Merge pull request #114 from puzza007/ntlm

NTLM support

Author: puzza007

README.md

@@ -120,11 +120,13 @@ katipo:Method(Pool :: atom(), URL :: binary(), ReqOptions :: map()).
 | `unix_socket_path`      | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_UNIX_SOCKET_PATH.html) curl >= 7.40.0 |
 | `lock_data_ssl_session` | `boolean()`                   | `false`     | [docs](https://curl.haxx.se/libcurl/c/curl_share_setopt.html) curl >= 7.23.0        |
 | `doh_url`               | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_DOH_URL.html) curl >= 7.62.0          |
-| `http_version`          | `curl_http_version_none` <br> `curl_http_version_1_0` <br> `curl_http_version_1_1` <br> `curl_http_version_2_0` <br> `curl_http_version_2tls` <br> `curl_http_version_2_prior_knowledge` | `curl_http_version_none` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_HTTP_VERSION.html) curl >= 7.62.0          |
-| `sslcert`               | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLCERT.html)                       |
-| `sslkey`                | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLKEY.html)                        |
-| `sslkey_blob`           | `binary()` (DER format)       | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLKEY_BLOB.html) curl >= 7.71.0    |
-| `keypasswd`             | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_KEYPASSWD.html)                     |
+| `http_version`          | `curl_http_version_none` <br> `curl_http_version_1_0` <br> `curl_http_version_1_1` <br> `curl_http_version_2_0` <br> `curl_http_version_2tls` <br> `curl_http_version_2_prior_knowledge` | `curl_http_version_none` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_HTTP_VERSION.html) curl >= 7.62.0 |
+| `sslcert`               | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLCERT.html)                         |
+| `sslkey`                | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLKEY.html)                          |
+| `sslkey_blob`           | `binary()` (DER format)       | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_SSLKEY_BLOB.html) curl >= 7.71.0      |
+| `keypasswd`             | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_KEYPASSWD.html)                       |
+| `http_auth`             | `basic | digest | ntlm`       | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_HTTPAUTH.html)                        |
+| `userpwd`               | `binary()`                    | `undefined` | [docs](https://curl.haxx.se/libcurl/c/CURLOPT_USERPWD.html)                         |
 
 #### Responses
 

c_src/katipo.c

@@ -45,10 +45,12 @@
 #define K_CURLOPT_SSLKEY 25
 #define K_CURLOPT_SSLKEY_BLOB 26
 #define K_CURLOPT_KEYPASSWD 27
+#define K_CURLOPT_USERPWD 28
 
 #define K_CURLAUTH_BASIC 100
 #define K_CURLAUTH_DIGEST 101
 #define K_CURLAUTH_UNDEFINED 102
+#define K_CURLAUTH_NTLM 103
 
 struct bufferevent *to_erlang;
 struct bufferevent *from_erlang;
@@ -123,6 +125,7 @@ typedef struct _EasyOpts {
   char *curlopt_sslkey_blob;
   long curlopt_sslkey_blob_size;
   char *curlopt_keypasswd;
+  char *curlopt_userpwd;
 } EasyOpts;
 
 static const char *curl_error_code(CURLcode error) {
@@ -867,6 +870,11 @@ static void new_conn(long method, char *url, struct curl_slist *req_headers,
     curl_easy_setopt(conn->easy, CURLOPT_KEYPASSWD, "");
   }
 
+  if (eopts.curlopt_userpwd != NULL) {
+    curl_easy_setopt(conn->easy, CURLOPT_USERPWD,
+                     eopts.curlopt_userpwd);
+  }
+
   free(eopts.curlopt_capath);
   free(eopts.curlopt_cacert);
   free(eopts.curlopt_username);
@@ -879,6 +887,7 @@ static void new_conn(long method, char *url, struct curl_slist *req_headers,
   free(eopts.curlopt_sslkey);
   free(eopts.curlopt_sslkey_blob);
   free(eopts.curlopt_keypasswd);
+  free(eopts.curlopt_userpwd);
 
   set_method(method, conn);
   rc = curl_multi_add_handle(global->multi, conn->easy);
@@ -1046,6 +1055,7 @@ static void erl_input(struct bufferevent *ev, void *arg) {
     eopts.curlopt_sslkey_blob = NULL;
     eopts.curlopt_sslkey_blob_size = 0;
     eopts.curlopt_keypasswd = NULL;
+    eopts.curlopt_userpwd = NULL;
 
