP/1.1
  178. Host: %HOSTIP:%HTTPPORT
  179. Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="785ca3ef511999f7e9c178195f5b388c"
  180. Accept: */*
  181. GET /%TESTNUMBER0300 HTTP/1.1
  182. Host: %HOSTIP:%HTTPPORT
  183. Accept: */*
  184. GET /%TESTNUMBER0300 HTTP/1.1
  185. Host: %HOSTIP:%HTTPPORT
  186. Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="4c735d2360fd6848e7cb32a11ae3612b"
  187. Accept: */*
  188. GET /%TESTNUMBER0400 HTTP/1.1
  189. Host: %HOSTIP:%HTTPPORT
  190. Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead"
  191. Accept: */*
  192. GET /%TESTNUMBER0400 HTTP/1.1
  193. Host: %HOSTIP:%HTTPPORT
  194. Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead"
  195. Accept: */*
  196. GET /%TESTNUMBER0500 HTTP/1.1
  197. Host: %HOSTIP:%HTTPPORT
  198. Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="8ef4d935fd964a46c3965c0863b52cf1"
  199. Accept: */*
  200. </protocol>
  201. </verify>
  202. </testcase>