directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r549368 - in /directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password: ./ cli/ protocol/
Date Thu, 21 Jun 2007 04:59:23 GMT
Author: erodriguez
Date: Wed Jun 20 21:59:22 2007
New Revision: 549368

URL: http://svn.apache.org/viewvc?view=rev&rev=549368
Log:
More enhancements to Change Password client component:
o  Much better error handling.
o  Completed minimum protocol support to successfully change a password.
o  Added demonstration Main class.

Added:
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java
  (with props)
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java
  (with props)
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java
  (with props)
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java
  (with props)
Removed:
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/cli/
Modified:
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/ChangePassword.java
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientHandler.java
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientTcpDecoder.java
    directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientUdpDecoder.java

Modified: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/ChangePassword.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/ChangePassword.java?view=diff&rev=549368&r1=549367&r2=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/ChangePassword.java
(original)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/ChangePassword.java
Wed Jun 20 21:59:22 2007
@@ -28,8 +28,10 @@
 import java.util.Arrays;
 
 import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.security.auth.kerberos.KerberosTicket;
 
 import org.apache.directory.client.password.protocol.PasswordClientHandler;
+import org.apache.directory.server.changepw.messages.ChangePasswordError;
 import org.apache.directory.server.changepw.messages.ChangePasswordReply;
 import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
 import org.apache.directory.server.changepw.messages.ChangePasswordRequestModifier;
@@ -38,7 +40,9 @@
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
 import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.io.decoder.TicketDecoder;
 import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
+import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
 import org.apache.directory.server.kerberos.shared.messages.MessageType;
 import org.apache.directory.server.kerberos.shared.messages.application.ApplicationReply;
 import org.apache.directory.server.kerberos.shared.messages.application.PrivateMessage;
@@ -53,7 +57,6 @@
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.messages.value.HostAddress;
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.store.TicketFactory;
 import org.apache.mina.common.ConnectFuture;
 import org.apache.mina.common.IoConnector;
 import org.apache.mina.common.IoSession;
@@ -64,7 +67,7 @@
 
 
 /**
- * A command-line client for changing passwords.
+ * A command object for changing the password of a target principal.
  * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
@@ -75,53 +78,56 @@
 
     private static final SecureRandom random = new SecureRandom();
 
+    private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
+
+    /** The Change Password SUCCESS result code. */
     private static final byte[] SUCCESS = new byte[]
         { ( byte ) 0x00, ( byte ) 0x00 };
 
     /** The remote Change Password server name. */
-    private String hostname = "localhost";
-
-    /** The remote ChangePassword port number. */
-    private static final int REMOTE_PORT = 464;
+    private String hostname;
 
-    private CipherTextHandler cipherTextHandler = new CipherTextHandler();
+    /** The remote Change Password server port. */
+    private int port;
 
-    private TicketFactory ticketFactory = new TicketFactory();
+    /** The Change Password transport. */
+    private String transport;
 
     private EncryptionKey sessionKey;
     private EncryptionKey subSessionKey;
     private int sequenceNumber;
     private KerberosTime now;
 
-    // TODO - parameterize
-    KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-    KerberosPrincipal serverPrincipal = new KerberosPrincipal( "kadmin/changepw@EXAMPLE.COM"
);
-    String newPassword = "cabletr0N";
-    String serverPassword = "s3crEt";
-    String transport = "UDP";
-
 
     /**
-     * Change a password.
-     * 
-     * @param args
-     * @throws Exception
+     * Creates a new instance of ChangePassword.
+     *
+     * @param hostname
+     * @param port 
+     * @param transport
      */
-    public static void main( String[] args ) throws Exception
+    public ChangePassword( String hostname, int port, String transport )
     {
-        new ChangePassword().go();
+        this.hostname = hostname;
+        this.port = port;
+        this.transport = transport;
     }
 
 
     /**
-     * Make the request to change a password.
+     * Execute the request to change a password.
+     * 
+     * @param targetPrincipal 
+     * @param newPassword 
+     * @param serviceTicket 
+     * @throws PasswordConnectionException 
      */
-    public void go()
+    public void execute( KerberosPrincipal targetPrincipal, String newPassword, KerberosTicket
serviceTicket )
+        throws PasswordConnectionException
     {
         IoConnector connector = getConnector( transport );
 
-        ConnectFuture future = connector.connect( new InetSocketAddress( hostname, REMOTE_PORT
),
-            new PasswordClientHandler() );
+        ConnectFuture future = connector.connect( new InetSocketAddress( hostname, port ),
new PasswordClientHandler() );
 
         future.join();
 
