test1408 test1409 test1410 \
test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \
test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \
-test2016 test2017 test2018 test2019 test2020 test2021 test2022
+test2016 test2017 test2018 test2019 test2020 test2021 test2022 \
+test2023 test2024 test2025 \
+test2026 test2027 test2028 \
+test2029 test2030 test2031
EXTRA_DIST = $(TESTCASES) DISABLED
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Basic auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- First request has Basic auth, wrong password -->
+<data100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data100>
+
+<!-- Second request has Basic auth, right password -->
+<data200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data200>
+
+<!-- Third request has Basic auth, wrong password -->
+<data300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data300>
+
+<!-- Fourth request has Basic auth, wrong password -->
+<data400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data400>
+
+<!-- Fifth request has Basic auth, right password -->
+<data500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data500>
+
+<datacheck>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Basic)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2023 basic basic
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20230100 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20230200 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20230300 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20230400 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20230500 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Basic auth
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Basic and Digest headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has Basic auth, wrong password -->
+<data100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data100>
+
+<!-- Second request has Digest auth, right password -->
+<data1200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1200>
+
+<!-- Third request has Basic auth, wrong password -->
+<data300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data300>
+
+<!-- Fourth request has Digest auth, wrong password -->
+<data1400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data1400>
+
+<!-- Fifth request has Digest auth, right password -->
+<data1500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1500>
+
+<datacheck>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Basic switching to Digest)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2024 basic digest
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20240100 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20240200 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20240300 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20240400 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20240500 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Basic auth
+HTTP NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Basic and NTLM headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has Basic auth, wrong password -->
+<data100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data100>
+
+<!-- Second request has NTLM auth, right password -->
+<data200>
+HTTP/1.1 401 Need Basic or NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data200>
+
+<data1201>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1201>
+
+<data1202>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1202>
+
+<!-- Third request has Basic auth, wrong password -->
+<data300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data300>
+
+<!-- Fourth request has NTLM auth, wrong password -->
+<data400>
+HTTP/1.1 401 Need Basic or NTLM auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data400>
+
+<data1401>
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1401>
+
+<data1402>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data1402>
+
+<!-- Fifth request has NTLM auth, right password -->
+<data500>
+HTTP/1.1 401 Need Basic or NTLM auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data500>
+
+<data1501>
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1501>
+
+<data1502>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1502>
+
+<datacheck>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Basic switching to NTLM)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2025 basic ntlm
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20250100 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250300 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20250500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Basic auth
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Basic and Digest headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has Digest auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need Basic or Digest auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is not the real page!
+</data100>
+
+<data1100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+\r
+This is a bad password page!
+</data1100>
+
+<!-- Second request has Basic auth, right password -->
+<data200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data200>
+
+<!-- Third request has Digest auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need Basic or Digest auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is not the real page!
+</data300>
+
+<data1300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+\r
+This is a bad password page!
+</data1300>
+
+<!-- Fourth request has Basic auth, wrong password -->
+<data400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data400>
+
+<!-- Fifth request has Basic auth, right password -->
+<data500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data500>
+
+<datacheck>
+HTTP/1.1 401 Need Basic or Digest auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Need Basic or Digest auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Digest switching to Basic)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2026 digest basic
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20260100 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260100 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20260100", response="5f992a2e761ab926256419f7c685f85b"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260200 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260300 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260300 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20260300", response="132242e602882251929be93228c830ae"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260400 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20260500 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- First request has Digest auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need Digest auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+\r
+This is not the real page!
+</data100>
+
+<data1100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+\r
+This is a bad password page!
+</data1100>
+
+<!-- Second request has Digest auth, right password -->
+<data200>
+HTTP/1.1 401 Need Digest auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+\r
+This is not the real page!
+</data200>
+
+<data1200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1200>
+
+<!-- Third request has Digest auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need Digest auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+\r
+This is not the real page!
+</data300>
+
+<data1300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+</data1300>
+
+<!-- Fourth request has Digest auth, wrong password -->
+<data400>
+HTTP/1.1 401 Need Digest auth (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="6"\r
+\r
+This is not the real page!
