Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
1eb15c0b
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
1eb15c0b
编写于
8月 11, 2009
作者:
V
vinnie
浏览文件
操作
浏览文件
下载
差异文件
Merge
上级
51a55865
f01ebf86
变更
26
隐藏空白更改
内联
并排
Showing
26 changed file
with
768 addition
and
76 deletion
+768
-76
src/share/classes/com/sun/jndi/dns/DnsContext.java
src/share/classes/com/sun/jndi/dns/DnsContext.java
+3
-6
src/share/classes/com/sun/security/jgss/AuthorizationDataEntry.java
...classes/com/sun/security/jgss/AuthorizationDataEntry.java
+68
-0
src/share/classes/com/sun/security/jgss/ExtendedGSSContext.java
...are/classes/com/sun/security/jgss/ExtendedGSSContext.java
+102
-0
src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java
...es/com/sun/security/jgss/InquireSecContextPermission.java
+54
-0
src/share/classes/com/sun/security/jgss/InquireType.java
src/share/classes/com/sun/security/jgss/InquireType.java
+54
-0
src/share/classes/java/nio/file/SimpleFileVisitor.java
src/share/classes/java/nio/file/SimpleFileVisitor.java
+16
-0
src/share/classes/java/nio/file/attribute/AclFileAttributeView.java
...classes/java/nio/file/attribute/AclFileAttributeView.java
+1
-1
src/share/classes/java/nio/file/attribute/PosixFileAttributeView.java
...asses/java/nio/file/attribute/PosixFileAttributeView.java
+1
-1
src/share/classes/sun/security/jgss/GSSContextImpl.java
src/share/classes/sun/security/jgss/GSSContextImpl.java
+15
-4
src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java
...e/classes/sun/security/jgss/krb5/InitSecContextToken.java
+22
-2
src/share/classes/sun/security/jgss/krb5/Krb5Context.java
src/share/classes/sun/security/jgss/krb5/Krb5Context.java
+79
-0
src/share/classes/sun/security/jgss/spi/GSSContextSpi.java
src/share/classes/sun/security/jgss/spi/GSSContextSpi.java
+13
-3
src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
...share/classes/sun/security/jgss/spnego/SpNegoContext.java
+20
-2
src/share/classes/sun/security/jgss/wrapper/NativeGSSContext.java
...e/classes/sun/security/jgss/wrapper/NativeGSSContext.java
+8
-1
src/share/classes/sun/security/krb5/Credentials.java
src/share/classes/sun/security/krb5/Credentials.java
+21
-1
src/share/classes/sun/security/krb5/KrbApReq.java
src/share/classes/sun/security/krb5/KrbApReq.java
+4
-3
src/share/classes/sun/security/krb5/internal/AuthorizationData.java
...classes/sun/security/krb5/internal/AuthorizationData.java
+8
-0
src/share/classes/sun/security/tools/JarSigner.java
src/share/classes/sun/security/tools/JarSigner.java
+10
-0
src/share/classes/sun/security/tools/KeyTool.java
src/share/classes/sun/security/tools/KeyTool.java
+28
-28
src/share/classes/sun/security/tools/PolicyTool.java
src/share/classes/sun/security/tools/PolicyTool.java
+16
-6
src/solaris/native/sun/nio/ch/Net.c
src/solaris/native/sun/nio/ch/Net.c
+1
-1
test/com/sun/security/jgss/InquireSecContextPermissionCheck.java
...m/sun/security/jgss/InquireSecContextPermissionCheck.java
+50
-0
test/java/nio/channels/SocketChannel/Shutdown.java
test/java/nio/channels/SocketChannel/Shutdown.java
+54
-15
test/java/nio/file/Files/Misc.java
test/java/nio/file/Files/Misc.java
+26
-1
test/sun/security/krb5/auto/Context.java
test/sun/security/krb5/auto/Context.java
+33
-1
test/sun/security/tools/jarsigner/samename.sh
test/sun/security/tools/jarsigner/samename.sh
+61
-0
未找到文件。
src/share/classes/com/sun/jndi/dns/DnsContext.java
浏览文件 @
1eb15c0b
...
...
@@ -972,14 +972,11 @@ class NameClassPairEnumeration implements NamingEnumeration {
}
/*
* ctx will be
closed
when no longer needed by the enumeration.
* ctx will be
set to null
when no longer needed by the enumeration.
*/
public
void
close
()
{
public
void
close
()
{
nodes
=
null
;
if
(
ctx
!=
null
)
{
ctx
.
close
();
ctx
=
null
;
}
ctx
=
null
;
}
public
boolean
hasMore
()
{
...
...
src/share/classes/com/sun/security/jgss/AuthorizationDataEntry.java
0 → 100644
浏览文件 @
1eb15c0b
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.security.jgss
;
/**
* Kerberos 5 AuthorizationData entry.
*/
final
public
class
AuthorizationDataEntry
{
private
final
int
type
;
private
final
byte
[]
data
;
/**
* Create an AuthorizationDataEntry object.
* @param type the ad-type
* @param data the ad-data, a copy of the data will be saved
* inside the object.
*/
public
AuthorizationDataEntry
(
int
type
,
byte
[]
data
)
{
this
.
type
=
type
;
this
.
data
=
data
.
clone
();
}
/**
* Get the ad-type field.
* @return ad-type
*/
public
int
getType
()
{
return
type
;
}
/**
* Get a copy of the ad-data field.
