You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by mj...@apache.org on 2017/10/27 17:51:43 UTC
[05/25] incubator-guacamole-client git commit: GUACAMOLE-362: Deal
gracefully with situations where password cannot be decrypted.
GUACAMOLE-362: Deal gracefully with situations where password cannot be decrypted.
Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/ed4c025a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/ed4c025a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/ed4c025a
Branch: refs/heads/master
Commit: ed4c025a2e642899427a1866a418d119ebff3bf8
Parents: 36489ff
Author: Nick Couchman <vn...@apache.org>
Authored: Sun Aug 27 20:55:27 2017 -0400
Committer: Nick Couchman <ni...@yahoo.com>
Committed: Fri Oct 27 13:05:12 2017 -0400
----------------------------------------------------------------------
.../auth/cas/AuthenticationProviderService.java | 16 ++++++++++++----
.../properties/CipherGuacamoleProperty.java | 3 +++
2 files changed, 15 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ed4c025a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
index b7ebdf7..da32f72 100644
--- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
@@ -173,10 +173,15 @@ public class AuthenticationProviderService {
final Cipher cipher = confService.getClearpassCipher();
- // Decrypt and return a new string.
- final byte[] pass64 = DatatypeConverter.parseBase64Binary(encryptedPassword);
- final byte[] cipherData = cipher.doFinal(pass64);
- return new String(cipherData);
+ if (cipher != null) {
+
+ // Decode and decrypt, and return a new string.
+ final byte[] pass64 = DatatypeConverter.parseBase64Binary(encryptedPassword);
+ final byte[] cipherData = cipher.doFinal(pass64);
+ return new String(cipherData);
+
+ }
+
}
catch (Throwable t) {
logger.error("Failed to decrypt the data, password token will not be available.");
@@ -184,6 +189,9 @@ public class AuthenticationProviderService {
return null;
}
+ logger.warn("Encrypted password provided by CAS, but no Private Key was available to decrypt it.");
+ return null;
+
}
}
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ed4c025a/guacamole-ext/src/main/java/org/apache/guacamole/properties/CipherGuacamoleProperty.java
----------------------------------------------------------------------
diff --git a/guacamole-ext/src/main/java/org/apache/guacamole/properties/CipherGuacamoleProperty.java b/guacamole-ext/src/main/java/org/apache/guacamole/properties/CipherGuacamoleProperty.java
index e2f95ec..d4d763f 100644
--- a/guacamole-ext/src/main/java/org/apache/guacamole/properties/CipherGuacamoleProperty.java
+++ b/guacamole-ext/src/main/java/org/apache/guacamole/properties/CipherGuacamoleProperty.java
@@ -47,6 +47,9 @@ public abstract class CipherGuacamoleProperty implements GuacamoleProperty<Ciphe
@Override
public Cipher parseValue(String value) throws GuacamoleException {
+ if (value == null || value.isEmpty())
+ return null;
+
try {
final Environment environment = new LocalEnvironment();