Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
5bca2604
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
5bca2604
编写于
10月 20, 2008
作者:
W
wetmore
浏览文件
操作
浏览文件
下载
差异文件
Merge
上级
4a5cc836
120905e6
变更
10
展开全部
隐藏空白更改
内联
并排
Showing
10 changed file
with
2072 addition
and
1 deletion
+2072
-1
src/share/classes/sun/security/provider/certpath/BasicChecker.java
.../classes/sun/security/provider/certpath/BasicChecker.java
+1
-1
test/sun/security/krb5/auto/Action.java
test/sun/security/krb5/auto/Action.java
+33
-0
test/sun/security/krb5/auto/BasicKrb5Test.java
test/sun/security/krb5/auto/BasicKrb5Test.java
+114
-0
test/sun/security/krb5/auto/CleanState.java
test/sun/security/krb5/auto/CleanState.java
+75
-0
test/sun/security/krb5/auto/Context.java
test/sun/security/krb5/auto/Context.java
+386
-0
test/sun/security/krb5/auto/CrossRealm.java
test/sun/security/krb5/auto/CrossRealm.java
+101
-0
test/sun/security/krb5/auto/KDC.java
test/sun/security/krb5/auto/KDC.java
+969
-0
test/sun/security/krb5/auto/KerberosHashEqualsTest.java
test/sun/security/krb5/auto/KerberosHashEqualsTest.java
+173
-0
test/sun/security/krb5/auto/OneKDC.java
test/sun/security/krb5/auto/OneKDC.java
+155
-0
test/sun/security/krb5/auto/basic.sh
test/sun/security/krb5/auto/basic.sh
+65
-0
未找到文件。
src/share/classes/sun/security/provider/certpath/BasicChecker.java
浏览文件 @
5bca2604
...
...
@@ -162,7 +162,7 @@ class BasicChecker extends PKIXCertPathChecker {
throw
new
CertPathValidatorException
(
msg
+
" check failed"
,
e
,
null
,
-
1
,
BasicReason
.
INVALID_SIGNATURE
);
}
catch
(
GeneralSecurity
Exception
e
)
{
}
catch
(
Exception
e
)
{
throw
new
CertPathValidatorException
(
msg
+
" check failed"
,
e
);
}
...
...
test/sun/security/krb5/auto/Action.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* Action used in Context.doAs
*/
public
interface
Action
{
/**
* This method always reads a byte block and emits another one
*/
byte
[]
run
(
Context
s
,
byte
[]
input
)
throws
Exception
;
}
test/sun/security/krb5/auto/BasicKrb5Test.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6706974
* @summary Add krb5 test infrastructure
*/
import
org.ietf.jgss.GSSName
;
import
sun.security.jgss.GSSUtil
;
import
sun.security.krb5.Config
;
import
sun.security.krb5.internal.crypto.EType
;
/**
* Basic JGSS/krb5 test with 3 parties: client, server, backend server. Each
* party uses JAAS login to get subjects and executes JGSS calls using
* Subject.doAs.
*/
public
class
BasicKrb5Test
{
/**
* @param args empty or etype
*/
public
static
void
main
(
String
[]
args
)
throws
Exception
{
String
etype
=
null
;
if
(
args
.
length
>
0
)
{
etype
=
args
[
0
];
}
// Creates and starts the KDC. This line must be put ahead of etype check
// since the check needs a krb5.conf.
new
OneKDC
(
etype
).
writeJAASConf
();
System
.
out
.
println
(
"Testing etype "
+
etype
);
if
(
etype
!=
null
&&
!
EType
.
isSupported
(
Config
.
getInstance
().
getType
(
etype
)))
{
System
.
out
.
println
(
"Not supported."
);
System
.
exit
(
0
);
}
new
BasicKrb5Test
().
go
(
OneKDC
.
SERVER
,
OneKDC
.
BACKEND
);
}
void
go
(
final
String
server
,
final
String
backend
)
throws
Exception
{
Context
c
,
s
,
s2
,
b
;
c
=
Context
.
fromJAAS
(
"client"
);
s
=
Context
.
fromJAAS
(
"server"
);
b
=
Context
.
fromJAAS
(
"backend"
);
c
.
startAsClient
(
server
,
GSSUtil
.
GSS_KRB5_MECH_OID
);
c
.
x
().
requestCredDeleg
(
true
);
s
.
startAsServer
(
GSSUtil
.
GSS_KRB5_MECH_OID
);
c
.
status
();
s
.
status
();
Context
.
handshake
(
c
,
s
);
GSSName
client
=
c
.
x
().
getSrcName
();
c
.
status
();
s
.
status
();
Context
.
transmit
(
"i say high --"
,
c
,
s
);
Context
.
transmit
(
" you say low"
,
s
,
c
);
s2
=
s
.
delegated
();
s
.
dispose
();
s
=
null
;
s2
.
startAsClient
(
backend
,
GSSUtil
.