+</data400>
+
+<data1400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+</data1400>
+
+<!-- Fifth request has Digest auth, right password -->
+<data500>
+HTTP/1.1 401 Need Digest auth (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="8"\r
+\r
+This is not the real page!
+</data500>
+
+<data1500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1500>
+
+<datacheck>
+HTTP/1.1 401 Need Digest auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Need Digest auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Digest)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2027 digest digest
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20270100 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270100 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270200 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270300 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270300 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270400 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20270500 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+HTTP NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Digest and NTLM headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has Digest auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need Digest or NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+\r
+This is not the real page!
+</data100>
+
+<data1100>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1100>
+
+<!-- Second request has NTLM auth, right password -->
+<data200>
+HTTP/1.1 401 Need Digest or NTLM auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+\r
+This is not the real page!
+</data200>
+
+<data1201>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1201>
+
+<data1202>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1202>
+
+<!-- Third request has Digest auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need Digest or NTLM auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data300>
+
+<data1300>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+</data1300>
+
+<!-- Fourth request has NTLM auth, wrong password -->
+<data400>
+HTTP/1.1 401 Need Digest or NTLM auth (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="6"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data400>
+
+<data1401>
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1401>
+
+<data1402>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+</data1402>
+
+<!-- Fifth request has NTLM auth, right password -->
+<data500>
+HTTP/1.1 401 Need Digest or NTLM auth (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="8"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data500>
+
+<data1501>
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1501>
+
+<data1502>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1502>
+
+<datacheck>
+HTTP/1.1 401 Need Digest or NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 Need Digest or NTLM auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+WWW-Authenticate: NTLM\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (Digest switching to NTLM)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2028 digest ntlm
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20280100 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280100 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20280100", response="53c80666f5e3a4a55f92a66aaf0078bb"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280300 HTTP/1.1\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280300 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20280300", response="1aa5d90da9803ca12d04b24e0f19476e"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20280500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Basic auth
+HTTP NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Basic and NTLM headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has NTLM auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need Basic or NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is not the real page!
+</data100>
+
+<data1101>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1101>
+
+<data1102>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1102>
+
+<!-- Second request has Basic auth, right password -->
+<data200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data200>
+
+<!-- Third request has NTLM auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need Basic or NTLM auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is not the real page!
+</data300>
+
+<data1301>
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1301>
+
+<data1302>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1302>
+
+<!-- Fourth request has Basic auth, wrong password -->
+<data400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+</data400>
+
+<!-- Fifth request has Basic auth, right password -->
+<data500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data500>
+
+<datacheck>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Basic realm="testrealm"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Basic realm="testrealm"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (NTLM switching to Basic)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2029 ntlm basic
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20290100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290200 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290400 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20290500 HTTP/1.1\r
+Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+HTTP NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- Alternate the order that Digest and NTLM headers appear in responses to
+ensure that the order doesn't matter. -->
+
+<!-- First request has NTLM auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need Digest or NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="1"\r
+\r
+This is not the real page!
+</data100>
+
+<data1101>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1101>
+
+<data1102>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1102>
+
+<!-- Second request has Digest auth, right password -->
+<data200>
+HTTP/1.1 401 Need Digest or NTLM auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="3"\r
+\r
+This is not the real page!
+</data200>
+
+<data1200>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1200>
+
+<!-- Third request has NTLM auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need Digest or NTLM auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="4"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data300>
+
+<data1301>
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1301>
+
+<data1302>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+</data1302>
+
+<!-- Fourth request has Digest auth, wrong password -->
+<data400>
+HTTP/1.1 401 Need Digest or NTLM auth (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="6"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data400>
+
+<data1400>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+</data1400>
+
+<!-- Fifth request has Digest auth, right password -->
+<data500>
+HTTP/1.1 401 Need Digest or NTLM auth (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: Digest realm="testrealm", nonce="8"\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data500>
+
+<data1500>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1500>
+
+<datacheck>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: Digest realm="testrealm", nonce="2"\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="5"\r
+\r
+This is a bad password page!