* @return ad-data
*/
public
byte
[]
getData
()
{
return
data
.
clone
();
}
public
String
toString
()
{
return
"AuthorizationDataEntry: type="
+
type
+
", data="
+
data
.
length
+
" bytes:\n"
+
new
sun
.
misc
.
HexDumpEncoder
().
encode
(
data
);
}
}
src/share/classes/com/sun/security/jgss/ExtendedGSSContext.java
0 → 100644
浏览文件 @
1eb15c0b
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.security.jgss
;
import
org.ietf.jgss.*
;
/**
* The extended GSSContext interface for supporting additional
* functionalities not defined by {@code org.ietf.jgss.GSSContext},
* such as querying context-specific attributes.
*/
public
interface
ExtendedGSSContext
extends
GSSContext
{
/**
* Return the mechanism-specific attribute associated with {@code type}.
* <br><br>
* For each supported attribute type, the type for the output are
* defined below.
* <ol>
* <li>{@code KRB5_GET_TKT_FLAGS}:
* the returned object is a boolean array for the service ticket flags,
* which is long enough to contain all true bits. This means if
* the user wants to get the <em>n</em>'th bit but the length of the
* returned array is less than <em>n</em>, it is regarded as false.
* <li>{@code KRB5_GET_SESSION_KEY}:
* the returned object is an instance of {@link java.security.Key},
* which has the following properties:
* <ul>
* <li>Algorithm: enctype as a string, where
* enctype is defined in RFC 3961, section 8.
* <li>Format: "RAW"
* <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
* </ul>
* <li>{@code KRB5_GET_AUTHZ_DATA}:
* the returned object is an array of
* {@link com.sun.security.jgss.AuthorizationDataEntry}, or null if the
* optional field is missing in the service ticket.
* <li>{@code KRB5_GET_AUTHTIME}:
* the returned object is a String object in the standard KerberosTime
* format defined in RFC 4120 5.2.3
* </ol>
*
* If there is a security manager, an {@link InquireSecContextPermission}
* with the name {@code type.mech} must be granted. Otherwise, this could
* result in a {@link SecurityException}.<p>
*
* Example:
* <pre>
* GSSContext ctxt = m.createContext(...)
* // Establishing the context
* if (ctxt instanceof ExtendedGSSContext) {
* ExtendedGSSContext ex = (ExtendedGSSContext)ctxt;
* try {
* Key key = (key)ex.inquireSecContext(
* InquireType.KRB5_GET_SESSION_KEY);
* // read key info
* } catch (GSSException gsse) {
* // deal with exception
* }
* }
* </pre>
* @param type the type of the attribute requested
* @return the attribute, see the method documentation for details.
* @throws GSSException containing the following
* major error codes:
* {@link GSSException#BAD_MECH GSSException.BAD_MECH} if the mechanism
* does not support this method,
* {@link GSSException#UNAVAILABLE GSSException.UNAVAILABLE} if the
* type specified is not supported,
* {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT} if the
* security context is invalid,
* {@link GSSException#FAILURE GSSException.FAILURE} for other
* unspecified failures.
* @throws SecurityException if a security manager exists and a proper
* {@link InquireSecContextPermission} is not granted.
* @see InquireSecContextPermission
*/
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
;
}
src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java
0 → 100644
浏览文件 @
1eb15c0b
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.security.jgss
;
import
java.security.BasicPermission
;
/**
* This class is used to protect various attributes of an established
* GSS security context that can be accessed using the
* {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
* method.
*
* <p>The target name is the {@link InquireType} allowed.
*/
public
final
class
InquireSecContextPermission
extends
BasicPermission
{
/**
* Constructs a new {@code InquireSecContextPermission} object with
* the specified name. The name is the symbolic name of the
* {@link InquireType} allowed.
*
* @param name the {@link InquireType} allowed by this
* permission. "*" means all {@link InquireType}s are allowed.
*
* @throws NullPointerException if <code>name</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>name</code> is empty.
*/
public
InquireSecContextPermission
(
String
name
)
{
super
(
name
);
}
}
src/share/classes/com/sun/security/jgss/InquireType.java
0 → 100644
浏览文件 @
1eb15c0b
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.security.jgss
;
/**
* Attribute types that can be specified as an argument of
* {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
*/
public
enum
InquireType
{
/**
* Attribute type for retrieving the session key of an
* established Kerberos 5 security context.
*/
KRB5_GET_SESSION_KEY
,
/**
* Attribute type for retrieving the service ticket flags of an
* established Kerberos 5 security context.
*/
KRB5_GET_TKT_FLAGS
,
/**
* Attribute type for retrieving the authorization data in the
* service ticket of an established Kerberos 5 security context.
* Only supported on the acceptor side.
*/
KRB5_GET_AUTHZ_DATA
,
/**
* Attribute type for retrieving the authtime in the service ticket
* of an established Kerberos 5 security context.
*/
KRB5_GET_AUTHTIME
}
src/share/classes/java/nio/file/SimpleFileVisitor.java
浏览文件 @
1eb15c0b
...
...
@@ -47,6 +47,14 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
protected
SimpleFileVisitor
()
{
}
/**
* Throws NullPointerException if obj is null.
*/
private
static
void
checkNotNull
(
Object
obj
)
{
if
(
obj
==
null
)
throw
new
NullPointerException
();
}
/**
* Invoked for a directory before entries in the directory are visited.
*
...
...
@@ -55,6 +63,7 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
*/
@Override
public
FileVisitResult
preVisitDirectory
(
T
dir
)
{
checkNotNull
(
dir
);
return
FileVisitResult
.
CONTINUE
;
}
...
...
