1/***************************************************************************
2 *                                  _   _ ____  _
3 *  Project                     ___| | | |  _ \| |
4 *                             / __| | | | |_) | |
5 *                            | (__| |_| |  _ <| |___
6 *                             \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24/* argv1 = URL
25 * argv2 = main auth type
26 * argv3 = second auth type
27 */
28
29#include "test.h"
30#include "memdebug.h"
31
32static CURLcode send_request(CURL *curl, const char *url, int seq,
33                             long auth_scheme, const char *userpwd)
34{
35  CURLcode res;
36  size_t len = strlen(url) + 4 + 1;
37  char *full_url = malloc(len);
38  if(!full_url) {
39    fprintf(stderr, "Not enough memory for full url\n");
40    return CURLE_OUT_OF_MEMORY;
41  }
42
43  msnprintf(full_url, len, "%s%04d", url, seq);
44  fprintf(stderr, "Sending new request %d to %s with credential %s "
45          "(auth %ld)\n", seq, full_url, userpwd, auth_scheme);
46  test_setopt(curl, CURLOPT_URL, full_url);
47  test_setopt(curl, CURLOPT_VERBOSE, 1L);
48  test_setopt(curl, CURLOPT_HEADER, 1L);
49  test_setopt(curl, CURLOPT_HTTPGET, 1L);
50  test_setopt(curl, CURLOPT_USERPWD, userpwd);
51  test_setopt(curl, CURLOPT_HTTPAUTH, auth_scheme);
52
53  res = curl_easy_perform(curl);
54
55test_cleanup:
56  free(full_url);
57  return res;
58}
59
60static CURLcode send_wrong_password(CURL *curl, const char *url, int seq,
61                                    long auth_scheme)
62{
63    return send_request(curl, url, seq, auth_scheme, "testuser:wrongpass");
64}
65
66static CURLcode send_right_password(CURL *curl, const char *url, int seq,
67                                    long auth_scheme)
68{
69    return send_request(curl, url, seq, auth_scheme, "testuser:testpass");
70}
71
72static long parse_auth_name(const char *arg)
73{
74  if(!arg)
75    return CURLAUTH_NONE;
76  if(curl_strequal(arg, "basic"))
77    return CURLAUTH_BASIC;
78  if(curl_strequal(arg, "digest"))
79    return CURLAUTH_DIGEST;
80  if(curl_strequal(arg, "ntlm"))
81    return CURLAUTH_NTLM;
82  return CURLAUTH_NONE;
83}
84
85int test(char *url)
86{
87  CURLcode res;
88  CURL *curl = NULL;
89
90  long main_auth_scheme = parse_auth_name(libtest_arg2);
91  long fallback_auth_scheme = parse_auth_name(libtest_arg3);
92
93  if(main_auth_scheme == CURLAUTH_NONE ||
94      fallback_auth_scheme == CURLAUTH_NONE) {
95    fprintf(stderr, "auth schemes not found on commandline\n");
96    return TEST_ERR_MAJOR_BAD;
97  }
98
99  if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
100    fprintf(stderr, "curl_global_init() failed\n");
101    return TEST_ERR_MAJOR_BAD;
102  }
103
104  /* Send wrong password, then right password */
105
106  curl = curl_easy_init();
107  if(!curl) {
108    fprintf(stderr, "curl_easy_init() failed\n");
109    curl_global_cleanup();
110    return TEST_ERR_MAJOR_BAD;
111  }
112
113  res = send_wrong_password(curl, url, 100, main_auth_scheme);
114  if(res != CURLE_OK)
115    goto test_cleanup;
116
117  res = send_right_password(curl, url, 200, fallback_auth_scheme);
118  if(res != CURLE_OK)
119    goto test_cleanup;
120
121  curl_easy_cleanup(curl);
122
123  /* Send wrong password twice, then right password */
124  curl = curl_easy_init();
125  if(!curl) {
126    fprintf(stderr, "curl_easy_init() failed\n");
127    curl_global_cleanup();
128    return TEST_ERR_MAJOR_BAD;
129  }
130
131  res = send_wrong_password(curl, url, 300, main_auth_scheme);
132  if(res != CURLE_OK)
133    goto test_cleanup;
134
135  res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
136  if(res != CURLE_OK)
137    goto test_cleanup;
138
139  res = send_right_password(curl, url, 500, fallback_auth_scheme);
140  if(res != CURLE_OK)
141    goto test_cleanup;
142
143test_cleanup:
144
145  curl_easy_cleanup(curl);
146  curl_global_cleanup();
147
148  return (int)res;
149}
150