1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at https://curl.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 /* argv1 = URL
23  * argv2 = main auth type
24  * argv3 = second auth type
25  */
26 
27 #include "test.h"
28 #include "memdebug.h"
29 
send_request(CURL * curl,const char * url,int seq,long auth_scheme,const char * userpwd)30 static CURLcode send_request(CURL *curl, const char *url, int seq,
31                              long auth_scheme, const char *userpwd)
32 {
33   CURLcode res;
34   size_t len = strlen(url) + 4 + 1;
35   char *full_url = malloc(len);
36   if(!full_url) {
37     fprintf(stderr, "Not enough memory for full url\n");
38     return CURLE_OUT_OF_MEMORY;
39   }
40 
41   msnprintf(full_url, len, "%s%04d", url, seq);
42   fprintf(stderr, "Sending new request %d to %s with credential %s "
43           "(auth %ld)\n", seq, full_url, userpwd, auth_scheme);
44   test_setopt(curl, CURLOPT_URL, full_url);
45   test_setopt(curl, CURLOPT_VERBOSE, 1L);
46   test_setopt(curl, CURLOPT_HEADER, 1L);
47   test_setopt(curl, CURLOPT_HTTPGET, 1L);
48   test_setopt(curl, CURLOPT_USERPWD, userpwd);
49   test_setopt(curl, CURLOPT_HTTPAUTH, auth_scheme);
50 
51   res = curl_easy_perform(curl);
52 
53 test_cleanup:
54   free(full_url);
55   return res;
56 }
57 
send_wrong_password(CURL * curl,const char * url,int seq,long auth_scheme)58 static CURLcode send_wrong_password(CURL *curl, const char *url, int seq,
59                                     long auth_scheme)
60 {
61     return send_request(curl, url, seq, auth_scheme, "testuser:wrongpass");
62 }
63 
send_right_password(CURL * curl,const char * url,int seq,long auth_scheme)64 static CURLcode send_right_password(CURL *curl, const char *url, int seq,
65                                     long auth_scheme)
66 {
67     return send_request(curl, url, seq, auth_scheme, "testuser:testpass");
68 }
69 
parse_auth_name(const char * arg)70 static long parse_auth_name(const char *arg)
71 {
72   if(!arg)
73     return CURLAUTH_NONE;
74   if(curl_strequal(arg, "basic"))
75     return CURLAUTH_BASIC;
76   if(curl_strequal(arg, "digest"))
77     return CURLAUTH_DIGEST;
78   if(curl_strequal(arg, "ntlm"))
79     return CURLAUTH_NTLM;
80   return CURLAUTH_NONE;
81 }
82 
test(char * url)83 int test(char *url)
84 {
85   CURLcode res;
86   CURL *curl = NULL;
87 
88   long main_auth_scheme = parse_auth_name(libtest_arg2);
89   long fallback_auth_scheme = parse_auth_name(libtest_arg3);
90 
91   if(main_auth_scheme == CURLAUTH_NONE ||
92       fallback_auth_scheme == CURLAUTH_NONE) {
93     fprintf(stderr, "auth schemes not found on commandline\n");
94     return TEST_ERR_MAJOR_BAD;
95   }
96 
97   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
98     fprintf(stderr, "curl_global_init() failed\n");
99     return TEST_ERR_MAJOR_BAD;
100   }
101 
102   /* Send wrong password, then right password */
103 
104   curl = curl_easy_init();
105   if(!curl) {
106     fprintf(stderr, "curl_easy_init() failed\n");
107     curl_global_cleanup();
108     return TEST_ERR_MAJOR_BAD;
109   }
110 
111   res = send_wrong_password(curl, url, 100, main_auth_scheme);
112   if(res != CURLE_OK)
113     goto test_cleanup;
114 
115   res = send_right_password(curl, url, 200, fallback_auth_scheme);
116   if(res != CURLE_OK)
117     goto test_cleanup;
118 
119   curl_easy_cleanup(curl);
120 
121   /* Send wrong password twice, then right password */
122   curl = curl_easy_init();
123   if(!curl) {
124     fprintf(stderr, "curl_easy_init() failed\n");
125     curl_global_cleanup();
126     return TEST_ERR_MAJOR_BAD;
127   }
128 
129   res = send_wrong_password(curl, url, 300, main_auth_scheme);
130   if(res != CURLE_OK)
131     goto test_cleanup;
132 
133   res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
134   if(res != CURLE_OK)
135     goto test_cleanup;
136 
137   res = send_right_password(curl, url, 500, fallback_auth_scheme);
138   if(res != CURLE_OK)
139     goto test_cleanup;
140 
141 test_cleanup:
142 
143   curl_easy_cleanup(curl);
144   curl_global_cleanup();
145 
146   return (int)res;
147 }
148