CoCalc -- NTLMTest.java

GitHub Repository: PojavLauncherTeam/mobile
Path: blob/master/test/jdk/com/sun/security/sasl/ntlm/NTLMTest.java
⁴¹¹⁵⁴ views
1
/*
2
 * Copyright (c) 2010, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 6911951 7150092
27
 * @library /test/lib
28
 * @summary NTLM should be a supported Java SASL mechanism
29
 * @modules java.base/sun.security.util
30
 *          java.security.sasl
31
 */
32
import java.io.IOException;
33
import javax.security.sasl.*;
34
import javax.security.auth.callback.*;
35
import java.util.*;
36
import jdk.test.lib.hexdump.HexPrinter;
37

38
public class NTLMTest {
39

40
    private static final String MECH = "NTLM";
41
    private static final String REALM = "REALM";
42
    private static final String PROTOCOL = "jmx";
43
    private static final byte[] EMPTY = new byte[0];
44

45
    private static final String USER1 = "dummy";
46
    private static final char[] PASS1 = "bogus".toCharArray();
47
    private static final String USER2 = "foo";
48
    private static final char[] PASS2 = "bar".toCharArray();
49

50
    private static final Map<String,char[]> maps =
51
            new HashMap<String,char[]>();
52
    static {
53
        maps.put(USER1, PASS1);
54
        maps.put(USER2, PASS2);
55
    }
56

57
    static char[] getPass(String d, String u) {
58
        if (!d.equals(REALM)) return null;
59
        return maps.get(u);
60
    }
61

62
    public static void main(String[] args) throws Exception {
63

64
        checkAuthOnly();
65
        checkClientNameOverride();
66
        checkClientDomainOverride();
67
        checkVersions();
68
        checkClientHostname();
69
    }
70

71
    static void checkVersions() throws Exception {
72
        // Server accepts all version
73
        checkVersion(null, null);
74
        checkVersion("LM/NTLM", null);
75
        checkVersion("LM", null);
76
        checkVersion("NTLM", null);
77
        checkVersion("NTLM2", null);
78
        checkVersion("LMv2/NTLMv2", null);
79
        checkVersion("LMv2", null);
80
        checkVersion("NTLMv2", null);
81

82
        // Client's default version is LMv2
83
        checkVersion(null, "LMv2");
84

85
        // Also works if they specified identical versions
86
        checkVersion("LM/NTLM", "LM");
87
        checkVersion("LM", "LM");
88
        checkVersion("NTLM", "LM");
89
        checkVersion("NTLM2", "NTLM2");
90
        checkVersion("LMv2/NTLMv2", "LMv2");
91
        checkVersion("LMv2", "LMv2");
92
        checkVersion("NTLMv2", "LMv2");
93

94
        // But should not work if different
95
        try {
96
            checkVersion("LM/NTLM", "LMv2");
97
            throw new Exception("Should not succeed");
98
        } catch (SaslException se) {
99
            // OK
100
        }
101
        try {
102
            checkVersion("LMv2/NTLMv2", "LM");
103
            throw new Exception("Should not succeed");
104
        } catch (SaslException se) {
105
            // OK
106
        }
107

108
    }
109

110
    /**
111
     * A test on version matching
112
     * @param vc ntlm version specified for client
113
     * @param vs ntlm version specified for server
114
     * @throws Exception
115
     */
116
    private static void checkVersion(String vc, String vs) throws Exception {
117
        Map<String,Object> pc = new HashMap<>();
118
        pc.put("com.sun.security.sasl.ntlm.version", vc);
119
        Map<String,Object> ps = new HashMap<>();
120
        ps.put("com.sun.security.sasl.ntlm.version", vs);
121
        SaslClient clnt = Sasl.createSaslClient(
122
                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
123
                new CallbackHandler() {
124
                    public void handle(Callback[] callbacks)
125
                            throws IOException, UnsupportedCallbackException {
126
                        for (Callback cb: callbacks) {
127
                            if (cb instanceof PasswordCallback) {
128
                                ((PasswordCallback)cb).setPassword(PASS1);
129
                            }
130
                        }
131
                    }
132
                });
133

