From 22094368c2865dcfb6daf8366425212b721a4657 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Thu, 05 Feb 2009 17:42:14 +0000
Subject: [PATCH] Merge ASN1 branch to trunk

---
 opends/src/server/org/opends/server/extensions/SASLContext.java |   51 ++++++++++++++++++++++++---------------------------
 1 files changed, 24 insertions(+), 27 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/SASLContext.java b/opends/src/server/org/opends/server/extensions/SASLContext.java
index c4ba120..2c22972 100644
--- a/opends/src/server/org/opends/server/extensions/SASLContext.java
+++ b/opends/src/server/org/opends/server/extensions/SASLContext.java
@@ -52,7 +52,6 @@
 import org.opends.server.core.BindOperation;
 import org.opends.server.core.DirectoryServer;
 import org.opends.server.core.PasswordPolicyState;
-import org.opends.server.protocols.asn1.ASN1OctetString;
 import org.opends.server.protocols.internal.InternalClientConnection;
 import org.opends.server.protocols.ldap.LDAPClientConnection;
 import org.opends.server.types.*;
@@ -292,9 +291,16 @@
      *
      * @throws SaslException If the SASL server cannot evaluate the byte array.
      */
-    private byte[] evaluateResponse(byte[] bytes) throws SaslException {
-          return saslServer.evaluateResponse(bytes);
+    private ByteString evaluateResponse(ByteString response)
+      throws SaslException
+    {
+      if (response == null)
+      {
+        response = ByteString.empty();
       }
+      return ByteString.wrap(saslServer.evaluateResponse(
+          response.toByteArray()));
+    }
 
 
     /**
@@ -752,17 +758,11 @@
                return false;
            }
        }
-       byte[] clientCredBytes = new byte[0];
-       ASN1OctetString clientCredentials = bindOp.getSASLCredentials();
-       if(clientCredentials != null) {
-           clientCredBytes = clientCredentials.value();
-       }
+
+       ByteString clientCredentials = bindOp.getSASLCredentials();
        clientConn.setSASLAuthStateInfo(null);
        try {
-           byte[] responseBytes =
-               evaluateResponse(clientCredBytes);
-           ASN1OctetString responseAuthStr =
-               new ASN1OctetString(responseBytes);
+           ByteString responseAuthStr = evaluateResponse(clientCredentials);
            //If the bind has not been completed,then
            //more handshake is needed and SASL_BIND_IN_PROGRESS is returned back
            //to the client.
@@ -779,11 +779,12 @@
                //connection. If confidentiality/integrity has not been
                //negotiated, dispose of the SASL server.
                if(isConfidentialIntegrity()) {
-                   SASLSecurityProvider secProvider =
-                       new SASLSecurityProvider(clientConn, mechanism, this);
+                   SASLByteChannel saslByteChannel =
+                        SASLByteChannel.getSASLByteChannel(clientConn,
+                                                           mechanism, this);
                    LDAPClientConnection ldapConn =
                        (LDAPClientConnection) clientConn;
-                       ldapConn.setSASLConnectionSecurityProvider(secProvider);
+                       ldapConn.setSASLPendingProvider(saslByteChannel);
                } else {
                    dispose();
                    clientConn.setSASLAuthStateInfo(null);
@@ -842,8 +843,7 @@
        this.bindOp = bindOp;
        ClientConnection clientConn = bindOp.getClientConnection();
        try {
-           byte[] challengeBuffer = evaluateResponse(new byte[0]);
-           ASN1OctetString challenge = new ASN1OctetString(challengeBuffer);
+           ByteString challenge = evaluateResponse(ByteString.empty());
            bindOp.setResultCode(ResultCode.SASL_BIND_IN_PROGRESS);
            bindOp.setServerSASLCredentials(challenge);
            clientConn.setSASLAuthStateInfo(this);
@@ -866,9 +866,9 @@
    void
    evaluateFinalStage(BindOperation bindOp) {
       this.bindOp = bindOp;
-       ASN1OctetString clientCredentials = bindOp.getSASLCredentials();
+       ByteString clientCredentials = bindOp.getSASLCredentials();
        if ((clientCredentials == null) ||
-               (clientCredentials.value().length == 0)) {
+               (clientCredentials.length() == 0)) {
            Message msg =
                ERR_SASL_NO_CREDENTIALS.get(mechanism, mechanism);
            handleError(msg);
@@ -877,10 +877,7 @@
        ClientConnection clientConn = bindOp.getClientConnection();
        clientConn.setSASLAuthStateInfo(null);
        try {
-           byte[] responseBytes =
-                        evaluateResponse(clientCredentials.value());
-           ASN1OctetString responseAuthStr =
-               new ASN1OctetString(responseBytes);
+           ByteString responseAuthStr = evaluateResponse(clientCredentials);
            bindOp.setResultCode(ResultCode.SUCCESS);
            bindOp.setServerSASLCredentials(responseAuthStr);
            bindOp.setSASLAuthUserEntry(authEntry);
@@ -893,11 +890,11 @@
            //SASL security provider and save it in the client connection for
            //use in later processing.
            if(isConfidentialIntegrity()) {
-               SASLSecurityProvider secProvider =
-                   new SASLSecurityProvider(clientConn, mechanism, this);
+               SASLByteChannel saslByteChannel =
+                SASLByteChannel.getSASLByteChannel(clientConn, mechanism, this);
                LDAPClientConnection ldapConn =
                    (LDAPClientConnection) clientConn;
-               ldapConn.setSASLConnectionSecurityProvider(secProvider);
+               ldapConn.setSASLPendingProvider(saslByteChannel);
            } else {
                dispose();
                clientConn.setSASLAuthStateInfo(null);
@@ -911,4 +908,4 @@
            handleError(msg);
        }
    }
-}
\ No newline at end of file
+}

--
Gitblit v1.10.0