mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
Spacen Jasset reported a problem with doing POST (with data read with a
callback) over a proxy when NTLM is used as auth with the proxy. The bug also concerned Digest and was limited to using callback only. Spacen worked with us to provide a useful patch. I added the test case 547 and 548 to verify two variations of POST over proxy with NTLM.
This commit is contained in:
parent
59dc9085d1
commit
7d3ea12b62
9
CHANGES
9
CHANGES
@ -7,6 +7,13 @@
|
||||
Changelog
|
||||
|
||||
|
||||
Daniel S (5 Dec 2007)
|
||||
- Spacen Jasset reported a problem with doing POST (with data read with a
|
||||
callback) over a proxy when NTLM is used as auth with the proxy. The bug
|
||||
also concerned Digest and was limited to using callback only. Spacen worked
|
||||
with us to provide a useful patch. I added the test case 547 and 548 to
|
||||
verify two variations of POST over proxy with NTLM.
|
||||
|
||||
Daniel S (3 Dec 2007)
|
||||
- Ray Pekowski filed bug report #1842029
|
||||
(http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
|
||||
@ -43,7 +50,7 @@ Daniel S (25 Nov 2007)
|
||||
|
||||
Daniel S (24 Nov 2007)
|
||||
- Internal rearrangements, so that the previous struct HandleData is no more.
|
||||
It is now known is SingleRequest and the Curl_transfer_keeper struct within
|
||||
It is now known as SingleRequest and the Curl_transfer_keeper struct within
|
||||
that was remove entirely. This has the upside that there are less duplicate
|
||||
struct members that made it hard to see and remember what struct that was
|
||||
used to store what data. The transfer_keeper thing was once stored on a
|
||||
|
@ -33,6 +33,7 @@ This release includes the following bugfixes:
|
||||
buffers
|
||||
o no longer default-appends ;type= on FTP URLs thru proxies
|
||||
o SSL session id caching
|
||||
o POST with callback over proxy requiring NTLM or Digest
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
@ -52,6 +53,6 @@ advice from friends like these:
|
||||
|
||||
Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black,
|
||||
Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden,
|
||||
Emil Romanus, Alessandro Vesely, Ray Pekowski
|
||||
Emil Romanus, Alessandro Vesely, Ray Pekowski, Spacen Jasset
|
||||
|
||||
Thanks! (and sorry if I forgot to mention someone)
|
||||
|
@ -2687,9 +2687,11 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
|
||||
/* set the upload size to the progress meter */
|
||||
Curl_pgrsSetUploadSize(data, postsize?postsize:-1);
|
||||
|
||||
/* set the pointer to mark that we will send the post body using
|
||||
the read callback */
|
||||
http->postdata = (char *)&http->postdata;
|
||||
/* set the pointer to mark that we will send the post body using the
|
||||
read callback, but only if we're not in authenticate
|
||||
negotiation */
|
||||
if(!conn->bits.authneg)
|
||||
http->postdata = (char *)&http->postdata;
|
||||
}
|
||||
}
|
||||
/* issue the request */
|
||||
|
131
tests/data/test547
Normal file
131
tests/data/test547
Normal file
@ -0,0 +1,131 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP POST
|
||||
POST callback
|
||||
HTTP proxy NTLM auth
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
|
||||
<data>
|
||||
HTTP/1.1 407 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
|
||||
Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
|
||||
Proxy-Authenticate: NTLM
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Connection: close
|
||||
|
||||
This is not the real page
|
||||
</data>
|
||||
|
||||
# this is returned first since we get no proxy-auth
|
||||
<data1001>
|
||||
HTTP/1.1 407 Authorization Required to proxy me my dear
|
||||
Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
||||
Content-Length: 34
|
||||
|
||||
Hey you, authenticate or go away!
|
||||
</data1001>
|
||||
|
||||
# This is supposed to be returned when the server gets the second
|
||||
# Authorization: NTLM line passed-in from the client
|
||||
<data1002>
|
||||
HTTP/1.1 200 Things are fine in proxy land swsclose
|
||||
Server: Microsoft-IIS/5.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 42
|
||||
|
||||
Contents of that page you requested, sir.
|
||||
</data1002>
|
||||
|
||||
<datacheck>
|
||||
HTTP/1.1 407 Authorization Required swsclose
|
||||
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
|
||||
Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts"
|
||||
Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts"
|
||||
Proxy-Authenticate: NTLM
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Connection: close
|
||||
|
||||
HTTP/1.1 407 Authorization Required to proxy me my dear
|
||||
Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
|
||||
Content-Length: 34
|
||||
|
||||
HTTP/1.1 200 Things are fine in proxy land swsclose
|
||||
Server: Microsoft-IIS/5.0
|
||||
Content-Type: text/html; charset=iso-8859-1
|
||||
Content-Length: 42
|
||||
|
||||
Contents of that page you requested, sir.