     if (ei_decode_list_header(buf, &index, &num_eopts)) {
       errx(2, "Couldn't decode eopts length");
@@ -1092,6 +1102,8 @@ static void erl_input(struct bufferevent *ev, void *arg) {
             eopts.curlopt_http_auth = CURLAUTH_BASIC;
           } else if (eopt_long == K_CURLAUTH_DIGEST) {
             eopts.curlopt_http_auth = CURLAUTH_DIGEST;
+          } else if (eopt_long == K_CURLAUTH_NTLM) {
+            eopts.curlopt_http_auth = CURLAUTH_NTLM;
           } else if (eopt_long != K_CURLAUTH_UNDEFINED) {
             errx(2, "Unknown curlopt_http_auth value %ld", eopt_long);
           }
@@ -1153,6 +1165,9 @@ static void erl_input(struct bufferevent *ev, void *arg) {
         case K_CURLOPT_KEYPASSWD:
           eopts.curlopt_keypasswd = eopt_binary;
           break;
+        case K_CURLOPT_USERPWD:
+          eopts.curlopt_userpwd = eopt_binary;
+          break;
         default:
           errx(2, "Unknown eopt binary value %ld", eopt);
         }

rebar.config

@@ -41,8 +41,7 @@
 
 {plugins, [rebar3_hex,
            rebar3_proper,
-           {coveralls, "1.4.0"},
-           geas_rebar3]}.
+           {coveralls, "1.4.0"}]}.
 {cover_enabled, true}.
 {cover_export_enabled, true}.
 {coveralls_coverdata, "_build/test/cover/ct.coverdata"}.

src/katipo.app.src

@@ -1,6 +1,6 @@
 {application, 'katipo',
  [{description, "HTTP client based on libcurl"},
-  {vsn, "1.0.1"},
+  {vsn, "1.0.2"},
   {registered, []},
   {mod, {'katipo_app', []}},
   {applications,

src/katipo.erl

@@ -99,6 +99,7 @@
 -define(sslkey, 25).
 -define(sslkey_blob, 26).
 -define(keypasswd, 27).
+-define(userpwd, 28).
 
 -define(DEFAULT_REQ_TIMEOUT, 30000).
 -define(FOLLOWLOCATION_TRUE, 1).
@@ -110,6 +111,7 @@
 -define(CURLAUTH_BASIC, 100).
 -define(CURLAUTH_DIGEST, 101).
 -define(CURLAUTH_UNDEFINED, 102).
+-define(CURLAUTH_NTLM, 103).
 -define(TCP_FASTOPEN_FALSE, 0).
 -define(TCP_FASTOPEN_TRUE, 1).
 -define(LOCK_DATA_SSL_SESSION_FALSE, 0).
@@ -256,8 +258,8 @@
                            metrics => proplists:proplist()}} |
                     {error, #{code := error_code(),
                               message := error_msg()}}.
--type http_auth() :: basic | digest.
--type http_auth_int() :: ?CURLAUTH_UNDEFINED | ?CURLAUTH_BASIC | ?CURLAUTH_DIGEST.
+-type http_auth() :: basic | digest | ntlm.
+-type http_auth_int() :: ?CURLAUTH_UNDEFINED | ?CURLAUTH_BASIC | ?CURLAUTH_DIGEST | ?CURLAUTH_NTLM.
 -type pipelining() :: nothing | http1 | multiplex.
 -type curlopt_http_version() :: curl_http_version_none |
                                 curl_http_version_1_0 |
@@ -316,7 +318,8 @@
           sslcert = undefined :: undefined | binary() | file:name_all(),
           sslkey = undefined :: undefined | binary() | file:name_all(),
           sslkey_blob = undefined :: undefined | binary(),
-          keypasswd = undefined :: undefined | binary()
+          keypasswd = undefined :: undefined | binary(),
+          userpwd = undefined :: undefined | binary()
          }).
 
