Uploaded image for project: 'Axis2-C'
  1. Axis2-C
  2. AXIS2C-1555

Proxy authentication not working when using HTTPS

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.6.0
    • Fix Version/s: 1.7.0
    • Component/s: transport/http
    • Labels:
      None

      Description

      Proxy authentication is not working when using HTTPS. A Proxy without authentication does work when axis2c was build without curl. In a build with curl, proxy is ignored ( with or without authentication ).

      For build without curl:

      • In http_sender.c, axis2_http_client_recieve_header is called after axis2_http_client_send without checking if send call succeeded.
      • In http_client.c, axis2_http_client_connect_ssl_host :

      proxy authentication data should be passed in connect_string:

      if ( inAuthenticationString )
      {
      connect_string = AXIS2_MALLOC( env->allocator,
      axutil_strlen(host) * sizeof(axis2_char_t) +
      axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
      50 * sizeof(axis2_char_t) );
      sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host, port, inAuthenticationString );
      }
      else
      {
      connect_string = AXIS2_MALLOC( env->allocator,
      axutil_strlen(host) * sizeof(axis2_char_t) +
      30 * sizeof(axis2_char_t) );
      sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
      }

      (Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, I added output parameter to get it.)

      Also when axis2_http_status_line_get_status_code returns AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
      the response should be processed to get the authentication type:

      < if (200 != axis2_http_status_line_get_status_code(status_line, env))
      <

      { < AXIS2_FREE(env->allocator, connect_string); < axutil_stream_free(tmp_stream, env); < return AXIS2_FAILURE; < }

      > theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
      >
      > if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
      > {
      > if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode )
      > {
      > client->response = axis2_http_simple_response_create_default(env);
      >
      > memset(str_header, 0, 512);
      > end_of_line = AXIS2_FALSE;
      > while ( read > 0 && AXIS2_FALSE == end_of_headers )
      > {
      > while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
      > 1 ) ) > 0 )
      > {
      > tmp_buf[read] = '\0';
      > assert ( axutil_strlen( str_header ) + 1 <= 512 );
      > strcat(str_header, tmp_buf);
      > if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
      >

      { > end_of_line = AXIS2_TRUE; > break; > }

      > }
      > if (AXIS2_TRUE == end_of_line)
      > {
      > if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
      >

      { > end_of_headers = AXIS2_TRUE; > }

      > else
      > {
      > axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env, str_header);
      > memset(str_header, 0, 512);
      > if (tmp_header)
      >

      { > axis2_http_simple_response_set_header(client->response, > env, tmp_header); > }

      > }
      > }
      > end_of_line = AXIS2_FALSE;
      > }
      > }
      >
      > AXIS2_FREE(env->allocator, connect_string);
      > axis2_http_status_line_free( status_line, env );
      > axutil_stream_free(tmp_stream, env);
      > return theStatusCode; /return the status code because is checked in http_sender.c/

      As shown in above code: the http status code must be returned in case of an error because in http_sender, the return value of axis2_http_client_send will be checked to see if value is equal to AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.

      With these changes I have been able to get only a part of the code working:

      • when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); is set, authentication type will be set.
      • can authenticate through proxy when authentication is known.

      Didn't get code working that gets authentication type and then connects in 1 call, I have to use axis2_options_set_test_proxy_auth first then call again with authentication type set.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                halewijng Halewijn Geerts
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated: