14 Explanation for the duplicate 400 requests:
16 libcurl doesn't detect that a given Digest password is wrong already on the
17 first 401 response (as the data400 gives). libcurl will instead consider the
18 new response just as a duplicate and it sends another and detects the auth
19 problem on the second 401 response!
23 <!-- First request has Digest auth, wrong password -->
25 HTTP/1.1 401 Need Digest auth
26 Server: Microsoft-IIS/5.0
27 Content-Type: text/html; charset=iso-8859-1
29 WWW-Authenticate: Digest realm="testrealm", nonce="1"
31 This is not the real page!
35 HTTP/1.1 401 Sorry wrong password
36 Server: Microsoft-IIS/5.0
37 Content-Type: text/html; charset=iso-8859-1
39 WWW-Authenticate: Digest realm="testrealm", nonce="2"
41 This is a bad password page!
44 <!-- Second request has Digest auth, right password -->
46 HTTP/1.1 401 Need Digest auth (2)
47 Server: Microsoft-IIS/5.0
48 Content-Type: text/html; charset=iso-8859-1
50 WWW-Authenticate: Digest realm="testrealm", nonce="3"
52 This is not the real page!
56 HTTP/1.1 200 Things are fine in server land
57 Server: Microsoft-IIS/5.0
58 Content-Type: text/html; charset=iso-8859-1
61 Finally, this is the real page!
64 <!-- Third request has Digest auth, wrong password -->
66 HTTP/1.1 401 Need Digest auth (3)
67 Server: Microsoft-IIS/5.0
68 Content-Type: text/html; charset=iso-8859-1
70 WWW-Authenticate: Digest realm="testrealm", nonce="4"
72 This is not the real page!
76 HTTP/1.1 401 Sorry wrong password (2)
77 Server: Microsoft-IIS/5.0
78 Content-Type: text/html; charset=iso-8859-1
80 WWW-Authenticate: Digest realm="testrealm", nonce="5"
82 This is a bad password page!
85 <!-- Fourth request has Digest auth, wrong password -->
87 HTTP/1.1 401 Need Digest auth (4)
88 Server: Microsoft-IIS/5.0
89 Content-Type: text/html; charset=iso-8859-1
91 WWW-Authenticate: Digest realm="testrealm", nonce="6"
93 This is not the real page!
97 HTTP/1.1 401 Sorry wrong password (3)
98 Server: Microsoft-IIS/5.0
99 Content-Type: text/html; charset=iso-8859-1
101 WWW-Authenticate: Digest realm="testrealm", nonce="7"
103 This is a bad password page!
106 <!-- Fifth request has Digest auth, right password -->
108 HTTP/1.1 200 Things are fine in server land (2)
109 Server: Microsoft-IIS/5.0
110 Content-Type: text/html; charset=iso-8859-1
113 Finally, this is the real page!
117 HTTP/1.1 401 Need Digest auth
118 Server: Microsoft-IIS/5.0
119 Content-Type: text/html; charset=iso-8859-1
121 WWW-Authenticate: Digest realm="testrealm", nonce="1"
123 HTTP/1.1 401 Sorry wrong password
124 Server: Microsoft-IIS/5.0
125 Content-Type: text/html; charset=iso-8859-1
127 WWW-Authenticate: Digest realm="testrealm", nonce="2"
129 This is a bad password page!
130 HTTP/1.1 200 Things are fine in server land
131 Server: Microsoft-IIS/5.0
132 Content-Type: text/html; charset=iso-8859-1
135 Finally, this is the real page!
136 HTTP/1.1 401 Need Digest auth (3)
137 Server: Microsoft-IIS/5.0
138 Content-Type: text/html; charset=iso-8859-1
140 WWW-Authenticate: Digest realm="testrealm", nonce="4"
142 HTTP/1.1 401 Sorry wrong password (2)
143 Server: Microsoft-IIS/5.0
144 Content-Type: text/html; charset=iso-8859-1
146 WWW-Authenticate: Digest realm="testrealm", nonce="5"
148 This is a bad password page!
149 HTTP/1.1 401 Sorry wrong password (3)
150 Server: Microsoft-IIS/5.0
151 Content-Type: text/html; charset=iso-8859-1
153 WWW-Authenticate: Digest realm="testrealm", nonce="7"
155 HTTP/1.1 401 Sorry wrong password (3)
156 Server: Microsoft-IIS/5.0
157 Content-Type: text/html; charset=iso-8859-1
159 WWW-Authenticate: Digest realm="testrealm", nonce="7"
161 This is a bad password page!
162 HTTP/1.1 200 Things are fine in server land (2)
163 Server: Microsoft-IIS/5.0
164 Content-Type: text/html; charset=iso-8859-1
167 Finally, this is the real page!
186 HTTP authorization retry (Digest)
189 # we force our own host name, in order to make the test machine independent
190 CURL_GETHOSTNAME=curlhost
191 # we try to use the LD_PRELOAD hack, if not a debug build
192 LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
195 http://%HOSTIP:%HTTPPORT/2027 digest digest
202 # Verify data after the test has been "shot"
208 GET /20270100 HTTP/1.1
209 Host: %HOSTIP:%HTTPPORT
212 GET /20270100 HTTP/1.1
213 Host: %HOSTIP:%HTTPPORT
214 Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
217 GET /20270200 HTTP/1.1
218 Host: %HOSTIP:%HTTPPORT
219 Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
222 GET /20270300 HTTP/1.1
223 Host: %HOSTIP:%HTTPPORT
226 GET /20270300 HTTP/1.1
227 Host: %HOSTIP:%HTTPPORT
228 Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
231 GET /20270400 HTTP/1.1
232 Host: %HOSTIP:%HTTPPORT
233 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
236 GET /20270400 HTTP/1.1
237 Host: %HOSTIP:%HTTPPORT
238 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
241 GET /20270500 HTTP/1.1
242 Host: %HOSTIP:%HTTPPORT
243 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"