hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Becke <be...@u.washington.edu>
Subject Re: [PATCH] Bug in NTLM scheme
Date Wed, 21 Jan 2004 21:20:18 GMT
Works for me, as I am unable to test.

Mike

On Jan 21, 2004, at 1:59 PM, Kalnichevski, Oleg wrote:

> I just discovered a bug introduced with the recent changes in the  
> authentication logic for which I bear full responsibility. Basically  
> NTLM authentication scheme fails to properly handle authentication  
> failures caused by invalid credentials, and a result HttpClient enters  
> an infinite loop in HttpMethodDirector code.
>
> Because the bug is quite ugly and the fix appears pretty  
> straight-forward, I will take liberty in committing the patch shortly.
>
> Oleg
>
> Index: NTLMScheme.java
> ===================================================================
> RCS file:  
> /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/ 
> commons/httpclient/auth/NTLMScheme.java,v
> retrieving revision 1.16
> diff -u -r1.16 NTLMScheme.java
> --- NTLMScheme.java	14 Jan 2004 20:48:43 -0000	1.16
> +++ NTLMScheme.java	21 Jan 2004 18:48:22 -0000
> @@ -95,6 +95,7 @@
>      private static final int TYPE1_MSG_GENERATED = 2;
>      private static final int TYPE2_MSG_RECEIVED  = 3;
>      private static final int TYPE3_MSG_GENERATED = 4;
> +    private static final int FAILED              = Integer.MAX_VALUE;
>
>      /** Authentication process state */
>      private int state;
> @@ -140,7 +141,11 @@
>              this.state = TYPE2_MSG_RECEIVED;
>          } else {
>              this.ntlmchallenge = "";
> -            this.state = INITIATED;
> +            if (this.state == UNINITIATED) {
> +                this.state = INITIATED;
> +            } else {
> +                this.state = FAILED;
> +            }
>          }
>      }
>
> @@ -151,7 +156,7 @@
>       *   <tt>false</tt> otherwise.
>       */
>      public boolean isComplete() {
> -        return this.state == TYPE3_MSG_GENERATED;
> +        return this.state == TYPE3_MSG_GENERATED || this.state ==  
> FAILED;
>      }
>
>      /**
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:  
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:  
> commons-httpclient-dev-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message