From: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Subject: [PATCH] winhttp/tests: Test when large amount of data is returned from a 410
Message-Id: <SYXPR01MB1085C5B50AE4A6832DC7F9CC93000@SYXPR01MB1085.ausprd01.prod.outlook.com>
Date: Tue, 11 Apr 2017 02:08:24 +0000

Returning 10K causes WinHttpSendRequest not to send the Authorization 
to the server on the second call.  This is because the data isn't flushed
correctly and when WinHttpReceiveResponse is called it still reading
the data from the sent request.

A typical scenario is when the server returns the login page after
the first 401 error.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
---
 dlls/winhttp/tests/winhttp.c | 85 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 85 insertions(+)

diff --git a/dlls/winhttp/tests/winhttp.c b/dlls/winhttp/tests/winhttp.c
index a5eff11..0761c2e 100644
--- a/dlls/winhttp/tests/winhttp.c
+++ b/dlls/winhttp/tests/winhttp.c
@@ -2059,6 +2059,16 @@ static const char multiauth[] =
 "Content-Type: text/plain\r\n"
 "\r\n";
 
+static const char largeauth[] =
+"HTTP/1.1 401 Unauthorized\r\n"
+"Server: winetest\r\n"
+"WWW-Authenticate: Bearer\r\n"
+"WWW-Authenticate: Basic realm=\"placebo\"\r\n"
+"WWW-Authenticate: NTLM\r\n"
+"Content-Length: 10240\r\n"
+"Content-Type: text/plain\r\n"
+"\r\n";
+
 static const char unauthorized[] = "Unauthorized";
 static const char hello_world[] = "Hello World";
 
@@ -2172,6 +2182,20 @@ static DWORD CALLBACK server_thread(LPVOID param)
         {
             send(c, multiauth, sizeof multiauth - 1, 0);
         }
+        if(strstr(buffer, "GET /largeauth"))
+        {
+            if (strstr(buffer, "Authorization: NTLM"))
+                send(c, okmsg, sizeof(okmsg) - 1, 0);
+            else
+            {
+                void *data = malloc(10240);
+                send(c, largeauth, sizeof largeauth - 1, 0);
+                memset(data, 'A', 10240);
+                send(c, data, 10240, 0);
+                free(data);
+                continue;
+            }
+        }
         if (strstr(buffer, "GET /cookie4"))
         {
             send(c, cookiemsg2, sizeof(cookiemsg2) - 1, 0);
@@ -2554,6 +2578,66 @@ static void test_multi_authentication(int port)
     WinHttpCloseHandle(ses);
 }
 
+static void test_large_data_authentication(int port)
+{
+    static const WCHAR largeauthW[] = {'/','l','a','r','g','e','a','u','t','h',0};
+    static const WCHAR getW[] = {'G','E','T',0};
+    static WCHAR userW[] = {'u','s','e','r',0};
+    static WCHAR passW[] = {'p','w','d',0};
+    HINTERNET ses, con, req;
+    DWORD supported, first, target, status, size;
+    BOOL ret;
+
+    ses = WinHttpOpen(test_useragent, WINHTTP_ACCESS_TYPE_NO_PROXY, NULL, NULL, 0);
+    ok(ses != NULL, "failed to open session %u\n", GetLastError());
+
+    con = WinHttpConnect(ses, localhostW, port, 0);
+    ok(con != NULL, "failed to open a connection %u\n", GetLastError());
+
+    req = WinHttpOpenRequest(con, getW, largeauthW, NULL, NULL, NULL, 0);
+    ok(req != NULL, "failed to open a request %u\n", GetLastError());
+
+    ret = WinHttpSendRequest(req, WINHTTP_NO_ADDITIONAL_HEADERS, 0,
+                             WINHTTP_NO_REQUEST_DATA,0, 0, 0 );
+    ok(ret, "expected success\n");
+
+    ret = WinHttpReceiveResponse(req, NULL);
+    ok(ret, "expected success\n");
+
+    size = sizeof(status);
+    ret = WinHttpQueryHeaders(req, WINHTTP_QUERY_STATUS_CODE | WINHTTP_QUERY_FLAG_NUMBER, NULL, 
+                                  &status,  &size,  NULL );
+    ok(ret, "expected success\n");
+    ok(status == HTTP_STATUS_DENIED, "got %d\n", status);
+
+    supported = first = target = 0xdeadbeef;
+    ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target);
+    ok(ret, "expected success\n");
+    ok(supported == (WINHTTP_AUTH_SCHEME_BASIC | WINHTTP_AUTH_SCHEME_NTLM), "got %x\n", supported);
+    ok(target == WINHTTP_AUTH_TARGET_SERVER, "got %x\n", target);
+    ok(first == WINHTTP_AUTH_SCHEME_BASIC, "got %x\n", first);
+
+    ret = WinHttpSetCredentials(req, target, WINHTTP_AUTH_SCHEME_NTLM, userW, passW, NULL);
+    ok(ret, "expected success\n");
+
+    ret = WinHttpSendRequest(req, WINHTTP_NO_ADDITIONAL_HEADERS, 0,
+                             WINHTTP_NO_REQUEST_DATA,0, 0, 0 );
+    ok(ret, "expected success %d\n", GetLastError());
+
+    ret = WinHttpReceiveResponse(req, NULL);
+    todo_wine ok(ret, "expected success\n");
+
+    size = sizeof(status);
+    ret = WinHttpQueryHeaders(req, WINHTTP_QUERY_STATUS_CODE | WINHTTP_QUERY_FLAG_NUMBER, NULL, 
+                                  &status,  &size,  NULL );
+    todo_wine ok(ret, "expected success\n");
+    todo_wine ok(status == HTTP_STATUS_OK, "got %d\n", status);
+
+    WinHttpCloseHandle(req);
+    WinHttpCloseHandle(con);
+    WinHttpCloseHandle(ses);
+}
+
 static void test_no_headers(int port)
 {
     static const WCHAR no_headersW[] = {'/','n','o','_','h','e','a','d','e','r','s',0};
@@ -4354,6 +4438,7 @@ START_TEST (winhttp)
     test_not_modified(si.port);
     test_basic_authentication(si.port);
     test_multi_authentication(si.port);
+    test_large_data_authentication(si.port);
     test_bad_header(si.port);
     test_multiple_reads(si.port);
     test_cookies(si.port);

-- 
1.9.1