|
||||
</datacheck>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
# tool to use
|
||||
<tool>
|
||||
lib547
|
||||
</tool>
|
||||
<features>
|
||||
NTLM
|
||||
</features>
|
||||
<name>
|
||||
HTTP proxy auth NTLM with POST data from read callback
|
||||
</name>
|
||||
<command>
|
||||
http://test.remote.server.com/path/547 http://%HOSTIP:%HTTPPORT s1lly:pers0n
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent: curl/.*
|
||||
</strip>
|
||||
# We strip off a large chunk of the type-2 NTLM message since it depends on
|
||||
# the local host name and thus differs on different machines!
|
||||
<strippart>
|
||||
s/^(Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA).*/$1/
|
||||
</strippart>
|
||||
<protocol>
|
||||
POST http://test.remote.server.com/path/547 HTTP/1.1
|
||||
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: test.remote.server.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 36
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
this is the blurb we want to upload
|
||||
POST http://test.remote.server.com/path/547 HTTP/1.1
|
||||
Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
|
||||
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: test.remote.server.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 0
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
POST http://test.remote.server.com/path/547 HTTP/1.1
|
||||
Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQAFAHAAAAA
|
||||
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
|
||||
Host: test.remote.server.com
|
||||
Pragma: no-cache
|
||||
Accept: */*
|
||||
Proxy-Connection: Keep-Alive
|
||||
Content-Length: 36
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
this is the blurb we want to upload
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
@ -3,7 +3,6 @@
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP POST
|
||||
--proxy-anyauth
|
||||
HTTP proxy NTLM auth
|
||||
</keywords>
|
||||
</info>
|
||||
|
@ -20,21 +20,49 @@
|
||||
static size_t readcallback(void *ptr,
|
||||
size_t size,
|
||||
size_t nmemb,
|
||||
void *stream)
|
||||
void *clientp)
|
||||
{
|
||||
(void)stream; /* unused */
|
||||
int *counter = (int *)clientp;
|
||||
|
||||
if(*counter) {
|
||||
/* only do this once and then require a clearing of this */
|
||||
fprintf(stderr, "READ ALREADY DONE!\n");
|
||||
return 0;
|
||||
}
|
||||
(*counter)++; /* bump */
|
||||
|
||||
if(size * nmemb > strlen(UPLOADTHIS)) {
|
||||
fprintf(stderr, "READ!\n");
|
||||
strcpy(ptr, UPLOADTHIS);
|
||||
return strlen(UPLOADTHIS);
|
||||
}
|
||||
fprintf(stderr, "READ NOT FINE!\n");
|
||||
return 0;
|
||||
}
|
||||
static curlioerr ioctlcallback(CURL *handle,
|
||||
int cmd,
|
||||
void *clientp)
|
||||
{
|
||||
int *counter = (int *)clientp;
|
||||
(void)handle; /* unused */
|
||||
if(cmd == CURLIOCMD_RESTARTREAD) {
|
||||
fprintf(stderr, "REWIND!\n");
|
||||
*counter = 0; /* clear counter to make the read callback restart */
|
||||
}
|
||||
return CURLIOE_OK;
|
||||
}
|
||||
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
int test(char *URL)
|
||||
{
|
||||
CURLcode res;
|
||||
CURL *curl;
|
||||
#ifndef LIB548
|
||||
int counter=0;
|
||||
#endif
|
||||
|
||||
if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
|
||||
fprintf(stderr, "curl_global_init() failed\n");
|
||||
@ -51,10 +79,18 @@ int test(char *URL)
|
||||
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
|
||||
curl_easy_setopt(curl, CURLOPT_HEADER, TRUE);
|
||||
#ifdef LIB548
|
||||
/* set the data to POST with a mere pointer to a zero-terminated string */
|
||||
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, UPLOADTHIS);
|
||||
#else
|
||||
/* 547 style */
|
||||
/* 547 style, which means reading the POST data from a callback */
|
||||
curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, ioctlcallback);
|
||||
curl_easy_setopt(curl, CURLOPT_IOCTLDATA, &counter);
|
||||
curl_easy_setopt(curl, CURLOPT_READFUNCTION, readcallback);
|
||||
curl_easy_setopt(curl, CURLOPT_READDATA, &counter);
|
||||
/* TODO: We should be able to do the POST fine without setting the size
|
||||
and we should do a test to verify that but until we do that we set
|
||||
the size of the request-body */
|
||||
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, strlen(UPLOADTHIS));
|
||||
#endif
|
||||
curl_easy_setopt(curl, CURLOPT_POST, 1);
|
||||
curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2);
|
||||
|
Loading…
Reference in New Issue
Block a user