[jboss-cvs] JBossAS SVN: r76849 - in projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src: tests/java/org/jboss/security/negotiation/ntlm/encoding and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sat Aug 9 07:23:08 EDT 2008
Author: darran.lofthouse at jboss.com
Date: 2008-08-09 07:23:08 -0400 (Sat, 09 Aug 2008)
New Revision: 76849
Added:
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NTLMField.java
Removed:
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/Field.java
Modified:
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/FieldDecoder.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateFlags.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/tests/java/org/jboss/security/negotiation/ntlm/encoding/NegotiationMessageDecoderTest.java
Log:
[SECURITY-270] NTLM NegotiateMessage parsing.
Deleted: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/Field.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/Field.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/Field.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -1,64 +0,0 @@
-/*
- * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
- * by the @author tags or express copyright attribution statements applied by the
- * authors. All third-party contributions are distributed under license by Red Hat
- * Middleware LLC.
- *
- * This copyrighted material is made available to anyone wishing to use, modify, copy,
- * or redistribute it subject to the terms and conditions of the GNU Lesser General
- * Public License, v. 2.1. This program is distributed in the hope that it will be
- * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
- * more details. You should have received a copy of the GNU Lesser General Public License,
- * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-package org.jboss.security.negotiation.ntlm.encoding;
-
-/**
- * Representation of a field with a length, max length and offset.
- *
- * @author darran.lofthouse at jboss.com
- * @since 8th August 2008
- */
-public class Field
-{
-
- private int length;
-
- private int maxLength;
-
- private int offset;
-
- public int getLength()
- {
- return length;
- }
-
- public void setLength(int length)
- {
- this.length = length;
- }
-
- public int getMaxLength()
- {
- return maxLength;
- }
-
- public void setMaxLength(int maxLength)
- {
- this.maxLength = maxLength;
- }
-
- public int getOffset()
- {
- return offset;
- }
-
- public void setOffset(int offset)
- {
- this.offset = offset;
- }
-
-}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/FieldDecoder.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/FieldDecoder.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/FieldDecoder.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -29,9 +29,9 @@
{
public static final byte MSB_MASK = (byte) 0x80;
- static Field readFieldLengths(final InputStream is, final DecoderData data) throws IOException
+ static NTLMField readFieldLengths(final InputStream is, final DecoderData data) throws IOException
{
- Field field = new Field();
+ NTLMField field = new NTLMField();
byte[] len = new byte[2];
byte[] maxLen = new byte[2];
Copied: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NTLMField.java (from rev 76839, projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/Field.java)
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NTLMField.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NTLMField.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -0,0 +1,75 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation.ntlm.encoding;
+
+/**
+ * Representation of a field with a length, max length and offset.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 8th August 2008
+ */
+public class NTLMField
+{
+
+ private int length;
+
+ private int maxLength;
+
+ private int offset;
+
+ public int getLength()
+ {
+ return length;
+ }
+
+ public void setLength(int length)
+ {
+ this.length = length;
+ }
+
+ public int getMaxLength()
+ {
+ return maxLength;
+ }
+
+ public void setMaxLength(int maxLength)
+ {
+ this.maxLength = maxLength;
+ }
+
+ public int getOffset()
+ {
+ return offset;
+ }
+
+ public void setOffset(int offset)
+ {
+ this.offset = offset;
+ }
+
+ @Override
+ public String toString()
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("{length=").append(length).append("}");
+ sb.append("{maxLength=").append(maxLength).append("}");
+ sb.append("{offset=").append(offset).append("}");
+
+ return sb.toString();
+ }
+
+}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateFlags.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateFlags.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateFlags.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -16,6 +16,7 @@
package org.jboss.security.negotiation.ntlm.encoding;
+import java.lang.reflect.Field;
/**
* Representation of NTLM NegotiateFlags
@@ -307,9 +308,9 @@
{
StringBuffer sb = new StringBuffer();
- java.lang.reflect.Field[] fields = getClass().getDeclaredFields();
+ Field[] fields = getClass().getDeclaredFields();
- for (java.lang.reflect.Field current : fields)
+ for (Field current : fields)
{
if (current.getType().equals(boolean.class))
{
@@ -318,12 +319,12 @@
boolean value = current.getBoolean(this);
if (value == true)
{
- sb.append("{").append(current.getName()).append("}");
+ sb.append("(").append(current.getName()).append(")");
}
}
- catch (Exception e)
+ catch (Exception ignored)
{
- e.printStackTrace();
+ // Access should not be a problem.