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+WWW-Authenticate: Digest realm="testrealm", nonce="7"\r
+\r
+This is a bad password page!
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (NTLM switching to Digest)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2030 ntlm digest
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20300100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300200 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20300200", response="2f2d784ba53a0a307758a90e98d25c27"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300400 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20300500 HTTP/1.1\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d"\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<!-- First request has NTLM auth, wrong password -->
+<data100>
+HTTP/1.1 401 Need NTLM auth\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data100>
+
+<data1101>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1101>
+
+<data1102>
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1102>
+
+<!-- Second request has NTML auth, right password -->
+<data200>
+HTTP/1.1 401 Need NTLM auth (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data200>
+
+<data1201>
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1201>
+
+<data1202>
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1202>
+
+<!-- Third request has NTLM auth, wrong password -->
+<data300>
+HTTP/1.1 401 Need NTLM auth (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data300>
+
+<data1301>
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1301>
+
+<data1302>
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1302>
+
+<!-- Fourth request has NTLM auth, wrong password -->
+<data400>
+HTTP/1.1 401 Need NTLM auth (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data400>
+
+<data1401>
+HTTP/1.1 401 NTLM intermediate (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1401>
+
+<data1402>
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+</data1402>
+
+<!-- Fifth request has NTLM auth, right password -->
+<data500>
+HTTP/1.1 401 Need NTLM auth (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 27\r
+WWW-Authenticate: NTLM\r
+\r
+This is not the real page!
+</data500>
+
+<data1501>
+HTTP/1.1 401 NTLM intermediate (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+This is still not the real page!
+</data1501>
+
+<data1502>
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</data1502>
+
+<datacheck>
+HTTP/1.1 401 NTLM intermediate\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+HTTP/1.1 401 NTLM intermediate (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (4)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 401 Sorry wrong password (3)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 29\r
+WWW-Authenticate: NTLM\r
+\r
+This is a bad password page!
+HTTP/1.1 401 NTLM intermediate (5)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 33\r
+WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=\r
+\r
+HTTP/1.1 200 Things are fine in server land (2)\r
+Server: Microsoft-IIS/5.0\r
+Content-Type: text/html; charset=iso-8859-1\r
+Content-Length: 32\r
+\r
+Finally, this is the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+libauthretry
+</tool>
+
+ <name>
+HTTP authorization retry (NTLM)
+ </name>
+ <setenv>
+# we force our own host name, in order to make the test machine independent
+CURL_GETHOSTNAME=curlhost
+# we try to use the LD_PRELOAD hack, if not a debug build
+LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
+ </setenv>
+ <command>
+http://%HOSTIP:%HTTPPORT/2031 ntlm ntlm
+</command>
+<precheck>
+chkhostname curlhost
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /20310100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310100 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310200 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310300 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310400 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+GET /20310500 HTTP/1.1\r
+Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=\r
+Host: %HOSTIP:%HTTPPORT\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
