moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Code Issues Releases Wiki Activity

Add tests of auth retries

Browse Source
This commit is contained in:
Joe Mason 2012-07-19 13:58:10 -04:00
parent 50b87c4e68
commit 24c43e9d34
13 changed files with 2345 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tests/data/Makefile.am
View File

@ -95,7 +95,10 @@ test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
test1408 test1409 test1410 \
test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \
test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \
test2016 test2017 test2018 test2019 test2020 test2021 test2022
test2016 test2017 test2018 test2019 test2020 test2021 test2022 \
test2023 test2024 test2025 \
test2026 test2027 test2028 \
test2029 test2030 test2031
EXTRA_DIST = $(TESTCASES) DISABLED

162
tests/data/test2023 Normal file
View File

@ -0,0 +1,162 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
</keywords>
</info>
# Server-side
<reply>
<!-- First request has Basic auth, wrong password -->
<data100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data100>
<!-- Second request has Basic auth, right password -->
<data200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data200>
<!-- Third request has Basic auth, wrong password -->
<data300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data300>
<!-- Fourth request has Basic auth, wrong password -->
<data400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data400>
<!-- Fifth request has Basic auth, right password -->
<data500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data500>
<datacheck>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Basic)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2023 basic basic
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20230100 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20230200 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20230300 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20230400 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20230500 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

172
tests/data/test2024 Normal file
View File

@ -0,0 +1,172 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
HTTP Digest auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Basic and Digest headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has Basic auth, wrong password -->
<data100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="1"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data100>
<!-- Second request has Digest auth, right password -->
<data1200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1200>
<!-- Third request has Basic auth, wrong password -->
<data300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data300>
<!-- Fourth request has Digest auth, wrong password -->
<data1400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="3"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data1400>
<!-- Fifth request has Digest auth, right password -->
<data1500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1500>
<datacheck>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="1"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="3"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Basic switching to Digest)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2024 basic digest
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20240100 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20240200 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20240300 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20240400 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20240500 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13"
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

268
tests/data/test2025 Normal file
View File

@ -0,0 +1,268 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Basic and NTLM headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has Basic auth, wrong password -->
<data100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data100>
<!-- Second request has NTLM auth, right password -->
<data200>
HTTP/1.1 401 Need Basic or NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is not the real page!
</data200>
<data1201>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1201>
<data1202>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1202>
<!-- Third request has Basic auth, wrong password -->
<data300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data300>
<!-- Fourth request has NTLM auth, wrong password -->
<data400>
HTTP/1.1 401 Need Basic or NTLM auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is not the real page!
</data400>
<data1401>
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1401>
<data1402>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data1402>
<!-- Fifth request has NTLM auth, right password -->
<data500>
HTTP/1.1 401 Need Basic or NTLM auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is not the real page!
</data500>
<data1501>
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1501>
<data1502>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1502>
<datacheck>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Basic switching to NTLM)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2025 basic ntlm
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20250100 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250300 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20250500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

216
tests/data/test2026 Normal file
View File

@ -0,0 +1,216 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
HTTP Digest auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Basic and Digest headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has Digest auth, wrong password -->
<data100>
HTTP/1.1 401 Need Basic or Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
WWW-Authenticate: Basic realm="testrealm"
This is not the real page!
</data100>
<data1100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
</data1100>
<!-- Second request has Basic auth, right password -->
<data200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data200>
<!-- Third request has Digest auth, wrong password -->
<data300>
HTTP/1.1 401 Need Basic or Digest auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="3"
WWW-Authenticate: Basic realm="testrealm"
This is not the real page!
</data300>
<data1300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: Digest realm="testrealm", nonce="4"
This is a bad password page!
</data1300>
<!-- Fourth request has Basic auth, wrong password -->
<data400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data400>
<!-- Fifth request has Basic auth, right password -->
<data500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data500>
<datacheck>
HTTP/1.1 401 Need Basic or Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
WWW-Authenticate: Basic realm="testrealm"
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Need Basic or Digest auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="3"
WWW-Authenticate: Basic realm="testrealm"
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: Digest realm="testrealm", nonce="4"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Digest switching to Basic)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2026 digest basic
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20260100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260100 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20260100", response="5f992a2e761ab926256419f7c685f85b"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260200 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260300 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260300 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20260300", response="132242e602882251929be93228c830ae"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260400 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20260500 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