@@ -70,6 +79,8 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
*/
@Override
public
FileVisitResult
preVisitDirectoryFailed
(
T
dir
,
IOException
exc
)
{
checkNotNull
(
dir
);
checkNotNull
(
exc
);
throw
new
IOError
(
exc
);
}
...
...
@@ -81,6 +92,8 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
*/
@Override
public
FileVisitResult
visitFile
(
T
file
,
BasicFileAttributes
attrs
)
{
checkNotNull
(
file
);
checkNotNull
(
attrs
);
return
FileVisitResult
.
CONTINUE
;
}
...
...
@@ -96,6 +109,8 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
*/
@Override
public
FileVisitResult
visitFileFailed
(
T
file
,
IOException
exc
)
{
checkNotNull
(
file
);
checkNotNull
(
exc
);
throw
new
IOError
(
exc
);
}
...
...
@@ -114,6 +129,7 @@ public class SimpleFileVisitor<T> implements FileVisitor<T> {
*/
@Override
public
FileVisitResult
postVisitDirectory
(
T
dir
,
IOException
exc
)
{
checkNotNull
(
dir
);
if
(
exc
!=
null
)
throw
new
IOError
(
exc
);
return
FileVisitResult
.
CONTINUE
;
...
...
src/share/classes/java/nio/file/attribute/AclFileAttributeView.java
浏览文件 @
1eb15c0b
...
...
@@ -75,7 +75,7 @@ import java.io.IOException;
* .lookupPrincipalByName("joe");
*
* // get view
* AclFileAttributeView view = file.
new
FileAttributeView(AclFileAttributeView.class);
* AclFileAttributeView view = file.
get
FileAttributeView(AclFileAttributeView.class);
*
* // create ACE to give "joe" read access
* AclEntry entry = AclEntry.newBuilder()
...
...
src/share/classes/java/nio/file/attribute/PosixFileAttributeView.java
浏览文件 @
1eb15c0b
...
...
@@ -61,7 +61,7 @@ import java.io.IOException;
* Suppose we need to print out the owner and access permissions of a file:
* <pre>
* FileRef file = ...
* PosixFileAttributes attrs = file.
new
FileAttributeView(PosixFileAttributeView.class)
* PosixFileAttributes attrs = file.
get
FileAttributeView(PosixFileAttributeView.class)
* .readAttributes();
* System.out.format("%s %s%n",
* attrs.owner().getName(),
...
...
src/share/classes/sun/security/jgss/GSSContextImpl.java
浏览文件 @
1eb15c0b
/*
* Copyright 2000-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -27,14 +27,13 @@ package sun.security.jgss;
import
org.ietf.jgss.*
;
import
sun.security.jgss.spi.*
;
import
sun.security.jgss.*
;
import
sun.security.util.ObjectIdentifier
;
import
java.io.InputStream
;
import
java.io.OutputStream
;
import
java.io.ByteArrayInputStream
;
import
java.io.ByteArrayOutputStream
;
import
java.io.IOException
;
import
com.sun.security.jgss.*
;
/**
* This class represents the JGSS security context and its associated
...
...
@@ -88,7 +87,7 @@ import java.io.IOException;
* per-message operations are returned in an instance of the MessageProp
* class, which is used as an argument in these calls.</dl>
*/
class
GSSContextImpl
implements
GSSContext
{
class
GSSContextImpl
implements
Extended
GSSContext
{
private
GSSManagerImpl
gssManager
=
null
;
...
...
@@ -630,4 +629,16 @@ class GSSContextImpl implements GSSContext {
srcName
=
null
;
targName
=
null
;
}
@Override
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
{
SecurityManager
security
=
System
.
getSecurityManager
();
if
(
security
!=
null
)
{
security
.
checkPermission
(
new
InquireSecContextPermission
(
type
.
toString
()));
}
if
(
mechCtxt
==
null
)
{
throw
new
GSSException
(
GSSException
.
NO_CONTEXT
);
}
return
mechCtxt
.
inquireSecContext
(
type
);
}
}
src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java
浏览文件 @
1eb15c0b
/*
* Copyright 2000-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,12 +25,14 @@
package
sun.security.jgss.krb5
;
import
com.sun.security.jgss.AuthorizationDataEntry
;
import
org.ietf.jgss.*
;
import
java.io.InputStream
;
import
java.io.OutputStream
;
import
java.io.IOException
;
import
sun.security.krb5.*
;
import
java.net.InetAddress
;
import
sun.security.krb5.internal.AuthorizationData
;
import
sun.security.krb5.internal.KerberosTime
;
class
InitSecContextToken
extends
InitialToken
{
...
...
@@ -59,6 +61,9 @@ class InitSecContextToken extends InitialToken {
Checksum
checksum
=
gssChecksum
.
getChecksum
();
context
.
setTktFlags
(
serviceTicket
.
getFlags
());
context
.
setAuthTime
(
new
KerberosTime
(
serviceTicket
.
getAuthTime
()).
toString
());
apReq
=
new
KrbApReq
(
serviceTicket
,
mutualRequired
,
useSubkey
,
...
...
