You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2012/01/24 17:15:29 UTC
svn commit: r1235326 [24/28] - in /directory/apacheds/trunk:
jdbm-partition/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/
jdbm-partition/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/
jdbm-partitio...
Modified: directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/DhcpConfigElement.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/DhcpConfigElement.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/DhcpConfigElement.java (original)
+++ directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/DhcpConfigElement.java Tue Jan 24 16:15:05 2012
@@ -33,7 +33,7 @@ import org.apache.directory.server.dhcp.
public abstract class DhcpConfigElement
{
public static final String PROPERTY_MAX_LEASE_TIME = "max-lease-time";
-
+
/** List of DhcpOptions for ths subnet */
private OptionsField options = new OptionsField();
Modified: directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Host.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Host.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Host.java (original)
+++ directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Host.java Tue Jan 24 16:15:05 2012
@@ -42,7 +42,7 @@ public class Host extends DhcpConfigElem
private InetAddress address;
- public Host(String name, InetAddress address, HardwareAddress hardwareAddress)
+ public Host( String name, InetAddress address, HardwareAddress hardwareAddress )
{
this.name = name;
this.address = address;
Modified: directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/SimpleDhcpStore.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/SimpleDhcpStore.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/SimpleDhcpStore.java (original)
+++ directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/SimpleDhcpStore.java Tue Jan 24 16:15:05 2012
@@ -114,7 +114,7 @@ public class SimpleDhcpStore extends Abs
try
{
DirContext ctx = getContext();
-
+
try
{
String filter = "(&(objectclass=ipHost)(objectclass=ieee802Device)(macaddress={0}))";
@@ -129,12 +129,12 @@ public class SimpleDhcpStore extends Abs
SearchResult sr = ( SearchResult ) ne.next();
Attributes att = sr.getAttributes();
Attribute ipHostNumberAttribute = att.get( "iphostnumber" );
-
+
if ( ipHostNumberAttribute != null )
{
InetAddress clientAddress = InetAddress.getByName( ( String ) ipHostNumberAttribute.get() );
Attribute cnAttribute = att.get( SchemaConstants.CN_AT );
-
+
return new Host( cnAttribute != null ? ( String ) cnAttribute.get() : "unknown", clientAddress,
hardwareAddress );
}
Modified: directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Subnet.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Subnet.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Subnet.java (original)
+++ directory/apacheds/trunk/protocol-dhcp/src/main/java/org/apache/directory/server/dhcp/store/Subnet.java Tue Jan 24 16:15:05 2012
@@ -47,7 +47,7 @@ public class Subnet extends DhcpConfigEl
// This will suppress PMD.EmptyCatchBlock warnings in this method
@SuppressWarnings("PMD.EmptyCatchBlock")
- public Subnet(InetAddress address, InetAddress netmask, InetAddress rangeMin, InetAddress rangeMax)
+ public Subnet( InetAddress address, InetAddress netmask, InetAddress rangeMin, InetAddress rangeMax )
{
// mask address to match subnet
byte masked[] = netmask.getAddress();
Modified: directory/apacheds/trunk/protocol-dhcp/src/test/java/org/apache/directory/server/dhcp/AbstractDhcpTestCase.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dhcp/src/test/java/org/apache/directory/server/dhcp/AbstractDhcpTestCase.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dhcp/src/test/java/org/apache/directory/server/dhcp/AbstractDhcpTestCase.java (original)
+++ directory/apacheds/trunk/protocol-dhcp/src/test/java/org/apache/directory/server/dhcp/AbstractDhcpTestCase.java Tue Jan 24 16:15:05 2012
@@ -45,7 +45,7 @@ public abstract class AbstractDhcpTestCa
}
- public AbstractDhcpTestCase(Class<?> subclass)
+ public AbstractDhcpTestCase( Class<?> subclass )
{
log = LoggerFactory.getLogger( subclass );
}
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsException.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsException.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsException.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsException.java Tue Jan 24 16:15:05 2012
@@ -44,7 +44,7 @@ public class DnsException extends Except
*
* @param responseCode the response code associated with this DnsException
*/
- public DnsException(ResponseCode responseCode)
+ public DnsException( ResponseCode responseCode )
{
super( responseCode.name() );
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java Tue Jan 24 16:15:05 2012
@@ -47,7 +47,7 @@ public class DnsServer extends Directory
/** logger for this class */
private static final Logger LOG = LoggerFactory.getLogger( DnsServer.class.getName() );
-
+
/** The default IP port. */
private static final int DEFAULT_IP_PORT = 53;
@@ -81,45 +81,45 @@ public class DnsServer extends Directory
// We have to create a DatagramAcceptor
UdpTransport transport = new UdpTransport( DEFAULT_IP_PORT );
setTransports( transport );
-
- DatagramAcceptor acceptor = (DatagramAcceptor)transport.getAcceptor();
+
+ DatagramAcceptor acceptor = ( DatagramAcceptor ) transport.getAcceptor();
// Set the handler
acceptor.setHandler( new DnsProtocolHandler( this, store ) );
-
+
// Allow the port to be reused even if the socket is in TIME_WAIT state
- ((DatagramSessionConfig)acceptor.getSessionConfig()).setReuseAddress( true );
-
+ ( ( DatagramSessionConfig ) acceptor.getSessionConfig() ).setReuseAddress( true );
+
// Start the listener
acceptor.bind();
}
else
{
- for ( Transport transport:transports )
+ for ( Transport transport : transports )
{
// Get the acceptor
IoAcceptor acceptor = transport.getAcceptor();
-
+
// Set the handler
acceptor.setHandler( new DnsProtocolHandler( this, store ) );
-
+
if ( transport instanceof UdpTransport )
{
- // Allow the port to be reused even if the socket is in TIME_WAIT state
- ((DatagramSessionConfig)acceptor.getSessionConfig()).setReuseAddress( true );
+ // Allow the port to be reused even if the socket is in TIME_WAIT state
+ ( ( DatagramSessionConfig ) acceptor.getSessionConfig() ).setReuseAddress( true );
}
else
{
// Disable the disconnection of the clients on unbind
acceptor.setCloseOnDeactivation( false );
-
+
// Allow the port to be reused even if the socket is in TIME_WAIT state
- ((NioSocketAcceptor)acceptor).setReuseAddress( true );
-
+ ( ( NioSocketAcceptor ) acceptor ).setReuseAddress( true );
+
// No Nagle's algorithm
- ((NioSocketAcceptor)acceptor).getSessionConfig().setTcpNoDelay( true );
+ ( ( NioSocketAcceptor ) acceptor ).getSessionConfig().setTcpNoDelay( true );
}
-
+
// Start the listener
acceptor.bind();
}
@@ -129,38 +129,39 @@ public class DnsServer extends Directory
}
- public void stop() {
- for ( Transport transport :getTransports() )
+ public void stop()
+ {
+ for ( Transport transport : getTransports() )
{
IoAcceptor acceptor = transport.getAcceptor();
-
+
if ( acceptor != null )
{
acceptor.dispose();
}
}
-
+
LOG.info( "DNS service stopped." );
}
-
-
+
+
/**
* @see Object#toString()
*/
public String toString()
{
StringBuilder sb = new StringBuilder();
-
+
sb.append( "DNSServer[" ).append( getServiceName() ).append( "], listening on :" ).append( '\n' );
-
+
if ( getTransports() != null )
{
- for ( Transport transport:getTransports() )
+ for ( Transport transport : getTransports() )
{
sb.append( " " ).append( transport ).append( '\n' );
}
}
-
+
return sb.toString();
}
}
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/Main.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/Main.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/Main.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/Main.java Tue Jan 24 16:15:05 2012
@@ -38,6 +38,7 @@ public class Main
private static DnsServer dnsConfiguration;
+
/**
* Entry point for the DNS server.
