CoCalc -- NTLMTest.java

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/com/sun/security/sasl/ntlm/NTLMTest.java
³⁸⁸⁶⁷ views
1
/*
2
 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 6911951 7150092
27
 * @summary NTLM should be a supported Java SASL mechanism
28
 */
29
import java.io.IOException;
30
import javax.security.sasl.*;
31
import javax.security.auth.callback.*;
32
import java.util.*;
33

34
public class NTLMTest {
35

36
    private static final String MECH = "NTLM";
37
    private static final String REALM = "REALM";
38
    private static final String PROTOCOL = "jmx";
39
    private static final byte[] EMPTY = new byte[0];
40

41
    private static final String USER1 = "dummy";
42
    private static final char[] PASS1 = "bogus".toCharArray();
43
    private static final String USER2 = "foo";
44
    private static final char[] PASS2 = "bar".toCharArray();
45

46
    private static final Map<String,char[]> maps =
47
            new HashMap<String,char[]>();
48
    static {
49
        maps.put(USER1, PASS1);
50
        maps.put(USER2, PASS2);
51
    }
52

53
    static char[] getPass(String d, String u) {
54
        if (!d.equals(REALM)) return null;
55
        return maps.get(u);
56
    }
57

58
    public static void main(String[] args) throws Exception {
59

60
        checkAuthOnly();
61
        checkClientNameOverride();
62
        checkClientDomainOverride();
63
        checkVersions();
64
        checkClientHostname();
65
    }
66

67
    static void checkVersions() throws Exception {
68
        // Server accepts all version
69
        checkVersion(null, null);
70
        checkVersion("LM/NTLM", null);
71
        checkVersion("LM", null);
72
        checkVersion("NTLM", null);
73
        checkVersion("NTLM2", null);
74
        checkVersion("LMv2/NTLMv2", null);
75
        checkVersion("LMv2", null);
76
        checkVersion("NTLMv2", null);
77

78
        // Client's default version is LMv2
79
        checkVersion(null, "LMv2");
80

81
        // Also works if they specified identical versions
82
        checkVersion("LM/NTLM", "LM");
83
        checkVersion("LM", "LM");
84
        checkVersion("NTLM", "LM");
85
        checkVersion("NTLM2", "NTLM2");
86
        checkVersion("LMv2/NTLMv2", "LMv2");
87
        checkVersion("LMv2", "LMv2");
88
        checkVersion("NTLMv2", "LMv2");
89

90
        // But should not work if different
91
        try {
92
            checkVersion("LM/NTLM", "LMv2");
93
            throw new Exception("Should not succeed");
94
        } catch (SaslException se) {
95
            // OK
96
        }
97
        try {
98
            checkVersion("LMv2/NTLMv2", "LM");
99
            throw new Exception("Should not succeed");
100
        } catch (SaslException se) {
101
            // OK
102
        }
103

104
    }
105

106
    /**
107
     * A test on version matching
108
     * @param vc ntlm version specified for client
109
     * @param vs ntlm version specified for server
110
     * @throws Exception
111
     */
112
    private static void checkVersion(String vc, String vs) throws Exception {
113
        Map<String,Object> pc = new HashMap<>();
114
        pc.put("com.sun.security.sasl.ntlm.version", vc);
115
        Map<String,Object> ps = new HashMap<>();
116
        ps.put("com.sun.security.sasl.ntlm.version", vs);
117
        SaslClient clnt = Sasl.createSaslClient(
118
                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
119
                new CallbackHandler() {
120
                    public void handle(Callback[] callbacks)
121
                            throws IOException, UnsupportedCallbackException {
122
                        for (Callback cb: callbacks) {
123
                            if (cb instanceof PasswordCallback) {
124
                                ((PasswordCallback)cb).setPassword(PASS1);
125
                            }
126
                        }
127
                    }
128
                });
129