GSS_KRB5_MECH_OID
);
b
.
startAsServer
(
GSSUtil
.
GSS_KRB5_MECH_OID
);
s2
.
status
();
b
.
status
();
Context
.
handshake
(
s2
,
b
);
GSSName
client2
=
b
.
x
().
getSrcName
();
if
(!
client
.
equals
(
client2
))
{
throw
new
Exception
(
"Delegation failed"
);
}
s2
.
status
();
b
.
status
();
Context
.
transmit
(
"you say hello --"
,
s2
,
b
);
Context
.
transmit
(
" i say goodbye"
,
b
,
s2
);
s2
.
dispose
();
b
.
dispose
();
}
}
test/sun/security/krb5/auto/CleanState.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6716534
* @summary Krb5LoginModule has not cleaned temp info between authentication attempts
*/
import
com.sun.security.auth.module.Krb5LoginModule
;
import
java.util.HashMap
;
import
java.util.Map
;
import
javax.security.auth.Subject
;
import
javax.security.auth.callback.Callback
;
import
javax.security.auth.callback.CallbackHandler
;
import
javax.security.auth.callback.NameCallback
;
import
javax.security.auth.callback.PasswordCallback
;
public
class
CleanState
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
CleanState
x
=
new
CleanState
();
new
OneKDC
(
null
);
x
.
go
();
}
void
go
()
throws
Exception
{
Krb5LoginModule
krb5
=
new
Krb5LoginModule
();
final
String
name
=
OneKDC
.
USER
;
final
char
[]
password
=
OneKDC
.
PASS
;
char
[]
badpassword
=
"hellokitty"
.
toCharArray
();
Map
<
String
,
String
>
map
=
new
HashMap
<
String
,
String
>();
map
.
put
(
"useTicketCache"
,
"false"
);
map
.
put
(
"doNotPrompt"
,
"false"
);
map
.
put
(
"tryFirstPass"
,
"true"
);
Map
<
String
,
Object
>
shared
=
new
HashMap
<
String
,
Object
>();
shared
.
put
(
"javax.security.auth.login.name"
,
name
);
shared
.
put
(
"javax.security.auth.login.password"
,
badpassword
);
krb5
.
initialize
(
new
Subject
(),
new
CallbackHandler
()
{
@Override
public
void
handle
(
Callback
[]
callbacks
)
{
for
(
Callback
callback:
callbacks
)
{
if
(
callback
instanceof
NameCallback
)
{
((
NameCallback
)
callback
).
setName
(
name
);
}
if
(
callback
instanceof
PasswordCallback
)
{
((
PasswordCallback
)
callback
).
setPassword
(
password
);
}
}
}
},
shared
,
map
);
krb5
.
login
();
}
}
test/sun/security/krb5/auto/Context.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
import
com.sun.security.auth.module.Krb5LoginModule
;
import
java.security.PrivilegedActionException
;
import
java.security.PrivilegedExceptionAction
;
import
java.util.Arrays
;
import
java.util.HashMap
;
import
java.util.Map
;
import
javax.security.auth.Subject
;
import
javax.security.auth.kerberos.KerberosKey
;
import
javax.security.auth.kerberos.KerberosTicket
;
import
javax.security.auth.login.LoginContext
;
import
org.ietf.jgss.GSSContext
;
import
org.ietf.jgss.GSSCredential
;
import
org.ietf.jgss.GSSException
;
import
org.ietf.jgss.GSSManager
;
import
org.ietf.jgss.GSSName
;
import
org.ietf.jgss.MessageProp
;
import
org.ietf.jgss.Oid
;
/**
* Context of a JGSS subject, encapsulating Subject and GSSContext.
*
* Three "constructors", which acquire the (private) credentials and fill
* it into the Subject:
*
* 1. static fromJAAS(): Creates a Context using a JAAS login config entry
* 2. static fromUserPass(): Creates a Context using a username and a password
* 3. delegated(): A new context which uses the delegated credentials from a
* previously established acceptor Context
*
* Two context initiators, which create the GSSContext object inside:
*
* 1. startAsClient()
* 2. startAsServer()
*
* Privileged action:
* doAs(): Performs an action in the name of the Subject
*
* Handshake process:
* static handShake(initiator, acceptor)
*
* A four-phase typical data communication which includes all four GSS
* actions (wrap, unwrap, getMic and veryfyMiC):
* static transmit(message, from, to)
*/
public
class
Context
{
private
Subject
s
;
private
GSSContext
x
;
private
boolean
f
;
// context established?
private
String
name
;
private
GSSCredential
cred
;
// see static method delegated().