*
@@ -56,7 +57,7 @@ public class Main
public void go() throws Exception
{
LOG.debug( "Starting the DNS server" );
-
+
DirectoryService directoryService = new DefaultDirectoryService();
dnsConfiguration = new DnsServer();
dnsConfiguration.setDirectoryService( directoryService );
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/DnsMessageDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/DnsMessageDecoder.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/DnsMessageDecoder.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/DnsMessageDecoder.java Tue Jan 24 16:15:05 2012
@@ -147,7 +147,7 @@ public class DnsMessageDecoder
if ( recordDecoder == null )
{
- throw new IllegalArgumentException( I18n.err(I18n.ERR_600, type ) );
+ throw new IllegalArgumentException( I18n.err( I18n.ERR_600, type ) );
}
return recordDecoder.decode( byteBuffer, length );
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/decoder/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.io.decoder;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoder.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoder.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoder.java Tue Jan 24 16:15:05 2012
@@ -25,6 +25,7 @@ import org.apache.directory.server.dns.m
import org.apache.directory.server.dns.store.DnsAttribute;
import org.apache.mina.core.buffer.IoBuffer;
+
/**
* 3.3.13. SOA RDATA format
*
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/io/encoder/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.io.encoder;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/messages/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/messages/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/messages/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/messages/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.messages;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/package-info.java Tue Jan 24 16:15:05 2012
@@ -28,3 +28,5 @@
*/
package org.apache.directory.server.dns;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/DnsProtocolHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/DnsProtocolHandler.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/DnsProtocolHandler.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/DnsProtocolHandler.java Tue Jan 24 16:15:05 2012
@@ -123,7 +123,7 @@ public class DnsProtocolHandler implemen
dnsContext.setStore( store );
session.setAttribute( getContextKey(), dnsContext );
- DomainNameService.execute( dnsContext, (DnsMessage)message );
+ DomainNameService.execute( dnsContext, ( DnsMessage ) message );
DnsMessage response = dnsContext.getReply();
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/protocol/package-info.java Tue Jan 24 16:15:05 2012
@@ -27,3 +27,5 @@
*/
package org.apache.directory.server.dns.protocol;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/DomainNameService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/DomainNameService.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/DomainNameService.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/DomainNameService.java Tue Jan 24 16:15:05 2012
@@ -74,7 +74,8 @@ public class DomainNameService
monitorReply( dnsContext );
}
}
-
+
+
private static void monitorRequest( DnsMessage request ) throws Exception
{
try
@@ -87,7 +88,7 @@ public class DomainNameService
LOG.error( I18n.err( I18n.ERR_153 ), e );
}
}
-
+
private static void getResourceRecords( DnsContext dnsContext, DnsMessage request ) throws Exception
{
@@ -102,8 +103,8 @@ public class DomainNameService
dnsContext.addResourceRecords( getEntry( store, it.next() ) );
}
}
-
-
+
+
/**
* Returns a set of {@link ResourceRecord}s from a {@link RecordStore}, given a DNS {@link QuestionRecord}.
*
@@ -127,8 +128,8 @@ public class DomainNameService
return records;
}
-
-
+
+
private static void monitorContext( DnsContext dnsContext ) throws Exception
{
try
@@ -149,8 +150,8 @@ public class DomainNameService
LOG.error( I18n.err( I18n.ERR_154 ), e );
}
}
-
-
+
+
private static void buildReply( DnsContext dnsContext, DnsMessage request ) throws Exception
{
List<ResourceRecord> records = dnsContext.getResourceRecords();
@@ -175,8 +176,8 @@ public class DomainNameService
dnsContext.setReply( modifier.getDnsMessage() );
}
-
-
+
+
private static void monitorReply( DnsContext dnsContext ) throws Exception
{
try
@@ -191,8 +192,8 @@ public class DomainNameService
LOG.error( I18n.err( I18n.ERR_155 ), e );
}
}
-
-
+
+
private static String monitorMessage( DnsMessage message, String direction )
{
MessageType messageType = message.getMessageType();
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/service/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.service;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/JndiRecordStoreImpl.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/JndiRecordStoreImpl.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/JndiRecordStoreImpl.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/JndiRecordStoreImpl.java Tue Jan 24 16:15:05 2012
@@ -64,7 +64,8 @@ public class JndiRecordStoreImpl impleme
}
- private SearchStrategy getSearchStrategy( String catalogBaseDn, String searchBaseDn, DirectoryService directoryService )
+ private SearchStrategy getSearchStrategy( String catalogBaseDn, String searchBaseDn,
+ DirectoryService directoryService )
{
if ( catalogBaseDn != null )
{
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/SingleBaseSearch.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/SingleBaseSearch.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/SingleBaseSearch.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/SingleBaseSearch.java Tue Jan 24 16:15:05 2012
@@ -62,7 +62,8 @@ public class SingleBaseSearch implements
{
CoreSession session = directoryService.getSession();
ctx = new ServerLdapContext( directoryService, session, new LdapName( searchBaseDn ) );
- } catch ( Exception e )
+ }
+ catch ( Exception e )
{
throw new ServiceConfigurationException( I18n.err( I18n.ERR_649, searchBaseDn ), e );
}
@@ -84,5 +85,4 @@ public class SingleBaseSearch implements
}
}
-
}
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/operations/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/operations/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/operations/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/jndi/operations/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.store.jndi.operations;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/package-info.java Tue Jan 24 16:15:05 2012
@@ -26,3 +26,5 @@
*/
package org.apache.directory.server.dns.store;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/util/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/util/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/util/package-info.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/util/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.dns.util;
+
+
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/AddressRecordDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/AddressRecordDecoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/AddressRecordDecoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/AddressRecordDecoderTest.java Tue Jan 24 16:15:05 2012
@@ -30,6 +30,7 @@ import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* Tests for the A resource record decoder.
*
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/IPv6RecordDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/IPv6RecordDecoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/IPv6RecordDecoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/IPv6RecordDecoderTest.java Tue Jan 24 16:15:05 2012
@@ -31,6 +31,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* Tests for the AAAA resource record decoder.
*
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/MailExchangeRecordDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/MailExchangeRecordDecoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/MailExchangeRecordDecoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/MailExchangeRecordDecoderTest.java Tue Jan 24 16:15:05 2012
@@ -29,6 +29,7 @@ import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* Tests for the MX resource record decoder.
*
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/NameServerRecordDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/NameServerRecordDecoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/NameServerRecordDecoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/decoder/NameServerRecordDecoderTest.java Tue Jan 24 16:15:05 2012
@@ -29,6 +29,7 @@ import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* Tests for the NS resource record decoder.
*
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/AbstractResourceRecordEncoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/AbstractResourceRecordEncoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/AbstractResourceRecordEncoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/AbstractResourceRecordEncoderTest.java Tue Jan 24 16:15:05 2012
@@ -33,6 +33,7 @@ import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* A base class for testing different types of ResourceRecordEncoders. It
* handles setting up the expected output buffer not having to do specifically
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/QuestionRecordEncoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/QuestionRecordEncoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/QuestionRecordEncoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/QuestionRecordEncoderTest.java Tue Jan 24 16:15:05 2012
@@ -29,6 +29,7 @@ import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+
/**
* Tests for the Question record encoder.
*
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoderTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoderTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/io/encoder/StartOfAuthorityRecordEncoderTest.java Tue Jan 24 16:15:05 2012
@@ -58,7 +58,7 @@ public class StartOfAuthorityRecordEncod
map.put( Strings.toLowerCase( DnsAttribute.SOA_RETRY ), retry );
map.put( Strings.toLowerCase( DnsAttribute.SOA_EXPIRE ), expire );
map.put( Strings.toLowerCase( DnsAttribute.SOA_MINIMUM ), minimum );
-
+
return map;
}
Modified: directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/messages/RecordClassTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/messages/RecordClassTest.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/messages/RecordClassTest.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/test/java/org/apache/directory/server/dns/messages/RecordClassTest.java Tue Jan 24 16:15:05 2012
@@ -19,6 +19,7 @@
*/
package org.apache.directory.server.dns.messages;
+
import org.junit.Test;
import static org.junit.Assert.assertEquals;
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java Tue Jan 24 16:15:05 2012
@@ -63,8 +63,7 @@ public class KdcServer extends Directory
/** logger for this class */
private static final Logger LOG = LoggerFactory.getLogger( KdcServer.class.getName() );
-
-
+
/** The default kdc port */
private static final int DEFAULT_IP_PORT = 88;
@@ -85,7 +84,7 @@ public class KdcServer extends Directory
/** The default encryption types */
private static final String[] DEFAULT_ENCRYPTION_TYPES = new String[]
- { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd", "des-cbc-md5" };
+ { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd", "des-cbc-md5" };
/** The default for allowing empty addresses */
private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
@@ -156,6 +155,7 @@ public class KdcServer extends Directory
/** the cache used for storing AS and TGS requests */
private ReplayCache replayCache;
+
/**
* Creates a new instance of KdcConfiguration.
*/
@@ -262,8 +262,8 @@ public class KdcServer extends Directory
if ( encryptionTypes != null )
{
this.encryptionTypes.clear();
-
- for ( EncryptionType encryptionType:encryptionTypes )
+
+ for ( EncryptionType encryptionType : encryptionTypes )
{
this.encryptionTypes.add( encryptionType );
}
@@ -451,86 +451,86 @@ public class KdcServer extends Directory
PrincipalStore store;
// TODO - for now ignoring this catalog crap
- store = new DirectoryPrincipalStore( getDirectoryService(), new Dn(this.getSearchBaseDn()) );
-
+ store = new DirectoryPrincipalStore( getDirectoryService(), new Dn( this.getSearchBaseDn() ) );
+
LOG.debug( "initializing the kerberos replay cache" );
Cache cache = getDirectoryService().getCacheService().getCache( "kdcReplayCache" );
replayCache = new ReplayCacheImpl( cache, allowableClockSkew );
-
+
if ( ( transports == null ) || ( transports.size() == 0 ) )
{
// Default to UDP with port 88
// We have to create a DatagramAcceptor
UdpTransport transport = new UdpTransport( DEFAULT_IP_PORT );
setTransports( transport );
-
- DatagramAcceptor acceptor = (DatagramAcceptor)transport.getAcceptor();
+
+ DatagramAcceptor acceptor = ( DatagramAcceptor ) transport.getAcceptor();
// Inject the chain
IoFilterChainBuilder udpChainBuilder = new DefaultIoFilterChainBuilder();
- ((DefaultIoFilterChainBuilder)udpChainBuilder).addFirst( "codec",
- new ProtocolCodecFilter(
- KerberosProtocolCodecFactory.getInstance() ) );
+ ( ( DefaultIoFilterChainBuilder ) udpChainBuilder ).addFirst( "codec",
+ new ProtocolCodecFilter(
+ KerberosProtocolCodecFactory.getInstance() ) );
acceptor.setFilterChainBuilder( udpChainBuilder );
// Inject the protocol handler
acceptor.setHandler( new KerberosProtocolHandler( this, store ) );
-
+
// Bind to the configured address
acceptor.bind();
}
else
{
// Kerberos can use UDP or TCP
- for ( Transport transport:transports )
+ for ( Transport transport : transports )
{
IoAcceptor acceptor = transport.getAcceptor();
-
+
// Now, configure the acceptor
// Inject the chain
IoFilterChainBuilder chainBuilder = new DefaultIoFilterChainBuilder();
-
+
if ( transport instanceof TcpTransport )
{
// Now, configure the acceptor
// Disable the disconnection of the clients on unbind
acceptor.setCloseOnDeactivation( false );
-
+
// No Nagle's algorithm
- ((NioSocketAcceptor)acceptor).getSessionConfig().setTcpNoDelay( true );
-
+ ( ( NioSocketAcceptor ) acceptor ).getSessionConfig().setTcpNoDelay( true );
+
// Allow the port to be reused even if the socket is in TIME_WAIT state
- ((NioSocketAcceptor)acceptor).setReuseAddress( true );
+ ( ( NioSocketAcceptor ) acceptor ).setReuseAddress( true );
}
-
+
// Inject the codec
- ((DefaultIoFilterChainBuilder)chainBuilder).addFirst( "codec",
- new ProtocolCodecFilter(
+ ( ( DefaultIoFilterChainBuilder ) chainBuilder ).addFirst( "codec",
+ new ProtocolCodecFilter(
KerberosProtocolCodecFactory.getInstance() ) );
acceptor.setFilterChainBuilder( chainBuilder );
-
+
// Inject the protocol handler
acceptor.setHandler( new KerberosProtocolHandler( this, store ) );
-
+
// Bind to the configured address
acceptor.bind();
}
}
-
+
LOG.info( "Kerberos service started." );
}
-
+
public void stop()
{
- for ( Transport transport :getTransports() )
+ for ( Transport transport : getTransports() )
{
IoAcceptor acceptor = transport.getAcceptor();
-
+
if ( acceptor != null )
{
acceptor.dispose();
@@ -541,7 +541,7 @@ public class KdcServer extends Directory
{
replayCache.clear();
}
-
+
LOG.info( "Kerberos service stopped." );
}
@@ -557,33 +557,33 @@ public class KdcServer extends Directory
for ( String enc : encryptionTypeStrings )
{
- EncryptionType type = EncryptionType.getByName(enc);
+ EncryptionType type = EncryptionType.getByName( enc );
- if ( ! EncryptionType.UNKNOWN.equals(type) )
+ if ( !EncryptionType.UNKNOWN.equals( type ) )
{
encryptionTypes.add( type );
}
}
}
-
-
+
+
/**
* @see Object#toString()
*/
public String toString()
{
StringBuilder sb = new StringBuilder();
-
+
sb.append( "KDCServer[" ).append( getServiceName() ).append( "], listening on :" ).append( '\n' );
-
+
if ( getTransports() != null )
{
- for ( Transport transport:getTransports() )
+ for ( Transport transport : getTransports() )
{
sb.append( " " ).append( transport ).append( '\n' );
}
}
-
+
return sb.toString();
}
}
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java Tue Jan 24 16:15:05 2012
@@ -98,7 +98,6 @@ public class AuthenticationContext exten
}
*/
-
/**
* @return Returns the clientKey.
