directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject directory-kerby git commit: DIRKRB-393 Glob filter for command list_principal and ktadd of Kadmin. Contributed by Wei.
Date Fri, 07 Aug 2015 06:50:38 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/master b1ebdec08 -> 6ab8fa141


DIRKRB-393 Glob filter for command list_principal and ktadd of Kadmin. Contributed by Wei.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/6ab8fa14
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/6ab8fa14
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/6ab8fa14

Branch: refs/heads/master
Commit: 6ab8fa1412e3806875a2448854fc2ee64813e07e
Parents: b1ebdec
Author: plusplusjiajia <jiajia.li@intel.com>
Authored: Fri Aug 7 14:56:05 2015 +0800
Committer: plusplusjiajia <jiajia.li@intel.com>
Committed: Fri Aug 7 14:56:05 2015 +0800

----------------------------------------------------------------------
 .../kerby/kerberos/kerb/admin/AdminHelper.java  | 20 +++++
 .../kerby/kerberos/kerb/admin/Kadmin.java       | 87 ++++++++++++++++++--
 .../tool/kadmin/command/KeytabAddCommand.java   | 18 +++-
 .../kadmin/command/ListPrincipalCommand.java    | 20 +++--
 4 files changed, 133 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/6ab8fa14/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
index c1d0860..bbc37a9 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
@@ -60,6 +60,26 @@ public final class AdminHelper {
     }
 
     /**
+     * Export all the keys of the specified principal into the specified keytab
+     * file.
+     *
+     * @param keytabFile The keytab file
+     * @param identities  Identities to export to keytabFile
+     * @throws KrbException
+     */
+    static void exportKeytab(File keytabFile, List<KrbIdentity> identities)
+            throws KrbException {
+
+        Keytab keytab = createOrLoadKeytab(keytabFile);
+
+        for (KrbIdentity identity : identities) {
+            exportToKeytab(keytab, identity);
+        }
+
+        storeKeytab(keytab, keytabFile);
+    }
+
+    /**
      * Load keytab from keytab file.
      *
      * @param keytabFile The keytab file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/6ab8fa14/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
index ff422ba..ef3e3cc 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
@@ -34,9 +34,13 @@ import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
 import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
 
 import java.io.File;
+import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
 
 /**
  * Server side admin facilities.
@@ -238,14 +242,33 @@ public class Kadmin {
     public void exportKeytab(File keytabFile, String principal)
             throws KrbException {
         principal = fixPrincipal(principal);
+        List<String> principals = new ArrayList<>(1);
+        principals.add(principal);
+        exportKeytab(keytabFile, principals);
+    }
+
+    /**
+     * Export all the keys of the specified principals into the specified keytab
+     * file.
+     *
+     * @param keytabFile The keytab file
+     * @param principals The principal names
+     * @throws KrbException
+     */
+    public void exportKeytab(File keytabFile, List<String> principals)
+            throws KrbException {
         //Get Identity
-        KrbIdentity identity = backend.getIdentity(principal);
-        if (identity == null) {
-            throw new KrbException("Can not find the identity for pincipal "
-                    + principal);
+        List<KrbIdentity> identities = new LinkedList<>();
+        for (String principal : principals) {
+            KrbIdentity identity = backend.getIdentity(principal);
+            if (identity == null) {
+                throw new KrbException("Can not find the identity for pincipal "
+                        + principal);
+            }
+            identities.add(identity);
         }
 
-        AdminHelper.exportKeytab(keytabFile, identity);
+        AdminHelper.exportKeytab(keytabFile, identities);
     }
 
     /**
@@ -396,6 +419,60 @@ public class Kadmin {
     }
 
     /**
+     * Get all the Pattern for matching from glob string. The glob string can contain "."
"*" and "[]"
+     *
+     * @param globString The glob string for matching
+     * @throws KrbException
+     */
+    public Pattern getPatternFromGlobPatternString(String globString) throws KrbException
+    {
+        if (globString == null || globString.equals("")) {
+            return null;
+        }
+        if (!Pattern.matches("^[0-9A-Za-z._/@*?\\[\\]\\-]+$", globString)) {
+            throw new KrbException("Glob pattern string contains invalid character!");
+        }
+        String patternString = globString;
+        patternString = patternString.replaceAll("\\.", "\\\\.");
+        patternString = patternString.replaceAll("\\?", ".");
+        patternString = patternString.replaceAll("\\*", ".*");
+        patternString = "^" + patternString + "$";
+
+        Pattern pt;
+        try {
+            pt = Pattern.compile(patternString);
+        } catch (PatternSyntaxException e) {
+            throw new KrbException("Invalid glob pattern string!");
+        }
+        return pt;
+    }
+
+    /**
+     * Get all the principal names that meets the pattern
+     *
+     * @param pt The pattern for matching
+     * @throws KrbException
+     */
+    public List<String> getPrincipalNamesByPattern(Pattern pt) throws KrbException
{
+        if (pt == null) {
+            return getPrincipals();
+        }
+
+        Boolean containsAt = pt.pattern().indexOf('@') != -1;
+        List<String> result = new LinkedList<>();
+
+        List<String> principalNames = getPrincipals();
+        for (String principal: principalNames) {
+            String toMatch = containsAt ? principal : principal.split("@")[0];
+            Matcher m = pt.matcher(toMatch);
+            if (m.matches()) {
+                result.add(principal);
+            }
+        }
+        return result;
+    }
+
+    /**
      * Update the password of specified principal.
      *
      * @param principal The principal to be updated password

