//
// called when getting the final blob on the 200 OK from the server
//
public bool Update(string challenge, WebRequest webRequest)
{
GlobalLog.Print("NtlmClient::Update(): " + challenge);
HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;
GlobalLog.Assert(httpWebRequest != null, "NtlmClient::Update() httpWebRequest==null", "");
GlobalLog.Assert(httpWebRequest.ChallengedUri != null, "NtlmClient::Update() httpWebRequest.ChallengedUri==null", "");
//
// try to retrieve the state of the ongoing handshake
//
NTAuthentication authSession = sessions[httpWebRequest.CurrentAuthenticationState] as NTAuthentication;
GlobalLog.Print("NtlmClient::Update() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));
if (authSession == null)
{
GlobalLog.Print("NtlmClient::Update() null session returning true");
return(true);
}
GlobalLog.Print("NtlmClient::Update() authSession.IsCompleted:" + authSession.IsCompleted.ToString());
if (!authSession.IsCompleted && httpWebRequest.CurrentAuthenticationState.StatusCodeMatch == httpWebRequest.ResponseStatusCode)
{
GlobalLog.Print("NtlmClient::Update() still handshaking (based on status code) returning false");
return(false);
}
//
// the whole point here is to remove the session, so do it right away.
//
GlobalLog.Print("NtlmClient::Update() removing authSession:" + ValidationHelper.HashString(authSession) + " from:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState));
sessions.Remove(httpWebRequest.CurrentAuthenticationState);
//
// now clean-up the ConnectionGroup after authentication is done.
//
if (!httpWebRequest.UnsafeAuthenticatedConnectionSharing)
{
GlobalLog.Print("NtlmClient::Update() releasing ConnectionGroup:" + httpWebRequest.GetConnectionGroupLine());
httpWebRequest.ServicePoint.ReleaseConnectionGroup(httpWebRequest.GetConnectionGroupLine());
}
GlobalLog.Print("NtlmClient::Update() session removed and ConnectionGorup released returning true");
return(true);
}
//
// called when getting the final blob on the 200 OK from the server
//
public bool Update(string challenge, WebRequest webRequest)
{
GlobalLog.Print("NtlmClient::Update(): " + challenge);
HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;
GlobalLog.Assert(httpWebRequest != null, "NtlmClient::Update()|httpWebRequest == null");
GlobalLog.Assert(httpWebRequest.ChallengedUri != null, "NtlmClient::Update()|httpWebRequest.ChallengedUri == null");
//
// try to retrieve the state of the ongoing handshake
//
NTAuthentication authSession = httpWebRequest.CurrentAuthenticationState.GetSecurityContext(this);
GlobalLog.Print("NtlmClient::Update() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));
if (authSession == null)
{
GlobalLog.Print("NtlmClient::Update() null session returning true");
return(true);
}
GlobalLog.Print("NtlmClient::Update() authSession.IsCompleted:" + authSession.IsCompleted.ToString());
if (!authSession.IsCompleted && httpWebRequest.CurrentAuthenticationState.StatusCodeMatch == httpWebRequest.ResponseStatusCode)
{
GlobalLog.Print("NtlmClient::Update() still handshaking (based on status code) returning false");
return(false);
}
ClearSession(httpWebRequest);
// now possibly close the ConnectionGroup after authentication is done.