private
Context
()
{}
/**
* Using the delegated credentials from a previous acceptor
* @param c
*/
public
Context
delegated
()
throws
Exception
{
Context
out
=
new
Context
();
out
.
s
=
s
;
out
.
cred
=
x
.
getDelegCred
();
out
.
name
=
name
+
" as "
+
out
.
cred
.
getName
().
toString
();
return
out
;
}
/**
* Logins with a JAAS login config entry name
*/
public
static
Context
fromJAAS
(
final
String
name
)
throws
Exception
{
Context
out
=
new
Context
();
out
.
name
=
name
;
LoginContext
lc
=
new
LoginContext
(
name
);
lc
.
login
();
out
.
s
=
lc
.
getSubject
();
return
out
;
}
/**
* Logins with a username and a password, using Krb5LoginModule directly
* @param storeKey true if key should be saved, used on acceptor side
*/
public
static
Context
fromUserPass
(
String
user
,
char
[]
pass
,
boolean
storeKey
)
throws
Exception
{
Context
out
=
new
Context
();
out
.
name
=
user
;
out
.
s
=
new
Subject
();
Krb5LoginModule
krb5
=
new
Krb5LoginModule
();
Map
<
String
,
String
>
map
=
new
HashMap
<
String
,
String
>();
map
.
put
(
"tryFirstPass"
,
"true"
);
if
(
storeKey
)
{
map
.
put
(
"storeKey"
,
"true"
);
}
Map
<
String
,
Object
>
shared
=
new
HashMap
<
String
,
Object
>();
shared
.
put
(
"javax.security.auth.login.name"
,
user
);
shared
.
put
(
"javax.security.auth.login.password"
,
pass
);
krb5
.
initialize
(
out
.
s
,
null
,
shared
,
map
);
krb5
.
login
();
krb5
.
commit
();
return
out
;
}
/**
* Starts as a client
* @param target communication peer
* @param mech GSS mech
* @throws java.lang.Exception
*/
public
void
startAsClient
(
final
String
target
,
final
Oid
mech
)
throws
Exception
{
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
dummy
)
throws
Exception
{
GSSManager
m
=
GSSManager
.
getInstance
();
me
.
x
=
m
.
createContext
(
target
.
indexOf
(
'@'
)
<
0
?
m
.
createName
(
target
,
null
)
:
m
.
createName
(
target
,
GSSName
.
NT_HOSTBASED_SERVICE
),
mech
,
cred
,
GSSContext
.
DEFAULT_LIFETIME
);
return
null
;
}
},
null
);
f
=
false
;
}
/**
* Starts as a server
* @param mech GSS mech
* @throws java.lang.Exception
*/
public
void
startAsServer
(
final
Oid
mech
)
throws
Exception
{
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
dummy
)
throws
Exception
{
GSSManager
m
=
GSSManager
.
getInstance
();
me
.
x
=
m
.
createContext
(
m
.
createCredential
(
null
,
GSSCredential
.
INDEFINITE_LIFETIME
,
mech
,
GSSCredential
.
ACCEPT_ONLY
));
return
null
;
}
},
null
);
f
=
false
;
}
/**
* Accesses the internal GSSContext object. Currently it's used for --
*
* 1. calling requestXXX() before handshake
* 2. accessing source name
*
* Note: If the application needs to do any privileged call on this
* object, please use doAs(). Otherwise, it can be done directly. The
* methods listed above are all non-privileged calls.
*
* @return the GSSContext object
*/
public
GSSContext
x
()
{
return
x
;
}
/**
* Disposes the GSSContext within
* @throws org.ietf.jgss.GSSException
*/
public
void
dispose
()
throws
GSSException
{
x
.
dispose
();
}
/**
* Does something using the Subject inside
* @param action the action
* @param in the input byte
* @return the output byte
* @throws java.lang.Exception
*/
public
byte
[]
doAs
(
final
Action
action
,
final
byte
[]
in
)
throws
Exception
{
try
{
return
Subject
.
doAs
(
s
,
new
PrivilegedExceptionAction
<
byte
[]>()
{
@Override
public
byte
[]
run
()
throws
Exception
{
return
action
.
run
(
Context
.
this
,
in
);
}
});
}
catch
(
PrivilegedActionException
pae
)
{
throw
pae
.
getException
();
}
}
/**
* Prints status of GSSContext and Subject
* @throws java.lang.Exception
*/
public
void
status
()
throws
Exception
{
System
.
out
.
println
(
"STATUS OF "
+
name
.
toUpperCase
());
try
{
StringBuffer
sb
=
new
StringBuffer
();
if
(
x
.
getAnonymityState
())
{
sb
.
append
(
"anon, "
);
}
if
(
x
.
getConfState
())
{
sb
.
append
(
"conf, "
);
}
if
(
x
.
getCredDelegState
())
{
sb
.
