From 1d2fcf87bcc73e697198fb07493174df550d71c5 Mon Sep 17 00:00:00 2001 From: damitha Date: Tue, 31 May 2011 09:05:26 +0000 Subject: Initial commit of ntlm authentication code git-svn-id: http://svn.apache.org/repos/asf/axis/axis2/c/core/trunk@1129578 13f79535-47bb-0310-9956-ffa450edef68 --- src/core/transport/http/sender/ntlm/Makefile.am | 15 + src/core/transport/http/sender/ntlm/README | 0 .../transport/http/sender/ntlm/default/Makefile.am | 24 ++ .../sender/ntlm/default/default_ntlm_wrapper.c | 137 ++++++++ .../transport/http/sender/ntlm/heimdal/Makefile.am | 29 ++ .../sender/ntlm/heimdal/heimdal_ntlm_wrapper.c | 378 +++++++++++++++++++++ src/core/transport/http/sender/ntlm/ntlm.c | 58 ++++ .../transport/http/sender/ntlm/test/Makefile.am | 30 ++ src/core/transport/http/sender/ntlm/test/client.c | 82 +++++ .../transport/http/sender/ntlm/test/mock_client.c | 196 +++++++++++ .../http/sender/ntlm/test/mock_server/Makefile.am | 25 ++ .../sender/ntlm/test/mock_server/mock_server.c | 128 +++++++ .../http/sender/ntlm/test/mock_server/run.sh | 2 + src/core/transport/http/sender/ntlm/test/run.sh | 2 + 14 files changed, 1106 insertions(+) create mode 100644 src/core/transport/http/sender/ntlm/Makefile.am create mode 100644 src/core/transport/http/sender/ntlm/README create mode 100644 src/core/transport/http/sender/ntlm/default/Makefile.am create mode 100644 src/core/transport/http/sender/ntlm/default/default_ntlm_wrapper.c create mode 100644 src/core/transport/http/sender/ntlm/heimdal/Makefile.am create mode 100644 src/core/transport/http/sender/ntlm/heimdal/heimdal_ntlm_wrapper.c create mode 100644 src/core/transport/http/sender/ntlm/ntlm.c create mode 100644 src/core/transport/http/sender/ntlm/test/Makefile.am create mode 100755 src/core/transport/http/sender/ntlm/test/client.c create mode 100755 src/core/transport/http/sender/ntlm/test/mock_client.c create mode 100644 src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am create mode 100644 src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c create mode 100755 src/core/transport/http/sender/ntlm/test/mock_server/run.sh create mode 100755 src/core/transport/http/sender/ntlm/test/run.sh (limited to 'src/core/transport') diff --git a/src/core/transport/http/sender/ntlm/Makefile.am b/src/core/transport/http/sender/ntlm/Makefile.am new file mode 100644 index 0000000..5bba286 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/Makefile.am @@ -0,0 +1,15 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +SUBDIRS = $(NTLM_WRAPPER_DIR) diff --git a/src/core/transport/http/sender/ntlm/README b/src/core/transport/http/sender/ntlm/README new file mode 100644 index 0000000..e69de29 diff --git a/src/core/transport/http/sender/ntlm/default/Makefile.am b/src/core/transport/http/sender/ntlm/default/Makefile.am new file mode 100644 index 0000000..1457475 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/default/Makefile.am @@ -0,0 +1,24 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +lib_LTLIBRARIES = libaxis2_ntlm.la + + +libaxis2_ntlm_la_SOURCES = ../ntlm.c \ + default_ntlm_wrapper.c + +libaxis2_ntlm_la_LIBADD = $(top_builddir)/util/src/libaxutil.la + +INCLUDES = -I$(top_builddir)/include \ + -I$(top_builddir)/util/include diff --git a/src/core/transport/http/sender/ntlm/default/default_ntlm_wrapper.c b/src/core/transport/http/sender/ntlm/default/default_ntlm_wrapper.c new file mode 100644 index 0000000..3a4f25f --- /dev/null +++ b/src/core/transport/http/sender/ntlm/default/default_ntlm_wrapper.c @@ -0,0 +1,137 