diff --git a/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java b/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
index afb9b3e94a559cfeee86fd5e8f3d58bcc84af791..ee5ed5a9229797b3f93e470dde01d3a8dbed7d69 100644
--- a/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
+++ b/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
@@ -34,6 +34,7 @@ import java.security.KeyRep;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
@@ -107,12 +108,17 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey {
throw new InvalidKeySpecException("Key length is negative");
}
try {
- this.prf = Mac.getInstance(prfAlgo, new SunJCE());
+ this.prf = Mac.getInstance(prfAlgo, "SunJCE");
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
+ } catch (NoSuchProviderException nspe) {
+ // Again, not gonna happen; re-throw just in case
+ InvalidKeySpecException ike = new InvalidKeySpecException();
+ ike.initCause(nspe);
+ throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
diff --git a/src/share/classes/java/net/AbstractPlainSocketImpl.java b/src/share/classes/java/net/AbstractPlainSocketImpl.java
index ffc23824b61f10c4263ae057e2208109290b5c90..41c39f0e15f403693f83ef9fa3ab5fcd690bfc48 100644
--- a/src/share/classes/java/net/AbstractPlainSocketImpl.java
+++ b/src/share/classes/java/net/AbstractPlainSocketImpl.java
@@ -664,7 +664,6 @@ abstract class AbstractPlainSocketImpl extends SocketImpl
abstract void socketSetOption(int cmd, boolean on, Object value)
throws SocketException;
abstract int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
- abstract int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd) throws SocketException;
abstract void socketSendUrgentData(int data)
throws IOException;
diff --git a/src/share/classes/java/net/InterfaceAddress.java b/src/share/classes/java/net/InterfaceAddress.java
index e352c35f80b6d3dfe18f04f5d1e278570c252f8f..66a65358cbcc5929ab3412b8243a37cd87ef66fc 100644
--- a/src/share/classes/java/net/InterfaceAddress.java
+++ b/src/share/classes/java/net/InterfaceAddress.java
@@ -103,11 +103,9 @@ public class InterfaceAddress {
return false;
}
InterfaceAddress cmp = (InterfaceAddress) obj;
- if ((address != null & cmp.address == null) ||
- (!address.equals(cmp.address)))
+ if ( !(address == null ? cmp.address == null : address.equals(cmp.address)) )
return false;
- if ((broadcast != null & cmp.broadcast == null) ||
- (!broadcast.equals(cmp.broadcast)))
+ if ( !(broadcast == null ? cmp.broadcast == null : broadcast.equals(cmp.broadcast)) )
return false;
if (maskLength != cmp.maskLength)
return false;
diff --git a/src/share/classes/java/net/NetworkInterface.java b/src/share/classes/java/net/NetworkInterface.java
index 8b2899c48d950df8cf5bd4602b92a6f47771b694..0ce3a8d580bb934d54c94d03f73202d9dacf08f7 100644
--- a/src/share/classes/java/net/NetworkInterface.java
+++ b/src/share/classes/java/net/NetworkInterface.java
@@ -425,8 +425,6 @@ public final class NetworkInterface {
return virtual;
}
- private native static long getSubnet0(String name, int ind) throws SocketException;
- private native static Inet4Address getBroadcast0(String name, int ind) throws SocketException;
private native static boolean isUp0(String name, int ind) throws SocketException;
private native static boolean isLoopback0(String name, int ind) throws SocketException;
private native static boolean supportsMulticast0(String name, int ind) throws SocketException;
diff --git a/src/share/classes/java/net/Socket.java b/src/share/classes/java/net/Socket.java
index 48442541689011cd8baa2cdb05bf686e0bb395d9..5dd5f7f2e4151567edff467d2055bca5c085792e 100644
--- a/src/share/classes/java/net/Socket.java
+++ b/src/share/classes/java/net/Socket.java
@@ -731,7 +731,8 @@ class Socket implements java.io.Closeable {
* then this method will continue to return the connected address
* after the socket is closed.
*
- * @return a SocketAddress
reprensenting the remote endpoint of this
+
+ * @return a SocketAddress
representing the remote endpoint of this
* socket, or null
if it is not connected yet.
* @see #getInetAddress()
* @see #getPort()
diff --git a/src/share/classes/java/net/URLConnection.java b/src/share/classes/java/net/URLConnection.java
index c1236bd3a63df882dc1dc17bf76943bda07437e9..a78032a2fcc91d510a5fa0a5f26a1aa6243b6660 100644
--- a/src/share/classes/java/net/URLConnection.java
+++ b/src/share/classes/java/net/URLConnection.java
@@ -1072,7 +1072,7 @@ public abstract class URLConnection {
* properties to be appended into a single property.
*
* @param key the keyword by which the request is known
- * (e.g., "accept
").
+ * (e.g., "Accept
").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is null
@@ -1096,7 +1096,7 @@ public abstract class URLConnection {
* existing values associated with the same key.
*
* @param key the keyword by which the request is known
- * (e.g., "accept
").
+ * (e.g., "Accept
").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is null
@@ -1120,7 +1120,7 @@ public abstract class URLConnection {
* Returns the value of the named general request property for this
* connection.
*
- * @param key the keyword by which the request is known (e.g., "accept").
+ * @param key the keyword by which the request is known (e.g., "Accept").
* @return the value of the named general request property for this
* connection. If key is null, then null is returned.
* @throws IllegalStateException if already connected
@@ -1164,7 +1164,7 @@ public abstract class URLConnection {
* these properties.
*
* @param key the keyword by which the request is known
- * (e.g., "accept
").
+ * (e.g., "Accept
").
* @param value the value associated with the key.
*
* @see java.net.URLConnection#setRequestProperty(java.lang.String,java.lang.String)
@@ -1183,7 +1183,7 @@ public abstract class URLConnection {
* Returns the value of the default request property. Default request
* properties are set for every connection.
*
- * @param key the keyword by which the request is known (e.g., "accept").
+ * @param key the keyword by which the request is known (e.g., "Accept").
* @return the value of the default request property
* for the specified key.
*
diff --git a/src/share/classes/java/security/AccessControlContext.java b/src/share/classes/java/security/AccessControlContext.java
index 601bc40ba56551756d95ae4f369eb5b6f9ba9c2e..0a9cfb85b5e408b8857c577544bde0417e38c364 100644
--- a/src/share/classes/java/security/AccessControlContext.java
+++ b/src/share/classes/java/security/AccessControlContext.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -322,7 +322,7 @@ public final class AccessControlContext {
debug.println("access denied " + perm);
}
- if (Debug.isOn("failure")) {
+ if (Debug.isOn("failure") && debug != null) {
// Want to make sure this is always displayed for failure,
// but do not want to display again if already displayed
// above.
diff --git a/src/share/classes/java/security/KeyStore.java b/src/share/classes/java/security/KeyStore.java
index f19a231bfbdc81a4f1bbaaeb3f5902585ef740db..ced20e274463073bbfe3c859a236b68d617e501b 100644
--- a/src/share/classes/java/security/KeyStore.java
+++ b/src/share/classes/java/security/KeyStore.java
@@ -789,7 +789,7 @@ public class KeyStore {
* @param alias the alias name
*
* @return the certificate chain (ordered with the user's certificate first
- * and the root certificate authority last), or null if the given alias
+ * followed by zero or more certificate authorities), or null if the given alias
* does not exist or does not contain a certificate chain
*
* @exception KeyStoreException if the keystore has not been initialized
diff --git a/src/share/classes/javax/security/cert/X509Certificate.java b/src/share/classes/javax/security/cert/X509Certificate.java
index e5849e5c5206ab53d732abf959c9a5a1f4318d13..14ccaffaffd2ee42ad97af29b89204ca3ea3c8f5 100644
--- a/src/share/classes/javax/security/cert/X509Certificate.java
+++ b/src/share/classes/javax/security/cert/X509Certificate.java
@@ -363,7 +363,7 @@ public abstract class X509Certificate extends Certificate {
* subject Name
*
*
- *
See getIssuerDN for Name
+ *
See {@link #getIssuerDN() getIssuerDN} for Name
* and other relevant definitions.
*
* @return a Principal whose name is the subject name.
@@ -393,7 +393,7 @@ public abstract class X509Certificate extends Certificate {
/**
* Gets the notAfter
date from the validity period of
- * the certificate. See getNotBefore
+ * the certificate. See {@link #getNotBefore() getNotBefore}
* for relevant ASN.1 definitions.
*
* @return the end date of the validity period.
@@ -429,7 +429,7 @@ public abstract class X509Certificate extends Certificate {
* For example, the string "1.2.840.10040.4.3" identifies the SHA-1
* with DSA signature algorithm, as per the PKIX part I.
*
- *
See getSigAlgName for
+ *
See {@link #getSigAlgName() getSigAlgName} for
* relevant ASN.1 definitions.
*
* @return the signature algorithm OID string.
@@ -442,7 +442,7 @@ public abstract class X509Certificate extends Certificate {
* algorithm parameters are null; the parameters are usually
* supplied with the certificate's public key.
*
- *
See getSigAlgName for
+ *
See {@link #getSigAlgName() getSigAlgName} for
* relevant ASN.1 definitions.
*
* @return the DER-encoded signature algorithm parameters, or
diff --git a/src/share/classes/sun/net/www/http/ChunkedOutputStream.java b/src/share/classes/sun/net/www/http/ChunkedOutputStream.java
index a06b5afe22867fc2f7c7f883a667014ec3b489e7..5f4a7902f622b51fa7747cfac62bac70318a6d6c 100644
--- a/src/share/classes/sun/net/www/http/ChunkedOutputStream.java
+++ b/src/share/classes/sun/net/www/http/ChunkedOutputStream.java
@@ -177,14 +177,23 @@ public class ChunkedOutputStream extends PrintStream {
return;
}
- if (len > MAX_BUF_SIZE) {
+ int l = preferredChunkSize - count;
+
+ if ((len > MAX_BUF_SIZE) && (len > l)) {
+ /* current chunk is empty just write the data */
+ if (count == 0) {
+ count = len;
+ flush (b, false, off);
+ return;
+ }
+
/* first finish the current chunk */
- int l = preferredChunkSize - count;
if (l > 0) {
System.arraycopy(b, off, buf, count, l);
count = preferredChunkSize;
flush(buf, false);
}
+
count = len - l;
/* Now write the rest of the data */
flush (b, false, l+off);
diff --git a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
index af0bd046f4c81b225609fcd2afe993f792ac5546..ef439005318a8152e9a447124dda5c8d2ad23811 100644
--- a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
+++ b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
@@ -64,11 +64,6 @@ import java.text.SimpleDateFormat;
import java.util.TimeZone;
import java.net.MalformedURLException;
import java.nio.ByteBuffer;
-import java.nio.channels.ReadableByteChannel;
-import java.nio.channels.WritableByteChannel;
-import java.nio.channels.Selector;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.SelectableChannel;
import java.lang.reflect.*;
/**
@@ -823,6 +818,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* - get input, [read input,] get output, [write output]
*/
+ @Override
public synchronized OutputStream getOutputStream() throws IOException {
try {
@@ -924,11 +920,11 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if (l != null && !l.isEmpty()) {
StringBuilder cookieValue = new StringBuilder();
for (String value : l) {
- cookieValue.append(value).append(';');
+ cookieValue.append(value).append("; ");
}
- // strip off the ending ;-sign
+ // strip off the trailing '; '
try {
- requests.add(key, cookieValue.substring(0, cookieValue.length() - 1));
+ requests.add(key, cookieValue.substring(0, cookieValue.length() - 2));
} catch (StringIndexOutOfBoundsException ignored) {
// no-op
}
@@ -947,6 +943,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
} // end of getting cookies
}
+ @Override
+ @SuppressWarnings("empty-statement")
public synchronized InputStream getInputStream() throws IOException {
if (!doInput) {
@@ -1380,6 +1378,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public InputStream getErrorStream() {
if (connected && responseCode >= 400) {
// Client Error 4xx and Server Error 5xx
@@ -2047,6 +2046,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
*/
private void disconnectInternal() {
responseCode = -1;
+ inputStream = null;
if (pi != null) {
pi.finishTracking();
pi = null;
@@ -2145,6 +2145,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by name. Returns null if not known.
* @param name the name of the header field
*/
+ @Override
public String getHeaderField(String name) {
try {
getInputStream();
@@ -2167,6 +2168,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @return a Map of header fields
* @since 1.4
*/
+ @Override
public Map> getHeaderFields() {
try {
getInputStream();
@@ -2183,6 +2185,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
+ @Override
public String getHeaderField(int n) {
try {
getInputStream();
@@ -2198,6 +2201,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
+ @Override
public String getHeaderFieldKey(int n) {
try {
getInputStream();
@@ -2215,6 +2219,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* exists, overwrite its value with the new value.
* @param value the value to be set
*/
+ @Override
public void setRequestProperty(String key, String value) {
if (connected)
throw new IllegalStateException("Already connected");
@@ -2236,6 +2241,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see #getRequestProperties(java.lang.String)
* @since 1.4
*/
+ @Override
public void addRequestProperty(String key, String value) {
if (connected)
throw new IllegalStateException("Already connected");
@@ -2255,6 +2261,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
requests.set(key, value);
}
+ @Override
public String getRequestProperty (String key) {
// don't return headers containing security sensitive information
if (key != null) {
@@ -2279,6 +2286,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @throws IllegalStateException if already connected
* @since 1.4
*/
+ @Override
public Map> getRequestProperties() {
if (connected)
throw new IllegalStateException("Already connected");
@@ -2287,6 +2295,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return requests.getHeaders(EXCLUDE_HEADERS);
}
+ @Override
public void setConnectTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
@@ -2306,6 +2315,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.net.URLConnection#connect()
* @since 1.5
*/
+ @Override
public int getConnectTimeout() {
return (connectTimeout < 0 ? 0 : connectTimeout);
}
@@ -2330,6 +2340,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
+ @Override
public void setReadTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
@@ -2347,10 +2358,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
+ @Override
public int getReadTimeout() {
return readTimeout < 0 ? 0 : readTimeout;
}
+ @Override
protected void finalize() {
// this should do nothing. The stream finalizer will close
// the fd
@@ -2425,6 +2438,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#reset()
*/
+ @Override
public synchronized void mark(int readlimit) {
super.mark(readlimit);
if (cacheRequest != null) {
@@ -2454,6 +2468,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#mark(int)
*/
+ @Override
public synchronized void reset() throws IOException {
super.reset();
if (cacheRequest != null) {
@@ -2462,6 +2477,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public int read() throws IOException {
try {
byte[] b = new byte[1];
@@ -2475,10 +2491,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public int read(byte[] b) throws IOException {
return read(b, 0, b.length);
}
+ @Override
public int read(byte[] b, int off, int len) throws IOException {
try {
int newLen = super.read(b, off, len);
@@ -2509,6 +2527,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public void close () throws IOException {
try {
if (outputStream != null) {
@@ -2553,6 +2572,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
error = false;
}
+ @Override
public void write (int b) throws IOException {
checkError();
written ++;
@@ -2562,10 +2582,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
out.write (b);
}
+ @Override
public void write (byte[] b) throws IOException {
write (b, 0, b.length);
}
+ @Override
public void write (byte[] b, int off, int len) throws IOException {
checkError();
written += len;
@@ -2596,6 +2618,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return closed && ! error;
}
+ @Override
public void close () throws IOException {
if (closed) {
return;
@@ -2714,6 +2737,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public int available() throws IOException {
if (is == null) {
return buffer.remaining();
@@ -2728,10 +2752,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return (ret == -1? ret : (b[0] & 0x00FF));
}
+ @Override
public int read(byte[] b) throws IOException {
return read(b, 0, b.length);
}
+ @Override
public int read(byte[] b, int off, int len) throws IOException {
int rem = buffer.remaining();
if (rem > 0) {
@@ -2747,6 +2773,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
+ @Override
public void close() throws IOException {
buffer = null;
if (is != null) {
@@ -2763,6 +2790,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
class EmptyInputStream extends InputStream {
+ @Override
public int available() {
return 0;
}
diff --git a/src/share/classes/sun/net/www/protocol/https/HttpsClient.java b/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
index 7f82e993161999189b40b1f600d236e351086494..d21425680c810a14b4b210b6cc46212fcf3401b6 100644
--- a/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
+++ b/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2001-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -518,6 +518,16 @@ final class HttpsClient extends HttpClient
kac.put(url, sslSocketFactory, this);
}
+ /*
+ * Close an idle connection to this URL (if it exists in the cache).
+ */
+ public void closeIdleConnection() {
+ HttpClient http = (HttpClient) kac.get(url, sslSocketFactory);
+ if (http != null) {
+ http.closeServer();
+ }
+ }
+
/**
* Returns the cipher suite in use on this connection.
*/
diff --git a/src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java b/src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
index d939ce5515b9425f8cc05fb2ab1c31cbf360d592..53367aead964b056baebb18560f63c88e14ac3f5 100644
--- a/src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
+++ b/src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
@@ -29,9 +29,6 @@ import java.net.URL;
import java.net.InetAddress;
import java.net.SocketPermission;
import java.io.*;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.StringTokenizer;
import java.security.Permission;
import sun.net.www.*;
import sun.net.smtp.SmtpClient;
@@ -86,11 +83,11 @@ public class MailToURLConnection extends URLConnection {
}
public void connect() throws IOException {
- System.err.println("connect. Timeout = " + connectTimeout);
client = new SmtpClient(connectTimeout);
client.setReadTimeout(readTimeout);
}
+ @Override
public synchronized OutputStream getOutputStream() throws IOException {
if (os != null) {
return os;
@@ -107,6 +104,7 @@ public class MailToURLConnection extends URLConnection {
return os;
}
+ @Override
public Permission getPermission() throws IOException {
if (permission == null) {
connect();
@@ -116,22 +114,26 @@ public class MailToURLConnection extends URLConnection {
return permission;
}
+ @Override
public void setConnectTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
connectTimeout = timeout;
}
+ @Override
public int getConnectTimeout() {
return (connectTimeout < 0 ? 0 : connectTimeout);
}
+ @Override
public void setReadTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
readTimeout = timeout;
}
+ @Override
public int getReadTimeout() {
return readTimeout < 0 ? 0 : readTimeout;
}
diff --git a/src/share/classes/sun/security/krb5/Config.java b/src/share/classes/sun/security/krb5/Config.java
index 013fd1da1365c4f092e54417ac4fe367f1e607ab..a65ec8687497622681cbd304d55db431274812e6 100644
--- a/src/share/classes/sun/security/krb5/Config.java
+++ b/src/share/classes/sun/security/krb5/Config.java
@@ -1040,11 +1040,12 @@ public class Config {
* Check if need to use DNS to locate Kerberos services
*/
public boolean useDNS(String name) {
- boolean value = getDefaultBooleanValue(name, "libdefaults");
- if (value == false) {
- value = getDefaultBooleanValue("dns_fallback", "libdefaults");
+ String value = getDefault(name, "libdefaults");
+ if (value == null) {
+ return getDefaultBooleanValue("dns_fallback", "libdefaults");
+ } else {
+ return value.equalsIgnoreCase("true");
}
- return value;
}
/**
diff --git a/src/share/classes/sun/security/krb5/KrbTgsReq.java b/src/share/classes/sun/security/krb5/KrbTgsReq.java
index 328e255e0d64ec25d566b86583bc722c25d13136..0cc54e17c454ffdc77ba4ab7f9ba2ae1639fb24c 100644
--- a/src/share/classes/sun/security/krb5/KrbTgsReq.java
+++ b/src/share/classes/sun/security/krb5/KrbTgsReq.java
@@ -75,108 +75,108 @@ public class KrbTgsReq extends KrbKdcReq {
null); // EncryptionKey subSessionKey
}
- // Called by Credentials, KrbCred
- KrbTgsReq(
- KDCOptions options,
- Credentials asCreds,
- PrincipalName sname,
- KerberosTime from,
- KerberosTime till,
- KerberosTime rtime,
- int[] eTypes,
- HostAddresses addresses,
- AuthorizationData authorizationData,
- Ticket[] additionalTickets,
- EncryptionKey subKey) throws KrbException, IOException {
-
- princName = asCreds.client;
- servName = sname;
- ctime = new KerberosTime(KerberosTime.NOW);
-
-
- // check if they are valid arguments. The optional fields
- // should be consistent with settings in KDCOptions.
- if (options.get(KDCOptions.FORWARDABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.FORWARDED)) {
- if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.PROXIABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.PROXY)) {
- if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.ALLOW_POSTDATE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.RENEWABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
-
- if (options.get(KDCOptions.POSTDATED)) {
- if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- } else {
- if (from != null) from = null;
- }
- if (options.get(KDCOptions.RENEWABLE)) {
- if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- } else {
- if (rtime != null) rtime = null;
- }
- if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
- if (additionalTickets == null)
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- // in TGS_REQ there could be more than one additional
- // tickets, but in file-based credential cache,
- // there is only one additional ticket field.
- secondTicket = additionalTickets[0];
- } else {
- if (additionalTickets != null)
- additionalTickets = null;
- }
-
- tgsReqMessg = createRequest(
- options,
- asCreds.ticket,
- asCreds.key,
- ctime,
- princName,
- princName.getRealm(),
- servName,
- from,
- till,
- rtime,
- eTypes,
- addresses,
- authorizationData,
- additionalTickets,
- subKey);
- obuf = tgsReqMessg.asn1Encode();
-
- // XXX We need to revisit this to see if can't move it
- // up such that FORWARDED flag set in the options
- // is included in the marshaled request.
- /*
- * If this is based on a forwarded ticket, record that in the
- * options, because the returned TgsRep will contain the
- * FORWARDED flag set.
- */
- if (asCreds.flags.get(KDCOptions.FORWARDED))
- options.set(KDCOptions.FORWARDED, true);
-
+ // Called by Credentials, KrbCred
+ KrbTgsReq(
+ KDCOptions options,
+ Credentials asCreds,
+ PrincipalName sname,
+ KerberosTime from,
+ KerberosTime till,
+ KerberosTime rtime,
+ int[] eTypes,
+ HostAddresses addresses,
+ AuthorizationData authorizationData,
+ Ticket[] additionalTickets,
+ EncryptionKey subKey) throws KrbException, IOException {
+
+ princName = asCreds.client;
+ servName = sname;
+ ctime = new KerberosTime(KerberosTime.NOW);
+
+
+ // check if they are valid arguments. The optional fields
+ // should be consistent with settings in KDCOptions.
+ if (options.get(KDCOptions.FORWARDABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.FORWARDED)) {
+ if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.PROXIABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.PROXY)) {
+ if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.ALLOW_POSTDATE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.RENEWABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.POSTDATED)) {
+ if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ } else {
+ if (from != null) from = null;
+ }
+ if (options.get(KDCOptions.RENEWABLE)) {
+ if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ } else {
+ if (rtime != null) rtime = null;
+ }
+ if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
+ if (additionalTickets == null)
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ // in TGS_REQ there could be more than one additional
+ // tickets, but in file-based credential cache,
+ // there is only one additional ticket field.
+ secondTicket = additionalTickets[0];
+ } else {
+ if (additionalTickets != null)
+ additionalTickets = null;
}
+ tgsReqMessg = createRequest(
+ options,
+ asCreds.ticket,
+ asCreds.key,
+ ctime,
+ princName,
+ princName.getRealm(),
+ servName,
+ from,
+ till,
+ rtime,
+ eTypes,
+ addresses,
+ authorizationData,
+ additionalTickets,
+ subKey);
+ obuf = tgsReqMessg.asn1Encode();
+
+ // XXX We need to revisit this to see if can't move it
+ // up such that FORWARDED flag set in the options
+ // is included in the marshaled request.
+ /*
+ * If this is based on a forwarded ticket, record that in the
+ * options, because the returned TgsRep will contain the
+ * FORWARDED flag set.
+ */
+ if (asCreds.flags.get(KDCOptions.FORWARDED))
+ options.set(KDCOptions.FORWARDED, true);
+
+
+ }
+
/**
* Sends a TGS request to the realm of the target.
* @throws KrbException
diff --git a/src/share/classes/sun/security/krb5/internal/APRep.java b/src/share/classes/sun/security/krb5/internal/APRep.java
index 17aeb89797c9ff57636bc6c6b7f26ec1c19bd890..53c3b58eaac2c419d7a45dc5b11b1914d39f1f48 100644
--- a/src/share/classes/sun/security/krb5/internal/APRep.java
+++ b/src/share/classes/sun/security/krb5/internal/APRep.java
@@ -54,81 +54,88 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class APRep {
- public int pvno;
- public int msgType;
- public EncryptedData encPart;
- public APRep(EncryptedData new_encPart) {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_AP_REP;
- encPart = new_encPart;
- }
+ public int pvno;
+ public int msgType;
+ public EncryptedData encPart;
- public APRep(byte[] data) throws Asn1Exception,
- KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public APRep(EncryptedData new_encPart) {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_AP_REP;
+ encPart = new_encPart;
+ }
+
+ public APRep(byte[] data) throws Asn1Exception,
+ KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
public APRep(DerValue encoding) throws Asn1Exception,
- KrbApErrException, IOException {
- init(encoding);
- }
+ KrbApErrException, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an APRep object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- */
+ /**
+ * Initializes an APRep object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ */
private void init(DerValue encoding) throws Asn1Exception,
- KrbApErrException, IOException {
+ KrbApErrException, IOException {
- if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- DerValue der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- DerValue subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
+ }
+ DerValue der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ DerValue subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_AP_REP)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- encPart = EncryptedData.parse(der.getData(), (byte)0x02, false);
- if (der.getData().available() > 0)
+ }
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_AP_REP) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
+ if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
- /**
- * Encodes an APRep object.
