You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pl...@apache.org on 2016/05/13 07:45:03 UTC
directory-kerby git commit: DIRKRB-569 Add unit test of multiple KDCs
for a given realm in client.
Repository: directory-kerby
Updated Branches:
refs/heads/trunk 4bd0fb91f -> a41240706
DIRKRB-569 Add unit test of multiple KDCs for a given realm in client.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/a4124070
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/a4124070
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/a4124070
Branch: refs/heads/trunk
Commit: a412407061721d24db80c06546ceb9ccf18f9296
Parents: 4bd0fb9
Author: plusplusjiajia <ji...@intel.com>
Authored: Fri May 13 15:50:13 2016 +0800
Committer: plusplusjiajia <ji...@intel.com>
Committed: Fri May 13 15:50:13 2016 +0800
----------------------------------------------------------------------
.../kerby/kerberos/kdc/MultiKdcsTest.java | 50 ++++++++++++++++++++
kerby-kdc-test/src/test/resources/kdc.conf | 29 ++++++++++++
.../src/test/resources/krb5-multikdc.conf | 29 ++++++++++++
.../kerby/kerberos/kerb/client/KrbHandler.java | 2 +-
.../client/impl/DefaultInternalKrbClient.java | 4 +-
.../kerberos/kerb/transport/KrbNetwork.java | 18 +++++--
.../kerby/kerberos/kerb/server/KdcTestBase.java | 4 ++
.../kerberos/kerb/server/TestKdcServer.java | 13 ++++-
.../kerberos/kerb/server/SimpleKdcServer.java | 10 ++++
9 files changed, 152 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/MultiKdcsTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/MultiKdcsTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/MultiKdcsTest.java
new file mode 100644
index 0000000..6a61e49
--- /dev/null
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/MultiKdcsTest.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.kerberos.kerb.client.KrbConfig;
+import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
+import org.apache.kerby.kerberos.kerb.server.TestKdcServer;
+import org.junit.Test;
+
+import java.io.File;
+import java.net.URL;
+
+public class MultiKdcsTest extends KerbyKdcTest {
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+
+ URL krb5FileUrl = this.getClass().getResource("/krb5-multikdc.conf");
+ File krb5File = new File(krb5FileUrl.toURI());
+ KrbConfig krbConfig = new KrbConfig();
+ krbConfig.addKrb5Config(krb5File);
+ SimpleKdcServer kdcServer = new TestKdcServer(krb5File.getParentFile(), krbConfig);
+ setKdcServer(kdcServer);
+ configKdcSeverAndClient();
+ prepareKdc();
+ kdcServer.start();
+ }
+
+ @Test
+ public void testKdc() throws Exception {
+ performKdcTest();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kdc-test/src/test/resources/kdc.conf
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/resources/kdc.conf b/kerby-kdc-test/src/test/resources/kdc.conf
new file mode 100644
index 0000000..cde6b0d
--- /dev/null
+++ b/kerby-kdc-test/src/test/resources/kdc.conf
@@ -0,0 +1,29 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[kdcdefaults]
+ kdc_host = localhost
+ kdc_udp_port = 8801
+ kdc_tcp_port = 8801
+ kdc_realm = TEST.COM
+ restrict_anonymous_to_tgt = true
+ kdc_max_dgram_reply_size = 4096
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kdc-test/src/test/resources/krb5-multikdc.conf
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/resources/krb5-multikdc.conf b/kerby-kdc-test/src/test/resources/krb5-multikdc.conf
new file mode 100644
index 0000000..d5c30c0
--- /dev/null
+++ b/kerby-kdc-test/src/test/resources/krb5-multikdc.conf
@@ -0,0 +1,29 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = TEST.COM
+ kdc_host = localhost
+ kdc_realm = TEST.COM
+ kdc_tcp_port = 88
+ kdc_udp_port = 88
+
+[realms]
+ TEST.COM = {
+ kdc = localhost:8801
+ admin_server = kerberos.gnu.org
+ }
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
index 1ec4e4d..32fad41 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
@@ -67,7 +67,7 @@ public abstract class KrbHandler {
* @throws KrbException e
