Add SASL Support

Change-Id: I0cccf3e526b3088a24c4c616ef5a12acb1195904

Author: mengli

src/main/com/danga/MemCached/MemCachedClient.java

@@ -250,6 +250,12 @@ public class MemCachedClient {
 	public static final byte OPCODE_APPEND = (byte) 0x0E;
 	public static final byte OPCODE_PREPEND = (byte) 0x0F;
 	public static final byte OPCODE_STAT = (byte) 0x10;
+	public static final byte OPCODE_AUTH_LIST = (byte) 0x20;
+	public static final byte OPCODE_START_AUTH = (byte) 0x21;
+	public static final byte OPCODE_AUTH_STEPS = (byte) 0x22;
+
+	public static final byte AUTH_FAILED = 0x20;
+	public static final byte FURTHER_AUTH = 0x21;
 
 	/**
 	 * This is used for set command only.<br>

src/main/com/schooner/MemCached/AscIIClient.java

@@ -1072,8 +1072,8 @@ public Map<String, Object> getMulti(String[] keys, Integer[] hashCodes, boolean
 			sock.close();
 		}
 
-		if (log.isInfoEnabled())
-			log.info("multi get socket count : " + cmdMap.size());
+		if (log.isDebugEnabled())
+			log.debug("multi get socket count : " + cmdMap.size());
 
 		// now query memcache
 		Map<String, Object> ret = new HashMap<String, Object>(keys.length);

src/main/com/schooner/MemCached/AuthInfo.java

@@ -0,0 +1,36 @@
+package com.schooner.MemCached;
+
+import javax.security.auth.callback.CallbackHandler;
+
+public class AuthInfo {
+
+	private final CallbackHandler callbackHandler;
+	private final String[] mechanisms;
+
+	public AuthInfo(CallbackHandler callbackHandler, String[] mechanisms) {
+		super();
+		this.callbackHandler = callbackHandler;
+		this.mechanisms = mechanisms;
+	}
+
+	public static AuthInfo plain(String username, String password) {
+		return new AuthInfo(new PlainCallbackHandler(username, password), new String[] { "PLAIN" });
+	}
+
+	public static AuthInfo cramMD5(String username, String password) {
+		return new AuthInfo(new PlainCallbackHandler(username, password), new String[] { "CRAM-MD5" });
+	}
+
+	public static AuthInfo typical(String username, String password) {
+		return new AuthInfo(new PlainCallbackHandler(username, password), new String[] { "CRAM-MD5", "PLAIN" });
+	}
+
+	public CallbackHandler getCallbackHandler() {
+		return callbackHandler;
+	}
+
+	public String[] getMechanisms() {
+		return mechanisms;
+	}
+
+}