@@ -143,6 +148,21 @@ class InitSecContextToken extends InitialToken {
// Use the same sequence number as the peer
// (Behaviour exhibited by the Windows SSPI server)
context
.
resetMySequenceNumber
(
peerSeqNumber
);
context
.
setAuthTime
(
new
KerberosTime
(
apReq
.
getCreds
().
getAuthTime
()).
toString
());
context
.
setTktFlags
(
apReq
.
getCreds
().
getFlags
());
AuthorizationData
ad
=
apReq
.
getCreds
().
getAuthzData
();
if
(
ad
==
null
)
{
context
.
setAuthzData
(
null
);
}
else
{
AuthorizationDataEntry
[]
authzData
=
new
AuthorizationDataEntry
[
ad
.
count
()];
for
(
int
i
=
0
;
i
<
ad
.
count
();
i
++)
{
authzData
[
i
]
=
new
AuthorizationDataEntry
(
ad
.
item
(
i
).
adType
,
ad
.
item
(
i
).
adData
);
}
context
.
setAuthzData
(
authzData
);
}
}
public
final
KrbApReq
getKrbApReq
()
{
...
...
src/share/classes/sun/security/jgss/krb5/Krb5Context.java
浏览文件 @
1eb15c0b
...
...
@@ -25,6 +25,7 @@
package
sun.security.jgss.krb5
;
import
com.sun.security.jgss.InquireType
;
import
org.ietf.jgss.*
;
import
sun.misc.HexDumpEncoder
;
import
sun.security.jgss.GSSUtil
;
...
...
@@ -38,6 +39,7 @@ import java.io.IOException;
import
java.security.Provider
;
import
java.security.AccessController
;
import
java.security.AccessControlContext
;
import
java.security.Key
;
import
java.security.PrivilegedExceptionAction
;
import
java.security.PrivilegedActionException
;
import
javax.crypto.Cipher
;
...
...
@@ -1283,4 +1285,81 @@ class Krb5Context implements GSSContextSpi {
// Currently used by InitialToken only
return
caller
;
}
/**
* The session key returned by inquireSecContext(KRB5_INQ_SSPI_SESSION_KEY)
*/
static
class
KerberosSessionKey
implements
Key
{
private
final
EncryptionKey
key
;
KerberosSessionKey
(
EncryptionKey
key
)
{
this
.
key
=
key
;
}
@Override
public
String
getAlgorithm
()
{
return
Integer
.
toString
(
key
.
getEType
());
}
@Override
public
String
getFormat
()
{
return
"RAW"
;
}
@Override
public
byte
[]
getEncoded
()
{
return
key
.
getBytes
().
clone
();
}
@Override
public
String
toString
()
{
return
"Kerberos session key: etype: "
+
key
.
getEType
()
+
"\n"
+
new
sun
.
misc
.
HexDumpEncoder
().
encodeBuffer
(
key
.
getBytes
());
}
}
/**
* Return the mechanism-specific attribute associated with {@code type}.
*/
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
{
if
(!
isEstablished
())
{
throw
new
GSSException
(
GSSException
.
NO_CONTEXT
,
-
1
,
"Security context not established."
);
}
switch
(
type
)
{
case
KRB5_GET_SESSION_KEY:
return
new
KerberosSessionKey
(
key
);
case
KRB5_GET_TKT_FLAGS:
return
tktFlags
.
clone
();
case
KRB5_GET_AUTHZ_DATA:
if
(
isInitiator
())
{
throw
new
GSSException
(
GSSException
.
UNAVAILABLE
,
-
1
,
"AuthzData not available on initiator side."
);
}
else
{
return
(
authzData
==
null
)?
null
:
authzData
.
clone
();
}
case
KRB5_GET_AUTHTIME:
return
authTime
;
}
throw
new
GSSException
(
GSSException
.
UNAVAILABLE
,
-
1
,
"Inquire type not supported."
);
}
// Helpers for inquireSecContext
private
boolean
[]
tktFlags
;
private
String
authTime
;
private
com
.
sun
.
security
.
jgss
.
AuthorizationDataEntry
[]
authzData
;
public
void
setTktFlags
(
boolean
[]
tktFlags
)
{
this
.
tktFlags
=
tktFlags
;
}
public
void
setAuthTime
(
String
authTime
)
{
this
.
authTime
=
authTime
;
}
public
void
setAuthzData
(
com
.
sun
.
security
.
jgss
.
AuthorizationDataEntry
[]
authzData
)
{
this
.
authzData
=
authzData
;
}
}
src/share/classes/sun/security/jgss/spi/GSSContextSpi.java
浏览文件 @
1eb15c0b
/*
* Portions Copyright 2000-200
5
Sun Microsystems, Inc. All Rights Reserved.
* Portions Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -46,6 +46,7 @@ import org.ietf.jgss.*;
import
java.io.InputStream
;
import
java.io.OutputStream
;
import
java.security.Provider
;
import
com.sun.security.jgss.*
;
/**
* This interface is implemented by a mechanism specific instance of a GSS
...
...
@@ -265,7 +266,6 @@ public interface GSSContextSpi {
* @param msgPro on input it contains the requested qop and
* confidentiality state, on output, the applied values
* @exception GSSException may be thrown
* @see MessageInfo
* @see unwrap
*/
public
void
wrap
(
InputStream
is
,
OutputStream
os
,
MessageProp
msgProp
)
...
...
@@ -315,7 +315,6 @@ public interface GSSContextSpi {
* @param msgProp will contain the applied qop and confidentiality
* of the input token and any informatory status values
* @exception GSSException may be thrown
* @see MessageInfo
* @see wrap
*/
public
void
unwrap
(
InputStream
is
,
OutputStream
os
,
...
...
@@ -403,4 +402,15 @@ public interface GSSContextSpi {
* @exception GSSException may be thrown
*/
public
void
dispose
()
throws
GSSException
;
/**
* Return the mechanism-specific attribute associated with (@code type}.
