Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 4afdc225 编写于 作者: W weijun
浏览文件
操作

8034033: [parfait] JNI exception pending in share/native/sun/security/krb5/nativeccache.c 

Reviewed-by: valeriep
上级 79b598d8
隐藏空白更改
内联 并排
Showing with 49 addition and 12 deletion
src/share/native/sun/security/krb5/nativeccache.c
浏览文件 @ 4afdc225
...@@ -141,7 +141,7 @@ JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *jvm, void *reserved) ...@@ -141,7 +141,7 @@ JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *jvm, void *reserved)
#endif /* DEBUG */ #endif /* DEBUG */
ticketConstructor = (*env)->GetMethodID(env, ticketClass, "<init>", "(Lsun/security/util/DerValue;)V"); ticketConstructor = (*env)->GetMethodID(env, ticketClass, "<init>", "(Lsun/security/util/DerValue;)V");
if (derValueConstructor == 0) { if (ticketConstructor == 0) {
printf("Couldn't find Ticket constructor\n"); printf("Couldn't find Ticket constructor\n");
return JNI_ERR; return JNI_ERR;
} }
...@@ -272,6 +272,7 @@ int isIn(krb5_enctype e, int n, jint* etypes) ...@@ -272,6 +272,7 @@ int isIn(krb5_enctype e, int n, jint* etypes)
} }
return 0; return 0;
} }
/* /*
* Class: sun_security_krb5_Credentials * Class: sun_security_krb5_Credentials
* Method: acquireDefaultNativeCreds * Method: acquireDefaultNativeCreds
...@@ -309,7 +310,7 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ ...@@ -309,7 +310,7 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ
netypes = (*env)->GetArrayLength(env, jetypes); netypes = (*env)->GetArrayLength(env, jetypes);
etypes = (jint *) (*env)->GetIntArrayElements(env, jetypes, NULL); etypes = (jint *) (*env)->GetIntArrayElements(env, jetypes, NULL);
if (!err) { if (etypes != NULL && !err) {
while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) { while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) {
char *serverName = NULL; char *serverName = NULL;
...@@ -319,8 +320,16 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ ...@@ -319,8 +320,16 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ
} }
if (!err) { if (!err) {
if (strncmp (serverName, "krbtgt", sizeof("krbtgt")-1) == 0 && char* slash = strchr(serverName, '/');
isIn(creds.keyblock.enctype, netypes, etypes)) { char* at = strchr(serverName, '@');
// Make sure the server's name is krbtgt/REALM@REALM, the etype
// is supported, and the ticket has not expired
if (slash && at &&
strncmp (serverName, "krbtgt", slash-serverName) == 0 &&
// the ablove line shows at must be after slash
strncmp (slash+1, at+1, at-slash-1) == 0 &&
isIn (creds.keyblock.enctype, netypes, etypes) &&
creds.times.endtime > time(0)) {
jobject ticket, clientPrincipal, targetPrincipal, encryptionKey; jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
jobject ticketFlags, startTime, endTime; jobject ticketFlags, startTime, endTime;
jobject authTime, renewTillTime, hostAddresses; jobject authTime, renewTillTime, hostAddresses;
...@@ -399,8 +408,12 @@ cleanup: ...@@ -399,8 +408,12 @@ cleanup:
if (endTime) (*env)->DeleteLocalRef(env, endTime); if (endTime) (*env)->DeleteLocalRef(env, endTime);
if (renewTillTime) (*env)->DeleteLocalRef(env, renewTillTime); if (renewTillTime) (*env)->DeleteLocalRef(env, renewTillTime);
if (hostAddresses) (*env)->DeleteLocalRef(env, hostAddresses); if (hostAddresses) (*env)->DeleteLocalRef(env, hostAddresses);
}
// Stop if there is an exception or we already found the initial TGT
if ((*env)->ExceptionCheck(env) || krbCreds) {
break;
}
}
} }
if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); } if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); }
...@@ -410,7 +423,6 @@ cleanup: ...@@ -410,7 +423,6 @@ cleanup:
if (err == KRB5_CC_END) { err = 0; } if (err == KRB5_CC_END) { err = 0; }
printiferr (err, "while retrieving a ticket"); printiferr (err, "while retrieving a ticket");
} }
if (!err) { if (!err) {
...@@ -445,25 +457,25 @@ jobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket) ...@@ -445,25 +457,25 @@ jobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket)
jbyteArray ary; jbyteArray ary;
ary = (*env)->NewByteArray(env, encodedTicket->length); ary = (*env)->NewByteArray(env, encodedTicket->length);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionCheck(env)) {
return (jobject) NULL; return (jobject) NULL;
} }
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicket->length, (jbyte *)encodedTicket->data); (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicket->length, (jbyte *)encodedTicket->data);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionCheck(env)) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
return (jobject) NULL; return (jobject) NULL;
} }
derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary); derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionCheck(env)) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
return (jobject) NULL; return (jobject) NULL;
} }
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue); ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionCheck(env)) {
(*env)->DeleteLocalRef(env, derValue); (*env)->DeleteLocalRef(env, derValue);
return (jobject) NULL; return (jobject) NULL;
} }
...@@ -480,6 +492,10 @@ jobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal ...@@ -480,6 +492,10 @@ jobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal
if (!err) { if (!err) {
// Make a PrincipalName from the full string and the type. Let the PrincipalName class parse it out. // Make a PrincipalName from the full string and the type. Let the PrincipalName class parse it out.
