summaryrefslogtreecommitdiff
path: root/tests/data/test153
blob: a582595aca8db185a1508ff875a1773068eaac1c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Digest auth
</keywords>
</info>

# Server-side
<reply>
# First reply back and ask for Digest auth
<data1>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data1>

# second reply back
<data2>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data2>

# This is supposed to be returned when the server gets a
# Authorization: Digest line passed-in from the client
<data1001>
HTTP/1.1 200 OK
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
Content-Type: text/html; charset=iso-8859-1
Content-Length: 23

This IS the real page!
</data1001>

#
# This is the second request, and this sends back a response saying that
# the request contained stale data. We want an update. Set swsbounce to
# bounce on to data1003 on the second request.
<data1002>
HTTP/1.1 401 Authorization re-negotiation please swsbounce
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

This is not the real page
</data1002>

# The second request to the 1002 section will bounce this one back instead
# thanks to the swsbounce keyword up there
<data1003>
HTTP/1.1 200 OK
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
Content-Type: text/html; charset=iso-8859-1
Content-Length: 30

This IS the second real page!
</data1003>
</reply>

# Client-side
<client>
<server>
http
</server>
<features>
!SSPI
crypto
</features>
 <name>
HTTP with Digest authorization with stale=true
 </name>
 <command>
http://%HOSTIP:%HTTPPORT/1530001 -u testuser:testpass --digest http://%HOSTIP:%HTTPPORT/1530002
</command>
</client>

# Verify data after the test has been "shot"
<verify>
<strip>
^Authorization.*cnonce
</strip>
<protocol>
GET /1530001 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*

GET /1530001 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/1530001", response="f4f83139396995bac665f24a1f1055c7"
User-Agent: curl/%VERSION
Accept: */*

GET /1530002 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*

GET /1530002 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/1530002", response="f84511b014fdd0ba6494f42871079c32"
User-Agent: curl/%VERSION
Accept: */*

GET /1530002 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/1530002", cnonce="MTA4MzIy", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5
User-Agent: curl/%VERSION
Accept: */*

</protocol>
<stdout>
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 200 OK
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
Content-Type: text/html; charset=iso-8859-1
Content-Length: 23

This IS the real page!
HTTP/1.1 401 Authorization Required swsclose
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 401 Authorization re-negotiation please swsbounce
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth"
Content-Type: text/html; charset=iso-8859-1
Content-Length: 26

HTTP/1.1 200 OK
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
Content-Type: text/html; charset=iso-8859-1
Content-Length: 30

This IS the second real page!
</stdout>
</verify>
</testcase>