*/
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java Tue Jan 24 16:15:05 2012
@@ -103,7 +103,7 @@ public class AuthenticationService
{
monitorRequest( authContext );
}
-
+
authContext.setCipherTextHandler( cipherTextHandler );
if ( authContext.getRequest().getProtocolVersionNumber() != KerberosConstants.KERBEROS_V5 )
@@ -116,7 +116,7 @@ public class AuthenticationService
verifyPolicy( authContext );
verifySam( authContext );
verifyEncryptedTimestamp( authContext );
-
+
if ( authContext.getClientKey() == null )
{
verifyEncryptedTimestamp( authContext );
@@ -127,8 +127,9 @@ public class AuthenticationService
buildReply( authContext );
}
-
- private static void selectEncryptionType( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+ private static void selectEncryptionType( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
KdcContext kdcContext = ( KdcContext ) authContext;
KdcServer config = kdcContext.getConfig();
@@ -147,19 +148,21 @@ public class AuthenticationService
kdcContext.setEncryptionType( bestType );
}
-
- private static void getClientEntry( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+ private static void getClientEntry( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
- KerberosPrincipal principal = KerberosUtils.getKerberosPrincipal(
+ KerberosPrincipal principal = KerberosUtils.getKerberosPrincipal(
authContext.getRequest().getKdcReqBody().getCName(), authContext.getRequest().getKdcReqBody().getRealm() );
PrincipalStore store = authContext.getStore();
- PrincipalStoreEntry storeEntry = getEntry( principal, store, ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
+ PrincipalStoreEntry storeEntry = getEntry( principal, store, ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
authContext.setClientEntry( storeEntry );
}
-
-
- private static void verifyPolicy( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+
+ private static void verifyPolicy( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
PrincipalStoreEntry entry = authContext.getClientEntry();
@@ -178,8 +181,8 @@ public class AuthenticationService
throw new KerberosException( ErrorType.KDC_ERR_CLIENT_REVOKED );
}
}
-
-
+
+
private static void verifySam( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
{
LOG.debug( "Verifying using SAM subsystem." );
@@ -195,7 +198,9 @@ public class AuthenticationService
{
if ( LOG.isDebugEnabled() )
{
- LOG.debug( "Entry for client principal {} has a valid SAM type. Invoking SAM subsystem for pre-authentication.", clientName );
+ LOG.debug(
+ "Entry for client principal {} has a valid SAM type. Invoking SAM subsystem for pre-authentication.",
+ clientName );
}
List<PaData> preAuthData = request.getPaData();
@@ -233,12 +238,13 @@ public class AuthenticationService
}
}
}
-
-
- private static void verifyEncryptedTimestamp( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+
+ private static void verifyEncryptedTimestamp( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
LOG.debug( "Verifying using encrypted timestamp." );
-
+
KdcServer config = authContext.getConfig();
KdcReq request = authContext.getRequest();
CipherTextHandler cipherTextHandler = authContext.getCipherTextHandler();
@@ -281,7 +287,8 @@ public class AuthenticationService
if ( paData.getPaDataType().equals( PaDataType.PA_ENC_TIMESTAMP ) )
{
EncryptedData dataValue = KerberosDecoder.decodeEncryptedData( paData.getPaDataValue() );
- byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
+ byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue,
+ KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
timestamp = KerberosDecoder.decodePaEncTsEnc( decryptedData );
}
}
@@ -320,19 +327,22 @@ public class AuthenticationService
LOG.debug( "Pre-authentication by encrypted timestamp successful for {}.", clientName );
}
}
-
-
- private static void getServerEntry( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+
+ private static void getServerEntry( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
PrincipalName principal = authContext.getRequest().getKdcReqBody().getSName();
PrincipalStore store = authContext.getStore();
-
- KerberosPrincipal principalWithRealm = new KerberosPrincipal( principal.getNameString() + "@" + authContext.getRequest().getKdcReqBody().getRealm() );
+
+ KerberosPrincipal principalWithRealm = new KerberosPrincipal( principal.getNameString() + "@"
+ + authContext.getRequest().getKdcReqBody().getRealm() );
authContext.setServerEntry( getEntry( principalWithRealm, store, ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN ) );
- }
-
-
- private static void generateTicket( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+ }
+
+
+ private static void generateTicket( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
KdcReq request = authContext.getRequest();
CipherTextHandler cipherTextHandler = authContext.getCipherTextHandler();
@@ -342,7 +352,7 @@ public class AuthenticationService
EncryptionKey serverKey = authContext.getServerEntry().getKeyMap().get( encryptionType );
PrincipalName ticketPrincipal = request.getKdcReqBody().getSName();
-
+
EncTicketPart encTicketPart = new EncTicketPart();
KdcServer config = authContext.getConfig();
@@ -387,9 +397,9 @@ public class AuthenticationService
ticketFlags.setFlag( TicketFlag.MAY_POSTDATE );
}
- if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEW )
+ if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEW )
|| request.getKdcReqBody().getKdcOptions().get( KdcOptions.VALIDATE )
- || request.getKdcReqBody().getKdcOptions().get( KdcOptions.PROXY )
+ || request.getKdcReqBody().getKdcOptions().get( KdcOptions.PROXY )
|| request.getKdcReqBody().getKdcOptions().get( KdcOptions.FORWARDED )
|| request.getKdcReqBody().getKdcOptions().get( KdcOptions.ENC_TKT_IN_SKEY ) )
{
@@ -428,7 +438,7 @@ public class AuthenticationService
* KDC_ERR_CANNOT_POSTDATE is returned."
