jdk-sandbox: jdk/test/sun/security/krb5/auto/KDC.java@e0f1979051b5 (annotated)

1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	1	/*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	2	* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	4	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	7	* published by the Free Software Foundation.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	8	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	13	* accompanied this code).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	14	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	18	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	19	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	20	* CA 95054 USA or visit www.sun.com if you need additional information or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	21	* have any questions.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	22	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	23
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	24	import java.lang.reflect.Constructor;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	25	import java.lang.reflect.Field;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	26	import java.lang.reflect.InvocationTargetException;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	27	import java.net.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	28	import java.io.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	29	import java.lang.reflect.Method;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	30	import java.security.SecureRandom;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	31	import java.util.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	32	import java.util.concurrent.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	33	import sun.security.krb5.*;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	34	import sun.security.krb5.internal.*;
1575 e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	35	import sun.security.krb5.internal.ccache.CredentialsCache;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	36	import sun.security.krb5.internal.crypto.KeyUsage;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	37	import sun.security.krb5.internal.ktab.KeyTab;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	38	import sun.security.util.DerInputStream;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	39	import sun.security.util.DerOutputStream;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	40	import sun.security.util.DerValue;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	41
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	42	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	43	* A KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	44	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	45	* Features:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	46	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	47	* <li> Supports TCP and UDP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	48	* <li> Supports AS-REQ and TGS-REQ
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	49	* <li> Principal db and other settings hard coded in application
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	50	* <li> Options, say, request preauth or not
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	51	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	52	* Side effects:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	53	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	54	* <li> The Sun-internal class <code>sun.security.krb5.Config</code> is a
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	55	* singleton and initialized according to Kerberos settings (krb5.conf and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	56	* java.security.krb5.* system properties). This means once it's initialized
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	57	* it will not automatically notice any changes to these settings (or file
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	58	* changes of krb5.conf). The KDC class normally does not touch these
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	59	* settings (except for the <code>writeKtab()</code> method). However, to make
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	60	* sure nothing ever goes wrong, if you want to make any changes to these
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	61	* settings after calling a KDC method, call <code>Config.refresh()</code> to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	62	* make sure your changes are reflected in the <code>Config</code> object.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	63	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	64	* Issues and TODOs:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	65	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	66	* <li> Generates krb5.conf to be used on another machine, currently the kdc is
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	67	* always localhost
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	68	* <li> More options to KDC, say, error output, say, response nonce !=
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	69	* request nonce
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	70	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	71	* Note: This program uses internal krb5 classes (including reflection to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	72	* access private fields and methods).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	73	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	74	* Usages:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	75	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	76	* 1. Init and start the KDC:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	77	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	78	* KDC kdc = KDC.create("REALM.NAME", port, isDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	79	* KDC kdc = KDC.create("REALM.NAME");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	80	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	81	* Here, <code>port</code> is the UDP and TCP port number the KDC server
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	82	* listens on. If zero, a random port is chosen, which you can use getPort()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	83	* later to retrieve the value.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	84	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	85	* If <code>isDaemon</code> is true, the KDC worker threads will be daemons.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	86	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	87	* The shortcut <code>KDC.create("REALM.NAME")</code> has port=0 and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	88	* isDaemon=false, and is commonly used in an embedded KDC.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	89	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	90	* 2. Adding users:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	91	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	92	* kdc.addPrincipal(String principal_name, char[] password);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	93	* kdc.addPrincipalRandKey(String principal_name);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	94	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	95	* A service principal's name should look like "host/f.q.d.n". The second form
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	96	* generates a random key. To expose this key, call <code>writeKtab()</code> to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	97	* save the keys into a keytab file.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	98	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	99	* Note that you need to add the principal name krbtgt/REALM.NAME yourself.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	100	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	101	* Note that you can safely add a principal at any time after the KDC is
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	102	* started and before a user requests info on this principal.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	103	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	104	* 3. Other public methods:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	105	* <ul>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	106	* <li> <code>getPort</code>: Returns the port number the KDC uses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	107	* <li> <code>getRealm</code>: Returns the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	108	* <li> <code>writeKtab</code>: Writes all principals' keys into a keytab file
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	109	* <li> <code>saveConfig</code>: Saves a krb5.conf file to access this KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	110	* <li> <code>setOption</code>: Sets various options
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	111	* </ul>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	112	* Read the javadoc for details. Lazy developer can use <code>OneKDC</code>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	113	* directly.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	114	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	115	public class KDC {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	116
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	117	// Under the hood.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	118
