jdk-sandbox: jdk/test/sun/security/krb5/auto/KDC.java@d9b6f1de641f (annotated)

1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	1	/*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	2	* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	4	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	7	* published by the Free Software Foundation.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	8	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	13	* accompanied this code).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	14	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	18	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	19	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	20	* CA 95054 USA or visit www.sun.com if you need additional information or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	21	* have any questions.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	22	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	23
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	24	import java.lang.reflect.Constructor;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	25	import java.lang.reflect.Field;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	26	import java.lang.reflect.InvocationTargetException;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	27	import java.net.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	28	import java.io.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	29	import java.lang.reflect.Method;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	30	import java.security.SecureRandom;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	31	import java.util.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	32	import java.util.concurrent.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	33	import sun.security.krb5.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	34	import sun.security.krb5.internal.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	35	import sun.security.krb5.internal.crypto.KeyUsage;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	36	import sun.security.krb5.internal.ktab.KeyTab;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	37	import sun.security.util.DerInputStream;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	38	import sun.security.util.DerOutputStream;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	39	import sun.security.util.DerValue;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	40
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	41	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	42	* A KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	43	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	44	* Features:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	45	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	46	* <li> Supports TCP and UDP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	47	* <li> Supports AS-REQ and TGS-REQ
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	48	* <li> Principal db and other settings hard coded in application
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	49	* <li> Options, say, request preauth or not
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	50	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	51	* Side effects:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	52	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	53	* <li> The Sun-internal class <code>sun.security.krb5.Config</code> is a
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	54	* singleton and initialized according to Kerberos settings (krb5.conf and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	55	* java.security.krb5.* system properties). This means once it's initialized
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	56	* it will not automatically notice any changes to these settings (or file
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	57	* changes of krb5.conf). The KDC class normally does not touch these
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	58	* settings (except for the <code>writeKtab()</code> method). However, to make
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	59	* sure nothing ever goes wrong, if you want to make any changes to these
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	60	* settings after calling a KDC method, call <code>Config.refresh()</code> to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	61	* make sure your changes are reflected in the <code>Config</code> object.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	62	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	63	* Issues and TODOs:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	64	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	65	* <li> Generates krb5.conf to be used on another machine, currently the kdc is
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	66	* always localhost
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	67	* <li> More options to KDC, say, error output, say, response nonce !=
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	68	* request nonce
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	69	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	70	* Note: This program uses internal krb5 classes (including reflection to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	71	* access private fields and methods).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	72	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	73	* Usages:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	74	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	75	* 1. Init and start the KDC:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	76	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	77	* KDC kdc = KDC.create("REALM.NAME", port, isDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	78	* KDC kdc = KDC.create("REALM.NAME");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	79	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	80	* Here, <code>port</code> is the UDP and TCP port number the KDC server
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	81	* listens on. If zero, a random port is chosen, which you can use getPort()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	82	* later to retrieve the value.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	83	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	84	* If <code>isDaemon</code> is true, the KDC worker threads will be daemons.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	85	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	86	* The shortcut <code>KDC.create("REALM.NAME")</code> has port=0 and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	87	* isDaemon=false, and is commonly used in an embedded KDC.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	88	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	89	* 2. Adding users:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	90	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	91	* kdc.addPrincipal(String principal_name, char[] password);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	92	* kdc.addPrincipalRandKey(String principal_name);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	93	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	94	* A service principal's name should look like "host/f.q.d.n". The second form
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	95	* generates a random key. To expose this key, call <code>writeKtab()</code> to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	96	* save the keys into a keytab file.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	97	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	98	* Note that you need to add the principal name krbtgt/REALM.NAME yourself.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	99	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	100	* Note that you can safely add a principal at any time after the KDC is
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	101	* started and before a user requests info on this principal.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	102	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	103	* 3. Other public methods:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	104	* <ul>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	105	* <li> <code>getPort</code>: Returns the port number the KDC uses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	106	* <li> <code>getRealm</code>: Returns the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	107	* <li> <code>writeKtab</code>: Writes all principals' keys into a keytab file
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	108	* <li> <code>saveConfig</code>: Saves a krb5.conf file to access this KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	109	* <li> <code>setOption</code>: Sets various options
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	110	* </ul>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	111	* Read the javadoc for details. Lazy developer can use <code>OneKDC</code>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	112	* directly.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	113	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	114	public class KDC {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	115
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	116	// Under the hood.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	117
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	118	// The random generator to generate random keys (including session keys)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	119	private static SecureRandom secureRandom = new SecureRandom();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	120	// Principal db
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	121	private Map<String,char[]> passwords = new HashMap<String,char[]>();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	122	// Realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	123	private String realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	124	// The request/response job queue
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	125	private BlockingQueue<Job> q = new ArrayBlockingQueue<Job>(100);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	126	// Service port number
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	127	private int port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	128	// Options
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	129	private Map<Option,Object> options = new HashMap<Option,Object>();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	130
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	131	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	132	* Option names, to be expanded forever.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	133	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	134	public static enum Option {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	135	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	136	* Whether pre-authentication is required. Default Boolean.TRUE
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	137	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	138	PREAUTH_REQUIRED,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	139	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	140
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	141	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	142	* A standalone KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	143	* @param args
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	144	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	145	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	146	public static void main(String[] args) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	147	if (args.length > 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	148	if (args[0].equals("-help") \|\| args[0].equals("--help")) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	149	System.out.println("Usage:");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	150	System.out.println(" java " + KDC.class + " " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	151	"Start KDC on port 8888");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	152	return;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	153	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	154	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	155	KDC kdc = create("RABBIT.HOLE", 8888, false);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	156	kdc.addPrincipal("dummy", "bogus".toCharArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	157	kdc.addPrincipal("foo", "bar".toCharArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	158	kdc.addPrincipalRandKey("krbtgt/" + kdc.realm);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	159	kdc.addPrincipalRandKey("server/localhost");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	160	kdc.addPrincipalRandKey("backend/localhost");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	161	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	162
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	163	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	164	* Creates and starts a KDC running as a daemon on a random port.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	165	* @param realm the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	166	* @return the running KDC instance
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	167	* @throws java.io.IOException for any socket creation error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	168	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	169	public static KDC create(String realm) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	170	return create(realm, 0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	171	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	172
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	173	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	174	* Creates and starts a KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	175	* @param realm the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	176	* @param port the TCP and UDP port to listen to. A random port will to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	177	* chosen if zero.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	178	* @param asDaemon if true, KDC threads will be daemons. Otherwise, not.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	179	* @return the running KDC instance
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	180	* @throws java.io.IOException for any socket creation error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	181	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	182	public static KDC create(String realm, int port, boolean asDaemon) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	183	return new KDC(realm, port, asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	184	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	185
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	186	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	187	* Sets an option
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	188	* @param key the option name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	189	* @param obj the value
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	190	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	191	public void setOption(Option key, Object value) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	192	options.put(key, value);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	193	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	194
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	195	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	196	* Write all principals' keys into a keytab file. Note that the keys for
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	197	* the krbtgt principal for this realm will not be written.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	198	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	199	* Attention: This method references krb5.conf settings. If you need to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	200	* setup krb5.conf later, please call <code>Config.refresh()</code> after
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	201	* the new setting. For example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	202	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	203	* kdc.writeKtab("/etc/kdc/ktab"); // Config is initialized,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	204	* System.setProperty("java.security.krb5.conf", "/home/mykrb5.conf");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	205	* Config.refresh();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	206	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	207	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	208	* Inside this method there are 2 places krb5.conf is used:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	209	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	210	* <li> (Fatal) Generating keys: EncryptionKey.acquireSecretKeys
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	211	* <li> (Has workaround) Creating PrincipalName
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	212	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	213	* @param tab The keytab filename to write to.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	214	* @throws java.io.IOException for any file output error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	215	* @throws sun.security.krb5.KrbException for any realm and/or principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	216	* name error.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	217	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	218	public void writeKtab(String tab) throws IOException, KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	219	KeyTab ktab = KeyTab.create(tab);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	220	for (String name : passwords.keySet()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	221	if (name.equals("krbtgt/" + realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	222	continue;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	223	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	224	ktab.addEntry(new PrincipalName(name + "@" + realm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	225	name.indexOf('/') < 0 ?
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	226	PrincipalName.KRB_NT_UNKNOWN :
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	227	PrincipalName.KRB_NT_SRV_HST), passwords.get(name));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	228	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	229	ktab.save();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	230	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	231
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	232	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	233	* Adds a new principal to this realm with a given password.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	234	* @param user the principal's name. For a service principal, use the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	235	* form of host/f.q.d.n
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	236	* @param pass the password for the principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	237	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	238	public void addPrincipal(String user, char[] pass) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	239	passwords.put(user, pass);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	240	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	241
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	242	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	243	* Adds a new principal to this realm with a random password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	244	* @param user the principal's name. For a service principal, use the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	245	* form of host/f.q.d.n
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	246	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	247	public void addPrincipalRandKey(String user) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	248	passwords.put(user, randomPassword());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	249	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	250
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	251	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	252	* Returns the name of this realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	253	* @return the name of this realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	254	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	255	public String getRealm() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	256	return realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	257	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	258
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	259	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	260	* Writes a krb5.conf for one or more KDC that includes KDC locations for
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	261	* each realm and the default realm name. You can also add extra strings
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	262	* into the file. The method should be called like:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	263	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	264	* KDC.saveConfig("krb5.conf", kdc1, kdc2, ..., line1, line2, ...);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	265	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	266	* Here you can provide one or more kdc# and zero or more line# arguments.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	267	* The line# will be put after [libdefaults] and before [realms]. Therefore
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	268	* you can append new lines into [libdefaults] and/or create your new
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	269	* stanzas as well. Note that a newline character will be appended to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	270	* each line# argument.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	271	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	272	* For example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	273	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	274	* KDC.saveConfig("krb5.conf", this);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	275	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	276	* generates:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	277	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	278	* [libdefaults]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	279	* default_realm = REALM.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	280	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	281	* [realms]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	282	* REALM.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	283	* kdc = localhost:port_number
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	284	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	285	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	286	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	287	* Another example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	288	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	289	* KDC.saveConfig("krb5.conf", kdc1, kdc2, "forwardable = true", "",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	290	* "[domain_realm]",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	291	* ".kdc1.com = KDC1.NAME");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	292	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	293	* generates:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	294	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	295	* [libdefaults]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	296	* default_realm = KDC1.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	297	* forwardable = true
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	298	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	299	* [domain_realm]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	300	* .kdc1.com = KDC1.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	301	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	302	* [realms]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	303	* KDC1.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	304	* kdc = localhost:port1
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	305	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	306	* KDC2.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	307	* kdc = localhost:port2
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	308	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	309	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	310	* @param file the name of the file to write into
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	311	* @param kdc the first (and default) KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	312	* @param more more KDCs or extra lines (in their appearing order) to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	313	* insert into the krb5.conf file. This method reads each argument's type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	314	* to determine what it's for. This argument can be empty.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	315	* @throws java.io.IOException for any file output error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	316	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	317	public static void saveConfig(String file, KDC kdc, Object... more)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	318	throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	319	File f = new File(file);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	320	StringBuffer sb = new StringBuffer();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	321	sb.append("[libdefaults]\ndefault_realm = ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	322	sb.append(kdc.realm);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	323	sb.append("\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	324	for (Object o: more) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	325	if (o instanceof String) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	326	sb.append(o);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	327	sb.append("\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	328	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	329	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	330	sb.append("\n[realms]\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	331	sb.append(realmLineForKDC(kdc));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	332	for (Object o: more) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	333	if (o instanceof KDC) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	334	sb.append(realmLineForKDC((KDC)o));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	335	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	336	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	337	FileOutputStream fos = new FileOutputStream(f);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	338	fos.write(sb.toString().getBytes());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	339	fos.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	340	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	341
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	342	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	343	* Returns the service port of the KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	344	* @return the KDC service port
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	345	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	346	public int getPort() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	347	return port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	348	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	349
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	350	// Private helper methods
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	351
