diff options
Diffstat (limited to 'gnu/javax/crypto/sasl/SaslInputStream.java')
-rw-r--r-- | gnu/javax/crypto/sasl/SaslInputStream.java | 316 |
1 files changed, 125 insertions, 191 deletions
diff --git a/gnu/javax/crypto/sasl/SaslInputStream.java b/gnu/javax/crypto/sasl/SaslInputStream.java index 57eb2b5c5..d127bf5ba 100644 --- a/gnu/javax/crypto/sasl/SaslInputStream.java +++ b/gnu/javax/crypto/sasl/SaslInputStream.java @@ -38,12 +38,13 @@ exception statement from your version. */ package gnu.javax.crypto.sasl; +import gnu.java.security.Configuration; import gnu.java.security.util.Util; +import java.io.IOException; import java.io.InputStream; import java.io.InterruptedIOException; -import java.io.IOException; -import java.io.PrintWriter; +import java.util.logging.Logger; import javax.security.sasl.Sasl; import javax.security.sasl.SaslClient; @@ -53,55 +54,24 @@ import javax.security.sasl.SaslServer; * An input stream that uses either a {@link SaslClient} or a {@link SaslServer} * to process the data through these entities' security layer filter(s). */ -public class SaslInputStream extends InputStream +public class SaslInputStream + extends InputStream { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "SaslOutputStream"; - - private static final String ERROR = "ERROR"; - - private static final String WARN = " WARN"; - - // private static final String INFO = " INFO"; - private static final String TRACE = "DEBUG"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 3; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String level, Object obj) - { - err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(SaslInputStream.class.getName()); private SaslClient client; - private SaslServer server; - private int maxRawSendSize; - private InputStream source; - private byte[] internalBuf; - // Constructor(s) - // ------------------------------------------------------------------------- - public SaslInputStream(SaslClient client, InputStream source) throws IOException { super(); this.client = client; - maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); server = null; this.source = source; } @@ -112,19 +82,12 @@ public class SaslInputStream extends InputStream super(); this.server = server; - maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); client = null; this.source = source; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // Overloaded java.io.InputStream methods ---------------------------------- - public int available() throws IOException { return (internalBuf == null) ? 0 : internalBuf.length; @@ -136,25 +99,25 @@ public class SaslInputStream extends InputStream } /** - * <p>Reads the next byte of data from the input stream. The value byte is + * Reads the next byte of data from the input stream. The value byte is * returned as an <code>int</code> in the range <code>0</code> to * <code>255</code>. If no byte is available because the end of the stream * has been reached, the value <code>-1</code> is returned. This method - * blocks until input data is available, the end of the stream is detected, - * or an exception is thrown.</p> - * - * <p>From a SASL mechanism provider's perspective, if a security layer has - * been negotiated, the underlying <i>source</i> is expected to contain SASL + * blocks until input data is available, the end of the stream is detected, or + * an exception is thrown. + * <p> + * From a SASL mechanism provider's perspective, if a security layer has been + * negotiated, the underlying <i>source</i> is expected to contain SASL * buffers, as defined in RFC 2222. Four octets in network byte order in the * front of each buffer identify the length of the buffer. The provider is * responsible for performing any integrity checking or other processing on * the buffer before returning the data as a stream of octets. For example, * the protocol driver's request for a single octet from the stream might; * i.e. an invocation of this method, may result in an entire SASL buffer - * being read and processed before that single octet can be returned.</p> - * - * @return the next byte of data, or <code>-1</code> if the end of the stream - * is reached. + * being read and processed before that single octet can be returned. + * + * @return the next byte of data, or <code>-1</code> if the end of the + * stream is reached. * @throws IOException if an I/O error occurs. */ public int read() throws IOException @@ -168,7 +131,6 @@ public class SaslInputStream extends InputStream else { byte[] tmp = new byte[internalBuf.length - 1]; - // System.arraycopy(internalBuf, 0, tmp, 0, tmp.length); System.arraycopy(internalBuf, 1, tmp, 0, tmp.length); internalBuf = tmp; } @@ -179,94 +141,83 @@ public class SaslInputStream extends InputStream int check = read(buf); result = (check > 0) ? (buf[0] & 0xFF) : -1; } - return result; } /** - * <p>Reads up to <code>len</code> bytes of data from the underlying - * <i>source</i> input stream into an array of bytes. An attempt is made to - * read as many as <code>len</code> bytes, but a smaller number may be read, - * possibly zero. The number of bytes actually read is returned as an - * integer.</p> - * - * <p>This method blocks until input data is available, end of file is - * detected, or an exception is thrown.</p> - * - * <p>If <code>b</code> is <code>null</code>, a {@link NullPointerException} is - * thrown.</p> - * - * <p>If <code>off</code> is negative, or <code>len</code> is negative, or - * <code>off+len</code> is greater than the length of the array <code>b</code>, - * then an {@link IndexOutOfBoundsException} is thrown.