diff options
author | Florin <pfl@northq.com> | 2017-10-07 13:30:17 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2017-10-28 16:33:09 +0200 |
commit | f20cbac9701e7406848a2e9f253c08d8201d24a7 (patch) | |
tree | 24013d203463ab0a29d87dfb01561adc75a0dbf4 /tests | |
parent | 2b5b37cb9109e7c2e6bfa5ebf54016aff8a1fb48 (diff) |
auth: Added test cases for RFC7616
Updated docs to include support for RFC7616
Signed-off-by: Florin <petriuc.florin@gmail.com>
Closes #1934
Diffstat (limited to 'tests')
-rw-r--r-- | tests/data/Makefile.inc | 3 | ||||
-rw-r--r-- | tests/data/test2058 | 107 | ||||
-rw-r--r-- | tests/data/test2059 | 107 | ||||
-rw-r--r-- | tests/data/test2060 | 107 | ||||
-rw-r--r-- | tests/data/test2061 | 84 | ||||
-rw-r--r-- | tests/data/test2062 | 84 | ||||
-rw-r--r-- | tests/data/test2063 | 84 | ||||
-rw-r--r-- | tests/data/test2064 | 84 | ||||
-rw-r--r-- | tests/data/test2065 | 84 | ||||
-rw-r--r-- | tests/data/test2066 | 84 | ||||
-rw-r--r-- | tests/data/test2067 | 89 | ||||
-rw-r--r-- | tests/data/test2068 | 89 | ||||
-rw-r--r-- | tests/data/test2069 | 89 |
13 files changed, 1094 insertions, 1 deletions
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index b157aeda9..e3eb80e4d 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -186,4 +186,5 @@ test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \ test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \ test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \ -test2056 test2057 +test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \ +test2064 test2065 test2066 test2067 test2068 test2069 diff --git a/tests/data/test2058 b/tests/data/test2058 new file mode 100644 index 000000000..0082503e0 --- /dev/null +++ b/tests/data/test2058 @@ -0,0 +1,107 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP PUT +HTTP proxy +HTTP Digest auth +Resume +Content-Range +CUSTOMREQUEST +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP POST --digest with PUT, resumed upload, modified method and SHA-256 + </name> + <command> +http://%HOSTIP:%HTTPPORT/2058 -u auser:apasswd --digest -T log/2058 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET +</command> +<file name="log/2058"> +test +</file> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2058", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm="SHA-256"
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st +</protocol> +</verify> +</testcase> diff --git a/tests/data/test2059 b/tests/data/test2059 new file mode 100644 index 000000000..b74b0bdc1 --- /dev/null +++ b/tests/data/test2059 @@ -0,0 +1,107 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP PUT +HTTP proxy +HTTP Digest auth +Resume +Content-Range +CUSTOMREQUEST +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and userhash=true + </name> + <command> +http://%HOSTIP:%HTTPPORT/2059 -u auser:apasswd --digest -T log/2059 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET +</command> +<file name="log/2059"> +test +</file> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2059", response="fc09be8192851e284e73e8b719b32a2f6f91cca0594e68713da8c49dc2c1656e", algorithm="SHA-512-256", userhash=true
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st +</protocol> +</verify> +</testcase> diff --git a/tests/data/test2060 b/tests/data/test2060 new file mode 100644 index 000000000..f323eb520 --- /dev/null +++ b/tests/data/test2060 @@ -0,0 +1,107 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP PUT +HTTP proxy +HTTP Digest auth +Resume +Content-Range +CUSTOMREQUEST +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and userhash=false + </name> + <command> +http://%HOSTIP:%HTTPPORT/2060 -u auser:apasswd --digest -T log/2060 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET +</command> +<file name="log/2060"> +test +</file> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2060", response="3ce1e25ffa611bdbe90e2ab367b9602fa223db9f6de76ac667f0d6157e2178a6", algorithm="SHA-512-256"
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st +</protocol> +</verify> +</testcase> diff --git a/tests/data/test2061 b/tests/data/test2061 new file mode 100644 index 000000000..af3758c97 --- /dev/null +++ b/tests/data/test2061 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 SHA256 Digest authorization + </name> + <command> +http://%HOSTIP:%HTTPPORT/2061 -u testuser:testpass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2061 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2061 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2061", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm="SHA-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2062 b/tests/data/test2062 new file mode 100644 index 000000000..d5ce6899f --- /dev/null +++ b/tests/data/test2062 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=false + </name> + <command> +http://%HOSTIP:%HTTPPORT/2062 -u testuser:testpass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2062 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2062 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2062", response="2af735ec3508f4dff99248ffbbe9de9002bfd7cc770cfa2b026cb334042a54e3", algorithm="SHA-512-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2063 b/tests/data/test2063 new file mode 100644 index 000000000..220fe4ebe --- /dev/null +++ b/tests/data/test2063 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page! +</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=true + </name> + <command> +http://%HOSTIP:%HTTPPORT/2063 -u testuser:testpass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2063 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2063 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/2063", response="43f7ab531dff687b5dc75617daa59d1fd67d648341d6d2655ca65ef5064cfb51", algorithm="SHA-512-256", userhash=true
