mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
auth: Added test cases for RFC7616
Updated docs to include support for RFC7616 Signed-off-by: Florin <petriuc.florin@gmail.com> Closes #1934
This commit is contained in:
parent
2b5b37cb91
commit
f20cbac970
@ -62,7 +62,8 @@ if(curl) {
|
||||
}
|
||||
.fi
|
||||
.SH AVAILABILITY
|
||||
Added in 7.10.8
|
||||
Added RFC2617 in 7.10.8
|
||||
Added RFC7616 in 7.57.0
|
||||
.SH RETURN VALUE
|
||||
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
|
||||
.SH "SEE ALSO"
|
||||
|
@ -63,7 +63,8 @@ if(curl) {
|
||||
}
|
||||
.fi
|
||||
.SH AVAILABILITY
|
||||
Added in 7.10.8
|
||||
Added RFC2617 in 7.10.8
|
||||
Added RFC7616 in 7.57.0
|
||||
.SH RETURN VALUE
|
||||
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
|
||||
.SH "SEE ALSO"
|
||||
|
@ -186,4 +186,5 @@ test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \
|
||||
test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \
|
||||
test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \
|
||||
test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \
|
||||
test2056 test2057
|
||||
test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \
|
||||
test2064 test2065 test2066 test2067 test2068 test2069
|
||||
|
107
tests/data/test2058
Normal file
107
tests/data/test2058
Normal file
@ -0,0 +1,107 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP PUT
|
||||
HTTP proxy
|
||||
HTTP Digest auth
|
||||
Resume
|
||||
Content-Range
|
||||
CUSTOMREQUEST
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with PUT, resumed upload, modified method and SHA-256
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2058 -u auser:apasswd --digest -T log/2058 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET
|
||||
</command>
|
||||
<file name="log/2058">
|
||||
test
|
||||
</file>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Content-Range: bytes 2-4/5
|
||||
User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 0
|
||||
|
||||
GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2058", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm="SHA-256"
|
||||
Content-Range: bytes 2-4/5
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 3
|
||||
Expect: 100-continue
|
||||
|
||||
st
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
107
tests/data/test2059
Normal file
107
tests/data/test2059
Normal file
@ -0,0 +1,107 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP PUT
|
||||
HTTP proxy
|
||||
HTTP Digest auth
|
||||
Resume
|
||||
Content-Range
|
||||
CUSTOMREQUEST
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and userhash=true
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2059 -u auser:apasswd --digest -T log/2059 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET
|
||||
</command>
|
||||
<file name="log/2059">
|
||||
test
|
||||
</file>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Content-Range: bytes 2-4/5
|
||||
User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 0
|
||||
|
||||
GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2059", response="fc09be8192851e284e73e8b719b32a2f6f91cca0594e68713da8c49dc2c1656e", algorithm="SHA-512-256", userhash=true
|
||||
Content-Range: bytes 2-4/5
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 3
|
||||
Expect: 100-continue
|
||||
|
||||
st
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
107
tests/data/test2060
Normal file
107
tests/data/test2060
Normal file
@ -0,0 +1,107 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP PUT
|
||||
HTTP proxy
|
||||
HTTP Digest auth
|
||||
Resume
|
||||
Content-Range
|
||||
CUSTOMREQUEST
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 100 Continue
|
||||
Server: Microsoft-IIS/5.0
|
||||
Date: Sun, 03 Apr 2005 14:57:45 GMT
|
||||
X-Powered-By: ASP.NET
|
||||
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and userhash=false
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2060 -u auser:apasswd --digest -T log/2060 -x http://%HOSTIP:%HTTPPORT -C 2 -X GET
|
||||
</command>
|
||||
<file name="log/2060">
|
||||
test
|
||||
</file>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Content-Range: bytes 2-4/5
|
||||
User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 0
|
||||
|
||||
GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2060", response="3ce1e25ffa611bdbe90e2ab367b9602fa223db9f6de76ac667f0d6157e2178a6", algorithm="SHA-512-256"
|
||||
Content-Range: bytes 2-4/5
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 3
|
||||
Expect: 100-continue
|
||||
|
||||
st
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2061
Normal file
84
tests/data/test2061
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 SHA256 Digest authorization
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2061 -u testuser:testpass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2061 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2061 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2061", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm="SHA-256"
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2062
Normal file
84
tests/data/test2062
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=false
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2062 -u testuser:testpass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2062 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2062 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2062", response="2af735ec3508f4dff99248ffbbe9de9002bfd7cc770cfa2b026cb334042a54e3", algorithm="SHA-512-256"
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2063
Normal file
84
tests/data/test2063
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 200 OK swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 23
|
||||
|
||||
This IS the real page!
