001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.shared.kerberos.codec.principalName.actions; 021 022 023import org.apache.directory.api.asn1.DecoderException; 024import org.apache.directory.api.asn1.ber.grammar.GrammarAction; 025import org.apache.directory.api.asn1.ber.tlv.BerValue; 026import org.apache.directory.api.asn1.ber.tlv.TLV; 027import org.apache.directory.api.util.Strings; 028import org.apache.directory.server.i18n.I18n; 029import org.apache.directory.shared.kerberos.KerberosUtils; 030import org.apache.directory.shared.kerberos.codec.principalName.PrincipalNameContainer; 031import org.apache.directory.shared.kerberos.components.PrincipalName; 032import org.slf4j.Logger; 033import org.slf4j.LoggerFactory; 034 035 036/** 037 * The action used to store the PrincipalName string 038 * 039 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 040 */ 041public class StoreNameString extends GrammarAction<PrincipalNameContainer> 042{ 043 /** The logger */ 044 private static final Logger LOG = LoggerFactory.getLogger( StoreNameString.class ); 045 046 /** Speedup for logs */ 047 private static final boolean IS_DEBUG = LOG.isDebugEnabled(); 048 049 /** A flag used to allow UTF-8 chars in the name. THanks Microsoft for, once again, blowing a specification */ 050 private static boolean ALLOW_UTF8_NAMES = false; 051 052 static 053 { 054 String allowUTF8Names = System.getProperty( "sun.security.krb5.msinterop.kstring" ); 055 056 if ( "true".equalsIgnoreCase( Strings.trim( allowUTF8Names ) ) ) 057 { 058 ALLOW_UTF8_NAMES = true; 059 } 060 } 061 062 /** 063 * Instantiates a new PrincipalNameInit action. 064 */ 065 public StoreNameString() 066 { 067 super( "Store the PrincipalName string" ); 068 } 069 070 071 /** 072 * {@inheritDoc} 073 */ 074 public void action( PrincipalNameContainer principalNameContainer ) throws DecoderException 075 { 076 TLV tlv = principalNameContainer.getCurrentTLV(); 077 078 // The Length should not be null 079 if ( tlv.getLength() == 0 ) 080 { 081 LOG.error( I18n.err( I18n.ERR_744_NULL_PDU_LENGTH ) ); 082 083 // This will generate a PROTOCOL_ERROR 084 throw new DecoderException( I18n.err( I18n.ERR_744_NULL_PDU_LENGTH ) ); 085 } 086 087 // Get the principalName 088 PrincipalName principalName = principalNameContainer.getPrincipalName(); 089 090 BerValue value = tlv.getValue(); 091 092 // The PrincipalName must be pure ASCII without any control character. We accept UTF-8 if the 093 // ALLOW-UTF8-NAMES flag is set, for the sake of being nice to Microsoft. 094 if ( ALLOW_UTF8_NAMES || KerberosUtils.isKerberosString( value.getData() ) ) 095 { 096 String nameString = Strings.utf8ToString( value.getData() ); 097 098 principalName.addName( nameString ); 099 principalNameContainer.setGrammarEndAllowed( true ); 100 101 if ( IS_DEBUG ) 102 { 103 LOG.debug( "PrincipalName String : {}", nameString ); 104 } 105 } 106 else 107 { 108 String valBytes = Strings.dumpBytes( value.getData() ); 109 String valStr = Strings.utf8ToString( value.getData() ); 110 String valAll = valBytes + "/" + valStr; 111 LOG.error( I18n.err( I18n.ERR_745_NOT_A_KERBEROS_STRING, valAll ) ); 112 113 // This will generate a PROTOCOL_ERROR 114 throw new DecoderException( I18n.err( I18n.ERR_745_NOT_A_KERBEROS_STRING, valAll ) ); 115 } 116 } 117}