b5c496f109
Added !SSPI to the features list of the HTTP digest tests, as SSPI based builds now use the Windows SSPI messaging API rather than the internal functions, and we can't control the random numbers that get used as part of the digest.
249 lines
6.1 KiB
Plaintext
249 lines
6.1 KiB
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
HTTP Digest auth
|
|
</keywords>
|
|
</info>
|
|
# Server-side
|
|
<reply>
|
|
|
|
<!--
|
|
|
|
Explanation for the duplicate 400 requests:
|
|
|
|
libcurl doesn't detect that a given Digest password is wrong already on the
|
|
first 401 response (as the data400 gives). libcurl will instead consider the
|
|
new response just as a duplicate and it sends another and detects the auth
|
|
problem on the second 401 response!
|
|
|
|
-->
|
|
|
|
<!-- First request has Digest auth, wrong password -->
|
|
<data100>
|
|
HTTP/1.1 401 Need Digest auth
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="1"
|
|
|
|
This is not the real page!
|
|
</data100>
|
|
|
|
<data1100>
|
|
HTTP/1.1 401 Sorry wrong password
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="2"
|
|
|
|
This is a bad password page!
|
|
</data1100>
|
|
|
|
<!-- Second request has Digest auth, right password -->
|
|
<data200>
|
|
HTTP/1.1 401 Need Digest auth (2)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="3"
|
|
|
|
This is not the real page!
|
|
</data200>
|
|
|
|
<data1200>
|
|
HTTP/1.1 200 Things are fine in server land
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
</data1200>
|
|
|
|
<!-- Third request has Digest auth, wrong password -->
|
|
<data300>
|
|
HTTP/1.1 401 Need Digest auth (3)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="4"
|
|
|
|
This is not the real page!
|
|
</data300>
|
|
|
|
<data1300>
|
|
HTTP/1.1 401 Sorry wrong password (2)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="5"
|
|
|
|
This is a bad password page!
|
|
</data1300>
|
|
|
|
<!-- Fourth request has Digest auth, wrong password -->
|
|
<data400>
|
|
HTTP/1.1 401 Need Digest auth (4)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="6"
|
|
|
|
This is not the real page!
|
|
</data400>
|
|
|
|
<data1400>
|
|
HTTP/1.1 401 Sorry wrong password (3)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="7"
|
|
|
|
This is a bad password page!
|
|
</data1400>
|
|
|
|
<!-- Fifth request has Digest auth, right password -->
|
|
<data1500>
|
|
HTTP/1.1 200 Things are fine in server land (2)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
</data1500>
|
|
|
|
<datacheck>
|
|
HTTP/1.1 401 Need Digest auth
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="1"
|
|
|
|
HTTP/1.1 401 Sorry wrong password
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="2"
|
|
|
|
This is a bad password page!
|
|
HTTP/1.1 200 Things are fine in server land
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
HTTP/1.1 401 Need Digest auth (3)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 27
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="4"
|
|
|
|
HTTP/1.1 401 Sorry wrong password (2)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="5"
|
|
|
|
This is a bad password page!
|
|
HTTP/1.1 401 Sorry wrong password (3)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="7"
|
|
|
|
HTTP/1.1 401 Sorry wrong password (3)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 29
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="7"
|
|
|
|
This is a bad password page!
|
|
HTTP/1.1 200 Things are fine in server land (2)
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 32
|
|
|
|
Finally, this is the real page!
|
|
</datacheck>
|
|
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
http
|
|
</server>
|
|
<features>
|
|
!SSPI
|
|
crypto
|
|
</features>
|
|
<tool>
|
|
libauthretry
|
|
</tool>
|
|
|
|
<name>
|
|
HTTP authorization retry (Digest)
|
|
</name>
|
|
<setenv>
|
|
# we force our own host name, in order to make the test machine independent
|
|
CURL_GETHOSTNAME=curlhost
|
|
# we try to use the LD_PRELOAD hack, if not a debug build
|
|
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
|
|
</setenv>
|
|
<command>
|
|
http://%HOSTIP:%HTTPPORT/2027 digest digest
|
|
</command>
|
|
<precheck>
|
|
chkhostname curlhost
|
|
</precheck>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent:.*
|
|
</strip>
|
|
<protocol>
|
|
GET /20270100 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270100 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270200 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270300 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270300 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270400 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270400 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /20270500 HTTP/1.1
|
|
Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|