*
* @param type the type of the attribute requested
* @return the attribute
* @throws GSSException see {@link ExtendedGSSContext#inquireSecContext}
* for details
*/
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
;
}
src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
浏览文件 @
1eb15c0b
...
...
@@ -25,10 +25,10 @@
package
sun.security.jgss.spnego
;
import
com.sun.security.jgss.ExtendedGSSContext
;
import
com.sun.security.jgss.InquireType
;
import
java.io.*
;
import
java.security.Provider
;
import
java.util.List
;
import
java.util.ArrayList
;
import
org.ietf.jgss.*
;
import
sun.security.jgss.*
;
import
sun.security.jgss.spi.*
;
...
...
@@ -1185,4 +1185,22 @@ public class SpNegoContext implements GSSContextSpi {
return
(
"Unknown state "
+
state
);
}
}
/**
* Retrieve attribute of the context for {@code type}.
*/
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
{
if
(
mechContext
==
null
)
{
throw
new
GSSException
(
GSSException
.
NO_CONTEXT
,
-
1
,
"Underlying mech not established."
);
}
if
(
mechContext
instanceof
ExtendedGSSContext
)
{
return
((
ExtendedGSSContext
)
mechContext
).
inquireSecContext
(
type
);
}
else
{
throw
new
GSSException
(
GSSException
.
BAD_MECH
,
-
1
,
"inquireSecContext not supported by underlying mech."
);
}
}
}
src/share/classes/sun/security/jgss/wrapper/NativeGSSContext.java
浏览文件 @
1eb15c0b
/*
* Copyright 2005 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2005
-2009
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -36,6 +36,7 @@ import sun.security.util.ObjectIdentifier;
import
sun.security.jgss.spnego.NegTokenInit
;
import
sun.security.jgss.spnego.NegTokenTarg
;
import
javax.security.auth.kerberos.DelegationPermission
;
import
com.sun.security.jgss.InquireType
;
import
java.io.*
;
...
...
@@ -615,4 +616,10 @@ class NativeGSSContext implements GSSContextSpi {
protected
void
finalize
()
throws
Throwable
{
dispose
();
}
public
Object
inquireSecContext
(
InquireType
type
)
throws
GSSException
{
throw
new
GSSException
(
GSSException
.
UNAVAILABLE
,
-
1
,
"Inquire type not supported."
);
}
}
src/share/classes/sun/security/krb5/Credentials.java
浏览文件 @
1eb15c0b
/*
* Portions Copyright 2000-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Portions Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -63,12 +63,29 @@ public class Credentials {
KerberosTime
renewTill
;
HostAddresses
cAddr
;
EncryptionKey
serviceKey
;
AuthorizationData
authzData
;
private
static
boolean
DEBUG
=
Krb5
.
DEBUG
;
private
static
CredentialsCache
cache
;
static
boolean
alreadyLoaded
=
false
;
private
static
boolean
alreadyTried
=
false
;
private
static
native
Credentials
acquireDefaultNativeCreds
();
public
Credentials
(
Ticket
new_ticket
,
PrincipalName
new_client
,
PrincipalName
new_server
,
EncryptionKey
new_key
,
TicketFlags
new_flags
,
KerberosTime
authTime
,
KerberosTime
new_startTime
,
KerberosTime
new_endTime
,
KerberosTime
renewTill
,
HostAddresses
cAddr
,
AuthorizationData
authzData
)
{
this
(
new_ticket
,
new_client
,
new_server
,
new_key
,
new_flags
,
authTime
,
new_startTime
,
new_endTime
,
renewTill
,
cAddr
);
this
.
authzData
=
authzData
;
}
public
Credentials
(
Ticket
new_ticket
,
PrincipalName
new_client
,
PrincipalName
new_server
,
...
...
@@ -213,6 +230,9 @@ public class Credentials {
return
flags
;
}
public
AuthorizationData
getAuthzData
()
{
return
authzData
;
}
/**
* Checks if the service ticket returned by the KDC has the OK-AS-DELEGATE
* flag set
...
...
src/share/classes/sun/security/krb5/KrbApReq.java
浏览文件 @
1eb15c0b
/*
* Portions Copyright 2000-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Portions Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -356,12 +356,13 @@ public class KrbApReq {
authenticator
.
cname
,
apReqMessg
.
ticket
.
sname
,
enc_ticketPart
.
key
,
null
,
enc_ticketPart
.
flags
,
enc_ticketPart
.
authtime
,
enc_ticketPart
.
starttime
,
enc_ticketPart
.
endtime
,
enc_ticketPart
.
renewTill
,
enc_ticketPart
.
caddr
);
enc_ticketPart
.
caddr
,
enc_ticketPart
.
authorizationData
);
if
(
DEBUG
)
{
System
.
out
.
println
(
">>> KrbApReq: authenticate succeed."
);
}
...
...
src/share/classes/sun/security/krb5/internal/AuthorizationData.java
浏览文件 @
1eb15c0b
...
...
@@ -174,4 +174,12 @@ public class AuthorizationData implements Cloneable {
}
return
retVal
;
}
public
int
count
()
{
return
entry
.
length
;
}
public
AuthorizationDataEntry
item
(
int
i
)
{
return
(
AuthorizationDataEntry
)
entry
[
i
].
clone
();
}
}
src/share/classes/sun/security/tools/JarSigner.java
浏览文件 @
1eb15c0b
...
...
@@ -412,6 +412,16 @@ public class JarSigner {
}
storetype
=
KeyStoreUtil
.
niceStoreTypeName
(
storetype
);
try
{
if
(
signedjar
!=
null
&&
new
File
(
signedjar
).
getCanonicalPath
().
equals
(
new
File
(
jarfile
).
getCanonicalPath
()))
{
signedjar
=
null
;
}
}
catch
(
IOException
ioe
)
{
// File system error?
