On 7 July 2013 11:20, <[email protected]> wrote:
> Author: olegk
> Date: Sun Jul 7 10:20:33 2013
> New Revision: 1500401
>
> URL: http://svn.apache.org/r1500401
> Log:
> Follow up to HTTPCLIENT-1381: fixes another NPE
> Contributed by Ricardo Pereira <thc202 at gmail.com>
>
> Modified:
>
> httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
>
> httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
>
> Modified:
> httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
> URL:
> http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java?rev=1500401&r1=1500400&r2=1500401&view=diff
> ==============================================================================
> ---
> httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
> (original)
> +++
> httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
> Sun Jul 7 10:20:33 2013
> @@ -624,7 +624,7 @@ final class NTLMEngineImpl implements NT
> final MD4 md4 = new MD4();
> md4.update(unicodePassword);
> return md4.getOutput();
> - } catch (java.io.UnsupportedEncodingException e) {
> + } catch (UnsupportedEncodingException e) {
> throw new NTLMEngineException("Unicode not supported: " +
> e.getMessage(), e);
> }
> }
> @@ -641,9 +641,11 @@ final class NTLMEngineImpl implements NT
> final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
> // Upper case username, upper case domain!
>
> hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> -
> hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> + if (domain != null) {
> +
> hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
Note that getBytes(String) is also Locale-sensitive; should probably
use Locale.ENGLISH.
(Locale.ROOT is 1.6+)
> + }
> return hmacMD5.getOutput();
> - } catch (java.io.UnsupportedEncodingException e) {
> + } catch (UnsupportedEncodingException e) {
> throw new NTLMEngineException("Unicode not supported! " +
> e.getMessage(), e);
> }
> }
> @@ -660,9 +662,11 @@ final class NTLMEngineImpl implements NT
> final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
> // Upper case username, mixed case target!!
>
> hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
> - hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
> + if (domain != null) {
> + hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
> + }
> return hmacMD5.getOutput();
> - } catch (java.io.UnsupportedEncodingException e) {
> + } catch (UnsupportedEncodingException e) {
> throw new NTLMEngineException("Unicode not supported! " +
> e.getMessage(), e);
> }
> }
> @@ -981,7 +985,7 @@ final class NTLMEngineImpl implements NT
> hostBytes = unqualifiedHost != null?
> unqualifiedHost.getBytes("ASCII") : null;
> domainBytes = unqualifiedDomain != null ? unqualifiedDomain
> .toUpperCase(Locale.US).getBytes("ASCII") : null;
> - } catch (java.io.UnsupportedEncodingException e) {
> + } catch (UnsupportedEncodingException e) {
> throw new NTLMEngineException("Unicode unsupported: " +
> e.getMessage(), e);
> }
> }
> @@ -1104,7 +1108,7 @@ final class NTLMEngineImpl implements NT
> if (bytes.length != 0) {
> try {
> target = new String(bytes, "UnicodeLittleUnmarked");
> - } catch (java.io.UnsupportedEncodingException e) {
> + } catch (UnsupportedEncodingException e) {
> throw new NTLMEngineException(e.getMessage(), e);
> }
> }
>
> Modified:
> httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
> URL:
> http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java?rev=1500401&r1=1500400&r2=1500401&view=diff
> ==============================================================================
> ---
> httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
> (original)
> +++
> httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java
> Sun Jul 7 10:20:33 2013
> @@ -99,7 +99,13 @@ public class TestClientAuthenticationFak
> response.getStatusLine().getStatusCode());
> }
>
> - static class NtlmType2ResponseHandler implements HttpRequestHandler {
> + static class NtlmType2MessageResponseHandler implements
> HttpRequestHandler {
> +
> + private final String authenticateHeaderValue;
> +
> + public NtlmType2MessageResponseHandler(final String type2Message) {
> + this.authenticateHeaderValue = "NTLM " + type2Message;
> + }
>
> public void handle(
> final HttpRequest request,
> @@ -113,16 +119,42 @@ public class TestClientAuthenticationFak
> if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
> response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM");
> } else {
> - response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM
> TlRMTVNTUAACAA" +
> -
> "AADAAMADgAAAAzwoICLgEjRWfCicKrw43DrwAAAAAAAAAAAAAAAAAAAAAGAHAX" +
> - "AAAAD1MAZQByAHYAZQByAA==");
> + response.setHeader(HttpHeaders.WWW_AUTHENTICATE,
> authenticateHeaderValue);
> }
> }
> }
>
> @Test
> - public void testNTLMType2() throws Exception {
> - this.localServer.register("*", new NtlmType2ResponseHandler());
> + public void testNTLMv1Type2Message() throws Exception {
> + this.localServer.register("*", new
> NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
> +
> "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
> + "AGUAcgB2AGUAcgA="));
> + this.localServer.start();
> +
> + final BasicCredentialsProvider credsProvider = new
> BasicCredentialsProvider();
> + credsProvider.setCredentials(AuthScope.ANY,
> + new NTCredentials("test", "test", null, null));
> +
> + this.httpclient = HttpClients.custom()
> + .setDefaultCredentialsProvider(credsProvider)
> + .build();
> +
> + final HttpContext context = HttpClientContext.create();
> +
> + final HttpHost targethost = getServerHttp();
> + final HttpGet httpget = new HttpGet("/");
> +
> + final HttpResponse response = this.httpclient.execute(targethost,
> httpget, context);
> + EntityUtils.consume(response.getEntity());
> + Assert.assertEquals(HttpStatus.SC_UNAUTHORIZED,
> + response.getStatusLine().getStatusCode());
> + }
> +
> + @Test
> + public void testNTLMv2Type2Message() throws Exception {
> + this.localServer.register("*", new
> NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
> +
> "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
> +
> "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
> this.localServer.start();
>
> final BasicCredentialsProvider credsProvider = new
> BasicCredentialsProvider();
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