jstring principalStringObj = (*env)->NewStringUTF(env, principalString); jstring principalStringObj = (*env)->NewStringUTF(env, principalString);
if (principalStringObj == NULL) {
if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); }
return (jobject) NULL;
}
principal = (*env)->NewObject(env, principalNameClass, principalNameConstructor, principalStringObj, principalName->type); principal = (*env)->NewObject(env, principalNameClass, principalNameConstructor, principalStringObj, principalName->type);
if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); } if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); }
(*env)->DeleteLocalRef(env, principalStringObj); (*env)->DeleteLocalRef(env, principalStringObj);
...@@ -494,8 +510,13 @@ jobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey) { ...@@ -494,8 +510,13 @@ jobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey) {
jobject encryptionKey = NULL; jobject encryptionKey = NULL;
ary = (*env)->NewByteArray(env,cryptoKey->length); ary = (*env)->NewByteArray(env,cryptoKey->length);
if (ary == NULL) {
return (jobject) NULL;
}
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->length, (jbyte *)cryptoKey->contents); (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->length, (jbyte *)cryptoKey->contents);
if (!(*env)->ExceptionOccurred(env)) { if (!(*env)->ExceptionCheck(env)) {
encryptionKey = (*env)->NewObject(env, encryptionKeyClass, encryptionKeyConstructor, cryptoKey->enctype, ary); encryptionKey = (*env)->NewObject(env, encryptionKeyClass, encryptionKeyConstructor, cryptoKey->enctype, ary);
} }
...@@ -514,9 +535,14 @@ jobject BuildTicketFlags(JNIEnv *env, krb5_flags flags) { ...@@ -514,9 +535,14 @@ jobject BuildTicketFlags(JNIEnv *env, krb5_flags flags) {
unsigned long nlflags = htonl(flags); unsigned long nlflags = htonl(flags);
ary = (*env)->NewByteArray(env, sizeof(flags)); ary = (*env)->NewByteArray(env, sizeof(flags));
if (ary == NULL) {
return (jobject) NULL;
}
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(flags), (jbyte *)&nlflags); (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(flags), (jbyte *)&nlflags);
if (!(*env)->ExceptionOccurred(env)) { if (!(*env)->ExceptionCheck(env)) {
ticketFlags = (*env)->NewObject(env, ticketFlagsClass, ticketFlagsConstructor, sizeof(flags)*8, ary); ticketFlags = (*env)->NewObject(env, ticketFlagsClass, ticketFlagsConstructor, sizeof(flags)*8, ary);
} }
...@@ -550,6 +576,10 @@ jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) { ...@@ -550,6 +576,10 @@ jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) {
jobject address_list = (*env)->NewObjectArray(env, addressCount, hostAddressClass, NULL); jobject address_list = (*env)->NewObjectArray(env, addressCount, hostAddressClass, NULL);
if (address_list == NULL) {
return (jobject) NULL;
}
// Create a new HostAddress object for each address block. // Create a new HostAddress object for each address block.
// First, reset the iterator. // First, reset the iterator.
p = addresses; p = addresses;
...@@ -567,9 +597,16 @@ jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) { ...@@ -567,9 +597,16 @@ jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
if (address == NULL) {
return (jobject) NULL;
}
// Add the HostAddress to the arrray. // Add the HostAddress to the arrray.
(*env)->SetObjectArrayElement(env, address_list, index, address); (*env)->SetObjectArrayElement(env, address_list, index, address);
if ((*env)->ExceptionCheck(env)) {
return (jobject) NULL;
}
index++; index++;
p++; p++;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册