From 8d97bed80623e8dd2cb3988df30416a713383f1a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 5 Nov 2012 23:58:31 +0100 Subject: test 2027/2030: take duplicate Digest requests into account With the reversion of ce8311c7e49eca and the new clear logic, this flaw is present and we allow it. --- tests/data/test2030 | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'tests/data/test2030') diff --git a/tests/data/test2030 b/tests/data/test2030 index 18659e8d2..53d3f9122 100644 --- a/tests/data/test2030 +++ b/tests/data/test2030 @@ -13,6 +13,18 @@ HTTP NTLM auth + + + HTTP/1.1 401 Need Digest or NTLM auth @@ -186,6 +198,13 @@ Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Digest realm="testrealm", nonce="7" +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 @@ -259,6 +278,11 @@ Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/2 Host: %HOSTIP:%HTTPPORT Accept: */* +GET /20300400 HTTP/1.1 +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8" +Host: %HOSTIP:%HTTPPORT +Accept: */* + GET /20300500 HTTP/1.1 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d" Host: %HOSTIP:%HTTPPORT -- cgit v1.2.3