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	119	// The random generator to generate random keys (including session keys)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	120	private static SecureRandom secureRandom = new SecureRandom();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	121	// Principal db
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	122	private Map<String,char[]> passwords = new HashMap<String,char[]>();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	123	// Realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	124	private String realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	125	// The request/response job queue
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	126	private BlockingQueue<Job> q = new ArrayBlockingQueue<Job>(100);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	127	// Service port number
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	128	private int port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	129	// Options
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	130	private Map<Option,Object> options = new HashMap<Option,Object>();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	131
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	132	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	133	* Option names, to be expanded forever.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	134	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	135	public static enum Option {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	136	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	137	* Whether pre-authentication is required. Default Boolean.TRUE
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	138	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	139	PREAUTH_REQUIRED,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	140	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	141
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	142	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	143	* A standalone KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	144	* @param args
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	145	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	146	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	147	public static void main(String[] args) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	148	if (args.length > 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	149	if (args[0].equals("-help") \|\| args[0].equals("--help")) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	150	System.out.println("Usage:");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	151	System.out.println(" java " + KDC.class + " " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	152	"Start KDC on port 8888");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	153	return;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	154	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	155	}
1456 1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	156	String localhost = "localhost";
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	157	try {
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	158	localhost = InetAddress.getByName(localhost)
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	159	.getCanonicalHostName();
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	160	} catch (UnknownHostException uhe) {
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	161	; // Ignore, localhost is still "localhost"
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	162	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	163	KDC kdc = create("RABBIT.HOLE", 8888, false);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	164	kdc.addPrincipal("dummy", "bogus".toCharArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	165	kdc.addPrincipal("foo", "bar".toCharArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	166	kdc.addPrincipalRandKey("krbtgt/" + kdc.realm);
1456 1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	167	kdc.addPrincipalRandKey("server/" + localhost);
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	168	kdc.addPrincipalRandKey("backend/" + localhost);
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	169	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	170
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	171	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	172	* Creates and starts a KDC running as a daemon on a random port.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	173	* @param realm the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	174	* @return the running KDC instance
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	175	* @throws java.io.IOException for any socket creation error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	176	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	177	public static KDC create(String realm) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	178	return create(realm, 0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	179	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	180
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	181	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	182	* Creates and starts a KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	183	* @param realm the realm name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	184	* @param port the TCP and UDP port to listen to. A random port will to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	185	* chosen if zero.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	186	* @param asDaemon if true, KDC threads will be daemons. Otherwise, not.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	187	* @return the running KDC instance
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	188	* @throws java.io.IOException for any socket creation error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	189	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	190	public static KDC create(String realm, int port, boolean asDaemon) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	191	return new KDC(realm, port, asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	192	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	193
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	194	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	195	* Sets an option
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	196	* @param key the option name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	197	* @param obj the value
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	198	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	199	public void setOption(Option key, Object value) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	200	options.put(key, value);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	201	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	202
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	203	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	204	* Write all principals' keys into a keytab file. Note that the keys for
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	205	* the krbtgt principal for this realm will not be written.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	206	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	207	* Attention: This method references krb5.conf settings. If you need to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	208	* setup krb5.conf later, please call <code>Config.refresh()</code> after
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	209	* the new setting. For example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	210	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	211	* kdc.writeKtab("/etc/kdc/ktab"); // Config is initialized,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	212	* System.setProperty("java.security.krb5.conf", "/home/mykrb5.conf");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	213	* Config.refresh();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	214	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	215	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	216	* Inside this method there are 2 places krb5.conf is used:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	217	* <ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	218	* <li> (Fatal) Generating keys: EncryptionKey.acquireSecretKeys
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	219	* <li> (Has workaround) Creating PrincipalName
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	220	* </ol>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	221	* @param tab The keytab filename to write to.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	222	* @throws java.io.IOException for any file output error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	223	* @throws sun.security.krb5.KrbException for any realm and/or principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	224	* name error.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	225	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	226	public void writeKtab(String tab) throws IOException, KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	227	KeyTab ktab = KeyTab.create(tab);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	228	for (String name : passwords.keySet()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	229	if (name.equals("krbtgt/" + realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	230	continue;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	231	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	232	ktab.addEntry(new PrincipalName(name + "@" + realm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	233	name.indexOf('/') < 0 ?
