From acced829c343f3b05ebae3ada1eca93feb14762c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= Date: Mon, 11 Jan 2021 16:42:21 +0100 Subject: [PATCH] Update Kerberos library to latest major New import path: github.com/jcmturner/gokrb5/v8 --- broker_test.go | 2 +- gssapi_kerberos.go | 16 ++++++------- kerberos_client.go | 12 +++++----- kerberos_client_test.go | 52 +++++++++++++++++++++++++++++++++++++---- mockkerberos.go | 10 ++++---- 5 files changed, 67 insertions(+), 25 deletions(-) diff --git a/broker_test.go b/broker_test.go index 37064b7cb..5f859c8f2 100644 --- a/broker_test.go +++ b/broker_test.go @@ -9,8 +9,8 @@ import ( "testing" "time" + "github.com/jcmturner/gokrb5/v8/krberror" "github.com/rcrowley/go-metrics" - "gopkg.in/jcmturner/gokrb5.v7/krberror" ) func ExampleBroker() { diff --git a/gssapi_kerberos.go b/gssapi_kerberos.go index 1993fc08f..44fd44625 100644 --- a/gssapi_kerberos.go +++ b/gssapi_kerberos.go @@ -1,19 +1,19 @@ package sarama import ( + "encoding/asn1" "encoding/binary" "fmt" "io" "strings" "time" - "github.com/jcmturner/gofork/encoding/asn1" - "gopkg.in/jcmturner/gokrb5.v7/asn1tools" - "gopkg.in/jcmturner/gokrb5.v7/gssapi" - "gopkg.in/jcmturner/gokrb5.v7/iana/chksumtype" - "gopkg.in/jcmturner/gokrb5.v7/iana/keyusage" - "gopkg.in/jcmturner/gokrb5.v7/messages" - "gopkg.in/jcmturner/gokrb5.v7/types" + "github.com/jcmturner/gokrb5/v8/asn1tools" + "github.com/jcmturner/gokrb5/v8/gssapi" + "github.com/jcmturner/gokrb5/v8/iana/chksumtype" + "github.com/jcmturner/gokrb5/v8/iana/keyusage" + "github.com/jcmturner/gokrb5/v8/messages" + "github.com/jcmturner/gokrb5/v8/types" ) const ( @@ -154,7 +154,7 @@ func (krbAuth *GSSAPIKerberosAuth) createKrb5Token( * */ func (krbAuth *GSSAPIKerberosAuth) appendGSSAPIHeader(payload []byte) ([]byte, error) { - oidBytes, err := asn1.Marshal(gssapi.OID(gssapi.OIDKRB5)) + oidBytes, err := asn1.Marshal(gssapi.OIDKRB5.OID()) if err != nil { return nil, err } diff --git a/kerberos_client.go b/kerberos_client.go index ebc114179..01a53193b 100644 --- a/kerberos_client.go +++ b/kerberos_client.go @@ -1,10 +1,10 @@ package sarama import ( - krb5client "gopkg.in/jcmturner/gokrb5.v7/client" - krb5config "gopkg.in/jcmturner/gokrb5.v7/config" - "gopkg.in/jcmturner/gokrb5.v7/keytab" - "gopkg.in/jcmturner/gokrb5.v7/types" + krb5client "github.com/jcmturner/gokrb5/v8/client" + krb5config "github.com/jcmturner/gokrb5/v8/config" + "github.com/jcmturner/gokrb5/v8/keytab" + "github.com/jcmturner/gokrb5/v8/types" ) type KerberosGoKrb5Client struct { @@ -37,9 +37,9 @@ func createClient(config *GSSAPIConfig, cfg *krb5config.Config) (KerberosClient, if err != nil { return nil, err } - client = krb5client.NewClientWithKeytab(config.Username, config.Realm, kt, cfg, krb5client.DisablePAFXFAST(config.DisablePAFXFAST)) + client = krb5client.NewWithKeytab(config.Username, config.Realm, kt, cfg, krb5client.DisablePAFXFAST(config.DisablePAFXFAST)) } else { - client = krb5client.NewClientWithPassword(config.Username, + client = krb5client.NewWithPassword(config.Username, config.Realm, config.Password, cfg, krb5client.DisablePAFXFAST(config.DisablePAFXFAST)) } return &KerberosGoKrb5Client{*client}, nil diff --git a/kerberos_client_test.go b/kerberos_client_test.go index 9cd7a21b6..7c2ed31bc 100644 --- a/kerberos_client_test.go +++ b/kerberos_client_test.go @@ -4,8 +4,7 @@ import ( "errors" "testing" - krbcfg "gopkg.in/jcmturner/gokrb5.v7/config" - "gopkg.in/jcmturner/gokrb5.v7/test/testdata" + krbcfg "github.com/jcmturner/gokrb5/v8/config" ) /* @@ -15,6 +14,49 @@ import ( * */ +const ( + krb5cfg = `[libdefaults] + default_realm = TEST.GOKRB5 + dns_lookup_realm = false + dns_lookup_kdc = false + ticket_lifetime = 24h + forwardable = yes + default_tkt_enctypes = aes256-cts-hmac-sha1-96 + default_tgs_enctypes = aes256-cts-hmac-sha1-96 + noaddresses = false +[realms] + TEST.GOKRB5 = { + kdc = 127.0.0.1:88 + admin_server = 127.0.0.1:749 + default_domain = test.gokrb5 + } + RESDOM.GOKRB5 = { + kdc = 10.80.88.88:188 + admin_server = 127.0.0.1:749 + default_domain = resdom.gokrb5 + } + USER.GOKRB5 = { + kdc = 192.168.88.100:88 + admin_server = 192.168.88.100:464 + default_domain = user.gokrb5 + } + RES.GOKRB5 = { + kdc = 192.168.88.101:88 + admin_server = 192.168.88.101:464 + default_domain = res.gokrb5 + } +[domain_realm] + .test.gokrb5 = TEST.GOKRB5 + test.gokrb5 = TEST.GOKRB5 + .resdom.gokrb5 = RESDOM.GOKRB5 + resdom.gokrb5 = RESDOM.GOKRB5 + .user.gokrb5 = USER.GOKRB5 + user.gokrb5 = USER.GOKRB5 + .res.gokrb5 = RES.GOKRB5 + res.gokrb5 = RES.GOKRB5 +` +) + func TestFaildToCreateKerberosConfig(t *testing.T) { expectedErr := errors.New("configuration file could not be opened: krb5.conf open krb5.conf: no such file or directory") clientConfig := NewTestConfig() @@ -34,7 +76,7 @@ func TestFaildToCreateKerberosConfig(t *testing.T) { } func TestCreateWithPassword(t *testing.T) { - kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF) + kerberosConfig, err := krbcfg.NewFromString(krb5cfg) if err != nil { t.Fatal(err) } @@ -64,7 +106,7 @@ func TestCreateWithPassword(t *testing.T) { } func TestCreateWithKeyTab(t *testing.T) { - kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF) + kerberosConfig, err := krbcfg.NewFromString(krb5cfg) if err != nil { t.Fatal(err) } @@ -86,7 +128,7 @@ func TestCreateWithKeyTab(t *testing.T) { } func TestCreateWithDisablePAFXFAST(t *testing.T) { - kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF) + kerberosConfig, err := krbcfg.NewFromString(krb5cfg) if err != nil { t.Fatal(err) } diff --git a/mockkerberos.go b/mockkerberos.go index d36649d8a..beb00e5b5 100644 --- a/mockkerberos.go +++ b/mockkerberos.go @@ -4,11 +4,11 @@ import ( "encoding/binary" "encoding/hex" - "gopkg.in/jcmturner/gokrb5.v7/credentials" - "gopkg.in/jcmturner/gokrb5.v7/gssapi" - "gopkg.in/jcmturner/gokrb5.v7/iana/keyusage" - "gopkg.in/jcmturner/gokrb5.v7/messages" - "gopkg.in/jcmturner/gokrb5.v7/types" + "github.com/jcmturner/gokrb5/v8/credentials" + "github.com/jcmturner/gokrb5/v8/gssapi" + "github.com/jcmturner/gokrb5/v8/iana/keyusage" + "github.com/jcmturner/gokrb5/v8/messages" + "github.com/jcmturner/gokrb5/v8/types" ) type KafkaGSSAPIHandler struct {