Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
940e3ed9
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
940e3ed9
编写于
5月 30, 2014
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8036779: sun.security.krb5.KdcComm interprets kdc_timeout as msec instead of sec
Reviewed-by: xuelei
上级
a112c854
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
59 addition
and
17 deletion
+59
-17
src/share/classes/sun/security/krb5/KdcComm.java
src/share/classes/sun/security/krb5/KdcComm.java
+27
-3
test/sun/security/krb5/auto/KDC.java
test/sun/security/krb5/auto/KDC.java
+22
-10
test/sun/security/krb5/auto/UdpTcp.java
test/sun/security/krb5/auto/UdpTcp.java
+10
-4
未找到文件。
src/share/classes/sun/security/krb5/KdcComm.java
浏览文件 @
940e3ed9
/*
/*
* Copyright (c) 2000, 201
3
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 201
4
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -144,7 +144,8 @@ public final class KdcComm {
...
@@ -144,7 +144,8 @@ public final class KdcComm {
try
{
try
{
Config
cfg
=
Config
.
getInstance
();
Config
cfg
=
Config
.
getInstance
();
String
temp
=
cfg
.
get
(
"libdefaults"
,
"kdc_timeout"
);
String
temp
=
cfg
.
get
(
"libdefaults"
,
"kdc_timeout"
);
timeout
=
parsePositiveIntString
(
temp
);
timeout
=
parseTimeString
(
temp
);
temp
=
cfg
.
get
(
"libdefaults"
,
"max_retries"
);
temp
=
cfg
.
get
(
"libdefaults"
,
"max_retries"
);
max_retries
=
parsePositiveIntString
(
temp
);
max_retries
=
parsePositiveIntString
(
temp
);
temp
=
cfg
.
get
(
"libdefaults"
,
"udp_preference_limit"
);
temp
=
cfg
.
get
(
"libdefaults"
,
"udp_preference_limit"
);
...
@@ -425,6 +426,25 @@ public final class KdcComm {
...
@@ -425,6 +426,25 @@ public final class KdcComm {
}
}
}
}
/**
* Parses a time value string. If it ends with "s", parses as seconds.
* Otherwise, parses as milliseconds.
* @param s the time string
* @return the integer value in milliseconds, or -1 if input is null or
* has an invalid format
*/
private
static
int
parseTimeString
(
String
s
)
{
if
(
s
==
null
)
{
return
-
1
;
}
if
(
s
.
endsWith
(
"s"
))
{
int
seconds
=
parsePositiveIntString
(
s
.
substring
(
0
,
s
.
length
()-
1
));
return
(
seconds
<
0
)
?
-
1
:
(
seconds
*
1000
);
}
else
{
return
parsePositiveIntString
(
s
);
}
}
/**
/**
* Returns krb5.conf setting of {@code key} for a specific realm,
* Returns krb5.conf setting of {@code key} for a specific realm,
* which can be:
* which can be:
...
@@ -446,7 +466,11 @@ public final class KdcComm {
...
@@ -446,7 +466,11 @@ public final class KdcComm {
try
{
try
{
String
value
=
String
value
=
Config
.
getInstance
().
get
(
"realms"
,
realm
,
key
);
Config
.
getInstance
().
get
(
"realms"
,
realm
,
key
);
temp
=
parsePositiveIntString
(
value
);
if
(
key
.
equals
(
"kdc_timeout"
))
{
temp
=
parseTimeString
(
value
);
}
else
{
temp
=
parsePositiveIntString
(
value
);
}
}
catch
(
Exception
exc
)
{
}
catch
(
Exception
exc
)
{
// Ignored, defValue will be picked up
// Ignored, defValue will be picked up
}
}
...
...
test/sun/security/krb5/auto/KDC.java
浏览文件 @
940e3ed9
...
@@ -141,6 +141,8 @@ public class KDC {
...
@@ -141,6 +141,8 @@ public class KDC {
private
BlockingQueue
<
Job
>
q
=
new
ArrayBlockingQueue
<>(
100
);
private
BlockingQueue
<
Job
>
q
=
new
ArrayBlockingQueue
<>(
100
);
// Options
// Options
private
Map
<
Option
,
Object
>
options
=
new
HashMap
<>();
private
Map
<
Option
,
Object
>
options
=
new
HashMap
<>();
// Realm-specific krb5.conf settings
private
List
<
String
>
conf
=
new
ArrayList
<>();
private
Thread
thread1
,
thread2
,
thread3
;
private
Thread
thread1
,
thread2
,
thread3
;
DatagramSocket
u1
=
null
;
DatagramSocket
u1
=
null
;
...
@@ -243,7 +245,7 @@ public class KDC {
...
@@ -243,7 +245,7 @@ public class KDC {
/**
/**
* Sets an option
* Sets an option
* @param key the option name
* @param key the option name
* @param
obj
the value
* @param
value
the value
*/
*/
public
void
setOption
(
Option
key
,
Object
value
)
{
public
void
setOption
(
Option
key
,
Object
value
)
{
if
(
value
==
null
)
{
if
(
value
==
null
)
{
...
@@ -372,6 +374,13 @@ public class KDC {
...
