axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Halewijn Geerts (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AXIS2C-1555) Proxy authentication not working when using HTTPS
Date Mon, 18 Jul 2011 15:01:03 GMT

     [ https://issues.apache.org/jira/browse/AXIS2C-1555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Halewijn Geerts updated AXIS2C-1555:
------------------------------------

    Description: 
Proxy authentication is not working when using HTTPS. A Proxy without authentication does
work when axis2c was build without curl. In a build with curl, proxy is ignored ( with or
without authentication ). 

For build without curl: 

- In http_sender.c, axis2_http_client_recieve_header is called after axis2_http_client_send
without checking if send call succeeded.

- In http_client.c, axis2_http_client_connect_ssl_host : 

proxy authentication data should be passed in connect_string:

if ( inAuthenticationString )
{
    connect_string = AXIS2_MALLOC( env->allocator,
                                                             axutil_strlen(host) * sizeof(axis2_char_t)
+
                                                             axutil_strlen(inAuthenticationString)
* sizeof(axis2_char_t) +
                                                             50 * sizeof(axis2_char_t) );
    sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host,
port, inAuthenticationString );
}
else
{
    connect_string = AXIS2_MALLOC( env->allocator,
                                                            axutil_strlen(host) * sizeof(axis2_char_t)
+
                                                            30 * sizeof(axis2_char_t) );
    sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}

(Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, I added
output parameter to get it.)

Also when axis2_http_status_line_get_status_code returns AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
the response should be processed to get the authentication type:

< if (200 != axis2_http_status_line_get_status_code(status_line, env))
< {
<        AXIS2_FREE(env->allocator, connect_string);
<        axutil_stream_free(tmp_stream, env);
<        return AXIS2_FAILURE;
< }

> theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
>    
> if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> {
>     if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode
)
>     {
>          client->response = axis2_http_simple_response_create_default(env);
>            
>          memset(str_header, 0, 512);
>          end_of_line = AXIS2_FALSE;
>          while ( read > 0 && AXIS2_FALSE == end_of_headers )
>          {
>               while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
>                                                     1 ) ) > 0 ) 
>                {
>                    tmp_buf[read] = '\0';
>                    assert ( axutil_strlen( str_header ) + 1 <= 512 );
>                    strcat(str_header, tmp_buf);
>                    if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
>                    {
>                        end_of_line = AXIS2_TRUE;
>                        break;
>                    }
>                }
>                if (AXIS2_TRUE == end_of_line)
>                {
>                    if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
>                    {
>                        end_of_headers = AXIS2_TRUE;
>                    }
>                    else
>                    {
>                        axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env,
str_header);
>                        memset(str_header, 0, 512);
>                        if (tmp_header)
>                        {
>                            axis2_http_simple_response_set_header(client->response,
>                                                                  env, tmp_header);
>                        }
>                    }
>                }
>                end_of_line = AXIS2_FALSE;
>            }
>        }
>        
>        AXIS2_FREE(env->allocator, connect_string);
>        axis2_http_status_line_free( status_line, env ); 
>        axutil_stream_free(tmp_stream, env);
>        return theStatusCode; /*return the status code because is checked in http_sender.c*/

As shown in above code: the http status code must be returned in case of an error  because
in http_sender, the return value of axis2_http_client_send will be checked to see if value
is equal to AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.

With these changes I have been able to get only a part of the code working: 
- when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); is set,
authentication type will be set.
- can authenticate through proxy when authentication is known.

Didn't get code working that gets authentication type and then connects in 1 call, I have
to use axis2_options_set_test_proxy_auth first then call again with authentication type set.


  was:
Proxy authentication is not working when using HTTPS. A Proxy without authentication does
work when axis2c was build without curl. In a build with curl, proxy is ignored ( with or
without authentication ). 

For build without curl: 

- In http_sender.c, axis2_http_client_recieve_header is called after axis2_http_client_send
without checking if send call succeeded.