*/
if ( startTime != null && startTime.greaterThan( now )
- && !startTime.isInClockSkew( config.getAllowableClockSkew() )
+ && !startTime.isInClockSkew( config.getAllowableClockSkew() )
&& !request.getKdcReqBody().getKdcOptions().get( KdcOptions.POSTDATED ) )
{
throw new KerberosException( ErrorType.KDC_ERR_CANNOT_POSTDATE );
@@ -452,7 +462,7 @@ public class AuthenticationService
}
long till = 0;
-
+
if ( request.getKdcReqBody().getTill().getTime() == 0 )
{
till = Long.MAX_VALUE;
@@ -481,7 +491,7 @@ public class AuthenticationService
}
long ticketLifeTime = Math.abs( startTime.getTime() - kerberosEndTime.getTime() );
-
+
if ( ticketLifeTime < config.getAllowableClockSkew() )
{
throw new KerberosException( ErrorType.KDC_ERR_NEVER_VALID );
@@ -495,7 +505,7 @@ public class AuthenticationService
*/
KerberosTime tempRtime = request.getKdcReqBody().getRTime();
- if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE_OK )
+ if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE_OK )
&& request.getKdcReqBody().getTill().greaterThan( kerberosEndTime ) )
{
if ( !config.isRenewableAllowed() )
@@ -530,7 +540,8 @@ public class AuthenticationService
encTicketPart.setRenewTill( new KerberosTime( renewTill ) );
}
- if ( request.getKdcReqBody().getAddresses() != null && request.getKdcReqBody().getAddresses().getAddresses() != null
+ if ( request.getKdcReqBody().getAddresses() != null
+ && request.getKdcReqBody().getAddresses().getAddresses() != null
&& request.getKdcReqBody().getAddresses().getAddresses().length > 0 )
{
encTicketPart.setClientAddresses( request.getKdcReqBody().getAddresses() );
@@ -543,13 +554,13 @@ public class AuthenticationService
}
}
- EncryptedData encryptedData = cipherTextHandler.seal( serverKey, encTicketPart, KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
+ EncryptedData encryptedData = cipherTextHandler.seal( serverKey, encTicketPart,
+ KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
Ticket newTicket = new Ticket( ticketPrincipal, encryptedData );
newTicket.setRealm( serverRealm );
newTicket.setEncTicketPart( encTicketPart );
-
if ( LOG.isDebugEnabled() )
{
@@ -558,19 +569,20 @@ public class AuthenticationService
authContext.setTicket( newTicket );
}
-
-
- private static void buildReply( AuthenticationContext authContext ) throws KerberosException, InvalidTicketException
+
+
+ private static void buildReply( AuthenticationContext authContext ) throws KerberosException,
+ InvalidTicketException
{
KdcReq request = authContext.getRequest();
Ticket ticket = authContext.getTicket();
AsRep reply = new AsRep();
-
+
reply.setCName( request.getKdcReqBody().getCName() );
reply.setCRealm( request.getKdcReqBody().getRealm() );
reply.setTicket( ticket );
-
+
EncKdcRepPart encKdcRepPart = new EncKdcRepPart();
encKdcRepPart.setKey( ticket.getEncTicketPart().getKey() );
@@ -605,16 +617,17 @@ public class AuthenticationService
monitorContext( authContext );
monitorReply( reply, encKdcRepPart );
}
-
+
EncryptionKey clientKey = authContext.getClientKey();
- EncryptedData encryptedData = cipherTextHandler.seal( clientKey, encAsRepPart, KeyUsage.AS_REP_ENC_PART_WITH_CKEY );
+ EncryptedData encryptedData = cipherTextHandler.seal( clientKey, encAsRepPart,
+ KeyUsage.AS_REP_ENC_PART_WITH_CKEY );
reply.setEncPart( encryptedData );
reply.setEncKdcRepPart( encKdcRepPart );
-
+
authContext.setReply( reply );
}
-
-
+
+
private static void monitorRequest( KdcContext kdcContext )
{
KdcReq request = kdcContext.getRequest();
@@ -635,7 +648,8 @@ public class AuthenticationService
sb.append( "\n\t" + "kdcOptions: " + request.getKdcReqBody().getKdcOptions() );
sb.append( "\n\t" + "clientPrincipal: " + request.getKdcReqBody().getCName() );
sb.append( "\n\t" + "serverPrincipal: " + request.getKdcReqBody().getSName() );
- sb.append( "\n\t" + "encryptionType: " + KerberosUtils.getEncryptionTypesString( request.getKdcReqBody().getEType() ) );
+ sb.append( "\n\t" + "encryptionType: "
+ + KerberosUtils.getEncryptionTypesString( request.getKdcReqBody().getEType() ) );
sb.append( "\n\t" + "realm: " + request.getKdcReqBody().getRealm() );
sb.append( "\n\t" + "from time: " + request.getKdcReqBody().getFrom() );
sb.append( "\n\t" + "till time: " + request.getKdcReqBody().getTill() );
@@ -651,7 +665,8 @@ public class AuthenticationService
}
}
}
-
+
+
private static void monitorContext( AuthenticationContext authContext )
{
try
@@ -699,8 +714,8 @@ public class AuthenticationService
LOG.error( I18n.err( I18n.ERR_154 ), e );
}
}
-
-
+
+
private static void monitorReply( AsRep reply, EncKdcRepPart part )
{
if ( LOG.isDebugEnabled() )
@@ -732,8 +747,8 @@ public class AuthenticationService
}
}
}
-
-
+
+
/**
* Get a PrincipalStoreEntry given a principal. The ErrorType is used to indicate
* whether any resulting error pertains to a server or client.
@@ -764,8 +779,8 @@ public class AuthenticationService
return entry;
}
-
-
+
+
/**
* Prepares a pre-authentication error message containing required
* encryption types.
@@ -784,8 +799,8 @@ public class AuthenticationService
paDataSequence[0] = paData;
ETypeInfo eTypeInfo = new ETypeInfo();
-
- for ( EncryptionType encryptionType:encryptionTypes )
+
+ for ( EncryptionType encryptionType : encryptionTypes )
{
ETypeInfoEntry etypeInfoEntry = new ETypeInfoEntry( encryptionType, null );
eTypeInfo.addETypeInfoEntry( etypeInfoEntry );
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/package-info.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.kerberos.kdc.authentication;
+
+
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/package-info.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/package-info.java Tue Jan 24 16:15:05 2012
@@ -31,3 +31,5 @@
*/
package org.apache.directory.server.kerberos.kdc;
+
+
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java Tue Jan 24 16:15:05 2012
@@ -81,16 +81,17 @@ import org.slf4j.LoggerFactory;
*/
public class TicketGrantingService
{
-
+
/** the log for this class */
private static final Logger LOG = LoggerFactory.getLogger( TicketGrantingService.class );
-
+
private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
private static final String SERVICE_NAME = "Ticket-Granting Service (TGS)";
private static final ChecksumHandler checksumHandler = new ChecksumHandler();
+
public static void execute( TicketGrantingContext tgsContext ) throws Exception
{
if ( LOG.isDebugEnabled() )
@@ -98,7 +99,7 @@ public class TicketGrantingService
monitorRequest( tgsContext );
}
- configureTicketGranting( tgsContext);
+ configureTicketGranting( tgsContext );
selectEncryptionType( tgsContext );
getAuthHeader( tgsContext );
verifyTgt( tgsContext );
@@ -109,8 +110,8 @@ public class TicketGrantingService
generateTicket( tgsContext );
buildReply( tgsContext );
}
-
-
+
+
private static void configureTicketGranting( TicketGrantingContext tgsContext ) throws KerberosException
{
tgsContext.setCipherTextHandler( cipherTextHandler );
@@ -120,7 +121,7 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KDC_ERR_BAD_PVNO );
}
}
-
+
private static void monitorRequest( KdcContext kdcContext ) throws Exception
{
@@ -140,7 +141,8 @@ public class TicketGrantingService
sb.append( "\n\t" + "kdcOptions: " + request.getKdcReqBody().getKdcOptions() );
sb.append( "\n\t" + "clientPrincipal: " + request.getKdcReqBody().getCName() );
sb.append( "\n\t" + "serverPrincipal: " + request.getKdcReqBody().getSName() );