@@ -129,7 +135,7 @@
 
         try
         {
-            ChangePasswordRequest request = getChangePasswordRequest();
+            ChangePasswordRequest request = getChangePasswordRequest( targetPrincipal, newPassword,
serviceTicket );
             session.write( request );
         }
         catch ( Exception e )
@@ -139,37 +145,34 @@
 
         session.getCloseFuture().join();
 
-        ChangePasswordReply reply = ( ChangePasswordReply ) session.getAttribute( "reply"
);
+        Object message = session.getAttribute( "reply" );
 
-        if ( reply != null )
+        if ( message instanceof ChangePasswordReply )
         {
+            ChangePasswordReply reply = ( ChangePasswordReply ) message;
             processChangePasswordReply( reply );
         }
         else
         {
-            log.error( "Reply was null." );
+            if ( message instanceof ChangePasswordError )
+            {
+                ChangePasswordError error = ( ChangePasswordError ) message;
+                processError( error.getErrorMessage() );
+            }
         }
     }
 
 
-    private IoConnector getConnector( String transport )
+    private void processError( ErrorMessage error ) throws PasswordConnectionException
     {
-        IoConnector connector;
+        int errorCode = error.getErrorCode();
+        String errorText = error.getExplanatoryText();
 
-        if ( transport.equals( "UDP" ) )
-        {
-            connector = new DatagramConnector();
-        }
-        else
-        {
-            connector = new SocketConnector();
-        }
-
-        return connector;
+        throw new PasswordConnectionException( errorText + " (" + errorCode + ")" );
     }
 
 
-    private void processChangePasswordReply( ChangePasswordReply reply )
+    private void processChangePasswordReply( ChangePasswordReply reply ) throws PasswordConnectionException
     {
         PrivateMessage privateMessage = reply.getPrivateMessage();
 
@@ -210,6 +213,10 @@
         {
             log.info( "Password change returned SUCCESS (0x00 0x00)." );
         }
+        else
+        {
+            throw new PasswordConnectionException( "Password change failed." );
+        }
 
         // Verify client time.
         String replyTime = repPart.getClientTime().toString();
@@ -217,6 +224,7 @@
         if ( !replyTime.equals( sentTime ) )
         {
             log.debug( "Mismatched client time (Expected {}, get {}).", sentTime, replyTime
);
+            throw new PasswordConnectionException( "Mismatched client time." );
         }
 
         // Verify sequence number.
@@ -224,6 +232,7 @@
         if ( expectedSequence != sequenceNumber )
         {
             log.error( "Mismatched sequence number (Expected {}, got {}).", sequenceNumber,
expectedSequence );
+            throw new PasswordConnectionException( "Mismatched sequence number." );
         }
     }
 
@@ -231,20 +240,20 @@
     /**
      * Create a {@link ChangePasswordRequest}.
      */
-    private ChangePasswordRequest getChangePasswordRequest() throws Exception
+    private ChangePasswordRequest getChangePasswordRequest( KerberosPrincipal targetPrincipal,
String newPassword,
+        KerberosTicket serviceTicket ) throws Exception
     {
-        EncryptionKey serverKey = ticketFactory.getServerKey( serverPrincipal, serverPassword
);
-        Ticket serviceTicket = ticketFactory.getTicket( clientPrincipal, serverPrincipal,
serverKey );
-
         // Get the session key from the service ticket.
-        byte[] sessionKeyBytes = serviceTicket.getSessionKey().getKeyValue();
-        int keyType = serviceTicket.getSessionKey().getKeyType().getOrdinal();
+        byte[] sessionKeyBytes = serviceTicket.getSessionKey().getEncoded();
+        int keyType = serviceTicket.getSessionKeyType();
+
         sessionKey = new EncryptionKey( EncryptionType.getTypeByOrdinal( keyType ), sessionKeyBytes
);
 
         // Generate a new sub-session key.
         try
         {
-            subSessionKey = RandomKeyFactory.getRandomKey( EncryptionType.DES_CBC_MD5 );
+            EncryptionType encryptionType = EncryptionType.getTypeByOrdinal( keyType );
+            subSessionKey = RandomKeyFactory.getRandomKey( encryptionType );
         }
         catch ( KerberosException ke )
         {
@@ -252,21 +261,23 @@
         }
 
         // Generate a new sequence number.
-        sequenceNumber = random.nextInt();
+        sequenceNumber = random.nextInt( Integer.MAX_VALUE );
 
         now = new KerberosTime();
 
