directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] directory-kerby git commit: Removing Ticket stuff from GssAcceptCred
Date Thu, 03 Aug 2017 14:36:06 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/trunk ea45cc80f -> 337af9b72


Removing Ticket stuff from GssAcceptCred


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/daa1771c
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/daa1771c
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/daa1771c

Branch: refs/heads/trunk
Commit: daa1771cd75280fab567941c96c6f0fb5911c072
Parents: ea45cc8
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Aug 3 14:50:39 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Aug 3 14:50:39 2017 +0100

----------------------------------------------------------------------
 .../kerberos/kerb/gss/impl/GssAcceptCred.java   | 29 +++-----------------
 .../kerberos/kerb/gss/impl/GssContext.java      |  4 ---
 2 files changed, 4 insertions(+), 29 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/daa1771c/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssAcceptCred.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssAcceptCred.java
b/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssAcceptCred.java
index 7a361fc..d92af63 100644
--- a/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssAcceptCred.java
+++ b/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssAcceptCred.java
@@ -20,7 +20,6 @@
 package org.apache.kerby.kerberos.kerb.gss.impl;
 
 
-import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -28,14 +27,12 @@ import sun.security.jgss.GSSCaller;
 
 import javax.security.auth.kerberos.KerberosKey;
 import javax.security.auth.kerberos.KerberosPrincipal;
-import javax.security.auth.kerberos.KerberosTicket;
 import javax.security.auth.kerberos.KeyTab;
 import java.util.Set;
 
 public final class GssAcceptCred extends GssCredElement {
 
     private final KeyTab keyTab;
-    private final KerberosTicket ticket;
     private final Set<KerberosKey> kerberosKeySet;
 
     public static GssAcceptCred getInstance(final GSSCaller caller,
@@ -43,20 +40,17 @@ public final class GssAcceptCred extends GssCredElement {
 
         // Try to get a keytab first
         KeyTab keyTab = getKeyTab(name);
-        KerberosTicket ticket = null;
         Set<KerberosKey> kerberosKeySet = null;
         if (keyTab == null) {
-            // Otherwise try to get a kerberos ticket
+            // Otherwise try to get a kerberos key
             if (name == null) {
-                ticket = CredUtils.getKerberosTicketFromContext(caller, null, null);
                 kerberosKeySet = CredUtils.getKerberosKeysFromContext(caller, null, null);
             } else {
-                ticket = CredUtils.getKerberosTicketFromContext(caller, name.getPrincipalName().getName(),
null);
                 kerberosKeySet = CredUtils.getKerberosKeysFromContext(caller, name.getPrincipalName().getName(),
null);
             }
         }
 
-        if (keyTab == null && ticket == null && kerberosKeySet == null) {
+        if (keyTab == null && kerberosKeySet == null) {
             String error = "Failed to find any Kerberos credential";
             if (name != null) {
                 error +=  " for " + name.getPrincipalName().getName();
@@ -68,9 +62,6 @@ public final class GssAcceptCred extends GssCredElement {
             if (keyTab != null) {
                 name = GssNameElement.getInstance(keyTab.getPrincipal().getName(),
                     GSSName.NT_HOSTBASED_SERVICE);
-            } else if (ticket != null) {
-                name = GssNameElement.getInstance(ticket.getClient().getName(),
-                    GSSName.NT_HOSTBASED_SERVICE);
             } else if (kerberosKeySet != null) {
                 name = GssNameElement.getInstance(
                     kerberosKeySet.iterator().next().getPrincipal().getName(),
@@ -78,7 +69,7 @@ public final class GssAcceptCred extends GssCredElement {
             }
         }
 
-        return new GssAcceptCred(caller, name, keyTab, ticket, lifeTime, kerberosKeySet);
+        return new GssAcceptCred(caller, name, keyTab, lifeTime, kerberosKeySet);
     }
 
     private static KeyTab getKeyTab(GssNameElement name) throws GSSException {
@@ -92,10 +83,9 @@ public final class GssAcceptCred extends GssCredElement {
     }
 
     private GssAcceptCred(GSSCaller caller, GssNameElement name, KeyTab keyTab,
-                          KerberosTicket ticket, int lifeTime, Set<KerberosKey> kerberosKeySet)
{
+                          int lifeTime, Set<KerberosKey> kerberosKeySet) {
         super(caller, name);
         this.keyTab = keyTab;
-        this.ticket = ticket;
         this.accLifeTime = lifeTime;
         this.kerberosKeySet = kerberosKeySet;
     }
@@ -112,10 +102,6 @@ public final class GssAcceptCred extends GssCredElement {
         return this.keyTab;
     }
 
-    public KerberosTicket getKerberosTicket() {
-        return ticket;
-    }
-
     public KerberosKey[] getKeys() {
         KerberosPrincipal princ = new KerberosPrincipal(name.getPrincipalName().getName(),
             name.getPrincipalName().getNameType().getValue());
@@ -126,13 +112,6 @@ public final class GssAcceptCred extends GssCredElement {
         return null;
     }
 
-    public EncryptionKey getKeyFromTicket() {
-        if (ticket != null) {
-            return new EncryptionKey(ticket.getSessionKeyType(), ticket.getSessionKey().getEncoded());
-        }
-        return null;
-    }
-
     public KerberosKey[] getKerberosKeys() {
         if (kerberosKeySet != null) {
             return kerberosKeySet.toArray(new KerberosKey[kerberosKeySet.size()]);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/daa1771c/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssContext.java
b/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssContext.java
index 92e67d4..52abfc3 100644
--- a/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssContext.java
+++ b/kerby-kerb/kerb-gssapi/src/main/java/org/apache/kerby/kerberos/kerb/gss/impl/GssContext.java
@@ -438,10 +438,6 @@ public class GssContext implements GSSContextSpi {
         EncryptionKey serverKey = GssUtil.getEncryptionKey(acceptCred.getKerberosKeys(),
encryptType, kvno);
 
         if (serverKey == null) {
-            // Get server key from ticket
-            serverKey = acceptCred.getKeyFromTicket();
-        }
-        if (serverKey == null) {
             // Otherwise get it from the keytab
             serverKey = GssUtil.getEncryptionKey(acceptCred.getKeys(), encryptType, kvno);
         }


Mime
View raw message