\r
namespace Novell.Directory.Ldap.Security\r
{\r
- internal class Krb5Helper\r
+ internal class Krb5Helper : IDisposable\r
{\r
enum QOP {\r
NO_PROTECTION = 1,
\r
private readonly GSSContext _context;\r
\r
- private readonly string _name;\r
- private readonly Subject _subject;\r
- private readonly string _mech;\r
-\r
#endregion // Fields\r
\r
#region Constructors\r
\r
- public Krb5Helper(string name, Subject subject, AuthenticationTypes authenticationTypes, string mech)\r
+ public Krb5Helper(string name, string clientName, Subject subject, AuthenticationTypes authenticationTypes, string mech)\r
{\r
- _name = name;\r
- _subject = subject;\r
- _mech = mech;\r
-\r
_encryption = (authenticationTypes & AuthenticationTypes.Sealing) != 0;\r
_signing = (authenticationTypes & AuthenticationTypes.Signing) != 0;\r
_delegation = (authenticationTypes & AuthenticationTypes.Delegation) != 0;\r
\r
- CreateContextPrivilegedAction action = new CreateContextPrivilegedAction (_name,_mech,_encryption,_signing,_delegation);\r
- _context = (GSSContext) Subject.doAs (_subject,action);\r
+ CreateContextPrivilegedAction action = new CreateContextPrivilegedAction (name, clientName, mech,_encryption,_signing,_delegation);\r
+ try {\r
+ _context = (GSSContext) Subject.doAs (subject,action);\r
+ }\r
+ catch (PrivilegedActionException e) {\r
+ throw new LdapException ("Problem performing token exchange with the server",LdapException.OTHER,"",e.getCause()); \r
+ }\r
}\r
\r
#endregion // Constructors\r
return TypeUtils.ToSByteArray (gssOutToken);\r
}\r
\r
- sbyte [] token;\r
- try {\r
- ExchangeTokenPrivilegedAction action = new ExchangeTokenPrivilegedAction (Context, clientToken);
- token = (sbyte []) Subject.doAs (_subject, action);\r
- } \r
- catch (PrivilegedActionException e) {\r
- throw new LdapException ("Problem performing token exchange with the server",LdapException.OTHER,"",e); \r
- }\r
+ sbyte [] token = Context.initSecContext (clientToken, 0, clientToken.Length);\r
\r
if (Context.isEstablished ()) {\r
\r
return buff;\r
}\r
\r
- try {\r
- WrapPrivilegedAction action = new WrapPrivilegedAction (Context, outgoing, start, len, messageProp);\r
- return (byte []) Subject.doAs (_subject, action); \r
- } \r
- catch (PrivilegedActionException e) {\r
- throw new LdapException ("Problem performing GSS wrap",LdapException.OTHER,"",e); \r
- }\r
+ sbyte [] result = Context.wrap (TypeUtils.ToSByteArray (outgoing), start, len, messageProp);\r
+ return (byte []) TypeUtils.ToByteArray (result);\r
}\r
\r
public byte [] Unwrap(byte [] incoming, int start, int len) \r
return buff;\r
}\r
\r
- try {\r
- UnwrapPrivilegedAction action = new UnwrapPrivilegedAction (Context, incoming, start, len, messageProp);\r
- return (byte []) Subject.doAs (_subject, action);\r
- } \r
- catch (PrivilegedActionException e) {\r
- throw new LdapException("Problems unwrapping SASL buffer",LdapException.OTHER,"",e);\r
- }\r
+ sbyte [] result = Context.unwrap (TypeUtils.ToSByteArray (incoming), start, len, messageProp);\r
+ return (byte []) TypeUtils.ToByteArray (result);\r
}\r
\r
#endregion // Methods\r
+\r
+ #region IDisposable Members\r
+\r
+ public void Dispose() {\r
+ Context.dispose();\r
+ }\r
+\r
+ #endregion\r
}\r
}\r