- In http_client.c, axis2_http_client_connect_ssl_host : 

proxy authentication data should be passed in connect_string:

if ( inAuthenticationString )
{
    connect_string = AXIS2_MALLOC( env->allocator,
                                                             axutil_strlen(host) * sizeof(axis2_char_t)
+
                                                             axutil_strlen(inAuthenticationString)
* sizeof(axis2_char_t) +
                                                             50 * sizeof(axis2_char_t) );
    sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host,
port, inAuthenticationString );
}
else
{
    connect_string = AXIS2_MALLOC( env->allocator,
                                                            axutil_strlen(host) * sizeof(axis2_char_t)
+
                                                            30 * sizeof(axis2_char_t) );
    sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}



> Proxy authentication not working when using HTTPS
> -------------------------------------------------
>
>                 Key: AXIS2C-1555
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1555
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: transport/http
>    Affects Versions: 1.6.0
>            Reporter: Halewijn Geerts
>
> Proxy authentication is not working when using HTTPS. A Proxy without authentication
does work when axis2c was build without curl. In a build with curl, proxy is ignored ( with
or without authentication ). 
> For build without curl: 
> - In http_sender.c, axis2_http_client_recieve_header is called after axis2_http_client_send
without checking if send call succeeded.
> - In http_client.c, axis2_http_client_connect_ssl_host : 
> proxy authentication data should be passed in connect_string:
> if ( inAuthenticationString )
> {
>     connect_string = AXIS2_MALLOC( env->allocator,
>                                                              axutil_strlen(host) * sizeof(axis2_char_t)
+
>                                                              axutil_strlen(inAuthenticationString)
* sizeof(axis2_char_t) +
>                                                              50 * sizeof(axis2_char_t)
);
>     sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n",
host, port, inAuthenticationString );
> }
> else
> {
>     connect_string = AXIS2_MALLOC( env->allocator,
>                                                             axutil_strlen(host) * sizeof(axis2_char_t)
+
>                                                             30 * sizeof(axis2_char_t)
);
>     sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
> }
> (Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, I
added output parameter to get it.)
> Also when axis2_http_status_line_get_status_code returns AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
> the response should be processed to get the authentication type:
> < if (200 != axis2_http_status_line_get_status_code(status_line, env))
> < {
> <        AXIS2_FREE(env->allocator, connect_string);
> <        axutil_stream_free(tmp_stream, env);
> <        return AXIS2_FAILURE;
> < }
> > theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
> >    
> > if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> > {
> >     if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode
)
> >     {
> >          client->response = axis2_http_simple_response_create_default(env);
> >            
> >          memset(str_header, 0, 512);
> >          end_of_line = AXIS2_FALSE;
> >          while ( read > 0 && AXIS2_FALSE == end_of_headers )
> >          {
> >               while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> >                                                     1 ) ) > 0 ) 
> >                {
> >                    tmp_buf[read] = '\0';
> >                    assert ( axutil_strlen( str_header ) + 1 <= 512 );
> >                    strcat(str_header, tmp_buf);
> >                    if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
> >                    {
> >                        end_of_line = AXIS2_TRUE;
> >                        break;
> >                    }
> >                }
> >                if (AXIS2_TRUE == end_of_line)
> >                {
> >                    if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
> >                    {
> >                        end_of_headers = AXIS2_TRUE;
> >                    }
> >                    else
> >                    {
> >                        axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env,
str_header);
> >                        memset(str_header, 0, 512);
> >                        if (tmp_header)
> >                        {
> >                            axis2_http_simple_response_set_header(client->response,
> >                                                                  env, tmp_header);
> >                        }
> >                    }
> >                }
> >                end_of_line = AXIS2_FALSE;
> >            }
> >        }
> >        
> >        AXIS2_FREE(env->allocator, connect_string);
> >        axis2_http_status_line_free( status_line, env ); 
> >        axutil_stream_free(tmp_stream, env);
> >        return theStatusCode; /*return the status code because is checked in http_sender.c*/
> As shown in above code: the http status code must be returned in case of an error  because
in http_sender, the return value of axis2_http_client_send will be checked to see if value
is equal to AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.
> With these changes I have been able to get only a part of the code working: 
> - when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); is
set, authentication type will be set.
> - can authenticate through proxy when authentication is known.
> Didn't get code working that gets authentication type and then connects in 1 call, I
have to use axis2_options_set_test_proxy_auth first then call again with authentication type
set.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message