Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 10843 invoked from network); 14 Nov 2010 14:04:37 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 14 Nov 2010 14:04:37 -0000 Received: (qmail 90807 invoked by uid 500); 14 Nov 2010 14:05:08 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 90756 invoked by uid 500); 14 Nov 2010 14:05:08 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 90749 invoked by uid 99); 14 Nov 2010 14:05:07 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 14 Nov 2010 14:05:07 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 14 Nov 2010 14:05:04 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id DFC1323889E9; Sun, 14 Nov 2010 14:03:48 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1034997 - in /directory/apacheds/trunk/kerberos-codec/src: main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/ main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/ main/java/org/apache/directory/shared/kerb... Date: Sun, 14 Nov 2010 14:03:48 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101114140348.DFC1323889E9@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: elecharny Date: Sun Nov 14 14:03:48 2010 New Revision: 1034997 URL: http://svn.apache.org/viewvc?rev=1034997&view=rev Log: o Finished the KDC-REQ-BODY decoder o Added a first test for it, some other will be added Added: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/AddTicket.java Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/KdcReqBodyGrammar.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/ticket/actions/TicketEncPart.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/KdcReqBodyGrammar.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/KdcReqBodyGrammar.java?rev=1034997&r1=1034996&r2=1034997&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/KdcReqBodyGrammar.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/KdcReqBodyGrammar.java Sun Nov 14 14:03:48 2010 @@ -27,6 +27,7 @@ import org.apache.directory.shared.asn1. import org.apache.directory.shared.kerberos.KerberosConstants; import org.apache.directory.shared.kerberos.codec.actions.CheckNotNullLength; import org.apache.directory.shared.kerberos.codec.kdcReqBody.actions.AddEType; +import org.apache.directory.shared.kerberos.codec.kdcReqBody.actions.AddTicket; import org.apache.directory.shared.kerberos.codec.kdcReqBody.actions.ETypeSequence; import org.apache.directory.shared.kerberos.codec.kdcReqBody.actions.KdcReqBodyInit; import org.apache.directory.shared.kerberos.codec.kdcReqBody.actions.StoreAddresses; @@ -321,6 +322,16 @@ public final class KdcReqBodyGrammar ext KdcReqBodyStatesEnum.KDC_REQ_BODY_ETYPE_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ENC_AUTH_DATA_STATE, KerberosConstants.KDC_REQ_BODY_ENC_AUTHZ_DATA_TAG, new StoreEncAuthorizationData() ); + // -------------------------------------------------------------------------------------------- + // Transition from EType values to additionalTickets tag (addresses and enc-authorization data + // are empty) + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ETYPE_STATE.ordinal()][KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ETYPE_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG_STATE, KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG, + new CheckNotNullLength() ); @@ -333,11 +344,61 @@ public final class KdcReqBodyGrammar ext super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDRESSES_STATE.ordinal()][KerberosConstants.KDC_REQ_BODY_ENC_AUTHZ_DATA_TAG] = new GrammarTransition( KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDRESSES_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ENC_AUTH_DATA_STATE, KerberosConstants.KDC_REQ_BODY_ENC_AUTHZ_DATA_TAG, new StoreEncAuthorizationData() ); - } + // -------------------------------------------------------------------------------------------- + // Transition from addresses values to additional-tickets tag + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDRESSES_STATE.ordinal()][KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDRESSES_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG_STATE, KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG, + new CheckNotNullLength() ); + + + + // -------------------------------------------------------------------------------------------- + // Transition from encAuthorizationData to additional-tickets tag + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ENC_AUTH_DATA_STATE.ordinal()][KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ENC_AUTH_DATA_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG_STATE, KerberosConstants.