- * @return byte array of encoded APRep object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an APRep object.
+ * @return byte array of encoded APRep object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode());
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- DerOutputStream aprep = new DerOutputStream();
- aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp);
- return aprep.toByteArray();
- }
-
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ DerOutputStream aprep = new DerOutputStream();
+ aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
+ return aprep.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/APReq.java b/src/share/classes/sun/security/krb5/internal/APReq.java
index 328f833df6291b390ce57e427712494b2b565b21..3a1dc7c2222eeb9a69d9e2bbc7576fe63a2cee11 100644
--- a/src/share/classes/sun/security/krb5/internal/APReq.java
+++ b/src/share/classes/sun/security/krb5/internal/APReq.java
@@ -54,94 +54,98 @@ import java.math.BigInteger;
*
* http://www.ietf.org/rfc/rfc4120.txt.
*/
-
public class APReq {
- public int pvno;
- public int msgType;
- public APOptions apOptions;
- public Ticket ticket;
- public EncryptedData authenticator;
- public APReq(
- APOptions new_apOptions,
- Ticket new_ticket,
- EncryptedData new_authenticator
- ) {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_AP_REQ;
- apOptions = new_apOptions;
- ticket = new_ticket;
- authenticator = new_authenticator;
- }
+ public int pvno;
+ public int msgType;
+ public APOptions apOptions;
+ public Ticket ticket;
+ public EncryptedData authenticator;
+
+ public APReq(
+ APOptions new_apOptions,
+ Ticket new_ticket,
+ EncryptedData new_authenticator) {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_AP_REQ;
+ apOptions = new_apOptions;
+ ticket = new_ticket;
+ authenticator = new_authenticator;
+ }
- public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException {
+ public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data));
- }
+ }
public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException {
- init(encoding);
- }
+ init(encoding);
+ }
- /**
- * Initializes an APReq object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbApErrException, RealmException {
- DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
+ /**
+ * Initializes an APReq object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbApErrException, RealmException {
+ DerValue der, subDer;
+ if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_AP_REQ)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
- ticket = Ticket.parse(der.getData(), (byte)0x03, false);
- authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
-
- /**
- * Encodes an APReq object.
- * @return byte array of encoded APReq object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
- DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode());
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- DerOutputStream apreq = new DerOutputStream();
- apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp);
- return apreq.toByteArray();
-
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_AP_REQ) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
+ ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
+ authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
+ /**
+ * Encodes an APReq object.
+ * @return byte array of encoded APReq object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ DerOutputStream bytes = new DerOutputStream();
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ DerOutputStream apreq = new DerOutputStream();
+ apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
+ return apreq.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/ASRep.java b/src/share/classes/sun/security/krb5/internal/ASRep.java
index df0ebac655062ee4828eeae58880de2a7bb0fa92..a59811d97f9a88467fe736bc4ae03758ca77805a 100644
--- a/src/share/classes/sun/security/krb5/internal/ASRep.java
+++ b/src/share/classes/sun/security/krb5/internal/ASRep.java
@@ -40,30 +40,28 @@ import java.io.IOException;
public class ASRep extends KDCRep {
- public ASRep(
- PAData[] new_pAData,
- Realm new_crealm,
- PrincipalName new_cname,
- Ticket new_ticket,
- EncryptedData new_encPart
- ) throws IOException {
- super(new_pAData, new_crealm, new_cname, new_ticket,
- new_encPart, Krb5.KRB_AS_REP);
- }
+ public ASRep(
+ PAData[] new_pAData,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Ticket new_ticket,
+ EncryptedData new_encPart) throws IOException {
+ super(new_pAData, new_crealm, new_cname, new_ticket,
+ new_encPart, Krb5.KRB_AS_REP);
+ }
- public ASRep(byte[] data) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public ASRep(byte[] data) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
- public ASRep(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding);
- }
-
- private void init(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding, Krb5.KRB_AS_REP);
- }
+ public ASRep(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding);
+ }
+ private void init(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding, Krb5.KRB_AS_REP);
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/ASReq.java b/src/share/classes/sun/security/krb5/internal/ASReq.java
index 743316c6c0c9109d794165952944a0b69bb028d6..b5907398bf71a2e6804ac998ca8a6cb96080bbe5 100644
--- a/src/share/classes/sun/security/krb5/internal/ASReq.java
+++ b/src/share/classes/sun/security/krb5/internal/ASReq.java
@@ -36,20 +36,19 @@ import java.io.IOException;
public class ASReq extends KDCReq {
- public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
- super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
- }
+ public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
+ super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
+ }
- public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
- init(new DerValue(data));
- }
+ public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
+ init(new DerValue(data));
+ }
public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException {
- init(encoding);
- }
-
- private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
- super.init(encoding, Krb5.KRB_AS_REQ);
- }
+ init(encoding);
+ }
+ private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
+ super.init(encoding, Krb5.KRB_AS_REQ);
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/Authenticator.java b/src/share/classes/sun/security/krb5/internal/Authenticator.java
index 57b6156c0e5e2342d09eee273dcc6baa94c7ed3e..49cf1709ee2c3bca33acc9c7a81d0c63a9a1236d 100644
--- a/src/share/classes/sun/security/krb5/internal/Authenticator.java
+++ b/src/share/classes/sun/security/krb5/internal/Authenticator.java
@@ -34,6 +34,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 Authenticator type.
*
@@ -58,6 +59,7 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class Authenticator {
+
public int authenticator_vno;
public Realm crealm;
public PrincipalName cname;
@@ -68,137 +70,145 @@ public class Authenticator {
Integer seqNumber; //optional
public AuthorizationData authorizationData; //optional
- public Authenticator (
- Realm new_crealm,
- PrincipalName new_cname,
- Checksum new_cksum,
- int new_cusec,
- KerberosTime new_ctime,
- EncryptionKey new_subKey,
- Integer new_seqNumber,
- AuthorizationData new_authorizationData
- ) {
- authenticator_vno = Krb5.AUTHNETICATOR_VNO;
- crealm = new_crealm;
- cname = new_cname;
- cksum = new_cksum;
- cusec = new_cusec;
- ctime = new_ctime;
- subKey = new_subKey;
- seqNumber = new_seqNumber;
- authorizationData = new_authorizationData;
- }
+ public Authenticator(
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Checksum new_cksum,
+ int new_cusec,
+ KerberosTime new_ctime,
+ EncryptionKey new_subKey,
+ Integer new_seqNumber,
+ AuthorizationData new_authorizationData) {
+ authenticator_vno = Krb5.AUTHNETICATOR_VNO;
+ crealm = new_crealm;
+ cname = new_cname;
+ cksum = new_cksum;
+ cusec = new_cusec;
+ ctime = new_ctime;
+ subKey = new_subKey;
+ seqNumber = new_seqNumber;
+ authorizationData = new_authorizationData;
+ }
- public Authenticator(byte[] data)
- throws Asn1Exception, IOException, KrbApErrException, RealmException {
- init(new DerValue(data));
- }
+ public Authenticator(byte[] data)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ init(new DerValue(data));
+ }
- public Authenticator(DerValue encoding)
- throws Asn1Exception,IOException, KrbApErrException, RealmException {
- init(encoding);
- }
+ public Authenticator(DerValue encoding)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ init(encoding);
+ }
- /**
- * Initializes an Authenticator object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding)
- throws Asn1Exception, IOException, KrbApErrException, RealmException {
- DerValue der, subDer;
- //may not be the correct error code for a tag
- //mismatch on an encrypted structure
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x02)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ /**
+ * Initializes an Authenticator object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ DerValue der, subDer;
+ //may not be the correct error code for a tag
+ //mismatch on an encrypted structure
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
authenticator_vno = subDer.getData().getBigInteger().intValue();
- if (authenticator_vno != 5)
+ if (authenticator_vno != 5) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- crealm = Realm.parse(der.getData(), (byte)0x01, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x02, false);
- cksum = Checksum.parse(der.getData(), (byte)0x03, true);
+ }
+ crealm = Realm.parse(der.getData(), (byte) 0x01, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
+ cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
+ cusec = subDer.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ if (der.getData().available() > 0) {
+ subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
+ } else {
+ subKey = null;
+ seqNumber = null;
+ authorizationData = null;
+ }
+ if (der.getData().available() > 0) {
+ if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == 0x04) {
- cusec = subDer.getData().getBigInteger().intValue();
- }
- else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- ctime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- if (der.getData().available() > 0) {
- subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true);
- }
- else {
- subKey = null;
- seqNumber = null;
- authorizationData = null;
- }
- if (der.getData().available() > 0) {
- if ((der.getData().peekByte() & 0x1F) == 0x07) {
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
- else {
- seqNumber = null;
- authorizationData = null;
- }
- if (der.getData().available() > 0) {
- authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true);
- }
- else authorizationData = null;
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ } else {
+ seqNumber = null;
+ authorizationData = null;
+ }
+ if (der.getData().available() > 0) {
+ authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
+ } else {
+ authorizationData = null;
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
- /**
- * Encodes an Authenticator object.
- * @return byte array of encoded Authenticator object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
- Vector v = new Vector ();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(authenticator_vno));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode()));
- if (cksum != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode()));
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(cusec));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode()));
- if (subKey != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode()));
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
- }
- if (authorizationData != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
- DerValue der[] = new DerValue[v.size()];
- v.copyInto(der);
- temp = new DerOutputStream();
- temp.putSequence(der);
- DerOutputStream out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
- return out.toByteArray();
+ /**
+ * Encodes an Authenticator object.
+ * @return byte array of encoded Authenticator object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ Vector v = new Vector();
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(authenticator_vno));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
+ if (cksum != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
+ }
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(cusec));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
+ if (subKey != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
}
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
+ }
+ if (authorizationData != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
+ }
+ DerValue der[] = new DerValue[v.size()];
+ v.copyInto(der);
+ temp = new DerOutputStream();
+ temp.putSequence(der);
+ DerOutputStream out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
+ return out.toByteArray();
+ }
public final Checksum getChecksum() {
return cksum;
@@ -211,5 +221,4 @@ public class Authenticator {
public final EncryptionKey getSubKey() {
return subKey;
}
-
}
diff --git a/src/share/classes/sun/security/krb5/internal/AuthorizationData.java b/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
index d6f04d748b521c1a3e0ca14cd5fb7830721eec28..269edec71a1500d9843a2f3186253227fd404312 100644
--- a/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
+++ b/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
@@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
* }
*/
public class AuthorizationData implements Cloneable {
- private AuthorizationDataEntry[] entry = null;
- private AuthorizationData() {
- }
+ private AuthorizationDataEntry[] entry = null;
+
+ private AuthorizationData() {
+ }
- public AuthorizationData(
- AuthorizationDataEntry[] new_entries
- ) throws IOException {
- if (new_entries != null) {
- entry = new AuthorizationDataEntry[new_entries.length];
- for (int i = 0; i < new_entries.length; i++) {
- if (new_entries[i] == null) {
- throw new IOException("Cannot create an AuthorizationData");
- } else {
- entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
- }
- }
+ public AuthorizationData(AuthorizationDataEntry[] new_entries)
+ throws IOException {
+ if (new_entries != null) {
+ entry = new AuthorizationDataEntry[new_entries.length];
+ for (int i = 0; i < new_entries.length; i++) {
+ if (new_entries[i] == null) {
+ throw new IOException("Cannot create an AuthorizationData");
+ } else {
+ entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
}
+ }
}
+ }
- public AuthorizationData(
- AuthorizationDataEntry new_entry
- ) {
- entry = new AuthorizationDataEntry[1];
- entry[0] = new_entry;
- }
+ public AuthorizationData(AuthorizationDataEntry new_entry) {
+ entry = new AuthorizationDataEntry[1];
+ entry[0] = new_entry;
+ }
- public Object clone() {
- AuthorizationData new_authorizationData =
- new AuthorizationData();
- if (entry != null) {
- new_authorizationData.entry =
- new AuthorizationDataEntry[entry.length];
- for (int i = 0; i < entry.length; i++)
- new_authorizationData.entry[i] =
- (AuthorizationDataEntry)entry[i].clone();
- }
- return new_authorizationData;
+ public Object clone() {
+ AuthorizationData new_authorizationData =
+ new AuthorizationData();
+ if (entry != null) {
+ new_authorizationData.entry =
+ new AuthorizationDataEntry[entry.length];
+ for (int i = 0; i < entry.length; i++) {
+ new_authorizationData.entry[i] =
+ (AuthorizationDataEntry) entry[i].clone();
+ }
}
+ return new_authorizationData;
+ }
- /**
- * Constructs a new AuthorizationData,
instance.
