diff --git a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java index 30461e25f7c8d94103cdcf5abf4c60261f7233f1..baa836efe5cfe7fa9356a0c1472b71ab84f5447a 100644 --- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java +++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -73,8 +73,12 @@ abstract class GssKrb5Base extends AbstractSaslImpl { } try { - MessageProp msgProp = new MessageProp(JGSS_QOP, privacy); + MessageProp msgProp = new MessageProp(JGSS_QOP, false); byte[] answer = secCtx.unwrap(incoming, start, len, msgProp); + if (privacy && !msgProp.getPrivacy()) { + throw new SaslException("Privacy not protected"); + } + checkMessageProp("", msgProp); if (logger.isLoggable(Level.FINEST)) { traceOutput(myClassName, "KRB501:Unwrap", "incoming: ", incoming, start, len); @@ -128,4 +132,20 @@ abstract class GssKrb5Base extends AbstractSaslImpl { protected void finalize() throws Throwable { dispose(); } + + void checkMessageProp(String label, MessageProp msgProp) + throws SaslException { + if (msgProp.isDuplicateToken()) { + throw new SaslException(label + "Duplicate token"); + } + if (msgProp.isGapToken()) { + throw new SaslException(label + "Gap token"); + } + if (msgProp.isOldToken()) { + throw new SaslException(label + "Old token"); + } + if (msgProp.isUnseqToken()) { + throw new SaslException(label + "Token not in sequence"); + } + } } diff --git a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java index e8d9a4cc866c0b6b80a44a1d270bb871e70455bd..34a879ab65690e637f0e94259963866973688f8d 100644 --- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java +++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -230,8 +230,10 @@ final class GssKrb5Client extends GssKrb5Base implements SaslClient { // Received S1 (security layer, server max recv size) + MessageProp msgProp = new MessageProp(false); byte[] gssOutToken = secCtx.unwrap(challengeData, 0, - challengeData.length, new MessageProp(0, false)); + challengeData.length, msgProp); + checkMessageProp("Handshake failure: ", msgProp); // First octet is a bit-mask specifying the protections // supported by the server diff --git a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java index 94ce39c0ad14281264933e582fbc5a465bcfdc14..10c429aca575f819b20899c0ed0bc9f451e4c2cd 100644 --- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java +++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -250,8 +250,10 @@ final class GssKrb5Server extends GssKrb5Base implements SaslServer { try { // Expecting 4 octets from client selected protection // and client's receive buffer size + MessageProp msgProp = new MessageProp(false); byte[] gssOutToken = secCtx.unwrap(responseData, 0, - responseData.length, new MessageProp(0, false)); + responseData.length, msgProp); + checkMessageProp("Handshake failure: ", msgProp); if (logger.isLoggable(Level.FINER)) { traceOutput(MY_CLASS_NAME, "doHandshake2", diff --git a/test/sun/security/krb5/auto/SaslGSS.java b/test/sun/security/krb5/auto/SaslGSS.java deleted file mode 100644 index d21cfebb19bd63d3892921757ec56ac0d56ef94b..0000000000000000000000000000000000000000 --- a/test/sun/security/krb5/auto/SaslGSS.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8012082 8019267 - * @summary SASL: auth-conf negotiated, but unencrypted data is accepted, - * reset to unencrypt - * @compile -XDignore.symbol.file SaslGSS.java - * @run main/othervm -Dsun.net.spi.nameservice.provider.1=ns,mock SaslGSS - */ - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import javax.security.sasl.AuthorizeCallback; -import javax.security.sasl.RealmCallback; -import javax.security.sasl.Sasl; -import javax.security.sasl.SaslServer; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.PrintStream; -import java.util.HashMap; -import java.util.Locale; -import java.util.logging.ConsoleHandler; -import java.util.logging.Handler; -import java.util.logging.Level; -import java.util.logging.Logger; - -import org.ietf.jgss.*; -import sun.security.jgss.GSSUtil; - -public class SaslGSS { - - public static void main(String[] args) throws Exception { - - String name = "host." + OneKDC.REALM.toLowerCase(Locale.US); - - new OneKDC(null).writeJAASConf(); - System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); - - // Client in JGSS so that it can control wrap privacy mode - GSSManager m = GSSManager.getInstance(); - GSSContext sc = m.createContext( - m.createName(OneKDC.SERVER, GSSUtil.NT_GSS_KRB5_PRINCIPAL), - GSSUtil.GSS_KRB5_MECH_OID, - null, - GSSContext.DEFAULT_LIFETIME); - sc.requestMutualAuth(false); - - // Server in SASL - final HashMap props = new HashMap(); - props.put(Sasl.QOP, "auth-conf"); - SaslServer ss = Sasl.createSaslServer("GSSAPI", "server", - name, props, - new CallbackHandler() { - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (Callback cb : callbacks) { - if (cb instanceof RealmCallback) { - ((RealmCallback) cb).setText(OneKDC.REALM); - } else if (cb instanceof AuthorizeCallback) { - ((AuthorizeCallback) cb).setAuthorized(true); - } - } - } - }); - - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - PrintStream oldErr = System.err; - System.setErr(new PrintStream(bout)); - - Logger.getLogger("javax.security.sasl").setLevel(Level.ALL); - Handler h = new ConsoleHandler(); - h.setLevel(Level.ALL); - Logger.getLogger("javax.security.sasl").addHandler(h); - - byte[] token = new byte[0]; - - try { - // Handshake - token = sc.initSecContext(token, 0, token.length); - token = ss.evaluateResponse(token); - token = sc.unwrap(token, 0, token.length, new MessageProp(0, false)); - token[0] = (byte)(((token[0] & 4) != 0) ? 4 : 2); - token = sc.wrap(token, 0, token.length, new MessageProp(0, false)); - ss.evaluateResponse(token); - } finally { - System.setErr(oldErr); - } - - // Talk - // 1. Client sends a auth-int message - byte[] hello = "hello".getBytes(); - MessageProp qop = new MessageProp(0, false); - token = sc.wrap(hello, 0, hello.length, qop); - // 2. Server accepts it anyway - ss.unwrap(token, 0, token.length); - // 3. Server sends a message - token = ss.wrap(hello, 0, hello.length); - // 4. Client accepts, should be auth-conf - sc.unwrap(token, 0, token.length, qop); - if (!qop.getPrivacy()) { - throw new Exception(); - } - - for (String s: bout.toString().split("\\n")) { - if (s.contains("KRB5SRV04") && s.contains("NULL")) { - return; - } - } - System.out.println("======================="); - System.out.println(bout.toString()); - System.out.println("======================="); - throw new Exception("Haven't seen KRB5SRV04 with NULL"); - } -}