Initial commit of ntlm authentication code

git-svn-id: http://svn.apache.org/repos/asf/axis/axis2/c/core/trunk@1129578 13f79535-47bb-0310-9956-ffa450edef68

7 files changed, 465 insertions, 0 deletions

diff --git a/src/core/transport/http/sender/ntlm/test/Makefile.am b/src/core/transport/http/sender/ntlm/test/Makefile.am
new file mode 100644
index 0000000..191106d
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/Makefile.am
@@ -0,0 +1,30 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+TESTS =
+SUBDIRS = mock_server
+noinst_PROGRAMS = test_ntlm mock_client
+check_PROGRAMS = test_ntlm mock_client
+SUBDIRS =
+AM_CFLAGS = -g -O2
+test_ntlm_SOURCES = client.c
+mock_client_SOURCES = mock_client.c
+
+LINK_FLAGS   =	../$(NTLM_WRAPPER_DIR)/libaxis2_ntlm.la \
+					$(top_builddir)/util/src/libaxutil.la
+
+test_ntlm_LDADD   =	$(LINK_FLAGS)
+mock_client_LDADD   =	$(LINK_FLAGS)
+INCLUDES = -I$(top_builddir)/include \
+            -I$(top_builddir)/util/include
diff --git a/src/core/transport/http/sender/ntlm/test/client.c b/src/core/transport/http/sender/ntlm/test/client.c
new file mode 100755
index 0000000..c7273e9
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/client.c
@@ -0,0 +1,82 @@
+/* tcpclient.c */
+
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <axutil_base64.h>
+#include <axutil_string.h>
+#include <axis2_util.h>
+
+#include <stdio.h>
+#include <axis2_ntlm.h>
+
+#define NTLM_NEG_NTLM           0x00000200
+#define NTLM_NEG_UNICODE        0x00000001
+#define NTLM_TARGET_DOMAIN      0x00010000
+
+int main()
+{
+    axis2_status_t status = AXIS2_FAILURE;
+    const axutil_env_t *env = NULL;
+    env = axutil_env_create_all("ntlm_test_client.log", AXIS2_LOG_LEVEL_TRACE);
+    /*int flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;*/
+
+    {
+        axis2_char_t *encoded = NULL;
+        int elen = 0;
+        int flags = 0;
+        axis2_ntlm_t *ntlm = NULL;
+        ntlm = axis2_ntlm_create(env);
+        status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded, &elen, "foo", 
+                "digestpassword", flags, "mydomain");
+        if(AXIS2_SUCCESS != status)
+        {
+            AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
+                    "axis2_ntlm_auth_create_type1_message call failed");
+            printf("axis2_ntlm_auth_create_type1_message call failed\n");
+            return 1;
+        }
+        if(0 == axutil_strcmp(encoded, "TlRMTVNTUAABAAAABRIAAAgACAAYAAAAbXlkb21haW4=") && elen == 45)
+        {
+            printf("creating type1 message test passed\n");
+        }
+        else
+        {
+            printf("creating type1 message test failed!!!\n");
+        }
+    }
+    {
+        int elen = 0;
+        axis2_char_t *encoded = NULL;
+        axis2_char_t *header_value = 
+            "TlRMTVNTUAACAAAAHgAeADgAAAAFAoICZAg+4lbcT0AAAAAAAAAAAJgAmABWAAAABgGxHQAAAA9XAEkATgAtADcAMQBNAEUAUABIADQANgBOAFEAMwACAB4AVwBJAE4ALQA3ADEATQBFAFAASAA0ADYATgBRADMAAQAeAFcASQBOAC0ANwAxAE0ARQBQAEgANAA2AE4AUQAzAAQAHgBXAEkATgAtADcAMQBNAEUAUABIADQANgBOAFEAMwADAB4AVwBJAE4ALQA3ADEATQBFAFAASAA0ADYATgBRADMABwAIAHIX52u6HcwBAAAAAA==";
+        axis2_ntlm_t *ntlm = NULL;
+        ntlm = axis2_ntlm_create(env);
+        status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_value, &encoded, 
+                &elen, "nandika", "nandika", "mydomain", "workstation");
+        if(AXIS2_SUCCESS != status)
+        {
+            AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
+                    "axis2_ntlm_auth_create_type3_message call failed");
+            printf("axis2_ntlm_auth_create_type3_message call failed\n");
+            return 1;
+        }
+        if(0 == axutil_strcmp(encoded, "TlRMTVNTUAADAAAAAAAAADQAAAAYABgANAAAAB4AHgBMAAAADgAOAGoAAAAWABYAeAAAACkOCQbnz6muRsRit954E//a+AQM6Dk8g1cASQBOAC0ANwAxAE0ARQBQAEgANAA2AE4AUQAzAG4AYQBuAGQAaQBrAGEAdwBvAHIAawBzAHQAYQB0AGkAbwBuAA==") && elen == 193)
+        {
+            printf("creating type3 message test passed\n");
+        }
+        else
+        {