         // Build Change Password request.
         ChangePasswordRequestModifier modifier = new ChangePasswordRequestModifier();
 
-        EncryptedData authenticator = getAuthenticator( clientPrincipal );
+        EncryptedData authenticator = getAuthenticator( targetPrincipal );
+
+        Ticket convertedTicket = TicketDecoder.decode( serviceTicket.getEncoded() );
 
         // Make new ap req, aka the "auth header."
         ApplicationRequest applicationRequest = new ApplicationRequest();
         applicationRequest.setMessageType( MessageType.KRB_AP_REQ );
         applicationRequest.setProtocolVersionNumber( 5 );
         applicationRequest.setApOptions( new ApOptions() );
-        applicationRequest.setTicket( serviceTicket );
+        applicationRequest.setTicket( convertedTicket );
         applicationRequest.setEncPart( authenticator );
 
         // Get private message.
@@ -338,5 +349,22 @@
         EncryptedData encryptedAuthenticator = cipherTextHandler.seal( sessionKey, authenticator,
KeyUsage.NUMBER11 );
 
         return encryptedAuthenticator;
+    }
+
+
+    private IoConnector getConnector( String transport )
+    {
+        IoConnector connector;
+
+        if ( transport.equals( "UDP" ) )
+        {
+            connector = new DatagramConnector();
+        }
+        else
+        {
+            connector = new SocketConnector();
+        }
+
+        return connector;
     }
 }

Added: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java?view=auto&rev=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java
(added)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java
Wed Jun 20 21:59:22 2007
@@ -0,0 +1,75 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.client.password;
+
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.security.auth.kerberos.KerberosTicket;
+
+import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.store.TicketFactory;
+
+
+/**
+ * Main method class for executing a password change request.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class Main
+{
+    private static final TicketFactory ticketFactory = new TicketFactory();
+
+    private KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM"
);
+    private KerberosPrincipal serverPrincipal = new KerberosPrincipal( "kadmin/changepw@EXAMPLE.COM"
);
+    private String newPassword = "cabletr0N";
+    private String serverPassword = "s3crEt";
+
+    /** The remote Change Password server name. */
+    private String hostname = "localhost";
+
+    /** The remote Change Password server port. */
+    private int port = 464;
+
+
+    /**
+     * Change a password.
+     * 
+     * @param args
+     * @throws Exception
+     */
+    public static void main( String[] args ) throws Exception
+    {
+        new Main().go();
+    }
+
+
+    private void go() throws Exception
+    {
+        EncryptionKey serverKey = ticketFactory.getServerKey( serverPrincipal, serverPassword
);
+        Ticket serviceTicket = ticketFactory.getTicket( clientPrincipal, serverPrincipal,
serverKey );
+        KerberosTicket convertedTicket = ticketFactory.getKerberosTicket( serviceTicket );
+
+        PasswordConnection con = new PasswordConnection( hostname + ":" + port );
+        con.changePassword( clientPrincipal, newPassword, convertedTicket );
+        con.disconnect();
+    }
+}