// Just ignore it.
}
if
(
P11KEYSTORE
.
equalsIgnoreCase
(
storetype
)
||
KeyStoreUtil
.
isWindowsKeyStore
(
storetype
))
{
token
=
true
;
...
...
src/share/classes/sun/security/tools/KeyTool.java
浏览文件 @
1eb15c0b
...
...
@@ -880,41 +880,41 @@ public final class KeyTool {
// might not work properly, since -gencert is slow
// and there's no data in the pipe at the beginning.
ByteArrayOutputStream
bout
=
new
ByteArrayOutputStream
();
byte
[]
b
=
new
byte
[
4096
];
while
(
true
)
{
int
len
=
inStream
.
read
(
b
);
if
(
len
<
0
)
break
;
bout
.
write
(
b
,
0
,
len
);
}
inStream
=
new
ByteArrayInputStream
(
bout
.
toByteArray
());
try
{
String
importAlias
=
(
alias
!=
null
)?
alias:
keyAlias
;
if
(
keyStore
.
entryInstanceOf
(
importAlias
,
KeyStore
.
PrivateKeyEntry
.
class
))
{
kssave
=
installReply
(
importAlias
,
inStream
);
if
(
kssave
)
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate reply was installed in keystore"
));
}
else
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate reply was not installed in keystore"
));
}
}
else
if
(!
keyStore
.
containsAlias
(
importAlias
)
||
keyStore
.
entryInstanceOf
(
importAlias
,
KeyStore
.
TrustedCertificateEntry
.
class
))
{
kssave
=
addTrustedCert
(
importAlias
,
inStream
);
if
(
kssave
)
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate was added to keystore"
));
}
else
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate was not added to keystore"
));
}
byte
[]
b
=
new
byte
[
4096
];
while
(
true
)
{
int
len
=
inStream
.
read
(
b
);
if
(
len
<
0
)
break
;
bout
.
write
(
b
,
0
,
len
);
}
}
finally
{
if
(
inStream
!=
System
.
in
)
{
inStream
.
close
();
}
}
inStream
=
new
ByteArrayInputStream
(
bout
.
toByteArray
());
String
importAlias
=
(
alias
!=
null
)?
alias:
keyAlias
;
if
(
keyStore
.
entryInstanceOf
(
importAlias
,
KeyStore
.
PrivateKeyEntry
.
class
))
{
kssave
=
installReply
(
importAlias
,
inStream
);
if
(
kssave
)
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate reply was installed in keystore"
));
}
else
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate reply was not installed in keystore"
));
}
}
else
if
(!
keyStore
.
containsAlias
(
importAlias
)
||
keyStore
.
entryInstanceOf
(
importAlias
,
KeyStore
.
TrustedCertificateEntry
.
class
))
{
kssave
=
addTrustedCert
(
importAlias
,
inStream
);
if
(
kssave
)
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate was added to keystore"
));
}
else
{
System
.
err
.
println
(
rb
.
getString
(
"Certificate was not added to keystore"
));
}
}
}
else
if
(
command
==
IMPORTKEYSTORE
)
{
doImportKeyStore
();
kssave
=
true
;
...
...
src/share/classes/sun/security/tools/PolicyTool.java
浏览文件 @
1eb15c0b
/*
* Copyright 1997-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -35,21 +35,16 @@ import java.net.MalformedURLException;
import
java.lang.reflect.*
;
import
java.text.Collator
;
import
java.text.MessageFormat
;
import
sun.misc.BASE64Decoder
;
import
sun.security.provider.PolicyParser.PermissionEntry
;
import
sun.security.util.PropertyExpander
;
import
sun.security.util.PropertyExpander.ExpandException
;
import
java.awt.*
;
import
java.awt.event.*
;
import
java.security.cert.Certificate
;
import
java.security.cert.CertificateFactory
;
import
java.security.cert.X509Certificate
;
import
java.security.cert.CertificateException
;
import
java.security.*
;
import
sun.security.provider.*
;
import
sun.security.util.PolicyUtil
;
import
javax.security.auth.x500.X500Principal
;
import
java.util.HashSet
;
/**
* PolicyTool may be used by users and administrators to configure the
...
...
@@ -1459,6 +1454,7 @@ class ToolDialog extends Dialog {
PERM_ARRAY
.
add
(
new
AWTPerm
());
PERM_ARRAY
.
add
(
new
DelegationPerm
());
PERM_ARRAY
.
add
(
new
FilePerm
());
PERM_ARRAY
.
add
(
new
InqSecContextPerm
());
PERM_ARRAY
.
add
(
new
LogPerm
());
PERM_ARRAY
.
add
(
new
MgmtPerm
());
PERM_ARRAY
.
add
(
new
MBeanPerm
());
...
...
@@ -3961,6 +3957,20 @@ class FilePerm extends Perm {
}
}
class
InqSecContextPerm
extends
Perm
{
public
InqSecContextPerm
()
{
super
(
"InquireSecContextPermission"
,
"com.sun.security.jgss.InquireSecContextPermission"
,
new
String
[]
{
"KRB5_GET_SESSION_KEY"
,
"KRB5_GET_TKT_FLAGS"
,
"KRB5_GET_AUTHZ_DATA"
,
"KRB5_GET_AUTHTIME"
},
null
);
}
}
class
LogPerm
extends
Perm
{
public
LogPerm
()
{
super
(
"LoggingPermission"
,
...