134
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, ps,
135
                new CallbackHandler() {
136
                    public void handle(Callback[] callbacks)
137
                            throws IOException, UnsupportedCallbackException {
138
                        String domain = null, name = null;
139
                        PasswordCallback pcb = null;
140
                        for (Callback cb: callbacks) {
141
                            if (cb instanceof NameCallback) {
142
                                name = ((NameCallback)cb).getDefaultName();
143
                            } else if (cb instanceof RealmCallback) {
144
                                domain = ((RealmCallback)cb).getDefaultText();
145
                            } else if (cb instanceof PasswordCallback) {
146
                                pcb = (PasswordCallback)cb;
147
                            }
148
                        }
149
                        if (pcb != null) {
150
                            pcb.setPassword(getPass(domain, name));
151
                        }
152
                    }
153
                });
154

155
        handshake(clnt, srv);
156
    }
157

158
    private static void checkClientHostname() throws Exception {
159
        Map<String,Object> pc = new HashMap<>();
160
        pc.put("com.sun.security.sasl.ntlm.hostname", "this.is.com");
161
        SaslClient clnt = Sasl.createSaslClient(
162
                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
163
                new CallbackHandler() {
164
                    public void handle(Callback[] callbacks)
165
                            throws IOException, UnsupportedCallbackException {
166
                        for (Callback cb: callbacks) {
167
                            if (cb instanceof PasswordCallback) {
168
                                ((PasswordCallback)cb).setPassword(PASS1);
169
                            }
170
                        }
171
                    }
172
                });
173

174
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null,
175
                new CallbackHandler() {
176
                    public void handle(Callback[] callbacks)
177
                            throws IOException, UnsupportedCallbackException {
178
                        String domain = null, name = null;
179
                        PasswordCallback pcb = null;
180
                        for (Callback cb: callbacks) {
181
                            if (cb instanceof NameCallback) {
182
                                name = ((NameCallback)cb).getDefaultName();
183
                            } else if (cb instanceof RealmCallback) {
184
                                domain = ((RealmCallback)cb).getDefaultText();
185
                            } else if (cb instanceof PasswordCallback) {
186
                                pcb = (PasswordCallback)cb;
187
                            }
188
                        }
189
                        if (pcb != null) {
190
                            pcb.setPassword(getPass(domain, name));
191
                        }
192
                    }
193
                });
194

195
        handshake(clnt, srv);
196
        if (!"this.is.com".equals(
197
                srv.getNegotiatedProperty("com.sun.security.sasl.ntlm.hostname"))) {
198
            throw new Exception("Hostname not trasmitted to server");
199
        }
200
    }
201

202
    /**
203
     * Client realm override, but finally overridden by server response
204
     */
205
    private static void checkClientDomainOverride() throws Exception {
206
        SaslClient clnt = Sasl.createSaslClient(
207
                new String[]{MECH}, USER1, PROTOCOL, "ANOTHERREALM", null,
208
                new CallbackHandler() {
209
                    public void handle(Callback[] callbacks)
210
                            throws IOException, UnsupportedCallbackException {
211
                        for (Callback cb: callbacks) {
212
                            if (cb instanceof RealmCallback) {
213
                                ((RealmCallback)cb).setText(REALM);
214
                            } else if (cb instanceof PasswordCallback) {
215
                                ((PasswordCallback)cb).setPassword(PASS1);
216
                            }
217
                        }
218
                    }
219
                });
220

221
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null,
222
                new CallbackHandler() {
223
                    public void handle(Callback[] callbacks)
224
                            throws IOException, UnsupportedCallbackException {
225
                        String domain = null, name = null;
226
                        PasswordCallback pcb = null;
227
                        for (Callback cb: callbacks) {
228
                            if (cb instanceof NameCallback) {
229
                                name = ((NameCallback)cb).getDefaultName();
230
                            } else if (cb instanceof RealmCallback) {
231
                                domain = ((RealmCallback)cb).getDefaultText();
232
                            } else if (cb instanceof PasswordCallback) {
233
                                pcb = (PasswordCallback)cb;
234
                            }
235
                        }
236
                        if (pcb != null) {
237
                            pcb.setPassword(getPass(domain, name));
238
                        }
239
                    }
240
                });
241

