From: Amos Jeffries <yadij@users.noreply.github.com>
Date: Mon, 8 Oct 2018 00:11:14 +0000 (+0000)
Subject: ntlm_fake_auth: add ability to test delayed responses (#294)
X-Git-Tag: M-staged-PR294
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7dba4ac446341548a0b101489785f2cef9a33caa;p=thirdparty%2Fsquid.git

ntlm_fake_auth: add ability to test delayed responses (#294)

Add a -t parameter which sets a timeout to artificially delay
authentication responses by a fixed amount longer than their
normal delay.

This enables the fake authenticator to be used to test NTLM
client and Squid behaviour under various network latency and
stress conditions which delay ActiveDirectory responses.
---

diff --git a/src/auth/ntlm/fake/ntlm_fake_auth.cc b/src/auth/ntlm/fake/ntlm_fake_auth.cc
index 0c43cf6e7c..fa1e568cbd 100644
--- a/src/auth/ntlm/fake/ntlm_fake_auth.cc
+++ b/src/auth/ntlm/fake/ntlm_fake_auth.cc
@@ -40,6 +40,7 @@
 #include "ntlmauth/support_bits.cci"
 
 #include <cctype>
+#include <chrono>
 #include <cstring>
 #if HAVE_CRYPT_H
 #include <crypt.h>
@@ -50,6 +51,7 @@
 #if HAVE_GETOPT_H
 #include <getopt.h>
 #endif
+#include <thread>
 
 /* A couple of harmless helper macros */
 #define SEND(X) {debug("sending '%s' to squid\n",X); printf(X "\n");}
@@ -67,6 +69,7 @@
 const char *authenticate_ntlm_domain = "WORKGROUP";
 int strip_domain_enabled = 0;
 int NTLM_packet_debug_enabled = 0;
+unsigned int response_delay = 0;
 
 /*
  * options:
@@ -80,9 +83,10 @@ static void
 usage(void)
 {
     fprintf(stderr,
-            "Usage: %s [-d] [-v] [-h]\n"
+            "Usage: %s [-d] [-t N] [-v] [-h]\n"
             " -d  enable debugging.\n"
             " -S  strip domain from username.\n"
+            " -t  timeout to delay responses (milliseconds).\n"
             " -v  enable verbose NTLM packet debugging.\n"
             " -h  this message\n\n",
             my_program_name);
@@ -94,7 +98,7 @@ process_options(int argc, char *argv[])
     int opt, had_error = 0;
 
     opterr = 0;
-    while (-1 != (opt = getopt(argc, argv, "hdvS"))) {
+    while (-1 != (opt = getopt(argc, argv, "hdvSt:"))) {
         switch (opt) {
         case 'd':
             debug_enabled = 1;
@@ -106,6 +110,13 @@ process_options(int argc, char *argv[])
         case 'S':
             strip_domain_enabled = 1;
             break;
+        case 't':
+            if (!xstrtoui(optarg, nullptr, &response_delay, 0, 86400)) {
+                fprintf(stderr, "ERROR: invalid parameter value for -t '%s'", optarg);
+                usage();
+                had_error = 1;
+            }
+            break;
         case 'h':
             usage();
             exit(EXIT_SUCCESS);
@@ -172,6 +183,10 @@ main(int argc, char *argv[])
         } else
             debug("Got '%s' from Squid\n", buf);
 
+        if (response_delay > 0) {
+            std::this_thread::sleep_for(std::chrono::milliseconds(response_delay));
+        }
+
         if (strncmp(buf, "YR", 2) == 0) {
             char nonce[NTLM_NONCE_LEN];
             ntlm_challenge chal;