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	234	PrincipalName.KRB_NT_UNKNOWN :
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	235	PrincipalName.KRB_NT_SRV_HST), passwords.get(name));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	236	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	237	ktab.save();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	238	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	239
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	240	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	241	* Adds a new principal to this realm with a given password.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	242	* @param user the principal's name. For a service principal, use the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	243	* form of host/f.q.d.n
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	244	* @param pass the password for the principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	245	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	246	public void addPrincipal(String user, char[] pass) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	247	passwords.put(user, pass);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	248	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	249
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	250	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	251	* Adds a new principal to this realm with a random password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	252	* @param user the principal's name. For a service principal, use the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	253	* form of host/f.q.d.n
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	254	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	255	public void addPrincipalRandKey(String user) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	256	passwords.put(user, randomPassword());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	257	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	258
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	259	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	260	* Returns the name of this realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	261	* @return the name of this realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	262	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	263	public String getRealm() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	264	return realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	265	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	266
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	267	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	268	* Writes a krb5.conf for one or more KDC that includes KDC locations for
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	269	* each realm and the default realm name. You can also add extra strings
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	270	* into the file. The method should be called like:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	271	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	272	* KDC.saveConfig("krb5.conf", kdc1, kdc2, ..., line1, line2, ...);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	273	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	274	* Here you can provide one or more kdc# and zero or more line# arguments.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	275	* The line# will be put after [libdefaults] and before [realms]. Therefore
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	276	* you can append new lines into [libdefaults] and/or create your new
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	277	* stanzas as well. Note that a newline character will be appended to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	278	* each line# argument.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	279	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	280	* For example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	281	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	282	* KDC.saveConfig("krb5.conf", this);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	283	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	284	* generates:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	285	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	286	* [libdefaults]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	287	* default_realm = REALM.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	288	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	289	* [realms]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	290	* REALM.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	291	* kdc = localhost:port_number
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	292	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	293	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	294	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	295	* Another example:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	296	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	297	* KDC.saveConfig("krb5.conf", kdc1, kdc2, "forwardable = true", "",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	298	* "[domain_realm]",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	299	* ".kdc1.com = KDC1.NAME");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	300	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	301	* generates:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	302	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	303	* [libdefaults]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	304	* default_realm = KDC1.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	305	* forwardable = true
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	306	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	307	* [domain_realm]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	308	* .kdc1.com = KDC1.NAME
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	309	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	310	* [realms]
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	311	* KDC1.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	312	* kdc = localhost:port1
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	313	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	314	* KDC2.NAME = {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	315	* kdc = localhost:port2
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	316	* }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	317	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	318	* @param file the name of the file to write into
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	319	* @param kdc the first (and default) KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	320	* @param more more KDCs or extra lines (in their appearing order) to
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	321	* insert into the krb5.conf file. This method reads each argument's type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	322	* to determine what it's for. This argument can be empty.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	323	* @throws java.io.IOException for any file output error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	324	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	325	public static void saveConfig(String file, KDC kdc, Object... more)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	326	throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	327	File f = new File(file);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	328	StringBuffer sb = new StringBuffer();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	329	sb.append("[libdefaults]\ndefault_realm = ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	330	sb.append(kdc.realm);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	331	sb.append("\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	332	for (Object o: more) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	333	if (o instanceof String) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	334	sb.append(o);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	335	sb.append("\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	336	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	337	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	338	sb.append("\n[realms]\n");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	339	sb.append(realmLineForKDC(kdc));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	340	for (Object o: more) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	341	if (o instanceof KDC) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	342	sb.append(realmLineForKDC((KDC)o));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	343	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	344	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	345	FileOutputStream fos = new FileOutputStream(f);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	346	fos.write(sb.toString().getBytes());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	347	fos.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	348	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	349
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	350	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	351	* Returns the service port of the KDC server.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	352	* @return the KDC service port
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	353	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	354	public int getPort() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	355	return port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	356	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	357
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	358	// Private helper methods
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	359
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	360	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	361	* Private constructor, cannot be called outside.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	362	* @param realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	363	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	364	private KDC(String realm) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	365	this.realm = realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	366	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	367