*/
public void handleRequest(KdcRequest kdcRequest, boolean tryNextKdc) throws KrbException {
- if (!tryNextKdc) {
+ if (!tryNextKdc || kdcRequest.getKdcReq() == null) {
kdcRequest.process();
}
KdcReq kdcReq = kdcRequest.getKdcReq();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
index 06c6a7f..2c83e2f 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
@@ -90,7 +90,9 @@ public class DefaultInternalKrbClient extends AbstractInternalKrbClient {
throw new KrbException("Failed to create transport", first);
}
} finally {
- transport.release();
+ if (transport != null) {
+ transport.release();
+ }
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/transport/KrbNetwork.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/transport/KrbNetwork.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/transport/KrbNetwork.java
index 62e0a43..4ff8e84 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/transport/KrbNetwork.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/transport/KrbNetwork.java
@@ -41,13 +41,25 @@ public class KrbNetwork {
if (tpair.tcpAddress != null) {
try {
transport = tcpConnect();
- } catch (IOException e) {
+ } catch (IOException e1) {
if (tpair.udpAddress != null) {
- transport = new KrbUdpTransport(tpair.udpAddress);
+ try {
+ transport = new KrbUdpTransport(tpair.udpAddress);
+ } catch (Exception e2) {
+ transport = null;
+ }
}
+ } catch (Exception e) {
+ e.printStackTrace();
}
} else {
- transport = new KrbUdpTransport(tpair.udpAddress);
+ if (tpair.udpAddress != null) {
+ try {
+ transport = new KrbUdpTransport(tpair.udpAddress);
+ } catch (Exception e3) {
+ transport = null;
+ }
+ }
}
if (transport == null) {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
index 8bc4205..9e8424f 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
@@ -69,6 +69,10 @@ public abstract class KdcTestBase {
return kdcServer;
}
+ protected void setKdcServer(SimpleKdcServer kdcServer) {
+ this.kdcServer = kdcServer;
+ }
+
protected KrbClient getKrbClient() {
return kdcServer.getKrbClient();
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
index 76f9bc1..955f966 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
@@ -25,13 +25,14 @@ import org.apache.kerby.kerberos.kerb.client.KrbConfig;
import org.apache.kerby.kerberos.kerb.client.KrbConfigKey;
import org.apache.kerby.util.NetworkUtil;
+import java.io.File;
+
public class TestKdcServer extends SimpleKdcServer {
public static final String KDC_REALM = "TEST.COM";
public static final String HOSTNAME = "localhost";
public TestKdcServer(boolean allowTcp, boolean allowUdp) throws KrbException {
super();
-
setKdcRealm(KDC_REALM);
setKdcHost(HOSTNAME);
setAllowTcp(allowTcp);
@@ -43,11 +44,19 @@ public class TestKdcServer extends SimpleKdcServer {
if (allowUdp) {
setKdcUdpPort(NetworkUtil.getServerPort());
}
+ setClient();
+ }
+
+ public TestKdcServer(File confDir, KrbConfig krbConfig) throws KrbException {
+ super(confDir, krbConfig);
+ setClient();
+ }
+ private void setClient() {
KrbClient krbClnt = getKrbClient();
KrbConfig krbConfig = krbClnt.getKrbConfig();
krbConfig.setString(KrbConfigKey.PERMITTED_ENCTYPES,
- "aes128-cts-hmac-sha1-96 des-cbc-crc des-cbc-md5 des3-cbc-sha1");
+ "aes128-cts-hmac-sha1-96 des-cbc-crc des-cbc-md5 des3-cbc-sha1");
krbClnt.setTimeout(10 * 1000);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a4124070/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
index 74e4ec9..c342d8b 100644
--- a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
@@ -59,6 +59,16 @@ public class SimpleKdcServer extends KdcServer {
setKdcPort(NetworkUtil.getServerPort());
}
+ public SimpleKdcServer(KrbConfig krbConfig) {
+ super();
+ this.krbClnt = new KrbClient(krbConfig);
+ }
+
+ public SimpleKdcServer(File confDir, KrbConfig krbConfig) throws KrbException {
+ super(confDir);
+ this.krbClnt = new KrbClient(krbConfig);
+ }
+
public void setWorkDir(File workDir) {
this.workDir = workDir;
}