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include + +void AXIS2_CALL +default_ntlm_wrapper_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env); + +axis2_status_t AXIS2_CALL +default_ntlm_wrapper_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain, + const axis2_char_t *workstation); + +axis2_status_t AXIS2_CALL +default_ntlm_wrapper_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain, + const axis2_char_t *workstation); + +typedef struct default_ntlm_wrapper_impl_t +{ + axis2_ntlm_t ntlm; + + /*xmlTextReaderPtr reader;*/ + +} default_ntlm_wrapper_impl_t; + +#define AXIS2_INTF_TO_IMPL(p) ((default_ntlm_wrapper_impl_t*)p) +#define AXIS2_IMPL_TO_INTF(p) &(p->ntlm) + +static const axis2_ntlm_ops_t axis2_ntlm_ops_var = { + default_ntlm_wrapper_free, + default_ntlm_wrapper_create_type1_message, + default_ntlm_wrapper_create_type3_message }; + +AXIS2_EXTERN axis2_ntlm_t *AXIS2_CALL +axis2_ntlm_create( + const axutil_env_t *env) +{ + default_ntlm_wrapper_impl_t *wrapper_impl = NULL; + wrapper_impl = (default_ntlm_wrapper_impl_t *)AXIS2_MALLOC(env->allocator, + sizeof(default_ntlm_wrapper_impl_t)); + + if(!wrapper_impl) + { + AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE); + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "No memory. Cannot create default ntlm wrapper"); + return NULL; + } + memset(wrapper_impl, 0, sizeof(default_ntlm_wrapper_impl_t)); + /*wrapper_impl->x=NULL;*/ + wrapper_impl->ntlm.ops = &axis2_ntlm_ops_var; + return &(wrapper_impl->ntlm); +} + +/** + */ +void AXIS2_CALL +default_ntlm_wrapper_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env) +{ + default_ntlm_wrapper_impl_t *ntlm_impl = NULL; + ntlm_impl = AXIS2_INTF_TO_IMPL(ntlm); + + AXIS2_FREE(env->allocator, AXIS2_INTF_TO_IMPL(ntlm)); + return; +} + +axis2_status_t AXIS2_CALL +default_ntlm_wrapper_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *user, + const axis2_char_t *password, + const int flags, + const axis2_char_t *domain, + const axis2_char_t *workstation) +{ + axis2_status_t status = AXIS2_FAILURE; + return status; +} + +axis2_status_t AXIS2_CALL +default_ntlm_wrapper_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *user, + const axis2_char_t *password, + const int flags, + const axis2_char_t *domain, + const axis2_char_t *workstation) +{ + axis2_status_t status = AXIS2_FAILURE; + return status; +} + + diff --git a/src/core/transport/http/sender/ntlm/heimdal/Makefile.am b/src/core/transport/http/sender/ntlm/heimdal/Makefile.am new file mode 100644 index 0000000..05c6239 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/heimdal/Makefile.am @@ -0,0 +1,29 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +lib_LTLIBRARIES = libaxis2_ntlm.la + + +libaxis2_ntlm_la_SOURCES = ../ntlm.c \ + heimdal_ntlm_wrapper.c + +libaxis2_ntlm_la_LIBADD = @NTLM_LDFLAGS@ \ + $(top_builddir)/util/src/libaxutil.la + +#libaxis2_ntlm_la_LDFLAGS = -version-info $(VERSION_NO) + + +INCLUDES = -I$(top_builddir)/include \ + -I$(top_builddir)/util/include \ + @NTLM_CFLAGS@ diff --git a/src/core/transport/http/sender/ntlm/heimdal/heimdal_ntlm_wrapper.c b/src/core/transport/http/sender/ntlm/heimdal/heimdal_ntlm_wrapper.c new file mode 100644 index 0000000..eb66927 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/heimdal/heimdal_ntlm_wrapper.c @@ -0,0 +1,378 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include + +#include +#include /* or */ +#include + +void AXIS2_CALL +heimdal_ntlm_wrapper_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env); + +axis2_status_t AXIS2_CALL +heimdal_ntlm_wrapper_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain); + +axis2_status_t AXIS2_CALL +heimdal_ntlm_wrapper_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const axis2_char_t *domain, + const axis2_char_t *workstation); + +typedef struct heimdal_ntlm_wrapper_impl_t +{ + axis2_ntlm_t ntlm; +} heimdal_ntlm_wrapper_impl_t; + +#define AXIS2_INTF_TO_IMPL(p) ((heimdal_ntlm_wrapper_impl_t*)p) +#define AXIS2_IMPL_TO_INTF(p) &(p->ntlm) + +static const axis2_ntlm_ops_t axis2_ntlm_ops_var = { + heimdal_ntlm_wrapper_free, + heimdal_ntlm_wrapper_create_type1_message, + heimdal_ntlm_wrapper_create_type3_message }; + +AXIS2_EXTERN axis2_ntlm_t *AXIS2_CALL +axis2_ntlm_create( + const axutil_env_t *env) +{ + heimdal_ntlm_wrapper_impl_t *wrapper_impl = NULL; + wrapper_impl = (heimdal_ntlm_wrapper_impl_t *)AXIS2_MALLOC(env->allocator, + sizeof(heimdal_ntlm_wrapper_impl_t)); + + if(!wrapper_impl) + { + AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE); + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "No memory. Cannot create heimdal ntlm wrapper"); + return NULL; + } + memset(wrapper_impl, 0, sizeof(heimdal_ntlm_wrapper_impl_t)); + wrapper_impl->ntlm.ops = &axis2_ntlm_ops_var; + return &(wrapper_impl->ntlm); +} + +/** + */ +void AXIS2_CALL +heimdal_ntlm_wrapper_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env) +{ + heimdal_ntlm_wrapper_impl_t *ntlm_impl = NULL; + ntlm_impl = AXIS2_INTF_TO_IMPL(ntlm); + + AXIS2_FREE(env->allocator, AXIS2_INTF_TO_IMPL(ntlm)); + return; +} + +axis2_status_t AXIS2_CALL +heimdal_ntlm_wrapper_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *user, + const axis2_char_t *password, + const int flags, + const axis2_char_t *domain) +{ + heimdal_ntlm_wrapper_impl_t *ntlm_impl = NULL; + AXIS2_ENV_CHECK(env, AXIS2_FAILURE); + ntlm_impl = AXIS2_INTF_TO_IMPL(ntlm); + + struct ntlm_type1 type1; + struct ntlm_buf data; + int ret; + memset(&type1, 0, sizeof(type1)); + + if(flags != 0) + { + type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM|flags; + } + else + { + type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM; + } + if(domain) + { + type1.domain = rk_UNCONST(domain); + } + else + { + type1.domain = NULL; + } + type1.hostname = NULL; + type1.os[0] = 0; + type1.os[1] = 0; + + ret = heim_ntlm_encode_type1(&type1, &data); + if (ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_encode_type1 call failed"); + return AXIS2_FAILURE; + } + + *encoded_message = AXIS2_MALLOC(env->allocator, (2 * data.length)); + if(!*encoded_message) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] Memory allocation for encoded message failed"); + return AXIS2_FAILURE; + } + *encoded_len = axutil_base64_encode_binary(*encoded_message, data.data, data.length); + + if(data.data) + { + free(data.data); + } + + return AXIS2_SUCCESS; +} + +axis2_status_t AXIS2_CALL +heimdal_ntlm_wrapper_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *user, + const axis2_char_t *password, + const axis2_char_t *domain, + const axis2_char_t *workstation) +{ + heimdal_ntlm_wrapper_impl_t *ntlm_impl = NULL; + AXIS2_ENV_CHECK(env, AXIS2_FAILURE); + ntlm_impl = AXIS2_INTF_TO_IMPL(ntlm); + + struct ntlm_type3 type3; + struct ntlm_type2 type2; + struct ntlm_buf data; + int ret; + + memset(&type2, 0, sizeof(type2)); + + int len = axutil_strlen(header_value); + len = 2 * len + 1; + char temp_value[len]; + data.data = temp_value; + data.length = axutil_base64_decode_binary(data.data, header_value); + ret = heim_ntlm_decode_type2(&data, &type2); + data.data = NULL; + if (ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_decode_type2 call failed"); + return AXIS2_FAILURE; + } + + memset(&type3, 0, sizeof(type3)); + + type3.flags = type2.flags; + type3.username = rk_UNCONST(user); + type3.targetname = rk_UNCONST(type2.targetname); + if(workstation) + { + type3.ws = rk_UNCONST(workstation); + } + else + { + type3.ws = NULL; + } + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "type3.flags:***%d***", type3.flags); + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "type3.username:***%s***", type3.username); + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "type3.targetname:***%s***", type3.targetname); + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "type3.ws:***%s***", type3.ws); + + { + struct ntlm_buf key; + heim_ntlm_nt_key(password, &key); + + /* NTLM Version 1 if no targetinfo buffer.*/ + + if (1 || type2.targetinfo.length == 0) + { + + if (type2.flags & NTLM_NEG_NTLM2_SESSION) + { + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] ntlm2 session"); + unsigned char nonce[8]; + + if (RAND_bytes(nonce, sizeof(nonce)) != 1) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] RAND_bytes function call failed"); + return AXIS2_FAILURE; + } + + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] calculate_ntlm2_sess"); + ret = heim_ntlm_calculate_ntlm2_sess(nonce, + type2.challange, + key.data, + &type3.lm, + &type3.ntlm); + } + else + { + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] calculate_ntlm1"); + ret = heim_ntlm_calculate_ntlm1(key.data, + key.length, + type2.challange, + &type3.ntlm); + + } + if (ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_calculate_ntlm1 function call failed"); + return AXIS2_FAILURE; + } + + if (type2.flags & NTLM_NEG_KEYEX) + { + struct ntlm_buf sessionkey; + + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] build_ntlm1_master"); + ret = heim_ntlm_build_ntlm1_master(key.data, + key.length, + &sessionkey, + &type3.sessionkey); + if (ret) + { + if (type3.lm.data) + { + free(type3.lm.data); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_build_ntlm1_master function call failed"); + return AXIS2_FAILURE; + } + + free(sessionkey.data); + } + + } + else + { + unsigned char ntlmv2[16]; + struct ntlm_targetinfo ti; + + /* verify infotarget */ + + ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti); + if(ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_decode_targetinfo function call failed"); + return AXIS2_FAILURE; + } + + if (ti.domainname && domain && strcmp(ti.domainname, domain) != 0) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_decode_targetinfo function returned wrong data"); + return AXIS2_FAILURE; + } + + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] calculate_ntlm2"); + ret = heim_ntlm_calculate_ntlm2(key.data, + key.length, + user, + domain, + type2.challange, + &type2.targetinfo, + ntlmv2, + &type3.ntlm); + if (ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_calculate_ntlm2 function call failed"); + return AXIS2_FAILURE; + } + + if (type2.flags & NTLM_NEG_KEYEX) + { + struct ntlm_buf sessionkey; + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[heimdal_wrapper] build_ntlm1_master"); + ret = heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2), + &sessionkey, + &type3.sessionkey); + memset(ntlmv2, 0, sizeof(ntlmv2)); + if (ret) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_build_ntlm1_master function call failed"); + return AXIS2_FAILURE; + } + + free(sessionkey.data); + } + } + + if(key.data) + { + free(key.data); + } + } + + ret = heim_ntlm_encode_type3(&type3, &data); + if (ret) + { + heim_ntlm_free_type2(&type2); + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] heim_ntlm_encode_type3 call failed"); + return AXIS2_FAILURE; + } + + *encoded_message = AXIS2_MALLOC(env->allocator, (2 * data.length)); + if(!