You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/12/18 05:15:48 UTC
svn commit: r605078 - in
/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos:
GetServiceTicket.java GetTicketGrantingTicket.java KdcControls.java
Author: erodriguez
Date: Mon Dec 17 20:15:47 2007
New Revision: 605078
URL: http://svn.apache.org/viewvc?rev=605078&view=rev
Log:
Updated kerberos-client to compile against apacheds trunk, now that first round of 'bigbang' changes have been merged.
Modified:
directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java
directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java
directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/KdcControls.java
Modified: directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java?rev=605078&r1=605077&r2=605078&view=diff
==============================================================================
--- directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java (original)
+++ directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java Mon Dec 17 20:15:47 2007
@@ -24,12 +24,14 @@
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.SecureRandom;
+import java.util.Collections;
import java.util.Date;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
import org.apache.directory.client.kerberos.protocol.KerberosClientHandler;
+import org.apache.directory.server.kerberos.shared.KerberosMessageType;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
@@ -44,7 +46,6 @@
import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
import org.apache.directory.server.kerberos.shared.messages.KdcReply;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
-import org.apache.directory.server.kerberos.shared.messages.MessageType;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.AuthenticatorModifier;
import org.apache.directory.server.kerberos.shared.messages.components.EncKdcRepPart;
@@ -55,13 +56,12 @@
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationDataModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationDataType;
+import org.apache.directory.server.kerberos.shared.messages.value.PaData;
import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
import org.apache.directory.server.kerberos.shared.messages.value.RequestBody;
import org.apache.directory.server.kerberos.shared.messages.value.RequestBodyModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType;
import org.apache.mina.common.ConnectFuture;
import org.apache.mina.common.IoConnector;
import org.apache.mina.common.IoSession;
@@ -224,11 +224,11 @@
TicketFlags ticketFlags = repPart.getFlags();
- boolean[] flags = new boolean[TicketFlags.MAX_VALUE];
+ boolean[] flags = new boolean[TicketFlags.MAX_SIZE];
- for ( int i = 0; i < TicketFlags.MAX_VALUE; i++ )
+ for ( int i = 0; i < TicketFlags.MAX_SIZE; i++ )
{
- flags[i] = ticketFlags.get( i );
+ flags[i] = ticketFlags.getBit( i );
}
InetAddress[] clientAddresses = null;
@@ -311,10 +311,7 @@
modifier.setNonce( random.nextInt() );
- EncryptionType[] encryptionTypes = new EncryptionType[1];
- encryptionTypes[0] = EncryptionType.DES_CBC_MD5;
-
- modifier.setEType( encryptionTypes );
+ modifier.setEType( Collections.singleton( EncryptionType.DES_CBC_MD5 ) );
/*
if ( user supplied addresses )
@@ -335,7 +332,7 @@
RequestBody requestBody = modifier.getRequestBody();
int pvno = 5;
- MessageType messageType = MessageType.KRB_TGS_REQ;
+ KerberosMessageType messageType = KerberosMessageType.TGS_REQ;
KdcRequestEncoder bodyEncoder = new KdcRequestEncoder();
byte[] bodyBytes = bodyEncoder.encodeRequestBody( requestBody );
@@ -343,11 +340,6 @@
ChecksumHandler checksumHandler = new ChecksumHandler();
Checksum checksum = checksumHandler.calculateChecksum( ChecksumType.RSA_MD5, bodyBytes, null, KeyUsage.NUMBER8 );
- PreAuthenticationData[] paData = new PreAuthenticationData[1];
-
- PreAuthenticationDataModifier preAuth = new PreAuthenticationDataModifier();
- preAuth.setDataType( PreAuthenticationDataType.PA_TGS_REQ );
-
// Generate a new sequence number.
sequenceNumber = random.nextInt();
@@ -358,7 +350,7 @@
// Make new ap req, aka the "auth header."
ApplicationRequest applicationRequest = new ApplicationRequest();
- applicationRequest.setMessageType( MessageType.KRB_AP_REQ );
+ applicationRequest.setMessageType( KerberosMessageType.AP_REQ );
applicationRequest.setProtocolVersionNumber( 5 );
applicationRequest.setApOptions( new ApOptions() );
applicationRequest.setTicket( convertedTicket );
@@ -367,9 +359,11 @@
ApplicationRequestEncoder encoder = new ApplicationRequestEncoder();
byte[] encodedApReq = encoder.encode( applicationRequest );
- preAuth.setDataValue( encodedApReq );
+ PaData[] paData = new PaData[1];
- paData[0] = preAuth.getPreAuthenticationData();
+ paData[0] = new PaData();
+ paData[0].setPaDataType( PaDataType.PA_TGS_REQ );
+ paData[0].setPaDataValue( encodedApReq );
return new KdcRequest( pvno, messageType, paData, requestBody );
}
@@ -400,7 +394,7 @@
Authenticator authenticator = authenticatorModifier.getAuthenticator();
- EncryptedData encryptedAuthenticator = cipherTextHandler.seal( sessionKey, authenticator, KeyUsage.NUMBER11 );
+ EncryptedData encryptedAuthenticator = cipherTextHandler.seal( sessionKey, authenticator, KeyUsage.NUMBER7 );
return encryptedAuthenticator;
}
Modified: directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java?rev=605078&r1=605077&r2=605078&view=diff
==============================================================================
--- directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java (original)
+++ directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java Mon Dec 17 20:15:47 2007
@@ -24,6 +24,8 @@
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.SecureRandom;
+import java.text.ParseException;
