diff options
author | Daniel Stenberg <daniel@haxx.se> | 2007-12-05 21:20:14 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2007-12-05 21:20:14 +0000 |
commit | 7d3ea12b625fd07d9d41a68e7cc2cd5322247584 (patch) | |
tree | 7e8a964e4e70c54fd847390a0ad280524afb2c76 | |
parent | 59dc9085d15fc069798eef92e41e4c72838ed990 (diff) |
Spacen Jasset reported a problem with doing POST (with data read with a
callback) over a proxy when NTLM is used as auth with the proxy. The bug
also concerned Digest and was limited to using callback only. Spacen worked
with us to provide a useful patch. I added the test case 547 and 548 to
verify two variations of POST over proxy with NTLM.
-rw-r--r-- | CHANGES | 9 | ||||
-rw-r--r-- | RELEASE-NOTES | 3 | ||||
-rw-r--r-- | lib/http.c | 8 | ||||
-rw-r--r-- | tests/data/test547 | 131 | ||||
-rw-r--r-- | tests/data/test548 | 1 | ||||
-rw-r--r-- | tests/libtest/lib547.c | 42 |
6 files changed, 185 insertions, 9 deletions
@@ -7,6 +7,13 @@ Changelog +Daniel S (5 Dec 2007) +- Spacen Jasset reported a problem with doing POST (with data read with a + callback) over a proxy when NTLM is used as auth with the proxy. The bug + also concerned Digest and was limited to using callback only. Spacen worked + with us to provide a useful patch. I added the test case 547 and 548 to + verify two variations of POST over proxy with NTLM. + Daniel S (3 Dec 2007) - Ray Pekowski filed bug report #1842029 (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a @@ -43,7 +50,7 @@ Daniel S (25 Nov 2007) Daniel S (24 Nov 2007) - Internal rearrangements, so that the previous struct HandleData is no more. - It is now known is SingleRequest and the Curl_transfer_keeper struct within + It is now known as SingleRequest and the Curl_transfer_keeper struct within that was remove entirely. This has the upside that there are less duplicate struct members that made it hard to see and remember what struct that was used to store what data. The transfer_keeper thing was once stored on a diff --git a/RELEASE-NOTES b/RELEASE-NOTES index b4cb07dc8..d69a091cd 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -33,6 +33,7 @@ This release includes the following bugfixes: buffers o no longer default-appends ;type= on FTP URLs thru proxies o SSL session id caching + o POST with callback over proxy requiring NTLM or Digest This release includes the following known bugs: @@ -52,6 +53,6 @@ advice from friends like these: Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black, Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden, - Emil Romanus, Alessandro Vesely, Ray Pekowski + Emil Romanus, Alessandro Vesely, Ray Pekowski, Spacen Jasset Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/http.c b/lib/http.c index 7cfb23f3c..70418af96 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2687,9 +2687,11 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) /* set the upload size to the progress meter */ Curl_pgrsSetUploadSize(data, postsize?postsize:-1); - /* set the pointer to mark that we will send the post body using - the read callback */ - http->postdata = (char *)&http->postdata; + /* set the pointer to mark that we will send the post body using the + read callback, but only if we're not in authenticate + negotiation */ + if(!conn->bits.authneg) + http->postdata = (char *)&http->postdata; } } /* issue the request */ diff --git a/tests/data/test547 b/tests/data/test547 new file mode 100644 index 000000000..7b0c7324d --- /dev/null +++ b/tests/data/test547 @@ -0,0 +1,131 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP POST +POST callback +HTTP proxy NTLM auth +</keywords> +</info> +# Server-side +<reply> + +<data> +HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+This is not the real page +</data> + +# this is returned first since we get no proxy-auth +<data1001> +HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+Hey you, authenticate or go away! +</data1001> + +# This is supposed to be returned when the server gets the second +# Authorization: NTLM line passed-in from the client +<data1002> +HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir. +</data1002> + +<datacheck> +HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir. +</datacheck> +</reply> + +# Client-side +<client> +<server> +http +</server> +# tool to use +<tool> +lib547 +</tool> +<features> +NTLM +</features> + <name> +HTTP proxy auth NTLM with POST data from read callback + </name> + <command> +http://test.remote.server.com/path/547 http://%HOSTIP:%HTTPPORT s1lly:pers0n +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent: curl/.* +</strip> +# We strip off a large chunk of the type-2 NTLM message since it depends on +# the local host name and thus differs on different machines! +<strippart> +s/^(Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA).*/$1/ +</strippart> +<protocol> +POST http://test.remote.server.com/path/547 HTTP/1.1
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 36
+Content-Type: application/x-www-form-urlencoded
+
+this is the blurb we want to upload +POST http://test.remote.server.com/path/547 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST http://test.remote.server.com/path/547 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA +User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 36
+Content-Type: application/x-www-form-urlencoded
+
+this is the blurb we want to upload +</protocol> +</verify> +</testcase> diff --git a/tests/data/test548 b/tests/data/test548 index 04a1a6396..5db476386 100644 --- a/tests/data/test548 +++ b/tests/data/test548 @@ -3,7 +3,6 @@ <keywords> HTTP HTTP POST ---proxy-anyauth HTTP proxy NTLM auth </keywords> </info> diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c index 0513911d6..2d4011213 100644 --- a/tests/libtest/lib547.c +++ b/tests/libtest/lib547.c @@ -20,21 +20,49 @@ static size_t readcallback(void *ptr, size_t size, size_t nmemb, - void *stream) + void *clientp) { - (void)stream; /* unused */ + int *counter = (int *)clientp; + + if(*counter) { + /* only do this once and then require a clearing of this */ + fprintf(stderr, "READ ALREADY DONE!\n"); + return 0; + } + (*counter)++; /* bump */ + if(size * nmemb > strlen(UPLOADTHIS)) { + fprintf(stderr, "READ!\n"); strcpy(ptr, UPLOADTHIS); return strlen(UPLOADTHIS); } + fprintf(stderr, "READ NOT FINE!\n"); return 0; } +static curlioerr ioctlcallback(CURL *handle, + int cmd, + void *clientp) +{ + int *counter = (int *)clientp; + (void)handle; /* unused */ + if(cmd == CURLIOCMD_RESTARTREAD) { + fprintf(stderr, "REWIND!\n"); + *counter = 0; /* clear counter to make the read callback restart */ + } + return CURLIOE_OK; +} + + + #endif int test(char *URL) { CURLcode res; CURL *curl; +#ifndef LIB548 + int counter=0; +#endif if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { fprintf(stderr, "curl_global_init() failed\n"); @@ -51,10 +79,18 @@ int test(char *URL) curl_easy_setopt(curl, CURLOPT_VERBOSE, 1); curl_easy_setopt(curl, CURLOPT_HEADER, TRUE); #ifdef LIB548 + /* set the data to POST with a mere pointer to a zero-terminated string */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, UPLOADTHIS); #else - /* 547 style */ + /* 547 style, which means reading the POST data from a callback */ + curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, ioctlcallback); + curl_easy_setopt(curl, CURLOPT_IOCTLDATA, &counter); curl_easy_setopt(curl, CURLOPT_READFUNCTION, readcallback); + curl_easy_setopt(curl, CURLOPT_READDATA, &counter); + /* TODO: We should be able to do the POST fine without setting the size + and we should do a test to verify that but until we do that we set + the size of the request-body */ + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, strlen(UPLOADTHIS)); #endif curl_easy_setopt(curl, CURLOPT_POST, 1); curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); |