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	368	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	369	* A constructor that starts the KDC service also.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	370	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	371	protected KDC(String realm, int port, boolean asDaemon)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	372	throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	373	this(realm);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	374	startServer(port, asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	375	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	376	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	377	* Generates a 32-char random password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	378	* @return the password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	379	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	380	private static char[] randomPassword() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	381	char[] pass = new char[32];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	382	for (int i=0; i<32; i++)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	383	pass[i] = (char)secureRandom.nextInt();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	384	return pass;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	385	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	386
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	387	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	388	* Generates a random key for the given encryption type.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	389	* @param eType the encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	390	* @return the generated key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	391	* @throws sun.security.krb5.KrbException for unknown/unsupported etype
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	392	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	393	private static EncryptionKey generateRandomKey(int eType)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	394	throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	395	// Is 32 enough for AES256? I should have generated the keys directly
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	396	// but different cryptos have different rules on what keys are valid.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	397	char[] pass = randomPassword();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	398	String algo;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	399	switch (eType) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	400	case EncryptedData.ETYPE_DES_CBC_MD5: algo = "DES"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	401	case EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD: algo = "DESede"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	402	case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96: algo = "AES128"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	403	case EncryptedData.ETYPE_ARCFOUR_HMAC: algo = "ArcFourHMAC"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	404	case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: algo = "AES256"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	405	default: algo = "DES"; break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	406	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	407	return new EncryptionKey(pass, "NOTHING", algo); // Silly
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	408	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	409
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	410	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	411	* Returns the password for a given principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	412	* @param p principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	413	* @return the password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	414	* @throws sun.security.krb5.KrbException when the principal is not inside
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	415	* the database.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	416	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	417	private char[] getPassword(PrincipalName p) throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	418	char[] pass = passwords.get(p.getNameString());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	419	if (pass == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	420	throw new KrbException(Krb5.KDC_ERR_C_PRINCIPAL_UNKNOWN);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	421	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	422	return pass;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	423	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	424
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	425	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	426	* Returns the salt string for the principal. For normal users, the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	427	* concatenation for the realm name and the sections of the principal;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	428	* for krgtgt/A@B and krbtgt/B@A, always return AB (so that inter-realm
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	429	* principals have the same key).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	430	* @param p principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	431	* @return the salt
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	432	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	433	private String getSalt(PrincipalName p) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	434	String[] ns = p.getNameStrings();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	435	if (ns[0].equals("krbtgt") && ns.length > 1) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	436	// Shared cross-realm keys must be the same
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	437	if (ns[1].compareTo(realm) < 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	438	return ns[1] + realm;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	439	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	440	return realm + ns[1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	441	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	442	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	443	String s = getRealm();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	444	for (String n: p.getNameStrings()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	445	s += n;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	446	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	447	return s;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	448	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	449	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	450
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	451	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	452	* Returns the key for a given principal of the given encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	453	* @param p the principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	454	* @param etype the encryption type
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	455	* @return the key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	456	* @throws sun.security.krb5.KrbException for unknown/unsupported etype
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	457	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	458	private EncryptionKey keyForUser(PrincipalName p, int etype) throws KrbException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	459	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	460	// Do not call EncryptionKey.acquireSecretKeys(), otherwise
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	461	// the krb5.conf config file would be loaded.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	462	Method stringToKey = EncryptionKey.class.getDeclaredMethod("stringToKey", char[].class, String.class, byte[].class, Integer.TYPE);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	463	stringToKey.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	464	return new EncryptionKey((byte[]) stringToKey.invoke(null, getPassword(p), getSalt(p), null, etype), etype, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	465	} catch (InvocationTargetException ex) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	466	KrbException ke = (KrbException)ex.getCause();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	467	throw ke;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	468	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	469	throw new RuntimeException(e); // should not happen
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	470	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	471	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	472
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	473	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	474	* Processes an incoming request and generates a response.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	475	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	476	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	477	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	478	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	479	private byte[] processMessage(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	480	if ((in[0] & 0x1f) == Krb5.KRB_AS_REQ)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	481	return processAsReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	482	else
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	483	return processTgsReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	484	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	485
