You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/07/07 12:20:13 UTC

svn commit: r1500400 - in /httpcomponents/httpclient/branches/4.2.x/httpclient/src: main/java/org/apache/http/impl/auth/NTLMEngineImpl.java test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java

Author: olegk
Date: Sun Jul  7 10:20:13 2013
New Revision: 1500400

URL: http://svn.apache.org/r1500400
Log:
Follow up to HTTPCLIENT-1381: fixes another NPE
Contributed by Ricardo Pereira <thc202 at gmail.com>

Modified:
    httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
    httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java

Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java?rev=1500400&r1=1500399&r2=1500400&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java (original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java Sun Jul  7 10:20:13 2013
@@ -631,7 +631,7 @@ final class NTLMEngineImpl implements NT
             MD4 md4 = new MD4();
             md4.update(unicodePassword);
             return md4.getOutput();
-        } catch (java.io.UnsupportedEncodingException e) {
+        } catch (UnsupportedEncodingException e) {
             throw new NTLMEngineException("Unicode not supported: " + e.getMessage(), e);
         }
     }
@@ -655,9 +655,11 @@ final class NTLMEngineImpl implements NT
             HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
             // Upper case username, upper case domain!
             hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
-            hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
+            if (domain != null) {
+                hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
+            }
             return hmacMD5.getOutput();
-        } catch (java.io.UnsupportedEncodingException e) {
+        } catch (UnsupportedEncodingException e) {
             throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e);
         }
     }
@@ -681,9 +683,11 @@ final class NTLMEngineImpl implements NT
             HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
             // Upper case username, mixed case target!!
             hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
-            hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
+            if (domain != null) {
+                hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
+            }
             return hmacMD5.getOutput();
-        } catch (java.io.UnsupportedEncodingException e) {
+        } catch (UnsupportedEncodingException e) {
             throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e);
         }
     }
@@ -1004,7 +1008,7 @@ final class NTLMEngineImpl implements NT
                 hostBytes = unqualifiedHost != null? unqualifiedHost.getBytes("ASCII") : null;
                 domainBytes = unqualifiedDomain != null ? unqualifiedDomain
                         .toUpperCase(Locale.US).getBytes("ASCII") : null;
-            } catch (java.io.UnsupportedEncodingException e) {
+            } catch (UnsupportedEncodingException e) {
                 throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(), e);
             }
         }
@@ -1127,7 +1131,7 @@ final class NTLMEngineImpl implements NT
                 if (bytes.length != 0) {
                     try {
                         target = new String(bytes, "UnicodeLittleUnmarked");
-                    } catch (java.io.UnsupportedEncodingException e) {
+                    } catch (UnsupportedEncodingException e) {
                         throw new NTLMEngineException(e.getMessage(), e);
                     }
                 }

Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java?rev=1500400&r1=1500399&r2=1500400&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java (original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/impl/client/TestClientAuthenticationFakeNTLM.java Sun Jul  7 10:20:13 2013
@@ -96,7 +96,13 @@ public class TestClientAuthenticationFak
                 response.getStatusLine().getStatusCode());
     }
 
-    static class NtlmType2ResponseHandler implements HttpRequestHandler {
+    static class NtlmType2MessageResponseHandler implements HttpRequestHandler {
+
+        private final String authenticateHeaderValue;
+
+        public NtlmType2MessageResponseHandler(final String type2Message) {
+            this.authenticateHeaderValue = "NTLM " + type2Message;
+        }
 
         public void handle(
                 final HttpRequest request,
@@ -110,16 +116,40 @@ public class TestClientAuthenticationFak
             if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
                 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM");
             } else {
-                response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM TlRMTVNTUAACAA" +
-                        "AADAAMADgAAAAzwoICLgEjRWfCicKrw43DrwAAAAAAAAAAAAAAAAAAAAAGAHAX" +
-                        "AAAAD1MAZQByAHYAZQByAA==");
+                response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
             }
         }
     }
 
     @Test
-    public void testNTLMType2() throws Exception {
-        this.localServer.register("*", new NtlmType2ResponseHandler());
+    public void testNTLMv1Type2Message() throws Exception {
+        this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
+                "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
+                "AGUAcgB2AGUAcgA="));
+        this.localServer.start();
+
+        BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
+        credsProvider.setCredentials(AuthScope.ANY,
+                new NTCredentials("test", "test", null, null));
+
+        this.httpclient.setCredentialsProvider(credsProvider);
+
+        HttpContext context = new BasicHttpContext();
+
+        HttpHost targethost = getServerHttp();
+        HttpGet httpget = new HttpGet("/");
+
+        HttpResponse response = this.httpclient.execute(targethost, httpget, context);
+        EntityUtils.consume(response.getEntity());
+        Assert.assertEquals(HttpStatus.SC_UNAUTHORIZED,
+                response.getStatusLine().getStatusCode());
+    }
+
+    @Test
+    public void testNTLMv2Type2Message() throws Exception {
+        this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
+                "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
+                "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
         this.localServer.start();
 
         BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();