232
tests/data/test2027 Normal file
View File

@ -0,0 +1,232 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Digest auth
</keywords>
</info>
# Server-side
<reply>
<!-- First request has Digest auth, wrong password -->
<data100>
HTTP/1.1 401 Need Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
This is not the real page!
</data100>
<data1100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
</data1100>
<!-- Second request has Digest auth, right password -->
<data200>
HTTP/1.1 401 Need Digest auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="3"
This is not the real page!
</data200>
<data1200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1200>
<!-- Third request has Digest auth, wrong password -->
<data300>
HTTP/1.1 401 Need Digest auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
This is not the real page!
</data300>
<data1300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
</data1300>
<!-- Fourth request has Digest auth, wrong password -->
<data400>
HTTP/1.1 401 Need Digest auth (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="6"
This is not the real page!
</data400>
<data1400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
</data1400>
<!-- Fifth request has Digest auth, right password -->
<data500>
HTTP/1.1 401 Need Digest auth (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="8"
This is not the real page!
</data500>
<data1500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1500>
<datacheck>
HTTP/1.1 401 Need Digest auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="1"
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Need Digest auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Digest)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2027 digest digest
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20270100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270100 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270200 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270300 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270300 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270400 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20270500 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

312
tests/data/test2028 Normal file
View File

@ -0,0 +1,312 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Digest auth
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Digest and NTLM headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has Digest auth, wrong password -->
<data100>
HTTP/1.1 401 Need Digest or NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="1"
This is not the real page!
</data100>
<data1100>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: NTLM
This is a bad password page!
</data1100>
<!-- Second request has NTLM auth, right password -->
<data200>
HTTP/1.1 401 Need Digest or NTLM auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="3"
This is not the real page!
</data200>
<data1201>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1201>
<data1202>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1202>
<!-- Third request has Digest auth, wrong password -->
<data300>
HTTP/1.1 401 Need Digest or NTLM auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
WWW-Authenticate: NTLM
This is not the real page!
</data300>
<data1300>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
</data1300>
<!-- Fourth request has NTLM auth, wrong password -->
<data400>
HTTP/1.1 401 Need Digest or NTLM auth (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="6"
WWW-Authenticate: NTLM
This is not the real page!
</data400>
<data1401>
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1401>
<data1402>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
</data1402>
<!-- Fifth request has NTLM auth, right password -->
<data500>
HTTP/1.1 401 Need Digest or NTLM auth (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="8"
WWW-Authenticate: NTLM
This is not the real page!
</data500>
<data1501>
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1501>
<data1502>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1502>
<datacheck>
HTTP/1.1 401 Need Digest or NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="1"
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 Need Digest or NTLM auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
WWW-Authenticate: NTLM
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (Digest switching to NTLM)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2028 digest ntlm
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20280100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280100 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20280100", response="53c80666f5e3a4a55f92a66aaf0078bb"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280300 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280300 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20280300", response="1aa5d90da9803ca12d04b24e0f19476e"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20280500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

236
tests/data/test2029 Normal file
View File

@ -0,0 +1,236 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Basic and NTLM headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has NTLM auth, wrong password -->
<data100>
HTTP/1.1 401 Need Basic or NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is not the real page!
</data100>
<data1101>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1101>
<data1102>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is a bad password page!
</data1102>
<!-- Second request has Basic auth, right password -->
<data200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data200>
<!-- Third request has NTLM auth, wrong password -->
<data300>
HTTP/1.1 401 Need Basic or NTLM auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is not the real page!
</data300>
<data1301>
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1301>
<data1302>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is a bad password page!
</data1302>
<!-- Fourth request has Basic auth, wrong password -->
<data400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data400>
<!-- Fifth request has Basic auth, right password -->
<data500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data500>
<datacheck>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (NTLM switching to Basic)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2029 ntlm basic
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20290100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290200 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290400 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20290500 HTTP/1.1
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