+            printf("creating type3 message test failed!!!\n");
+        }
+    }
+    
+    return 0;
+}
+
diff --git a/src/core/transport/http/sender/ntlm/test/mock_client.c b/src/core/transport/http/sender/ntlm/test/mock_client.c
new file mode 100755
index 0000000..d44ce80
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/mock_client.c
@@ -0,0 +1,196 @@
+/* tcpclient.c */
+
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <axutil_base64.h>
+#include <axutil_string.h>
+#include <axis2_util.h>
+#include <axis2_ntlm.h>
+
+
+/*axis2_char_t *hostname = "172.16.176.132";*/
+axis2_char_t *hostname = "localhost";
+int port = 8080;
+static char *
+create_type1_header(const axutil_env_t *env, axis2_char_t *encoded)
+{
+    char *type1_header = NULL;
+    char *header1 = NULL;
+
+    type1_header = axutil_strcat(env, "Authorization: NTLM " ,encoded, NULL);
+
+    header1 = "HEAD /myservice/Service1.asmx HTTP/1.1\n"\
+            "Host: 172.16.176.132:8080\n"\
+            "User-Agent: Axis2C/1.7.0\n";
+    header1 = axutil_strcat(env, header1, type1_header, "\n\n", NULL);
+    AXIS2_FREE(env->allocator, type1_header);
+
+    return header1;
+}
+
+static axis2_char_t *
+create_type3_header(const axutil_env_t *env, 
+        char *encoded)
+{
+    char *header3 = NULL;
+
+    char *temp_header = strdup("GET /myservice/Service1.asmx?WSDL HTTP/1.1\n"\
+            "Host: 172.16.176.132:8080\n"\
+            "User-Agent: Axis2C/1.7.0\n"\
+            "Authorization: NTLM ");
+
+    int len1 = axutil_strlen(encoded);
+    int len2 = axutil_strlen(temp_header);
+    header3 = AXIS2_MALLOC(env->allocator, (len1 + len2 + 5));
+    memset(header3, 0, sizeof(header3));
+    strcat(header3, temp_header);
+    strcat(header3, encoded);
+    strcat(header3, "\n\n");
+
+    return header3;
+
+}
+
+int main()
+{
+    int sock, bytes_recieved;  
+    char recv_data[10024];
+    struct hostent *host;
+    struct sockaddr_in server_addr;
+    const axis2_char_t *header = NULL;
+    axis2_char_t *header_value = NULL;
+    char *type3_header = NULL;
+    char *type1_header = NULL;
+    const char *user = "nandika",
+	            *domain = "mydomain",
+	            *password = "nandika",
+	            *workstation = "workstation";
+    axis2_status_t status = AXIS2_FAILURE;
+    const axutil_env_t *env = NULL;
+    env = axutil_env_create_all("mock_client.log", AXIS2_LOG_LEVEL_TRACE);
+
+    host = gethostbyname(hostname);
+
+    if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        perror("Socket");
+        exit(1);
+    }
+
+    server_addr.sin_family = AF_INET;     
+    server_addr.sin_port = htons(port);   
+    server_addr.sin_addr = *((struct in_addr *)host->h_addr);
+    bzero(&(server_addr.sin_zero),8); 
+  
+    /* Create a normal message */
+    char *init_send = axutil_strdup(env, "HEAD /myservice/Service1.asmx HTTP/1.1\n"\
+                        "Host: 172.16.176.132:8080\n"\
+                        "User-Agent: Axis2C/1.7.0\n\n");
+
+    if (connect(sock, (struct sockaddr *)&server_addr,
+                sizeof(struct sockaddr)) == -1) 
+    {
+        perror("Connect");
+        exit(1);
+    }
+    /* Send a normal message */
+    send(sock, init_send, strlen(init_send), 0); 
+
+    while(1)
+    {
+        bytes_recieved=recv(sock,recv_data,10024,0);
+        recv_data[bytes_recieved] = '\0';
+        header = axutil_strstr(recv_data, "WWW-Authenticate: NTLM ");
+        
+        /* Process the challange */
+        if(header)
+        {
+            int i = 22;
+            while(header[i] && isspace((unsigned char) header[i]))
+            {
+                i++;
+            }
+            if (header[i] != '\0') 
+            {
+                int len = axutil_strlen(&header[i]);
+                if (len == 0)
+                {
+                    printf("invalid Negotiate token\n");
+                }
+                else
+                {
+                    header_value = axutil_strdup(env, &header[i]);
+                }
+            }
+            if(header_value)