130
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, ps,
131
                new CallbackHandler() {
132
                    public void handle(Callback[] callbacks)
133
                            throws IOException, UnsupportedCallbackException {
134
                        String domain = null, name = null;
135
                        PasswordCallback pcb = null;
136
                        for (Callback cb: callbacks) {
137
                            if (cb instanceof NameCallback) {
138
                                name = ((NameCallback)cb).getDefaultName();
139
                            } else if (cb instanceof RealmCallback) {
140
                                domain = ((RealmCallback)cb).getDefaultText();
141
                            } else if (cb instanceof PasswordCallback) {
142
                                pcb = (PasswordCallback)cb;
143
                            }
144
                        }
145
                        if (pcb != null) {
146
                            pcb.setPassword(getPass(domain, name));
147
                        }
148
                    }
149
                });
150

151
        handshake(clnt, srv);
152
    }
153

154
    private static void checkClientHostname() throws Exception {
155
        Map<String,Object> pc = new HashMap<>();
156
        pc.put("com.sun.security.sasl.ntlm.hostname", "this.is.com");
157
        SaslClient clnt = Sasl.createSaslClient(
158
                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
159
                new CallbackHandler() {
160
                    public void handle(Callback[] callbacks)
161
                            throws IOException, UnsupportedCallbackException {
162
                        for (Callback cb: callbacks) {
163
                            if (cb instanceof PasswordCallback) {
164
                                ((PasswordCallback)cb).setPassword(PASS1);
165
                            }
166
                        }
167
                    }
168
                });
169

170
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null,
171
                new CallbackHandler() {
172
                    public void handle(Callback[] callbacks)
173
                            throws IOException, UnsupportedCallbackException {
174
                        String domain = null, name = null;
175
                        PasswordCallback pcb = null;
176
                        for (Callback cb: callbacks) {
177
                            if (cb instanceof NameCallback) {
178
                                name = ((NameCallback)cb).getDefaultName();
179
                            } else if (cb instanceof RealmCallback) {
180
                                domain = ((RealmCallback)cb).getDefaultText();
181
                            } else if (cb instanceof PasswordCallback) {
182
                                pcb = (PasswordCallback)cb;
183
                            }
184
                        }
185
                        if (pcb != null) {
186
                            pcb.setPassword(getPass(domain, name));
187
                        }
188
                    }
189
                });
190

191
        handshake(clnt, srv);
192
        if (!"this.is.com".equals(
193
                srv.getNegotiatedProperty("com.sun.security.sasl.ntlm.hostname"))) {
194
            throw new Exception("Hostname not trasmitted to server");
195
        }
196
    }
197

198
    /**
199
     * Client realm override, but finally overridden by server response
200
     */
201
    private static void checkClientDomainOverride() throws Exception {
202
        SaslClient clnt = Sasl.createSaslClient(
203
                new String[]{MECH}, USER1, PROTOCOL, "ANOTHERREALM", null,
204
                new CallbackHandler() {
205
                    public void handle(Callback[] callbacks)
206
                            throws IOException, UnsupportedCallbackException {
207
                        for (Callback cb: callbacks) {
208
                            if (cb instanceof RealmCallback) {
209
                                ((RealmCallback)cb).setText(REALM);
210
                            } else if (cb instanceof PasswordCallback) {
211
                                ((PasswordCallback)cb).setPassword(PASS1);
212
                            }
213
                        }
214
                    }
215
                });
216

217
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null,
218
                new CallbackHandler() {
219
                    public void handle(Callback[] callbacks)
220
                            throws IOException, UnsupportedCallbackException {
221
                        String domain = null, name = null;
222
                        PasswordCallback pcb = null;
223
                        for (Callback cb: callbacks) {
224
                            if (cb instanceof NameCallback) {
225
                                name = ((NameCallback)cb).getDefaultName();
226
                            } else if (cb instanceof RealmCallback) {
227
                                domain = ((RealmCallback)cb).getDefaultText();
228
                            } else if (cb instanceof PasswordCallback) {
229
                                pcb = (PasswordCallback)cb;
230
                            }
231
                        }
232
                        if (pcb != null) {
233
                            pcb.setPassword(getPass(domain, name));
234
                        }
235
                    }
236
                });
237