</p> - * - * <p>If <code>len</code> is zero, then no bytes are read and <code>0</code> + * Reads up to <code>len</code> bytes of data from the underlying <i>source</i> + * input stream into an array of bytes. An attempt is made to read as many as + * <code>len</code> bytes, but a smaller number may be read, possibly zero. + * The number of bytes actually read is returned as an integer. + * <p> + * This method blocks until input data is available, end of file is detected, + * or an exception is thrown. + * <p> + * If <code>b</code> is <code>null</code>, a {@link NullPointerException} + * is thrown. + * <p> + * If <code>off</code> is negative, or <code>len</code> is negative, or + * <code>off+len</code> is greater than the length of the array + * <code>b</code>, then an {@link IndexOutOfBoundsException} is thrown. + * <p> + * If <code>len</code> is zero, then no bytes are read and <code>0</code> * is returned; otherwise, there is an attempt to read at least one byte. If * no byte is available because the stream is at end of file, the value * <code>-1</code> is returned; otherwise, at least one byte is read and - * stored into <code>b</code>.</p> - * - * <p>The first byte read is stored into element <code>b[off]</code>, the - * next one into <code>b[off+1]</code>, and so on. The number of bytes read - * is, at most, equal to <code>len</code>. Let <code>k</code> be the number + * stored into <code>b</code>. + * <p> + * The first byte read is stored into element <code>b[off]</code>, the next + * one into <code>b[off+1]</code>, and so on. The number of bytes read is, + * at most, equal to <code>len</code>. Let <code>k</code> be the number * of bytes actually read; these bytes will be stored in elements * <code>b[off]</code> through <code>b[off+k-1]</code>, leaving elements - * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected.</p> - * - * <p>In every case, elements <code>b[0]</code> through <code>b[off]</code> + * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected. + * <p> + * In every case, elements <code>b[0]</code> through <code>b[off]</code> * and elements <code>b[off+len]</code> through <code>b[b.length-1]</code> - * are unaffected.</p> - * - * <p>If the first byte cannot be read for any reason other than end of file, - * then an {@link IOException} is thrown. In particular, an {@link IOException} - * is thrown if the input stream has been closed.</p> - * - * <p>From the SASL mechanism provider's perspective, if a security layer has + * are unaffected. + * <p> + * If the first byte cannot be read for any reason other than end of file, + * then an {@link IOException} is thrown. In particular, an + * {@link IOException} is thrown if the input stream has been closed. + * <p> + * From the SASL mechanism provider's perspective, if a security layer has * been negotiated, the underlying <i>source</i> is expected to contain SASL * buffers, as defined in RFC 2222. Four octets in network byte order in the * front of each buffer identify the length of the buffer. The provider is * responsible for performing any integrity checking or other processing on * the buffer before returning the data as a stream of octets. The protocol * driver's request for a single octet from the stream might result in an - * entire SASL buffer being read and processed before that single octet can - * be returned.</p> - * + * entire SASL buffer being read and processed before that single octet can be + * returned. + * * @param b the buffer into which the data is read. * @param off the start offset in array <code>b</code> at which the data is - * wricodeen. + * wricodeen. * @param len the maximum number of bytes to read. * @return the total number of bytes read into the buffer, or <code>-1</code> - * if there is no more data because the end of the stream has been reached. + * if there is no more data because the end of the stream has been + * reached. * @throws IOException if an I/O error occurs. */ public int read(byte[] b, int off, int len) throws IOException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> read(b, " + String.valueOf(off) + ", " - + String.valueOf(len) + ")"); - - if (b == null) - { - throw new NullPointerException("b"); - } + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "read", new Object[] { + b, Integer.valueOf(off), Integer.valueOf(len) + }); if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) || ((off + len) < 0)) - { - throw new IndexOutOfBoundsException("off=" + String.valueOf(off) - + ", len=" + String.valueOf(len) - + ", b.length=" - + String.valueOf(b.length)); - } + throw new IndexOutOfBoundsException("off=" + off + ", len=" + len + + ", b.length=" + b.length); if (len == 0) { - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> 0"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "read", Integer.valueOf(0)); return 0; } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Available: " + String.valueOf(available())); - + if (Configuration.DEBUG) + log.finer("Available: " + available()); int result = 0; if (internalBuf == null || internalBuf.length < 1) try @@ -274,24 +225,26 @@ public class SaslInputStream extends InputStream internalBuf = readSaslBuffer(); if (internalBuf == null) { - if (DEBUG && debuglevel > 4) - debug(WARN, "Underlying stream empty. Returning -1"); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> -1"); + if (Configuration.DEBUG) + { + log.finer("Underlying stream empty. Returning -1"); + log.exiting(this.getClass().getName(), "read", + Integer.valueOf(-1)); + } return -1; } } catch (InterruptedIOException x) { - if (DEBUG && debuglevel > 6) - debug(TRACE, x); - if (DEBUG && debuglevel > 4) - debug(WARN, "Reading thread was interrupted. Returning -1"); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> -1"); + if (Configuration.DEBUG) + { + log.finer("Reading