tests/data/test2027 - third_party/curl - Git at Google

 <testcase>
 <info>
 <keywords>
 HTTP
 HTTP GET
 HTTP Digest auth
 </keywords>
 </info>
 # Server-side
 <reply>

 <!--

  Explanation for the duplicate 400 requests:

  libcurl doesn't detect that a given Digest password is wrong already on the
  first 401 response (as the data400 gives). libcurl will instead consider the
  new response just as a duplicate and it sends another and detects the auth
  problem on the second 401 response!

 -->

 <!-- First request has Digest auth, wrong password -->
 <data100>
 HTTP/1.1 401 Need Digest auth
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="1"

 This is not the real page!
 </data100>

 <data1100>
 HTTP/1.1 401 Sorry wrong password
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="2"

 This is a bad password page!
 </data1100>

 <!-- Second request has Digest auth, right password -->
 <data200>
 HTTP/1.1 401 Need Digest auth (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="3"

 This is not the real page!
 </data200>

 <data1200>
 HTTP/1.1 200 Things are fine in server land
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </data1200>

 <!-- Third request has Digest auth, wrong password -->
 <data300>
 HTTP/1.1 401 Need Digest auth (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="4"

 This is not the real page!
 </data300>

 <data1300>
 HTTP/1.1 401 Sorry wrong password (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="5"

 This is a bad password page!
 </data1300>

 <!-- Fourth request has Digest auth, wrong password -->
 <data400>
 HTTP/1.1 401 Need Digest auth (4)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="6"

 This is not the real page!
 </data400>

 <data1400>
 HTTP/1.1 401 Sorry wrong password (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="7"

 This is a bad password page!
 </data1400>

 <!-- Fifth request has Digest auth, right password -->
 <data1500>
 HTTP/1.1 200 Things are fine in server land (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </data1500>

 <datacheck>
 HTTP/1.1 401 Need Digest auth
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="1"

 HTTP/1.1 401 Sorry wrong password
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="2"

 This is a bad password page!
 HTTP/1.1 200 Things are fine in server land
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 HTTP/1.1 401 Need Digest auth (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 27
 WWW-Authenticate: Digest realm="testrealm", nonce="4"

 HTTP/1.1 401 Sorry wrong password (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="5"

 This is a bad password page!
 HTTP/1.1 401 Sorry wrong password (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="7"

 HTTP/1.1 401 Sorry wrong password (3)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 29
 WWW-Authenticate: Digest realm="testrealm", nonce="7"

 This is a bad password page!
 HTTP/1.1 200 Things are fine in server land (2)
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 32

 Finally, this is the real page!
 </datacheck>

 </reply>

 # Client-side
 <client>
 <server>
 http
 </server>
 <features>
 !SSPI
 crypto
 </features>
 <tool>
 libauthretry
 </tool>

  <name>
 HTTP authorization retry (Digest)
  </name>
  <setenv>
 # we force our own host name, in order to make the test machine independent
 CURL_GETHOSTNAME=curlhost
 # we try to use the LD_PRELOAD hack, if not a debug build
 LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
  </setenv>
  <command>
 http://%HOSTIP:%HTTPPORT/2027 digest digest
 </command>
 <precheck>
 chkhostname curlhost
 </precheck>
 </client>

 # Verify data after the test has been "shot"
 <verify>
 <strip>
 ^User-Agent:.*
 </strip>
 <protocol>
 GET /20270100 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*

 GET /20270100 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
 Accept: */*

 GET /20270200 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
 Accept: */*

 GET /20270300 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*

 GET /20270300 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
 Accept: */*

 GET /20270400 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
 Accept: */*

 GET /20270400 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
 Accept: */*

 GET /20270500 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
 Accept: */*

 </protocol>
 </verify>
 </testcase>
	<testcase>
	<info>
	<keywords>
	HTTP
	HTTP GET
	HTTP Digest auth
	</keywords>
	</info>
	# Server-side
	<reply>

	<!--

	Explanation for the duplicate 400 requests:

	libcurl doesn't detect that a given Digest password is wrong already on the
	first 401 response (as the data400 gives). libcurl will instead consider the
	new response just as a duplicate and it sends another and detects the auth
	problem on the second 401 response!

	-->

	<!-- First request has Digest auth, wrong password -->
	<data100>
	HTTP/1.1 401 Need Digest auth
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="1"

	This is not the real page!
	</data100>

	<data1100>
	HTTP/1.1 401 Sorry wrong password
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="2"

	This is a bad password page!
	</data1100>

	<!-- Second request has Digest auth, right password -->
	<data200>
	HTTP/1.1 401 Need Digest auth (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="3"

	This is not the real page!
	</data200>

	<data1200>
	HTTP/1.1 200 Things are fine in server land
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</data1200>

	<!-- Third request has Digest auth, wrong password -->
	<data300>
	HTTP/1.1 401 Need Digest auth (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="4"

	This is not the real page!
	</data300>

	<data1300>
	HTTP/1.1 401 Sorry wrong password (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="5"

	This is a bad password page!
	</data1300>

	<!-- Fourth request has Digest auth, wrong password -->
	<data400>
	HTTP/1.1 401 Need Digest auth (4)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="6"

	This is not the real page!
	</data400>

	<data1400>
	HTTP/1.1 401 Sorry wrong password (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="7"

	This is a bad password page!
	</data1400>

	<!-- Fifth request has Digest auth, right password -->
	<data1500>
	HTTP/1.1 200 Things are fine in server land (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</data1500>

	<datacheck>
	HTTP/1.1 401 Need Digest auth
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="1"

	HTTP/1.1 401 Sorry wrong password
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="2"

	This is a bad password page!
	HTTP/1.1 200 Things are fine in server land
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	HTTP/1.1 401 Need Digest auth (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 27
	WWW-Authenticate: Digest realm="testrealm", nonce="4"

	HTTP/1.1 401 Sorry wrong password (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="5"

	This is a bad password page!
	HTTP/1.1 401 Sorry wrong password (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="7"

	HTTP/1.1 401 Sorry wrong password (3)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 29
	WWW-Authenticate: Digest realm="testrealm", nonce="7"

	This is a bad password page!
	HTTP/1.1 200 Things are fine in server land (2)
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 32

	Finally, this is the real page!
	</datacheck>

	</reply>

	# Client-side
	<client>
	<server>
	http
	</server>
	<features>
	!SSPI
	crypto
	</features>
	<tool>
	libauthretry
	</tool>

	<name>
	HTTP authorization retry (Digest)
	</name>
	<setenv>
	# we force our own host name, in order to make the test machine independent
	CURL_GETHOSTNAME=curlhost
	# we try to use the LD_PRELOAD hack, if not a debug build
	LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
	</setenv>
	<command>
	http://%HOSTIP:%HTTPPORT/2027 digest digest
	</command>
	<precheck>
	chkhostname curlhost
	</precheck>
	</client>

	# Verify data after the test has been "shot"
	<verify>
	<strip>
	^User-Agent:.*
	</strip>
	<protocol>
	GET /20270100 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Accept: /

	GET /20270100 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
	Accept: /

	GET /20270200 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
	Accept: /

	GET /20270300 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Accept: /

	GET /20270300 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
	Accept: /

	GET /20270400 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
	Accept: /

	GET /20270400 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
	Accept: /

	GET /20270500 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
	Accept: /

	</protocol>
	</verify>
	</testcase>