src/main/com/schooner/MemCached/AuthSchoonerSockIOFactory.java

@@ -0,0 +1,94 @@
+package com.schooner.MemCached;
+
+import java.io.DataInputStream;
+
+import javax.security.sasl.Sasl;
+import javax.security.sasl.SaslClient;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.danga.MemCached.MemCachedClient;
+
+public class AuthSchoonerSockIOFactory extends SchoonerSockIOFactory {
+
+	// logger
+	public static Logger log = LoggerFactory.getLogger(AuthSchoonerSockIOFactory.class);
+
+	public final static String NTLM = "NTLM";
+	public final static String PLAIN = "PLAIN";
+	public final static String LOGIN = "LOGIN";
+	public final static String DIGEST_MD5 = "DIGEST-MD5";
+	public final static String CRAM_MD5 = "CRAM-MD5";
+	public final static String ANONYMOUS = "ANONYMOUS";
+
+	public static final byte[] EMPTY_BYTES = new byte[0];
+
+	private AuthInfo authInfo;
+
+	public AuthSchoonerSockIOFactory(String host, boolean isTcp, int bufferSize, int socketTO, int socketConnectTO,
+			boolean nagle, AuthInfo authInfo) {
+		super(host, isTcp, bufferSize, socketTO, socketConnectTO, nagle);
+		this.authInfo = authInfo;
+	}
+
+	@Override
+	public Object makeObject() throws Exception {
+		SchoonerSockIO socket = createSocket(host);
+		auth(socket);
+		return socket;
+	}
+
+	private void auth(SchoonerSockIO socket) throws Exception {
+		SaslClient saslClient = Sasl.createSaslClient(authInfo.getMechanisms(), null, "memcached", host, null,
+				this.authInfo.getCallbackHandler());
+
+		byte[] authData = saslClient.hasInitialResponse() ? saslClient.evaluateChallenge(EMPTY_BYTES) : EMPTY_BYTES;
+
+		authData = sendAuthData(socket, MemCachedClient.OPCODE_START_AUTH, saslClient.getMechanismName(), authData);
+		if (authData == null)
+			return;
+		authData = saslClient.evaluateChallenge(authData);
+		if (sendAuthData(socket, MemCachedClient.OPCODE_AUTH_STEPS, saslClient.getMechanismName(), authData) == null)
+			return;
+
+		log.error("Auth Failed: mechanism = " + saslClient.getMechanismName());
+		throw new Exception();
+	}
+
+	private byte[] sendAuthData(SchoonerSockIO sock, byte opcode, String mechanism, byte[] authData) throws Exception {
+		sock.writeBuf.clear();
+		sock.writeBuf.put(MemCachedClient.MAGIC_REQ);
+		sock.writeBuf.put(opcode);
+		sock.writeBuf.putShort((short) mechanism.length());
+		sock.writeBuf.putInt(0);
+		sock.writeBuf.putInt(mechanism.length() + authData.length);
+		sock.writeBuf.putInt(0);
+		sock.writeBuf.putLong(0);
+		sock.writeBuf.put(mechanism.getBytes());
+		sock.writeBuf.put(authData);
+
+		// write the buffer to server
+		// now write the data to the cache server
+		sock.flush();
+		// get result code
+		DataInputStream dis = new DataInputStream(new SockInputStream(sock, Integer.MAX_VALUE));
+		dis.readInt();
+		dis.readByte();
+		dis.readByte();
+		byte[] response = null;
+		short status = dis.readShort();
+		if (status == MemCachedClient.FURTHER_AUTH) {
+			int length = dis.readInt();
+			response = new byte[length];
+			dis.readInt();
+			dis.readLong();
+			dis.read(response);
+		} else if (status == MemCachedClient.AUTH_FAILED) {
+			log.error("Auth Failed: mechanism = " + mechanism);
+			throw new Exception();
+		}
+
+		return response;
+	}
+}

src/main/com/schooner/MemCached/BinaryClient.java

@@ -182,14 +182,14 @@ public boolean delete(String key, Integer hashCode, Date expiry) {
 			short status = dis.readShort();
 
 			if (status == STAT_NO_ERROR) {
-				if (log.isInfoEnabled())
-					log.info("++++ deletion of key: " + key + " from cache was a success");
+				if (log.isDebugEnabled())
+					log.debug("++++ deletion of key: " + key + " from cache was a success");
 
 				// return sock to pool and bail here
 				return true;
 			} else if (status == STAT_KEY_NOT_FOUND) {
-				if (log.isInfoEnabled())
-					log.info("++++ deletion of key: " + key + " from cache failed as the key was not found");
+				if (log.isDebugEnabled())
+					log.debug("++++ deletion of key: " + key + " from cache failed as the key was not found");
 			} else {
 				log.error("++++ error deleting key: " + key);
 				log.error("++++ server response: " + status);
@@ -847,7 +847,8 @@ public Map<String, Object> getMulti(String[] keys, Integer[] hashCodes, boolean
 			sock.close();
 		}
 
-		log.info("multi get socket count : " + cmdMap.size());
+		if (log.isDebugEnabled())
+			log.debug("multi get socket count : " + cmdMap.size());
 
 		// now query memcache
 		Map<String, Object> ret = new HashMap<String, Object>(keys.length);

src/main/com/schooner/MemCached/PlainCallbackHandler.java

@@ -0,0 +1,33 @@
+package com.schooner.MemCached;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+public class PlainCallbackHandler implements CallbackHandler {
+	private String username;
+	private String password;
+
+	public PlainCallbackHandler(String username, String password) {
+		super();
+		this.username = username;
+		this.password = password;
+	}
+
+	public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+		for (Callback callback : callbacks) {
+			if (callback instanceof NameCallback) {
+				((NameCallback) callback).setName(this.username);
+			} else if (callback instanceof PasswordCallback) {
+				((PasswordCallback) callback).setPassword(password.toCharArray());
+			} else
+				throw new UnsupportedCallbackException(callback);
+		}
+
+	}
+
+}

src/main/com/schooner/MemCached/SchoonerSockIOFactory.java

@@ -13,19 +13,19 @@
  */
 public class SchoonerSockIOFactory extends BasePoolableObjectFactory {
 
-	private GenericObjectPool sockets;
+	protected GenericObjectPool sockets;
 
-	private String host;
+	protected String host;
 
-	private int bufferSize;
+	protected int bufferSize;
 
-	private int socketTO;
+	protected int socketTO;
 
-	private int socketConnectTO;
+	protected int socketConnectTO;
 
-	private boolean isTcp;
+	protected boolean isTcp;
 