+            {
+                axis2_char_t *temp = strstr(header_value, "==");
+                temp = temp + 3;
+                *temp = '\0';
+                header_value = axutil_strdup(env, header_value);
+            }
+        }
+        if(!header_value) /* printf("unauth_header:\n%s\n", unauth_header); */
+        {
+            axis2_char_t *encoded = NULL;
+            int elen = 0;
+            int flags = 0;
+            axis2_ntlm_t *ntlm = NULL;
+            ntlm = axis2_ntlm_create(env);
+            status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded, &elen, user, 
+                    password, flags, domain);
+            if(AXIS2_SUCCESS != status)
+            {
+                AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
+                        "axis2_ntlm_auth_create_type1_message call failed");
+                printf("axis2_ntlm_auth_create_type1_message call failed\n");
+                return 1;
+            }
+
+            /* Ceate type 1(negotiation) header  message from the recieved header */
+            type1_header = create_type1_header(env, encoded);
+            /* Send netotiation message */
+            send(sock, type1_header,strlen(type1_header), 0);
+            printf("sent:\n%s\n", type1_header);
+            free(type1_header);
+            continue;
+        }
+        if(header_value)
+        {
+            /*printf("header_value:\n***%s***\n", header_value);*/
+            int elen = 0;
+            axis2_char_t *encoded = NULL;
+            axis2_char_t *header_value = NULL;
+            axis2_ntlm_t *ntlm = NULL;
+            ntlm = axis2_ntlm_create(env);
+            status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_value, &encoded, 
+                    &elen, user, password, domain, workstation);
+            if(AXIS2_SUCCESS != status)
+            {
+                AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
+                        "axis2_ntlm_auth_create_type3_message call failed");
+                printf("axis2_ntlm_auth_create_type3_message call failed\n");
+                return 1;
+            }
+
+            /* Create Type3 (authentication) header */
+            type3_header = create_type3_header(env, encoded);
+            break;
+        }
+    }
+    /* Send Type3(authentication) message */
+    send(sock, type3_header, strlen(type3_header), 0); 
+    bytes_recieved=recv(sock,recv_data,10024,0);
+    recv_data[bytes_recieved] = '\0';
+    printf("\nRecieved data:\n%s \n" , recv_data);
+    close(sock);
+    
+    return 0;
+}
+
diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am b/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am
new file mode 100644
index 0000000..3bf50fa
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am
@@ -0,0 +1,25 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+TESTS =
+noinst_PROGRAMS = mock_server
+check_PROGRAMS = mock_server
+SUBDIRS =
+AM_CFLAGS = -g -O2
+mock_server_SOURCES = mock_server.c
+
+mock_server_LDADD   = $(top_builddir)/util/src/libaxutil.la
+
+INCLUDES = -I$(top_builddir)/include \
+            -I$(top_builddir)/util/include
diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c b/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c
new file mode 100644
index 0000000..3911b0d
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c
@@ -0,0 +1,128 @@
+/* tcpserver.c */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <axutil_string.h>
+#include <axis2_util.h>
+
+int main()
+{
+    int port = 8080;
+    int sock, connected, bytes_recieved , true = 1;  
+    char recv_data[10024];       
+    char *send_data = NULL;
+    const axutil_env_t *env = NULL;
+    int flip = 0;
+
+    env = axutil_env_create_all("mock_server.log", AXIS2_LOG_LEVEL_TRACE);
+    struct sockaddr_in server_addr,client_addr;    
+    unsigned int sin_size;
+    
+    if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        perror("Socket");
+        exit(1);
+    }
+