*encoded_message) + { + heim_ntlm_free_type2(&type2); + free(type3.ntlm.data); + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[heimdal_wrapper] Memory allocation for encoded message failed"); + return AXIS2_FAILURE; + } + *encoded_len = axutil_base64_encode_binary(*encoded_message, data.data, data.length); + heim_ntlm_free_type2(&type2); + free(type3.ntlm.data); + + return AXIS2_SUCCESS; +} + + diff --git a/src/core/transport/http/sender/ntlm/ntlm.c b/src/core/transport/http/sender/ntlm/ntlm.c new file mode 100644 index 0000000..383809b --- /dev/null +++ b/src/core/transport/http/sender/ntlm/ntlm.c @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +AXIS2_EXTERN void AXIS2_CALL +axis2_ntlm_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env) +{ + (ntlm)->ops->free(ntlm, env); +} + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +axis2_ntlm_auth_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain) +{ + return (ntlm)->ops->create_type1_message(ntlm, env, encoded_message, encoded_len, uname, + passwd, flags, domain); +} + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +axis2_ntlm_auth_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const axis2_char_t *domain, + const axis2_char_t *workstation) +{ + return (ntlm)->ops->create_type3_message(ntlm, env, header_value, encoded_message, encoded_len, + uname, passwd, domain, workstation); +} + diff --git a/src/core/transport/http/sender/ntlm/test/Makefile.am b/src/core/transport/http/sender/ntlm/test/Makefile.am new file mode 100644 index 0000000..191106d --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/Makefile.am @@ -0,0 +1,30 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +TESTS = +SUBDIRS = mock_server +noinst_PROGRAMS = test_ntlm mock_client +check_PROGRAMS = test_ntlm mock_client +SUBDIRS = +AM_CFLAGS = -g -O2 +test_ntlm_SOURCES = client.c +mock_client_SOURCES = mock_client.c + +LINK_FLAGS = ../$(NTLM_WRAPPER_DIR)/libaxis2_ntlm.la \ + $(top_builddir)/util/src/libaxutil.la + +test_ntlm_LDADD = $(LINK_FLAGS) +mock_client_LDADD = $(LINK_FLAGS) +INCLUDES = -I$(top_builddir)/include \ + -I$(top_builddir)/util/include diff --git a/src/core/transport/http/sender/ntlm/test/client.c b/src/core/transport/http/sender/ntlm/test/client.c new file mode 100755 index 0000000..c7273e9 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/client.c @@ -0,0 +1,82 @@ +/* tcpclient.c */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#define NTLM_NEG_NTLM 0x00000200 +#define NTLM_NEG_UNICODE 0x00000001 +#define NTLM_TARGET_DOMAIN 0x00010000 + +int main() +{ + axis2_status_t status = AXIS2_FAILURE; + const axutil_env_t *env = NULL; + env = axutil_env_create_all("ntlm_test_client.log", AXIS2_LOG_LEVEL_TRACE); + /*int flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;*/ + + { + axis2_char_t *encoded = NULL; + int elen = 0; + int flags = 0; + axis2_ntlm_t *ntlm = NULL; + ntlm = axis2_ntlm_create(env); + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded, &elen, "foo", + "digestpassword", flags, "mydomain"); + if(AXIS2_SUCCESS != status) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type1_message call failed"); + printf("axis2_ntlm_auth_create_type1_message call failed\n"); + return 1; + } + if(0 == axutil_strcmp(encoded, "TlRMTVNTUAABAAAABRIAAAgACAAYAAAAbXlkb21haW4=") && elen == 45) + { + printf("creating type1 message test passed\n"); + } + else + { + printf("creating type1 message test failed!!!