- sb.append( "\n\t" + "encryptionType: " + KerberosUtils.getEncryptionTypesString( request.getKdcReqBody().getEType() ) );
+ sb.append( "\n\t" + "encryptionType: "
+ + KerberosUtils.getEncryptionTypesString( request.getKdcReqBody().getEType() ) );
sb.append( "\n\t" + "realm: " + request.getKdcReqBody().getRealm() );
sb.append( "\n\t" + "from time: " + request.getKdcReqBody().getFrom() );
sb.append( "\n\t" + "till time: " + request.getKdcReqBody().getTill() );
@@ -155,11 +157,11 @@ public class TicketGrantingService
LOG.error( I18n.err( I18n.ERR_153 ), e );
}
}
-
-
+
+
private static void selectEncryptionType( TicketGrantingContext tgsContext ) throws Exception
{
- KdcContext kdcContext = (KdcContext)tgsContext;
+ KdcContext kdcContext = ( KdcContext ) tgsContext;
KdcServer config = kdcContext.getConfig();
Set<EncryptionType> requestedTypes = kdcContext.getRequest().getKdcReqBody().getEType();
@@ -175,8 +177,8 @@ public class TicketGrantingService
kdcContext.setEncryptionType( bestType );
}
-
-
+
+
private static void getAuthHeader( TicketGrantingContext tgsContext ) throws Exception
{
KdcReq request = tgsContext.getRequest();
@@ -202,14 +204,14 @@ public class TicketGrantingService
}
ApReq authHeader = KerberosDecoder.decodeApReq( undecodedAuthHeader );
-
+
Ticket tgt = authHeader.getTicket();
tgsContext.setAuthHeader( authHeader );
tgsContext.setTgt( tgt );
}
-
-
+
+
public static void verifyTgt( TicketGrantingContext tgsContext ) throws KerberosException
{
KdcServer config = tgsContext.getConfig();
@@ -222,8 +224,9 @@ public class TicketGrantingService
}
String tgtServerName = KerberosUtils.getKerberosPrincipal( tgt.getSName(), tgt.getRealm() ).getName();
- String requestServerName = KerberosUtils.getKerberosPrincipal(
- tgsContext.getRequest().getKdcReqBody().getSName(), tgsContext.getRequest().getKdcReqBody().getRealm() ).getName();
+ String requestServerName = KerberosUtils.getKerberosPrincipal(
+ tgsContext.getRequest().getKdcReqBody().getSName(), tgsContext.getRequest().getKdcReqBody().getRealm() )
+ .getName();
/*
* if (tgt.sname is not a TGT for local realm and is not req.sname)
@@ -235,14 +238,15 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KRB_AP_ERR_NOT_US );
}
}
-
-
+
+
private static void getTicketPrincipalEntry( TicketGrantingContext tgsContext ) throws KerberosException
{
PrincipalName principal = tgsContext.getTgt().getSName();
PrincipalStore store = tgsContext.getStore();
-
- KerberosPrincipal principalWithRealm = KerberosUtils.getKerberosPrincipal( principal, tgsContext.getTgt().getRealm() );
+
+ KerberosPrincipal principalWithRealm = KerberosUtils.getKerberosPrincipal( principal, tgsContext.getTgt()
+ .getRealm() );
PrincipalStoreEntry entry = getEntry( principalWithRealm, store, ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN );
tgsContext.setTicketPrincipalEntry( entry );
}
@@ -252,7 +256,7 @@ public class TicketGrantingService
{
ApReq authHeader = tgsContext.getAuthHeader();
Ticket tgt = tgsContext.getTgt();
-
+
boolean isValidate = tgsContext.getRequest().getKdcReqBody().getKdcOptions().get( KdcOptions.VALIDATE );
EncryptionType encryptionType = tgt.getEncPart().getEType();
@@ -265,12 +269,13 @@ public class TicketGrantingService
CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
Authenticator authenticator = verifyAuthHeader( authHeader, tgt, serverKey, clockSkew, replayCache,
- emptyAddressesAllowed, clientAddress, cipherTextHandler, KeyUsage.TGS_REQ_PA_TGS_REQ_PADATA_AP_REQ_TGS_SESS_KEY, isValidate );
+ emptyAddressesAllowed, clientAddress, cipherTextHandler,
+ KeyUsage.TGS_REQ_PA_TGS_REQ_PADATA_AP_REQ_TGS_SESS_KEY, isValidate );
tgsContext.setAuthenticator( authenticator );
}
-
-
+
+
/**
* RFC4120
* <li>Section 3.3.2. Receipt of KRB_TGS_REQ Message -> 2nd paragraph
@@ -291,7 +296,7 @@ public class TicketGrantingService
{
body.encode( buf );
}
- catch( EncoderException e )
+ catch ( EncoderException e )
{
throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
}
@@ -316,11 +321,11 @@ public class TicketGrantingService
KeyUsage.TGS_REQ_PA_TGS_REQ_PADATA_AP_REQ_AUTHNT_CKSUM_TGS_SESS_KEY );
}
}
-
+
public static void getRequestPrincipalEntry( TicketGrantingContext tgsContext ) throws KerberosException
{
- KerberosPrincipal principal = KerberosUtils.getKerberosPrincipal(
+ KerberosPrincipal principal = KerberosUtils.getKerberosPrincipal(
tgsContext.getRequest().getKdcReqBody().getSName(), tgsContext.getRequest().getKdcReqBody().getRealm() );
PrincipalStore store = tgsContext.getStore();
@@ -328,14 +333,15 @@ public class TicketGrantingService
tgsContext.setRequestPrincipalEntry( entry );
}
-
- private static void generateTicket( TicketGrantingContext tgsContext ) throws KerberosException, InvalidTicketException
+
+ private static void generateTicket( TicketGrantingContext tgsContext ) throws KerberosException,
+ InvalidTicketException
{
KdcReq request = tgsContext.getRequest();
Ticket tgt = tgsContext.getTgt();
Authenticator authenticator = tgsContext.getAuthenticator();
CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
- KerberosPrincipal ticketPrincipal = KerberosUtils.getKerberosPrincipal(
+ KerberosPrincipal ticketPrincipal = KerberosUtils.getKerberosPrincipal(
request.getKdcReqBody().getSName(), request.getKdcReqBody().getRealm() );
EncryptionType encryptionType = tgsContext.getEncryptionType();
@@ -357,8 +363,9 @@ public class TicketGrantingService
if ( request.getKdcReqBody().getEncAuthorizationData() != null )
{
- byte[] authorizationData = cipherTextHandler.decrypt( authenticator.getSubKey(), request.getKdcReqBody().getEncAuthorizationData(), KeyUsage.TGS_REQ_KDC_REQ_BODY_AUTHZ_DATA_ENC_WITH_TGS_SESS_KEY );
- AuthorizationData authData = KerberosDecoder.decodeAuthorizationData( authorizationData );
+ byte[] authorizationData = cipherTextHandler.decrypt( authenticator.getSubKey(), request.getKdcReqBody()
+ .getEncAuthorizationData(), KeyUsage.TGS_REQ_KDC_REQ_BODY_AUTHZ_DATA_ENC_WITH_TGS_SESS_KEY );
+ AuthorizationData authData = KerberosDecoder.decodeAuthorizationData( authorizationData );
authData.addEntry( tgt.getEncTicketPart().getAuthorizationData().getCurrentAD() );
newTicketPart.setAuthorizationData( authData );
}
@@ -385,7 +392,8 @@ public class TicketGrantingService
}
else
{
- EncryptedData encryptedData = cipherTextHandler.seal( serverKey, newTicketPart, KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
+ EncryptedData encryptedData = cipherTextHandler.seal( serverKey, newTicketPart,
+ KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
Ticket newTicket = new Ticket( request.getKdcReqBody().getSName(), encryptedData );
newTicket.setEncTicketPart( newTicketPart );
@@ -394,7 +402,7 @@ public class TicketGrantingService
tgsContext.setNewTicket( newTicket );
}
}
-
+
private static void buildReply( TicketGrantingContext tgsContext ) throws KerberosException
{
@@ -403,13 +411,13 @@ public class TicketGrantingService
Ticket newTicket = tgsContext.getNewTicket();
TgsRep reply = new TgsRep();
-
+
reply.setCName( tgt.getEncTicketPart().getCName() );
reply.setCRealm( tgt.getEncTicketPart().getCRealm() );
reply.setTicket( newTicket );
-
+
EncKdcRepPart encKdcRepPart = new EncKdcRepPart();
-
+
encKdcRepPart.setKey( newTicket.getEncTicketPart().getKey() );
encKdcRepPart.setNonce( request.getKdcReqBody().getNonce() );
