[prev in list] [next in list] [prev in thread] [next in thread]
List: rampart-c-dev
Subject: [jira] [Updated] (AXIS2C-1555) Proxy authentication not working
From: "Halewijn Geerts (JIRA)" <jira () apache ! org>
Date: 2011-07-18 15:01:03
Message-ID: 960609416.381.1311001263927.JavaMail.tomcat () hel ! zones ! apache ! org
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/AXIS2C-1555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]
Halewijn Geerts updated AXIS2C-1555:
------------------------------------
Description:
Proxy authentication is not working when using HTTPS. A Proxy without authentication \
does work when axis2c was build without curl. In a build with curl, proxy is ignored \
( with or without authentication ).
For build without curl:
- In http_sender.c, axis2_http_client_recieve_header is called after \
axis2_http_client_send without checking if send call succeeded.
- In http_client.c, axis2_http_client_connect_ssl_host :
proxy authentication data should be passed in connect_string:
if ( inAuthenticationString )
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * \
sizeof(axis2_char_t) +
\
axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
50 * \
sizeof(axis2_char_t) ); sprintf(connect_string, "CONNECT %s:%d \
HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host, port, inAuthenticationString ); }
else
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * \
sizeof(axis2_char_t) +
30 * sizeof(axis2_char_t) \
); sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}
(Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, I \
added output parameter to get it.)
Also when axis2_http_status_line_get_status_code returns \
AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL, the response should be \
processed to get the authentication type:
< if (200 != axis2_http_status_line_get_status_code(status_line, env))
< {
< AXIS2_FREE(env->allocator, connect_string);
< axutil_stream_free(tmp_stream, env);
< return AXIS2_FAILURE;
< }
> theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
>
> if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> {
> if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode )
> {
> client->response = axis2_http_simple_response_create_default(env);
>
> memset(str_header, 0, 512);
> end_of_line = AXIS2_FALSE;
> while ( read > 0 && AXIS2_FALSE == end_of_headers )
> {
> while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> 1 ) ) > 0 )
> {
> tmp_buf[read] = '\0';
> assert ( axutil_strlen( str_header ) + 1 <= 512 );
> strcat(str_header, tmp_buf);
> if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
> {
> end_of_line = AXIS2_TRUE;
> break;
> }
> }
> if (AXIS2_TRUE == end_of_line)
> {
> if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
> {
> end_of_headers = AXIS2_TRUE;
> }
> else
> {
> axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env, str_header);
> memset(str_header, 0, 512);
> if (tmp_header)
> {
> axis2_http_simple_response_set_header(client->response,
> env, tmp_header);
> }
> }
> }
> end_of_line = AXIS2_FALSE;
> }
> }
>
> AXIS2_FREE(env->allocator, connect_string);
> axis2_http_status_line_free( status_line, env );
> axutil_stream_free(tmp_stream, env);
> return theStatusCode; /*return the status code because is checked in \
> http_sender.c*/
As shown in above code: the http status code must be returned in case of an error \
because in http_sender, the return value of axis2_http_client_send will be checked to \
see if value is equal to AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.
With these changes I have been able to get only a part of the code working:
- when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); is \
set, authentication type will be set.
- can authenticate through proxy when authentication is known.
Didn't get code working that gets authentication type and then connects in 1 call, I \
have to use axis2_options_set_test_proxy_auth first then call again with \
authentication type set.
was:
Proxy authentication is not working when using HTTPS. A Proxy without authentication \
does work when axis2c was build without curl. In a build with curl, proxy is ignored \
( with or without authentication ).
For build without curl:
- In http_sender.c, axis2_http_client_recieve_header is called after \
axis2_http_client_send without checking if send call succeeded.
- In http_client.c, axis2_http_client_connect_ssl_host :
proxy authentication data should be passed in connect_string:
if ( inAuthenticationString )
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * \
sizeof(axis2_char_t) +
\
axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
50 * \
sizeof(axis2_char_t) ); sprintf(connect_string, "CONNECT %s:%d \
HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host, port, inAuthenticationString ); }
else
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * \
sizeof(axis2_char_t) +
30 * sizeof(axis2_char_t) \
); sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}
> Proxy authentication not working when using HTTPS
> -------------------------------------------------
>
> Key: AXIS2C-1555
> URL: https://issues.apache.org/jira/browse/AXIS2C-1555
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.6.0
> Reporter: Halewijn Geerts
>
> Proxy authentication is not working when using HTTPS. A Proxy without \
> authentication does work when axis2c was build without curl. In a build with curl, \
> proxy is ignored ( with or without authentication ). For build without curl:
> - In http_sender.c, axis2_http_client_recieve_header is called after \
> axis2_http_client_send without checking if send call succeeded.
> - In http_client.c, axis2_http_client_connect_ssl_host :
> proxy authentication data should be passed in connect_string:
> if ( inAuthenticationString )
> {
> connect_string = AXIS2_MALLOC( env->allocator,
> axutil_strlen(host) * sizeof(axis2_char_t) +
> axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
> 50 * sizeof(axis2_char_t) );
> sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: \
> %s\r\n\r\n", host, port, inAuthenticationString ); }
> else
> {
> connect_string = AXIS2_MALLOC( env->allocator,
> axutil_strlen(host) * sizeof(axis2_char_t) +
> 30 * sizeof(axis2_char_t) );
> sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
> }
> (Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, \
> I added output parameter to get it.) Also when \
> axis2_http_status_line_get_status_code returns \
> AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL, the response should be \
> processed to get the authentication type: < if (200 != \
> axis2_http_status_line_get_status_code(status_line, env)) < {
> < AXIS2_FREE(env->allocator, connect_string);
> < axutil_stream_free(tmp_stream, env);
> < return AXIS2_FAILURE;
> < }
> > theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
> >
> > if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> > {
> > if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode \
> > ) {
> > client->response = axis2_http_simple_response_create_default(env);
> >
> > memset(str_header, 0, 512);
> > end_of_line = AXIS2_FALSE;
> > while ( read > 0 && AXIS2_FALSE == end_of_headers )
> > {
> > while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> > 1 ) ) > 0 )
> > {
> > tmp_buf[read] = '\0';
> > assert ( axutil_strlen( str_header ) + 1 <= 512 );
> > strcat(str_header, tmp_buf);
> > if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
> > {
> > end_of_line = AXIS2_TRUE;
> > break;
> > }
> > }
> > if (AXIS2_TRUE == end_of_line)
> > {
> > if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
> > {
> > end_of_headers = AXIS2_TRUE;
> > }
> > else
> > {
> > axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env, \
> > str_header); memset(str_header, 0, 512);
> > if (tmp_header)
> > {
> > axis2_http_simple_response_set_header(client->response,
> > env, tmp_header);
> > }
> > }
> > }
> > end_of_line = AXIS2_FALSE;
> > }
> > }
> >
> > AXIS2_FREE(env->allocator, connect_string);
> > axis2_http_status_line_free( status_line, env );
> > axutil_stream_free(tmp_stream, env);
> > return theStatusCode; /*return the status code because is checked in \
> > http_sender.c*/
> As shown in above code: the http status code must be returned in case of an error \
> because in http_sender, the return value of axis2_http_client_send will be checked \
> to see if value is equal to \
> AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL. With these changes I \
> have been able to get only a part of the code working:
> - when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); \
> is set, authentication type will be set.
> - can authenticate through proxy when authentication is known.
> Didn't get code working that gets authentication type and then connects in 1 call, \
> I have to use axis2_options_set_test_proxy_auth first then call again with \
> authentication type set.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic