HTTP HTTP GET HTTP Basic auth HTTP Digest auth # Server-side HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="1" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="2" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="3" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="1" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="2" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="3" WWW-Authenticate: Basic realm="testrealm" This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! # Client-side http !SSPI crypto libauthretry HTTP authorization retry (Basic switching to Digest) # we force our own host name, in order to make the test machine independent CURL_GETHOSTNAME=curlhost # we try to use the LD_PRELOAD hack, if not a debug build LD_PRELOAD=%PWD/libtest/.libs/libhostname.so http://%HOSTIP:%HTTPPORT/2024 basic digest chkhostname curlhost # Verify data after the test has been "shot" ^User-Agent:.* GET /20240100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz Accept: */* GET /20240200 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c" Accept: */* GET /20240300 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz Accept: */* GET /20240400 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5" Accept: */* GET /20240500 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13" Accept: */*