this mail thread[1] should give you an idea about the format, and if you can file a bug in JIRA[2] and attach your patch that would be awesome! :)
[1] http://www.mail-archive.com/[email protected]/msg10333.html [2] https://issues.apache.org/jira/browse/DIRKRB On Mon, Aug 5, 2013 at 7:08 PM, Alejandro Abdelnur <[email protected]> wrote: > I've looked around in the code and the problem seems to be in the > KeytabEncoder.write() method: > > ----- > ByteBuffer write( byte[] keytabVersion, List<KeytabEntry> entries ) > { > ByteBuffer buffer = ByteBuffer.allocate( 512 ); > putKeytabVersion( buffer, keytabVersion ); > putKeytabEntries( buffer, entries ); > buffer.flip(); > > return buffer; > } > ----- > > the buffer is hardcoded to 512 when it should take into account the entry > size. > > making the buffer size to be entries.lenght() * 120 fixes the problem to > create the keytab, still have to test such keytab. > > though I don't know if this is the right approach. > > thx > > > On Sun, Aug 4, 2013 at 9:00 PM, Alejandro Abdelnur <[email protected]> > wrote: > > > Hi, > > > > I'm trying to create a keytab programmatically with multiple principals > > but it is failing on write with the following error: > > > > ------ > > java.nio.BufferOverflowException > > at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:182) > > at > > > org.apache.directory.server.kerberos.shared.keytab.KeytabEncoder.putKeytabEntries(KeytabEncoder.java:83) > > at > > > org.apache.directory.server.kerberos.shared.keytab.KeytabEncoder.write(KeytabEncoder.java:48) > > at > > > org.apache.directory.server.kerberos.shared.keytab.Keytab.write(Keytab.java:95) > > > > ------ > > > > If I create the keytab with a single principal it works just fine > > following is the snippet on the keytab creation. > > > > ------ > > protected void createPrincipal(File keytabFile, String ... principals) > > throws Exception { > > Keytab keytab = Keytab.getInstance(); > > List<KeytabEntry> entries = new ArrayList<KeytabEntry>(); > > for (String principal : principals) { > > createPrincipal(principal, "secret"); > > String orgName= conf.getProperty(ORG_NAME); > > String orgDomain = conf.getProperty(ORG_DOMAIN); > > String realm = orgName.toUpperCase() + "." + > orgDomain.toUpperCase(); > > principal = principal + "@" + realm; > > KerberosTime timestamp = new KerberosTime(); > > for (Map.Entry<EncryptionType, EncryptionKey> entry : > > KerberosKeyFactory > > .getKerberosKeys(principal, "secret").entrySet()) { > > EncryptionKey ekey = entry.getValue(); > > byte keyVersion = (byte) ekey.getKeyVersion(); > > entries.add(new KeytabEntry(principal, 1L, timestamp, keyVersion, > > ekey)); > > } > > } > > keytab.setEntries(entries); > > keytab.write(keytabFile); > > } > > ------ > > > > I'd appreciate any hint on how to do this or if it is not possible. > > > > Thanks. > > > > Alejandro > > > -- Kiran Ayyagari http://keydap.com
