From 7d3ea12b625fd07d9d41a68e7cc2cd5322247584 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 5 Dec 2007 21:20:14 +0000
Subject: Spacen Jasset reported a problem with doing POST (with data read with
 a callback) over a proxy when NTLM is used as auth with the proxy. The bug
 also concerned Digest and was limited to using callback only. Spacen worked
 with us to provide a useful patch. I added the test case 547 and 548 to
 verify two variations of POST over proxy with NTLM.

---
 tests/data/test547     | 131 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/data/test548     |   1 -
 tests/libtest/lib547.c |  42 ++++++++++++++--
 3 files changed, 170 insertions(+), 4 deletions(-)
 create mode 100644 tests/data/test547

(limited to 'tests')

diff --git a/tests/data/test547 b/tests/data/test547
new file mode 100644
index 000000000..7b0c7324d
--- /dev/null
+++ b/tests/data/test547
@@ -0,0 +1,131 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+POST callback
+HTTP proxy NTLM auth
+</keywords>
+</info>
+# Server-side
+<reply>
+
+<data>
+HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+This is not the real page
+</data>
+
+# this is returned first since we get no proxy-auth
+<data1001>
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+Hey you, authenticate or go away!
+</data1001>
+
+# This is supposed to be returned when the server gets the second
+# Authorization: NTLM line passed-in from the client
+<data1002>
+HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir.
+</data1002>
+
+<datacheck>
+HTTP/1.1 407 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
+Proxy-Authenticate: NTLM
+Content-Type: text/html; charset=iso-8859-1
+Connection: close
+
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 34
+
+HTTP/1.1 200 Things are fine in proxy land swsclose
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 42
+
+Contents of that page you requested, sir.
+</datacheck>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool to use
+<tool>
+lib547
+</tool>
+<features>
+NTLM
+</features>
+ <name>
+HTTP proxy auth NTLM with POST data from read callback
+ </name>
+ <command>
+http://test.remote.server.com/path/547 http://%HOSTIP:%HTTPPORT s1lly:pers0n
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent: curl/.*
+</strip>
+# We strip off a large chunk of the type-2 NTLM message since it depends on
+# the local host name and thus differs on different machines!
+<strippart>
+s/^(Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA).*/$1/
+</strippart>
+<protocol>
+POST http://test.remote.server.com/path/547 HTTP/1.1
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 36
+Content-Type: application/x-www-form-urlencoded
+
+this is the blurb we want to upload
+POST http://test.remote.server.com/path/547 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST http://test.remote.server.com/path/547 HTTP/1.1
+Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA
+User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
+Host: test.remote.server.com
+Pragma: no-cache
+Accept: */*
+Proxy-Connection: Keep-Alive
+Content-Length: 36
+Content-Type: application/x-www-form-urlencoded
+
+this is the blurb we want to upload
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test548 b/tests/data/test548
index 04a1a6396..5db476386 100644
--- a/tests/data/test548
+++ b/tests/data/test548
@@ -3,7 +3,6 @@
 <keywords>
 HTTP
 HTTP POST
---proxy-anyauth
 HTTP proxy NTLM auth
 </keywords>
 </info>
diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c
index 0513911d6..2d4011213 100644
--- a/tests/libtest/lib547.c
+++ b/tests/libtest/lib547.c
@@ -20,21 +20,49 @@
 static size_t readcallback(void  *ptr,
                            size_t size,
                            size_t nmemb,
-                           void *stream)
+                           void *clientp)
 {
-  (void)stream; /* unused */
+  int *counter = (int *)clientp;
+
+  if(*counter) {
+    /* only do this once and then require a clearing of this */
+    fprintf(stderr, "READ ALREADY DONE!\n");
+    return 0;
+  }
+  (*counter)++; /* bump */
+
   if(size * nmemb > strlen(UPLOADTHIS)) {
+    fprintf(stderr, "READ!\n");
     strcpy(ptr, UPLOADTHIS);
     return strlen(UPLOADTHIS);
   }
+  fprintf(stderr, "READ NOT FINE!\n");
   return 0;
 }
+static curlioerr ioctlcallback(CURL *handle,
+                               int cmd,
+                               void *clientp)
+{
+  int *counter = (int *)clientp;
+  (void)handle; /* unused */
+  if(cmd == CURLIOCMD_RESTARTREAD) {
+    fprintf(stderr, "REWIND!\n");
+    *counter = 0; /* clear counter to make the read callback restart */
+  }
+  return CURLIOE_OK;
+}
+
+
+
 #endif
 
 int test(char *URL)
 {
   CURLcode res;
   CURL *curl;
+#ifndef LIB548
+  int counter=0;
+#endif
 
   if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     fprintf(stderr, "curl_global_init() failed\n");
@@ -51,10 +79,18 @@ int test(char *URL)
   curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
   curl_easy_setopt(curl, CURLOPT_HEADER, TRUE);
 #ifdef LIB548
+  /* set the data to POST with a mere pointer to a zero-terminated string */
   curl_easy_setopt(curl, CURLOPT_POSTFIELDS, UPLOADTHIS);
 #else
-  /* 547 style */
+  /* 547 style, which means reading the POST data from a callback */
+  curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, ioctlcallback);
+  curl_easy_setopt(curl, CURLOPT_IOCTLDATA, &counter);
   curl_easy_setopt(curl, CURLOPT_READFUNCTION, readcallback);
+  curl_easy_setopt(curl, CURLOPT_READDATA, &counter);
+  /* TODO: We should be able to do the POST fine without setting the size
+     and we should do a test to verify that but until we do that we set
+     the size of the request-body */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, strlen(UPLOADTHIS));
 #endif
   curl_easy_setopt(curl, CURLOPT_POST, 1);
   curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2);
-- 
cgit v1.2.3