hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: svn commit: r1500401 - in /httpcomponents/httpclient/trunk/httpclient/src: main/java/org/apache/http/impl/auth/NTLMEngineImpl.java test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
Date Sun, 07 Jul 2013 19:18:31 GMT
On 7 July 2013 11:20,  <olegk@apache.org> wrote:
> Author: olegk
> Date: Sun Jul  7 10:20:33 2013
> New Revision: 1500401
>
> URL: http://svn.apache.org/r1500401
> Log:
> Follow up to HTTPCLIENT-1381: fixes another NPE
> Contributed by Ricardo Pereira <thc202 at gmail.com>
>
> Modified:
>     httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
>     httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
>
> Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
> URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java?rev=1500401&r1=1500400&r2=1500401&view=diff
> ==============================================================================
> --- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
(original)
> +++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
Sun Jul  7 10:20:33 2013
> @@ -624,7 +624,7 @@ final class NTLMEngineImpl implements NT
>              final MD4 md4 = new MD4();
>              md4.update(unicodePassword);
>              return md4.getOutput();
> -        } catch (java.io.UnsupportedEncodingException e) {
> +        } catch (UnsupportedEncodingException e) {
>              throw new NTLMEngineException("Unicode not supported: " + e.getMessage(),
e);
>          }
>      }
> @@ -641,9 +641,11 @@ final class NTLMEngineImpl implements NT
>              final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
>              // Upper case username, upper case domain!
>              hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> -            hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> +            if (domain != null) {
> +                hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));

Note that getBytes(String) is also Locale-sensitive; should probably
use Locale.ENGLISH.
(Locale.ROOT is 1.6+)

> +            }
>              return hmacMD5.getOutput();
> -        } catch (java.io.UnsupportedEncodingException e) {
> +        } catch (UnsupportedEncodingException e) {
>              throw new NTLMEngineException("Unicode not supported! " + e.getMessage(),
e);
>          }
>      }
> @@ -660,9 +662,11 @@ final class NTLMEngineImpl implements NT
>              final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
>              // Upper case username, mixed case target!!
>              hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> -            hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
> +            if (domain != null) {
> +                hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
> +            }
>              return hmacMD5.getOutput();
> -        } catch (java.io.UnsupportedEncodingException e) {
> +        } catch (UnsupportedEncodingException e) {
>              throw new NTLMEngineException("Unicode not supported! " + e.getMessage(),
e);
>          }
>      }
> @@ -981,7 +985,7 @@ final class NTLMEngineImpl implements NT
>                  hostBytes = unqualifiedHost != null? unqualifiedHost.getBytes("ASCII")
: null;
>                  domainBytes = unqualifiedDomain != null ? unqualifiedDomain
>                          .toUpperCase(Locale.US).getBytes("ASCII") : null;
> -            } catch (java.io.UnsupportedEncodingException e) {
> +            } catch (UnsupportedEncodingException e) {
>                  throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(),
e);
>              }
>          }
> @@ -1104,7 +1108,7 @@ final class NTLMEngineImpl implements NT
>                  if (bytes.length != 0) {
>                      try {
>                          target = new String(bytes, "UnicodeLittleUnmarked");
> -                    } catch (java.io.UnsupportedEncodingException e) {
> +                    } catch (UnsupportedEncodingException e) {
>                          throw new NTLMEngineException(e.getMessage(), e);
>                      }
>                  }
>
> Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
> URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java?rev=1500401&r1=1500400&r2=1500401&view=diff
> ==============================================================================
> --- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
(original)
> +++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
Sun Jul  7 10:20:33 2013
> @@ -99,7 +99,13 @@ public class TestClientAuthenticationFak
>                  response.getStatusLine().getStatusCode());
>      }
>
> -    static class NtlmType2ResponseHandler implements HttpRequestHandler {
> +    static class NtlmType2MessageResponseHandler implements HttpRequestHandler {
> +
> +        private final String authenticateHeaderValue;
> +
> +        public NtlmType2MessageResponseHandler(final String type2Message) {
> +            this.authenticateHeaderValue = "NTLM " + type2Message;
> +        }
>
>          public void handle(
>                  final HttpRequest request,
> @@ -113,16 +119,42 @@ public class TestClientAuthenticationFak
>              if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
>                  response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM");
>              } else {
> -                response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM TlRMTVNTUAACAA"
+
> -                        "AADAAMADgAAAAzwoICLgEjRWfCicKrw43DrwAAAAAAAAAAAAAAAAAAAAAGAHAX"
+
> -                        "AAAAD1MAZQByAHYAZQByAA==");
> +                response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
>              }
>          }
>      }
>
>      @Test
> -    public void testNTLMType2() throws Exception {
> -        this.localServer.register("*", new NtlmType2ResponseHandler());
> +    public void testNTLMv1Type2Message() throws Exception {
> +        this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA"
+
> +                "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
> +                "AGUAcgB2AGUAcgA="));
> +        this.localServer.start();
> +
> +        final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
> +        credsProvider.setCredentials(AuthScope.ANY,
> +                new NTCredentials("test", "test", null, null));
> +
> +        this.httpclient = HttpClients.custom()
> +                .setDefaultCredentialsProvider(credsProvider)
> +                .build();
> +
> +        final HttpContext context = HttpClientContext.create();
> +
> +        final HttpHost targethost = getServerHttp();
> +        final HttpGet httpget = new HttpGet("/");
> +
> +        final HttpResponse response = this.httpclient.execute(targethost, httpget, context);
> +        EntityUtils.consume(response.getEntity());
> +        Assert.assertEquals(HttpStatus.SC_UNAUTHORIZED,
> +                response.getStatusLine().getStatusCode());
> +    }
> +
> +    @Test
> +    public void testNTLMv2Type2Message() throws Exception {
> +        this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA"
+
> +                "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
> +                "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
>          this.localServer.start();
>
>          final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message