thread was interrupted. Returning -1"); + log.throwing(this.getClass().getName(), "read", x); + log.exiting(this.getClass().getName(), "read", + Integer.valueOf(-1)); + } return -1; } - if (len <= internalBuf.length) { result = len; @@ -311,10 +264,8 @@ public class SaslInputStream extends InputStream result = internalBuf.length; System.arraycopy(internalBuf, 0, b, off, result); internalBuf = null; - off += result; len -= result; - int remaining; // count of bytes remaining in buffer after an iteration int delta; // count of bytes moved to b after an iteration int datalen; @@ -328,13 +279,11 @@ public class SaslInputStream extends InputStream data = readSaslBuffer(); if (data == null) { - if (DEBUG && debuglevel > 4) - debug(WARN, "Underlying stream exhausted. Breaking..."); + if (Configuration.DEBUG) + log.finer("Underlying stream exhausted. Breaking..."); break; } - datalen = data.length; - // copy [part of] the result to b remaining = (datalen <= len) ? 0 : datalen - len; delta = datalen - remaining; @@ -344,7 +293,6 @@ public class SaslInputStream extends InputStream internalBuf = new byte[remaining]; System.arraycopy(data, delta, internalBuf, 0, remaining); } - // update off, result and len off += delta; result += delta; @@ -352,36 +300,32 @@ public class SaslInputStream extends InputStream } else { // nothing much we can do except return what we have - if (DEBUG && debuglevel > 4) - debug(WARN, - "Not enough bytes in source to read a buffer. Breaking..."); + if (Configuration.DEBUG) + log.finer("Not enough bytes in source to read a buffer. Breaking..."); break; } } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Remaining: " - + (internalBuf == null ? 0 : internalBuf.length)); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> " + String.valueOf(result)); + if (Configuration.DEBUG) + { + log.finer("Remaining: " + + (internalBuf == null ? 0 : internalBuf.length)); + log.exiting(this.getClass().getName(), "read()", String.valueOf(result)); + } return result; } - // other nstance methods --------------------------------------------------- - /** * Reads a SASL buffer from the underlying source if at least 4 bytes are * available. - * + * * @return the byte[] of decoded buffer contents, or null if the underlying - * source was exhausted. + * source was exhausted. * @throws IOException if an I/O exception occurs during the operation. */ private byte[] readSaslBuffer() throws IOException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> readSaslBuffer()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "readSaslBuffer()"); int realLength; // check if we read as many bytes as we're supposed to byte[] result = new byte[4]; try @@ -389,32 +333,27 @@ public class SaslInputStream extends InputStream realLength = source.read(result); if (realLength == -1) { - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== readSaslBuffer() --> null"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "readSaslBuffer"); return null; } } catch (IOException x) { - if (DEBUG && debuglevel > 0) - debug(ERROR, x); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } - if (realLength != 4) - { - throw new IOException("Was expecting 4 but found " - + String.valueOf(realLength)); - } - int bufferLength = result[0] << 24 | (result[1] & 0xFF) << 16 - | (result[2] & 0xFF) << 8 | (result[3] & 0xFF); - - if (DEBUG && debuglevel > 6) - debug(TRACE, "SASL buffer size: " + bufferLength); + throw new IOException("Was expecting 4 but found " + realLength); + int bufferLength = result[0] << 24 + | (result[1] & 0xFF) << 16 + | (result[2] & 0xFF) << 8 + | (result[3] & 0xFF); + if (Configuration.DEBUG) + log.finer("SASL buffer size: " + bufferLength); if (bufferLength > maxRawSendSize || bufferLength < 0) - { - throw new SaslEncodingException("SASL buffer (security layer) too long"); - } + throw new SaslEncodingException("SASL buffer (security layer) too long"); result = new byte[bufferLength]; try @@ -423,37 +362,32 @@ public class SaslInputStream extends InputStream } catch (IOException x) { - if (DEBUG && debuglevel > 0) - debug(ERROR, x); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } - if (realLength != bufferLength) - throw new IOException("Was expecting " + String.valueOf(bufferLength) - + " but found " + String.valueOf(realLength)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (before security) (hex): " - + Util.dumpString(result)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (before security) (str): \"" - + new String(result) + "\""); - - if (client != null) + throw new IOException("Was expecting " + bufferLength + " but found " + + realLength); + if (Configuration.DEBUG) { - result = client.unwrap(result, 0, realLength); + log.finer("Incoming buffer (before security) (hex): " + + Util.dumpString(result)); + log.finer("Incoming buffer (before security) (str): \"" + + new String(result) + "\""); } + if (client != null) + result = client.unwrap(result, 0, realLength); else + result = server.unwrap(result, 0, realLength); + if (Configuration.DEBUG) { - result = server.unwrap(result, 0, realLength); + log.finer("Incoming buffer (after security) (hex): " + + Util.dumpString(result)); + log.finer("Incoming buffer (after security) (str): \"" + + new String(result) + "\""); + log.exiting(this.getClass().getName(), "readSaslBuffer"); } - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (after security) (hex): " - + Util.dumpString(result)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (after security) (str): \"" - + new String(result) + "\""); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== readSaslBuffer()"); return result; } -}
\ No newline at end of file +} |