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	352	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	353	* Private constructor, cannot be called outside.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	354	* @param realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	355	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	356	private KDC(String realm) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	357	this.realm = realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	358	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	359
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	360	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	361	* A constructor that starts the KDC service also.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	362	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	363	protected KDC(String realm, int port, boolean asDaemon)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	364	throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	365	this(realm);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	366	startServer(port, asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	367	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	368	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	369	* Generates a 32-char random password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	370	* @return the password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	371	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	372	private static char[] randomPassword() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	373	char[] pass = new char[32];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	374	for (int i=0; i<32; i++)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	375	pass[i] = (char)secureRandom.nextInt();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	376	return pass;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	377	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	378
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	379	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	380	* Generates a random key for the given encryption type.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	381	* @param eType the encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	382	* @return the generated key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	383	* @throws sun.security.krb5.KrbException for unknown/unsupported etype
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	384	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	385	private static EncryptionKey generateRandomKey(int eType)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	386	throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	387	// Is 32 enough for AES256? I should have generated the keys directly
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	388	// but different cryptos have different rules on what keys are valid.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	389	char[] pass = randomPassword();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	390	String algo;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	391	switch (eType) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	392	case EncryptedData.ETYPE_DES_CBC_MD5: algo = "DES"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	393	case EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD: algo = "DESede"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	394	case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96: algo = "AES128"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	395	case EncryptedData.ETYPE_ARCFOUR_HMAC: algo = "ArcFourHMAC"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	396	case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: algo = "AES256"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	397	default: algo = "DES"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	398	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	399	return new EncryptionKey(pass, "NOTHING", algo); // Silly
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	400	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	401
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	402	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	403	* Returns the password for a given principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	404	* @param p principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	405	* @return the password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	406	* @throws sun.security.krb5.KrbException when the principal is not inside
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	407	* the database.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	408	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	409	private char[] getPassword(PrincipalName p) throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	410	char[] pass = passwords.get(p.getNameString());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	411	if (pass == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	412	throw new KrbException(Krb5.KDC_ERR_C_PRINCIPAL_UNKNOWN);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	413	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	414	return pass;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	415	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	416
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	417	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	418	* Returns the salt string for the principal. For normal users, the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	419	* concatenation for the realm name and the sections of the principal;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	420	* for krgtgt/A@B and krbtgt/B@A, always return AB (so that inter-realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	421	* principals have the same key).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	422	* @param p principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	423	* @return the salt
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	424	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	425	private String getSalt(PrincipalName p) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	426	String[] ns = p.getNameStrings();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	427	if (ns[0].equals("krbtgt") && ns.length > 1) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	428	// Shared cross-realm keys must be the same
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	429	if (ns[1].compareTo(realm) < 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	430	return ns[1] + realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	431	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	432	return realm + ns[1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	433	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	434	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	435	String s = getRealm();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	436	for (String n: p.getNameStrings()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	437	s += n;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	438	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	439	return s;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	440	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	441	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	442
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	443	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	444	* Returns the key for a given principal of the given encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	445	* @param p the principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	446	* @param etype the encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	447	* @return the key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	448	* @throws sun.security.krb5.KrbException for unknown/unsupported etype
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	449	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	450	private EncryptionKey keyForUser(PrincipalName p, int etype) throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	451	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	452	// Do not call EncryptionKey.acquireSecretKeys(), otherwise
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	453	// the krb5.conf config file would be loaded.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	454	Method stringToKey = EncryptionKey.class.getDeclaredMethod("stringToKey", char[].class, String.class, byte[].class, Integer.TYPE);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	455	stringToKey.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	456	return new EncryptionKey((byte[]) stringToKey.invoke(null, getPassword(p), getSalt(p), null, etype), etype, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	457	} catch (InvocationTargetException ex) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	458	KrbException ke = (KrbException)ex.getCause();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	459	throw ke;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	460	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	461	throw new RuntimeException(e); // should not happen
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	462	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	463	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	464
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	465	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	466	* Processes an incoming request and generates a response.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	467	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	468	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	469	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	470	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	471	private byte[] processMessage(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	472	if ((in[0] & 0x1f) == Krb5.KRB_AS_REQ)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	473	return processAsReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	474	else
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	475	return processTgsReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	476	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	477