- * @param der a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
- Vector v =
- new Vector ();
- if (der.getTag() != DerValue.tag_Sequence) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- while (der.getData().available() > 0) {
- v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
- }
- if (v.size() > 0) {
- entry = new AuthorizationDataEntry[v.size()];
- v.copyInto(entry);
- }
+ /**
+ * Constructs a new AuthorizationData,
instance.
+ * @param der a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
+ Vector v =
+ new Vector();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ while (der.getData().available() > 0) {
+ v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
+ if (v.size() > 0) {
+ entry = new AuthorizationDataEntry[v.size()];
+ v.copyInto(entry);
+ }
+ }
- /**
- * Encodes an AuthorizationData
object.
- * @return byte array of encoded AuthorizationData
object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
- DerOutputStream bytes = new DerOutputStream();
- DerValue der[] = new DerValue[entry.length];
- for (int i = 0; i < entry.length; i++) {
- der[i] = new DerValue(entry[i].asn1Encode());
- }
- bytes.putSequence(der);
- return bytes.toByteArray();
+ /**
+ * Encodes an AuthorizationData
object.
+ * @return byte array of encoded AuthorizationData
object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ DerOutputStream bytes = new DerOutputStream();
+ DerValue der[] = new DerValue[entry.length];
+ for (int i = 0; i < entry.length; i++) {
+ der[i] = new DerValue(entry[i].asn1Encode());
}
+ bytes.putSequence(der);
+ return bytes.toByteArray();
+ }
/**
* Parse (unmarshal) an AuthorizationData
object from a DER input stream.
@@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable {
* @return an instance of AuthorizationData.
*
*/
- public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{
- if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) {
- return null;
- }
- DerValue der = data.getDerValue();
- if (explicitTag != (der.getTag() & (byte)0x1F)) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- else {
- DerValue subDer = der.getData().getDerValue();
- return new AuthorizationData(subDer);
- }
+ public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
+ if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
+ return null;
+ }
+ DerValue der = data.getDerValue();
+ if (explicitTag != (der.getTag() & (byte) 0x1F)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ } else {
+ DerValue subDer = der.getData().getDerValue();
+ return new AuthorizationData(subDer);
}
+ }
- /**
- * Writes AuthorizationData
data fields to a output stream.
- *
- * @param cos a CCacheOutputStream
to be written to.
- * @exception IOException if an I/O exception occurs.
- */
- public void writeAuth(CCacheOutputStream cos) throws IOException {
- for (int i = 0; i < entry.length; i++) {
- entry[i].writeEntry(cos);
- }
+ /**
+ * Writes AuthorizationData
data fields to a output stream.
+ *
+ * @param cos a CCacheOutputStream
to be written to.
+ * @exception IOException if an I/O exception occurs.
+ */
+ public void writeAuth(CCacheOutputStream cos) throws IOException {
+ for (int i = 0; i < entry.length; i++) {
+ entry[i].writeEntry(cos);
}
+ }
public String toString() {
String retVal = "AuthorizationData:\n";
diff --git a/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java b/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
index 3ad64576175750ed08dbb0ca8f6b94bbdd6e4465..e159c85fc00947bec63608e1b5aaaa3bcccf6a30 100644
--- a/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
+++ b/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
@@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception;
import sun.security.krb5.internal.ccache.CCacheOutputStream;
public class AuthorizationDataEntry implements Cloneable {
- public int adType;
- public byte[] adData;
- private AuthorizationDataEntry() {
- }
+ public int adType;
+ public byte[] adData;
- public AuthorizationDataEntry(
- int new_adType,
- byte[] new_adData
- ) {
- adType = new_adType;
- adData = new_adData;
- }
+ private AuthorizationDataEntry() {
+ }
+
+ public AuthorizationDataEntry(
+ int new_adType,
+ byte[] new_adData) {
+ adType = new_adType;
+ adData = new_adData;
+ }
- public Object clone() {
- AuthorizationDataEntry new_authorizationDataEntry =
- new AuthorizationDataEntry();
- new_authorizationDataEntry.adType = adType;
- if (adData != null) {
- new_authorizationDataEntry.adData = new byte[adData.length];
- System.arraycopy(adData, 0,
- new_authorizationDataEntry.adData, 0, adData.length);
- }
- return new_authorizationDataEntry;
+ public Object clone() {
+ AuthorizationDataEntry new_authorizationDataEntry =
+ new AuthorizationDataEntry();
+ new_authorizationDataEntry.adType = adType;
+ if (adData != null) {
+ new_authorizationDataEntry.adData = new byte[adData.length];
+ System.arraycopy(adData, 0,
+ new_authorizationDataEntry.adData, 0, adData.length);
}
+ return new_authorizationDataEntry;
+ }
- /**
- * Constructs an instance of AuthorizationDataEntry.
- * @param encoding a single DER-encoded value.
- */
- public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
- DerValue der;
+ /**
+ * Constructs an instance of AuthorizationDataEntry.
+ * @param encoding a single DER-encoded value.
+ */
+ public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
+ DerValue der;
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- der = encoding.getData().getDerValue();
- if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
- adType = der.getData().getBigInteger().intValue();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
der = encoding.getData().getDerValue();
- if ((der.getTag() & (byte)0x1F) == (byte)0x01) {
- adData = der.getData().getOctetString();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (encoding.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ adType = der.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ der = encoding.getData().getDerValue();
+ if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
+ adData = der.getData().getOctetString();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if (encoding.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an AuthorizationDataEntry object.
- * @return byte array of encoded AuthorizationDataEntry object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an AuthorizationDataEntry object.
+ * @return byte array of encoded AuthorizationDataEntry object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(adType);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putOctetString(adData);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- return temp.toByteArray();
- }
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(adType);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putOctetString(adData);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ return temp.toByteArray();
+ }
- /**
- * Writes the entry's data fields in FCC format to an output stream.
- *
- * @param cos a CCacheOutputStream
.
- * @exception IOException if an I/O exception occurs.
- */
- public void writeEntry(CCacheOutputStream cos) throws IOException {
- cos.write16(adType);
- cos.write32(adData.length);
- cos.write(adData, 0, adData.length);
- }
+ /**
+ * Writes the entry's data fields in FCC format to an output stream.
+ *
+ * @param cos a CCacheOutputStream
.
+ * @exception IOException if an I/O exception occurs.
+ */
+ public void writeEntry(CCacheOutputStream cos) throws IOException {
+ cos.write16(adType);
+ cos.write32(adData.length);
+ cos.write(adData, 0, adData.length);
+ }
public String toString() {
return ("adType=" + adType + " adData.length=" + adData.length);
}
-
}
diff --git a/src/share/classes/sun/security/krb5/internal/ETypeInfo2.java b/src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
index 110e38b080667545709f475ec453f6a331eb6d8d..30bf4dfb3c9ee49a9853408a555e64e301944280 100644
--- a/src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
+++ b/src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
@@ -100,16 +100,16 @@ public class ETypeInfo2 {
// salt
if (encoding.getData().available() > 0) {
- der = encoding.getData().getDerValue();
- if ((der.getTag() & 0x1F) == 0x01) {
+ if ((encoding.getData().peekByte() & 0x1F) == 0x01) {
+ der = encoding.getData().getDerValue();
this.saltStr = der.getData().getGeneralString();
}
}
// s2kparams
if (encoding.getData().available() > 0) {
- der = encoding.getData().getDerValue();
- if ((der.getTag() & 0x1F) == 0x02) {
+ if ((encoding.getData().peekByte() & 0x1F) == 0x02) {
+ der = encoding.getData().getDerValue();
this.s2kparams = der.getData().getOctetString();
}
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java b/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
index 1d3381797e04bbaf89fe93690ceb182dc5463e77..b3dcf144159854736fa264c9aad8036f46c45758 100644
--- a/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
@@ -55,102 +55,111 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class EncAPRepPart {
- public KerberosTime ctime;
- public int cusec;
+
+ public KerberosTime ctime;
+ public int cusec;
EncryptionKey subKey; //optional
Integer seqNumber; //optional
- public EncAPRepPart(
- KerberosTime new_ctime,
- int new_cusec,
- EncryptionKey new_subKey,
- Integer new_seqNumber
- ) {
- ctime = new_ctime;
- cusec = new_cusec;
- subKey = new_subKey;
- seqNumber = new_seqNumber;
- }
+ public EncAPRepPart(
+ KerberosTime new_ctime,
+ int new_cusec,
+ EncryptionKey new_subKey,
+ Integer new_seqNumber) {
+ ctime = new_ctime;
+ cusec = new_cusec;
+ subKey = new_subKey;
+ seqNumber = new_seqNumber;
+ }
- public EncAPRepPart(byte[] data)
- throws Asn1Exception, IOException {
- init(new DerValue(data));
- }
+ public EncAPRepPart(byte[] data)
+ throws Asn1Exception, IOException {
+ init(new DerValue(data));
+ }
- public EncAPRepPart(DerValue encoding)
- throws Asn1Exception, IOException {
- init(encoding);
- }
+ public EncAPRepPart(DerValue encoding)
+ throws Asn1Exception, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an EncaPRepPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- private void init(DerValue encoding) throws Asn1Exception, IOException {
- DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ /**
+ * Initializes an EncaPRepPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ private void init(DerValue encoding) throws Asn1Exception, IOException {
+ DerValue der, subDer;
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
+ cusec = subDer.getData().getBigInteger().intValue();
+ } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
- cusec = subDer.getData().getBigInteger().intValue();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (der.getData().available() > 0) {
- subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
- }
- else {
- subKey = null;
- seqNumber = null;
- }
- if (der.getData().available() > 0) {
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) != 0x03) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else seqNumber = null;
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ if (der.getData().available() > 0) {
+ subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
+ } else {
+ subKey = null;
+ seqNumber = null;
+ }
+ if (der.getData().available() > 0) {
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) != 0x03) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ seqNumber = null;
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an EncAPRepPart object.
- * @return byte array of encoded EncAPRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException{
- Vector v = new Vector ();
+ /**
+ * Encodes an EncAPRepPart object.
