directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r558305 - /directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
Date Sat, 21 Jul 2007 11:28:21 GMT
Author: erodriguez
Date: Sat Jul 21 04:28:20 2007
New Revision: 558305

URL: http://svn.apache.org/viewvc?view=rev&rev=558305
Log:
Enabled body checksum to be disabled by configuration, in TGS.

Modified:
    directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java

Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?view=diff&rev=558305&r1=558304&r2=558305
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
(original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
Sat Jul 21 04:28:20 2007
@@ -20,6 +20,7 @@
 package org.apache.directory.server.kerberos.kdc.ticketgrant;
 
 
+import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
 import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
@@ -47,18 +48,23 @@
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
         TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute(
getContextKey() );
-        byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
-        Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+        KdcConfiguration config = tgsContext.getConfig();
 
-        if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() ==
null
-            || authenticatorChecksum.getChecksumValue() == null )
+        if ( config.isBodyChecksumVerified() )
         {
-            throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
-        }
+            byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
+            Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+
+            if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType()
== null
+                || authenticatorChecksum.getChecksumValue() == null || bodyBytes == null
)
+            {
+                throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+            }
 
-        log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType()
);
+            log.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType()
);
 
-        checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8
);
+            checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8
);
+        }
 
         next.execute( session, message );
     }



Mime
View raw message