hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kalnichevski, Oleg" <oleg.kalnichev...@bearingpoint.com>
Subject [PATCH] Bug in NTLM scheme
Date Wed, 21 Jan 2004 18:59:23 GMT
I just discovered a bug introduced with the recent changes in the authentication logic for
which I bear full responsibility. Basically NTLM authentication scheme fails to properly handle
authentication failures caused by invalid credentials, and a result HttpClient enters an infinite
loop in HttpMethodDirector code.

Because the bug is quite ugly and the fix appears pretty straight-forward, I will take liberty
in committing the patch shortly. 

Oleg

Index: NTLMScheme.java
===================================================================
RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java,v
retrieving revision 1.16
diff -u -r1.16 NTLMScheme.java
--- NTLMScheme.java	14 Jan 2004 20:48:43 -0000	1.16
+++ NTLMScheme.java	21 Jan 2004 18:48:22 -0000
@@ -95,6 +95,7 @@
     private static final int TYPE1_MSG_GENERATED = 2;
     private static final int TYPE2_MSG_RECEIVED  = 3;
     private static final int TYPE3_MSG_GENERATED = 4;
+    private static final int FAILED              = Integer.MAX_VALUE;
 
     /** Authentication process state */
     private int state;
@@ -140,7 +141,11 @@
             this.state = TYPE2_MSG_RECEIVED;
         } else {
             this.ntlmchallenge = "";
-            this.state = INITIATED;
+            if (this.state == UNINITIATED) {
+                this.state = INITIATED;
+            } else {
+                this.state = FAILED;
+            }
         }
     }
 
@@ -151,7 +156,7 @@
      *   <tt>false</tt> otherwise.
      */
     public boolean isComplete() {
-        return this.state == TYPE3_MSG_GENERATED;
+        return this.state == TYPE3_MSG_GENERATED || this.state == FAILED;
     }
 
     /**

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message