+    if (setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,&true,sizeof(int)) == -1) {
+        perror("Setsockopt");
+        exit(1);
+    }
+    
+    server_addr.sin_family = AF_INET;         
+    server_addr.sin_port = htons(port);     
+    server_addr.sin_addr.s_addr = INADDR_ANY; 
+    bzero(&(server_addr.sin_zero),8); 
+
+    if (bind(sock, (struct sockaddr *)&server_addr, sizeof(struct sockaddr))
+                                                                   == -1) {
+        perror("Unable to bind");
+        exit(1);
+    }
+
+    if (listen(sock, 5) == -1) {
+        perror("Listen");
+        exit(1);
+    }
+        
+    printf("\nTCPServer Waiting for client on port %d \n", port);
+        fflush(stdout);
+
+
+    while(1)
+    {  
+        sin_size = sizeof(struct sockaddr_in);
+
+        connected = accept(sock, (struct sockaddr *)&client_addr, &sin_size);
+
+        printf("\nGot a connection from (%s , %d) \n",
+               inet_ntoa(client_addr.sin_addr),ntohs(client_addr.sin_port));
+
+        while (1)
+        {
+            int mark = 0;
+            bytes_recieved = recv(connected,recv_data,10024,0);
+            recv_data[bytes_recieved] = '\0';
+            if(strstr(recv_data, "GET")) 
+            {
+                mark = 1;
+            }
+            if( mark == 1 && strstr(recv_data, "Authorization: NTLM "))
+            {
+                if(flip == 0)
+                {
+                    send_data = "HTTP/1.1 401 Unauthorized\n"\
+                        "Content-Type: text/html; charset=us-ascii\n"\
+                        "Server: Microsoft-HTTPAPI/2.0\n"\
+                        "WWW-Authenticate: NTLM TlRMTVNTUAACAAAADAAMADAAAAABAgEAf39/f39/f38AAAAAAAAAAAAAAAA8AAAARABPAE0AQQBJAE4A\n"\
+                        "Date: Thu, 31 Mar 2011 17:41:03 GMT\n"\
+                        "Content-Length: 341\n\n";
+                    flip = 1;
+                }
+                else if(flip == 1) 
+                {
+                    send_data = "HTTP/1.1 200 OK\n"\
+                        "Cache-Control: private, max-age=0\n"\
+                        "Content-Type: text/xml; charset=utf-8\n"\
+                        "Server: Microsoft-IIS/7.5\n"\
+                        "X-AspNet-Version: 2.0.50727\n"\
+                        "Persistent-Auth: true\n"\
+                        "X-Powered-By: ASP.NET\n"\
+                        "Date: Thu, 31 Mar 2011 17:41:04 GMT\n"\
+                        "Content-Length: 2827\n\n";
+                    flip = 0;
+                }
+                printf("sent:%s\n", send_data);
+                fflush(stdout);
+                send(connected, send_data,strlen(send_data), 0);  
+            }
+            else if(mark == 1)
+            {
+                send_data = "HTTP/1.1 401 Unauthorized\n"\
+                    "Content-Type: text/html\n"\
+                    "Server: Microsoft-IIS/7.5\n"\
+                    "WWW-Authenticate: NTLM\n"\
+                    "X-Powered-By: ASP.NET\n"\
+                    "Date: Thu, 31 Mar 2011 17:41:03 GMT\n"\
+                    "Content-Length: 1293\n\n";
+                printf("sent:%s\n", send_data);
+                fflush(stdout);
+                send(connected, send_data,strlen(send_data), 0);  
+            }
+            else 
+            {
+                break;
+            }
+        }
+    }       
+
+      close(sock);
+      return 0;
+} 
+
diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/run.sh b/src/core/transport/http/sender/ntlm/test/mock_server/run.sh
new file mode 100755
index 0000000..c22c556
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/mock_server/run.sh
@@ -0,0 +1,2 @@
+export LD_LIBRARY_PATH=/tmp/heimdal/lib:/axis2c/deploy/lib
+./mock_server
diff --git a/src/core/transport/http/sender/ntlm/test/run.sh b/src/core/transport/http/sender/ntlm/test/run.sh
new file mode 100755
index 0000000..961dbe5
--- /dev/null
+++ b/src/core/transport/http/sender/ntlm/test/run.sh
@@ -0,0 +1,2 @@
+rm ntlm_test_client.log 
+./test_ntlm