...
src/solaris/native/sun/nio/ch/Net.c
浏览文件 @
1eb15c0b
...
...
@@ -541,7 +541,7 @@ Java_sun_nio_ch_Net_shutdown(JNIEnv *env, jclass cl, jobject fdo, jint jhow)
{
int
how
=
(
jhow
==
sun_nio_ch_Net_SHUT_RD
)
?
SHUT_RD
:
(
jhow
==
sun_nio_ch_Net_SHUT_WR
)
?
SHUT_WR
:
SHUT_RDWR
;
if
(
shutdown
(
fdval
(
env
,
fdo
),
how
)
<
0
)
if
(
(
shutdown
(
fdval
(
env
,
fdo
),
how
)
<
0
)
&&
(
errno
!=
ENOTCONN
)
)
handleSocketError
(
env
,
errno
);
}
...
...
test/com/sun/security/jgss/InquireSecContextPermissionCheck.java
0 → 100644
浏览文件 @
1eb15c0b
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* @test
* @bug 6710360
* @summary export Kerberos session key to applications
*/
import
com.sun.security.jgss.InquireSecContextPermission
;
public
class
InquireSecContextPermissionCheck
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
InquireSecContextPermission
p0
,
p1
;
p0
=
new
InquireSecContextPermission
(
"KRB5_GET_SESSION_KEY"
);
p1
=
new
InquireSecContextPermission
(
"*"
);
if
(!
p1
.
implies
(
p0
)
||
!
p1
.
implies
(
p1
)
||
!
p0
.
implies
(
p0
))
{
throw
new
Exception
(
"Check failed"
);
}
if
(
p0
.
implies
(
p1
))
{
throw
new
Exception
(
"This is bad"
);
}
}
}
test/java/nio/channels/SocketChannel/Shutdown.java
浏览文件 @
1eb15c0b
/*
* Copyright 2002 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2002
-2009
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -22,26 +22,65 @@
*/
/* @test
* @bug 4618960
* @summary Test isInputShutdown
* @library ..
* @bug 4618960 4516760
* @summary Test shutdownXXX and isInputShutdown
*/
import
java.io.IOException
;
import
java.net.*
;
import
java.nio.
*
;
import
java.nio.
ByteBuffer
;
import
java.nio.channels.*
;
public
class
Shutdown
{
public
static
void
main
(
String
args
[])
throws
Exception
{
InetSocketAddress
sa
=
new
InetSocketAddress
(
InetAddress
.
getByName
(
TestUtil
.
HOST
),
23
);
SocketChannel
sc
=
SocketChannel
.
open
(
sa
);
boolean
before
=
sc
.
socket
().
isInputShutdown
();
sc
.
socket
().
shutdownInput
();
boolean
after
=
sc
.
socket
().
isInputShutdown
();
sc
.
close
();
if
(
before
||
!
after
)
throw
new
Exception
(
"Test failed"
);
/**
* Accept a connection, and close it immediately causing a hard reset.
*/
static
void
acceptAndReset
(
ServerSocketChannel
ssc
)
throws
IOException
{
SocketChannel
peer
=
ssc
.
accept
();
try
{
peer
.
setOption
(
StandardSocketOption
.
SO_LINGER
,
0
);
peer
.
configureBlocking
(
false
);
peer
.
write
(
ByteBuffer
.
wrap
(
new
byte
[
128
*
1024
]));
}
finally
{
peer
.
close
();
}
}
public
static
void
main
(
String
[]
args
)
throws
Exception
{
ServerSocketChannel
ssc
=
ServerSocketChannel
.
open
()
.
bind
(
new
InetSocketAddress
(
0
));
try
{
InetAddress
lh
=
InetAddress
.
getLocalHost
();
int
port
=
((
InetSocketAddress
)(
ssc
.
getLocalAddress
())).
getPort
();
SocketAddress
remote
=
new
InetSocketAddress
(
lh
,
port
);
// Test SocketChannel shutdownXXX
SocketChannel
sc
;
sc
=
SocketChannel
.
open
(
remote
);
try
{
acceptAndReset
(
ssc
);
sc
.
shutdownInput
();
sc
.
shutdownOutput
();
}
finally
{
sc
.
close
();
}
// Test Socket adapter shutdownXXX and isShutdownInput
sc
=
SocketChannel
.
open
(
remote
);
try
{
acceptAndReset
(
ssc
);
boolean
before
=
sc
.
socket
().
isInputShutdown
();
sc
.
socket
().
shutdownInput
();
boolean
after
=
sc
.
socket
().
isInputShutdown
();
if
(
before
||
!
after
)
throw
new
RuntimeException
(
"Before and after test failed"
);
sc
.
socket
().
shutdownOutput
();
}
finally
{
sc
.
close
();
}
}
finally
{
ssc
.
close
();
}
}
}
test/java/nio/file/Files/Misc.java
浏览文件 @
1eb15c0b
...
...
@@ -22,13 +22,14 @@
*/
/* @test
* @bug 4313887 6838333
* @bug 4313887 6838333
6865748
* @summary Unit test for java.nio.file.Files for miscellenous cases not
* covered by other tests
* @library ..
*/
import
java.nio.file.*
;
import
java.nio.file.attribute.Attributes
;
import
java.io.IOException
;
import
java.util.*
;
...
...
