Follow up to HTTPCLIENT-1381: fixes another NPE

Contributed by Ricardo Pereira <thc202 at gmail.com>

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1500401 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2013-07-07 10:20:33 +00:00
parent f17ef0ad11
commit bb902afa4f
2 changed files with 49 additions and 13 deletions

View File

@ -624,7 +624,7 @@ final class NTLMEngineImpl implements NTLMEngine {
final MD4 md4 = new MD4(); final MD4 md4 = new MD4();
md4.update(unicodePassword); md4.update(unicodePassword);
return md4.getOutput(); return md4.getOutput();
} catch (java.io.UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new NTLMEngineException("Unicode not supported: " + e.getMessage(), e); throw new NTLMEngineException("Unicode not supported: " + e.getMessage(), e);
} }
} }
@ -641,9 +641,11 @@ final class NTLMEngineImpl implements NTLMEngine {
final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
// Upper case username, upper case domain! // Upper case username, upper case domain!
hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); if (domain != null) {
hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
}
return hmacMD5.getOutput(); return hmacMD5.getOutput();
} catch (java.io.UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e); throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e);
} }
} }
@ -660,9 +662,11 @@ final class NTLMEngineImpl implements NTLMEngine {
final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash);
// Upper case username, mixed case target!! // Upper case username, mixed case target!!
hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked"));
hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked")); if (domain != null) {
hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked"));
}
return hmacMD5.getOutput(); return hmacMD5.getOutput();
} catch (java.io.UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e); throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e);
} }
} }
@ -981,7 +985,7 @@ final class NTLMEngineImpl implements NTLMEngine {
hostBytes = unqualifiedHost != null? unqualifiedHost.getBytes("ASCII") : null; hostBytes = unqualifiedHost != null? unqualifiedHost.getBytes("ASCII") : null;
domainBytes = unqualifiedDomain != null ? unqualifiedDomain domainBytes = unqualifiedDomain != null ? unqualifiedDomain
.toUpperCase(Locale.US).getBytes("ASCII") : null; .toUpperCase(Locale.US).getBytes("ASCII") : null;
} catch (java.io.UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(), e); throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(), e);
} }
} }
@ -1104,7 +1108,7 @@ final class NTLMEngineImpl implements NTLMEngine {
if (bytes.length != 0) { if (bytes.length != 0) {
try { try {
target = new String(bytes, "UnicodeLittleUnmarked"); target = new String(bytes, "UnicodeLittleUnmarked");
} catch (java.io.UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new NTLMEngineException(e.getMessage(), e); throw new NTLMEngineException(e.getMessage(), e);
} }
} }

View File

@ -99,7 +99,13 @@ public class TestClientAuthenticationFakeNTLM extends IntegrationTestBase {
response.getStatusLine().getStatusCode()); response.getStatusLine().getStatusCode());
} }
static class NtlmType2ResponseHandler implements HttpRequestHandler { static class NtlmType2MessageResponseHandler implements HttpRequestHandler {
private final String authenticateHeaderValue;
public NtlmType2MessageResponseHandler(final String type2Message) {
this.authenticateHeaderValue = "NTLM " + type2Message;
}
public void handle( public void handle(
final HttpRequest request, final HttpRequest request,
@ -113,16 +119,42 @@ public class TestClientAuthenticationFakeNTLM extends IntegrationTestBase {
if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) { if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM"); response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM");
} else { } else {
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM TlRMTVNTUAACAA" + response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
"AADAAMADgAAAAzwoICLgEjRWfCicKrw43DrwAAAAAAAAAAAAAAAAAAAAAGAHAX" +
"AAAAD1MAZQByAHYAZQByAA==");
} }
} }
} }
@Test @Test
public void testNTLMType2() throws Exception { public void testNTLMv1Type2Message() throws Exception {
this.localServer.register("*", new NtlmType2ResponseHandler()); this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
"AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
"AGUAcgB2AGUAcgA="));
this.localServer.start();
final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY,
new NTCredentials("test", "test", null, null));
this.httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
final HttpContext context = HttpClientContext.create();
final HttpHost targethost = getServerHttp();
final HttpGet httpget = new HttpGet("/");
final HttpResponse response = this.httpclient.execute(targethost, httpget, context);
EntityUtils.consume(response.getEntity());
Assert.assertEquals(HttpStatus.SC_UNAUTHORIZED,
response.getStatusLine().getStatusCode());
}
@Test
public void testNTLMv2Type2Message() throws Exception {
this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
"AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
"AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
this.localServer.start(); this.localServer.start();
final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider(); final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();