242
        handshake(clnt, srv);
243
    }
244

245
    /**
246
     * Client side user name provided in callback.
247
     * @throws Exception
248
     */
249
    private static void checkClientNameOverride() throws Exception {
250
        SaslClient clnt = Sasl.createSaslClient(
251
                new String[]{MECH}, "someone", PROTOCOL, REALM, null,
252
                new CallbackHandler() {
253
                    public void handle(Callback[] callbacks)
254
                            throws IOException, UnsupportedCallbackException {
255
                        for (Callback cb: callbacks) {
256
                            if (cb instanceof NameCallback) {
257
                                NameCallback ncb = (NameCallback) cb;
258
                                ncb.setName(USER1);
259
                            } else if (cb instanceof PasswordCallback) {
260
                                ((PasswordCallback)cb).setPassword(PASS1);
261
                            }
262
                        }
263
                    }
264
                });
265

266
        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, "FAKE", null,
267
                new CallbackHandler() {
268
                    public void handle(Callback[] callbacks)
269
                            throws IOException, UnsupportedCallbackException {
270
                        String domain = null, name = null;
271
                        PasswordCallback pcb = null;
272
                        for (Callback cb: callbacks) {
273
                            if (cb instanceof NameCallback) {
274
                                name = ((NameCallback)cb).getDefaultName();
275
                            } else if (cb instanceof RealmCallback) {
276
                                domain = ((RealmCallback)cb).getDefaultText();
277
                            } else if (cb instanceof PasswordCallback) {
278
                                pcb = (PasswordCallback)cb;
279
                            }
280
                        }
281
                        if (pcb != null) {
282
                            pcb.setPassword(getPass(domain, name));
283
                        }
284
                    }
285
                });
286

287
        handshake(clnt, srv);
288
    }
289

290
    private static void checkAuthOnly() throws Exception {
291
        Map<String,Object> props = new HashMap<>();
292
        props.put(Sasl.QOP, "auth-conf");
293
        try {
294
            Sasl.createSaslClient(
295
                    new String[]{MECH}, USER2, PROTOCOL, REALM, props, null);
296
            throw new Exception("NTLM should not support auth-conf");
297
        } catch (SaslException se) {
298
            // Normal
299
        }
300
    }
301

302
    private static void handshake(SaslClient clnt, SaslServer srv)
303
            throws Exception {
304
        if (clnt == null) {
305
            throw new IllegalStateException(
306
                    "Unable to find client impl for " + MECH);
307
        }
308
        if (srv == null) {
309
            throw new IllegalStateException(
310
                    "Unable to find server impl for " + MECH);
311
        }
312

313
        byte[] response = (clnt.hasInitialResponse()
314
                ? clnt.evaluateChallenge(EMPTY) : EMPTY);
315
        System.out.println("Initial:");
316
        HexPrinter.simple().format(response);
317
        byte[] challenge;
318

319
        while (!clnt.isComplete() || !srv.isComplete()) {
320
            challenge = srv.evaluateResponse(response);
321
            response = null;
322
            if (challenge != null) {
323
                System.out.println("Challenge:");
324
                HexPrinter.simple().format(challenge);
325
                response = clnt.evaluateChallenge(challenge);
326
            }
327
            if (response != null) {
328
                System.out.println("Response:");
329
                HexPrinter.simple().format(response);
330
            }
331
        }
332

333
        if (clnt.isComplete() && srv.isComplete()) {
334
            System.out.println("SUCCESS");
335
            if (!srv.getAuthorizationID().equals(USER1)) {
336
                throw new Exception("Not correct user");
337
            }
338
        } else {
339
            throw new IllegalStateException(
340
                    "FAILURE: mismatched state:"
341
                    + " client complete? " + clnt.isComplete()
342
                    + " server complete? " + srv.isComplete());
343
        }
344

345
        if (!clnt.getNegotiatedProperty(Sasl.QOP).equals("auth") ||
346
                !srv.getNegotiatedProperty(Sasl.QOP).equals("auth") ||
347
                !clnt.getNegotiatedProperty(
348
                    "com.sun.security.sasl.ntlm.domain").equals(REALM)) {
349
            throw new Exception("Negotiated property error");
350
        }
351
        clnt.dispose();
352
        srv.dispose();
353
    }
354
}
355

356
Product

Resources

Company
