1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7</keywords> 8</info> 9 10# Server-side 11<reply> 12# First reply back and ask for Digest auth 13<data1> 14HTTP/1.1 401 Authorization Required swsclose 15Server: Apache/1.3.27 (Darwin) PHP/4.1.2 16WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" 17Content-Type: text/html; charset=iso-8859-1 18Content-Length: 26 19 20This is not the real page 21</data1> 22 23# second reply back 24<data2> 25HTTP/1.1 401 Authorization Required swsclose 26Server: Apache/1.3.27 (Darwin) PHP/4.1.2 27WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" 28Content-Type: text/html; charset=iso-8859-1 29Content-Length: 26 30 31This is not the real page 32</data2> 33 34# This is supposed to be returned when the server gets a 35# Authorization: Digest line passed-in from the client 36<data1001> 37HTTP/1.1 200 OK 38Server: Apache/1.3.27 (Darwin) PHP/4.1.2 39Content-Type: text/html; charset=iso-8859-1 40Content-Length: 23 41 42This IS the real page! 43</data1001> 44 45# 46# This is the second request, and this sends back a response saying that 47# the request contained stale data. We want an update. Set swsbounce to 48# bounce on to data1003 on the second request. 49<data1002> 50HTTP/1.1 401 Authorization re-negotiation please swsbounce 51Server: Apache/1.3.27 (Darwin) PHP/4.1.2 52WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" 53Content-Type: text/html; charset=iso-8859-1 54Content-Length: 26 55 56This is not the real page 57</data1002> 58 59# The second request to the 1002 section will bounce this one back instead 60# thanks to the swsbounce keyword up there 61<data1003> 62HTTP/1.1 200 OK 63Server: Apache/1.3.27 (Darwin) PHP/4.1.2 64Content-Type: text/html; charset=iso-8859-1 65Content-Length: 30 66 67This IS the second real page! 68</data1003> 69</reply> 70 71# Client-side 72<client> 73<server> 74http 75</server> 76<features> 77!SSPI 78crypto 79</features> 80<name> 81HTTP with Digest and multiple qop values with leading space 82</name> 83<command> 84http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 85</command> 86</client> 87 88# Verify data after the test has been "shot" 89<verify> 90<strip> 91^Authorization.*cnonce 92</strip> 93<protocol> 94GET /%TESTNUMBER0001 HTTP/1.1 95Host: %HOSTIP:%HTTPPORT 96User-Agent: curl/%VERSION 97Accept: */* 98 99GET /%TESTNUMBER0001 HTTP/1.1 100Host: %HOSTIP:%HTTPPORT 101Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="ea598bbfdb5c54b7352c977e3885e44d" 102User-Agent: curl/%VERSION 103Accept: */* 104 105GET /%TESTNUMBER0002 HTTP/1.1 106Host: %HOSTIP:%HTTPPORT 107User-Agent: curl/%VERSION 108Accept: */* 109 110GET /%TESTNUMBER0002 HTTP/1.1 111Host: %HOSTIP:%HTTPPORT 112Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="921a8e6db782d6359db1f40d9ed7e6a6" 113User-Agent: curl/%VERSION 114Accept: */* 115 116GET /%TESTNUMBER0002 HTTP/1.1 117Host: %HOSTIP:%HTTPPORT 118Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIy", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5 119User-Agent: curl/%VERSION 120Accept: */* 121 122</protocol> 123<stdout> 124HTTP/1.1 401 Authorization Required swsclose 125Server: Apache/1.3.27 (Darwin) PHP/4.1.2 126WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" 127Content-Type: text/html; charset=iso-8859-1 128Content-Length: 26 129 130HTTP/1.1 200 OK 131Server: Apache/1.3.27 (Darwin) PHP/4.1.2 132Content-Type: text/html; charset=iso-8859-1 133Content-Length: 23 134 135This IS the real page! 136HTTP/1.1 401 Authorization Required swsclose 137Server: Apache/1.3.27 (Darwin) PHP/4.1.2 138WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" 139Content-Type: text/html; charset=iso-8859-1 140Content-Length: 26 141 142HTTP/1.1 401 Authorization re-negotiation please swsbounce 143Server: Apache/1.3.27 (Darwin) PHP/4.1.2 144WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" 145Content-Type: text/html; charset=iso-8859-1 146Content-Length: 26 147 148HTTP/1.1 200 OK 149Server: Apache/1.3.27 (Darwin) PHP/4.1.2 150Content-Type: text/html; charset=iso-8859-1 151Content-Length: 30 152 153This IS the second real page! 154</stdout> 155</verify> 156</testcase> 157