mirror of
https://github.com/curl/curl.git
synced 2024-12-27 06:59:43 +08:00
f77dabefd8
- on the first invocation: keep security context returned by InitializeSecurityContext() - on subsequent invocations: use MakeSignature() instead of InitializeSecurityContext() to generate HTTP digest response Bug: https://github.com/curl/curl/issues/870 Reported-by: Andreas Roth Closes https://github.com/curl/curl/pull/1251
111 lines
2.8 KiB
Plaintext
111 lines
2.8 KiB
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
HTTP Digest auth
|
|
followlocation
|
|
</keywords>
|
|
</info>
|
|
|
|
# Server-side
|
|
<reply>
|
|
<data>
|
|
HTTP/1.1 401 authentication please swsbounce
|
|
Server: Microsoft-IIS/6.0
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 0
|
|
|
|
</data>
|
|
<data1000>
|
|
HTTP/1.1 302 Thanks for this, but we want to redir you!
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Location: /12860001
|
|
Content-Length: 0
|
|
|
|
</data1000>
|
|
<data1001>
|
|
HTTP/1.1 404 Not Found
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 0
|
|
|
|
</data1001>
|
|
|
|
<datacheck>
|
|
HTTP/1.1 401 authentication please swsbounce
|
|
Server: Microsoft-IIS/6.0
|
|
WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 0
|
|
|
|
HTTP/1.1 302 Thanks for this, but we want to redir you!
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Location: /12860001
|
|
Content-Length: 0
|
|
|
|
HTTP/1.1 404 Not Found
|
|
Server: Microsoft-IIS/5.0
|
|
Content-Type: text/html; charset=iso-8859-1
|
|
Content-Length: 0
|
|
|
|
</datacheck>
|
|
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
#
|
|
<server>
|
|
http
|
|
</server>
|
|
<features>
|
|
crypto
|
|
</features>
|
|
<name>
|
|
HTTP GET --digest increasing nonce-count
|
|
</name>
|
|
# This test is to ensure the nonce-count (nc) increases
|
|
# https://github.com/curl/curl/pull/1251
|
|
<command>
|
|
-u auser:apasswd --location --digest http://%HOSTIP:%HTTPPORT/1286
|
|
</command>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent:.*
|
|
</strip>
|
|
# Reorder the fields in 'Authorization: Digest' header.
|
|
# Since regular and SSPI digest auth header fields may not have the same order
|
|
# or whitespace we homogenize so that both may be tested. Also:
|
|
# - Remove the unique value from cnonce if in RFC format
|
|
# - Remove the unique value from response if in RFC format
|
|
# - Remove quotes from qop="auth" used by SSPI
|
|
# The if statement is one line because runtests evaluates one line at a time.
|
|
<strippart>
|
|
if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map { s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/; s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort split(/, */, $2)) . $3; }
|
|
</strippart>
|
|
<protocol>
|
|
GET /1286 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
|
|
GET /1286 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/1286", username="auser"
|
|
Accept: */*
|
|
|
|
GET /12860001 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/12860001", username="auser"
|
|
Accept: */*
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|