238
        handshake(clnt, srv);
239
    }
240

241
    /**
242
     * Client side user name provided in callback.
243
     * @throws Exception
244
     */
245
    private static void checkClientNameOverride() throws Exception {
246
        SaslClient clnt = Sasl.createSaslClient(
247
                new String[]{MECH}, "someone", PROTOCOL, REALM, null,
248
                new CallbackHandler() {
249
                    public void handle(Callback[] callbacks)
250
                            throws IOException, UnsupportedCallbackException {
251
                        for (Callback cb: callbacks) {
252
                            if (cb instanceof NameCallback) {
253
                                NameCallback ncb = (NameCallback) cb;
254
                                ncb.setName(USER1);
255
                            } else if (cb instanceof PasswordCallback) {
256
                                ((PasswordCallback)cb).setPassword(PASS1);
257
                            }
258
                        }
259
                    }
260
                });
261

262
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, "FAKE", null,
263
                new CallbackHandler() {
264
                    public void handle(Callback[] callbacks)
265
                            throws IOException, UnsupportedCallbackException {
266
                        String domain = null, name = null;
267
                        PasswordCallback pcb = null;
268
                        for (Callback cb: callbacks) {
269
                            if (cb instanceof NameCallback) {
270
                                name = ((NameCallback)cb).getDefaultName();
271
                            } else if (cb instanceof RealmCallback) {
272
                                domain = ((RealmCallback)cb).getDefaultText();
273
                            } else if (cb instanceof PasswordCallback) {
274
                                pcb = (PasswordCallback)cb;
275
                            }
276
                        }
277
                        if (pcb != null) {
278
                            pcb.setPassword(getPass(domain, name));
279
                        }
280
                    }
281
                });
282

283
        handshake(clnt, srv);
284
    }
285

286
    private static void checkAuthOnly() throws Exception {
287
        Map<String,Object> props = new HashMap<>();
288
        props.put(Sasl.QOP, "auth-conf");
289
        try {
290
            Sasl.createSaslClient(
291
                    new String[]{MECH}, USER2, PROTOCOL, REALM, props, null);
292
            throw new Exception("NTLM should not support auth-conf");
293
        } catch (SaslException se) {
294
            // Normal
295
        }
296
    }
297

298
    private static void handshake(SaslClient clnt, SaslServer srv)
299
            throws Exception {
300
        if (clnt == null) {
301
            throw new IllegalStateException(
302
                    "Unable to find client impl for " + MECH);
303
        }
304
        if (srv == null) {
305
            throw new IllegalStateException(
306
                    "Unable to find server impl for " + MECH);
307
        }
308

309
        byte[] response = (clnt.hasInitialResponse()
310
                ? clnt.evaluateChallenge(EMPTY) : EMPTY);
311
        System.out.println("Initial:");
312
        new sun.misc.HexDumpEncoder().encodeBuffer(response, System.out);
313
        byte[] challenge;
314

315
        while (!clnt.isComplete() || !srv.isComplete()) {
316
            challenge = srv.evaluateResponse(response);
317
            response = null;
318
            if (challenge != null) {
319
                System.out.println("Challenge:");
320
                new sun.misc.HexDumpEncoder().encodeBuffer(challenge, System.out);
321
                response = clnt.evaluateChallenge(challenge);
322
            }
323
            if (response != null) {
324
                System.out.println("Response:");
325
                new sun.misc.HexDumpEncoder().encodeBuffer(response, System.out);
326
            }
327
        }
328

329
        if (clnt.isComplete() && srv.isComplete()) {
330
            System.out.println("SUCCESS");
331
            if (!srv.getAuthorizationID().equals(USER1)) {
332
                throw new Exception("Not correct user");
333
            }
334
        } else {
335
            throw new IllegalStateException(
336
                    "FAILURE: mismatched state:"
337
                    + " client complete? " + clnt.isComplete()
338
                    + " server complete? " + srv.isComplete());
339
        }
340

341
        if (!clnt.getNegotiatedProperty(Sasl.QOP).equals("auth") ||
342
                !srv.getNegotiatedProperty(Sasl.QOP).equals("auth") ||
343
                !clnt.getNegotiatedProperty(
344
                    "com.sun.security.sasl.ntlm.domain").equals(REALM)) {
345
            throw new Exception("Negotiated property error");
346
        }
347
        clnt.dispose();
348
        srv.dispose();
349
    }
350
}
351

352
Product

Resources

Company
