diff options
author | Daniel Stenberg <daniel@haxx.se> | 2011-11-06 17:28:28 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2011-11-06 17:28:28 +0100 |
commit | 2c09d21fdf16818d406db471de6e0db5d40b4ba2 (patch) | |
tree | c92dd6e8b8d03feb7ad938c06461fe90863aa145 /tests | |
parent | 4851dafcf164bf2de5bd33c3cf2b786422ed05b6 (diff) |
test 590: verify the bug fix in 4851dafcf1
This test is created to verify Rene Bernhardt's patch which makes sure
libcurl properly _not_ deals with Negotiate if not asked to even if the
proxy says it can serve it.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/data/Makefile.am | 1 | ||||
-rw-r--r-- | tests/data/test590 | 123 | ||||
-rw-r--r-- | tests/libtest/Makefile.inc | 5 | ||||
-rw-r--r-- | tests/libtest/lib590.c | 71 |
4 files changed, 199 insertions, 1 deletions
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index fc1b28a08..ff6c1d3f8 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -48,6 +48,7 @@ test551 test552 test553 test554 test555 test556 test557 test560 test561 \ test562 test563 test564 test565 test566 test567 test568 test569 test570 \ test571 test572 test573 test574 test575 test576 test578 test579 test580 \ test581 test582 test583 test584 test585 test586 test587 test588 test589 \ +test590 \ test600 test601 test602 test603 test604 \ test605 test606 test607 test608 test609 test610 test611 test612 test613 \ test614 test615 test616 test617 test618 test619 test620 test621 test622 \ diff --git a/tests/data/test590 b/tests/data/test590 new file mode 100644 index 000000000..f50664d8f --- /dev/null +++ b/tests/data/test590 @@ -0,0 +1,123 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP POST +POST callback +HTTP proxy +HTTP proxy NTLM auth +</keywords> +</info> +# Server-side +<reply> + +<data> +HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Negotiate
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+This is not the real page +</data> + +# this is returned first since we get no proxy-auth +<data1001> +HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+Hey you, authenticate or go away! +</data1001> + +# This is supposed to be returned when the server gets the second +# Authorization: NTLM line passed-in from the client +<data1002> +HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir. +</data1002> + +<datacheck> +HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Negotiate
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir. +</datacheck> +</reply> + +# Client-side +<client> +<server> +http +</server> +# tool to use +<tool> +lib590 +</tool> +<features> +NTLM +</features> + <name> +HTTP proxy offers Negotiate+NTLM, use only NTLM + </name> + <setenv> +# we force our own host name, in order to make the test machine independent +CURL_GETHOSTNAME=curlhost +# we try to use the LD_PRELOAD hack, if not a debug build +LD_PRELOAD=%PWD/libtest/.libs/libhostname.so + </setenv> + <command> +http://test.remote.example.com/path/590 http://%HOSTIP:%HTTPPORT +</command> +<precheck> +chkhostname curlhost +</precheck> +</client> + +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent: curl/.* +</strip> +<protocol> +GET http://test.remote.example.com/path/590 HTTP/1.1
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://test.remote.example.com/path/590 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://test.remote.example.com/path/590 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAAAgACAHAAAAAIAAgAcgAAAAAAAAAAAAAABoKBAAQt1KW5CgG4YdWWcfXyfXBz1ZMCzYp37xYjBiAizmw58O6eQS7yR66eqYGWeSwl9W1lY3VybGhvc3Q=
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol> +</verify> +</testcase> diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 5cfabf487..86e5e9999 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -15,7 +15,8 @@ noinst_PROGRAMS = chkhostname \ lib579 lib529 lib530 lib532 lib533 lib536 lib537 lib540 lib541 lib542 \ lib543 lib544 lib545 lib547 lib548 lib549 lib552 lib553 lib554 lib555 \ lib556 lib539 lib557 lib560 lib562 lib564 lib565 lib566 lib567 lib568 \ - lib569 lib570 lib571 lib572 lib573 lib582 lib583 lib585 lib587 lib589 + lib569 lib570 lib571 lib572 lib573 lib582 lib583 lib585 lib587 lib589 \ + lib590 chkhostname_SOURCES = chkhostname.c $(top_srcdir)/lib/curl_gethostname.c chkhostname_LDADD = @CURL_NETWORK_LIBS@ @@ -171,3 +172,5 @@ lib587_SOURCES = lib554.c $(SUPPORTFILES) lib587_CPPFLAGS = $(AM_CPPFLAGS) -DLIB587 lib589_SOURCES = lib589.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) + +lib590_SOURCES = lib590.c $(SUPPORTFILES) diff --git a/tests/libtest/lib590.c b/tests/libtest/lib590.c new file mode 100644 index 000000000..75c90d53f --- /dev/null +++ b/tests/libtest/lib590.c @@ -0,0 +1,71 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at http://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +/* + Based on a bug report recipe by Rene Bernhardt in + http://curl.haxx.se/mail/lib-2011-10/0323.html + + It is reproducible by the following steps: + + - Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and + CURLOPT_PROXYPORT ) + - Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH, + CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM ) + - Start the request +*/ + +#include "memdebug.h" + +int test(char *URL) +{ + CURLcode res; + CURL *curl; + + if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + fprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + if ((curl = curl_easy_init()) == NULL) { + fprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_HEADER, 1L); + test_setopt(curl, CURLOPT_PROXYAUTH, + CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM); + test_setopt(curl, CURLOPT_PROXY, libtest_arg2); /* set in first.c */ + test_setopt(curl, CURLOPT_PROXYUSERPWD, "me:password"); + + res = curl_easy_perform(curl); + + test_cleanup: + + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return (int)res; +} + |