\n"); + } + } + { + int elen = 0; + axis2_char_t *encoded = NULL; + axis2_char_t *header_value = + "TlRMTVNTUAACAAAAHgAeADgAAAAFAoICZAg+4lbcT0AAAAAAAAAAAJgAmABWAAAABgGxHQAAAA9XAEkATgAtADcAMQBNAEUAUABIADQANgBOAFEAMwACAB4AVwBJAE4ALQA3ADEATQBFAFAASAA0ADYATgBRADMAAQAeAFcASQBOAC0ANwAxAE0ARQBQAEgANAA2AE4AUQAzAAQAHgBXAEkATgAtADcAMQBNAEUAUABIADQANgBOAFEAMwADAB4AVwBJAE4ALQA3ADEATQBFAFAASAA0ADYATgBRADMABwAIAHIX52u6HcwBAAAAAA=="; + axis2_ntlm_t *ntlm = NULL; + ntlm = axis2_ntlm_create(env); + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_value, &encoded, + &elen, "nandika", "nandika", "mydomain", "workstation"); + if(AXIS2_SUCCESS != status) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + printf("axis2_ntlm_auth_create_type3_message call failed\n"); + return 1; + } + if(0 == axutil_strcmp(encoded, "TlRMTVNTUAADAAAAAAAAADQAAAAYABgANAAAAB4AHgBMAAAADgAOAGoAAAAWABYAeAAAACkOCQbnz6muRsRit954E//a+AQM6Dk8g1cASQBOAC0ANwAxAE0ARQBQAEgANAA2AE4AUQAzAG4AYQBuAGQAaQBrAGEAdwBvAHIAawBzAHQAYQB0AGkAbwBuAA==") && elen == 193) + { + printf("creating type3 message test passed\n"); + } + else + { + printf("creating type3 message test failed!!!\n"); + } + } + + return 0; +} + diff --git a/src/core/transport/http/sender/ntlm/test/mock_client.c b/src/core/transport/http/sender/ntlm/test/mock_client.c new file mode 100755 index 0000000..d44ce80 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/mock_client.c @@ -0,0 +1,196 @@ +/* tcpclient.c */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +/*axis2_char_t *hostname = "172.16.176.132";*/ +axis2_char_t *hostname = "localhost"; +int port = 8080; +static char * +create_type1_header(const axutil_env_t *env, axis2_char_t *encoded) +{ + char *type1_header = NULL; + char *header1 = NULL; + + type1_header = axutil_strcat(env, "Authorization: NTLM " ,encoded, NULL); + + header1 = "HEAD /myservice/Service1.asmx HTTP/1.1\n"\ + "Host: 172.16.176.132:8080\n"\ + "User-Agent: Axis2C/1.7.0\n"; + header1 = axutil_strcat(env, header1, type1_header, "\n\n", NULL); + AXIS2_FREE(env->allocator, type1_header); + + return header1; +} + +static axis2_char_t * +create_type3_header(const axutil_env_t *env, + char *encoded) +{ + char *header3 = NULL; + + char *temp_header = strdup("GET /myservice/Service1.asmx?WSDL HTTP/1.1\n"\ + "Host: 172.16.176.132:8080\n"\ + "User-Agent: Axis2C/1.7.0\n"\ + "Authorization: NTLM "); + + int len1 = axutil_strlen(encoded); + int len2 = axutil_strlen(temp_header); + header3 = AXIS2_MALLOC(env->allocator, (len1 + len2 + 5)); + memset(header3, 0, sizeof(header3)); + strcat(header3, temp_header); + strcat(header3, encoded); + strcat(header3, "\n\n"); + + return header3; + +} + +int main() +{ + int sock, bytes_recieved; + char recv_data[10024]; + struct hostent *host; + struct sockaddr_in server_addr; + const axis2_char_t *header = NULL; + axis2_char_t *header_value = NULL; + char *type3_header = NULL; + char *type1_header = NULL; + const char *user = "nandika", + *domain = "mydomain", + *password = "nandika", + *workstation = "workstation"; + axis2_status_t status = AXIS2_FAILURE; + const axutil_env_t *env = NULL; + env = axutil_env_create_all("mock_client.log", AXIS2_LOG_LEVEL_TRACE); + + host = gethostbyname(hostname); + + if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + perror("Socket"); + exit(1); + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + server_addr.sin_addr = *((struct in_addr *)host->h_addr); + bzero(&(server_addr.sin_zero),8); + + /* Create a normal message */ + char *init_send = axutil_strdup(env, "HEAD /myservice/Service1.asmx HTTP/1.1\n"\ + "Host: 172.16.176.132:8080\n"\ + "User-Agent: Axis2C/1.7.0\n\n"); + + if (connect(sock, (struct sockaddr *)&server_addr, + sizeof(struct sockaddr)) == -1) + { + perror("Connect"); + exit(1); + } + /* Send a normal message */ + send(sock, init_send, strlen(init_send), 0); + + while(1) + { + bytes_recieved=recv(sock,recv_data,10024,0); + recv_data[bytes_recieved] = '\0'; + header = axutil_strstr(recv_data, "WWW-Authenticate: NTLM "); + + /* Process the challange */ + if(header) + { + int i = 22; + while(header[i] && isspace((unsigned char) header[i])) + { + i++; + } + if (header[i] != '\0') + { + int len = axutil_strlen(&header[i]); + if (len == 0) + { + printf("invalid Negotiate token\n"); + } + else + { + header_value = axutil_strdup(env, &header[i]); + } + } + if(header_value) + { + axis2_char_t *temp = strstr(header_value, "=="); + temp = temp + 3; + *temp = '\0'; + header_value = axutil_strdup(env, header_value); + } + } + if(!header_value) /* printf("unauth_header:\n%s\n", unauth_header); */ + { + axis2_char_t *encoded = NULL; + int elen = 0; + int flags = 0; + axis2_ntlm_t *ntlm = NULL; + ntlm = axis2_ntlm_create(env); + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded, &elen, user, + password, flags, domain); + if(AXIS2_SUCCESS != status) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type1_message call failed"); + printf("axis2_ntlm_auth_create_type1_message call failed\n"); + return 1; + } + + /* Ceate type 1(negotiation) header message from the recieved header */ + type1_header = create_type1_header(env, encoded); + /* Send netotiation message */ + send(sock, type1_header,strlen(type1_header), 0); + printf("sent:\n%s\n", type1_header); + free(type1_header); + continue; + } + if(header_value) + { + /*printf("header_value:\n***%s***\n", header_value);*/ + int elen = 0; + axis2_char_t *encoded = NULL; + axis2_char_t *header_value = NULL; + axis2_ntlm_t *ntlm = NULL; + ntlm = axis2_ntlm_create(env); + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_value, &encoded, + &elen, user, password, domain, workstation); + if(AXIS2_SUCCESS != status) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + printf("axis2_ntlm_auth_create_type3_message call failed\n"); + return 1; + } + + /* Create Type3 (authentication) header */ + type3_header = create_type3_header(env, encoded); + break; + } + } + /* Send Type3(authentication) message */ + send(sock, type3_header, strlen(type3_header), 0); + bytes_recieved=recv(sock,recv_data,10024,0); + recv_data[bytes_recieved] = '\0'; + printf("\nRecieved data:\n%s \n" , recv_data); + close(sock); + + return 0; +} + diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am b/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am new file mode 100644 index 0000000..3bf50fa --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/mock_server/Makefile.am @@ -0,0 +1,25 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +TESTS = +noinst_PROGRAMS = mock_server +check_PROGRAMS = mock_server +SUBDIRS = +AM_CFLAGS = -g -O2 +mock_server_SOURCES = mock_server.c + +mock_server_LDADD = $(top_builddir)/util/src/libaxutil.la + +INCLUDES = -I$(top_builddir)/include \ + -I$(top_builddir)/util/include diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c b/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c new file mode 100644 