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	486	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	487	* Processes a TGS_REQ and generates a TGS_REP (or KRB_ERROR)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	488	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	489	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	490	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	491	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	492	private byte[] processTgsReq(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	493	TGSReq tgsReq = new TGSReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	494	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	495	System.out.println(realm + "> " + tgsReq.reqBody.cname +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	496	" sends TGS-REQ for " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	497	tgsReq.reqBody.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	498	KDCReqBody body = tgsReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	499	int etype = 0;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	500
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	501	// Reflection: PAData[] pas = tgsReq.pAData;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	502	Field f = KDCReq.class.getDeclaredField("pAData");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	503	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	504	PAData[] pas = (PAData[])f.get(tgsReq);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	505
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	506	Ticket tkt = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	507	EncTicketPart etp = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	508	if (pas == null \|\| pas.length == 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	509	throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	510	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	511	for (PAData pa: pas) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	512	if (pa.getType() == Krb5.PA_TGS_REQ) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	513	APReq apReq = new APReq(pa.getValue());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	514	EncryptedData ed = apReq.authenticator;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	515	tkt = apReq.ticket;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	516	etype = tkt.encPart.getEType();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	517	EncryptionKey kkey = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	518	if (!tkt.realm.toString().equals(realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	519	if (tkt.sname.getNameString().equals("krbtgt/" + realm)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	520	kkey = keyForUser(new PrincipalName("krbtgt/" + tkt.realm.toString(), realm), etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	521	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	522	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	523	kkey = keyForUser(tkt.sname, etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	524	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	525	byte[] bb = tkt.encPart.decrypt(kkey, KeyUsage.KU_TICKET);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	526	DerInputStream derIn = new DerInputStream(bb);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	527	DerValue der = derIn.getDerValue();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	528	etp = new EncTicketPart(der.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	529	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	530	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	531	if (tkt == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	532	throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	533	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	534	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	535	EncryptionKey skey = keyForUser(body.sname, etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	536	if (skey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	537	throw new KrbException(Krb5.KDC_ERR_SUMTYPE_NOSUPP); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	538	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	539
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	540	// Session key for original ticket, TGT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	541	EncryptionKey ckey = etp.key;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	542
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	543	// Session key for session with the service
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	544	EncryptionKey key = generateRandomKey(etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	545
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	546	// Check time, TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	547	KerberosTime till = body.till;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	548	if (till == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	549	throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	550	} else if (till.isZero()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	551	till = new KerberosTime(new Date().getTime() + 1000 * 3600 * 11);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	552	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	553
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	554	boolean[] bFlags = new boolean[Krb5.TKT_OPTS_MAX+1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	555	if (body.kdcOptions.get(KDCOptions.FORWARDABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	556	bFlags[Krb5.TKT_OPTS_FORWARDABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	557	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	558	if (body.kdcOptions.get(KDCOptions.FORWARDED) \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	559	etp.flags.get(Krb5.TKT_OPTS_FORWARDED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	560	bFlags[Krb5.TKT_OPTS_FORWARDED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	561	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	562	if (body.kdcOptions.get(KDCOptions.RENEWABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	563	bFlags[Krb5.TKT_OPTS_RENEWABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	564	//renew = new KerberosTime(new Date().getTime() + 1000 * 3600 * 24 * 7);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	565	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	566	if (body.kdcOptions.get(KDCOptions.PROXIABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	567	bFlags[Krb5.TKT_OPTS_PROXIABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	568	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	569	if (body.kdcOptions.get(KDCOptions.POSTDATED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	570	bFlags[Krb5.TKT_OPTS_POSTDATED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	571	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	572	if (body.kdcOptions.get(KDCOptions.ALLOW_POSTDATE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	573	bFlags[Krb5.TKT_OPTS_MAY_POSTDATE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	574	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	575	bFlags[Krb5.TKT_OPTS_INITIAL] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	576
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	577	TicketFlags tFlags = new TicketFlags(bFlags);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	578	EncTicketPart enc = new EncTicketPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	579	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	580	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	581	etp.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	582	etp.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	583	new TransitedEncoding(1, new byte[0]), // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	584	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	585	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	586	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	587	body.addresses,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	588	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	589	Ticket t = new Ticket(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	590	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	591	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	592	new EncryptedData(skey, enc.asn1Encode(), KeyUsage.KU_TICKET)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	593	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	594	EncTGSRepPart enc_part = new EncTGSRepPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	595	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	596	new LastReq(new LastReqEntry[]{
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	597	new LastReqEntry(0, new KerberosTime(new Date().getTime() - 10000))
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	598	}),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	599	body.getNonce(), // TODO: detect replay
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	600	new KerberosTime(new Date().getTime() + 1000 * 3600 * 24),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	601	// Next 5 and last MUST be same with ticket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	602	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	603	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	604	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	605	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	606	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	607	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	608	body.addresses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	609	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	610	EncryptedData edata = new EncryptedData(ckey, enc_part.asn1Encode(), KeyUsage.KU_ENC_TGS_REP_PART_SESSKEY);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	611	TGSRep tgsRep = new TGSRep(null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	612	etp.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	613	etp.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	614	t,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	615	edata);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	616	System.out.println(" Return " + tgsRep.cname
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	617	+ " ticket for " + tgsRep.ticket.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	618