Propchange: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/Main.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java?view=auto&rev=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java
(added)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java
Wed Jun 20 21:59:22 2007
@@ -0,0 +1,137 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.client.password;
+
+
+import java.util.Map;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.security.auth.kerberos.KerberosTicket;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * Connection to an RFC 3244 Set/Change Password server.  Connection users may change passwords
+ * or set keys for a target principal.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PasswordConnection
+{
+    /** The remote Change Password port number. */
+    private static final int REMOTE_PORT = 464;
+
+    /** The remote Change Password server name. */
+    private String hostname = "localhost";
+
+    /** The remote Change Password server port. */
+    private int port = REMOTE_PORT;
+
+    /** The Change Password transport. */
+    private String transport = "UDP";
+
+
+    /**
+     * Creates a new instance of PasswordConnection.
+     *
+     * @param hostname
+     */
+    public PasswordConnection( String hostname )
+    {
+        this( hostname, "UDP" );
+    }
+
+
+    /**
+     * Creates a new instance of PasswordConnection.
+     *
+     * @param hostname
+     * @param transport
+     */
+    public PasswordConnection( String hostname, String transport )
+    {
+        if ( hostname.contains( ":" ) )
+        {
+            String[] split = hostname.split( ":" );
+            this.hostname = split[0];
+            this.port = Integer.valueOf( split[1] );
+        }
+        else
+        {
+            this.hostname = hostname;
+        }
+
+        if ( !( transport.toLowerCase().equals( "tcp" ) || transport.toLowerCase().equals(
"udp" ) ) )
+        {
+            throw new IllegalArgumentException( "Transport must be UDP or TCP." );
+        }
+        else
+        {
+            this.transport = transport;
+        }
+    }
+
+
+    /**
+     * Change a password for a target principal using this password connection.
+     *
+     * @param targetPrincipal
+     * @param newPassword
+     * @param serviceTicket
+     * @throws PasswordConnectionException
+     */
+    public void changePassword( KerberosPrincipal targetPrincipal, String newPassword, KerberosTicket
serviceTicket )
+        throws PasswordConnectionException
+    {
+        ChangePassword command = new ChangePassword( hostname, port, transport );
+        command.execute( targetPrincipal, newPassword, serviceTicket );
+    }
+
+
+    /**
+     * Set keys for a target principal using this password connection.
+     *
+     * @param targetPrincipal
+     * @param keys
+     * @param serviceTicket
+     * @throws PasswordConnectionException
+     */
+    public void setKeys( KerberosPrincipal targetPrincipal, Map<EncryptionType, EncryptionKey>
keys,
+        KerberosTicket serviceTicket ) throws PasswordConnectionException
+    {
+        SetKeys command = new SetKeys( hostname, port, transport );
+        command.execute( targetPrincipal, keys, serviceTicket );
+
+        // export keys/set keys
+        // write keys to keytab
+    }
+
+
+    /**
+     * Disconnects the connection.
+     */
+    public void disconnect()
+    {
+        // Wouldn't do anything for UDP.
+    }
+}

Propchange: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnection.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java?view=auto&rev=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java
(added)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java
Wed Jun 20 21:59:22 2007
@@ -0,0 +1,64 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.client.password;
+
+
+/**
+ * The root of the {@link PasswordConnection} exception hierarchy.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PasswordConnectionException extends Exception
+{
+    /** 
+     * The class fingerprint that is set to indicate serialization
+     * compatibility with a previous version of the class.
+     */
+    private static final long serialVersionUID = -4411891009464954486L;
+
+
+    /**
+     * @param message
+     */
+    public PasswordConnectionException( String message )
+    {
+        super( message );
+    }
+
+
+    /**
+     * @param cause
+     */
+    public PasswordConnectionException( Throwable cause )
+    {
+        super( cause );
+    }
+
+
+    /**
+     * @param message
+     * @param cause
+     */
+    public PasswordConnectionException( String message, Throwable cause )
+    {
+        super( message, cause );
+    }
+}

Propchange: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/PasswordConnectionException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java?view=auto&rev=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java
(added)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java
Wed Jun 20 21:59:22 2007
@@ -0,0 +1,73 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.client.password;
+
+
+import java.util.Map;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.security.auth.kerberos.KerberosTicket;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * A command object for setting the keys of a target principal.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class SetKeys
+{
+    private static final Logger log = LoggerFactory.getLogger( SetKeys.class );
+
+    /** The remote Change Password server name. */
+    private String hostname;
+
+    /** The remote Change Password server port. */
+    private int port;
+
+    /** The Change Password transport. */
+    private String transport;
+
+
+    /**
+     * Creates a new instance of ChangePassword.
+     *
+     * @param hostname
+     * @param port 
+     * @param transport
+     */
+    public SetKeys( String hostname, int port, String transport )
+    {
+        this.hostname = hostname;
+        this.port = port;
+        this.transport = transport;
+    }
+
+
+    public void execute( KerberosPrincipal targetPrincipal, Map<EncryptionType, EncryptionKey>
keys,
+        KerberosTicket serviceTicket ) throws PasswordConnectionException
+    {
+    }
+}

Propchange: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/SetKeys.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientHandler.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientHandler.java?view=diff&rev=549368&r1=549367&r2=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientHandler.java
(original)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientHandler.java
Wed Jun 20 21:59:22 2007
@@ -20,8 +20,6 @@
 package org.apache.directory.client.password.protocol;
 
