ntlm_fake_auth: add ability to test delayed responses (#294)

Add a -t parameter which sets a timeout to artificially delay authentication responses by a fixed amount longer than their normal delay. This enables the fake authenticator to be used to test NTLM client and Squid behaviour under various network latency and stress conditions which delay ActiveDirectory responses.
squid-cache · Oct 8, 2018 · 7dba4ac · 7dba4ac
1 parent 57a5679
commit 7dba4ac
Showing 1 changed file with 17 additions and 2 deletions.
diff --git a/src/auth/ntlm/fake/ntlm_fake_auth.cc b/src/auth/ntlm/fake/ntlm_fake_auth.cc
@@ -40,6 +40,7 @@
 #include "ntlmauth/support_bits.cci"
 
 #include <cctype>
+#include <chrono>
 #include <cstring>
 #if HAVE_CRYPT_H
 #include <crypt.h>
@@ -50,6 +51,7 @@
 #if HAVE_GETOPT_H
 #include <getopt.h>
 #endif
+#include <thread>
 
 /* A couple of harmless helper macros */
 #define SEND(X) {debug("sending '%s' to squid\n",X); printf(X "\n");}
@@ -67,6 +69,7 @@
 const char *authenticate_ntlm_domain = "WORKGROUP";
 int strip_domain_enabled = 0;
 int NTLM_packet_debug_enabled = 0;
+unsigned int response_delay = 0;
 
 /*
  * options:
@@ -80,9 +83,10 @@ static void
 usage(void)
 {
     fprintf(stderr,
-            "Usage: %s [-d] [-v] [-h]\n"
+            "Usage: %s [-d] [-t N] [-v] [-h]\n"
             " -d  enable debugging.\n"
             " -S  strip domain from username.\n"
+            " -t  timeout to delay responses (milliseconds).\n"
             " -v  enable verbose NTLM packet debugging.\n"
             " -h  this message\n\n",
             my_program_name);
@@ -94,7 +98,7 @@ process_options(int argc, char *argv[])
     int opt, had_error = 0;
 
     opterr = 0;
-    while (-1 != (opt = getopt(argc, argv, "hdvS"))) {
+    while (-1 != (opt = getopt(argc, argv, "hdvSt:"))) {
         switch (opt) {
         case 'd':
             debug_enabled = 1;
@@ -106,6 +110,13 @@ process_options(int argc, char *argv[])
         case 'S':
             strip_domain_enabled = 1;
             break;
+        case 't':
+            if (!xstrtoui(optarg, nullptr, &response_delay, 0, 86400)) {
+                fprintf(stderr, "ERROR: invalid parameter value for -t '%s'", optarg);
+                usage();
+                had_error = 1;
+            }
+            break;
         case 'h':
             usage();
             exit(EXIT_SUCCESS);
@@ -172,6 +183,10 @@ main(int argc, char *argv[])
         } else
             debug("Got '%s' from Squid\n", buf);
 
+        if (response_delay > 0) {
+            std::this_thread::sleep_for(std::chrono::milliseconds(response_delay));
+        }
+
         if (strncmp(buf, "YR", 2) == 0) {
             char nonce[NTLM_NONCE_LEN];
             ntlm_challenge chal;