From b026db3bf6c8b24305a14e77ae92a9a8c2de2dd3 Mon Sep 17 00:00:00 2001
From: weijun <unknown>
Date: Mon, 24 May 2010 10:05:04 +0800
Subject: [PATCH] 6932525: Incorrect encryption types of KDC_REQ_BODY of AS-REQ
 with pre-authentication Reviewed-by: valeriep

---
 src/share/classes/sun/security/krb5/KrbAsReq.java | 7 ++-----
 test/sun/security/krb5/auto/KDC.java              | 5 ++++-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/share/classes/sun/security/krb5/KrbAsReq.java b/src/share/classes/sun/security/krb5/KrbAsReq.java
index fec6998ce..ca2330e3a 100644
--- a/src/share/classes/sun/security/krb5/KrbAsReq.java
+++ b/src/share/classes/sun/security/krb5/KrbAsReq.java
@@ -1,5 +1,5 @@
 /*
- * Portions Copyright 2000-2009 Sun Microsystems, Inc.  All Rights Reserved.
+ * Portions Copyright 2000-2010 Sun Microsystems, Inc.  All Rights Reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -344,16 +344,13 @@ public class KrbAsReq extends KrbKdcReq {
         princName = cname;
 
         EncryptionKey key = null;
-        int[] tktETypes = null;
+        int[] tktETypes = EType.getDefaults("default_tkt_enctypes");
         if (pa_exists && pa_etype != EncryptedData.ETYPE_NULL) {
             if (DEBUG) {
                 System.out.println("Pre-Authenticaton: find key for etype = " + pa_etype);
             }
             key = EncryptionKey.findKey(pa_etype, keys);
-            tktETypes = new int[1];
-            tktETypes[0] = pa_etype;
         } else {
-            tktETypes = EType.getDefaults("default_tkt_enctypes", keys);
             key = EncryptionKey.findKey(tktETypes[0], keys);
         }
 
diff --git a/test/sun/security/krb5/auto/KDC.java b/test/sun/security/krb5/auto/KDC.java
index b03058798..424982363 100644
--- a/test/sun/security/krb5/auto/KDC.java
+++ b/test/sun/security/krb5/auto/KDC.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2009 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2008-2010 Sun Microsystems, Inc.  All Rights Reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -740,6 +740,9 @@ public class KDC {
             Field f = KDCReqBody.class.getDeclaredField("eType");
             f.setAccessible(true);
             eTypes = (int[])f.get(body);
+            if (eTypes.length < 2) {
+                throw new KrbException(Krb5.KDC_ERR_ETYPE_NOSUPP);
+            }
             int eType = eTypes[0];
 
             EncryptionKey ckey = keyForUser(body.cname, eType, false);
-- 
GitLab