From 8d97bed80623e8dd2cb3988df30416a713383f1a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 5 Nov 2012 23:58:31 +0100 Subject: [PATCH] test 2027/2030: take duplicate Digest requests into account With the reversion of ce8311c7e49eca and the new clear logic, this flaw is present and we allow it. --- tests/data/test2027 | 32 ++++++++++++++++++++++---------- tests/data/test2030 | 24 ++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 10 deletions(-) diff --git a/tests/data/test2027 b/tests/data/test2027 index cd2ead5a2..c84e24b03 100644 --- a/tests/data/test2027 +++ b/tests/data/test2027 @@ -9,6 +9,17 @@ HTTP Digest auth # Server-side + + HTTP/1.1 401 Need Digest auth @@ -93,16 +104,6 @@ This is a bad password page! - -HTTP/1.1 401 Need Digest auth (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="8" - -This is not the real page! - - HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 @@ -151,6 +152,12 @@ Content-Type: text/html; charset=iso-8859-1 Content-Length: 29 WWW-Authenticate: Digest realm="testrealm", nonce="7" +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 @@ -222,6 +229,11 @@ Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/2 Host: %HOSTIP:%HTTPPORT Accept: */* +GET /20270400 HTTP/1.1 +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead" +Host: %HOSTIP:%HTTPPORT +Accept: */* + GET /20270500 HTTP/1.1 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1" Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test2030 b/tests/data/test2030 index 18659e8d2..53d3f9122 100644 --- a/tests/data/test2030 +++ b/tests/data/test2030 @@ -13,6 +13,18 @@ HTTP NTLM auth + + + HTTP/1.1 401 Need Digest or NTLM auth @@ -186,6 +198,13 @@ Content-Length: 29 WWW-Authenticate: NTLM WWW-Authenticate: Digest realm="testrealm", nonce="7" +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! HTTP/1.1 200 Things are fine in server land (2) Server: Microsoft-IIS/5.0 @@ -259,6 +278,11 @@ Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/2 Host: %HOSTIP:%HTTPPORT Accept: */* +GET /20300400 HTTP/1.1 +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8" +Host: %HOSTIP:%HTTPPORT +Accept: */* + GET /20300500 HTTP/1.1 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d" Host: %HOSTIP:%HTTPPORT