chkhostname
lib5[0-9][0-9]
-
+libauthretry
lib543 lib544 lib545 lib547 lib548 lib549 lib552 lib553 lib554 lib555 \
lib556 lib539 lib557 lib560 lib562 lib564 lib565 lib566 lib567 lib568 \
lib569 lib570 lib571 lib572 lib573 lib582 lib583 lib585 lib586 lib587 \
- lib590 lib591 lib597 lib598 lib599
+ lib590 lib591 lib597 lib598 lib599 libauthretry
chkhostname_SOURCES = chkhostname.c $(top_srcdir)/lib/curl_gethostname.c
chkhostname_LDADD = @CURL_NETWORK_LIBS@
lib598_SOURCES = lib598.c $(SUPPORTFILES)
lib599_SOURCES = lib599.c $(SUPPORTFILES)
+
+libauthretry_SOURCES = libauthretry.c $(SUPPORTFILES)
--- /dev/null
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+/* argv1 = URL
+ * argv2 = main auth type
+ * argv3 = second auth type
+ */
+
+#include "test.h"
+
+#include "memdebug.h"
+
+static int send_request(CURL *curl, const char *url, int seq, long auth_scheme, const char *userpwd)
+{
+ CURLcode res;
+ char* full_url = malloc(strlen(url) + 4 + 1);
+ if (!full_url) {
+ fprintf(stderr, "Not enough memory for full url\n");
+ res = CURLE_OUT_OF_MEMORY;
+ goto test_cleanup;
+ }
+
+ sprintf(full_url, "%s%04d", url, seq);
+ fprintf(stderr, "Sending new request %d to %s with credential %s (auth %d)\n", seq, full_url, userpwd, auth_scheme);
+ test_setopt(curl, CURLOPT_URL, full_url);
+ test_setopt(curl, CURLOPT_VERBOSE, 1L);
+ test_setopt(curl, CURLOPT_HEADER, 1L);
+ test_setopt(curl, CURLOPT_HTTPGET, 1L);
+ test_setopt(curl, CURLOPT_USERPWD, userpwd);
+ test_setopt(curl, CURLOPT_HTTPAUTH, auth_scheme);
+
+ res = curl_easy_perform(curl);
+
+test_cleanup:
+ free(full_url);
+ return res;
+}
+
+static int send_wrong_password(CURL *curl, const char *url, int seq, long auth_scheme)
+{
+ return send_request(curl, url, seq, auth_scheme, "testuser:wrongpass");
+}
+
+static int send_right_password(CURL *curl, const char *url, int seq, long auth_scheme)
+{
+ return send_request(curl, url, seq, auth_scheme, "testuser:testpass");
+}
+
+static long parse_auth_name(const char *arg)
+{
+ if (!arg)
+ return CURLAUTH_NONE;
+ if (strcasecmp(arg, "basic") == 0)
+ return CURLAUTH_BASIC;
+ if (strcasecmp(arg, "digest") == 0)
+ return CURLAUTH_DIGEST;
+ if (strcasecmp(arg, "ntlm") == 0)
+ return CURLAUTH_NTLM;
+ return CURLAUTH_NONE;
+}
+
+int test(char *url)
+{
+ CURLcode res;
+ CURL *curl = NULL;
+ bool curl_is_init = FALSE;
+
+ long main_auth_scheme = parse_auth_name(libtest_arg2);
+ long fallback_auth_scheme = parse_auth_name(libtest_arg3);
+
+ if (main_auth_scheme == CURLAUTH_NONE ||
+ fallback_auth_scheme == CURLAUTH_NONE) {
+ fprintf(stderr, "auth schemes not found on commandline\n");
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+
+ if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
+ fprintf(stderr, "curl_global_init() failed\n");
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+ curl_is_init = TRUE;
+
+ /* Send wrong password, then right password */
+
+ if ((curl = curl_easy_init()) == NULL) {
+ fprintf(stderr, "curl_easy_init() failed\n");
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+
+ res = send_wrong_password(curl, url, 100, main_auth_scheme);
+ if (res != CURLE_OK)
+ goto test_cleanup;
+ curl_easy_reset(curl);
+ res = send_right_password(curl, url, 200, fallback_auth_scheme);
+ if (res != CURLE_OK)
+ goto test_cleanup;
+ curl_easy_reset(curl);
+
+ curl_easy_cleanup(curl);
+
+ /* Send wrong password twice, then right password */
+
+ if ((curl = curl_easy_init()) == NULL) {
+ fprintf(stderr, "curl_easy_init() failed\n");
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+
+ res = send_wrong_password(curl, url, 300, main_auth_scheme);
+ if (res != CURLE_OK)
+ goto test_cleanup;
+ curl_easy_reset(curl);
+
+ res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
+ if (res != CURLE_OK)
+ goto test_cleanup;
+ curl_easy_reset(curl);
+ res = send_right_password(curl, url, 500, fallback_auth_scheme);
+ if (res != CURLE_OK)
+ goto test_cleanup;
+ curl_easy_reset(curl);
+
+test_cleanup:
+
+ if (curl)
+ curl_easy_cleanup(curl);
+ if (curl_is_init)
+ curl_global_cleanup();
+
+ return (int)res;
+}
+
projects / platform / upstream / curl.git / commitdiff