+import java.util.Collections;
import java.util.Date;
import javax.security.auth.kerberos.KerberosKey;
@@ -31,6 +33,7 @@
import javax.security.auth.kerberos.KerberosTicket;
import org.apache.directory.client.kerberos.protocol.KerberosClientHandler;
+import org.apache.directory.server.kerberos.shared.KerberosMessageType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
@@ -40,7 +43,6 @@
import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
import org.apache.directory.server.kerberos.shared.messages.KdcReply;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
-import org.apache.directory.server.kerberos.shared.messages.MessageType;
import org.apache.directory.server.kerberos.shared.messages.components.EncKdcRepPart;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
@@ -48,13 +50,12 @@
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationDataModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationDataType;
+import org.apache.directory.server.kerberos.shared.messages.value.PaData;
import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
import org.apache.directory.server.kerberos.shared.messages.value.RequestBody;
import org.apache.directory.server.kerberos.shared.messages.value.RequestBodyModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType;
import org.apache.mina.common.ConnectFuture;
import org.apache.mina.common.IoConnector;
import org.apache.mina.common.IoSession;
@@ -213,11 +214,11 @@
TicketFlags ticketFlags = repPart.getFlags();
- boolean[] flags = new boolean[TicketFlags.MAX_VALUE];
+ boolean[] flags = new boolean[TicketFlags.MAX_SIZE];
- for ( int i = 0; i < TicketFlags.MAX_VALUE; i++ )
+ for ( int i = 0; i < TicketFlags.MAX_SIZE; i++ )
{
- flags[i] = ticketFlags.get( i );
+ flags[i] = ticketFlags.getBit( i );
}
InetAddress[] clientAddresses = null;
@@ -233,7 +234,7 @@
* Based on RFC 1510, A.1. KRB_AS_REQ generation
*/
private KdcRequest getKdcRequest( KerberosPrincipal clientPrincipal, String password, KdcControls controls )
- throws IOException
+ throws IOException, ParseException
{
RequestBodyModifier modifier = new RequestBodyModifier();
@@ -241,7 +242,7 @@
KerberosKey kerberosKey = new KerberosKey( clientPrincipal, password.toCharArray(), "DES" );
clientKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, kerberosKey.getEncoded() );
- PreAuthenticationData[] paData = new PreAuthenticationData[1];
+ PaData[] paData = new PaData[1];
if ( controls.isUsePaEncTimestamp() )
{
@@ -263,11 +264,9 @@
byte[] encodedEncryptedData = EncryptedDataEncoder.encode( encryptedData );
- PreAuthenticationDataModifier preAuth = new PreAuthenticationDataModifier();
- preAuth.setDataType( PreAuthenticationDataType.PA_ENC_TIMESTAMP );
- preAuth.setDataValue( encodedEncryptedData );
-
- paData[0] = preAuth.getPreAuthenticationData();
+ paData[0] = new PaData();
+ paData[0].setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
+ paData[0].setPaDataValue( encodedEncryptedData );
}
PrincipalName clientName = new PrincipalName( clientPrincipal.getName(), clientPrincipal.getNameType() );
@@ -319,10 +318,7 @@
modifier.setNonce( random.nextInt() );
- EncryptionType[] encryptionTypes = new EncryptionType[1];
- encryptionTypes[0] = EncryptionType.DES_CBC_MD5;
-
- modifier.setEType( encryptionTypes );
+ modifier.setEType( Collections.singleton( EncryptionType.DES_CBC_MD5 ) );
/*
if ( user supplied addresses )
@@ -338,7 +334,7 @@
RequestBody requestBody = modifier.getRequestBody();
int pvno = 5;
- MessageType messageType = MessageType.KRB_AS_REQ;
+ KerberosMessageType messageType = KerberosMessageType.AS_REQ;
return new KdcRequest( pvno, messageType, paData, requestBody );
}
Modified: directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/KdcControls.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/KdcControls.java?rev=605078&r1=605077&r2=605078&view=diff
==============================================================================
--- directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/KdcControls.java (original)
+++ directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/KdcControls.java Mon Dec 17 20:15:47 2007
@@ -21,9 +21,10 @@
import java.net.InetAddress;
-import java.util.ArrayList;
import java.util.Date;
-import java.util.List;
+import java.util.HashSet;
+import java.util.LinkedHashSet;
+import java.util.Set;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
@@ -68,10 +69,10 @@
private boolean isForwarded = false;
/** The encryption types. */
- private List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
+ private Set<EncryptionType> encryptionTypes = new LinkedHashSet<EncryptionType>();
/** The client addresses. */
- private List<InetAddress> clientAddresses = new ArrayList<InetAddress>();
+ private Set<InetAddress> clientAddresses = new HashSet<InetAddress>();
/** The UDP preference limit. */
private int udpPreferenceLimit = 1500;
@@ -324,7 +325,7 @@
*
* @return The encryption types.
*/
- public List<EncryptionType> getEncryptionTypes()
+ public Set<EncryptionType> getEncryptionTypes()
{
return encryptionTypes;
}
@@ -333,7 +334,7 @@
/**
* @param encryptionTypes The encryption types to set.
*/
- public void setEncryptionTypes( List<EncryptionType> encryptionTypes )
+ public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
{
this.encryptionTypes = encryptionTypes;
}
@@ -344,7 +345,7 @@
*
* @return The client addresses.
*/
- public List<InetAddress> getClientAddresses()
+ public Set<InetAddress> getClientAddresses()
{
return clientAddresses;
}
@@ -355,7 +356,7 @@
*
* @param clientAddresses
*/
- public void setClientAddresses( List<InetAddress> clientAddresses )
+ public void setClientAddresses( Set<InetAddress> clientAddresses )
{
this.clientAddresses = clientAddresses;
}