directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: Disable Kerberos modules and tests (was: Build failed in Hudson: dir-studio-jdk15-ubuntu-deploy #97)
Date Sat, 20 Nov 2010 16:10:09 GMT
On 11/20/10 4:29 PM, Felix Knecht wrote:
> On 11/20/2010 02:11 PM, Emmanuel Lecharny wrote:
>> On 11/20/10 11:52 AM, Felix Knecht wrote:
>>>> It's most certainly an issue with the way we deal with BitString. 
>>>> Th pb
>>>> is that the new codec uses the modified version, so if I revert, it 
>>>> will
>>>> break the new codec.
>>>>
>>>> I'll try to understand why the old code is not happy with the perfect
>>>> code I injected in the kerberos part ;)
>>>
>>>
>>> My guess is that the getBytes(int xxx) has something to do with it. In
>>> comparison to the code before it adds some additional information in
>>> the [0] index (A first byte containing the number of unused bits is
>>> added) whereas in the old code it just started without additional
>>> information.
>> Which is wrong. I'm looking at some PDU Stefan captured for me, and the
>> KdcOptions are really encoded in 5 bytes, which means the byte
>> containing the unused bytes is present :
>> 0xA0 0x07
>> 0x03 0x05 0x00 0x00 0x00 0x00 0x00
>> ^^^^
>> the unused bits.
>
> AbstractKerberosFlags isn't aware at every place, that there have 5 
> bytes to be in the array, but extends and used methods of BitString:
>
> /**
>  * Modify a byte array to an integer value
>  * @param bytes The 4 bytes byte array to transform.
>  */
> public void setFlags( byte[] bytes )
> {
>     if ( (bytes== null ) || ( bytes.length != 4 ) )
>     {
>         value = -1;
>     }
>     value = ( ( bytes[0] & 0x00F ) << 24 ) | ( ( bytes[1] & 0x00FF ) 
> << 16 ) | ( ( bytes[2] & 0x00FF ) << 8 ) | ( 0x00FF & bytes[3] );
>         setData( bytes );
>     }
>
> This will include the first byte ([0]) for value calculation but 
> BitString will use the same value afterwards to set the unused bits 
> value. -> An array of length 5 instead of length 4 should be used.
>
>
>
> public static byte[] getBytes( int flags )
> {
>     return new byte[]{
>         (byte)( flags >>> 24),
>         (byte)( ( flags >> 16 ) & 0x00ff ),
>         (byte)( ( flags >> 8 ) & 0x00ff ),
>         (byte)( flags & 0x00ff ) };
> }
>
> This method doesn't returns as well a byte array not containing the 
> byte[0] representing the unused bits whereas the method
>
> public byte[] getBytes()
> {
>     return getData();
> }
>
> delivers the byte array comming inherited from BitString containing 
> the 'unused bits' byte.
>
> Is it correct, that ALL classes extended BitString must use a byte 
> array of length 5?
If there are 32 bits, yes. But it depends on the encoding. In pure DER, 
we don't necessarily uses all the bytes, we use just enough bytes to 
store the bits up to the last 1. So it can be from 2 to 5 bytes. 
Complicated ...

-- 
Regards,
Cordialement,
Emmanuel L├ęcharny
www.iktek.com


Mime
View raw message