 tcp_fastopen_available() ->
@@ -455,7 +458,8 @@ handle_call(#req{method = Method,
                  sslcert = SSLCert,
                  sslkey = SSLKey,
                  sslkey_blob = SSLKeyBlob,
-                 keypasswd = KeyPasswd},
+                 keypasswd = KeyPasswd,
+                 userpwd = UserPwd},
              From,
              State=#state{port=Port, reqs=Reqs}) ->
     {Self, Ref} = From,
@@ -481,7 +485,8 @@ handle_call(#req{method = Method,
             {?sslcert, SSLCert},
             {?sslkey, SSLKey},
             {?sslkey_blob, SSLKeyBlob},
-            {?keypasswd, KeyPasswd}],
+            {?keypasswd, KeyPasswd},
+            {?userpwd, UserPwd}],
     Command = {Self, Ref, Method, Url, Headers, CookieJar, Body, Opts},
     true = port_command(Port, term_to_binary(Command)),
     Tref = erlang:start_timer(Timeout, self(), {req_timeout, From}),
@@ -656,6 +661,8 @@ opt(http_auth, basic, {Req, Errors}) ->
     {Req#req{http_auth=?CURLAUTH_BASIC}, Errors};
 opt(http_auth, digest, {Req, Errors}) ->
     {Req#req{http_auth=?CURLAUTH_DIGEST}, Errors};
+opt(http_auth, ntlm, {Req, Errors}) ->
+    {Req#req{http_auth=?CURLAUTH_NTLM}, Errors};
 opt(username, Username, {Req, Errors}) when is_binary(Username) ->
     {Req#req{username=Username}, Errors};
 opt(password, Password, {Req, Errors}) when is_binary(Password) ->
@@ -704,6 +711,8 @@ opt(sslkey_blob, Key, {Req, Errors})
     {Req#req{sslkey_blob=Key}, Errors};
 opt(keypasswd, Pass, {Req, Errors}) when is_binary(Pass) ->
     {Req#req{keypasswd=Pass}, Errors};
+opt(userpwd, UserPwd, {Req, Errors}) when is_binary(UserPwd) ->
+    {Req#req{userpwd=UserPwd}, Errors};
 opt(K, V, {Req, Errors}) ->
     {Req, [{K, V} | Errors]}.
 

test/katipo_SUITE.erl

@@ -121,16 +121,19 @@ groups() ->
        unix_socket_path_cant_connect,
        timeout_ms,
        maxredirs,
-       basic_unauthorised,
-       basic_authorised,
-       digest_unauthorised,
-       digest_authorised,
        lock_data_ssl_session_true,
        lock_data_ssl_session_false,
        doh_url,
        badopts,
        proxy_couldnt_connect,
        protocol_restriction]},
+     {digest, [],
+      [basic_authorised,
+       basic_authorised_userpwd,
+       basic_unauthorised,
+       digest_authorised,
+       digest_authorised_userpwd,
+       digest_unauthorised]},
      {pool, [],
       [pool_start_stop,
        worker_death,
@@ -162,6 +165,7 @@ groups() ->
 
 all() ->
     [{group, http},
+     {group, digest},
      {group, pool},
      {group, https},
      {group, https_mutual},
@@ -489,6 +493,16 @@ basic_authorised(_) ->
     true = proplists:get_value(<<"authenticated">>, Json),
     Username = proplists:get_value(<<"user">>, Json).
 
+basic_authorised_userpwd(_) ->
+    Username = <<"johndoe">>,
+    Password = <<"p455w0rd">>,
+    {ok, #{status := 200, body := Body}} =
+        katipo:get(?POOL, <<"https://httpbin.org/basic-auth/johndoe/p455w0rd">>,
+                  #{http_auth => basic, userpwd => <<Username/binary,":",Password/binary>>}),
+    Json = jsx:decode(Body),
+    true = proplists:get_value(<<"authenticated">>, Json),
+    Username = proplists:get_value(<<"user">>, Json).
+
 digest_unauthorised(_) ->
     {ok, #{status := 401}} =
         katipo:get(?POOL, <<"https://httpbin.org/digest-auth/auth/johndoe/p455w0rd">>).
@@ -503,6 +517,16 @@ digest_authorised(_) ->
     true = proplists:get_value(<<"authenticated">>, Json),
     Username = proplists:get_value(<<"user">>, Json).
 
+digest_authorised_userpwd(_) ->
+    Username = <<"johndoe">>,
+    Password = <<"p455w0rd">>,
+    {ok, #{status := 200, body := Body}} =
+        katipo:get(?POOL, <<"https://httpbin.org/digest-auth/auth/johndoe/p455w0rd">>,
+                  #{http_auth => digest, userpwd => <<Username/binary,":",Password/binary>>}),
+    Json = jsx:decode(Body),
+    true = proplists:get_value(<<"authenticated">>, Json),
+    Username = proplists:get_value(<<"user">>, Json).
+
 lock_data_ssl_session_true(_) ->
     {ok, #{status := 200, body := Body}} =
         katipo:get(?POOL, <<"https://httpbin.org/get?a=%21%40%23%24%25%5E%26%2A%28%29_%2B">>,