269
tests/data/test2030 Normal file
View File

@ -0,0 +1,269 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Digest auth
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<!-- Alternate the order that Digest and NTLM headers appear in responses to
ensure that the order doesn't matter. -->
<!-- First request has NTLM auth, wrong password -->
<data100>
HTTP/1.1 401 Need Digest or NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="1"
This is not the real page!
</data100>
<data1101>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1101>
<data1102>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: NTLM
This is a bad password page!
</data1102>
<!-- Second request has Digest auth, right password -->
<data200>
HTTP/1.1 401 Need Digest or NTLM auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="3"
This is not the real page!
</data200>
<data1200>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1200>
<!-- Third request has NTLM auth, wrong password -->
<data300>
HTTP/1.1 401 Need Digest or NTLM auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="4"
WWW-Authenticate: NTLM
This is not the real page!
</data300>
<data1301>
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1301>
<data1302>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
</data1302>
<!-- Fourth request has Digest auth, wrong password -->
<data400>
HTTP/1.1 401 Need Digest or NTLM auth (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="6"
WWW-Authenticate: NTLM
This is not the real page!
</data400>
<data1400>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
</data1400>
<!-- Fifth request has Digest auth, right password -->
<data500>
HTTP/1.1 401 Need Digest or NTLM auth (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: Digest realm="testrealm", nonce="8"
WWW-Authenticate: NTLM
This is not the real page!
</data500>
<data1500>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1500>
<datacheck>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Digest realm="testrealm", nonce="2"
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="5"
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
WWW-Authenticate: Digest realm="testrealm", nonce="7"
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (NTLM switching to Digest)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2030 ntlm digest
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20300100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300200 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20300200", response="2f2d784ba53a0a307758a90e98d25c27"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300400 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20300500 HTTP/1.1
Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d"
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

317
tests/data/test2031 Normal file
View File

@ -0,0 +1,317 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP NTLM auth
</keywords>
</info>
# Server-side
<reply>
<!-- First request has NTLM auth, wrong password -->
<data100>
HTTP/1.1 401 Need NTLM auth
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
This is not the real page!
</data100>
<data1101>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1101>
<data1102>
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
</data1102>
<!-- Second request has NTML auth, right password -->
<data200>
HTTP/1.1 401 Need NTLM auth (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
This is not the real page!
</data200>
<data1201>
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1201>
<data1202>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1202>
<!-- Third request has NTLM auth, wrong password -->
<data300>
HTTP/1.1 401 Need NTLM auth (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
This is not the real page!
</data300>
<data1301>
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1301>
<data1302>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
</data1302>
<!-- Fourth request has NTLM auth, wrong password -->
<data400>
HTTP/1.1 401 Need NTLM auth (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
This is not the real page!
</data400>
<data1401>
HTTP/1.1 401 NTLM intermediate (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1401>
<data1402>
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
</data1402>
<!-- Fifth request has NTLM auth, right password -->
<data500>
HTTP/1.1 401 Need NTLM auth (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 27
WWW-Authenticate: NTLM
This is not the real page!
</data500>
<data1501>
HTTP/1.1 401 NTLM intermediate (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
This is still not the real page!
</data1501>
<data1502>
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data1502>
<datacheck>
HTTP/1.1 401 NTLM intermediate
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
HTTP/1.1 401 NTLM intermediate (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (4)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 401 Sorry wrong password (3)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: NTLM
This is a bad password page!
HTTP/1.1 401 NTLM intermediate (5)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 33
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
HTTP/1.1 200 Things are fine in server land (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</datacheck>
</reply>
# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>
<name>
HTTP authorization retry (NTLM)
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
</setenv>
<command>
http://%HOSTIP:%HTTPPORT/2031 ntlm ntlm
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20310100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310100 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310200 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310300 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310400 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Host: %HOSTIP:%HTTPPORT
Accept: */*
GET /20310500 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
</verify>
</testcase>

2
tests/libtest/.gitignore vendored
View File

@ -1,3 +1,3 @@
chkhostname
lib5[0-9][0-9]
libauthretry

4
tests/libtest/Makefile.inc
View File

@ -19,7 +19,7 @@ noinst_PROGRAMS = chkhostname \
lib543 lib544 lib545 lib547 lib548 lib549 lib552 lib553 lib554 lib555 \
lib556 lib539 lib557 lib560 lib562 lib564 lib565 lib566 lib567 lib568 \
lib569 lib570 lib571 lib572 lib573 lib582 lib583 lib585 lib586 lib587 \
lib590 lib591 lib597 lib598 lib599
lib590 lib591 lib597 lib598 lib599 libauthretry
chkhostname_SOURCES = chkhostname.c $(top_srcdir)/lib/curl_gethostname.c
chkhostname_LDADD = @CURL_NETWORK_LIBS@
@ -185,3 +185,5 @@ lib597_SOURCES = lib597.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib598_SOURCES = lib598.c $(SUPPORTFILES)
lib599_SOURCES = lib599.c $(SUPPORTFILES)
libauthretry_SOURCES = libauthretry.c $(SUPPORTFILES)