+ * @return byte array of encoded EncAPRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ Vector v = new Vector();
DerOutputStream temp = new DerOutputStream();
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode()));
- temp.putInteger(BigInteger.valueOf(cusec));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray()));
- if (subKey != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode()));
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray()));
- }
- DerValue der[] = new DerValue[v.size()];
- v.copyInto(der);
- temp = new DerOutputStream();
- temp.putSequence(der);
- DerOutputStream out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
- return out.toByteArray();
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), ctime.asn1Encode()));
+ temp.putInteger(BigInteger.valueOf(cusec));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp.toByteArray()));
+ if (subKey != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), subKey.asn1Encode()));
+ }
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), temp.toByteArray()));
}
+ DerValue der[] = new DerValue[v.size()];
+ v.copyInto(der);
+ temp = new DerOutputStream();
+ temp.putSequence(der);
+ DerOutputStream out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x1B), temp);
+ return out.toByteArray();
+ }
public final EncryptionKey getSubKey() {
return subKey;
@@ -159,5 +168,4 @@ public class EncAPRepPart {
public final Integer getSeqNumber() {
return seqNumber;
}
-
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncASRepPart.java b/src/share/classes/sun/security/krb5/internal/EncASRepPart.java
index b5526e8014d5260c55c8a4ca69626cd9b919b25e..b71238fef5110bd30e5a19eb328a3f4cf23aa042 100644
--- a/src/share/classes/sun/security/krb5/internal/EncASRepPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncASRepPart.java
@@ -36,57 +36,55 @@ import java.io.IOException;
public class EncASRepPart extends EncKDCRepPart {
- public EncASRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr
- ) {
- super(
- new_key,
- new_lastReq,
- new_nonce,
- new_keyExpiration,
- new_flags,
- new_authtime,
- new_starttime,
- new_endtime,
- new_renewTill,
- new_srealm,
- new_sname,
- new_caddr,
- Krb5.KRB_ENC_AS_REP_PART
- //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
- //behavior of other implementaions, instead of above
+ public EncASRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr) {
+ super(
+ new_key,
+ new_lastReq,
+ new_nonce,
+ new_keyExpiration,
+ new_flags,
+ new_authtime,
+ new_starttime,
+ new_endtime,
+ new_renewTill,
+ new_srealm,
+ new_sname,
+ new_caddr,
+ Krb5.KRB_ENC_AS_REP_PART
);
- }
+ //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
+ //behavior of other implementaions, instead of above
+ }
- public EncASRepPart(byte[] data) throws Asn1Exception,
- IOException, KrbException {
- init(new DerValue(data));
- }
+ public EncASRepPart(byte[] data) throws Asn1Exception,
+ IOException, KrbException {
+ init(new DerValue(data));
+ }
- public EncASRepPart(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding);
- }
+ public EncASRepPart(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding);
+ }
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding, Krb5.KRB_ENC_AS_REP_PART);
- }
-
- public byte[] asn1Encode() throws Asn1Exception,
- IOException {
- return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
- }
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding, Krb5.KRB_ENC_AS_REP_PART);
+ }
+ public byte[] asn1Encode() throws Asn1Exception,
+ IOException {
+ return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java b/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
index 35081a0051cd8459bffec558fdf9a8922001b359..e7723a41c4236dce939871a8b41ab5a0bdae739e 100644
--- a/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
@@ -36,6 +36,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 EncKDCRepPart type.
*
@@ -63,143 +64,163 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class EncKDCRepPart {
- public EncryptionKey key;
- public LastReq lastReq;
- public int nonce;
- public KerberosTime keyExpiration; //optional
- public TicketFlags flags;
- public KerberosTime authtime;
- public KerberosTime starttime; //optional
- public KerberosTime endtime;
- public KerberosTime renewTill; //optional
- public Realm srealm;
- public PrincipalName sname;
- public HostAddresses caddr; //optional
- public int msgType; //not included in sequence
- public EncKDCRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr,
- int new_msgType
- ) {
- key = new_key;
- lastReq = new_lastReq;
- nonce = new_nonce;
- keyExpiration = new_keyExpiration;
- flags = new_flags;
- authtime = new_authtime;
- starttime = new_starttime;
- endtime = new_endtime;
- renewTill = new_renewTill;
- srealm = new_srealm;
- sname = new_sname;
- caddr = new_caddr;
- msgType = new_msgType;
- }
+ public EncryptionKey key;
+ public LastReq lastReq;
+ public int nonce;
+ public KerberosTime keyExpiration; //optional
+ public TicketFlags flags;
+ public KerberosTime authtime;
+ public KerberosTime starttime; //optional
+ public KerberosTime endtime;
+ public KerberosTime renewTill; //optional
+ public Realm srealm;
+ public PrincipalName sname;
+ public HostAddresses caddr; //optional
+ public int msgType; //not included in sequence
- public EncKDCRepPart() {
- }
+ public EncKDCRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr,
+ int new_msgType) {
+ key = new_key;
+ lastReq = new_lastReq;
+ nonce = new_nonce;
+ keyExpiration = new_keyExpiration;
+ flags = new_flags;
+ authtime = new_authtime;
+ starttime = new_starttime;
+ endtime = new_endtime;
+ renewTill = new_renewTill;
+ srealm = new_srealm;
+ sname = new_sname;
+ caddr = new_caddr;
+ msgType = new_msgType;
+ }
- public EncKDCRepPart(byte[] data, int rep_type)
- throws Asn1Exception, IOException, RealmException{
- init(new DerValue(data), rep_type);
- }
+ public EncKDCRepPart() {
+ }
- public EncKDCRepPart(DerValue encoding, int rep_type)
- throws Asn1Exception, IOException, RealmException
- {
- init(encoding, rep_type);
- }
+ public EncKDCRepPart(byte[] data, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ init(new DerValue(data), rep_type);
+ }
+
+ public EncKDCRepPart(DerValue encoding, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ init(encoding, rep_type);
+ }
- /**
- * Initializes an EncKDCRepPart object.
- *
- * @param encoding a single DER-encoded value.
- * @param rep_type type of the encrypted reply message.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while decoding an Realm object.
- */
- protected void init(DerValue encoding, int rep_type)
- throws Asn1Exception, IOException, RealmException
- {
- DerValue der, subDer;
- //implementations return the incorrect tag value, so
- //we don't use the above line; instead we use the following
- msgType = (encoding.getTag() & (byte)0x1F);
+ /**
+ * Initializes an EncKDCRepPart object.
+ *
+ * @param encoding a single DER-encoded value.
+ * @param rep_type type of the encrypted reply message.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while decoding an Realm object.
+ */
+ protected void init(DerValue encoding, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ DerValue der, subDer;
+ //implementations return the incorrect tag value, so
+ //we don't use the above line; instead we use the following
+ msgType = (encoding.getTag() & (byte) 0x1F);
if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
- msgType != Krb5.KRB_ENC_TGS_REP_PART)
+ msgType != Krb5.KRB_ENC_TGS_REP_PART) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ }
+ key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
+ lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
+ nonce = subDer.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
+ flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
+ authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
+ endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
+ renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
+ srealm = Realm.parse(der.getData(), (byte) 0x09, false);
+ sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
+ if (der.getData().available() > 0) {
+ caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
+ }
+ if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
- lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
- nonce = subDer.getData().getBigInteger().intValue();
- else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
- flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
- authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
- endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
- renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
- srealm = Realm.parse(der.getData(), (byte)0x09, false);
- sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
- if (der.getData().available() > 0)
- caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
- /**
- * Encodes an EncKDCRepPart object.
- * @param rep_type type of encrypted reply message.
- * @return byte array of encoded EncKDCRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode(int rep_type) throws Asn1Exception,
- IOException {
+ /**
+ * Encodes an EncKDCRepPart object.
+ * @param rep_type type of encrypted reply message.
+ * @return byte array of encoded EncKDCRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode(int rep_type) throws Asn1Exception,
+ IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode());
- temp.putInteger(BigInteger.valueOf(nonce));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), key.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), lastReq.asn1Encode());
+ temp.putInteger(BigInteger.valueOf(nonce));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
- if (keyExpiration != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
- if (starttime != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
- if (renewTill != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
- if (caddr != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
- //should use the rep_type to build the encoding
- //but other implementations do not; it is ignored and
- //the cached msgType is used instead
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
- return bytes.toByteArray();
+ if (keyExpiration != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), keyExpiration.asn1Encode());
}
-
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), flags.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), authtime.asn1Encode());
+ if (starttime != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), starttime.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x07), endtime.asn1Encode());
+ if (renewTill != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x08), renewTill.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x09), srealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0A), sname.asn1Encode());
+ if (caddr != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0B), caddr.asn1Encode());
+ }
+ //should use the rep_type to build the encoding
+ //but other implementations do not; it is ignored and
+ //the cached msgType is used instead
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) msgType), temp);
+ return bytes.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java b/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
index f37f252bbaa1d3ac8556b484ebb67795a8a3a3bd..c5acf6d2b1c8ef02c538a1b39301521f37745efe 100644
--- a/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
@@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 EncKrbCredPart type.
*
@@ -57,148 +58,158 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class EncKrbCredPart {
- public KrbCredInfo[] ticketInfo = null;
- public KerberosTime timeStamp; //optional
- private Integer nonce; //optional
- private Integer usec; //optional
- private HostAddress sAddress; //optional
- private HostAddresses rAddress; //optional
+ public KrbCredInfo[] ticketInfo = null;
+ public KerberosTime timeStamp; //optional
+ private Integer nonce; //optional
+ private Integer usec; //optional
+ private HostAddress sAddress; //optional
+ private HostAddresses rAddress; //optional
- public EncKrbCredPart(
- KrbCredInfo[] new_ticketInfo,
- KerberosTime new_timeStamp,
- Integer new_usec,
- Integer new_nonce,
- HostAddress new_sAddress,
- HostAddresses new_rAddress
- ) throws IOException {
- if (new_ticketInfo != null) {
- ticketInfo = new KrbCredInfo[new_ticketInfo.length];
- for (int i = 0; i < new_ticketInfo.length; i++) {
- if (new_ticketInfo[i] == null) {
- throw new IOException("Cannot create a EncKrbCredPart");
- } else {
- ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
- }
- }
+ public EncKrbCredPart(
+ KrbCredInfo[] new_ticketInfo,
+ KerberosTime new_timeStamp,
+ Integer new_usec,
+ Integer new_nonce,
+ HostAddress new_sAddress,
+ HostAddresses new_rAddress) throws IOException {
+ if (new_ticketInfo != null) {
+ ticketInfo = new KrbCredInfo[new_ticketInfo.length];
+ for (int i = 0; i < new_ticketInfo.length; i++) {
+ if (new_ticketInfo[i] == null) {
+ throw new IOException("Cannot create a EncKrbCredPart");
+ } else {
+ ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
}
- timeStamp = new_timeStamp;
- usec = new_usec;
- nonce = new_nonce;
- sAddress = new_sAddress;
- rAddress = new_rAddress;
+ }
}
+ timeStamp = new_timeStamp;
+ usec = new_usec;
+ nonce = new_nonce;
+ sAddress = new_sAddress;
+ rAddress = new_rAddress;
+ }
- public EncKrbCredPart(byte[] data) throws Asn1Exception,
- IOException, RealmException {
- init(new DerValue(data));
- }
+ public EncKrbCredPart(byte[] data) throws Asn1Exception,
+ IOException, RealmException {
+ init(new DerValue(data));
+ }
- public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
- IOException, RealmException {
- init(encoding);
- }
+ public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
+ IOException, RealmException {
+ init(encoding);
+ }
- /**
- * Initializes an EncKrbCredPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, RealmException {
- DerValue der, subDer;
- //may not be the correct error code for a tag
- //mismatch on an encrypted structure
- nonce = null;
- timeStamp = null;
- usec= null;
+ /**
+ * Initializes an EncKrbCredPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, RealmException {
+ DerValue der, subDer;
+ //may not be the correct error code for a tag
+ //mismatch on an encrypted structure
+ nonce = null;
+ timeStamp = null;
+ usec = null;
sAddress = null;
rAddress = null;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ DerValue derValues[] = subDer.getData().getSequence(1);
+ ticketInfo = new KrbCredInfo[derValues.length];
+ for (int i = 0; i < derValues.length; i++) {
+ ticketInfo[i] = new KrbCredInfo(derValues[i]);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if (der.getData().available() > 0) {
+ if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
- DerValue derValues[] = subDer.getData().getSequence(1);
- ticketInfo = new KrbCredInfo[derValues.length];
- for (int i = 0; i < derValues.length; i++) {
- ticketInfo[i] = new KrbCredInfo(derValues[i]);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (der.getData().available() > 0) {
- if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) {
- subDer = der.getData().getDerValue();
- nonce = new Integer(subDer.getData().getBigInteger().intValue());
- }
- }
- if (der.getData().available() >0) {
- timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true);
- }
- if (der.getData().available() >0) {
- if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) {
- subDer = der.getData().getDerValue();
- usec = new Integer(subDer.getData().getBigInteger().intValue());
- }
- }
- if (der.getData().available() >0) {
- sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
- }
- if (der.getData().available() >0) {
- rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
- }
- if (der.getData().available() >0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ nonce = new Integer(subDer.getData().getBigInteger().intValue());
+ }
+ }
+ if (der.getData().available() > 0) {
+ timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
+ }
+ if (der.getData().available() > 0) {
+ if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
+ subDer = der.getData().getDerValue();
+ usec = new Integer(subDer.getData().getBigInteger().intValue());
+ }
+ }
+ if (der.getData().available() > 0) {
+ sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
+ }
+ if (der.getData().available() > 0) {
+ rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
- /**
- * Encodes an EncKrbCredPart object.
- * @return byte array of encoded EncKrbCredPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException{
+ /**
+ * Encodes an EncKrbCredPart object.