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	478	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	479	* Processes a TGS_REQ and generates a TGS_REP (or KRB_ERROR)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	480	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	481	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	482	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	483	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	484	private byte[] processTgsReq(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	485	TGSReq tgsReq = new TGSReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	486	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	487	System.out.println(realm + "> " + tgsReq.reqBody.cname +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	488	" sends TGS-REQ for " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	489	tgsReq.reqBody.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	490	KDCReqBody body = tgsReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	491	int etype = 0;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	492
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	493	// Reflection: PAData[] pas = tgsReq.pAData;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	494	Field f = KDCReq.class.getDeclaredField("pAData");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	495	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	496	PAData[] pas = (PAData[])f.get(tgsReq);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	497
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	498	Ticket tkt = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	499	EncTicketPart etp = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	500	if (pas == null \|\| pas.length == 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	501	throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	502	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	503	for (PAData pa: pas) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	504	if (pa.getType() == Krb5.PA_TGS_REQ) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	505	APReq apReq = new APReq(pa.getValue());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	506	EncryptedData ed = apReq.authenticator;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	507	tkt = apReq.ticket;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	508	etype = tkt.encPart.getEType();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	509	EncryptionKey kkey = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	510	if (!tkt.realm.toString().equals(realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	511	if (tkt.sname.getNameString().equals("krbtgt/" + realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	512	kkey = keyForUser(new PrincipalName("krbtgt/" + tkt.realm.toString(), realm), etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	513	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	514	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	515	kkey = keyForUser(tkt.sname, etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	516	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	517	byte[] bb = tkt.encPart.decrypt(kkey, KeyUsage.KU_TICKET);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	518	DerInputStream derIn = new DerInputStream(bb);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	519	DerValue der = derIn.getDerValue();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	520	etp = new EncTicketPart(der.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	521	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	522	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	523	if (tkt == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	524	throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	525	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	526	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	527	EncryptionKey skey = keyForUser(body.sname, etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	528	if (skey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	529	throw new KrbException(Krb5.KDC_ERR_SUMTYPE_NOSUPP); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	530	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	531
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	532	// Session key for original ticket, TGT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	533	EncryptionKey ckey = etp.key;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	534
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	535	// Session key for session with the service
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	536	EncryptionKey key = generateRandomKey(etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	537
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	538	// Check time, TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	539	KerberosTime till = body.till;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	540	if (till == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	541	throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	542	} else if (till.isZero()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	543	till = new KerberosTime(new Date().getTime() + 1000 * 3600 * 11);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	544	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	545
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	546	boolean[] bFlags = new boolean[Krb5.TKT_OPTS_MAX+1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	547	if (body.kdcOptions.get(KDCOptions.FORWARDABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	548	bFlags[Krb5.TKT_OPTS_FORWARDABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	549	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	550	if (body.kdcOptions.get(KDCOptions.FORWARDED) \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	551	etp.flags.get(Krb5.TKT_OPTS_FORWARDED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	552	bFlags[Krb5.TKT_OPTS_FORWARDED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	553	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	554	if (body.kdcOptions.get(KDCOptions.RENEWABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	555	bFlags[Krb5.TKT_OPTS_RENEWABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	556	//renew = new KerberosTime(new Date().getTime() + 1000 * 3600 * 24 * 7);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	557	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	558	if (body.kdcOptions.get(KDCOptions.PROXIABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	559	bFlags[Krb5.TKT_OPTS_PROXIABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	560	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	561	if (body.kdcOptions.get(KDCOptions.POSTDATED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	562	bFlags[Krb5.TKT_OPTS_POSTDATED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	563	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	564	if (body.kdcOptions.get(KDCOptions.ALLOW_POSTDATE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	565	bFlags[Krb5.TKT_OPTS_MAY_POSTDATE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	566	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	567	bFlags[Krb5.TKT_OPTS_INITIAL] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	568
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	569	TicketFlags tFlags = new TicketFlags(bFlags);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	570	EncTicketPart enc = new EncTicketPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	571	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	572	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	573	etp.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	574	etp.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	575	new TransitedEncoding(1, new byte[0]), // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	576	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	577	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	578	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	579	body.addresses,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	580	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	581	Ticket t = new Ticket(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	582	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	583	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	584	new EncryptedData(skey, enc.asn1Encode(), KeyUsage.KU_TICKET)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	585	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	586	EncTGSRepPart enc_part = new EncTGSRepPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	587	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	588	new LastReq(new LastReqEntry[]{
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	589	new LastReqEntry(0, new KerberosTime(new Date().getTime() - 10000))
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	590	}),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	591	body.getNonce(), // TODO: detect replay
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	592	new KerberosTime(new Date().getTime() + 1000 * 3600 * 24),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	593	// Next 5 and last MUST be same with ticket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	594	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	595	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	596	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	597	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	598	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	599	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	600	body.addresses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	601	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	602	EncryptedData edata = new EncryptedData(ckey, enc_part.asn1Encode(), KeyUsage.KU_ENC_TGS_REP_PART_SESSKEY);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	603	TGSRep tgsRep = new TGSRep(null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	604	etp.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	605	etp.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	606	t,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	607	edata);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	608	System.out.println(" Return " + tgsRep.cname