153
tests/libtest/libauthretry.c Normal file
View File

@ -0,0 +1,153 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* argv1 = URL
* argv2 = main auth type
* argv3 = second auth type
*/
#include "test.h"
#include "memdebug.h"
static int send_request(CURL *curl, const char *url, int seq, long auth_scheme, const char *userpwd)
{
CURLcode res;
char* full_url = malloc(strlen(url) + 4 + 1);
if (!full_url) {
fprintf(stderr, "Not enough memory for full url\n");
res = CURLE_OUT_OF_MEMORY;
goto test_cleanup;
}
sprintf(full_url, "%s%04d", url, seq);
fprintf(stderr, "Sending new request %d to %s with credential %s (auth %d)\n", seq, full_url, userpwd, auth_scheme);
test_setopt(curl, CURLOPT_URL, full_url);
test_setopt(curl, CURLOPT_VERBOSE, 1L);
test_setopt(curl, CURLOPT_HEADER, 1L);
test_setopt(curl, CURLOPT_HTTPGET, 1L);
test_setopt(curl, CURLOPT_USERPWD, userpwd);
test_setopt(curl, CURLOPT_HTTPAUTH, auth_scheme);
res = curl_easy_perform(curl);
test_cleanup:
free(full_url);
return res;
}
static int send_wrong_password(CURL *curl, const char *url, int seq, long auth_scheme)
{
return send_request(curl, url, seq, auth_scheme, "testuser:wrongpass");
}
static int send_right_password(CURL *curl, const char *url, int seq, long auth_scheme)
{
return send_request(curl, url, seq, auth_scheme, "testuser:testpass");
}
static long parse_auth_name(const char *arg)
{
if (!arg)
return CURLAUTH_NONE;
if (strcasecmp(arg, "basic") == 0)
return CURLAUTH_BASIC;
if (strcasecmp(arg, "digest") == 0)
return CURLAUTH_DIGEST;
if (strcasecmp(arg, "ntlm") == 0)
return CURLAUTH_NTLM;
return CURLAUTH_NONE;
}
int test(char *url)
{
CURLcode res;
CURL *curl = NULL;
bool curl_is_init = FALSE;
long main_auth_scheme = parse_auth_name(libtest_arg2);
long fallback_auth_scheme = parse_auth_name(libtest_arg3);
if (main_auth_scheme == CURLAUTH_NONE ||
fallback_auth_scheme == CURLAUTH_NONE) {
fprintf(stderr, "auth schemes not found on commandline\n");
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
fprintf(stderr, "curl_global_init() failed\n");
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
curl_is_init = TRUE;
/* Send wrong password, then right password */
if ((curl = curl_easy_init()) == NULL) {
fprintf(stderr, "curl_easy_init() failed\n");
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
res = send_wrong_password(curl, url, 100, main_auth_scheme);
if (res != CURLE_OK)
goto test_cleanup;
curl_easy_reset(curl);
res = send_right_password(curl, url, 200, fallback_auth_scheme);
if (res != CURLE_OK)
goto test_cleanup;
curl_easy_reset(curl);
curl_easy_cleanup(curl);
/* Send wrong password twice, then right password */
if ((curl = curl_easy_init()) == NULL) {
fprintf(stderr, "curl_easy_init() failed\n");
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
res = send_wrong_password(curl, url, 300, main_auth_scheme);
if (res != CURLE_OK)
goto test_cleanup;
curl_easy_reset(curl);
res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
if (res != CURLE_OK)
goto test_cleanup;
curl_easy_reset(curl);
res = send_right_password(curl, url, 500, fallback_auth_scheme);
if (res != CURLE_OK)
goto test_cleanup;
curl_easy_reset(curl);
test_cleanup:
if (curl)
curl_easy_cleanup(curl);
if (curl_is_init)
curl_global_cleanup();
return (int)res;
}