+ * @return byte array of encoded EncKrbCredPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- DerValue[] tickets = new DerValue[ticketInfo.length];
- for (int i = 0; i < ticketInfo.length; i++)
- tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
- temp.putSequence(tickets);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
+ DerOutputStream temp = new DerOutputStream();
+ DerValue[] tickets = new DerValue[ticketInfo.length];
+ for (int i = 0; i < ticketInfo.length; i++) {
+ tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
+ }
+ temp.putSequence(tickets);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
- if (nonce != null) {
+ if (nonce != null) {
temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(nonce.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- }
+ temp.putInteger(BigInteger.valueOf(nonce.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ }
if (timeStamp != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode());
- }
- if (usec != null) {
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(usec.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
- }
- if (sAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
- }
- if (rAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
- return bytes.toByteArray();
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), timeStamp.asn1Encode());
+ }
+ if (usec != null) {
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(usec.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), temp);
+ }
+ if (sAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), sAddress.asn1Encode());
+ }
+ if (rAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), rAddress.asn1Encode());
}
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x1D), temp);
+ return bytes.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java b/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
index e4ed50b4ba1cf382d960f2f64f06c173ea098a0f..292dd58be3b442acbf177c5192365cf42adb254c 100644
--- a/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
@@ -55,114 +55,119 @@ import java.math.BigInteger;
*
* http://www.ietf.org/rfc/rfc4120.txt.
*/
-
public class EncKrbPrivPart {
- public byte[] userData = null;
- public KerberosTime timestamp; //optional
- public Integer usec; //optional
- public Integer seqNumber; //optional
- public HostAddress sAddress; //optional
- public HostAddress rAddress; //optional
- public EncKrbPrivPart(
- byte[] new_userData,
- KerberosTime new_timestamp,
- Integer new_usec,
- Integer new_seqNumber,
- HostAddress new_sAddress,
- HostAddress new_rAddress
- ) {
- if (new_userData != null) {
- userData = new_userData.clone();
- }
- timestamp = new_timestamp;
- usec = new_usec;
- seqNumber = new_seqNumber;
- sAddress = new_sAddress;
- rAddress = new_rAddress;
- }
+ public byte[] userData = null;
+ public KerberosTime timestamp; //optional
+ public Integer usec; //optional
+ public Integer seqNumber; //optional
+ public HostAddress sAddress; //optional
+ public HostAddress rAddress; //optional
- public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
- init(new DerValue(data));
+ public EncKrbPrivPart(
+ byte[] new_userData,
+ KerberosTime new_timestamp,
+ Integer new_usec,
+ Integer new_seqNumber,
+ HostAddress new_sAddress,
+ HostAddress new_rAddress) {
+ if (new_userData != null) {
+ userData = new_userData.clone();
}
+ timestamp = new_timestamp;
+ usec = new_usec;
+ seqNumber = new_seqNumber;
+ sAddress = new_sAddress;
+ rAddress = new_rAddress;
+ }
- public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
- init(encoding);
- }
+ public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
+ init(new DerValue(data));
+ }
+
+ public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an EncKrbPrivPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- private void init(DerValue encoding) throws Asn1Exception, IOException {
+ /**
+ * Initializes an EncKrbPrivPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ userData = subDer.getData().getOctetString();
+ } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
- userData = subDer.getData().getOctetString();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
- if ((der.getData().peekByte() & 0x1F) == 0x02) {
- subDer = der.getData().getDerValue();
- usec = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else usec = null;
- if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
- subDer = der.getData().getDerValue();
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else seqNumber = null;
- sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
- if (der.getData().available() > 0) {
- rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
- }
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
+ if ((der.getData().peekByte() & 0x1F) == 0x02) {
+ subDer = der.getData().getDerValue();
+ usec = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ usec = null;
+ }
+ if ((der.getData().peekByte() & 0x1F) == 0x03) {
+ subDer = der.getData().getDerValue();
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ seqNumber = null;
+ }
+ sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
+ if (der.getData().available() > 0) {
+ rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an EncKrbPrivPart object.
- * @return byte array of encoded EncKrbPrivPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an EncKrbPrivPart object.
+ * @return byte array of encoded EncKrbPrivPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
- temp.putOctetString(userData);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- if (timestamp != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode());
- if (usec != null) {
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(usec.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
- }
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
- }
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
- if (rAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
- return bytes.toByteArray();
+ temp.putOctetString(userData);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ if (timestamp != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
+ }
+ if (usec != null) {
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(usec.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
+ }
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
+ if (rAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
}
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
+ return bytes.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java b/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
index 95c100a020aca76197012d16966dc295e7b8172d..864115e52e98fc51cb06bc2a2f15d12e8155550d 100644
--- a/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
@@ -35,55 +35,52 @@ import java.io.IOException;
public class EncTGSRepPart extends EncKDCRepPart {
- public EncTGSRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr
- ) {
- super(
- new_key,
- new_lastReq,
- new_nonce,
- new_keyExpiration,
- new_flags,
- new_authtime,
- new_starttime,
- new_endtime,
- new_renewTill,
- new_srealm,
- new_sname,
- new_caddr,
- Krb5.KRB_ENC_TGS_REP_PART
- );
- }
+ public EncTGSRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr) {
+ super(
+ new_key,
+ new_lastReq,
+ new_nonce,
+ new_keyExpiration,
+ new_flags,
+ new_authtime,
+ new_starttime,
+ new_endtime,
+ new_renewTill,
+ new_srealm,
+ new_sname,
+ new_caddr,
+ Krb5.KRB_ENC_TGS_REP_PART);
+ }
- public EncTGSRepPart(byte[] data) throws Asn1Exception,
- IOException, KrbException {
- init(new DerValue(data));
- }
+ public EncTGSRepPart(byte[] data) throws Asn1Exception,
+ IOException, KrbException {
+ init(new DerValue(data));
+ }
- public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding);
- }
+ public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding);
+ }
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
- }
-
- public byte[] asn1Encode() throws Asn1Exception,
- IOException {
- return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
- }
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
+ }
+ public byte[] asn1Encode() throws Asn1Exception,
+ IOException {
+ return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/EncTicketPart.java b/src/share/classes/sun/security/krb5/internal/EncTicketPart.java
index 5f315095825832d0759518f877403558e3556ed1..73eb814445baff9933da195a84aa99aab0225ab7 100644
--- a/src/share/classes/sun/security/krb5/internal/EncTicketPart.java
+++ b/src/share/classes/sun/security/krb5/internal/EncTicketPart.java
@@ -62,69 +62,68 @@ import java.io.*;
* http://www.ietf.org/rfc/rfc4120.txt.
*/
public class EncTicketPart {
- public TicketFlags flags;
- public EncryptionKey key;
- public Realm crealm;
- public PrincipalName cname;
- public TransitedEncoding transited;
- public KerberosTime authtime;
- public KerberosTime starttime; //optional
- public KerberosTime endtime;
- public KerberosTime renewTill; //optional
- public HostAddresses caddr; //optional
- public AuthorizationData authorizationData; //optional
-
- public EncTicketPart(
- TicketFlags new_flags,
- EncryptionKey new_key,
- Realm new_crealm,
- PrincipalName new_cname,
- TransitedEncoding new_transited,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- HostAddresses new_caddr,
- AuthorizationData new_authorizationData
- ) {
- flags = new_flags;
- key = new_key;
- crealm = new_crealm;
- cname = new_cname;
- transited = new_transited;
- authtime = new_authtime;
- starttime = new_starttime;
- endtime = new_endtime;
- renewTill = new_renewTill;
- caddr = new_caddr;
- authorizationData = new_authorizationData;
- }
- public EncTicketPart(byte[] data)
- throws Asn1Exception, KrbException, IOException {
- init(new DerValue(data));
- }
+ public TicketFlags flags;
+ public EncryptionKey key;
+ public Realm crealm;
+ public PrincipalName cname;
+ public TransitedEncoding transited;
+ public KerberosTime authtime;
+ public KerberosTime starttime; //optional
+ public KerberosTime endtime;
+ public KerberosTime renewTill; //optional
+ public HostAddresses caddr; //optional
+ public AuthorizationData authorizationData; //optional
+
+ public EncTicketPart(
+ TicketFlags new_flags,
+ EncryptionKey new_key,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ TransitedEncoding new_transited,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ HostAddresses new_caddr,
+ AuthorizationData new_authorizationData) {
+ flags = new_flags;
+ key = new_key;
+ crealm = new_crealm;
+ cname = new_cname;
+ transited = new_transited;
+ authtime = new_authtime;
+ starttime = new_starttime;
+ endtime = new_endtime;
+ renewTill = new_renewTill;
+ caddr = new_caddr;
+ authorizationData = new_authorizationData;
+ }
- public EncTicketPart(DerValue encoding)
- throws Asn1Exception, KrbException, IOException {
- init(encoding);
- }
+ public EncTicketPart(byte[] data)
+ throws Asn1Exception, KrbException, IOException {
+ init(new DerValue(data));
+ }
- /**
- * Initializes an EncTicketPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
+ public EncTicketPart(DerValue encoding)
+ throws Asn1Exception, KrbException, IOException {
+ init(encoding);
+ }
+ /**
+ * Initializes an EncTicketPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
private static String getHexBytes(byte[] bytes, int len)
- throws IOException {
+ throws IOException {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < len; i++) {
- int b1 = (bytes[i]>>4) & 0x0f;
+ int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1));
@@ -134,73 +133,91 @@ public class EncTicketPart {
return sb.toString();
}
- private void init(DerValue encoding)
- throws Asn1Exception, IOException, RealmException {
- DerValue der, subDer;
+ private void init(DerValue encoding)
+ throws Asn1Exception, IOException, RealmException {
+ DerValue der, subDer;
- renewTill = null;
- caddr = null;
- authorizationData = null;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x03)
+ renewTill = null;
+ caddr = null;
+ authorizationData = null;
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|| (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- flags = TicketFlags.parse(der.getData(), (byte)0x00, false);
- key = EncryptionKey.parse(der.getData(), (byte)0x01, false);
- crealm = Realm.parse(der.getData(), (byte)0x02, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x03, false);
- transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false);
- authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
- endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
- if (der.getData().available() > 0) {
- renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
- }
- if (der.getData().available() > 0) {
- caddr = HostAddresses.parse(der.getData(), (byte)0x09, true);
- }
- if (der.getData().available() > 0) {
- authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true);
- }
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
-
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
+ key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
+ crealm = Realm.parse(der.getData(), (byte) 0x02, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
+ transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
+ authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
+ endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
+ if (der.getData().available() > 0) {
+ renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
+ }
+ if (der.getData().available() > 0) {
+ caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
+ }
+ if (der.getData().available() > 0) {
+ authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
- /**
- * Encodes an EncTicketPart object.
- * @return byte array of encoded EncTicketPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
+ }
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an EncTicketPart object.
+ * @return byte array of encoded EncTicketPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
- if (starttime != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
-
- if (renewTill != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
-
- if (caddr != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode());
-
- if (authorizationData != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode());
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp);
- return bytes.toByteArray();
+ DerOutputStream temp = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), flags.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), key.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), crealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), cname.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), transited.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), authtime.asn1Encode());
+ if (starttime != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), starttime.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x07), endtime.asn1Encode());
+
+ if (renewTill != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x08), renewTill.asn1Encode());
}
+
+ if (caddr != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x09), caddr.asn1Encode());
+ }
+
+ if (authorizationData != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0A), authorizationData.asn1Encode());
+ }
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x03), temp);
+ return bytes.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/KDCRep.java b/src/share/classes/sun/security/krb5/internal/KDCRep.java
index ca1d777ed231ee9c84f128dd03bb236ab8f89f7f..f7cc7180082be06e1d78b249b0cfbcc4e6d4b74d 100644
--- a/src/share/classes/sun/security/krb5/internal/KDCRep.java
+++ b/src/share/classes/sun/security/krb5/internal/KDCRep.java
@@ -35,6 +35,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 KDC-REP type.
*
@@ -59,163 +60,168 @@ import java.math.BigInteger;
*
* http://www.ietf.org/rfc/rfc4120.txt.
