14 Explanation for the duplicate 400 requests:
16 libcurl doesn't detect that a given Digest password is wrong already on the
17 first 401 response (as the data400 gives). libcurl will instead consider the
18 new response just as a duplicate and it sends another and detects the auth
19 problem on the second 401 response!
23 <!-- First request has Digest auth, wrong password -->
25 HTTP/1.1 401 Need Digest auth
\r
26 Server: Microsoft-IIS/5.0
\r
27 Content-Type: text/html; charset=iso-8859-1
\r
29 WWW-Authenticate: Digest realm="testrealm", nonce="1"
\r
31 This is not the real page!
35 HTTP/1.1 401 Sorry wrong password
\r
36 Server: Microsoft-IIS/5.0
\r
37 Content-Type: text/html; charset=iso-8859-1
\r
39 WWW-Authenticate: Digest realm="testrealm", nonce="2"
\r
41 This is a bad password page!
44 <!-- Second request has Digest auth, right password -->
46 HTTP/1.1 401 Need Digest auth (2)
\r
47 Server: Microsoft-IIS/5.0
\r
48 Content-Type: text/html; charset=iso-8859-1
\r
50 WWW-Authenticate: Digest realm="testrealm", nonce="3"
\r
52 This is not the real page!
56 HTTP/1.1 200 Things are fine in server land
\r
57 Server: Microsoft-IIS/5.0
\r
58 Content-Type: text/html; charset=iso-8859-1
\r
61 Finally, this is the real page!
64 <!-- Third request has Digest auth, wrong password -->
66 HTTP/1.1 401 Need Digest auth (3)
\r
67 Server: Microsoft-IIS/5.0
\r
68 Content-Type: text/html; charset=iso-8859-1
\r
70 WWW-Authenticate: Digest realm="testrealm", nonce="4"
\r
72 This is not the real page!
76 HTTP/1.1 401 Sorry wrong password (2)
\r
77 Server: Microsoft-IIS/5.0
\r
78 Content-Type: text/html; charset=iso-8859-1
\r
80 WWW-Authenticate: Digest realm="testrealm", nonce="5"
\r
82 This is a bad password page!
85 <!-- Fourth request has Digest auth, wrong password -->
87 HTTP/1.1 401 Need Digest auth (4)
\r
88 Server: Microsoft-IIS/5.0
\r
89 Content-Type: text/html; charset=iso-8859-1
\r
91 WWW-Authenticate: Digest realm="testrealm", nonce="6"
\r
93 This is not the real page!
97 HTTP/1.1 401 Sorry wrong password (3)
\r
98 Server: Microsoft-IIS/5.0
\r
99 Content-Type: text/html; charset=iso-8859-1
\r
101 WWW-Authenticate: Digest realm="testrealm", nonce="7"
\r
103 This is a bad password page!
106 <!-- Fifth request has Digest auth, right password -->
108 HTTP/1.1 200 Things are fine in server land (2)
\r
109 Server: Microsoft-IIS/5.0
\r
110 Content-Type: text/html; charset=iso-8859-1
\r
113 Finally, this is the real page!
117 HTTP/1.1 401 Need Digest auth
\r
118 Server: Microsoft-IIS/5.0
\r
119 Content-Type: text/html; charset=iso-8859-1
\r
121 WWW-Authenticate: Digest realm="testrealm", nonce="1"
\r
123 HTTP/1.1 401 Sorry wrong password
\r
124 Server: Microsoft-IIS/5.0
\r
125 Content-Type: text/html; charset=iso-8859-1
\r
127 WWW-Authenticate: Digest realm="testrealm", nonce="2"
\r
129 This is a bad password page!
130 HTTP/1.1 200 Things are fine in server land
\r
131 Server: Microsoft-IIS/5.0
\r
132 Content-Type: text/html; charset=iso-8859-1
\r
135 Finally, this is the real page!
136 HTTP/1.1 401 Need Digest auth (3)
\r
137 Server: Microsoft-IIS/5.0
\r
138 Content-Type: text/html; charset=iso-8859-1
\r
140 WWW-Authenticate: Digest realm="testrealm", nonce="4"
\r
142 HTTP/1.1 401 Sorry wrong password (2)
\r
143 Server: Microsoft-IIS/5.0
\r
144 Content-Type: text/html; charset=iso-8859-1
\r
146 WWW-Authenticate: Digest realm="testrealm", nonce="5"
\r
148 This is a bad password page!
149 HTTP/1.1 401 Sorry wrong password (3)
\r
150 Server: Microsoft-IIS/5.0
\r
151 Content-Type: text/html; charset=iso-8859-1
\r
153 WWW-Authenticate: Digest realm="testrealm", nonce="7"
\r
155 HTTP/1.1 401 Sorry wrong password (3)
\r
156 Server: Microsoft-IIS/5.0
\r
157 Content-Type: text/html; charset=iso-8859-1
\r
159 WWW-Authenticate: Digest realm="testrealm", nonce="7"
\r
161 This is a bad password page!
162 HTTP/1.1 200 Things are fine in server land (2)
\r
163 Server: Microsoft-IIS/5.0
\r
164 Content-Type: text/html; charset=iso-8859-1
\r
167 Finally, this is the real page!
182 HTTP authorization retry (Digest)
185 # we force our own host name, in order to make the test machine independent
186 CURL_GETHOSTNAME=curlhost
187 # we try to use the LD_PRELOAD hack, if not a debug build
188 LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
191 http://%HOSTIP:%HTTPPORT/2027 digest digest
198 # Verify data after the test has been "shot"
204 GET /20270100 HTTP/1.1
\r
205 Host: %HOSTIP:%HTTPPORT
\r
208 GET /20270100 HTTP/1.1
\r
209 Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
\r
210 Host: %HOSTIP:%HTTPPORT
\r
213 GET /20270200 HTTP/1.1
\r
214 Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
\r
215 Host: %HOSTIP:%HTTPPORT
\r
218 GET /20270300 HTTP/1.1
\r
219 Host: %HOSTIP:%HTTPPORT
\r
222 GET /20270300 HTTP/1.1
\r
223 Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
\r
224 Host: %HOSTIP:%HTTPPORT
\r
227 GET /20270400 HTTP/1.1
\r
228 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
\r
229 Host: %HOSTIP:%HTTPPORT
\r
232 GET /20270400 HTTP/1.1
\r
233 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
\r
234 Host: %HOSTIP:%HTTPPORT
\r
237 GET /20270500 HTTP/1.1
\r
238 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
\r
239 Host: %HOSTIP:%HTTPPORT
\r