From ca3b533c9d4d8b26813b99e2a0322d1228a8ef79 Mon Sep 17 00:00:00 2001 From: weijun Date: Sat, 9 Mar 2013 17:27:58 +0800 Subject: [PATCH] 8000653: SPNEGO tests fail at context.getDelegCred().getRemainingInitLifetime(mechOid) Reviewed-by: valeriep --- .../sun/security/jgss/GSSCredentialImpl.java | 7 +++ .../jgss/spnego/SpNegoCredElement.java | 2 +- test/sun/security/krb5/auto/Context.java | 7 +++ .../security/krb5/auto/SpnegoLifeTime.java | 58 +++++++++++++++++++ 4 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 test/sun/security/krb5/auto/SpnegoLifeTime.java diff --git a/src/share/classes/sun/security/jgss/GSSCredentialImpl.java b/src/share/classes/sun/security/jgss/GSSCredentialImpl.java index 6330f71c1..584e1784c 100644 --- a/src/share/classes/sun/security/jgss/GSSCredentialImpl.java +++ b/src/share/classes/sun/security/jgss/GSSCredentialImpl.java @@ -29,6 +29,7 @@ import org.ietf.jgss.*; import sun.security.jgss.spi.*; import java.util.*; import com.sun.security.jgss.*; +import sun.security.jgss.spnego.SpNegoCredElement; public class GSSCredentialImpl implements ExtendedGSSCredential { @@ -87,6 +88,7 @@ public class GSSCredentialImpl implements ExtendedGSSCredential { throw new GSSException(GSSException.NO_CRED); } + // Wrap a mech cred into a GSS cred public GSSCredentialImpl(GSSManagerImpl gssManager, GSSCredentialSpi mechElement) throws GSSException { @@ -103,6 +105,11 @@ public class GSSCredentialImpl implements ExtendedGSSCredential { usage); tempCred = mechElement; hashtable.put(key, tempCred); + // More mechs that can use this cred, say, SPNEGO + if (!GSSUtil.isSpNegoMech(mechElement.getMechanism())) { + key = new SearchKey(GSSUtil.GSS_SPNEGO_MECH_OID, usage); + hashtable.put(key, new SpNegoCredElement(mechElement)); + } } void init(GSSManagerImpl gssManager) { diff --git a/src/share/classes/sun/security/jgss/spnego/SpNegoCredElement.java b/src/share/classes/sun/security/jgss/spnego/SpNegoCredElement.java index 69116f56b..ee5999ced 100644 --- a/src/share/classes/sun/security/jgss/spnego/SpNegoCredElement.java +++ b/src/share/classes/sun/security/jgss/spnego/SpNegoCredElement.java @@ -44,7 +44,7 @@ public class SpNegoCredElement implements GSSCredentialSpi { private GSSCredentialSpi cred = null; - SpNegoCredElement(GSSCredentialSpi cred) throws GSSException { + public SpNegoCredElement(GSSCredentialSpi cred) throws GSSException { this.cred = cred; } diff --git a/test/sun/security/krb5/auto/Context.java b/test/sun/security/krb5/auto/Context.java index aae14f46b..738f2c3d4 100644 --- a/test/sun/security/krb5/auto/Context.java +++ b/test/sun/security/krb5/auto/Context.java @@ -296,6 +296,13 @@ public class Context { return s; } + /** + * Returns the cred inside, if there is one + */ + public GSSCredential cred() { + return cred; + } + /** * Disposes the GSSContext within * @throws org.ietf.jgss.GSSException diff --git a/test/sun/security/krb5/auto/SpnegoLifeTime.java b/test/sun/security/krb5/auto/SpnegoLifeTime.java new file mode 100644 index 000000000..906cfbee7 --- /dev/null +++ b/test/sun/security/krb5/auto/SpnegoLifeTime.java @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8000653 + * @summary SPNEGO tests fail at context.getDelegCred().getRemainingInitLifetime(mechOid) + * @compile -XDignore.symbol.file SpnegoLifeTime.java + * @run main/othervm SpnegoLifeTime + */ + +import org.ietf.jgss.Oid; +import org.ietf.jgss.GSSCredential; +import sun.security.jgss.GSSUtil; + +public class SpnegoLifeTime { + + public static void main(String[] args) throws Exception { + + Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID; + new OneKDC(null).writeJAASConf(); + + Context c, s; + c = Context.fromJAAS("client"); + s = Context.fromJAAS("server"); + + c.startAsClient(OneKDC.SERVER, oid); + c.x().requestCredDeleg(true); + s.startAsServer(oid); + + Context.handshake(c, s); + + GSSCredential cred = s.delegated().cred(); + cred.getRemainingInitLifetime(oid); + cred.getUsage(oid); + } +} + -- GitLab