You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by kw...@apache.org on 2012/12/19 12:34:59 UTC
svn commit: r1423832 - in /httpcomponents/httpclient/trunk: RELEASE_NOTES.txt
httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
Author: kwright
Date: Wed Dec 19 11:34:58 2012
New Revision: 1423832
URL: http://svn.apache.org/viewvc?rev=1423832&view=rev
Log:
Fix for HTTPCLIENT-1283.
Modified:
httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
Modified: httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/RELEASE_NOTES.txt?rev=1423832&r1=1423831&r2=1423832&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/trunk/RELEASE_NOTES.txt Wed Dec 19 11:34:58 2012
@@ -1,6 +1,10 @@
Changes in trunk
-------------------
+* [HTTPCLIENT-1283] NTLM needs to use Locale-independent form of
+ toUpperCase().
+ Contributed by Karl Wright <DaddyWri at gmail.com>
+
* [HTTPCLIENT-1279] Target host responding with status 407 (proxy authentication required)
causes an NPE.
Contributed by Oleg Kalnichevski <olegk at apache.org>
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java?rev=1423832&r1=1423831&r2=1423832&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java Wed Dec 19 11:34:58 2012
@@ -29,6 +29,7 @@ package org.apache.http.impl.auth;
import java.security.Key;
import java.security.MessageDigest;
import java.util.Arrays;
+import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
@@ -572,7 +573,7 @@ final class NTLMEngineImpl implements NT
*/
private static byte[] lmHash(String password) throws NTLMEngineException {
try {
- byte[] oemPassword = password.toUpperCase().getBytes("US-ASCII");
+ byte[] oemPassword = password.toUpperCase(Locale.ROOT).getBytes("US-ASCII");
int length = Math.min(oemPassword.length, 14);
byte[] keyBytes = new byte[14];
System.arraycopy(oemPassword, 0, keyBytes, 0, length);
@@ -632,7 +633,7 @@ final class NTLMEngineImpl implements NT
byte[] ntlmHash = ntlmHash(password);
HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
// Upper case username, mixed case target!!
- hmacMD5.update(user.toUpperCase().getBytes("UnicodeLittleUnmarked"));
+ hmacMD5.update(user.toUpperCase(Locale.ROOT).getBytes("UnicodeLittleUnmarked"));
hmacMD5.update(target.getBytes("UnicodeLittleUnmarked"));
return hmacMD5.getOutput();
} catch (java.io.UnsupportedEncodingException e) {
@@ -951,7 +952,7 @@ final class NTLMEngineImpl implements NT
domain = convertDomain(domain);
hostBytes = host.getBytes("UnicodeLittleUnmarked");
- domainBytes = domain.toUpperCase().getBytes("UnicodeLittleUnmarked");
+ domainBytes = domain.toUpperCase(Locale.ROOT).getBytes("UnicodeLittleUnmarked");
} catch (java.io.UnsupportedEncodingException e) {
throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(), e);
}
@@ -1197,7 +1198,7 @@ final class NTLMEngineImpl implements NT
sessionKey = null;
try {
- domainBytes = domain.toUpperCase().getBytes("UnicodeLittleUnmarked");
+ domainBytes = domain.toUpperCase(Locale.ROOT).getBytes("UnicodeLittleUnmarked");
hostBytes = host.getBytes("UnicodeLittleUnmarked");
userBytes = user.getBytes("UnicodeLittleUnmarked");
} catch (java.io.UnsupportedEncodingException e) {