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	619	DerOutputStream out = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	620	out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	621	true, (byte)Krb5.KRB_TGS_REP), tgsRep.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	622	return out.toByteArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	623	} catch (KrbException ke) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	624	ke.printStackTrace(System.out);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	625	KRBError kerr = ke.getError();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	626	KDCReqBody body = tgsReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	627	System.out.println(" Error " + ke.returnCode()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	628	+ " " +ke.returnCodeMessage());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	629	if (kerr == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	630	kerr = new KRBError(null, null, null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	631	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	632	0,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	633	ke.returnCode(),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	634	body.crealm, body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	635	new Realm(getRealm()), body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	636	KrbException.errorMessage(ke.returnCode()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	637	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	638	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	639	return kerr.asn1Encode();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	640	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	641	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	642
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	643	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	644	* Processes a AS_REQ and generates a AS_REP (or KRB_ERROR)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	645	* @param in the request
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	646	* @return the response
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	647	* @throws java.lang.Exception for various errors
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	648	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	649	private byte[] processAsReq(byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	650	ASReq asReq = new ASReq(in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	651	int[] eTypes = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	652	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	653	System.out.println(realm + "> " + asReq.reqBody.cname +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	654	" sends AS-REQ for " +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	655	asReq.reqBody.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	656
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	657	KDCReqBody body = asReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	658
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	659	// Reflection: int[] eType = body.eType;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	660	Field f = KDCReqBody.class.getDeclaredField("eType");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	661	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	662	eTypes = (int[])f.get(body);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	663	int eType = eTypes[0];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	664
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	665	EncryptionKey ckey = keyForUser(body.cname, eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	666	EncryptionKey skey = keyForUser(body.sname, eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	667	if (ckey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	668	throw new KrbException(Krb5.KDC_ERR_ETYPE_NOSUPP);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	669	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	670	if (skey == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	671	throw new KrbException(Krb5.KDC_ERR_SUMTYPE_NOSUPP); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	672	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	673
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	674	// Session key
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	675	EncryptionKey key = generateRandomKey(eType);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	676	// Check time, TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	677	KerberosTime till = body.till;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	678	if (till == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	679	throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	680	} else if (till.isZero()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	681	till = new KerberosTime(new Date().getTime() + 1000 * 3600 * 11);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	682	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	683	//body.from
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	684	boolean[] bFlags = new boolean[Krb5.TKT_OPTS_MAX+1];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	685	if (body.kdcOptions.get(KDCOptions.FORWARDABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	686	bFlags[Krb5.TKT_OPTS_FORWARDABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	687	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	688	if (body.kdcOptions.get(KDCOptions.RENEWABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	689	bFlags[Krb5.TKT_OPTS_RENEWABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	690	//renew = new KerberosTime(new Date().getTime() + 1000 * 3600 * 24 * 7);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	691	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	692	if (body.kdcOptions.get(KDCOptions.PROXIABLE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	693	bFlags[Krb5.TKT_OPTS_PROXIABLE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	694	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	695	if (body.kdcOptions.get(KDCOptions.POSTDATED)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	696	bFlags[Krb5.TKT_OPTS_POSTDATED] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	697	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	698	if (body.kdcOptions.get(KDCOptions.ALLOW_POSTDATE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	699	bFlags[Krb5.TKT_OPTS_MAY_POSTDATE] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	700	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	701	bFlags[Krb5.TKT_OPTS_INITIAL] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	702
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	703	f = KDCReq.class.getDeclaredField("pAData");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	704	f.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	705	PAData[] pas = (PAData[])f.get(asReq);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	706	if (pas == null \|\| pas.length == 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	707	Object preauth = options.get(Option.PREAUTH_REQUIRED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	708	if (preauth == null \|\| preauth.equals(Boolean.TRUE)) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	709	throw new KrbException(Krb5.KDC_ERR_PREAUTH_REQUIRED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	710	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	711	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	712	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	713	Constructor<EncryptedData> ctor = EncryptedData.class.getDeclaredConstructor(DerValue.class);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	714	ctor.setAccessible(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	715	EncryptedData data = ctor.newInstance(new DerValue(pas[0].getValue()));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	716	data.decrypt(ckey, KeyUsage.KU_PA_ENC_TS);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	717	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	718	throw new KrbException(Krb5.KDC_ERR_PREAUTH_FAILED);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	719	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	720	bFlags[Krb5.TKT_OPTS_PRE_AUTHENT] = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	721	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	722
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	723	TicketFlags tFlags = new TicketFlags(bFlags);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	724	EncTicketPart enc = new EncTicketPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	725	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	726	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	727	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	728	body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	729	new TransitedEncoding(1, new byte[0]),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	730	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	731	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	732	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	733	body.addresses,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	734	null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	735	Ticket t = new Ticket(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	736	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	737	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	738	new EncryptedData(skey, enc.asn1Encode(), KeyUsage.KU_TICKET)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	739	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	740	EncASRepPart enc_part = new EncASRepPart(
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	741	key,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	742	new LastReq(new LastReqEntry[]{
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	743	new LastReqEntry(0, new KerberosTime(new Date().getTime() - 10000))
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	744	}),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	745	body.getNonce(), // TODO: detect replay?
