curl/tests/data/test2027
Steve Holme b5c496f109 tests: Don't run HTTP digest tests for SSPI based builds
Added !SSPI to the features list of the HTTP digest tests, as SSPI
based builds now use the Windows SSPI messaging API rather than the
internal functions, and we can't control the random numbers that get
used as part of the digest.
2014-11-06 20:36:08 +00:00

249 lines
6.1 KiB
Plaintext

<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Digest auth
</keywords>
</info>
# Server-side
<reply>
<!--
Explanation for the duplicate 400 requests:
libcurl doesn't detect that a given Digest password is wrong already on the
first 401 response (as the data400 gives). libcurl will instead consider the
new response just as a duplicate and it sends another and detects the auth
problem on the second 401 response!
-->
<!-- First request has Digest auth, wrong password -->
<data100>
HTTP/1.1 401 Need Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
This is not the real page!
</data100>
<data1100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
</data1100>
<!-- Second request has Digest auth, right password -->
<data200>
HTTP/1.1 401 Need Digest auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="3"
This is not the real page!
</data200>
<data1200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1200>
<!-- Third request has Digest auth, wrong password -->
<data300>
HTTP/1.1 401 Need Digest auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
This is not the real page!
</data300>
<data1300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
</data1300>
<!-- Fourth request has Digest auth, wrong password -->
<data400>
HTTP/1.1 401 Need Digest auth (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="6"
This is not the real page!
</data400>
<data1400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
</data1400>
<!-- Fifth request has Digest auth, right password -->
<data1500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1500>
<datacheck>
HTTP/1.1 401 Need Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Need Digest auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="7"
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<features>
!SSPI
crypto
</features>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Digest)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2027 digest digest
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20270100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270100 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270200 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270300 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270300 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270400 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270400 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270500 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>