Examples with Int net.sourceforge.myvd.types.Int used on opensource projects

Example 6 with Int

use of net.sourceforge.myvd.types.Int in project OpenUnison by TremoloSecurity.

the class AccessLog method extendedOperation.

public void extendedOperation(ExetendedOperationInterceptorChain chain, ExtendedOperation op, LDAPConstraints constraints) throws LDAPException {
    long start = System.currentTimeMillis();
    long end = 0;
    int result = -1;
    Int opn = new Int(0);
    Int con = new Int(0);
    this.getOpNum(chain.getSession(), con, opn);
    StringBuffer buf = new StringBuffer("EXT op=").append(opn.getValue()).append(" con=").append(con.getValue());
    logger.info(buf.toString());
    try {
        chain.nextExtendedOperations(op, constraints);
        result = 0;
    } catch (LDAPException le) {
        result = le.getResultCode();
        throw le;
    } finally {
        end = System.currentTimeMillis();
        if (result == -1) {
            result = LDAPException.OPERATIONS_ERROR;
        }
        buf.setLength(0);
        buf.append("RESULT op=").append(opn.getValue()).append(" con=").append(con.getValue()).append(" result=").append(result).append(" time=").append(end - start);
        logger.info(buf.toString());
    }
}

Example 7 with Int

use of net.sourceforge.myvd.types.Int in project OpenUnison by TremoloSecurity.

the class AuthLockoutInsert method bind.

@Override
public void bind(BindInterceptorChain chain, DistinguishedName dn, Password pwd, LDAPConstraints constraints) throws LDAPException {
    Results results = new Results(null, chain.getPositionInChain(this) + 1);
    SearchInterceptorChain schain = chain.createSearchChain(chain.getPositionInChain(this) + 1);
    schain.nextSearch(new DistinguishedName(dn.getDN()), new Int(0), new Filter("(objectClass=*)"), new ArrayList<Attribute>(), new Bool(false), results, new LDAPSearchConstraints());
    results.start();
    if (!results.hasMore()) {
        throw new LDAPException("No such object", LDAPException.NO_SUCH_OBJECT, "Could not find dn");
    }
    Entry entry = results.next();
    while (results.hasMore()) {
        results.next();
    }
    try {
        chain.nextBind(dn, pwd, constraints);
        LDAPAttribute lastFailed = entry.getEntry().getAttributeSet().getAttribute(this.lastFailedAttribute);
        LDAPAttribute numFailures = entry.getEntry().getAttributeSet().getAttribute(this.numFailedAttribute);
        if (lastFailed != null && numFailures != null) {
            long lastFailedTS = Long.parseLong(lastFailed.getStringValue());
            int numPrevFailures = Integer.parseInt(numFailures.getStringValue());
            long now = new DateTime(DateTimeZone.UTC).getMillis();
            long lockedUntil = lastFailedTS + this.maxLockoutTime;
            if (logger.isDebugEnabled()) {
                logger.debug("Num Failed : " + numPrevFailures);
                logger.debug("Last Failed : '" + lastFailedTS + "'");
                logger.info("Now : '" + now + "'");
                logger.info("Locked Until : '" + lockedUntil + "'");
                logger.info("locked >= now? : '" + (lockedUntil >= now) + "'");
                logger.info("max fails? : '" + this.maxFailedAttempts + "'");
                logger.info("too many fails : '" + (numPrevFailures >= this.maxFailedAttempts) + "'");
            }
            if (lockedUntil >= now && numPrevFailures >= this.maxFailedAttempts) {
                this.updateFailedAttrs(entry.getEntry());
                throw new LDAPException("Invalid credentials", LDAPException.INVALID_CREDENTIALS, "User locked out");
            }
        }
        this.updateSuccessAttrs(entry.getEntry());
    } catch (LDAPException e) {
        if (e.getResultCode() == LDAPException.INVALID_CREDENTIALS) {
            this.updateFailedAttrs(entry.getEntry());
        }
        throw e;
    }
}

Example 8 with Int

use of net.sourceforge.myvd.types.Int in project OpenUnison by TremoloSecurity.

the class AuthTOTPInsert method bind.