}
}
}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -27,13 +27,13 @@
private NegotiateFlags negotiateFlags;
- private Field domainNameFields;
+ private NTLMField domainNameFields;
private String domainName;
private byte[] version;
- private Field workstationFields;
+ private NTLMField workstationFields;
private String workstationName;
@@ -57,12 +57,12 @@
this.version = version;
}
- public Field getDomainNameFields()
+ public NTLMField getDomainNameFields()
{
return domainNameFields;
}
- public void setDomainNameFields(Field domainNameFields)
+ public void setDomainNameFields(NTLMField domainNameFields)
{
this.domainNameFields = domainNameFields;
}
@@ -77,12 +77,12 @@
this.domainName = domainName;
}
- public Field getWorkstationFields()
+ public NTLMField getWorkstationFields()
{
return workstationFields;
}
- public void setWorkstationFields(Field workstationFields)
+ public void setWorkstationFields(NTLMField workstationFields)
{
this.workstationFields = workstationFields;
}
@@ -97,4 +97,17 @@
this.workstationName = workstationName;
}
+ @Override
+ public String toString()
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("{domainName=").append(domainName).append("}");
+ sb.append("{domainNameFields=").append(domainNameFields).append("}");
+ sb.append("{workstationName=").append(workstationName).append("}");
+ sb.append("{workstationNameFields=").append(workstationFields).append("}");
+ sb.append("{negotiateFlags=").append(negotiateFlags).append("}");
+
+ return sb.toString();
+ }
+
}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -21,7 +21,6 @@
import java.io.InputStream;
import java.util.Arrays;
-import org.jboss.security.negotiation.common.DebugHelper;
import org.jboss.security.negotiation.ntlm.Constants;
/**
@@ -78,18 +77,76 @@
data.message.setVersion(version);
}
- public static NegotiateMessage decode(final byte[] token) throws IOException
+ private static String readPayloadValue(final InputStream is, final DecoderData data, final NTLMField field)
+ throws IOException
{
- System.out.println(DebugHelper.convertToHex(token));
- System.out.println("Token - ");
- for (byte current : token)
+ byte[] dataRead = new byte[field.getLength()];
+
+ int offset = field.getOffset();
+ int bytesRead = data.read;
+
+ if (bytesRead < offset)
{
- if (current == 0)
+ int toSkip = offset - bytesRead;
+ is.skip(toSkip);
+ data.read += toSkip;
+ }
+ else if (bytesRead > offset)
+ {
+ throw new IllegalStateException("Read beyond offset.");
+ }
+
+ is.read(dataRead);
+ data.read += dataRead.length;
+
+ return new String(dataRead);
+ }
+
+ private static void readPayload(final InputStream is, final DecoderData data) throws IOException
+ {
+ NegotiateMessage message = data.message;
+ NTLMField domainFields = message.getDomainNameFields();
+ NTLMField workstationFields = message.getWorkstationFields();
+
+ boolean readDomainName = (domainFields.getLength() > 0);
+ boolean readWSName = (workstationFields.getLength() > 0);
+
+ String domainName = "";
+ String workstationName = "";
+
+ if (readWSName && readDomainName)
+ {
+ // If both are required we need to check the ordering.
+ int wsOffset = workstationFields.getOffset();
+ int domainOffset = domainFields.getOffset();
+
+ if (wsOffset < domainOffset)
{
- continue;
+ workstationName = readPayloadValue(is, data, workstationFields);
+ domainName = readPayloadValue(is, data, domainFields);
}
- System.out.print("'" + (char) current + "', ");
+ else
+ {
+ domainName = readPayloadValue(is, data, domainFields);
+ workstationName = readPayloadValue(is, data, workstationFields);
+ }
+
+ message.setDomainName(domainName);
+ message.setWorkstationName(workstationName);
}
+ else if (readWSName)
+ {
+ workstationName = readPayloadValue(is, data, workstationFields);
+ }
+ else if (readDomainName)
+ {
+ domainName = readPayloadValue(is, data, domainFields);
+ }
+
+ }
+
+ public static NegotiateMessage decode(final byte[] token) throws IOException
+ {
DecoderData data = new DecoderData();
ByteArrayInputStream bais = new ByteArrayInputStream(token);
@@ -99,11 +156,8 @@
data.message.setDomainNameFields(FieldDecoder.readFieldLengths(bais, data));
data.message.setWorkstationFields(FieldDecoder.readFieldLengths(bais, data));
readVersion(bais, data);
+ readPayload(bais, data);
-
- System.out.println("\n" + data.message.getNegotiateFlags());
- System.out.println(data.read);
- System.out.println(bais.available());
return data.message;
}
}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/tests/java/org/jboss/security/negotiation/ntlm/encoding/NegotiationMessageDecoderTest.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/tests/java/org/jboss/security/negotiation/ntlm/encoding/NegotiationMessageDecoderTest.java 2008-08-09 10:55:15 UTC (rev 76848)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/tests/java/org/jboss/security/negotiation/ntlm/encoding/NegotiationMessageDecoderTest.java 2008-08-09 11:23:08 UTC (rev 76849)
@@ -41,6 +41,11 @@
byte[] requestMessage = Base64.decode(message);
NegotiateMessage negMessage = NegotiateMessageDecoder.decode(requestMessage);
+
+ assertEquals("Domain", "domain", negMessage.getDomainName());
+ assertEquals("Name", "KERBEROS", negMessage.getWorkstationName());
+
+ System.out.println(negMessage);
}
}
More information about the jboss-cvs-commits
mailing list