append
(
"deleg, "
);
}
if
(
x
.
getIntegState
())
{
sb
.
append
(
"integ, "
);
}
if
(
x
.
getMutualAuthState
())
{
sb
.
append
(
"mutual, "
);
}
if
(
x
.
getReplayDetState
())
{
sb
.
append
(
"rep det, "
);
}
if
(
x
.
getSequenceDetState
())
{
sb
.
append
(
"seq det, "
);
}
System
.
out
.
println
(
"Context status of "
+
name
+
": "
+
sb
.
toString
());
System
.
out
.
println
(
x
.
getSrcName
()
+
" -> "
+
x
.
getTargName
());
}
catch
(
Exception
e
)
{
;
// Don't care
}
System
.
out
.
println
(
"====================================="
);
for
(
Object
o
:
s
.
getPrivateCredentials
())
{
System
.
out
.
println
(
" "
+
o
.
getClass
());
if
(
o
instanceof
KerberosTicket
)
{
KerberosTicket
kt
=
(
KerberosTicket
)
o
;
System
.
out
.
println
(
" "
+
kt
.
getServer
()
+
" for "
+
kt
.
getClient
());
}
else
if
(
o
instanceof
KerberosKey
)
{
KerberosKey
kk
=
(
KerberosKey
)
o
;
System
.
out
.
print
(
" "
+
kk
.
getKeyType
()
+
" "
+
kk
.
getVersionNumber
()
+
" "
+
kk
.
getAlgorithm
()
+
" "
);
for
(
byte
b
:
kk
.
getEncoded
())
{
System
.
out
.
printf
(
"%02X"
,
b
&
0xff
);
}
System
.
out
.
println
();
}
else
if
(
o
instanceof
Map
)
{
Map
map
=
(
Map
)
o
;
for
(
Object
k
:
map
.
keySet
())
{
System
.
out
.
println
(
" "
+
k
+
": "
+
map
.
get
(
k
));
}
}
}
}
/**
* Transmits a message from one Context to another. The sender wraps the
* message and sends it to the receiver. The receiver unwraps it, creates
* a MIC of the clear text and sends it back to the sender. The sender
* verifies the MIC against the message sent earlier.
* @param message the message
* @param s1 the sender
* @param s2 the receiver
* @throws java.lang.Exception If anything goes wrong
*/
static
public
void
transmit
(
final
String
message
,
final
Context
s1
,
final
Context
s2
)
throws
Exception
{
final
byte
[]
messageBytes
=
message
.
getBytes
();
System
.
out
.
printf
(
"-------------------- TRANSMIT from %s to %s------------------------\n"
,
s1
.
name
,
s2
.
name
);
byte
[]
t
=
s1
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
dummy
)
throws
Exception
{
System
.
out
.
println
(
"wrap"
);
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
byte
[]
out
=
me
.
x
.
wrap
(
messageBytes
,
0
,
messageBytes
.
length
,
p1
);
System
.
out
.
println
(
printProp
(
p1
));
return
out
;
}
},
null
);
t
=
s2
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
byte
[]
bytes
=
me
.
x
.
unwrap
(
input
,
0
,
input
.
length
,
p1
);
if
(!
Arrays
.
equals
(
messageBytes
,
bytes
))
throw
new
Exception
(
"wrap/unwrap mismatch"
);
System
.
out
.
println
(
"unwrap"
);
System
.
out
.
println
(
printProp
(
p1
));
p1
=
new
MessageProp
(
0
,
true
);
System
.
out
.
println
(
"getMIC"
);
bytes
=
me
.
x
.
getMIC
(
bytes
,
0
,
bytes
.
length
,
p1
);
System
.
out
.
println
(
printProp
(
p1
));
return
bytes
;
}
},
t
);
// Re-unwrap should make p2.isDuplicateToken() returns true
s1
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
System
.
out
.
println
(
"verifyMIC"
);
me
.
x
.
verifyMIC
(
input
,
0
,
input
.
length
,
messageBytes
,
0
,
messageBytes
.
length
,
p1
);
System
.
out
.
println
(
printProp
(
p1
));
return
null
;
}
},
t
);
}
/**
* Returns a string description of a MessageProp object
* @param prop the object
* @return the description
*/
static
public
String
printProp
(
MessageProp
prop
)
{
StringBuffer
sb
=
new
StringBuffer
();
sb
.
append
(
"MessagePop: "
);
sb
.
append
(
"QOP="
+
prop
.
getQOP
()
+
", "
);
sb
.
append
(
prop
.
getPrivacy
()?
"privacy, "
:
""
);
sb
.
append
(
prop
.
isDuplicateToken
()?
"dup, "
:
""
);
sb
.
append
(
prop
.
isGapToken
()?