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	609	+ " ticket for " + tgsRep.ticket.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	610
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	611	DerOutputStream out = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	612	out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	613	true, (byte)Krb5.KRB_TGS_REP), tgsRep.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	614	return out.toByteArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	615	} catch (KrbException ke) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	616	ke.printStackTrace(System.out);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	617	KRBError kerr = ke.getError();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	618	KDCReqBody body = tgsReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	619	System.out.println(" Error " + ke.returnCode()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	620	+ " " +ke.returnCodeMessage());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	621	if (kerr == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	622	kerr = new KRBError(null, null, null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	623	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	624	0,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	625	ke.returnCode(),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	626	body.crealm, body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	627	new Realm(getRealm()), body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	628	KrbException.errorMessage(ke.returnCode()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	629	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	630	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	631	return kerr.asn1Encode();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	632	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	633	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	634
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	635	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	636	* Processes a AS_REQ and generates a AS_REP (or KRB_ERROR)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	637	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	638	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	639	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	640	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	641	private byte[] processAsReq(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	642	ASReq asReq = new ASReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	643	int[] eTypes = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	644	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	645	System.out.println(realm + "> " + asReq.reqBody.cname +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	646	" sends AS-REQ for " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	647	asReq.reqBody.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	648
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	649	KDCReqBody body = asReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	650
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	651	// Reflection: int[] eType = body.eType;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	652	Field f = KDCReqBody.class.getDeclaredField("eType");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	653	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	654	eTypes = (int[])f.get(body);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	655	int eType = eTypes[0];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	656
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	657	EncryptionKey ckey = keyForUser(body.cname, eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	658	EncryptionKey skey = keyForUser(body.sname, eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	659	if (ckey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	660	throw new KrbException(Krb5.KDC_ERR_ETYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	661	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	662	if (skey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	663	throw new KrbException(Krb5.KDC_ERR_SUMTYPE_NOSUPP); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	664	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	665
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	666	// Session key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	667	EncryptionKey key = generateRandomKey(eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	668	// Check time, TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	669	KerberosTime till = body.till;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	670	if (till == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	671	throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	672	} else if (till.isZero()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	673	till = new KerberosTime(new Date().getTime() + 1000 * 3600 * 11);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	674	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	675	//body.from
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	676	boolean[] bFlags = new boolean[Krb5.TKT_OPTS_MAX+1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	677	if (body.kdcOptions.get(KDCOptions.FORWARDABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	678	bFlags[Krb5.TKT_OPTS_FORWARDABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	679	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	680	if (body.kdcOptions.get(KDCOptions.RENEWABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	681	bFlags[Krb5.TKT_OPTS_RENEWABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	682	//renew = new KerberosTime(new Date().getTime() + 1000 * 3600 * 24 * 7);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	683	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	684	if (body.kdcOptions.get(KDCOptions.PROXIABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	685	bFlags[Krb5.TKT_OPTS_PROXIABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	686	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	687	if (body.kdcOptions.get(KDCOptions.POSTDATED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	688	bFlags[Krb5.TKT_OPTS_POSTDATED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	689	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	690	if (body.kdcOptions.get(KDCOptions.ALLOW_POSTDATE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	691	bFlags[Krb5.TKT_OPTS_MAY_POSTDATE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	692	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	693	bFlags[Krb5.TKT_OPTS_INITIAL] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	694
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	695	f = KDCReq.class.getDeclaredField("pAData");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	696	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	697	PAData[] pas = (PAData[])f.get(asReq);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	698	if (pas == null \|\| pas.length == 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	699	Object preauth = options.get(Option.PREAUTH_REQUIRED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	700	if (preauth == null \|\| preauth.equals(Boolean.TRUE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	701	throw new KrbException(Krb5.KDC_ERR_PREAUTH_REQUIRED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	702	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	703	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	704	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	705	Constructor<EncryptedData> ctor = EncryptedData.class.getDeclaredConstructor(DerValue.class);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	706	ctor.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	707	EncryptedData data = ctor.newInstance(new DerValue(pas[0].getValue()));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	708	data.decrypt(ckey, KeyUsage.KU_PA_ENC_TS);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	709	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	710	throw new KrbException(Krb5.KDC_ERR_PREAUTH_FAILED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	711	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	712	bFlags[Krb5.TKT_OPTS_PRE_AUTHENT] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	713	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	714
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	715	TicketFlags tFlags = new TicketFlags(bFlags);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	716	EncTicketPart enc = new EncTicketPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	717	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	718	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	719	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	720	body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	721	new TransitedEncoding(1, new byte[0]),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	722	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	723	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	724	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	725	body.addresses,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	726	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	727	Ticket t = new Ticket(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	728	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	729	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	730	new EncryptedData(skey, enc.asn1Encode(), KeyUsage.KU_TICKET)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	731	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	732	EncASRepPart enc_part = new EncASRepPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	733	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	734	new LastReq(new LastReqEntry[]{
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	735	new LastReqEntry(0, new KerberosTime(new Date().getTime() - 10000))
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	736	}),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	737	body.getNonce(), // TODO: detect replay?