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	746	new KerberosTime(new Date().getTime() + 1000 * 3600 * 24),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	747	// Next 5 and last MUST be same with ticket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	748	tFlags,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	749	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	750	body.from,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	751	till, body.rtime,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	752	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	753	body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	754	body.addresses
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	755	);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	756	EncryptedData edata = new EncryptedData(ckey, enc_part.asn1Encode(), KeyUsage.KU_ENC_AS_REP_PART);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	757	ASRep asRep = new ASRep(null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	758	body.crealm,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	759	body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	760	t,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	761	edata);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	762
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	763	System.out.println(" Return " + asRep.cname
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	764	+ " ticket for " + asRep.ticket.sname);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	765
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	766	DerOutputStream out = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	767	out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	768	true, (byte)Krb5.KRB_AS_REP), asRep.asn1Encode());
1575 e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	769	byte[] result = out.toByteArray();
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	770
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	771	// Added feature:
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	772	// Write the current issuing TGT into a ccache file specified
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	773	// by the system property below.
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	774	String ccache = System.getProperty("test.kdc.save.ccache");
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	775	if (ccache != null) {
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	776	asRep.encKDCRepPart = enc_part;
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	777	sun.security.krb5.internal.ccache.Credentials credentials =
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	778	new sun.security.krb5.internal.ccache.Credentials(asRep);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	779	asReq.reqBody.cname.setRealm(getRealm());
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	780	CredentialsCache cache =
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	781	CredentialsCache.create(asReq.reqBody.cname, ccache);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	782	if (cache == null) {
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	783	throw new IOException("Unable to create the cache file " +
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	784	ccache);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	785	}
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	786	cache.update(credentials);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	787	cache.save();
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	788	new File(ccache).deleteOnExit();
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	789	}
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	790
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1456 diff changeset	791	return result;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	792	} catch (KrbException ke) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	793	ke.printStackTrace(System.out);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	794	KRBError kerr = ke.getError();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	795	KDCReqBody body = asReq.reqBody;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	796	System.out.println(" Error " + ke.returnCode()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	797	+ " " +ke.returnCodeMessage());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	798	byte[] eData = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	799	if (kerr == null) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	800	if (ke.returnCode() == Krb5.KDC_ERR_PREAUTH_REQUIRED \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	801	ke.returnCode() == Krb5.KDC_ERR_PREAUTH_FAILED) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	802	PAData pa;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	803
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	804	ETypeInfo2 ei2 = new ETypeInfo2(eTypes[0], null, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	805	DerOutputStream eid = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	806	eid.write(DerValue.tag_Sequence, ei2.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	807
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	808	pa = new PAData(Krb5.PA_ETYPE_INFO2, eid.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	809
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	810	DerOutputStream bytes = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	811	bytes.write(new PAData(Krb5.PA_ENC_TIMESTAMP, new byte[0]).asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	812	bytes.write(pa.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	813
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	814	boolean allOld = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	815	for (int i: eTypes) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	816	if (i == EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96 \|\|
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	817	i == EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	818	allOld = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	819	break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	820	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	821	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	822	if (allOld) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	823	ETypeInfo ei = new ETypeInfo(eTypes[0], null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	824	eid = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	825	eid.write(DerValue.tag_Sequence, ei.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	826	pa = new PAData(Krb5.PA_ETYPE_INFO, eid.toByteArray());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	827	bytes.write(pa.asn1Encode());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	828	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	829	DerOutputStream temp = new DerOutputStream();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	830	temp.write(DerValue.tag_Sequence, bytes);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	831	eData = temp.toByteArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	832	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	833	kerr = new KRBError(null, null, null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	834	new KerberosTime(new Date()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	835	0,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	836	ke.returnCode(),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	837	body.crealm, body.cname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	838	new Realm(getRealm()), body.sname,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	839	KrbException.errorMessage(ke.returnCode()),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	840	eData);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	841	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	842	return kerr.asn1Encode();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	843	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	844	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	845
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	846	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	847	* Generates a line for a KDC to put inside [realms] of krb5.conf
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	848	* @param kdc the KDC
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	849	* @return REALM.NAME = { kdc = localhost:port }
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	850	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	851	private static String realmLineForKDC(KDC kdc) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	852	return String.format(" %s = {\n kdc = localhost:%d\n }\n", kdc.realm, kdc.port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	853	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	854
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	855	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	856	* Start the KDC service. This server listens on both UDP and TCP using
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	857	* the same port number. It uses three threads to deal with requests.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	858	* They can be set to daemon threads if requested.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	859	* @param port the port number to listen to. If zero, a random available
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	860	* port no less than 8000 will be chosen and used.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	861	* @param asDaemon true if the KDC threads should be daemons
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	862	* @throws java.io.IOException for any communication error
