Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.6.0
-
None
Description
Proxy authentication is not working when using HTTPS. A Proxy without authentication does work when axis2c was build without curl. In a build with curl, proxy is ignored ( with or without authentication ).
For build without curl:
- In http_sender.c, axis2_http_client_recieve_header is called after axis2_http_client_send without checking if send call succeeded.
- In http_client.c, axis2_http_client_connect_ssl_host :
proxy authentication data should be passed in connect_string:
if ( inAuthenticationString )
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * sizeof(axis2_char_t) +
axutil_strlen(inAuthenticationString) * sizeof(axis2_char_t) +
50 * sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\nProxy-Authorization: %s\r\n\r\n", host, port, inAuthenticationString );
}
else
{
connect_string = AXIS2_MALLOC( env->allocator,
axutil_strlen(host) * sizeof(axis2_char_t) +
30 * sizeof(axis2_char_t) );
sprintf(connect_string, "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
}
(Authentication string can be obtained from axis2_http_sender_configure_proxy_auth, I added output parameter to get it.)
Also when axis2_http_status_line_get_status_code returns AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL,
the response should be processed to get the authentication type:
< if (200 != axis2_http_status_line_get_status_code(status_line, env))
<
> theStatusCode = axis2_http_status_line_get_status_code(status_line, env);
>
> if ( AXIS2_HTTP_RESPONSE_OK_CODE_VAL != theStatusCode )
> {
> if ( AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL == theStatusCode )
> {
> client->response = axis2_http_simple_response_create_default(env);
>
> memset(str_header, 0, 512);
> end_of_line = AXIS2_FALSE;
> while ( read > 0 && AXIS2_FALSE == end_of_headers )
> {
> while ( ( read = axutil_stream_read( tmp_stream, env, tmp_buf,
> 1 ) ) > 0 )
> {
> tmp_buf[read] = '\0';
> assert ( axutil_strlen( str_header ) + 1 <= 512 );
> strcat(str_header, tmp_buf);
> if (0 != strstr(str_header, AXIS2_HTTP_CRLF))
>
> }
> if (AXIS2_TRUE == end_of_line)
> {
> if (0 == axutil_strcmp(str_header, AXIS2_HTTP_CRLF))
>
> else
> {
> axis2_http_header_t *tmp_header = axis2_http_header_create_by_str(env, str_header);
> memset(str_header, 0, 512);
> if (tmp_header)
>
> }
> }
> end_of_line = AXIS2_FALSE;
> }
> }
>
> AXIS2_FREE(env->allocator, connect_string);
> axis2_http_status_line_free( status_line, env );
> axutil_stream_free(tmp_stream, env);
> return theStatusCode; /return the status code because is checked in http_sender.c/
As shown in above code: the http status code must be returned in case of an error because in http_sender, the return value of axis2_http_client_send will be checked to see if value is equal to AXIS2_HTTP_RESPONSE_PROXY_AUTHENTICATION_REQUIRED_CODE_VAL.
With these changes I have been able to get only a part of the code working:
- when axis2_options_set_test_proxy_auth( theOptions, mEnvironment, AXIS2_TRUE ); is set, authentication type will be set.
- can authenticate through proxy when authentication is known.
Didn't get code working that gets authentication type and then connects in 1 call, I have to use axis2_options_set_test_proxy_auth first then call again with authentication type set.
Attachments
Issue Links
- is related to
-
AXIS2C-1312 axis2_http_client_connect_ssl_host() cannot make an https connection through http proxy when the proxy requires authentication
- Open