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	738	new KerberosTime(new Date().getTime() + 1000 * 3600 * 24),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	739	// Next 5 and last MUST be same with ticket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	740	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	741	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	742	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	743	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	744	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	745	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	746	body.addresses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	747	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	748	EncryptedData edata = new EncryptedData(ckey, enc_part.asn1Encode(), KeyUsage.KU_ENC_AS_REP_PART);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	749	ASRep asRep = new ASRep(null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	750	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	751	body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	752	t,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	753	edata);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	754
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	755	System.out.println(" Return " + asRep.cname
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	756	+ " ticket for " + asRep.ticket.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	757
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	758	DerOutputStream out = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	759	out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	760	true, (byte)Krb5.KRB_AS_REP), asRep.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	761	return out.toByteArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	762	} catch (KrbException ke) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	763	ke.printStackTrace(System.out);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	764	KRBError kerr = ke.getError();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	765	KDCReqBody body = asReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	766	System.out.println(" Error " + ke.returnCode()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	767	+ " " +ke.returnCodeMessage());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	768	byte[] eData = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	769	if (kerr == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	770	if (ke.returnCode() == Krb5.KDC_ERR_PREAUTH_REQUIRED \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	771	ke.returnCode() == Krb5.KDC_ERR_PREAUTH_FAILED) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	772	PAData pa;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	773
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	774	ETypeInfo2 ei2 = new ETypeInfo2(eTypes[0], null, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	775	DerOutputStream eid = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	776	eid.write(DerValue.tag_Sequence, ei2.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	777
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	778	pa = new PAData(Krb5.PA_ETYPE_INFO2, eid.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	779
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	780	DerOutputStream bytes = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	781	bytes.write(new PAData(Krb5.PA_ENC_TIMESTAMP, new byte[0]).asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	782	bytes.write(pa.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	783
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	784	boolean allOld = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	785	for (int i: eTypes) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	786	if (i == EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96 \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	787	i == EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	788	allOld = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	789	break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	790	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	791	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	792	if (allOld) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	793	ETypeInfo ei = new ETypeInfo(eTypes[0], null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	794	eid = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	795	eid.write(DerValue.tag_Sequence, ei.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	796	pa = new PAData(Krb5.PA_ETYPE_INFO, eid.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	797	bytes.write(pa.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	798	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	799	DerOutputStream temp = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	800	temp.write(DerValue.tag_Sequence, bytes);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	801	eData = temp.toByteArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	802	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	803	kerr = new KRBError(null, null, null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	804	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	805	0,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	806	ke.returnCode(),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	807	body.crealm, body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	808	new Realm(getRealm()), body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	809	KrbException.errorMessage(ke.returnCode()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	810	eData);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	811	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	812	return kerr.asn1Encode();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	813	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	814	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	815
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	816	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	817	* Generates a line for a KDC to put inside [realms] of krb5.conf
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	818	* @param kdc the KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	819	* @return REALM.NAME = { kdc = localhost:port }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	820	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	821	private static String realmLineForKDC(KDC kdc) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	822	return String.format(" %s = {\n kdc = localhost:%d\n }\n", kdc.realm, kdc.port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	823	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	824
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	825	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	826	* Start the KDC service. This server listens on both UDP and TCP using
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	827	* the same port number. It uses three threads to deal with requests.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	828	* They can be set to daemon threads if requested.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	829	* @param port the port number to listen to. If zero, a random available
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	830	* port no less than 8000 will be chosen and used.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	831	* @param asDaemon true if the KDC threads should be daemons
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	832	* @throws java.io.IOException for any communication error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	833	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	834	protected void startServer(int port, boolean asDaemon) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	835	DatagramSocket u1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	836	ServerSocket t1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	837	if (port > 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	838	u1 = new DatagramSocket(port, InetAddress.getByName("127.0.0.1"));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	839	t1 = new ServerSocket(port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	840	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	841	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	842	// Try to find a port number that's both TCP and UDP free