@@ -113,5 +114,29 @@ public class Misc {
npeExpected
();
}
catch
(
NullPointerException
e
)
{
}
SimpleFileVisitor
<
Path
>
visitor
=
new
SimpleFileVisitor
<
Path
>()
{
};
boolean
ranTheGauntlet
=
false
;
try
{
visitor
.
preVisitDirectory
(
null
);
}
catch
(
NullPointerException
x0
)
{
try
{
visitor
.
preVisitDirectoryFailed
(
null
,
new
IOException
());
}
catch
(
NullPointerException
x1
)
{
try
{
visitor
.
preVisitDirectoryFailed
(
dir
,
null
);
}
catch
(
NullPointerException
x2
)
{
try
{
visitor
.
visitFile
(
null
,
Attributes
.
readBasicFileAttributes
(
Paths
.
get
(
"."
)));
}
catch
(
NullPointerException
x3
)
{
try
{
visitor
.
visitFile
(
dir
,
null
);
}
catch
(
NullPointerException
x4
)
{
try
{
visitor
.
visitFileFailed
(
null
,
new
IOException
());
}
catch
(
NullPointerException
x5
)
{
try
{
visitor
.
visitFileFailed
(
dir
,
null
);
}
catch
(
NullPointerException
x6
)
{
try
{
visitor
.
postVisitDirectory
(
null
,
new
IOException
());
}
catch
(
NullPointerException
x7
)
{
// if we get here then all visit* methods threw NPE as expected
ranTheGauntlet
=
true
;
}}}}}}}}
if
(!
ranTheGauntlet
)
throw
new
RuntimeException
(
"A visit method did not throw NPE"
);
}
}
test/sun/security/krb5/auto/Context.java
浏览文件 @
1eb15c0b
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2008
-2009
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -22,6 +22,7 @@
*/
import
com.sun.security.auth.module.Krb5LoginModule
;
import
java.security.Key
;
import
java.security.PrivilegedActionException
;
import
java.security.PrivilegedExceptionAction
;
import
java.util.Arrays
;
...
...
@@ -38,6 +39,9 @@ import org.ietf.jgss.GSSManager;
import
org.ietf.jgss.GSSName
;
import
org.ietf.jgss.MessageProp
;
import
org.ietf.jgss.Oid
;
import
com.sun.security.jgss.ExtendedGSSContext
;
import
com.sun.security.jgss.InquireType
;
import
com.sun.security.jgss.AuthorizationDataEntry
;
/**
* Context of a JGSS subject, encapsulating Subject and GSSContext.
...
...
@@ -276,6 +280,34 @@ public class Context {
}
}
}
if
(
x
!=
null
&&
x
instanceof
ExtendedGSSContext
)
{
if
(
x
.
isEstablished
())
{
ExtendedGSSContext
ex
=
(
ExtendedGSSContext
)
x
;
Key
k
=
(
Key
)
ex
.
inquireSecContext
(
InquireType
.
KRB5_GET_SESSION_KEY
);
if
(
k
==
null
)
{
throw
new
Exception
(
"Session key cannot be null"
);
}
System
.
out
.
println
(
"Session key is: "
+
k
);
boolean
[]
flags
=
(
boolean
[])
ex
.
inquireSecContext
(
InquireType
.
KRB5_GET_TKT_FLAGS
);
if
(
flags
==
null
)
{
throw
new
Exception
(
"Ticket flags cannot be null"
);
}
System
.
out
.
println
(
"Ticket flags is: "
+
Arrays
.
toString
(
flags
));
String
authTime
=
(
String
)
ex
.
inquireSecContext
(
InquireType
.
KRB5_GET_AUTHTIME
);
if
(
authTime
==
null
)
{
throw
new
Exception
(
"Auth time cannot be null"
);
}
System
.
out
.
println
(
"AuthTime is: "
+
authTime
);
if
(!
x
.
isInitiator
())
{
AuthorizationDataEntry
[]
ad
=
(
AuthorizationDataEntry
[])
ex
.
inquireSecContext
(
InquireType
.
KRB5_GET_AUTHZ_DATA
);
System
.
out
.
println
(
"AuthzData is: "
+
Arrays
.
toString
(
ad
));
}
}
}
}
/**
...
...
test/sun/security/tools/jarsigner/samename.sh
0 → 100644
浏览文件 @
1eb15c0b
#
# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
# @test
# @bug 6866479
# @summary libzip.so caused JVM to crash when running jarsigner
#
if
[
"
${
TESTJAVA
}
"
=
""
]
;
then
JAVAC_CMD
=
`
which javac
`
TESTJAVA
=
`
dirname
$JAVAC_CMD
`
/..
fi
# set platform-dependent variables
OS
=
`
uname
-s
`
case
"
$OS
"
in
Windows_
*
|
CYGWIN
*
)
SIGNEDJAR
=
EM.jar
FS
=
"
\\
"
;;
*
)
SIGNEDJAR
=
em.jar
FS
=
"/"
;;
esac
KS
=
samename.jks
JFILE
=
em.jar
KT
=
"
$TESTJAVA
${
FS
}
bin
${
FS
}
keytool -storepass changeit -keypass changeit -keystore
$KS
"
JAR
=
$TESTJAVA
${
FS
}
bin
${
FS
}
jar
JARSIGNER
=
$TESTJAVA
${
FS
}
bin
${
FS
}
jarsigner
rm
$KS
$JFILE
$SIGNEDJAR
echo
A
>
A
$JAR
cvf
$JFILE
A
$KT
-alias
a
-dname
CN
=
a
-keyalg
rsa
-genkey
-validity
300
$JARSIGNER
-keystore
$KS
-storepass
changeit
-signedjar
$SIGNEDJAR
$JFILE
a
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录