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=true
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2063 -u testuser:testpass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2063 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2063 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/2063", response="43f7ab531dff687b5dc75617daa59d1fd67d648341d6d2655ca65ef5064cfb51", algorithm="SHA-512-256", userhash=true
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2064
Normal file
84
tests/data/test2064
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 Digest authorization with bad password and SHA256
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2064 -u testuser:test2pass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2064 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2064 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2064", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm="SHA-256"
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2065
Normal file
84
tests/data/test2065
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and userhash=false
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2065 -u testuser:test2pass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2065 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2065 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2065", response="5a5f20b0e601aeddc6f96422c2332d49ff431c49ab143b5f836ef76e9ac78f5e", algorithm="SHA-512-256"
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
84
tests/data/test2066
Normal file
84
tests/data/test2066
Normal file
@ -0,0 +1,84 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# This is supposed to be returned when the server gets a
|
||||
# Authorization: Digest line passed-in from the client
|
||||
<data1000>
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 Authorization Required
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 26
|
||||
|
||||
HTTP/1.1 401 Still a bad password you moron
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 34
|
||||
|
||||
This is not the real page either
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and userhash=true
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/2066 -u testuser:test2pass --digest
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /2066 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
GET /2066 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/2066", response="a2e2ae589f575fb132991d6f550ef14bf7ef697d2fef1242d2498f07eafc77dc", algorithm="SHA-512-256", userhash=true
|
||||
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
89
tests/data/test2067
Normal file
89
tests/data/test2067
Normal file
@ -0,0 +1,89 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP POST
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with SHA256 and user-specified Content-Length header
|
||||
</name>
|
||||
# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
|
||||
# even when there is a user-specified Content-Length header.
|
||||
# https://github.com/curl/curl/pull/1242
|
||||
<command>
|
||||
-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2067
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol nonewline="yes">
|
||||
POST /2067 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
Content-Length: 0
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
POST /2067 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2067", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm="SHA-256"
|
||||
Accept: */*
|
||||
Content-Length: 11
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
junkelijunk
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
89
tests/data/test2068
Normal file
89
tests/data/test2068
Normal file
@ -0,0 +1,89 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP POST
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256"
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with SHA-512-256, userhash=false and user-specified Content-Length header
|
||||
</name>
|
||||
# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
|
||||
# even when there is a user-specified Content-Length header.
|
||||
# https://github.com/curl/curl/pull/1242
|
||||
<command>
|
||||
-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2068
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol nonewline="yes">
|
||||
POST /2068 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
Content-Length: 0
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
POST /2068 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2068", response="4bc9c97a72f1856bcec9b0e1518c6b7ee28773f91357d56840bdc30bd89ca68f", algorithm="SHA-512-256"
|
||||
Accept: */*
|
||||
Content-Length: 11
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
junkelijunk
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
89
tests/data/test2069
Normal file
89
tests/data/test2069
Normal file
@ -0,0 +1,89 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP POST
|
||||
HTTP Digest auth
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
</data>
|
||||
<data1000>
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</data1000>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 401 authentication please swsbounce
|
||||
Server: Microsoft-IIS/6.0
|
||||
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256", userhash=true
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 0
|
||||
|
||||
HTTP/1.1 200 A OK
|
||||
Server: Microsoft-IIS/6.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 3
|
||||
|
||||
ok
|
||||
</datacheck>
|
||||
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
#
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
!SSPI
|
||||
crypto
|
||||
</features>
|
||||
<name>
|
||||
HTTP POST --digest with SHA-512-256, userhash=true and user-specified Content-Length header
|
||||
</name>
|
||||
# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
|
||||
# even when there is a user-specified Content-Length header.
|
||||
# https://github.com/curl/curl/pull/1242
|
||||
<command>
|
||||
-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk" http://%HOSTIP:%HTTPPORT/2069
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol nonewline="yes">
|
||||
POST /2069 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
Content-Length: 0
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
POST /2069 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2069", response="ff13d977110a471f30de75e747976e4de78d7a3d2425cd23ff46e67f4bc9ead7", algorithm="SHA-512-256", userhash=true
|
||||
Accept: */*
|
||||
Content-Length: 11
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
junkelijunk
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
Loading…
Reference in New Issue
Block a user