"gap, "
:
""
);
sb
.
append
(
prop
.
isOldToken
()?
"old, "
:
""
);
sb
.
append
(
prop
.
isUnseqToken
()?
"unseq, "
:
""
);
sb
.
append
(
prop
.
getMinorString
()+
"("
+
prop
.
getMinorStatus
()+
")"
);
return
sb
.
toString
();
}
/**
* Handshake (security context establishment process) between two Contexts
* @param c the initiator
* @param s the acceptor
* @throws java.lang.Exception
*/
static
public
void
handshake
(
final
Context
c
,
final
Context
s
)
throws
Exception
{
byte
[]
t
=
new
byte
[
0
];
while
(!
c
.
f
||
!
s
.
f
)
{
t
=
c
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
if
(
me
.
x
.
isEstablished
())
{
me
.
f
=
true
;
System
.
out
.
println
(
c
.
name
+
" side established"
);
return
null
;
}
else
{
System
.
out
.
println
(
c
.
name
+
" call initSecContext"
);
return
me
.
x
.
initSecContext
(
input
,
0
,
input
.
length
);
}
}
},
t
);
t
=
s
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
if
(
me
.
x
.
isEstablished
())
{
me
.
f
=
true
;
System
.
out
.
println
(
s
.
name
+
" side established"
);
return
null
;
}
else
{
System
.
out
.
println
(
s
.
name
+
" called acceptSecContext"
);
return
me
.
x
.
acceptSecContext
(
input
,
0
,
input
.
length
);
}
}
},
t
);
}
}
}
test/sun/security/krb5/auto/CrossRealm.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6706974
* @summary Add krb5 test infrastructure
*/
import
java.io.FileOutputStream
;
import
java.io.IOException
;
import
java.security.Security
;
import
javax.security.auth.callback.Callback
;
import
javax.security.auth.callback.CallbackHandler
;
import
javax.security.auth.callback.NameCallback
;
import
javax.security.auth.callback.PasswordCallback
;
import
javax.security.auth.callback.UnsupportedCallbackException
;
import
org.ietf.jgss.GSSContext
;
import
org.ietf.jgss.GSSManager
;
import
org.ietf.jgss.GSSName
;
import
sun.security.jgss.GSSUtil
;
public
class
CrossRealm
implements
CallbackHandler
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
startKDCs
();
xRealmAuth
();
}
static
void
startKDCs
()
throws
Exception
{
// Create and start the KDC
KDC
kdc1
=
KDC
.
create
(
"RABBIT.HOLE"
);
kdc1
.
addPrincipal
(
"dummy"
,
"bogus"
.
toCharArray
());
kdc1
.
addPrincipalRandKey
(
"krbtgt/RABBIT.HOLE"
);
kdc1
.
addPrincipal
(
"krbtgt/SNAKE.HOLE"
,
"sharedsec"
.
toCharArray
());
KDC
kdc2
=
KDC
.
create
(
"SNAKE.HOLE"
);
kdc2
.
addPrincipalRandKey
(
"krbtgt/SNAKE.HOLE"
);
kdc2
.
addPrincipal
(
"krbtgt/RABBIT.HOLE"
,
"sharedsec"
.
toCharArray
());
kdc2
.
addPrincipalRandKey
(
"host/www.snake.hole"
);
KDC
.
saveConfig
(
"krb5-localkdc.conf"
,
kdc1
,
kdc2
,
"forwardable=true"
,
"[domain_realm]"
,
".snake.hole=SNAKE.HOLE"
);
System
.
setProperty
(
"java.security.krb5.conf"
,
"krb5-localkdc.conf"
);
}
static
void
xRealmAuth
()
throws
Exception
{
Security
.
setProperty
(
"auth.login.defaultCallbackHandler"
,
"CrossRealm"
);
System
.
setProperty
(
"java.security.auth.login.config"
,
"jaas-localkdc.conf"
);
System
.
setProperty
(
"javax.security.auth.useSubjectCredsOnly"
,
"false"
);
FileOutputStream
fos
=
new
FileOutputStream
(
"jaas-localkdc.conf"
);
fos
.
write
((
"com.sun.security.jgss.krb5.initiate {\n"
+
" com.sun.security.auth.module.Krb5LoginModule\n"
+
" required\n"
+
" principal=dummy\n"
+
" doNotPrompt=false\n"
+
" useTicketCache=false\n"
+
" ;\n"
+
"};"
).
getBytes
());
fos
.
close
();
GSSManager
m
=
GSSManager
.
getInstance
();
m
.
createContext
(
m
.
createName
(
"host@www.snake.hole"
,
GSSName
.
NT_HOSTBASED_SERVICE
),
GSSUtil
.
GSS_KRB5_MECH_OID
,
null
,
GSSContext
.