// TODO - resp.last-req := fetch_last_request_info(client); requires store
@@ -435,27 +443,29 @@ public class TicketGrantingService
EncTgsRepPart encTgsRepPart = new EncTgsRepPart();
encTgsRepPart.setEncKdcRepPart( encKdcRepPart );
-
+
Authenticator authenticator = tgsContext.getAuthenticator();
-
+
EncryptedData encryptedData;
-
+
if ( authenticator.getSubKey() != null )
{
- encryptedData = cipherTextHandler.seal( authenticator.getSubKey(), encTgsRepPart, KeyUsage.TGS_REP_ENC_PART_TGS_AUTHNT_SUB_KEY );
+ encryptedData = cipherTextHandler.seal( authenticator.getSubKey(), encTgsRepPart,
+ KeyUsage.TGS_REP_ENC_PART_TGS_AUTHNT_SUB_KEY );
}
else
{
- encryptedData = cipherTextHandler.seal( tgt.getEncTicketPart().getKey(), encTgsRepPart, KeyUsage.TGS_REP_ENC_PART_TGS_SESS_KEY );
+ encryptedData = cipherTextHandler.seal( tgt.getEncTicketPart().getKey(), encTgsRepPart,
+ KeyUsage.TGS_REP_ENC_PART_TGS_SESS_KEY );
}
-
+
reply.setEncPart( encryptedData );
reply.setEncKdcRepPart( encKdcRepPart );
tgsContext.setReply( reply );
}
-
-
+
+
private static void monitorContext( TicketGrantingContext tgsContext )
{
try
@@ -469,7 +479,8 @@ public class TicketGrantingService
boolean caddrContainsSender = false;
if ( tgt.getEncTicketPart().getClientAddresses() != null )
{
- caddrContainsSender = tgt.getEncTicketPart().getClientAddresses().contains( new HostAddress( clientAddress ) );
+ caddrContainsSender = tgt.getEncTicketPart().getClientAddresses()
+ .contains( new HostAddress( clientAddress ) );
}
StringBuffer sb = new StringBuffer();
@@ -514,13 +525,13 @@ public class TicketGrantingService
}
}
-
+
private static void monitorReply( TgsRep success, EncKdcRepPart part )
{
try
{
StringBuffer sb = new StringBuffer();
-
+
sb.append( "Responding with " + SERVICE_NAME + " reply:" );
sb.append( "\n\t" + "messageType: " + success.getMessageType() );
sb.append( "\n\t" + "protocolVersionNumber: " + success.getProtocolVersionNumber() );
@@ -534,7 +545,7 @@ public class TicketGrantingService
sb.append( "\n\t" + "end time: " + part.getEndTime() );
sb.append( "\n\t" + "renew-till time: " + part.getRenewTill() );
sb.append( "\n\t" + "hostAddresses: " + part.getClientAddresses() );
-
+
LOG.debug( sb.toString() );
}
catch ( Exception e )
@@ -543,9 +554,8 @@ public class TicketGrantingService
LOG.error( I18n.err( I18n.ERR_155 ), e );
}
}
-
-
+
private static void processFlags( KdcServer config, KdcReq request, Ticket tgt,
EncTicketPart newTicketPart ) throws KerberosException
{
@@ -581,7 +591,8 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
}
- if ( request.getKdcReqBody().getAddresses() != null && request.getKdcReqBody().getAddresses().getAddresses() != null
+ if ( request.getKdcReqBody().getAddresses() != null
+ && request.getKdcReqBody().getAddresses().getAddresses() != null
&& request.getKdcReqBody().getAddresses().getAddresses().length > 0 )
{
newTicketPart.setClientAddresses( request.getKdcReqBody().getAddresses() );
@@ -629,7 +640,8 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
}
- if ( request.getKdcReqBody().getAddresses() != null && request.getKdcReqBody().getAddresses().getAddresses() != null
+ if ( request.getKdcReqBody().getAddresses() != null
+ && request.getKdcReqBody().getAddresses().getAddresses() != null
&& request.getKdcReqBody().getAddresses().getAddresses().length > 0 )
{
newTicketPart.setClientAddresses( request.getKdcReqBody().getAddresses() );
@@ -700,9 +712,9 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KDC_ERR_POLICY );
}
- KerberosTime startTime = ( tgt.getEncTicketPart().getStartTime() != null ) ?
- tgt.getEncTicketPart().getStartTime() :
- tgt.getEncTicketPart().getAuthTime();
+ KerberosTime startTime = ( tgt.getEncTicketPart().getStartTime() != null ) ?
+ tgt.getEncTicketPart().getStartTime() :
+ tgt.getEncTicketPart().getAuthTime();
if ( startTime.greaterThan( new KerberosTime() ) )
{
@@ -713,26 +725,26 @@ public class TicketGrantingService
newTicketPart.getFlags().clearFlag( TicketFlag.INVALID );
}
- if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_0 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_7 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_9 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_10 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_11 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_12 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_13 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_14 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_15 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_16 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_17 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_18 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_19 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_20 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_21 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_22 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_23 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_24 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_25 ) ||
- request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_29 ) )
+ if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_0 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_7 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_9 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_10 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_11 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_12 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_13 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_14 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_15 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_16 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_17 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_18 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_19 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_20 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_21 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_22 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_23 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_24 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_25 ) ||
+ request.getKdcReqBody().getKdcOptions().get( KdcOptions.RESERVED_29 ) )
{
throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
}
@@ -766,9 +778,11 @@ public class TicketGrantingService
* is not set in the TGT, then the error KDC_ERR_CANNOT_POSTDATE is
* returned."
*/
- if ( startTime != null && startTime.greaterThan( now )
+ if ( startTime != null
+ && startTime.greaterThan( now )
&& !startTime.isInClockSkew( config.getAllowableClockSkew() )
- && ( !request.getKdcReqBody().getKdcOptions().get( KdcOptions.POSTDATED ) || !tgt.getEncTicketPart().getFlags().isMayPosdate() ) )
+ && ( !request.getKdcReqBody().getKdcOptions().get( KdcOptions.POSTDATED ) || !tgt.getEncTicketPart()
+ .getFlags().isMayPosdate() ) )
{
throw new KerberosException( ErrorType.KDC_ERR_CANNOT_POSTDATE );
}
@@ -797,13 +811,14 @@ public class TicketGrantingService
newTicketPart.setStartTime( now );
- KerberosTime tgtStartTime = ( tgt.getEncTicketPart().getStartTime() != null ) ?
- tgt.getEncTicketPart().getStartTime() :
- tgt.getEncTicketPart().getAuthTime();
+ KerberosTime tgtStartTime = ( tgt.getEncTicketPart().getStartTime() != null ) ?
