[
https://issues.apache.org/jira/browse/AXIS2C-1555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Halewijn Geerts updated AXIS2C-1555:
------------------------------------
Description:
Proxy authentication is not working when using HTTPS. A Proxy without
authentication does work when axis2c was build without curl. In a build with
curl, proxy is ignored ( with or without authentication ).
For build without curl:
- In http_sender.c, axis2_http_client_recieve_header is called after
axis2_http_client_send without checking if send call succeeded.
- In http_client.c, axis2_http_client_connect_ssl_host :
proxy authentication data should be passed in connect_string:
if ( inAuthenticationString )
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * sizeof(axis2_char_t) +
axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
50 *
sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization:
%s\r\n\r\n", host, port, inAuthenticationString );
}
else
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host)
* sizeof(axis2_char_t) +
30 *
sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}
(Authentication string can be obtained from
axis2_http_sender_configure_proxy_auth, I added output parameter to get it.)
Also when axis2_http_status_line_get_status_code returns
AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
the response should be processed to get the authentication type:
< if (200 != axis2_http_status_line_get_status_code(status_line, env))
< {
< AXIS2_FREE(env->allocator, connect_string);
< axutil_stream_free(tmp_stream, env);
< return AXIS2_FAILURE;
< }
> theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
>
> if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> {
> if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL ==
> theStatusCode )
> {
> client->response = axis2_http_simple_response_create_default(env);
>
> memset(str_header, 0, 512);
> end_of_line = AXIS2_FALSE;
> while ( read > 0 && AXIS2_FALSE == end_of_headers )
> {
> while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> 1 ) ) > 0 )
> {
> tmp_buf[read] = '\0';
> assert ( axutil_strlen( str_header ) + 1 <= 512 );
> strcat(str_header, tmp_buf);
> if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
> {
> end_of_line = AXIS2_TRUE;
> break;
> }
> }
> if (AXIS2_TRUE == end_of_line)
> {
> if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
> {
> end_of_headers = AXIS2_TRUE;
> }
> else
> {
> axis2_http_header_t *tmp_header =
> axis2_http_header_create_by_str(env, str_header);
> memset(str_header, 0, 512);
> if (tmp_header)
> {
>
> axis2_http_simple_response_set_header(client->response,
> env,
> tmp_header);
> }
> }
> }
> end_of_line = AXIS2_FALSE;
> }
> }
>
> AXIS2_FREE(env->allocator, connect_string);
> axis2_http_status_line_free( status_line, env );
> axutil_stream_free(tmp_stream, env);
> return theStatusCode; /*return the status code because is checked in
> http_sender.c*/
As shown in above code: the http status code must be returned in case of an
error because in http_sender, the return value of axis2_http_client_send will
be checked to see if value is equal to
AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.
With these changes I have been able to get only a part of the code working:
- when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE
); is set, authentication type will be set.
- can authenticate through proxy when authentication is known.
Didn't get code working that gets authentication type and then connects in 1
call, I have to use axis2_options_set_test_proxy_auth first then call again
with authentication type set.
was:
Proxy authentication is not working when using HTTPS. A Proxy without
authentication does work when axis2c was build without curl. In a build with
curl, proxy is ignored ( with or without authentication ).
For build without curl:
- In http_sender.c, axis2_http_client_recieve_header is called after
axis2_http_client_send without checking if send call succeeded.
- In http_client.c, axis2_http_client_connect_ssl_host :
proxy authentication data should be passed in connect_string:
if ( inAuthenticationString )
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * sizeof(axis2_char_t) +
axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
50 *
sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization:
%s\r\n\r\n", host, port, inAuthenticationString );
}
else
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host)
* sizeof(axis2_char_t) +
30 *
sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}
> Proxy authentication not working when using HTTPS
> -------------------------------------------------
>
> Key: AXIS2C-1555
> URL: https://issues.apache.org/jira/browse/AXIS2C-1555
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.6.0
> Reporter: Halewijn Geerts
>
> Proxy authentication is not working when using HTTPS. A Proxy without
> authentication does work when axis2c was build without curl. In a build with
> curl, proxy is ignored ( with or without authentication ).
> For build without curl:
> - In http_sender.c, axis2_http_client_recieve_header is called after
> axis2_http_client_send without checking if send call succeeded.
> - In http_client.c, axis2_http_client_connect_ssl_host :
> proxy authentication data should be passed in connect_string:
> if ( inAuthenticationString )
> {
> connect_string = AXIS2_MALLOC( env->allocator,
>
> axutil_strlen(host) * sizeof(axis2_char_t) +
>
> axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
> 50 *
> sizeof(axis2_char_t) );
> sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization:
> %s\r\n\r\n", host, port, inAuthenticationString );
> }
> else
> {
> connect_string = AXIS2_MALLOC( env->allocator,
>
> axutil_strlen(host) * sizeof(axis2_char_t) +
> 30 *
> sizeof(axis2_char_t) );
> sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
> }
> (Authentication string can be obtained from
> axis2_http_sender_configure_proxy_auth, I added output parameter to get it.)
> Also when axis2_http_status_line_get_status_code returns
> AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
> the response should be processed to get the authentication type:
> < if (200 != axis2_http_status_line_get_status_code(status_line, env))
> < {
> < AXIS2_FREE(env->allocator, connect_string);
> < axutil_stream_free(tmp_stream, env);
> < return AXIS2_FAILURE;
> < }
> > theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
> >
> > if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> > {
> > if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL ==
> > theStatusCode )
> > {
> > client->response = axis2_http_simple_response_create_default(env);
> >
> > memset(str_header, 0, 512);
> > end_of_line = AXIS2_FALSE;
> > while ( read > 0 && AXIS2_FALSE == end_of_headers )
> > {
> > while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> > 1 ) ) > 0 )
> > {
> > tmp_buf[read] = '\0';
> > assert ( axutil_strlen( str_header ) + 1 <= 512 );
> > strcat(str_header, tmp_buf);
> > if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
> > {
> > end_of_line = AXIS2_TRUE;
> > break;
> > }
> > }
> > if (AXIS2_TRUE == end_of_line)
> > {
> > if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
> > {
> > end_of_headers = AXIS2_TRUE;
> > }
> > else
> > {
> > axis2_http_header_t *tmp_header =
> > axis2_http_header_create_by_str(env, str_header);
> > memset(str_header, 0, 512);
> > if (tmp_header)
> > {
> >
> > axis2_http_simple_response_set_header(client->response,
> > env,
> > tmp_header);
> > }
> > }
> > }
> > end_of_line = AXIS2_FALSE;
> > }
> > }
> >
> > AXIS2_FREE(env->allocator, connect_string);
> > axis2_http_status_line_free( status_line, env );
> > axutil_stream_free(tmp_stream, env);
> > return theStatusCode; /*return the status code because is checked in
> > http_sender.c*/
> As shown in above code: the http status code must be returned in case of an
> error because in http_sender, the return value of axis2_http_client_send
> will be checked to see if value is equal to
> AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.
> With these changes I have been able to get only a part of the code working:
> - when axis2_options_set_test_proxy_auth( theOptions, mEnvironment,
> AXIS2_TRUE ); is set, authentication type will be set.
> - can authenticate through proxy when authentication is known.
> Didn't get code working that gets authentication type and then connects in 1
> call, I have to use axis2_options_set_test_proxy_auth first then call again
> with authentication type set.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