*/
-
public class KDCRep {
- public Realm crealm;
- public PrincipalName cname;
- public Ticket ticket;
- public EncryptedData encPart;
- public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
- private int pvno;
- private int msgType;
- private PAData[] pAData = null; //optional
- private boolean DEBUG = Krb5.DEBUG;
+ public Realm crealm;
+ public PrincipalName cname;
+ public Ticket ticket;
+ public EncryptedData encPart;
+ public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
+ private int pvno;
+ private int msgType;
+ private PAData[] pAData = null; //optional
+ private boolean DEBUG = Krb5.DEBUG;
- public KDCRep(
- PAData[] new_pAData,
- Realm new_crealm,
- PrincipalName new_cname,
- Ticket new_ticket,
- EncryptedData new_encPart,
- int req_type
- ) throws IOException {
- pvno = Krb5.PVNO;
- msgType = req_type;
- if (new_pAData != null) {
- pAData = new PAData[new_pAData.length];
- for (int i = 0; i < new_pAData.length; i++) {
- if (new_pAData[i] == null) {
- throw new IOException("Cannot create a KDCRep");
- } else {
- pAData[i] = (PAData)new_pAData[i].clone();
- }
- }
+ public KDCRep(
+ PAData[] new_pAData,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Ticket new_ticket,
+ EncryptedData new_encPart,
+ int req_type) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = req_type;
+ if (new_pAData != null) {
+ pAData = new PAData[new_pAData.length];
+ for (int i = 0; i < new_pAData.length; i++) {
+ if (new_pAData[i] == null) {
+ throw new IOException("Cannot create a KDCRep");
+ } else {
+ pAData[i] = (PAData) new_pAData[i].clone();
}
- crealm = new_crealm;
- cname = new_cname;
- ticket = new_ticket;
- encPart = new_encPart;
+ }
}
+ crealm = new_crealm;
+ cname = new_cname;
+ ticket = new_ticket;
+ encPart = new_encPart;
+ }
- public KDCRep() {
- }
+ public KDCRep() {
+ }
- public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException {
- init(new DerValue(data), req_type);
- }
+ public KDCRep(byte[] data, int req_type) throws Asn1Exception,
+ KrbApErrException, RealmException, IOException {
+ init(new DerValue(data), req_type);
+ }
- public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding, req_type);
- }
+ public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding, req_type);
+ }
/*
// Not used? Don't know what keyusage to use here %%%
-
- public void decrypt(EncryptionKey key) throws Asn1Exception,
- IOException, KrbException, RealmException {
- encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key),
- msgType);
- }
-*/
-
- /**
- * Initializes an KDCRep object.
- *
- * @param encoding a single DER-encoded value.
- * @param req_type reply message type.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
- *
- */
- protected void init(DerValue encoding, int req_type)
+ public void decrypt(EncryptionKey key) throws Asn1Exception,
+ IOException, KrbException, RealmException {
+ encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
+ }
+ */
+ /**
+ * Initializes an KDCRep object.
+ *
+ * @param encoding a single DER-encoded value.
+ * @param req_type reply message type.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while constructing
+ * a Realm object from DER-encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded
+ * data stream does not match the pre-defined value.
+ *
+ */
+ protected void init(DerValue encoding, int req_type)
throws Asn1Exception, RealmException, IOException,
- KrbApErrException {
- DerValue der, subDer;
- if ((encoding.getTag() & 0x1F) != req_type) {
- if (DEBUG) {
- System.out.println(">>> KDCRep: init() " +
- "encoding tag is " +
- encoding.getTag() +
- " req type is " + req_type);
- }
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ KrbApErrException {
+ DerValue der, subDer;
+ if ((encoding.getTag() & 0x1F) != req_type) {
+ if (DEBUG) {
+ System.out.println(">>> KDCRep: init() " +
+ "encoding tag is " +
+ encoding.getTag() +
+ " req type is " + req_type);
}
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x00) {
+ pvno = subDer.getData().getBigInteger().intValue();
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x00) {
- pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- } else {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x01) {
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != req_type) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x01) {
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != req_type) {
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- } else {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- if ((der.getData().peekByte() & 0x1F) == 0x02) {
- subDer = der.getData().getDerValue();
- DerValue[] padata = subDer.getData().getSequence(1);
- pAData = new PAData[padata.length];
- for (int i = 0; i < padata.length; i++) {
- pAData[i] = new PAData(padata[i]);
- }
- } else {
- pAData = null;
- }
- crealm = Realm.parse(der.getData(), (byte)0x03, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
- ticket = Ticket.parse(der.getData(), (byte)0x05, false);
- encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
- if (der.getData().available() > 0) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ DerValue[] padata = subDer.getData().getSequence(1);
+ pAData = new PAData[padata.length];
+ for (int i = 0; i < padata.length; i++) {
+ pAData[i] = new PAData(padata[i]);
}
+ } else {
+ pAData = null;
}
+ crealm = Realm.parse(der.getData(), (byte) 0x03, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
+ ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
+ /**
+ * Encodes this object to a byte array.
+ * @return byte array of encoded APReq object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
- /**
- * Encodes this object to a byte array.
- * @return byte array of encoded APReq object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
-
- DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- if (pAData != null && pAData.length > 0) {
- DerOutputStream padata_stream = new DerOutputStream();
- for (int i = 0; i < pAData.length; i++) {
- padata_stream.write(pAData[i].asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_SequenceOf, padata_stream);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
+ DerOutputStream bytes = new DerOutputStream();
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ if (pAData != null && pAData.length > 0) {
+ DerOutputStream padata_stream = new DerOutputStream();
+ for (int i = 0; i < pAData.length; i++) {
+ padata_stream.write(pAData[i].asn1Encode());
}
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- return temp.toByteArray();
+ temp.write(DerValue.tag_SequenceOf, padata_stream);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
}
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), crealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), cname.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), ticket.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), encPart.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ return temp.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/KDCReq.java b/src/share/classes/sun/security/krb5/internal/KDCReq.java
index 2f0498956958977aab6d1dbf1788b84a83469657..a46f6436cd82d450df53c573e37c4f69f4bda321 100644
--- a/src/share/classes/sun/security/krb5/internal/KDCReq.java
+++ b/src/share/classes/sun/security/krb5/internal/KDCReq.java
@@ -56,155 +56,160 @@ import java.math.BigInteger;
*
* http://www.ietf.org/rfc/rfc4120.txt.
*/
-
public class KDCReq {
- public KDCReqBody reqBody;
- private int pvno;
- private int msgType;
- private PAData[] pAData = null; //optional
+ public KDCReqBody reqBody;
+ private int pvno;
+ private int msgType;
+ private PAData[] pAData = null; //optional
- public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
- int req_type) throws IOException {
- pvno = Krb5.PVNO;
- msgType = req_type;
- if (new_pAData != null) {
- pAData = new PAData[new_pAData.length];
- for (int i = 0; i < new_pAData.length; i++) {
- if (new_pAData[i] == null) {
- throw new IOException("Cannot create a KDCRep");
- } else {
- pAData[i] = (PAData)new_pAData[i].clone();
- }
- }
+ public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
+ int req_type) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = req_type;
+ if (new_pAData != null) {
+ pAData = new PAData[new_pAData.length];
+ for (int i = 0; i < new_pAData.length; i++) {
+ if (new_pAData[i] == null) {
+ throw new IOException("Cannot create a KDCRep");
+ } else {
+ pAData[i] = (PAData) new_pAData[i].clone();
}
- reqBody = new_reqBody;
+ }
}
+ reqBody = new_reqBody;
+ }
- public KDCReq() {
- }
+ public KDCReq() {
+ }
- public KDCReq(byte[] data, int req_type) throws Asn1Exception,
- IOException, KrbException {
+ public KDCReq(byte[] data, int req_type) throws Asn1Exception,
+ IOException, KrbException {
init(new DerValue(data), req_type);
- }
+ }
/**
- * Creates an KDCReq object from a DerValue object and asn1 type.
- *
- * @param der a DER value of an KDCReq object.
- * @param req_type a encoded asn1 type value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exceptoin KrbErrException
- */
+ * Creates an KDCReq object from a DerValue object and asn1 type.
+ *
+ * @param der a DER value of an KDCReq object.
+ * @param req_type a encoded asn1 type value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exceptoin KrbErrException
+ */
public KDCReq(DerValue der, int req_type) throws Asn1Exception,
- IOException, KrbException {
- init(der, req_type);
- }
+ IOException, KrbException {
+ init(der, req_type);
+ }
- /**
- * Initializes a KDCReq object from a DerValue. The DER encoding
- * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
- *
- * @param encoding a DER-encoded KDCReq object.
- * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbException if an error occurs while constructing a Realm object,
- * or a Krb object from DER-encoded data.
- */
+ /**
+ * Initializes a KDCReq object from a DerValue. The DER encoding
+ * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
+ *
+ * @param encoding a DER-encoded KDCReq object.
+ * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbException if an error occurs while constructing a Realm object,
+ * or a Krb object from DER-encoded data.
+ */
protected void init(DerValue encoding, int req_type) throws Asn1Exception,
- IOException, KrbException {
- DerValue der, subDer;
- BigInteger bint;
- if ((encoding.getTag() & 0x1F) != req_type) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence) {
+ IOException, KrbException {
+ DerValue der, subDer;
+ BigInteger bint;
+ if ((encoding.getTag() & 0x1F) != req_type) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x01) {
- bint = subDer.getData().getBigInteger();
- this.pvno = bint.intValue();
- if (this.pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x02) {
- bint = subDer.getData().getBigInteger();
- this.msgType = bint.intValue();
- if (this.msgType != req_type)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x03) {
- DerValue subsubDer = subDer.getData().getDerValue();
- if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- Vector v = new Vector ();
- while (subsubDer.getData().available() > 0) {
- v.addElement(new PAData(subsubDer.getData().getDerValue()));
- }
- if (v.size() > 0) {
- pAData = new PAData[v.size()];
- v.copyInto(pAData);
- }
- }
- else pAData = null;
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x04) {
- DerValue subsubDer = subDer.getData().getDerValue();
- reqBody = new KDCReqBody(subsubDer, msgType);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x01) {
+ bint = subDer.getData().getBigInteger();
+ this.pvno = bint.intValue();
+ if (this.pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x02) {
+ bint = subDer.getData().getBigInteger();
+ this.msgType = bint.intValue();
+ if (this.msgType != req_type) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if ((der.getData().peekByte() & 0x1F) == 0x03) {
+ subDer = der.getData().getDerValue();
+ DerValue subsubDer = subDer.getData().getDerValue();
+ if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ Vector v = new Vector();
+ while (subsubDer.getData().available() > 0) {
+ v.addElement(new PAData(subsubDer.getData().getDerValue()));
+ }
+ if (v.size() > 0) {
+ pAData = new PAData[v.size()];
+ v.copyInto(pAData);
+ }
+ } else {
+ pAData = null;
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x04) {
+ DerValue subsubDer = subDer.getData().getDerValue();
+ reqBody = new KDCReqBody(subsubDer, msgType);
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes this object to a byte array.
- *
- * @return an byte array of encoded data.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
+ /**
+ * Encodes this object to a byte array.
+ *
+ * @return an byte array of encoded data.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
public byte[] asn1Encode() throws Asn1Exception, IOException {
- DerOutputStream temp, bytes, out;
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
+ DerOutputStream temp, bytes, out;
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
if (pAData != null && pAData.length > 0) {
- temp = new DerOutputStream();
- for (int i = 0; i < pAData.length; i++) {
- temp.write(pAData[i].asn1Encode());
- }
- bytes = new DerOutputStream();
- bytes.write(DerValue.tag_SequenceOf, temp);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes);
- }
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
- bytes = new DerOutputStream();
- bytes.write(DerValue.tag_Sequence, out);
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
- return out.toByteArray();
- }
-
- public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
- {
- return reqBody.asn1Encode(msgType);
+ temp = new DerOutputStream();
+ for (int i = 0; i < pAData.length; i++) {
+ temp.write(pAData[i].asn1Encode());
+ }
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.tag_SequenceOf, temp);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), bytes);
}
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), reqBody.asn1Encode(msgType));
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.tag_Sequence, out);
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) msgType), bytes);
+ return out.toByteArray();
+ }
+ public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
+ return reqBody.asn1Encode(msgType);
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/KRBCred.java b/src/share/classes/sun/security/krb5/internal/KRBCred.java
index 2c364e834b01ba5ac268fe9b672783885bf7c9f7..a30ca6d2929379acb29b8c1fced208eb0b7095fc 100644
--- a/src/share/classes/sun/security/krb5/internal/KRBCred.java
+++ b/src/share/classes/sun/security/krb5/internal/KRBCred.java
@@ -56,128 +56,134 @@ import java.math.BigInteger;
*
* http://www.ietf.org/rfc/rfc4120.txt.