DEFAULT_LIFETIME
).
initSecContext
(
new
byte
[
0
],
0
,
0
);
}
@Override
public
void
handle
(
Callback
[]
callbacks
)
throws
IOException
,
UnsupportedCallbackException
{
for
(
Callback
callback
:
callbacks
)
{
if
(
callback
instanceof
NameCallback
)
{
((
NameCallback
)
callback
).
setName
(
"dummy"
);
}
if
(
callback
instanceof
PasswordCallback
)
{
((
PasswordCallback
)
callback
).
setPassword
(
"bogus"
.
toCharArray
());
}
}
}
}
test/sun/security/krb5/auto/KDC.java
0 → 100644
浏览文件 @
5bca2604
此差异已折叠。
点击以展开。
test/sun/security/krb5/auto/KerberosHashEqualsTest.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 4641821
* @summary hashCode() and equals() for KerberosKey and KerberosTicket
*/
import
java.net.InetAddress
;
import
java.util.Date
;
import
javax.security.auth.kerberos.KerberosKey
;
import
javax.security.auth.kerberos.KerberosPrincipal
;
import
javax.security.auth.kerberos.KerberosTicket
;
public
class
KerberosHashEqualsTest
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
new
OneKDC
(
null
);
new
KerberosHashEqualsTest
().
check
();
}
void
checkSame
(
Object
o1
,
Object
o2
)
{
if
(!
o1
.
equals
(
o2
))
{
throw
new
RuntimeException
(
"equals() fails"
);
}
if
(
o1
.
hashCode
()
!=
o2
.
hashCode
())
{
throw
new
RuntimeException
(
"hashCode() not same"
);
}
}
void
checkNotSame
(
Object
o1
,
Object
o2
)
{
if
(
o1
.
equals
(
o2
))
{
throw
new
RuntimeException
(
"equals() succeeds"
);
}
}
void
check
()
throws
Exception
{
// The key part:
// new KerberosKey(principal, bytes, keyType, version)
KerberosKey
k1
,
k2
;
KerberosPrincipal
CLIENT
=
new
KerberosPrincipal
(
"client"
);
KerberosPrincipal
SERVER
=
new
KerberosPrincipal
(
"server"
);
byte
[]
PASS
=
"pass"
.
getBytes
();
k1
=
new
KerberosKey
(
CLIENT
,
PASS
,
1
,
1
);
k2
=
new
KerberosKey
(
CLIENT
,
PASS
,
1
,
1
);
checkSame
(
k1
,
k1
);
// me is me
checkSame
(
k1
,
k2
);
// same
// A destroyed key doesn't equal to any key
k2
.
destroy
();
checkNotSame
(
k1
,
k2
);
checkNotSame
(
k2
,
k1
);
k1
.
destroy
();
checkNotSame
(
k1
,
k2
);
// even if they are both destroyed
checkNotSame
(
k2
,
k1
);
checkSame
(
k2
,
k2
);
// a little difference means not equal
k1
=
new
KerberosKey
(
CLIENT
,
PASS
,
1
,
1
);
k2
=
new
KerberosKey
(
SERVER
,
PASS
,
1
,
1
);
checkNotSame
(
k1
,
k2
);
// Different principal name
k2
=
new
KerberosKey
(
CLIENT
,
"ssap"
.
getBytes
(),
1
,
1
);
checkNotSame
(
k1
,
k2
);
// Different password
k2
=
new
KerberosKey
(
CLIENT
,
PASS
,
2
,
1
);
checkNotSame
(
k1
,
k2
);
// Different keytype
k2
=
new
KerberosKey
(
CLIENT
,
PASS
,
1
,
2
);
checkNotSame
(
k1
,
k2
);
// Different version
k2
=
new
KerberosKey
(
null
,
PASS
,
1
,
2
);
checkNotSame
(
k1
,
k2
);
// null is not non-null
k1
=
new
KerberosKey
(
null
,
PASS
,
1
,
2
);
checkSame
(
k1
,
k2
);
// null is null
checkNotSame
(
k1
,
"Another Object"
);
// The ticket part:
// new KerberosTicket(asn1 bytes, client, server, session key, type, flags,
// auth, start, end, renewUntil times, address)
KerberosTicket
t1
,
t2
;
byte
[]
ASN1
=
"asn1"
.
getBytes
();
boolean
[]
FORWARDABLE
=
new
boolean
[]
{
true
,
true
};
boolean
[]
ALLTRUE
=
new
boolean
[]
{
true
,
true
,
true
,
true
,
true
,
true
,
true
,
true
,
true
,
true
};
Date
D0
=
new
Date
(
0
);
t1
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkSame
(
t1
,
t1
);
checkSame
(
t1
,
t2
);
// destroyed tickets doesn't equal to each other
t1
.