-	private boolean nagle;
+	protected boolean nagle;
 
 	public SchoonerSockIOFactory(String host, boolean isTcp, int bufferSize, int socketTO, int socketConnectTO,
 			boolean nagle) {

src/main/com/schooner/MemCached/SchoonerSockIOPool.java

@@ -194,6 +194,8 @@ protected final MessageDigest initialValue() {
 
 	ConcurrentMap<String, Long> hostDeadDur;
 
+	private AuthInfo authInfo;
+
 	private boolean isTcp;
 
 	private int bufferSize = 1024 * 1025;
@@ -222,6 +224,20 @@ public static SchoonerSockIOPool getInstance(String poolName) {
 		return pools.get(poolName);
 	}
 
+	public static SchoonerSockIOPool getInstance(String poolName, AuthInfo authInfo) {
+		SchoonerSockIOPool pool;
+
+		synchronized (pools) {
+			if (!pools.containsKey(poolName)) {
+				pool = new SchoonerSockIOPool(true);
+				pool.authInfo = authInfo;
+				pools.putIfAbsent(poolName, pool);
+			}
+		}
+
+		return pools.get(poolName);
+	}
+
 	public static SchoonerSockIOPool getInstance(String poolName, boolean isTcp) {
 		SchoonerSockIOPool pool;
 
@@ -251,6 +267,10 @@ public static SchoonerSockIOPool getInstance() {
 		return getInstance("default", true);
 	}
 
+	public static SchoonerSockIOPool getInstance(AuthInfo authInfo) {
+		return getInstance("default", authInfo);
+	}
+
 	public static SchoonerSockIOPool getInstance(boolean isTcp) {
 		return getInstance("default", isTcp);
 	}
@@ -308,8 +328,13 @@ private void populateBuckets() {
 			// Create a socket pool for each host
 			// Create an object pool to contain our active connections
 			GenericObjectPool gop;
-			SchoonerSockIOFactory factory = new SchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO,
-					socketConnectTO, nagle);
+			SchoonerSockIOFactory factory;
+			if (authInfo != null) {
+				factory = new AuthSchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO, socketConnectTO,
+						nagle, authInfo);
+			} else {
+				factory = new SchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO, socketConnectTO, nagle);
+			}
 			gop = new GenericObjectPool(factory, maxConn, GenericObjectPool.WHEN_EXHAUSTED_BLOCK, maxIdle, maxConn);
 			factory.setSockets(gop);
 			socketPool.put(servers[i], gop);
@@ -348,8 +373,13 @@ private void populateConsistentBuckets() {
 			// Create a socket pool for each host
 			// Create an object pool to contain our active connections
 			GenericObjectPool gop;
-			SchoonerSockIOFactory factory = new SchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO,
-					socketConnectTO, nagle);
+			SchoonerSockIOFactory factory;
+			if (authInfo != null) {
+				factory = new AuthSchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO, socketConnectTO,
+						nagle, authInfo);
+			} else {
+				factory = new SchoonerSockIOFactory(servers[i], isTcp, bufferSize, socketTO, socketConnectTO, nagle);
+			}
 			gop = new GenericObjectPool(factory, maxConn, GenericObjectPool.WHEN_EXHAUSTED_BLOCK, maxIdle, maxConn);
 			factory.setSockets(gop);
 			socketPool.put(servers[i], gop);

src/test/com/schooner/MemCached/MemCachedBenchTcp.java

@@ -30,16 +30,15 @@
 
 import com.danga.MemCached.MemCachedClient;
 
-
 public class MemCachedBenchTcp {
 
 	// logger
 	// private static Logger log =
 	// Logger.getLogger(MemCachedBench.class.getName());
 
 	public static void main(String[] args) {
-		int runs = Integer.parseInt(args[0]);
-		int start = Integer.parseInt(args[1]);
+		int runs = Integer.parseInt(args[1]);
+		int start = Integer.parseInt(args[2]);
 
 		String servers = System.getProperty("memcached.host");
 		String[] serverlist = servers.split(",");
@@ -54,7 +53,11 @@ public static void main(String[] args) {
 		pool.initialize();
 
 		// get client instance
-		MemCachedClient mc = new MemCachedClient("test");
+		MemCachedClient mc;
+		if (args[0].equals("ascii"))
+			mc = new MemCachedClient("test", false);
+		else
+			mc = new MemCachedClient("test", true);
 
 		String keyBase = "testKey";
 		String object = "This is a test of an object blah blah es, serialization does not seem to slow things down so much.  The gzip compression is horrible horrible performance, so we only use it for very large objects.  I have not done any heavy benchmarking recently";