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG, + new CheckNotNullLength() ); - // ~ Methods - // ------------------------------------------------------------------------------------ + + + // -------------------------------------------------------------------------------------------- + // Transition from additional-tickets tag to Ticket SEQUENCE + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] SEQUENCE OF + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG_STATE.ordinal()][UniversalTag.SEQUENCE.getValue()] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_TAG_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_SEQ_STATE, UniversalTag.SEQUENCE.getValue(), + new CheckNotNullLength() ); + + // -------------------------------------------------------------------------------------------- + // Transition from Ticket SEQUENCE to Ticket + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] SEQUENCE OF Ticket + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_SEQ_STATE.ordinal()][KerberosConstants.TICKET_TAG] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_SEQ_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_STATE, KerberosConstants.TICKET_TAG, + new AddTicket() ); + + // -------------------------------------------------------------------------------------------- + // Transition from Ticket to Ticket + // -------------------------------------------------------------------------------------------- + // KDC-REQ-BODY ::= SEQUENCE { + // ... + // additional-tickets [11] SEQUENCE OF Ticket + super.transitions[KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_STATE.ordinal()][KerberosConstants.TICKET_TAG] = new GrammarTransition( + KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_STATE, KdcReqBodyStatesEnum.KDC_REQ_BODY_ADDITIONAL_TICKETS_STATE, KerberosConstants.TICKET_TAG, + new AddTicket() ); + } /** * Get the instance of this grammar Added: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/AddTicket.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/AddTicket.java?rev=1034997&view=auto ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/AddTicket.java (added) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/kdcReqBody/actions/AddTicket.java Sun Nov 14 14:03:48 2010 @@ -0,0 +1,108 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.directory.shared.kerberos.codec.kdcReqBody.actions; + + +import org.apache.directory.shared.asn1.ber.Asn1Container; +import org.apache.directory.shared.asn1.ber.Asn1Decoder; +import org.apache.directory.shared.asn1.ber.grammar.GrammarAction; +import org.apache.directory.shared.asn1.ber.tlv.TLV; +import org.apache.directory.shared.asn1.codec.DecoderException; +import org.apache.directory.shared.i18n.I18n; +import org.apache.directory.shared.kerberos.codec.kdcReqBody.KdcReqBodyContainer; +import org.apache.directory.shared.kerberos.codec.ticket.TicketContainer; +import org.apache.directory.shared.kerberos.components.KdcReqBody; +import org.apache.directory.shared.kerberos.messages.Ticket; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The action used to add a Ticket + * + * @author Apache Directory Project + */ +public class AddTicket extends GrammarAction +{ + /** The logger */ + private static final Logger LOG = LoggerFactory.getLogger( AddTicket.class ); + + /** Speedup for logs */ + private static final boolean IS_DEBUG = LOG.isDebugEnabled(); + + /** + * Instantiates a new AddTicket action. + */ + public AddTicket() + { + super( "KDC-REQ-BODY Add Ticket" ); + } + + + /** + * {@inheritDoc} + */ + public void action( Asn1Container container ) throws DecoderException + { + KdcReqBodyContainer kdcReqBodyContainer = ( KdcReqBodyContainer ) container; + + TLV tlv = kdcReqBodyContainer.getCurrentTLV(); + + // The Length can't be null + if ( tlv.getLength() == 0 ) + { + LOG.error( I18n.err( I18n.ERR_04066 ) ); + + // This will generate a PROTOCOL_ERROR + throw new DecoderException( I18n.err( I18n.ERR_04067 ) ); + } + + // Now, let's decode the Ticket + Asn1Decoder ticketDecoder = new Asn1Decoder(); + + TicketContainer ticketContainer = new TicketContainer(); + ticketContainer.setStream( container.getStream() ); + + // Compute the start position in the stream for the HostAdress to decode : + // We have to move back to the HostAddress tag + int start = container.getStream().position() - 1 - tlv.getLengthNbBytes(); + container.getStream().position( start ); + + // Decode the Ticket PDU + try + { + ticketDecoder.decode( container.getStream(), ticketContainer ); + } + catch ( DecoderException de ) + { + throw de; + } + + // Update the parent + container.setParentTLV( tlv.getParent() ); + + // Store the Ticket in the container + Ticket ticket = ticketContainer.getTicket(); + KdcReqBody kdcReqBody = kdcReqBodyContainer.getKdcReqBody(); + kdcReqBody.addAdditionalTicket( ticket ); + + container.setGrammarEndAllowed( true ); + } +} Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/ticket/actions/TicketEncPart.