@@ -372,6 +374,13 @@ public class KDC {
return
kdc
;
return
kdc
;
}
}
/**
* Add realm-specific krb5.conf setting
*/
public
void
addConf
(
String
s
)
{
conf
.
add
(
s
);
}
/**
/**
* Writes a krb5.conf for one or more KDC that includes KDC locations for
* Writes a krb5.conf for one or more KDC that includes KDC locations for
* each realm and the default realm name. You can also add extra strings
* each realm and the default realm name. You can also add extra strings
...
@@ -397,6 +406,7 @@ public class KDC {
...
@@ -397,6 +406,7 @@ public class KDC {
* [realms]
* [realms]
* REALM.NAME = {
* REALM.NAME = {
* kdc = host:port_number
* kdc = host:port_number
* # realm-specific settings
* }
* }
* </pre>
* </pre>
*
*
...
@@ -444,10 +454,10 @@ public class KDC {
...
@@ -444,10 +454,10 @@ public class KDC {
}
}
}
}
sb
.
append
(
"\n[realms]\n"
);
sb
.
append
(
"\n[realms]\n"
);
sb
.
append
(
realmLineForKDC
(
kdc
));
sb
.
append
(
kdc
.
realmLine
(
));
for
(
Object
o:
more
)
{
for
(
Object
o:
more
)
{
if
(
o
instanceof
KDC
)
{
if
(
o
instanceof
KDC
)
{
sb
.
append
(
realmLineForKDC
((
KDC
)
o
));
sb
.
append
(
((
KDC
)
o
).
realmLine
(
));
}
}
}
}
FileOutputStream
fos
=
new
FileOutputStream
(
f
);
FileOutputStream
fos
=
new
FileOutputStream
(
f
);
...
@@ -1133,14 +1143,16 @@ public class KDC {
...
@@ -1133,14 +1143,16 @@ public class KDC {
/**
/**
* Generates a line for a KDC to put inside [realms] of krb5.conf
* Generates a line for a KDC to put inside [realms] of krb5.conf
* @param kdc the KDC
* @return REALM.NAME = { kdc = host:port etc }
* @return REALM.NAME = { kdc = host:port }
*/
*/
private
static
String
realmLineForKDC
(
KDC
kdc
)
{
private
String
realmLine
()
{
return
String
.
format
(
"%s = {\n kdc = %s:%d\n}\n"
,
StringBuilder
sb
=
new
StringBuilder
();
kdc
.
realm
,
sb
.
append
(
realm
).
append
(
" = {\n kdc = "
)
kdc
.
kdc
,
.
append
(
kdc
).
append
(
':'
).
append
(
port
).
append
(
'\n'
);
kdc
.
port
);
for
(
String
s:
conf
)
{
sb
.
append
(
" "
).
append
(
s
).
append
(
'\n'
);
}
return
sb
.
append
(
"}\n"
).
toString
();
}
}
/**
/**
...
...
test/sun/security/krb5/auto/UdpTcp.java
浏览文件 @
940e3ed9
...
@@ -43,9 +43,15 @@ public class UdpTcp {
...
@@ -43,9 +43,15 @@ public class UdpTcp {
OneKDC
kdc
=
new
OneKDC
(
null
);
OneKDC
kdc
=
new
OneKDC
(
null
);
kdc
.
writeJAASConf
();
kdc
.
writeJAASConf
();
KDC
.
saveConfig
(
OneKDC
.
KRB5_CONF
,
kdc
,
// Two styles of kdc_timeout setting. One global, one realm-specific.
"udp_preference_limit = "
if
(
args
[
0
].
equals
(
"UDP"
))
{
+
(
args
[
0
].
equals
(
"UDP"
)
?
"1000"
:
"100"
));
KDC
.
saveConfig
(
OneKDC
.
KRB5_CONF
,
kdc
,
"kdc_timeout = 10s"
);
}
else
{
kdc
.
addConf
(
"kdc_timeout = 10s"
);
KDC
.
saveConfig
(
OneKDC
.
KRB5_CONF
,
kdc
,
"udp_preference_limit = 1"
);
}
Config
.
refresh
();
Config
.
refresh
();
ByteArrayOutputStream
bo
=
new
ByteArrayOutputStream
();
ByteArrayOutputStream
bo
=
new
ByteArrayOutputStream
();
...
@@ -56,7 +62,7 @@ public class UdpTcp {
...
@@ -56,7 +62,7 @@ public class UdpTcp {
for
(
String
line:
new
String
(
bo
.
toByteArray
()).
split
(
"\n"
))
{
for
(
String
line:
new
String
(
bo
.
toByteArray
()).
split
(
"\n"
))
{
if
(
line
.
contains
(
">>> KDCCommunication"
))
{
if
(
line
.
contains
(
">>> KDCCommunication"
))
{
if
(!
line
.
contains
(
args
[
0
]))
{
if
(!
line
.
contains
(
args
[
0
])
||
!
line
.
contains
(
"timeout=10000"
)
)
{
throw
new
Exception
(
"No "
+
args
[
0
]
+
" in: "
+
line
);
throw
new
Exception
(
"No "
+
args
[
0
]
+
" in: "
+
line
);
}
}
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录