Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 d778db9d 编写于 作者: W weijun
浏览文件
操作

8019267: NPE in AbstractSaslImpl when trace level >= FINER in KRB5 

Reviewed-by: mullan
上级 8c2cfb7d
显示空白变更内容
内联 并排
Showing with 53 addition and 16 deletion
src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java
浏览文件 @ d778db9d
...@@ -252,13 +252,12 @@ public abstract class AbstractSaslImpl { ...@@ -252,13 +252,12 @@ public abstract class AbstractSaslImpl {
/** /**
* Outputs a byte array and converts * Outputs a byte array. Can be null.
*/ */
protected static final void traceOutput(String srcClass, String srcMethod, protected static final void traceOutput(String srcClass, String srcMethod,
String traceTag, byte[] output) { String traceTag, byte[] output) {
if (output != null) { traceOutput(srcClass, srcMethod, traceTag, output, 0,
traceOutput(srcClass, srcMethod, traceTag, output, 0, output.length); output == null ? 0 : output.length);
}
} }
protected static final void traceOutput(String srcClass, String srcMethod, protected static final void traceOutput(String srcClass, String srcMethod,
...@@ -274,13 +273,20 @@ public abstract class AbstractSaslImpl { ...@@ -274,13 +273,20 @@ public abstract class AbstractSaslImpl {
lev = Level.FINEST; lev = Level.FINEST;
} }
String content;
if (output != null) {
ByteArrayOutputStream out = new ByteArrayOutputStream(len); ByteArrayOutputStream out = new ByteArrayOutputStream(len);
new HexDumpEncoder().encodeBuffer( new HexDumpEncoder().encodeBuffer(
new ByteArrayInputStream(output, offset, len), out); new ByteArrayInputStream(output, offset, len), out);
content = out.toString();
} else {
content = "NULL";
}
// Message id supplied by caller as part of traceTag // Message id supplied by caller as part of traceTag
logger.logp(lev, srcClass, srcMethod, "{0} ( {1} ): {2}", logger.logp(lev, srcClass, srcMethod, "{0} ( {1} ): {2}",
new Object[] {traceTag, new Integer(origlen), out.toString()}); new Object[] {traceTag, new Integer(origlen), content});
} catch (Exception e) { } catch (Exception e) {
logger.logp(Level.WARNING, srcClass, srcMethod, logger.logp(Level.WARNING, srcClass, srcMethod,
"SASLIMPL09:Error generating trace output: {0}", e); "SASLIMPL09:Error generating trace output: {0}", e);
......
test/sun/security/krb5/auto/SaslGSS.java
浏览文件 @ d778db9d
...@@ -23,7 +23,7 @@ ...@@ -23,7 +23,7 @@
/* /*
* @test * @test
* @bug 8012082 * @bug 8012082 8019267
* @summary SASL: auth-conf negotiated, but unencrypted data is accepted, * @summary SASL: auth-conf negotiated, but unencrypted data is accepted,
* reset to unencrypt * reset to unencrypt
* @compile -XDignore.symbol.file SaslGSS.java * @compile -XDignore.symbol.file SaslGSS.java
...@@ -37,9 +37,16 @@ import javax.security.sasl.AuthorizeCallback; ...@@ -37,9 +37,16 @@ import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback; import javax.security.sasl.RealmCallback;
import javax.security.sasl.Sasl; import javax.security.sasl.Sasl;
import javax.security.sasl.SaslServer; import javax.security.sasl.SaslServer;
import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.PrintStream;
import java.util.HashMap; import java.util.HashMap;
import java.util.Locale; import java.util.Locale;
import java.util.logging.ConsoleHandler;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.ietf.jgss.*; import org.ietf.jgss.*;
import sun.security.jgss.GSSUtil; import sun.security.jgss.GSSUtil;
...@@ -79,14 +86,28 @@ public class SaslGSS { ...@@ -79,14 +86,28 @@ public class SaslGSS {
} }
}); });
// Handshake ByteArrayOutputStream bout = new ByteArrayOutputStream();
PrintStream oldErr = System.err;
System.setErr(new PrintStream(bout));
Logger.getLogger("javax.security.sasl").setLevel(Level.ALL);
Handler h = new ConsoleHandler();
h.setLevel(Level.ALL);
Logger.getLogger("javax.security.sasl").addHandler(h);
byte[] token = new byte[0]; byte[] token = new byte[0];
try {
// Handshake
token = sc.initSecContext(token, 0, token.length); token = sc.initSecContext(token, 0, token.length);
token = ss.evaluateResponse(token); token = ss.evaluateResponse(token);
token = sc.unwrap(token, 0, token.length, new MessageProp(0, false)); token = sc.unwrap(token, 0, token.length, new MessageProp(0, false));
token[0] = (byte)(((token[0] & 4) != 0) ? 4 : 2); token[0] = (byte)(((token[0] & 4) != 0) ? 4 : 2);
token = sc.wrap(token, 0, token.length, new MessageProp(0, false)); token = sc.wrap(token, 0, token.length, new MessageProp(0, false));
ss.evaluateResponse(token); ss.evaluateResponse(token);
} finally {
System.setErr(oldErr);
}
// Talk // Talk
// 1. Client sends a auth-int message // 1. Client sends a auth-int message
...@@ -102,5 +123,15 @@ public class SaslGSS { ...@@ -102,5 +123,15 @@ public class SaslGSS {
if (!qop.getPrivacy()) { if (!qop.getPrivacy()) {
throw new Exception(); throw new Exception();
} }
for (String s: bout.toString().split("\\n")) {
if (s.contains("KRB5SRV04") && s.contains("NULL")) {
return;
}
}
System.out.println("=======================");
System.out.println(bout.toString());
System.out.println("=======================");
throw new Exception("Haven't seen KRB5SRV04 with NULL");
} }
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册