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/6ab8fa14/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/KeytabAddCommand.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/KeytabAddCommand.java
b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/KeytabAddCommand.java
index 9777a4b..78aaec4 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/KeytabAddCommand.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/KeytabAddCommand.java
@@ -23,6 +23,8 @@ import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.admin.Kadmin;
 
 import java.io.File;
+import java.util.List;
+import java.util.regex.Pattern;
 
 public class KeytabAddCommand extends KadminCommand {
     private static final String USAGE =
@@ -40,6 +42,7 @@ public class KeytabAddCommand extends KadminCommand {
 
         String principal = null;
         String keytabFileLocation = null;
+        Boolean glob = false;
 
         //Since commands[0] is ktadd, the initial index is 1.
         int index = 1;
@@ -53,6 +56,8 @@ public class KeytabAddCommand extends KadminCommand {
                 }
                 keytabFileLocation = commands[index].trim();
 
+            } else if (command.equals("-glob")) {
+                glob = true;
             } else if (!command.startsWith("-")) {
                 principal = command;
             }
@@ -64,13 +69,22 @@ public class KeytabAddCommand extends KadminCommand {
         }
         File keytabFile = new File(keytabFileLocation);
 
-        if (principal == null || !keytabFile.exists()) {
+        if (principal == null) {
+            System.out.println((glob ? "princ-exp" : "principal") + " not specified!");
             System.err.println(USAGE);
             return;
         }
 
         try {
-            getKadmin().exportKeytab(keytabFile, principal);
+            if (glob) {
+                Pattern pt = getKadmin().getPatternFromGlobPatternString(principal);
+                List<String> principals = getKadmin().getPrincipalNamesByPattern(pt);
+                if (principals.size() != 0) {
+                    getKadmin().exportKeytab(keytabFile, principals);
+                }
+            } else {
+                getKadmin().exportKeytab(keytabFile, principal);
+            }
             System.out.println("Done!");
         } catch (KrbException e) {
             System.err.println("Principal \"" + principal + "\" fail to add entry to keytab."

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/6ab8fa14/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/ListPrincipalCommand.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/ListPrincipalCommand.java
b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/ListPrincipalCommand.java
index aa72ff1..387771c 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/ListPrincipalCommand.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/command/ListPrincipalCommand.java
@@ -23,8 +23,11 @@ import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.admin.Kadmin;
 
 import java.util.List;
+import java.util.regex.Pattern;
 
 public class ListPrincipalCommand extends KadminCommand {
+    private static final String USAGE = "Usage: list_principals [expression]\n"
+            + "\t'expression' is a shell-style glob expression that can contain the wild-card
characters ?, *, and [].";
 
     public ListPrincipalCommand(Kadmin kadmin) {
         super(kadmin);
@@ -32,18 +35,25 @@ public class ListPrincipalCommand extends KadminCommand {
 
     @Override
     public void execute(String input) {
-        String[] commands = input.split(" ");
+        String[] commands = input.split("\\s+");
 
-        if (commands.length == 1) {
+        if (commands.length <= 2) {
+            String expression = commands.length == 2 ? commands[1] : null;
             try {
-                List<String> principalNames = getKadmin().getPrincipals();
+                Pattern pt = getKadmin().getPatternFromGlobPatternString(expression);
+                List<String> principalNames = getKadmin().getPrincipalNamesByPattern(pt);
+                if (principalNames.size() == 0) {
+                    return;
+                }
                 System.out.println("Principals are listed:");
                 for (String principalName : principalNames) {
-                    System.out.println(principalName);
+                    System.out.println("\t" + principalName);
                 }
             } catch (KrbException e) {
-                System.err.print("Fail to list principal!" + e.getMessage());
+                System.err.print("Fail to list principal! " + e.getMessage());
             }
+        } else {
+            System.err.println(USAGE);
         }
     }
 }


Mime
View raw message