<testcase> <info> <keywords> HTTP HTTP GET HTTP Digest auth </keywords> </info> # Server-side <reply> <!-- Explanation for the duplicate 400 requests: libcurl doesn't detect that a given Digest password is wrong already on the first 401 response (as the data400 gives). libcurl will instead consider the new response just as a duplicate and it sends another and detects the auth problem on the second 401 response! --> <!-- First request has Digest auth, wrong password --> <data100> HTTP/1.1 401 Need Digest auth Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="1" This is not the real page! </data100> <data1100> HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="2" This is a bad password page! </data1100> <!-- Second request has Digest auth, right password --> <data200> HTTP/1.1 401 Need Digest auth (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="3" This is not the real page! </data200> <data1200> HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! </data1200> <!-- Third request has Digest auth, wrong password --> <data300> HTTP/1.1 401 Need Digest auth (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="4" This is not the real page! </data300> <data1300> HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="5" This is a bad password page! </data1300> <!-- Fourth request has Digest auth, wrong password --> <data400> HTTP/1.1 401 Need Digest auth (4) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="6" This is not the real page! </data400> <data1400> HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="7" This is a bad password page! </data1400> <!-- Fifth request has Digest auth, right password --> <data1500> HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! </data1500> <datacheck> HTTP/1.1 401 Need Digest auth Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="1" HTTP/1.1 401 Sorry wrong password Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="2" This is a bad password page! HTTP/1.1 200 Things are fine in server land Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! HTTP/1.1 401 Need Digest auth (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 27 WWW-Authenticate: Digest realm="testrealm", nonce="4" HTTP/1.1 401 Sorry wrong password (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="5" This is a bad password page! HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="7" HTTP/1.1 401 Sorry wrong password (3) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="7" This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 32 Finally, this is the real page! </datacheck> </reply> # Client-side <client> <server> http </server> <features> !SSPI crypto </features> <tool> libauthretry </tool> <name> HTTP authorization retry (Digest) </name> <setenv> # we force our own host name, in order to make the test machine independent CURL_GETHOSTNAME=curlhost # we try to use the LD_PRELOAD hack, if not a debug build LD_PRELOAD=%PWD/libtest/.libs/libhostname.so </setenv> <command> http://%HOSTIP:%HTTPPORT/2027 digest digest </command> <precheck> chkhostname curlhost </precheck> </client> # Verify data after the test has been "shot" <verify> <strip> ^User-Agent:.* </strip> <protocol> GET /20270100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* GET /20270100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6" Accept: */* GET /20270200 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c" Accept: */* GET /20270300 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* GET /20270300 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b" Accept: */* GET /20270400 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead" Accept: */* GET /20270400 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead" Accept: */* GET /20270500 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1" Accept: */* </protocol> </verify> </testcase>