if (!httpWebRequest.UnsafeOrProxyAuthenticatedConnectionSharing)
{
GlobalLog.Print("NtlmClient::Update() releasing ConnectionGroup:" + httpWebRequest.GetConnectionGroupLine());
httpWebRequest.ServicePoint.ReleaseConnectionGroup(httpWebRequest.GetConnectionGroupLine());
}
// Extract the CBT we used and cache it for future requests that want to do preauth
httpWebRequest.ServicePoint.SetCachedChannelBinding(httpWebRequest.ChallengedUri, authSession.ChannelBinding);
GlobalLog.Print("NtlmClient::Update() session removed and ConnectionGorup released returning true");
return(true);
}
public bool Update(string challenge, WebRequest webRequest)
{
HttpWebRequest request = webRequest as HttpWebRequest;
NTAuthentication securityContext = request.CurrentAuthenticationState.GetSecurityContext(this);
if (securityContext != null)
{
if (!securityContext.IsCompleted && (request.CurrentAuthenticationState.StatusCodeMatch == request.ResponseStatusCode))
{
return(false);
}
this.ClearSession(request);
if (!request.UnsafeOrProxyAuthenticatedConnectionSharing)
{
request.ServicePoint.ReleaseConnectionGroup(request.GetConnectionGroupLine());
}
request.ServicePoint.SetCachedChannelBinding(request.ChallengedUri, securityContext.ChannelBinding);
}
return(true);
}
public bool Update(string challenge, WebRequest webRequest)
{
HttpWebRequest request = webRequest as HttpWebRequest;
NTAuthentication securityContext = request.CurrentAuthenticationState.GetSecurityContext(this);
if (securityContext != null)
{
if (!securityContext.IsCompleted && (request.CurrentAuthenticationState.StatusCodeMatch == request.ResponseStatusCode))
{
return(false);
}
if (!request.UnsafeOrProxyAuthenticatedConnectionSharing)
{
request.ServicePoint.ReleaseConnectionGroup(request.GetConnectionGroupLine());
}
bool flag = true;
int num = (challenge == null) ? -1 : GetSignatureIndex(challenge, out flag);
if (num >= 0)
{
int startIndex = num + (flag ? "nego2".Length : "negotiate".Length);
string incomingBlob = null;
if ((challenge.Length > startIndex) && (challenge[startIndex] != ','))
{
startIndex++;
}
else
{
num = -1;
}
if ((num >= 0) && (challenge.Length > startIndex))
{
incomingBlob = challenge.Substring(startIndex);
}
securityContext.GetOutgoingBlob(incomingBlob);
request.CurrentAuthenticationState.Authorization.MutuallyAuthenticated = securityContext.IsMutualAuthFlag;
}
request.ServicePoint.SetCachedChannelBinding(request.ChallengedUri, securityContext.ChannelBinding);
this.ClearSession(request);
}
return(true);
}
//
// called when getting the final blob on the 200 OK from the server
//
public bool Update(string challenge, WebRequest webRequest)
{
GlobalLog.Print("NegotiateClient::Update(): " + challenge);
HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;
GlobalLog.Assert(httpWebRequest != null, "NegotiateClient::Update()|httpWebRequest == null");
GlobalLog.Assert(httpWebRequest.ChallengedUri != null, "NegotiateClient::Update()|httpWebRequest.ChallengedUri == null");
//
// try to retrieve the state of the ongoing handshake
//
NTAuthentication authSession = httpWebRequest.CurrentAuthenticationState.GetSecurityContext(this);
GlobalLog.Print("NegotiateClient::Update() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));
if (authSession == null)
{
GlobalLog.Print("NegotiateClient::Update() null session returning true");
return(true);
}
GlobalLog.Print("NegotiateClient::Update() authSession.IsCompleted:" + authSession.IsCompleted.ToString());
if (!authSession.IsCompleted && httpWebRequest.CurrentAuthenticationState.StatusCodeMatch == httpWebRequest.ResponseStatusCode)
{
GlobalLog.Print("NegotiateClient::Update() still handshaking (based on status code) returning false");
return(false);
}
// now possibly close the ConnectionGroup after authentication is done.
