directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r535676 - /directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
Date Sun, 06 May 2007 23:18:56 GMT
Author: erodriguez
Date: Sun May  6 16:18:55 2007
New Revision: 535676

URL: http://svn.apache.org/viewvc?view=rev&rev=535676
Log:
Updated auth header verification to work with "key usage."

Modified:
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java?view=diff&rev=535676&r1=535675&r2=535676
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
Sun May  6 16:18:55 2007
@@ -23,6 +23,7 @@
 import java.net.InetAddress;
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
 import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
 import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
@@ -49,6 +50,7 @@
 {
     private String contextKey = "context";
 
+
     // RFC 1510 A.10.  KRB_AP_REQ verification
     public Authenticator verifyAuthHeader( ApplicationRequest authHeader, Ticket ticket,
EncryptionKey serverKey,
         long clockSkew, ReplayCache replayCache, boolean emptyAddressesAllowed, InetAddress
clientAddress,
@@ -91,11 +93,12 @@
             throw new KerberosException( ErrorType.KRB_AP_ERR_NOKEY );
         }
 
-        EncTicketPart encPart = ( EncTicketPart ) lockBox.unseal( EncTicketPart.class, ticketKey,
ticket.getEncPart() );
+        EncTicketPart encPart = ( EncTicketPart ) lockBox.unseal( EncTicketPart.class, ticketKey,
ticket.getEncPart(),
+            KeyUsage.NUMBER2 );
         ticket.setEncTicketPart( encPart );
 
         Authenticator authenticator = ( Authenticator ) lockBox.unseal( Authenticator.class,
ticket.getSessionKey(),
-            authHeader.getEncPart() );
+            authHeader.getEncPart(), KeyUsage.NUMBER11 );
 
         if ( !authenticator.getClientPrincipal().getName().equals( ticket.getClientPrincipal().getName()
) )
         {



Mime
View raw message