public void bind(BindInterceptorChain chain, DistinguishedName dn, Password pwd, LDAPConstraints constraints) throws LDAPException {
    DistinguishedName localdn = new DistinguishedName(new DN(dn.getDN().toString()));
    logger.debug("In bind");
    SearchInterceptorChain schain = chain.createSearchChain();
    ArrayList<Attribute> searchattrs = new ArrayList<Attribute>();
    // searchattrs.add(new Attribute(this.attribute));
    logger.debug("searching...");
    Results res = new Results(chain.getInterceptors(), chain.getPos());
    logger.debug("Created res");
    schain.nextSearch(localdn, new Int(0), new Filter("(objectClass=*)"), searchattrs, new Bool(false), res, new LDAPSearchConstraints());
    logger.debug("ran search");
    res.start();
    logger.debug("res started");
    if (!res.hasMore()) {
        logger.debug("user not found");
        throw new LDAPException("Could not find " + localdn.getDN().toString(), LDAPException.NO_SUCH_OBJECT, "Could not find " + localdn.getDN().toString());
    }
    logger.debug("user found");
    LDAPEntry entry = res.next().getEntry();
    LDAPAttribute key = entry.getAttribute(this.attribute);
    if (key == null) {
        logger.debug("No key");
        throw new LDAPException("Invalid Credentials", LDAPException.NO_SUCH_OBJECT, "Invalid Credentials");
    }
    try {
        String keyjson = key.getStringValue();
        if (logger.isDebugEnabled())
            logger.debug("token json : '" + keyjson + "'");
        Gson gson = new Gson();
        Token token = gson.fromJson(new String(Base64.decode(keyjson)), Token.class);
        byte[] iv = org.bouncycastle.util.encoders.Base64.decode(token.getIv());
        IvParameterSpec spec = new IvParameterSpec(iv);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, GlobalEntries.getGlobalEntries().getConfigManager().getSecretKey(this.encyrptionKey), spec);
        byte[] encBytes = org.bouncycastle.util.encoders.Base64.decode(token.getEncryptedRequest());
        String totpJson = new String(cipher.doFinal(encBytes));
        if (logger.isDebugEnabled())
            logger.debug("totp json : '" + totpJson + "'");
        TOTPKey totp = gson.fromJson(totpJson, TOTPKey.class);
        GoogleAuthenticatorConfigBuilder b = new GoogleAuthenticatorConfigBuilder();
        b.setWindowSize(this.window);
        GoogleAuthenticatorConfig cfg = b.build();
        GoogleAuthenticator ga = new GoogleAuthenticator(cfg);
        String spwd = new String(pwd.getValue());
        if (spwd.indexOf(':') == -1) {
            logger.debug("no colon");
            throw new LDAPException("Invalid credentials", LDAPException.INVALID_CREDENTIALS, "Invalid Credentials");
        }
        String scode = spwd.substring(spwd.indexOf(':') + 1);
        int code = Integer.parseInt(scode);
        if (!ga.authorize(totp.getSecretKey(), code)) {
            logger.debug("Verify failed");
            throw new LDAPException("Invalid credentials", LDAPException.INVALID_CREDENTIALS, "Invalid Credentials");
        }
        logger.debug("verify succeeded");
        pwd.setValue(spwd.substring(0, spwd.indexOf(':')).getBytes("UTF-8"));
        chain.nextBind(dn, pwd, constraints);
    } catch (Exception e) {
        logger.error("Could not work", e);
        if (e instanceof LDAPException) {
            throw ((LDAPException) e);
        } else {
            throw new LDAPException("Could not decrypt key", LDAPException.OPERATIONS_ERROR, "Could not decrypt key", e);
        }
    }
}

Example 9 with Int

use of net.sourceforge.myvd.types.Int in project OpenUnison by TremoloSecurity.

the class MyVDConnection method search.

public LDAPSearchResults search(String base, int scope, String filter, ArrayList<String> attributes) throws LDAPException {
    HashMap<Object, Object> request = new HashMap<Object, Object>();
    HashMap<Object, Object> session = new HashMap<Object, Object>();
    session.put(SessionVariables.BOUND_INTERCEPTORS, new ArrayList<String>());
    session.put("MYVD_BINDDN", new DistinguishedName("cn=TremoloAdmin"));
    session.put("MYVD_BINDPASS", new Password());
    ArrayList<net.sourceforge.myvd.types.Attribute> lattribs = new ArrayList<net.sourceforge.myvd.types.Attribute>();
    Iterator<String> it = attributes.iterator();
    while (it.hasNext()) {
        lattribs.add(new net.sourceforge.myvd.types.Attribute(it.next()));
    }
    SearchInterceptorChain chain = new SearchInterceptorChain(new DistinguishedName("cn=TremoloAdmin"), new Password(), 0, core.getGlobalChain(), session, request, core.getRouter());
    DistinguishedName baseDN = new DistinguishedName(base);
    if (filter.contains("\\,")) {
        filter = filter.replaceAll("[\\\\][,]", "\\\\5C,");
    }
    Filter searchFilter = new Filter(filter);
    Results res = new Results(core.getGlobalChain(), 0);
    chain.nextSearch(baseDN, new Int(scope), searchFilter, lattribs, new Bool(false), res, new LDAPSearchConstraints());
    return new EntrySetSearchResults(res);
}

Example 10 with Int

use of net.sourceforge.myvd.types.Int in project OpenUnison by TremoloSecurity.

the class AccessLog method postSearchEntry.

public void postSearchEntry(PostSearchEntryInterceptorChain chain, Entry entry, DistinguishedName base, Int scope, Filter filter, ArrayList<Attribute> attributes, Bool typesOnly, LDAPSearchConstraints constraints) throws LDAPException {
    StringBuffer b = new StringBuffer();
    b.append(AccessLog.ACCESS_LOG_SRCH_COUNT).append(this.name);
    Int nentries = (Int) chain.getRequest().get(b.toString());
    if (entry.isReturnEntry()) {
        nentries.setValue(nentries.getValue() + 1);
    }
    chain.nextPostSearchEntry(entry, base, scope, filter, attributes, typesOnly, constraints);
}