You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/07/21 13:28:21 UTC
svn commit: r558305 -
/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
Author: erodriguez
Date: Sat Jul 21 04:28:20 2007
New Revision: 558305
URL: http://svn.apache.org/viewvc?view=rev&rev=558305
Log:
Enabled body checksum to be disabled by configuration, in TGS.
Modified:
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?view=diff&rev=558305&r1=558304&r2=558305
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java Sat Jul 21 04:28:20 2007
@@ -20,6 +20,7 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
@@ -47,18 +48,23 @@
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
- byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
- Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+ KdcConfiguration config = tgsContext.getConfig();
- if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() == null
- || authenticatorChecksum.getChecksumValue() == null )
+ if ( config.isBodyChecksumVerified() )
{
- throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
- }
+ byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
+ Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+
+ if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() == null
+ || authenticatorChecksum.getChecksumValue() == null || bodyBytes == null )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+ }
- log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType() );
+ log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType() );
- checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
+ checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
+ }
next.execute( session, message );
}