317 }
318 if (flags[11] == true) {
319 msg += " HW_AUTH;";
320 }
321 System.out.println(msg);
322 }
323 return flags;
324 }
325
326 /**
327 * Reads the next cred in stream.
328 * @return the next cred, null if ticket or second_ticket unparseable.
329 *
330 * Note: MIT krb5 1.8.1 might generate a config entry with server principal
331 * X-CACHECONF:/krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM. The
332 * entry is used by KDC to inform the client that it support certain
333 * features. Its ticket is not a valid krb5 ticket and thus this method
334 * returns null.
335 */
336 Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
337 PrincipalName cpname = readPrincipal(version);
338 if (DEBUG)
339 System.out.println(">>>DEBUG <CCacheInputStream> client principal is " + cpname);
340 PrincipalName spname = readPrincipal(version);
341 if (DEBUG)
342 System.out.println(">>>DEBUG <CCacheInputStream> server principal is " + spname);
343 EncryptionKey key = readKey(version);
344 if (DEBUG)
345 System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());
346 long times[] = readTimes();
347 KerberosTime authtime = new KerberosTime(times[0]);
348 KerberosTime starttime =
349 (times[1]==0) ? null : new KerberosTime(times[1]);
350 KerberosTime endtime = new KerberosTime(times[2]);
351 KerberosTime renewTill =
352 (times[3]==0) ? null : new KerberosTime(times[3]);
353
354 if (DEBUG) {
355 System.out.println(">>>DEBUG <CCacheInputStream> auth time: " + authtime.toDate().toString());
356 System.out.println(">>>DEBUG <CCacheInputStream> start time: " +
357 ((starttime==null)?"null":starttime.toDate().toString()));
358 System.out.println(">>>DEBUG <CCacheInputStream> end time: " + endtime.toDate().toString());
359 System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " +
360 ((renewTill==null)?"null":renewTill.toDate().toString()));
361 }
362 boolean skey = readskey();
363 boolean flags[] = readFlags();
364 TicketFlags tFlags = new TicketFlags(flags);
365 HostAddress addr[] = readAddr();
366 HostAddresses addrs = null;
367 if (addr != null) {
368 addrs = new HostAddresses(addr);
369 }
370 AuthorizationDataEntry[] auDataEntry = readAuth();
371 AuthorizationData auData = null;
372 if (auDataEntry != null) {
373 auData = new AuthorizationData(auDataEntry);
374 }
375 byte[] ticketData = readData();
376 byte[] ticketData2 = readData();
377
378 try {
379 return new Credentials(cpname, spname, key, authtime, starttime,
380 endtime, renewTill, skey, tFlags,
381 addrs, auData,
382 ticketData != null ? new Ticket(ticketData) : null,
383 ticketData2 != null ? new Ticket(ticketData2) : null);
384 } catch (Exception e) { // If any of new Ticket(*) fails.
385 return null;
386 }
387 }
388 }
|
317 }
318 if (flags[11] == true) {
319 msg += " HW_AUTH;";
320 }
321 System.out.println(msg);
322 }
323 return flags;
324 }
325
326 /**
327 * Reads the next cred in stream.
328 * @return the next cred, null if ticket or second_ticket unparseable.
329 *
330 * Note: MIT krb5 1.8.1 might generate a config entry with server principal
331 * X-CACHECONF:/krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM. The
332 * entry is used by KDC to inform the client that it support certain
333 * features. Its ticket is not a valid krb5 ticket and thus this method
334 * returns null.
335 */
336 Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
337 PrincipalName cpname = null;
338 try {
339 cpname = readPrincipal(version);
340 } catch (Exception e) {
341 // cpname is null
342 }
343 if (DEBUG) {
344 System.out.println(">>>DEBUG <CCacheInputStream> client principal is " + cpname);
345 }
346 PrincipalName spname = null;
347 try {
348 spname = readPrincipal(version);
349 } catch (Exception e) {
350 // spname is null
351 }
352 if (DEBUG) {
353 System.out.println(">>>DEBUG <CCacheInputStream> server principal is " + spname);
354 }
355 EncryptionKey key = readKey(version);
356 if (DEBUG) {
357 System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());
358 }
359 long times[] = readTimes();
360 KerberosTime authtime = new KerberosTime(times[0]);
361 KerberosTime starttime =
362 (times[1]==0) ? null : new KerberosTime(times[1]);
363 KerberosTime endtime = new KerberosTime(times[2]);
364 KerberosTime renewTill =
365 (times[3]==0) ? null : new KerberosTime(times[3]);
366
367 if (DEBUG) {
368 System.out.println(">>>DEBUG <CCacheInputStream> auth time: " + authtime.toDate().toString());
369 System.out.println(">>>DEBUG <CCacheInputStream> start time: " +
370 ((starttime==null)?"null":starttime.toDate().toString()));
371 System.out.println(">>>DEBUG <CCacheInputStream> end time: " + endtime.toDate().toString());
372 System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " +
373 ((renewTill==null)?"null":renewTill.toDate().toString()));
374 }
375 boolean skey = readskey();
376 boolean flags[] = readFlags();
377 TicketFlags tFlags = new TicketFlags(flags);
378 HostAddress addr[] = readAddr();
379 HostAddresses addrs = null;
380 if (addr != null) {
381 addrs = new HostAddresses(addr);
382 }
383 AuthorizationDataEntry[] auDataEntry = readAuth();
384 AuthorizationData auData = null;
385 if (auDataEntry != null) {
386 auData = new AuthorizationData(auDataEntry);
387 }
388 byte[] ticketData = readData();
389 byte[] ticketData2 = readData();
390
391 if (cpname == null || spname == null) {
392 return null;
393 }
394
395 try {
396 return new Credentials(cpname, spname, key, authtime, starttime,
397 endtime, renewTill, skey, tFlags,
398 addrs, auData,
399 ticketData != null ? new Ticket(ticketData) : null,
400 ticketData2 != null ? new Ticket(ticketData2) : null);
401 } catch (Exception e) { // If any of new Ticket(*) fails.
402 return null;
403 }
404 }
405 }
|