You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2020/04/05 11:43:08 UTC
[httpcomponents-client] 01/01: HTTPCLIENT-2073: (regression)
WindowsNegotiateScheme incorrectly rejects empty NTLM challenge
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a commit to branch HTTPCLIENT-2073
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git
commit a93d5c0c1d9f1b98b2816eaac359bb34deea1f71
Author: Oleg Kalnichevski <ol...@apache.org>
AuthorDate: Sun Apr 5 12:46:53 2020 +0200
HTTPCLIENT-2073: (regression) WindowsNegotiateScheme incorrectly rejects empty NTLM challenge
---
.../hc/client5/http/impl/win/WindowsNegotiateScheme.java | 8 +++-----
.../client5/http/impl/auth/TestAuthChallengeParser.java | 15 ++++++++++++++-
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java
index b269fa3..f927eef 100644
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java
+++ b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java
@@ -32,12 +32,12 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.hc.client5.http.RouteInfo;
import org.apache.hc.client5.http.auth.AuthChallenge;
import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.client5.http.auth.AuthenticationException;
import org.apache.hc.client5.http.auth.BasicUserPrincipal;
import org.apache.hc.client5.http.auth.ChallengeType;
import org.apache.hc.client5.http.auth.CredentialsProvider;
import org.apache.hc.client5.http.auth.MalformedChallengeException;
+import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.annotation.Experimental;
import org.apache.hc.core5.http.HttpHost;
@@ -45,6 +45,7 @@ import org.apache.hc.core5.http.HttpRequest;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.apache.hc.core5.net.URIAuthority;
import org.apache.hc.core5.util.Args;
+import org.apache.hc.core5.util.TextUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -133,12 +134,9 @@ public class WindowsNegotiateScheme implements AuthScheme {
final AuthChallenge authChallenge,
final HttpContext context) throws MalformedChallengeException {
Args.notNull(authChallenge, "AuthChallenge");
- if (authChallenge.getValue() == null) {
- throw new MalformedChallengeException("Missing auth challenge");
- }
challengeType = authChallenge.getChallengeType();
challenge = authChallenge.getValue();
- if (challenge.isEmpty()) {
+ if (TextUtils.isBlank(challenge)) {
if (clientCred != null) {
dispose(); // run cleanup first before throwing an exception otherwise can leak OS resources
if (continueNeeded) {
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
index 12506ac..95fbe1a 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
@@ -29,8 +29,8 @@ package org.apache.hc.client5.http.impl.auth;
import java.util.List;
import org.apache.hc.client5.http.auth.AuthChallenge;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.client5.http.auth.ChallengeType;
+import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.core5.http.NameValuePair;
import org.apache.hc.core5.http.ParseException;
import org.apache.hc.core5.http.message.BasicNameValuePair;
@@ -308,6 +308,19 @@ public class TestAuthChallengeParser {
assertNameValuePair(new BasicNameValuePair("blah", null), params1.get(1));
}
+ @Test
+ public void testParseNTLMAuthChallenge() throws Exception {
+ final CharArrayBuffer buffer = new CharArrayBuffer(64);
+ buffer.append(StandardAuthScheme.NTLM);
+ final ParserCursor cursor = new ParserCursor(0, buffer.length());
+ final List<AuthChallenge> challenges = parser.parse(ChallengeType.TARGET, buffer, cursor);
+ Assert.assertNotNull(challenges);
+ Assert.assertEquals(1, challenges.size());
+ final AuthChallenge challenge1 = challenges.get(0);
+ Assert.assertEquals(StandardAuthScheme.NTLM, challenge1.getSchemeName());
+ Assert.assertEquals(null, challenge1.getValue());
+ }
+
private static void assertNameValuePair (
final NameValuePair expected,
final NameValuePair result) {