You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/07/21 13:28:21 UTC

svn commit: r558305 - /directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java

Author: erodriguez
Date: Sat Jul 21 04:28:20 2007
New Revision: 558305

URL: http://svn.apache.org/viewvc?view=rev&rev=558305
Log:
Enabled body checksum to be disabled by configuration, in TGS.

Modified:
    directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java

Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?view=diff&rev=558305&r1=558304&r2=558305
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java Sat Jul 21 04:28:20 2007
@@ -20,6 +20,7 @@
 package org.apache.directory.server.kerberos.kdc.ticketgrant;
 
 
+import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
 import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
@@ -47,18 +48,23 @@
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
         TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
-        byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
-        Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+        KdcConfiguration config = tgsContext.getConfig();
 
-        if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() == null
-            || authenticatorChecksum.getChecksumValue() == null )
+        if ( config.isBodyChecksumVerified() )
         {
-            throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
-        }
+            byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
+            Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+
+            if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() == null
+                || authenticatorChecksum.getChecksumValue() == null || bodyBytes == null )
+            {
+                throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+            }
 
-        log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType() );
+            log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType() );
 
-        checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
+            checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
+        }
 
         next.execute( session, message );
     }