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2064 b/tests/data/test2064 new file mode 100644 index 000000000..aa20c0bc0 --- /dev/null +++ b/tests/data/test2064 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 Digest authorization with bad password and SHA256 + </name> + <command> +http://%HOSTIP:%HTTPPORT/2064 -u testuser:test2pass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2064 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2064 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2064", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm="SHA-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2065 b/tests/data/test2065 new file mode 100644 index 000000000..d3afe0b13 --- /dev/null +++ b/tests/data/test2065 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and userhash=false + </name> + <command> +http://%HOSTIP:%HTTPPORT/2065 -u testuser:test2pass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2065 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2065 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2065", response="5a5f20b0e601aeddc6f96422c2332d49ff431c49ab143b5f836ef76e9ac78f5e", algorithm="SHA-512-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2066 b/tests/data/test2066 new file mode 100644 index 000000000..e6ec28a1e --- /dev/null +++ b/tests/data/test2066 @@ -0,0 +1,84 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP Digest auth +</keywords> +</info> +# Server-side +<reply> +<data> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page +</data> + +# This is supposed to be returned when the server gets a +# Authorization: Digest line passed-in from the client +<data1000> +HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000> + +<datacheck> +HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck> + +</reply> + +# Client-side +<client> +<server> +http +</server> +<features> +!SSPI +crypto +</features> + <name> +HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and userhash=true + </name> + <command> +http://%HOSTIP:%HTTPPORT/2066 -u testuser:test2pass --digest +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /2066 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2066 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/2066", response="a2e2ae589f575fb132991d6f550ef14bf7ef697d2fef1242d2498f07eafc77dc", algorithm="SHA-512-256", userhash=true
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test2067 b/tests/data/test2067 new file mode 100644 index 000000000..faa7c57fa --- /dev/null +++ b/tests/data/test2067 @@ -0,0 +1,89 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP POST +HTTP Digest auth +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> +<name> +HTTP POST --digest with SHA256 and user-specified Content-Length header +</name> +# This test is to ensure 'Content-Length: 0' is sent while negotiating auth +# even when there is a user-specified Content-Length header. +# https://github.com/curl/curl/pull/1242 +<command> +-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2067 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol nonewline="yes"> +POST /2067 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2067 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2067", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm="SHA-256"
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk +</protocol> +</verify> +</testcase> diff --git a/tests/data/test2068 b/tests/data/test2068 new file mode 100644 index 000000000..43a50e626 --- /dev/null +++ b/tests/data/test2068 @@ -0,0 +1,89 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP POST +HTTP Digest auth +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> +<name> +HTTP POST --digest with SHA-512-256, userhash=false and user-specified Content-Length header +</name> +# This test is to ensure 'Content-Length: 0' is sent while negotiating auth +# even when there is a user-specified Content-Length header. +# https://github.com/curl/curl/pull/1242 +<command> +-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2068 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol nonewline="yes"> +POST /2068 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2068 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2068", response="4bc9c97a72f1856bcec9b0e1518c6b7ee28773f91357d56840bdc30bd89ca68f", algorithm="SHA-512-256"
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk +</protocol> +</verify> +</testcase> diff --git a/tests/data/test2069 b/tests/data/test2069 new file mode 100644 index 000000000..e8040a5e0 --- /dev/null +++ b/tests/data/test2069 @@ -0,0 +1,89 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP POST +HTTP Digest auth +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data> +<data1000> +HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</data1000> + +<datacheck> +HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok +</datacheck> + +</reply> + +# Client-side +<client> +# +<server> +http +</server> +<features> +!SSPI +crypto +</features> +<name> +HTTP POST --digest with SHA-512-256, userhash=true and user-specified Content-Length header +</name> +# This test is to ensure 'Content-Length: 0' is sent while negotiating auth +# even when there is a user-specified Content-Length header. +# https://github.com/curl/curl/pull/1242 +<command> +-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2069 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol nonewline="yes"> +POST /2069 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2069 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2069", response="ff13d977110a471f30de75e747976e4de78d7a3d2425cd23ff46e67f4bc9ead7", algorithm="SHA-512-256", userhash=true
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk +</protocol> +</verify> +</testcase> |