NTLM: set a fake entropy for debug builds with CURL_ENTROPY set

Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.

Also, fake timestamp with CURL_FORCETIME set.

Only when built debug enabled of course.

Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.

create_digest_md5_message: generate base64 instead of hex string

curl_sasl: also fix memory leaks in some OOM situations

1 files changed, 7 insertions, 12 deletions

diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index 4f30cc6e7..b01162624 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -562,19 +562,14 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
   CURLcode res = CURLE_OK;
 
   /* Calculate the timestamp */
-#if defined(HAVE_LONGLONG)
-#if defined(DEBUGBUILD)
-  tw = 11644473600ULL * 10000000ULL;
-#else
-  tw = ((long long)time(NULL) + 11644473600ULL) * 10000000ULL;
-#endif
-#else
-#if defined(DEBUGBUILD)
-  tw = 11644473600ui64 * 10000000ui64;
-#else
-  tw = ((__int64)time(NULL) + 11644473600ui64) * 10000000ui64;
-#endif
+#ifdef DEBUGBUILD
+  char *force_timestamp = getenv("CURL_FORCETIME");
+  if(force_timestamp)
+    tw = 11644473600ULL * 10000000ULL;
+  else
 #endif
+  tw = ((long long)time(NULL) + 11644473600ULL) * 10000000ULL;
+
   /* Calculate the response len */
   len = NTLM_HMAC_MD5_LEN + NTLMv2_BLOB_LEN;