[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 26/116: auth: Added test cases for RFC7616
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 26/116: auth: Added test cases for RFC7616 |
|
Date: |
Tue, 05 Dec 2017 14:50:56 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit f20cbac9701e7406848a2e9f253c08d8201d24a7
Author: Florin <address@hidden>
AuthorDate: Sat Oct 7 13:30:17 2017 +0200
auth: Added test cases for RFC7616
Updated docs to include support for RFC7616
Signed-off-by: Florin <address@hidden>
Closes #1934
---
docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3 | 3 +-
docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3 | 3 +-
tests/data/Makefile.inc | 3 +-
tests/data/test2058 | 107 +++++++++++++++++++++++++++
tests/data/test2059 | 107 +++++++++++++++++++++++++++
tests/data/test2060 | 107 +++++++++++++++++++++++++++
tests/data/test2061 | 84 +++++++++++++++++++++
tests/data/test2062 | 84 +++++++++++++++++++++
tests/data/test2063 | 84 +++++++++++++++++++++
tests/data/test2064 | 84 +++++++++++++++++++++
tests/data/test2065 | 84 +++++++++++++++++++++
tests/data/test2066 | 84 +++++++++++++++++++++
tests/data/test2067 | 89 ++++++++++++++++++++++
tests/data/test2068 | 89 ++++++++++++++++++++++
tests/data/test2069 | 89 ++++++++++++++++++++++
15 files changed, 1098 insertions(+), 3 deletions(-)
diff --git a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
index 06f841ee1..08d66b32e 100644
--- a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
+++ b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
@@ -62,7 +62,8 @@ if(curl) {
}
.fi
.SH AVAILABILITY
-Added in 7.10.8
+Added RFC2617 in 7.10.8
+Added RFC7616 in 7.57.0
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
index 2a7724080..fa6bb41f8 100644
--- a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
+++ b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
@@ -63,7 +63,8 @@ if(curl) {
}
.fi
.SH AVAILABILITY
-Added in 7.10.8
+Added RFC2617 in 7.10.8
+Added RFC7616 in 7.57.0
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index b157aeda9..e3eb80e4d 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -186,4 +186,5 @@ test2024 test2025 test2026 test2027 test2028 test2029
test2030 test2031 \
test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \
test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \
test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \
-test2056 test2057
+test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \
+test2064 test2065 test2066 test2067 test2068 test2069
diff --git a/tests/data/test2058 b/tests/data/test2058
new file mode 100644
index 000000000..0082503e0
--- /dev/null
+++ b/tests/data/test2058
@@ -0,0 +1,107 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP PUT
+HTTP proxy
+HTTP Digest auth
+Resume
+Content-Range
+CUSTOMREQUEST
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256",
nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256",
nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP POST --digest with PUT, resumed upload, modified method and SHA-256
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2058 -u auser:apasswd --digest -T log/2058 -x
http://%HOSTIP:%HTTPPORT -C 2 -X GET
+</command>
+<file name="log/2058">
+test
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS
OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/2058",
response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed",
algorithm="SHA-256"
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2059 b/tests/data/test2059
new file mode 100644
index 000000000..b74b0bdc1
--- /dev/null
+++ b/tests/data/test2059
@@ -0,0 +1,107 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP PUT
+HTTP proxy
+HTTP Digest auth
+Resume
+Content-Range
+CUSTOMREQUEST
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256",
nonce="1053604144", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256",
nonce="1053604144", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and
userhash=true
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2059 -u auser:apasswd --digest -T log/2059 -x
http://%HOSTIP:%HTTPPORT -C 2 -X GET
+</command>
+<file name="log/2059">
+test
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS
OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest
username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be",
realm="testrealm", nonce="1053604144", uri="/2059",
response="fc09be8192851e284e73e8b719b32a2f6f91cca0594e68713da8c49dc2c1656e",
algorithm="SHA-512-256", userhash=true
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2060 b/tests/data/test2060
new file mode 100644
index 000000000..f323eb520
--- /dev/null
+++ b/tests/data/test2060
@@ -0,0 +1,107 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP PUT
+HTTP proxy
+HTTP Digest auth
+Resume
+Content-Range
+CUSTOMREQUEST
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256",
nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 100 Continue
+Server: Microsoft-IIS/5.0
+Date: Sun, 03 Apr 2005 14:57:45 GMT
+X-Powered-By: ASP.NET
+
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256",
nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP POST --digest with PUT, resumed upload, modified method, SHA-512-256 and
userhash=false
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2060 -u auser:apasswd --digest -T log/2060 -x
http://%HOSTIP:%HTTPPORT -C 2 -X GET
+</command>
+<file name="log/2060">
+test
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Content-Range: bytes 2-4/5
+User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS
OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+
+GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/2060",
response="3ce1e25ffa611bdbe90e2ab367b9602fa223db9f6de76ac667f0d6157e2178a6",
algorithm="SHA-512-256"
+Content-Range: bytes 2-4/5
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 3
+Expect: 100-continue
+
+st
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2061 b/tests/data/test2061
new file mode 100644
index 000000000..af3758c97
--- /dev/null
+++ b/tests/data/test2061
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 SHA256 Digest authorization
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2061 -u testuser:testpass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2061 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2061 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm",
nonce="1053604145", uri="/2061",
response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d",
algorithm="SHA-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2062 b/tests/data/test2062
new file mode 100644
index 000000000..d5ce6899f
--- /dev/null
+++ b/tests/data/test2062
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=false
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2062 -u testuser:testpass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2062 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2062 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm",
nonce="1053604145", uri="/2062",
response="2af735ec3508f4dff99248ffbbe9de9002bfd7cc770cfa2b026cb334042a54e3",
algorithm="SHA-512-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2063 b/tests/data/test2063
new file mode 100644
index 000000000..220fe4ebe
--- /dev/null
+++ b/tests/data/test2063
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 SHA-512-256 Digest authorization and userhash=true
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2063 -u testuser:testpass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2063 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2063 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest
username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61",
realm="testrealm", nonce="1053604145", uri="/2063",
response="43f7ab531dff687b5dc75617daa59d1fd67d648341d6d2655ca65ef5064cfb51",
algorithm="SHA-512-256", userhash=true