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	863	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	864	protected void startServer(int port, boolean asDaemon) throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	865	DatagramSocket u1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	866	ServerSocket t1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	867	if (port > 0) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	868	u1 = new DatagramSocket(port, InetAddress.getByName("127.0.0.1"));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	869	t1 = new ServerSocket(port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	870	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	871	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	872	// Try to find a port number that's both TCP and UDP free
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	873	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	874	port = 8000 + new java.util.Random().nextInt(10000);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	875	u1 = null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	876	u1 = new DatagramSocket(port, InetAddress.getByName("127.0.0.1"));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	877	t1 = new ServerSocket(port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	878	break;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	879	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	880	if (u1 != null) u1.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	881	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	882	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	883	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	884	final DatagramSocket udp = u1;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	885	final ServerSocket tcp = t1;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	886	System.out.println("Start KDC on " + port);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	887
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	888	this.port = port;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	889
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	890	// The UDP consumer
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	891	Thread thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	892	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	893	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	894	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	895	byte[] inbuf = new byte[8192];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	896	DatagramPacket p = new DatagramPacket(inbuf, inbuf.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	897	udp.receive(p);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	898	System.out.println("-----------------------------------------------");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	899	System.out.println(">>>>> UDP packet received");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	900	q.put(new Job(processMessage(Arrays.copyOf(inbuf, p.getLength())), udp, p));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	901	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	902	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	903	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	904	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	905	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	906	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	907	thread.setDaemon(asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	908	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	909
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	910	// The TCP consumer
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	911	thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	912	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	913	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	914	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	915	Socket socket = tcp.accept();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	916	System.out.println("-----------------------------------------------");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	917	System.out.println(">>>>> TCP connection established");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	918	DataInputStream in = new DataInputStream(socket.getInputStream());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	919	DataOutputStream out = new DataOutputStream(socket.getOutputStream());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	920	byte[] token = new byte[in.readInt()];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	921	in.readFully(token);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	922	q.put(new Job(processMessage(token), socket, out));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	923	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	924	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	925	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	926	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	927	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	928	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	929	thread.setDaemon(asDaemon);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	930	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	931
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	932	// The dispatcher
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	933	thread = new Thread() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	934	public void run() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	935	while (true) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	936	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	937	q.take().send();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	938	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	939	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	940	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	941	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	942	};
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	943	thread.setDaemon(true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	944	thread.start();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	945	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	946
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	947	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	948	* Helper class to encapsulate a job in a KDC.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	949	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	950	private static class Job {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	951	byte[] token; // The received request at creation time and
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	952	// the response at send time
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	953	Socket s; // The TCP socket from where the request comes
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	954	DataOutputStream out; // The OutputStream of the TCP socket
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	955	DatagramSocket s2; // The UDP socket from where the request comes
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	956	DatagramPacket dp; // The incoming UDP datagram packet
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	957	boolean useTCP; // Whether TCP or UDP is used
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	958
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	959	// Creates a job object for TCP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	960	Job(byte[] token, Socket s, DataOutputStream out) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	961	useTCP = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	962	this.token = token;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	963	this.s = s;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	964	this.out = out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	965	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	966
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	967	// Creates a job object for UDP
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	968	Job(byte[] token, DatagramSocket s2, DatagramPacket dp) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	969	useTCP = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	970	this.token = token;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	971	this.s2 = s2;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	972	this.dp = dp;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	973	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	974
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	975	// Sends the output back to the client
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	976	void send() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	977	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	978	if (useTCP) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	979	System.out.println(">>>>> TCP request honored");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	980	out.writeInt(token.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	981	out.write(token);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	982	s.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	983	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	984	System.out.println(">>>>> UDP request honored");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	985	s2.send(new DatagramPacket(token, token.length, dp.getAddress(), dp.getPort()));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	986	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	987	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	988	e.printStackTrace();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	989	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	990	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	991	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	992	}

author	weijun
	Wed, 12 Nov 2008 16:01:06 +0800
changeset 1575	e0f1979051b5
parent 1456	1d3c6724de2f
child 2942	37d9baeb7518
permissions	-rw-r--r--