if (!httpWebRequest.UnsafeOrProxyAuthenticatedConnectionSharing)
{
GlobalLog.Print("NegotiateClient::Update() releasing ConnectionGroup:" + httpWebRequest.GetConnectionGroupLine());
httpWebRequest.ServicePoint.ReleaseConnectionGroup(httpWebRequest.GetConnectionGroupLine());
}
//
// the whole point here is to close the Security Context (this will complete the authentication handshake
// with server authentication for schemese that support it such as Kerberos)
//
bool useNego2 = true;
int index = challenge == null ? -1 : GetSignatureIndex(challenge, out useNego2);
if (index >= 0)
{
int blobBegin = index + (useNego2 ? nego2Signature.Length : negotiateSignature.Length);
string incoming = null;
//
// there may be multiple challenges. If the next character after the
// package name is not a comma then it is challenge data
//
if (challenge.Length > blobBegin && challenge[blobBegin] != ',')
{
++blobBegin;
}
else
{
index = -1;
}
if (index >= 0 && challenge.Length > blobBegin)
{
incoming = challenge.Substring(blobBegin);
}
GlobalLog.Print("NegotiateClient::Update() this must be a final incoming blob:[" + ValidationHelper.ToString(incoming) + "]");
string clientResponse = authSession.GetOutgoingBlob(incoming);
httpWebRequest.CurrentAuthenticationState.Authorization.MutuallyAuthenticated = authSession.IsMutualAuthFlag;
GlobalLog.Print("NegotiateClient::Update() GetOutgoingBlob() returns clientResponse:[" + ValidationHelper.ToString(clientResponse) + "] IsCompleted:" + authSession.IsCompleted.ToString());
}
// Extract the CBT we used and cache it for future requests that want to do preauth
httpWebRequest.ServicePoint.SetCachedChannelBinding(httpWebRequest.ChallengedUri, authSession.ChannelBinding);
GlobalLog.Print("NegotiateClient::Update() session removed and ConnectionGroup released returning true");
ClearSession(httpWebRequest);
return(true);
}
//
// called when getting the final blob on the 200 OK from the server
//
public bool Update(string challenge, WebRequest webRequest)
{
GlobalLog.Print("NegotiateClient::Update(): " + challenge);
HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;
GlobalLog.Assert(httpWebRequest != null, "NegotiateClient::Update() httpWebRequest==null", "");
GlobalLog.Assert(httpWebRequest.ChallengedUri != null, "NegotiateClient::Update() httpWebRequest.ChallengedUri==null", "");
//
// try to retrieve the state of the ongoing handshake
//
NTAuthentication authSession = sessions[httpWebRequest.CurrentAuthenticationState] as NTAuthentication;
GlobalLog.Print("NegotiateClient::Update() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));
if (authSession == null)
{
GlobalLog.Print("NegotiateClient::Update() null session returning true");
return(true);
}
GlobalLog.Print("NegotiateClient::Update() authSession.IsCompleted:" + authSession.IsCompleted.ToString());
if (!authSession.IsCompleted && httpWebRequest.CurrentAuthenticationState.StatusCodeMatch == httpWebRequest.ResponseStatusCode)
{
GlobalLog.Print("NegotiateClient::Update() still handshaking (based on status code) returning false");
return(false);
}
//
// the whole point here is to remove the session, so do it right away, and then try
// to close the Security Context (this will complete the authentication handshake
// with server authentication for schemese that support it such as Kerberos)
//
GlobalLog.Print("NegotiateClient::Update() removing authSession:" + ValidationHelper.HashString(authSession) + " from:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState));
sessions.Remove(httpWebRequest.CurrentAuthenticationState);
//
// now clean-up the ConnectionGroup after authentication is done.
//
if (!httpWebRequest.UnsafeAuthenticatedConnectionSharing)
{
GlobalLog.Print("NegotiateClient::Update() releasing ConnectionGroup:" + httpWebRequest.GetConnectionGroupLine());
httpWebRequest.ServicePoint.ReleaseConnectionGroup(httpWebRequest.GetConnectionGroupLine());
}
int index = challenge == null ? -1 : AuthenticationManager.FindSubstringNotInQuotes(challenge.ToLower(CultureInfo.InvariantCulture), Signature);
if (index < 0)
{
return(true);
}
int blobBegin = index + SignatureSize;
string incoming = null;
//
// there may be multiple challenges. If the next character after the
// package name is not a comma then it is challenge data
//
if (challenge.Length > blobBegin && challenge[blobBegin] != ',')
{
++blobBegin;
}
else
{
index = -1;
}
if (index >= 0 && challenge.Length > blobBegin)
{
incoming = challenge.Substring(blobBegin);
}
GlobalLog.Print("NegotiateClient::Update() closing security context using last incoming blob:[" + ValidationHelper.ToString(incoming) + "]");
bool handshakeComplete;
string clientResponse = authSession.GetOutgoingBlob(incoming, out handshakeComplete);
GlobalLog.Print("NegotiateClient::Update() GetOutgoingBlob() returns clientResponse:[" + ValidationHelper.ToString(clientResponse) + "] handshakeComplete:" + handshakeComplete.ToString());
GlobalLog.Print("NegotiateClient::Update() session removed and ConnectionGorup released returning true");
return(true);
}
