1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7</keywords> 8</info> 9# Server-side 10<reply> 11 12<!-- 13 14 Explanation for the duplicate 400 requests: 15 16 libcurl doesn't detect that a given Digest password is wrong already on the 17 first 401 response (as the data400 gives). libcurl will instead consider the 18 new response just as a duplicate and it sends another and detects the auth 19 problem on the second 401 response! 20 21--> 22 23<!-- First request has Digest auth, wrong password --> 24<data100> 25HTTP/1.1 401 Need Digest auth 26Server: Microsoft-IIS/5.0 27Content-Type: text/html; charset=iso-8859-1 28Content-Length: 27 29WWW-Authenticate: Digest realm="testrealm", nonce="1" 30 31This is not the real page! 32</data100> 33 34<data1100> 35HTTP/1.1 401 Sorry wrong password 36Server: Microsoft-IIS/5.0 37Content-Type: text/html; charset=iso-8859-1 38Content-Length: 29 39WWW-Authenticate: Digest realm="testrealm", nonce="2" 40 41This is a bad password page! 42</data1100> 43 44<!-- Second request has Digest auth, right password --> 45<data200> 46HTTP/1.1 401 Need Digest auth (2) 47Server: Microsoft-IIS/5.0 48Content-Type: text/html; charset=iso-8859-1 49Content-Length: 27 50WWW-Authenticate: Digest realm="testrealm", nonce="3" 51 52This is not the real page! 53</data200> 54 55<data1200> 56HTTP/1.1 200 Things are fine in server land 57Server: Microsoft-IIS/5.0 58Content-Type: text/html; charset=iso-8859-1 59Content-Length: 32 60 61Finally, this is the real page! 62</data1200> 63 64<!-- Third request has Digest auth, wrong password --> 65<data300> 66HTTP/1.1 401 Need Digest auth (3) 67Server: Microsoft-IIS/5.0 68Content-Type: text/html; charset=iso-8859-1 69Content-Length: 27 70WWW-Authenticate: Digest realm="testrealm", nonce="4" 71 72This is not the real page! 73</data300> 74 75<data1300> 76HTTP/1.1 401 Sorry wrong password (2) 77Server: Microsoft-IIS/5.0 78Content-Type: text/html; charset=iso-8859-1 79Content-Length: 29 80WWW-Authenticate: Digest realm="testrealm", nonce="5" 81 82This is a bad password page! 83</data1300> 84 85<!-- Fourth request has Digest auth, wrong password --> 86<data400> 87HTTP/1.1 401 Need Digest auth (4) 88Server: Microsoft-IIS/5.0 89Content-Type: text/html; charset=iso-8859-1 90Content-Length: 27 91WWW-Authenticate: Digest realm="testrealm", nonce="6" 92 93This is not the real page! 94</data400> 95 96<data1400> 97HTTP/1.1 401 Sorry wrong password (3) 98Server: Microsoft-IIS/5.0 99Content-Type: text/html; charset=iso-8859-1 100Content-Length: 29 101WWW-Authenticate: Digest realm="testrealm", nonce="7" 102 103This is a bad password page! 104</data1400> 105 106<!-- Fifth request has Digest auth, right password --> 107<data1500> 108HTTP/1.1 200 Things are fine in server land (2) 109Server: Microsoft-IIS/5.0 110Content-Type: text/html; charset=iso-8859-1 111Content-Length: 32 112 113Finally, this is the real page! 114</data1500> 115 116<datacheck> 117HTTP/1.1 401 Need Digest auth 118Server: Microsoft-IIS/5.0 119Content-Type: text/html; charset=iso-8859-1 120Content-Length: 27 121WWW-Authenticate: Digest realm="testrealm", nonce="1" 122 123HTTP/1.1 401 Sorry wrong password 124Server: Microsoft-IIS/5.0 125Content-Type: text/html; charset=iso-8859-1 126Content-Length: 29 127WWW-Authenticate: Digest realm="testrealm", nonce="2" 128 129This is a bad password page! 130HTTP/1.1 200 Things are fine in server land 131Server: Microsoft-IIS/5.0 132Content-Type: text/html; charset=iso-8859-1 133Content-Length: 32 134 135Finally, this is the real page! 136HTTP/1.1 401 Need Digest auth (3) 137Server: Microsoft-IIS/5.0 138Content-Type: text/html; charset=iso-8859-1 139Content-Length: 27 140WWW-Authenticate: Digest realm="testrealm", nonce="4" 141 142HTTP/1.1 401 Sorry wrong password (2) 143Server: Microsoft-IIS/5.0 144Content-Type: text/html; charset=iso-8859-1 145Content-Length: 29 146WWW-Authenticate: Digest realm="testrealm", nonce="5" 147 148This is a bad password page! 149HTTP/1.1 401 Sorry wrong password (3) 150Server: Microsoft-IIS/5.0 151Content-Type: text/html; charset=iso-8859-1 152Content-Length: 29 153WWW-Authenticate: Digest realm="testrealm", nonce="7" 154 155HTTP/1.1 401 Sorry wrong password (3) 156Server: Microsoft-IIS/5.0 157Content-Type: text/html; charset=iso-8859-1 158Content-Length: 29 159WWW-Authenticate: Digest realm="testrealm", nonce="7" 160 161This is a bad password page! 162HTTP/1.1 200 Things are fine in server land (2) 163Server: Microsoft-IIS/5.0 164Content-Type: text/html; charset=iso-8859-1 165Content-Length: 32 166 167Finally, this is the real page! 168</datacheck> 169 170</reply> 171 172# Client-side 173<client> 174<server> 175http 176</server> 177<tool> 178libauthretry 179</tool> 180 181 <name> 182HTTP authorization retry (Digest) 183 </name> 184 <setenv> 185# we force our own host name, in order to make the test machine independent 186CURL_GETHOSTNAME=curlhost 187# we try to use the LD_PRELOAD hack, if not a debug build 188LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 189 </setenv> 190 <command> 191http://%HOSTIP:%HTTPPORT/2027 digest digest 192</command> 193<precheck> 194chkhostname curlhost 195</precheck> 196</client> 197 198# Verify data after the test has been "shot" 199<verify> 200<strip> 201^User-Agent:.* 202</strip> 203<protocol> 204GET /20270100 HTTP/1.1 205Host: %HOSTIP:%HTTPPORT 206Accept: */* 207 208GET /20270100 HTTP/1.1 209Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6" 210Host: %HOSTIP:%HTTPPORT 211Accept: */* 212 213GET /20270200 HTTP/1.1 214Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c" 215Host: %HOSTIP:%HTTPPORT 216Accept: */* 217 218GET /20270300 HTTP/1.1 219Host: %HOSTIP:%HTTPPORT 220Accept: */* 221 222GET /20270300 HTTP/1.1 223Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b" 224Host: %HOSTIP:%HTTPPORT 225Accept: */* 226 227GET /20270400 HTTP/1.1 228Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead" 229Host: %HOSTIP:%HTTPPORT 230Accept: */* 231 232GET /20270400 HTTP/1.1 233Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead" 234Host: %HOSTIP:%HTTPPORT 235Accept: */* 236 237GET /20270500 HTTP/1.1 238Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1" 239Host: %HOSTIP:%HTTPPORT 240Accept: */* 241 242</protocol> 243</verify> 244</testcase> 245