 
-import org.apache.directory.server.changepw.messages.ChangePasswordReply;
-import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
 import org.apache.mina.common.IoHandler;
 import org.apache.mina.common.IoHandlerAdapter;
 import org.apache.mina.common.IoSession;
@@ -64,19 +62,12 @@
 
     public void messageReceived( IoSession session, Object message )
     {
-        if ( message instanceof ChangePasswordReply )
-        {
-            ChangePasswordReply reply = ( ChangePasswordReply ) message;
-            session.setAttribute( "reply", reply );
-        }
-        else
+        if ( log.isDebugEnabled() )
         {
-            if ( message instanceof ErrorMessage )
-            {
-                ErrorMessage error = ( ErrorMessage ) message;
-                log.debug( error.getExplanatoryText() );
-            }
+            log.debug( session.getRemoteAddress() + " RCVD: " + message );
         }
+
+        session.setAttribute( "reply", message );
 
         session.close();
     }

Modified: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientTcpDecoder.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientTcpDecoder.java?view=diff&rev=549368&r1=549367&r2=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientTcpDecoder.java
(original)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientTcpDecoder.java
Wed Jun 20 21:59:22 2007
@@ -20,10 +20,8 @@
 package org.apache.directory.client.password.protocol;
 
 
-import java.util.Arrays;
-
+import org.apache.directory.server.changepw.io.ChangePasswordErrorDecoder;
 import org.apache.directory.server.changepw.io.ChangePasswordReplyDecoder;
-import org.apache.directory.server.kerberos.shared.io.decoder.ErrorMessageDecoder;
 import org.apache.mina.common.BufferDataException;
 import org.apache.mina.common.ByteBuffer;
 import org.apache.mina.common.IoSession;
@@ -40,11 +38,10 @@
  */
 public class PasswordClientTcpDecoder extends CumulativeProtocolDecoder
 {
-    private static final byte[] ERROR = new byte[]
-        { ( byte ) 0x7E, ( byte ) 0x78, ( byte ) 0x30, ( byte ) 0x76 };
+    private static final short ERROR = 0;
 
     private ChangePasswordReplyDecoder replyDecoder = new ChangePasswordReplyDecoder();
-    private ErrorMessageDecoder errorDecoder = new ErrorMessageDecoder();
+    private ChangePasswordErrorDecoder errorDecoder = new ChangePasswordErrorDecoder();
 
     private int maxObjectSize = 16384; // 16KB
 
@@ -92,11 +89,17 @@
 
         in.getInt();
 
-        byte[] header = new byte[4];
-        in.get( header );
+        // read message length
+        in.getShort();
+
+        // read version
+        in.getShort();
+
+        // read AP_REQ length
+        short header = in.getShort();
         in.rewind();
 
-        if ( Arrays.equals( ERROR, header ) )
+        if ( header == ERROR )
         {
             out.write( errorDecoder.decode( in.buf() ) );
         }

Modified: directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientUdpDecoder.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientUdpDecoder.java?view=diff&rev=549368&r1=549367&r2=549368
==============================================================================
--- directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientUdpDecoder.java
(original)
+++ directory/clients/trunk/kerberos/password/src/main/java/org/apache/directory/client/password/protocol/PasswordClientUdpDecoder.java
Wed Jun 20 21:59:22 2007
@@ -21,10 +21,9 @@
 
 
 import java.io.IOException;
-import java.util.Arrays;
 
+import org.apache.directory.server.changepw.io.ChangePasswordErrorDecoder;
 import org.apache.directory.server.changepw.io.ChangePasswordReplyDecoder;
-import org.apache.directory.server.kerberos.shared.io.decoder.ErrorMessageDecoder;
 import org.apache.mina.common.ByteBuffer;
 import org.apache.mina.common.IoSession;
 import org.apache.mina.filter.codec.ProtocolDecoderAdapter;
@@ -37,20 +36,25 @@
  */
 public class PasswordClientUdpDecoder extends ProtocolDecoderAdapter
 {
-    private static final byte[] ERROR = new byte[]
-        { ( byte ) 0x7E, ( byte ) 0x78, ( byte ) 0x30, ( byte ) 0x76 };
+    private static final short ERROR = 0;
 
     private ChangePasswordReplyDecoder replyDecoder = new ChangePasswordReplyDecoder();
-    private ErrorMessageDecoder errorDecoder = new ErrorMessageDecoder();
+    private ChangePasswordErrorDecoder errorDecoder = new ChangePasswordErrorDecoder();
 
 
     public void decode( IoSession session, ByteBuffer in, ProtocolDecoderOutput out ) throws
IOException
     {
-        byte[] header = new byte[4];
-        in.get( header );
+        // read message length
+        in.getShort();
+
+        // read version
+        in.getShort();
+
+        // read AP_REQ length
+        short header = in.getShort();
         in.rewind();
 
-        if ( Arrays.equals( ERROR, header ) )
+        if ( header == ERROR )
         {
             out.write( errorDecoder.decode( in.buf() ) );
         }



Mime
View raw message