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2064 b/tests/data/test2064
new file mode 100644
index 000000000..aa20c0bc0
--- /dev/null
+++ b/tests/data/test2064
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 Digest authorization with bad password and SHA256
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2064 -u testuser:test2pass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2064 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2064 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm",
nonce="2053604145", uri="/2064",
response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5",
algorithm="SHA-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2065 b/tests/data/test2065
new file mode 100644
index 000000000..d3afe0b13
--- /dev/null
+++ b/tests/data/test2065
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and
userhash=false
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2065 -u testuser:test2pass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2065 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2065 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm",
nonce="2053604145", uri="/2065",
response="5a5f20b0e601aeddc6f96422c2332d49ff431c49ab143b5f836ef76e9ac78f5e",
algorithm="SHA-512-256"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2066 b/tests/data/test2066
new file mode 100644
index 000000000..e6ec28a1e
--- /dev/null
+++ b/tests/data/test2066
@@ -0,0 +1,84 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1000>
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 Authorization Required
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="2053604145",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Still a bad password you moron
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 34
+
+This is not the real page either
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with RFC7616 Digest authorization with bad password, SHA-512-256 and
userhash=true
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/2066 -u testuser:test2pass --digest
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2066 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2066 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest
username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61",
realm="testrealm", nonce="2053604145", uri="/2066",
response="a2e2ae589f575fb132991d6f550ef14bf7ef697d2fef1242d2498f07eafc77dc",
algorithm="SHA-512-256", userhash=true
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2067 b/tests/data/test2067
new file mode 100644
index 000000000..faa7c57fa
--- /dev/null
+++ b/tests/data/test2067
@@ -0,0 +1,89 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+<name>
+HTTP POST --digest with SHA256 and user-specified Content-Length header
+</name>
+# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
+# even when there is a user-specified Content-Length header.
+# https://github.com/curl/curl/pull/1242
+<command>
+-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk"
http://%HOSTIP:%HTTPPORT/2067
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol nonewline="yes">
+POST /2067 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2067 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/2067",
response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb",
algorithm="SHA-256"
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2068 b/tests/data/test2068
new file mode 100644
index 000000000..43a50e626
--- /dev/null
+++ b/tests/data/test2068
@@ -0,0 +1,89 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-512-256"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+<name>
+HTTP POST --digest with SHA-512-256, userhash=false and user-specified
Content-Length header
+</name>
+# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
+# even when there is a user-specified Content-Length header.
+# https://github.com/curl/curl/pull/1242
+<command>
+-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk"
http://%HOSTIP:%HTTPPORT/2068
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol nonewline="yes">
+POST /2068 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2068 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/2068",
response="4bc9c97a72f1856bcec9b0e1518c6b7ee28773f91357d56840bdc30bd89ca68f",
algorithm="SHA-512-256"
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test2069 b/tests/data/test2069
new file mode 100644
index 000000000..e8040a5e0
--- /dev/null
+++ b/tests/data/test2069
@@ -0,0 +1,89 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144",
algorithm="SHA-512-256", userhash=true
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+<name>
+HTTP POST --digest with SHA-512-256, userhash=true and user-specified
Content-Length header
+</name>
+# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
+# even when there is a user-specified Content-Length header.
+# https://github.com/curl/curl/pull/1242
+<command>
+-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk"
http://%HOSTIP:%HTTPPORT/2069
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol nonewline="yes">
+POST /2069 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /2069 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest
username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be",
realm="testrealm", nonce="1053604144", uri="/2069",
response="ff13d977110a471f30de75e747976e4de78d7a3d2425cd23ff46e67f4bc9ead7",
algorithm="SHA-512-256", userhash=true
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk
+</protocol>
+</verify>
+</testcase>
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 52/116: HTTP: support multiple Content-Encodings, (continued)
- [GNUnet-SVN] [gnurl] 52/116: HTTP: support multiple Content-Encodings, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 69/116: --interface: add support for Linux VRF, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 106/116: ssh: remove check for a NULL pointer (!), gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 92/116: http2: fix "Value stored to 'hdbuf' is never read" scan-build error, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 66/116: test1554: verify connection cache sharing, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 67/116: examples: add shared-connection-cache, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 101/116: connect: add support for new TCP Fast Open API on Linux, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 58/116: url: remove unncessary NULL-check, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 79/116: INTERNALS: we may use libidn2 now, not libidn, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 96/116: test1264: verify URL with space in host name being rejected, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 26/116: auth: Added test cases for RFC7616,
gnunet <=
- [GNUnet-SVN] [gnurl] 95/116: url: reject ASCII control characters and space in host names, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 78/116: zlib/brotli: only include header files in modules needing them, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 103/116: URL: update "file:" URL handling, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 83/116: openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 70/116: RELEASE-NOTES: synced with 32828cc4f, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 98/116: connect: improve the bind error message, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 99/116: RELEASE-NOTES: synced with 31f18d272, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 108/116: wildcardmatch: fix heap buffer overflow in setcharset, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 85/116: resolve: allow IP address within [] brackets, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 71/116: cmake: Correctly include curl.rc in Windows builds (#2064), gnunet, 2017/12/05