destroy
();
checkNotSame
(
t1
,
t2
);
checkNotSame
(
t2
,
t1
);
t2
.
destroy
();
checkNotSame
(
t1
,
t2
);
// even if they are both destroyed
checkNotSame
(
t2
,
t1
);
checkSame
(
t2
,
t2
);
// unless they are the same object
// a little difference means not equal
t1
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
t2
=
new
KerberosTicket
(
"asn11"
.
getBytes
(),
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different ASN1 encoding
t2
=
new
KerberosTicket
(
ASN1
,
new
KerberosPrincipal
(
"client1"
),
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different client
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
new
KerberosPrincipal
(
"server1"
),
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different server
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
"pass1"
.
getBytes
(),
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different session key
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
2
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different key type
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
new
boolean
[]
{
true
,
false
},
D0
,
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different flags, not FORWARDABLE
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
new
Date
(
1
),
D0
,
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different authtime
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
new
Date
(
1
),
D0
,
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different starttime
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
new
Date
(
1
),
D0
,
null
);
checkNotSame
(
t1
,
t2
);
// Different endtime
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
D0
,
new
InetAddress
[
2
]);
checkNotSame
(
t1
,
t2
);
// Different client addresses
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
new
Date
(
1
),
null
);
t1
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
FORWARDABLE
,
D0
,
D0
,
D0
,
new
Date
(
2
),
null
);
checkSame
(
t1
,
t2
);
// renewtill is ignored when RENEWABLE ticket flag is not set.
t2
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
ALLTRUE
,
D0
,
D0
,
D0
,
new
Date
(
1
),
null
);
t1
=
new
KerberosTicket
(
ASN1
,
CLIENT
,
SERVER
,
PASS
,
1
,
ALLTRUE
,
D0
,
D0
,
D0
,
new
Date
(
2
),
null
);
checkNotSame
(
t1
,
t2
);
// renewtill is used when RENEWABLE is set.
checkNotSame
(
t1
,
"Another Object"
);
System
.
out
.
println
(
"Good!"
);
}
}
test/sun/security/krb5/auto/OneKDC.java
0 → 100644
浏览文件 @
5bca2604
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
import
java.io.File
;
import
java.io.FileOutputStream
;
import
java.io.IOException
;
import
java.net.InetAddress
;
import
java.net.UnknownHostException
;
import
java.security.Security
;
import
javax.security.auth.callback.Callback
;
import
javax.security.auth.callback.CallbackHandler
;
import
javax.security.auth.callback.NameCallback
;
import
javax.security.auth.callback.PasswordCallback
;
import
sun.security.krb5.Config
;
/**
* This class starts a simple KDC with one realm, several typical principal
* names, generates delete-on-exit krb5.conf and keytab files, and setup
* system properties for them. There's also a helper method to generate a
* JAAS login config file that can be used for JAAS or JGSS apps.
* <p>
* Just call this line to start everything:
* <pre>
* new OneKDC(null).writeJaasConf();
* </pre>
*/
public
class
OneKDC
extends
KDC
{
// The krb5 codes would try to canonicalize hostnames before creating
// a service principal name, so let's find out the canonicalized form
// of localhost first. The following codes mimic the process inside
// PrincipalName.java.
static
String
localhost
=
"localhost"
;
static
{
try
{
localhost
=
InetAddress
.
getByName
(
localhost
)
.
getCanonicalHostName
();
}
catch
(
UnknownHostException
uhe
)
{
;
// Ignore, localhost is still "localhost"
}
}
public
static
final
String
USER
=
"dummy"
;
public
static
final
char
[]
PASS
=
"bogus"
.
toCharArray
();
public
static
String
SERVER
=
"server/"
+
localhost
;
public
static
String
BACKEND
=
"backend/"
+
localhost
;
public
static
final
String
KRB5_CONF
=
"localkdc-krb5.conf"
;
public
static
final
String
KTAB
=
"localkdc.ktab"
;
public
static
final
String
JAAS_CONF
=
"localkdc-jaas.conf"
;
public
static
final
String
REALM
=
"RABBIT.HOLE"
;
/**
* Creates the KDC and starts it.
* @param etype Encryption type, null if not specified
* @throws java.lang.Exception if there's anything wrong
*/
public
OneKDC
(
String
etype
)
throws
Exception
{
super
(
REALM
,
0
,
true
);
addPrincipal
(
USER
,
PASS
);
addPrincipalRandKey
(
"krbtgt/"
+
REALM
);
addPrincipalRandKey
(
SERVER
);
addPrincipalRandKey
(
BACKEND
);
KDC
.
saveConfig
(
KRB5_CONF
,
this
,
"forwardable = true"
,
"default_keytab_name = "
+
KTAB
,
etype
==
null
?
