Curl_http_input_auth: handle multiple auths in WWW-Authenticate

   *

   */

  while(*start) {

#ifdef USE_HTTP_NEGOTIATE

    if(checkprefix("GSS-Negotiate", start) ||

       checkprefix("Negotiate", start)) {

      authp->avail |= CURLAUTH_GSSNEGOTIATE;

      if(data->state.negotiate.state == GSS_AUTHSENT) {

      /* if we sent GSS authentication in the outgoing request and we get this

         back, we're in trouble */

        /* if we sent GSS authentication in the outgoing request and we get

           this back, we're in trouble */

        infof(data, "Authentication problem. Ignoring this.\n");

        data->state.authproblem = TRUE;

      }

            /* We call this function on input Digest headers even if Digest

             * authentication isn't activated yet, as we need to store the

           * incoming data from this header in case we are gonna use Digest. */

             * incoming data from this header in case we are gonna use

             * Digest. */

            dig = Curl_input_digest(conn, (httpcode == 407)?TRUE:FALSE, start);

            if(CURLDIGEST_FINE != dig) {

            }

          }

    /* there may be multiple methods on one line, so keep reading */

    while(*start && *start != ',') /* read up to the next comma */

      start++;

    if(*start == ',') /* if we're on a comma, skip it */

      start++;

    while(*start && ISSPACE(*start))

      start++;

  }

  return CURLE_OK;

}

test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109	\

test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117	\

test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125	\

test1126 test1127 test1128 test1129 test1130 test1131 test1200 test1201	\

test1202 test1203 test1300 test1301 test1302 test1303 test1304 test1305	\

test1126 test1127 test1128 test1129 test1130 test1131 \

test1200 test1201 test1202 test1203 test1204 \

test1300 test1301 test1302 test1303 test1304 test1305	\

test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \

test1314 \

test2000 test2001 test2002 test2003 test2004

<testcase>

<info>

<keywords>

HTTP

HTTP GET

HTTP Basic auth

--anyauth

</keywords>

</info>

# Server-side

<reply>

<data>

HTTP/1.1 401 Authorization Required swsbounce

Server: Apache/1.3.27 (Darwin) PHP/4.1.2

WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun  fun"

Content-Type: text/html; charset=iso-8859-1

Content-Length: 26

This is not the real page

</data>

# This is supposed to be returned when the server gets the second request

<data1>

HTTP/1.1 200 OK

Server: Apache/1.3.27 (Darwin) PHP/4.1.2

Content-Type: text/html; charset=iso-8859-1

Content-Length: 23

This IS the real page!

</data1>

<datacheck>

HTTP/1.1 401 Authorization Required swsbounce

Server: Apache/1.3.27 (Darwin) PHP/4.1.2

WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun  fun"

Content-Type: text/html; charset=iso-8859-1

Content-Length: 26

HTTP/1.1 200 OK

Server: Apache/1.3.27 (Darwin) PHP/4.1.2

Content-Type: text/html; charset=iso-8859-1

Content-Length: 23

This IS the real page!

</datacheck>

</reply>

# Client-side

<client>

<server>

http

</server>

 <name>

HTTP with WWW-Authenticate and multiple auths in a single line

 </name>

 <command>

http://%HOSTIP:%HTTPPORT/1204 -u testuser:testpass --anyauth

</command>

</client>

# Verify data after the test has been "shot"

<verify>

<strip>

^User-Agent:.*

</strip>

<protocol>

GET /1204 HTTP/1.1

Host: %HOSTIP:%HTTPPORT

Accept: */*

GET /1204 HTTP/1.1

Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=

Host: %HOSTIP:%HTTPPORT

Accept: */*

</protocol>

</verify>

</testcase>