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	843	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	844	port = 8000 + new java.util.Random().nextInt(10000);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	845	u1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	846	u1 = new DatagramSocket(port, InetAddress.getByName("127.0.0.1"));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	847	t1 = new ServerSocket(port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	848	break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	849	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	850	if (u1 != null) u1.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	851	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	852	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	853	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	854	final DatagramSocket udp = u1;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	855	final ServerSocket tcp = t1;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	856	System.out.println("Start KDC on " + port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	857
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	858	this.port = port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	859
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	860	// The UDP consumer
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	861	Thread thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	862	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	863	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	864	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	865	byte[] inbuf = new byte[8192];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	866	DatagramPacket p = new DatagramPacket(inbuf, inbuf.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	867	udp.receive(p);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	868	System.out.println("-----------------------------------------------");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	869	System.out.println(">>>>> UDP packet received");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	870	q.put(new Job(processMessage(Arrays.copyOf(inbuf, p.getLength())), udp, p));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	871	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	872	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	873	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	874	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	875	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	876	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	877	thread.setDaemon(asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	878	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	879
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	880	// The TCP consumer
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	881	thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	882	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	883	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	884	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	885	Socket socket = tcp.accept();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	886	System.out.println("-----------------------------------------------");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	887	System.out.println(">>>>> TCP connection established");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	888	DataInputStream in = new DataInputStream(socket.getInputStream());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	889	DataOutputStream out = new DataOutputStream(socket.getOutputStream());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	890	byte[] token = new byte[in.readInt()];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	891	in.readFully(token);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	892	q.put(new Job(processMessage(token), socket, out));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	893	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	894	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	895	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	896	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	897	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	898	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	899	thread.setDaemon(asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	900	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	901
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	902	// The dispatcher
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	903	thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	904	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	905	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	906	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	907	q.take().send();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	908	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	909	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	910	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	911	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	912	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	913	thread.setDaemon(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	914	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	915	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	916
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	917	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	918	* Helper class to encapsulate a job in a KDC.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	919	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	920	private static class Job {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	921	byte[] token; // The received request at creation time and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	922	// the response at send time
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	923	Socket s; // The TCP socket from where the request comes
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	924	DataOutputStream out; // The OutputStream of the TCP socket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	925	DatagramSocket s2; // The UDP socket from where the request comes
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	926	DatagramPacket dp; // The incoming UDP datagram packet
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	927	boolean useTCP; // Whether TCP or UDP is used
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	928
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	929	// Creates a job object for TCP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	930	Job(byte[] token, Socket s, DataOutputStream out) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	931	useTCP = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	932	this.token = token;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	933	this.s = s;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	934	this.out = out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	935	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	936
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	937	// Creates a job object for UDP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	938	Job(byte[] token, DatagramSocket s2, DatagramPacket dp) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	939	useTCP = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	940	this.token = token;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	941	this.s2 = s2;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	942	this.dp = dp;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	943	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	944
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	945	// Sends the output back to the client
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	946	void send() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	947	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	948	if (useTCP) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	949	System.out.println(">>>>> TCP request honored");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	950	out.writeInt(token.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	951	out.write(token);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	952	s.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	953	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	954	System.out.println(">>>>> UDP request honored");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	955	s2.send(new DatagramPacket(token, token.length, dp.getAddress(), dp.getPort()));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	956	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	957	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	958	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	959	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	960	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	961	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	962	}

author	weijun
	Fri, 17 Oct 2008 13:02:00 +0800
changeset 1454	d9b6f1de641f
child 1456	1d3c6724de2f
permissions	-rw-r--r--