index 0000000..3911b0d --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/mock_server/mock_server.c @@ -0,0 +1,128 @@ +/* tcpserver.c */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +int main() +{ + int port = 8080; + int sock, connected, bytes_recieved , true = 1; + char recv_data[10024]; + char *send_data = NULL; + const axutil_env_t *env = NULL; + int flip = 0; + + env = axutil_env_create_all("mock_server.log", AXIS2_LOG_LEVEL_TRACE); + struct sockaddr_in server_addr,client_addr; + unsigned int sin_size; + + if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + perror("Socket"); + exit(1); + } + + if (setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,&true,sizeof(int)) == -1) { + perror("Setsockopt"); + exit(1); + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + server_addr.sin_addr.s_addr = INADDR_ANY; + bzero(&(server_addr.sin_zero),8); + + if (bind(sock, (struct sockaddr *)&server_addr, sizeof(struct sockaddr)) + == -1) { + perror("Unable to bind"); + exit(1); + } + + if (listen(sock, 5) == -1) { + perror("Listen"); + exit(1); + } + + printf("\nTCPServer Waiting for client on port %d \n", port); + fflush(stdout); + + + while(1) + { + sin_size = sizeof(struct sockaddr_in); + + connected = accept(sock, (struct sockaddr *)&client_addr, &sin_size); + + printf("\nGot a connection from (%s , %d) \n", + inet_ntoa(client_addr.sin_addr),ntohs(client_addr.sin_port)); + + while (1) + { + int mark = 0; + bytes_recieved = recv(connected,recv_data,10024,0); + recv_data[bytes_recieved] = '\0'; + if(strstr(recv_data, "GET")) + { + mark = 1; + } + if( mark == 1 && strstr(recv_data, "Authorization: NTLM ")) + { + if(flip == 0) + { + send_data = "HTTP/1.1 401 Unauthorized\n"\ + "Content-Type: text/html; charset=us-ascii\n"\ + "Server: Microsoft-HTTPAPI/2.0\n"\ + "WWW-Authenticate: NTLM TlRMTVNTUAACAAAADAAMADAAAAABAgEAf39/f39/f38AAAAAAAAAAAAAAAA8AAAARABPAE0AQQBJAE4A\n"\ + "Date: Thu, 31 Mar 2011 17:41:03 GMT\n"\ + "Content-Length: 341\n\n"; + flip = 1; + } + else if(flip == 1) + { + send_data = "HTTP/1.1 200 OK\n"\ + "Cache-Control: private, max-age=0\n"\ + "Content-Type: text/xml; charset=utf-8\n"\ + "Server: Microsoft-IIS/7.5\n"\ + "X-AspNet-Version: 2.0.50727\n"\ + "Persistent-Auth: true\n"\ + "X-Powered-By: ASP.NET\n"\ + "Date: Thu, 31 Mar 2011 17:41:04 GMT\n"\ + "Content-Length: 2827\n\n"; + flip = 0; + } + printf("sent:%s\n", send_data); + fflush(stdout); + send(connected, send_data,strlen(send_data), 0); + } + else if(mark == 1) + { + send_data = "HTTP/1.1 401 Unauthorized\n"\ + "Content-Type: text/html\n"\ + "Server: Microsoft-IIS/7.5\n"\ + "WWW-Authenticate: NTLM\n"\ + "X-Powered-By: ASP.NET\n"\ + "Date: Thu, 31 Mar 2011 17:41:03 GMT\n"\ + "Content-Length: 1293\n\n"; + printf("sent:%s\n", send_data); + fflush(stdout); + send(connected, send_data,strlen(send_data), 0); + } + else + { + break; + } + } + } + + close(sock); + return 0; +} + diff --git a/src/core/transport/http/sender/ntlm/test/mock_server/run.sh b/src/core/transport/http/sender/ntlm/test/mock_server/run.sh new file mode 100755 index 0000000..c22c556 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/mock_server/run.sh @@ -0,0 +1,2 @@ +export LD_LIBRARY_PATH=/tmp/heimdal/lib:/axis2c/deploy/lib +./mock_server diff --git a/src/core/transport/http/sender/ntlm/test/run.sh b/src/core/transport/http/sender/ntlm/test/run.sh new file mode 100755 index 0000000..961dbe5 --- /dev/null +++ b/src/core/transport/http/sender/ntlm/test/run.sh @@ -0,0 +1,2 @@ +rm ntlm_test_client.log +./test_ntlm -- cgit v1.1-32-gdbae