+ tgt.getEncTicketPart().getStartTime() :
+ tgt.getEncTicketPart().getAuthTime();
long oldLife = tgt.getEncTicketPart().getEndTime().getTime() - tgtStartTime.getTime();
- kerberosEndTime = new KerberosTime( Math.min( tgt.getEncTicketPart().getRenewTill().getTime(), now.getTime() + oldLife ) );
+ kerberosEndTime = new KerberosTime( Math.min( tgt.getEncTicketPart().getRenewTill().getTime(),
+ now.getTime() + oldLife ) );
newTicketPart.setEndTime( kerberosEndTime );
}
else
@@ -836,7 +851,8 @@ public class TicketGrantingService
newTicketPart.setEndTime( kerberosEndTime );
- if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE_OK ) && kerberosEndTime.lessThan( request.getKdcReqBody().getTill() )
+ if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE_OK )
+ && kerberosEndTime.lessThan( request.getKdcReqBody().getTill() )
&& tgt.getEncTicketPart().getFlags().isRenewable() )
{
if ( !config.isRenewableAllowed() )
@@ -846,7 +862,8 @@ public class TicketGrantingService
// We set the RENEWABLE option for later processing.
request.getKdcReqBody().getKdcOptions().set( KdcOptions.RENEWABLE );
- long rtime = Math.min( request.getKdcReqBody().getTill().getTime(), tgt.getEncTicketPart().getRenewTill().getTime() );
+ long rtime = Math.min( request.getKdcReqBody().getTill().getTime(), tgt.getEncTicketPart()
+ .getRenewTill().getTime() );
renewalTime = new KerberosTime( rtime );
}
}
@@ -866,7 +883,8 @@ public class TicketGrantingService
rtime = renewalTime;
}
- if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE ) && tgt.getEncTicketPart().getFlags().isRenewable() )
+ if ( request.getKdcReqBody().getKdcOptions().get( KdcOptions.RENEWABLE )
+ && tgt.getEncTicketPart().getFlags().isRenewable() )
{
if ( !config.isRenewableAllowed() )
{
@@ -925,14 +943,14 @@ public class TicketGrantingService
*
* new_tkt.transited := compress_transited(tgt.transited + tgt.realm)
* endif
- */
+ */
private static void processTransited( EncTicketPart newTicketPart, Ticket tgt )
{
// TODO - currently no transited support other than local
newTicketPart.setTransited( tgt.getEncTicketPart().getTransited() );
}
-
+
private static void echoTicket( EncTicketPart newTicketPart, Ticket tgt )
{
EncTicketPart encTicketpart = tgt.getEncTicketPart();
@@ -946,7 +964,8 @@ public class TicketGrantingService
newTicketPart.setKey( encTicketpart.getKey() );
newTicketPart.setTransited( encTicketpart.getTransited() );
}
-
+
+
/**
* Get a PrincipalStoreEntry given a principal. The ErrorType is used to indicate
* whether any resulting error pertains to a server or client.
@@ -983,8 +1002,7 @@ public class TicketGrantingService
return entry;
}
-
-
+
/**
* Verifies an AuthHeader using guidelines from RFC 1510 section A.10., "KRB_AP_REQ verification."
@@ -1035,21 +1053,23 @@ public class TicketGrantingService
if ( ticketKey == null )
{
// TODO - check server key version number, skvno; requires store
-// if ( false )
-// {
-// throw new KerberosException( ErrorType.KRB_AP_ERR_BADKEYVER );
-// }
+ // if ( false )
+ // {
+ // throw new KerberosException( ErrorType.KRB_AP_ERR_BADKEYVER );
+ // }
throw new KerberosException( ErrorType.KRB_AP_ERR_NOKEY );
}
-
- byte[] encTicketPartData = lockBox.decrypt( ticketKey, ticket.getEncPart(), KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
- EncTicketPart encPart = KerberosDecoder.decodeEncTicketPart( encTicketPartData );
+
+ byte[] encTicketPartData = lockBox.decrypt( ticketKey, ticket.getEncPart(),
+ KeyUsage.AS_OR_TGS_REP_TICKET_WITH_SRVKEY );
+ EncTicketPart encPart = KerberosDecoder.decodeEncTicketPart( encTicketPartData );
ticket.setEncTicketPart( encPart );
- byte[] authenticatorData = lockBox.decrypt( ticket.getEncTicketPart().getKey(), authHeader.getAuthenticator(), authenticatorKeyUsage );
-
- Authenticator authenticator = KerberosDecoder.decodeAuthenticator( authenticatorData );
+ byte[] authenticatorData = lockBox.decrypt( ticket.getEncTicketPart().getKey(), authHeader.getAuthenticator(),
+ authenticatorKeyUsage );
+
+ Authenticator authenticator = KerberosDecoder.decodeAuthenticator( authenticatorData );
if ( !authenticator.getCName().getNameString().equals( ticket.getEncTicketPart().getCName().getNameString() ) )
{
@@ -1072,7 +1092,8 @@ public class TicketGrantingService
}
KerberosPrincipal serverPrincipal = KerberosUtils.getKerberosPrincipal( ticket.getSName(), ticket.getRealm() );
- KerberosPrincipal clientPrincipal = KerberosUtils.getKerberosPrincipal( authenticator.getCName(), authenticator.getCRealm() );
+ KerberosPrincipal clientPrincipal = KerberosUtils.getKerberosPrincipal( authenticator.getCName(),
+ authenticator.getCRealm() );
KerberosTime clientTime = authenticator.getCtime();
int clientMicroSeconds = authenticator.getCusec();
@@ -1082,7 +1103,7 @@ public class TicketGrantingService
{
throw new KerberosException( ErrorType.KRB_AP_ERR_REPEAT );
}
-
+
replayCache.save( serverPrincipal, clientPrincipal, clientTime, clientMicroSeconds );
}
@@ -1097,7 +1118,8 @@ public class TicketGrantingService
* current time by more than the allowable clock skew, or if the INVALID
* flag is set in the ticket, the KRB_AP_ERR_TKT_NYV error is returned."
*/
- KerberosTime startTime = ( ticket.getEncTicketPart().getStartTime() != null ) ? ticket.getEncTicketPart().getStartTime() : ticket.getEncTicketPart().getAuthTime();
+ KerberosTime startTime = ( ticket.getEncTicketPart().getStartTime() != null ) ? ticket.getEncTicketPart()
+ .getStartTime() : ticket.getEncTicketPart().getAuthTime();
KerberosTime now = new KerberosTime();
boolean isValidStartTime = startTime.lessThan( now );
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/package-info.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/package-info.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/package-info.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/package-info.java Tue Jan 24 16:15:05 2012
@@ -25,3 +25,5 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
+
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?rev=1235326&r1=1235325&r2=1235326&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Tue Jan 24 16:15:05 2012
@@ -64,7 +64,7 @@ public class KerberosProtocolHandler imp
private PrincipalStore store;
private static final String CONTEXT_KEY = "context";
-
+
/**
* Creates a new instance of KerberosProtocolHandler.
@@ -130,7 +130,7 @@ public class KerberosProtocolHandler imp
}
InetAddress clientAddress = ( ( InetSocketAddress ) session.getRemoteAddress() ).getAddress();
-
+
if ( !( message instanceof KdcReq ) )
{
log.error( I18n.err( I18n.ERR_152, ErrorType.KRB_AP_ERR_BADDIRECTION ) );
@@ -139,7 +139,7 @@ public class KerberosProtocolHandler imp
ErrorType.KRB_AP_ERR_BADDIRECTION ) ) );
return;
}
-
+
KdcReq request = ( KdcReq ) message;
KerberosMessageType messageType = request.getMessageType();
@@ -148,7 +148,7 @@ public class KerberosProtocolHandler imp
{
switch ( messageType )
{
- case AS_REQ :
+ case AS_REQ:
AuthenticationContext authContext = new AuthenticationContext();
authContext.setConfig( config );
authContext.setStore( store );