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/ticket/actions/TicketEncPart.java?rev=1034997&r1=1034996&r2=1034997&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/ticket/actions/TicketEncPart.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/ticket/actions/TicketEncPart.java Sun Nov 14 14:03:48 2010 @@ -80,6 +80,7 @@ public class TicketEncPart extends Gramm Asn1Decoder encryptedDataDecoder = new Asn1Decoder(); EncryptedDataContainer encryptedDataContainer = new EncryptedDataContainer(); + encryptedDataContainer.setStream( container.getStream() ); // Decode the Ticket PDU try @@ -99,5 +100,11 @@ public class TicketEncPart extends Gramm { LOG.debug( "EncryptedData : " + encryptedData ); } + + // Update the TLV + tlv.setExpectedLength( tlv.getExpectedLength() - tlv.getLength() ); + //container.setParentTLV( tlv.getParent() ); + + container.setGrammarEndAllowed( true ); } } Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java?rev=1034997&r1=1034996&r2=1034997&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java Sun Nov 14 14:03:48 2010 @@ -463,8 +463,8 @@ public class KdcReqBody */ public int computeLength() { - // The KdcOptions length (we have to add the unusedBits byte - kdcOptionsLength = 1 + 1 + 1 + kdcOptions.getBytes().length; + // The KdcOptions length + kdcOptionsLength = 1 + 1 + kdcOptions.getBytes().length; // The cname length if ( cName != null ) Modified: directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java?rev=1034997&r1=1034996&r2=1034997&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java Sun Nov 14 14:03:48 2010 @@ -27,9 +27,12 @@ import java.nio.ByteBuffer; import org.apache.directory.junit.tools.Concurrent; import org.apache.directory.junit.tools.ConcurrentJunitRunner; +import org.apache.directory.shared.asn1.ber.Asn1Container; import org.apache.directory.shared.asn1.ber.Asn1Decoder; +import org.apache.directory.shared.asn1.codec.DecoderException; import org.apache.directory.shared.asn1.codec.EncoderException; import org.apache.directory.shared.kerberos.KerberosTime; +import org.apache.directory.shared.kerberos.codec.kdcReqBody.KdcReqBodyContainer; import org.apache.directory.shared.kerberos.codec.options.KdcOptions; import org.apache.directory.shared.kerberos.codec.types.EncryptionType; import org.apache.directory.shared.kerberos.codec.types.HostAddrType; @@ -57,7 +60,7 @@ public class KdcReqBodyDecoderTest * Test the decoding of a KdcReqBody message */ @Test - public void testEncodeTicket() throws Exception + public void testDecodeFullKdcReqBody() throws Exception { Asn1Decoder kerberosDecoder = new Asn1Decoder(); @@ -67,8 +70,8 @@ public class KdcReqBodyDecoderTest { 0x30, (byte)0x82, 0x01, 0x57, (byte)0xA0, 0x07, - 0x03, 0x04, - 0x01, 0x02, 0x03, 0x04, + 0x03, 0x05, + 0x00, 0x01, 0x04, 0x00, 0x32, (byte)0xA1, 0x13, 0x30, 0x11, (byte)0xA0, 0x03, @@ -178,9 +181,23 @@ public class KdcReqBodyDecoderTest String decodedPdu = StringTools.dumpBytes( stream.array() ); stream.flip(); + // Allocate a KdcReqBody Container + Asn1Container kdcReqBodyContainer = new KdcReqBodyContainer(); + kdcReqBodyContainer.setStream( stream ); + + // Decode the KdcReqBody PDU + try + { + kerberosDecoder.decode( stream, kdcReqBodyContainer ); + } + catch ( DecoderException de ) + { + fail( de.getMessage() ); + } + KdcReqBody body = new KdcReqBody(); - body.setKdcOptions( new KdcOptions( new byte[]{0x01, 0x02, 0x03, 0x04} ) ); + body.setKdcOptions( new KdcOptions( new byte[]{0x00, 0x01, 0x04, 0x00, 0x32} ) ); body.setCName( new PrincipalName( "client", PrincipalNameType.KRB_NT_ENTERPRISE ) ); body.setRealm( "EXAMPLE.COM" ); body.setSName( new PrincipalName( "server", PrincipalNameType.KRB_NT_ENTERPRISE ) ); @@ -233,8 +250,6 @@ public class KdcReqBodyDecoderTest // Check the length assertEquals( 0x15B, encodedPdu.limit() ); - - //assertEquals( StringTools.dumpBytes( encodedPdu.array() ), decodedPdu ); } catch ( EncoderException ee ) {