tests/data/test1286 - platform/external/curl - Git at Google

 <testcase>
 <info>
 <keywords>
 HTTP
 HTTP GET
 HTTP Digest auth
 followlocation
 </keywords>
 </info>

 # Server-side
 <reply>
 <data>
 HTTP/1.1 401 authentication please swsbounce
 Server: Microsoft-IIS/6.0
 WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 0

 </data>
 <data1000>
 HTTP/1.1 302 Thanks for this, but we want to redir you!
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Location: /%TESTNUMBER0001
 Content-Length: 0

 </data1000>
 <data1001>
 HTTP/1.1 404 Not Found
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 0

 </data1001>

 <datacheck>
 HTTP/1.1 401 authentication please swsbounce
 Server: Microsoft-IIS/6.0
 WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 0

 HTTP/1.1 302 Thanks for this, but we want to redir you!
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Location: /%TESTNUMBER0001
 Content-Length: 0

 HTTP/1.1 404 Not Found
 Server: Microsoft-IIS/5.0
 Content-Type: text/html; charset=iso-8859-1
 Content-Length: 0

 </datacheck>

 </reply>

 # Client-side
 <client>
 #
 <server>
 http
 </server>
 <features>
 crypto
 </features>
 <name>
 HTTP GET --digest increasing nonce-count
 </name>
 # This test is to ensure the nonce-count (nc) increases
 # https://github.com/curl/curl/pull/1251
 <command>
 -u auser:apasswd --location --digest http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 </command>
 </client>

 # Verify data after the test has been "shot"
 <verify>

 # Reorder the fields in 'Authorization: Digest' header.
 # Since regular and SSPI digest auth header fields may not have the same order
 # or whitespace we homogenize so that both may be tested. Also:
 # - Remove the unique value from cnonce if in RFC format
 # - Remove the unique value from response if in RFC format
 # - Remove quotes from qop="auth" used by SSPI
 # The if statement is one line because runtests evaluates one line at a time.
 <strippart>
 if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map { s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/; s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort split(/, */, $2)) . $3; }
 </strippart>
 <protocol>
 GET /%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*

 GET /%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER", username="auser"
 User-Agent: curl/%VERSION
 Accept: */*

 GET /%TESTNUMBER0001 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER0001", username="auser"
 User-Agent: curl/%VERSION
 Accept: */*

 </protocol>
 </verify>
 </testcase>
	<testcase>
	<info>
	<keywords>
	HTTP
	HTTP GET
	HTTP Digest auth
	followlocation
	</keywords>
	</info>

	# Server-side
	<reply>
	<data>
	HTTP/1.1 401 authentication please swsbounce
	Server: Microsoft-IIS/6.0
	WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 0

	</data>
	<data1000>
	HTTP/1.1 302 Thanks for this, but we want to redir you!
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Location: /%TESTNUMBER0001
	Content-Length: 0

	</data1000>
	<data1001>
	HTTP/1.1 404 Not Found
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 0

	</data1001>

	<datacheck>
	HTTP/1.1 401 authentication please swsbounce
	Server: Microsoft-IIS/6.0
	WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 0

	HTTP/1.1 302 Thanks for this, but we want to redir you!
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Location: /%TESTNUMBER0001
	Content-Length: 0

	HTTP/1.1 404 Not Found
	Server: Microsoft-IIS/5.0
	Content-Type: text/html; charset=iso-8859-1
	Content-Length: 0

	</datacheck>

	</reply>

	# Client-side
	<client>
	#
	<server>
	http
	</server>
	<features>
	crypto
	</features>
	<name>
	HTTP GET --digest increasing nonce-count
	</name>
	# This test is to ensure the nonce-count (nc) increases
	# https://github.com/curl/curl/pull/1251
	<command>
	-u auser:apasswd --location --digest http://%HOSTIP:%HTTPPORT/%TESTNUMBER
	</command>
	</client>

	# Verify data after the test has been "shot"
	<verify>

	# Reorder the fields in 'Authorization: Digest' header.
	# Since regular and SSPI digest auth header fields may not have the same order
	# or whitespace we homogenize so that both may be tested. Also:
	# - Remove the unique value from cnonce if in RFC format
	# - Remove the unique value from response if in RFC format
	# - Remove quotes from qop="auth" used by SSPI
	# The if statement is one line because runtests evaluates one line at a time.
	<strippart>
	if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map { s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/; s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort split(/, */, $2)) . $3; }
	</strippart>
	<protocol>
	GET /%TESTNUMBER HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	User-Agent: curl/%VERSION
	Accept: /

	GET /%TESTNUMBER HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER", username="auser"
	User-Agent: curl/%VERSION
	Accept: /

	GET /%TESTNUMBER0001 HTTP/1.1
	Host: %HOSTIP:%HTTPPORT
	Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER0001", username="auser"
	User-Agent: curl/%VERSION
	Accept: /

	</protocol>
	</verify>
	</testcase>