From ff0a295cdbc9cf95db0c364ede5cca4063ba2882 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 20 Oct 2011 13:05:09 +0200 Subject: Curl_http_input_auth: handle multiple auths in WWW-Authenticate The fix is pretty much the one Nick Zitzmann provided, just edited to do the right indent levels and with test case 1204 added to verify the fix. Bug: http://curl.haxx.se/mail/lib-2011-10/0190.html Reported by: Nick Zitzmann --- tests/data/Makefile.am | 5 ++-- tests/data/test1204 | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 2 deletions(-) create mode 100644 tests/data/test1204 (limited to 'tests/data') diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 2030e0bca..8471736ca 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -73,8 +73,9 @@ test1094 test1095 test1096 test1097 test1098 test1099 test1100 test1101 \ test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 \ test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117 \ test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125 \ -test1126 test1127 test1128 test1129 test1130 test1131 test1200 test1201 \ -test1202 test1203 test1300 test1301 test1302 test1303 test1304 test1305 \ +test1126 test1127 test1128 test1129 test1130 test1131 \ +test1200 test1201 test1202 test1203 test1204 \ +test1300 test1301 test1302 test1303 test1304 test1305 \ test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \ test1314 \ test2000 test2001 test2002 test2003 test2004 diff --git a/tests/data/test1204 b/tests/data/test1204 new file mode 100644 index 000000000..02502fb8e --- /dev/null +++ b/tests/data/test1204 @@ -0,0 +1,79 @@ + + + +HTTP +HTTP GET +HTTP Basic auth +--anyauth + + +# Server-side + + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +This is not the real page + + +# This is supposed to be returned when the server gets the second request + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + +This IS the real page! + + + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + +This IS the real page! + + + + +# Client-side + + +http + + +HTTP with WWW-Authenticate and multiple auths in a single line + + +http://%HOSTIP:%HTTPPORT/1204 -u testuser:testpass --anyauth + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /1204 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /1204 HTTP/1.1 +Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= +Host: %HOSTIP:%HTTPPORT +Accept: */* + + + + -- cgit v1.2.3