""
:
"default_tkt_enctypes="
+
etype
+
"\ndefault_tgs_enctypes="
+
etype
);
System
.
setProperty
(
"java.security.krb5.conf"
,
KRB5_CONF
);
// Whatever krb5.conf had been loaded before, we reload ours now.
Config
.
refresh
();
writeKtab
(
KTAB
);
new
File
(
KRB5_CONF
).
deleteOnExit
();
new
File
(
KTAB
).
deleteOnExit
();
}
/**
* Writes a JAAS login config file, which contains as many as useful
* entries, including JGSS style initiator/acceptor and normal JAAS
* entries with names using existing OneKDC principals.
* @throws java.lang.Exception if anything goes wrong
*/
public
void
writeJAASConf
()
throws
IOException
{
System
.
setProperty
(
"java.security.auth.login.config"
,
JAAS_CONF
);
File
f
=
new
File
(
JAAS_CONF
);
FileOutputStream
fos
=
new
FileOutputStream
(
f
);
fos
.
write
((
"com.sun.security.jgss.krb5.initiate {\n"
+
" com.sun.security.auth.module.Krb5LoginModule required;\n};\n"
+
"com.sun.security.jgss.krb5.accept {\n"
+
" com.sun.security.auth.module.Krb5LoginModule required\n"
+
" principal=\""
+
SERVER
+
"\"\n"
+
" useKeyTab=true\n"
+
" isInitiator=false\n"
+
" storeKey=true;\n};\n"
+
"client {\n"
+
" com.sun.security.auth.module.Krb5LoginModule required;\n};\n"
+
"server {\n"
+
" com.sun.security.auth.module.Krb5LoginModule required\n"
+
" principal=\""
+
SERVER
+
"\"\n"
+
" useKeyTab=true\n"
+
" storeKey=true;\n};\n"
+
"backend {\n"
+
" com.sun.security.auth.module.Krb5LoginModule required\n"
+
" principal=\""
+
BACKEND
+
"\"\n"
+
" useKeyTab=true\n"
+
" storeKey=true\n"
+
" isInitiator=false;\n};\n"
).
getBytes
());
fos
.
close
();
f
.
deleteOnExit
();
Security
.
setProperty
(
"auth.login.defaultCallbackHandler"
,
"OneKDC$CallbackForClient"
);
}
/**
* The default callback handler for JAAS login. Note that this handler is
* hard coded to provide only info for USER1. If you need to provide info
* for another principal, please use Context.fromUserPass() instead.
*/
public
static
class
CallbackForClient
implements
CallbackHandler
{
public
void
handle
(
Callback
[]
callbacks
)
{
String
user
=
OneKDC
.
USER
;
char
[]
pass
=
OneKDC
.
PASS
;
for
(
Callback
callback
:
callbacks
)
{
if
(
callback
instanceof
NameCallback
)
{
System
.
out
.
println
(
"Callback for name: "
+
user
);
((
NameCallback
)
callback
).
setName
(
user
);
}
if
(
callback
instanceof
PasswordCallback
)
{
System
.
out
.
println
(
"Callback for pass: "
+
new
String
(
pass
));
((
PasswordCallback
)
callback
).
setPassword
(
pass
);
}
}
}
}
}
test/sun/security/krb5/auto/basic.sh
0 → 100644
浏览文件 @
5bca2604
#
# Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
# @test
# @bug 6706974
# @summary Add krb5 test infrastructure
# @run shell/timeout=300 basic.sh
#
if
[
"
${
TESTSRC
}
"
=
""
]
;
then
TESTSRC
=
"."
fi
if
[
"
${
TESTJAVA
}
"
=
""
]
;
then
echo
"TESTJAVA not set. Test cannot execute."
echo
"FAILED!!!"
exit
1
fi
# set platform-dependent variables
OS
=
`
uname
-s
`
case
"
$OS
"
in
Windows_
*
)
FS
=
"
\\
"
;;
*
)
FS
=
"/"
;;
esac
${
TESTJAVA
}${
FS
}
bin
${
FS
}
javac
-d
.
\
${
TESTSRC
}${
FS
}
BasicKrb5Test.java
\
${
TESTSRC
}${
FS
}
KDC.java
\
${
TESTSRC
}${
FS
}
OneKDC.java
\
${
TESTSRC
}${
FS
}
Action.java
\
${
TESTSRC
}${
FS
}
Context.java
\
||
exit
10
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test
||
exit
100
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test des-cbc-crc
||
exit
1
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test des-cbc-md5
||
exit
3
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test des3-cbc-sha1
||
exit
16
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test aes128-cts
||
exit
17
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test aes256-cts
||
exit
18
${
TESTJAVA
}${
FS
}
bin
${
FS
}
java
-Dtest
.src
=
$TESTSRC
BasicKrb5Test rc4-hmac
||
exit
23
exit
0
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录