*/
-
public class KRBCred {
- public Ticket[] tickets = null;
- public EncryptedData encPart;
- private int pvno;
- private int msgType;
+ public Ticket[] tickets = null;
+ public EncryptedData encPart;
+ private int pvno;
+ private int msgType;
- public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_CRED;
- if (new_tickets != null) {
- tickets = new Ticket[new_tickets.length];
- for (int i = 0; i < new_tickets.length; i++) {
- if (new_tickets[i] == null) {
- throw new IOException("Cannot create a KRBCred");
- } else {
- tickets[i] = (Ticket)new_tickets[i].clone();
- }
- }
+ public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_CRED;
+ if (new_tickets != null) {
+ tickets = new Ticket[new_tickets.length];
+ for (int i = 0; i < new_tickets.length; i++) {
+ if (new_tickets[i] == null) {
+ throw new IOException("Cannot create a KRBCred");
+ } else {
+ tickets[i] = (Ticket) new_tickets[i].clone();
}
- encPart = new_encPart;
+ }
}
+ encPart = new_encPart;
+ }
- public KRBCred(byte[] data) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public KRBCred(byte[] data) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
- public KRBCred(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding);
- }
+ public KRBCred(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an KRBCred object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x16)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ /**
+ * Initializes an KRBCred object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
DerValue der, subDer;
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x00) {
- pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO) {
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x00) {
+ pvno = subDer.getData().getBigInteger().intValue();
+ if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x01) {
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_CRED)
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x01) {
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_CRED) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x02) {
- DerValue subsubDer = subDer.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x02) {
+ DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- Vector v = new Vector ();
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ Vector v = new Vector();
while (subsubDer.getData().available() > 0) {
- v.addElement(new Ticket(subsubDer.getData().getDerValue()));
- }
+ v.addElement(new Ticket(subsubDer.getData().getDerValue()));
+ }
if (v.size() > 0) {
- tickets = new Ticket[v.size()];
- v.copyInto(tickets);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
-
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ tickets = new Ticket[v.size()];
+ v.copyInto(tickets);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an KRBCred object.
- * @return the data of encoded EncAPRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an KRBCred object.
+ * @return the data of encoded EncAPRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out;
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
temp = new DerOutputStream();
- for (int i = 0; i < tickets.length; i++) {
- temp.write(tickets[i].asn1Encode());
- }
+ temp.putInteger(BigInteger.valueOf(msgType));
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ for (int i = 0; i < tickets.length; i++) {
+ temp.write(tickets[i].asn1Encode());
+ }
bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode());
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), bytes);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), encPart.asn1Encode());
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes);
- return out.toByteArray();
- }
-
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x16), bytes);
+ return out.toByteArray();
+ }
}
diff --git a/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java b/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
index 3853ab579cce0d195743b2fe3a5d9a872956b7cc..08a21b6658993d19ed6a7d700e5ed43c53ffe954 100644
--- a/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
+++ b/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
@@ -111,7 +111,7 @@ public class KrbCredInfo {
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public KrbCredInfo(DerValue encoding)
- throws Asn1Exception, IOException, RealmException{
+ throws Asn1Exception, IOException, RealmException{
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
@@ -160,25 +160,25 @@ public class KrbCredInfo {
Vector v = new Vector ();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
if (prealm != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
if (pname != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
if (flags != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
if (authtime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
if (starttime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
if (endtime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
if (renewTill != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
if (srealm != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
if (sname != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
if (caddr != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
DerOutputStream out = new DerOutputStream();
diff --git a/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java b/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
index 5a62d6d2508fed4cf281066e0f6d72d965398735..64c3f8cd85bae7029baa796ea58a3d1462a1db86 100644
--- a/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
+++ b/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
@@ -215,7 +215,9 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
addrType = read(2);
addrLength = read(4);
if (!(addrLength == 4 || addrLength == 16)) {
- System.out.println("Incorrect address format.");
+ if (DEBUG) {
+ System.out.println("Incorrect address format.");
+ }
return null;
}
byte[] result = new byte[addrLength];
@@ -338,15 +340,19 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
System.out.println(">>>DEBUG key type: " + key.getEType());
long times[] = readTimes();
KerberosTime authtime = new KerberosTime(times[0]);
- KerberosTime starttime = new KerberosTime(times[1]);
+ KerberosTime starttime =
+ (times[1]==0) ? null : new KerberosTime(times[1]);
KerberosTime endtime = new KerberosTime(times[2]);
- KerberosTime renewTill = new KerberosTime(times[3]);
+ KerberosTime renewTill =
+ (times[3]==0) ? null : new KerberosTime(times[3]);
if (DEBUG) {
System.out.println(">>>DEBUG auth time: " + authtime.toDate().toString());
- System.out.println(">>>DEBUG start time: " + starttime.toDate().toString());
+ System.out.println(">>>DEBUG start time: " +
+ ((starttime==null)?"null":starttime.toDate().toString()));
System.out.println(">>>DEBUG end time: " + endtime.toDate().toString());
- System.out.println(">>>DEBUG renew_till time: " + renewTill.toDate().toString());
+ System.out.println(">>>DEBUG renew_till time: " +
+ ((renewTill==null)?"null":renewTill.toDate().toString()));
}
boolean skey = readskey();
boolean flags[] = readFlags();
diff --git a/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java b/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
index 4665d9f63dcc32ca5efa413e7336dec123975d9b..ff45cb73d37de7cbcce98169677440ca95185743 100644
--- a/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
+++ b/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
@@ -34,169 +34,185 @@ import sun.security.krb5.*;
import sun.security.krb5.internal.*;
public class Credentials {
- PrincipalName cname;
- Realm crealm;
+
+ PrincipalName cname;
+ Realm crealm;
PrincipalName sname;
- Realm srealm;
- EncryptionKey key;
- KerberosTime authtime;
- KerberosTime starttime;//optional
- KerberosTime endtime;
- KerberosTime renewTill; //optional
- HostAddresses caddr; //optional; for proxied tickets only
+ Realm srealm;
+ EncryptionKey key;
+ KerberosTime authtime;
+ KerberosTime starttime;//optional
+ KerberosTime endtime;
+ KerberosTime renewTill; //optional
+ HostAddresses caddr; //optional; for proxied tickets only
AuthorizationData authorizationData; //optional, not being actually used
public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
- TicketFlags flags;
+ TicketFlags flags;
Ticket ticket;
- Ticket secondTicket; //optional
- private boolean DEBUG = Krb5.DEBUG;
-
- public Credentials(
- PrincipalName new_cname,
- PrincipalName new_sname,
- EncryptionKey new_key,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- boolean new_isEncInSKey,
- TicketFlags new_flags,
- HostAddresses new_caddr,
- AuthorizationData new_authData,
- Ticket new_ticket,
- Ticket new_secondTicket) {
- cname = (PrincipalName)new_cname.clone();
- if (new_cname.getRealm() != null)
- crealm = (Realm)new_cname.getRealm().clone();
-
- sname = (PrincipalName)new_sname.clone();
- if (new_sname.getRealm() != null)
- srealm = (Realm)new_sname.getRealm().clone();
-
- key = (EncryptionKey)new_key.clone();
-
- authtime = (KerberosTime)new_authtime.clone();
- starttime = (KerberosTime)new_starttime.clone();
- endtime = (KerberosTime)new_endtime.clone();
- renewTill = (KerberosTime)new_renewTill.clone();
- if (new_caddr != null)
- caddr = (HostAddresses)new_caddr.clone();
- if (new_authData != null) {
- authorizationData
- = (AuthorizationData)new_authData.clone();
- }
-
- isEncInSKey = new_isEncInSKey;
- flags = (TicketFlags)new_flags.clone();
- ticket = (Ticket)(new_ticket.clone());
- if (new_secondTicket != null)
- secondTicket = (Ticket)new_secondTicket.clone();
- }
-
-
-
- public Credentials(
- KDCRep kdcRep,
- Ticket new_secondTicket,
- AuthorizationData new_authorizationData,
- boolean new_isEncInSKey
- ) {
- if (kdcRep.encKDCRepPart == null) //can't store while encrypted
- return;
- crealm = (Realm)kdcRep.crealm.clone();
- cname = (PrincipalName)kdcRep.cname.clone();
- ticket = (Ticket)kdcRep.ticket.clone();
- key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
- flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
- authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
- starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
- endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
- renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
- srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
- sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
- caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
- secondTicket = (Ticket)new_secondTicket.clone();
- authorizationData =
- (AuthorizationData)new_authorizationData.clone();
- isEncInSKey = new_isEncInSKey;
- }
-
- public Credentials(KDCRep kdcRep) {
- this(kdcRep, null);
- }
-
- public Credentials(KDCRep kdcRep, Ticket new_ticket) {
- sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
- srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
- try {
- sname.setRealm(srealm);
- }
- catch (RealmException e) {
- }
- cname = (PrincipalName)kdcRep.cname.clone();
- crealm = (Realm)kdcRep.crealm.clone();
- try {
- cname.setRealm(crealm);
- }
- catch (RealmException e) {
- }
- key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
- authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
- if (kdcRep.encKDCRepPart.starttime != null) {
- starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
- }
- else starttime = null;
- endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
- if (kdcRep.encKDCRepPart.renewTill != null) {
- renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
- }
- else renewTill = null;
- // if (kdcRep.msgType == Krb5.KRB_AS_REP) {
- // isEncInSKey = false;
- // secondTicket = null;
- // }
- flags = kdcRep.encKDCRepPart.flags;
- if (kdcRep.encKDCRepPart.caddr != null)
- caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
- else caddr = null;
- ticket = (Ticket)kdcRep.ticket.clone();
- if (new_ticket != null) {
- secondTicket = (Ticket)new_ticket.clone();
- isEncInSKey = true;
- } else {
- secondTicket = null;
- isEncInSKey = false;
- }
- }
-
- /**
- * Checks if this credential is expired
- */
- public boolean isValid() {
- boolean valid = true;
- if (endtime.getTime() < System.currentTimeMillis()) {
- valid = false;
- }
- else if ((starttime.getTime() > System.currentTimeMillis())
- || ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
- {
- valid = false;
- }
- return valid;
- }
-
- public PrincipalName getServicePrincipal() throws RealmException{
- if (sname.getRealm() == null) {
- sname.setRealm(srealm);
- }
- return sname;
- }
-
- public sun.security.krb5.Credentials setKrbCreds() {
- return new sun.security.krb5.Credentials(ticket,
- cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
+ Ticket secondTicket; //optional
+ private boolean DEBUG = Krb5.DEBUG;
+
+ public Credentials(
+ PrincipalName new_cname,
+ PrincipalName new_sname,
+ EncryptionKey new_key,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ boolean new_isEncInSKey,
+ TicketFlags new_flags,
+ HostAddresses new_caddr,
+ AuthorizationData new_authData,
+ Ticket new_ticket,
+ Ticket new_secondTicket) {
+ cname = (PrincipalName) new_cname.clone();
+ if (new_cname.getRealm() != null) {
+ crealm = (Realm) new_cname.getRealm().clone();
+ }
+
+ sname = (PrincipalName) new_sname.clone();
+ if (new_sname.getRealm() != null) {
+ srealm = (Realm) new_sname.getRealm().clone();
+ }
+
+ key = (EncryptionKey) new_key.clone();
+
+ authtime = (KerberosTime) new_authtime.clone();
+ if (new_starttime != null) {
+ starttime = (KerberosTime) new_starttime.clone();
+ }
+ endtime = (KerberosTime) new_endtime.clone();
+ if (new_renewTill != null) {
+ renewTill = (KerberosTime) new_renewTill.clone();
+ }
+ if (new_caddr != null) {
+ caddr = (HostAddresses) new_caddr.clone();
+ }
+ if (new_authData != null) {
+ authorizationData = (AuthorizationData) new_authData.clone();
}
+ isEncInSKey = new_isEncInSKey;
+ flags = (TicketFlags) new_flags.clone();
+ ticket = (Ticket) (new_ticket.clone());
+ if (new_secondTicket != null) {
+ secondTicket = (Ticket) new_secondTicket.clone();
+ }
+ }
+
+ public Credentials(
+ KDCRep kdcRep,
+ Ticket new_secondTicket,
+ AuthorizationData new_authorizationData,
+ boolean new_isEncInSKey) {
+ if (kdcRep.encKDCRepPart == null) //can't store while encrypted
+ {
+ return;
+ }
+ crealm = (Realm) kdcRep.crealm.clone();
+ cname = (PrincipalName) kdcRep.cname.clone();
+ ticket = (Ticket) kdcRep.ticket.clone();
+ key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
+ flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
+ authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
+ if (kdcRep.encKDCRepPart.starttime != null) {
+ starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
+ }
+ endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
+ if (kdcRep.encKDCRepPart.renewTill != null) {
+ renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
+ }
+ srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
+ sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
+ caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
+ secondTicket = (Ticket) new_secondTicket.clone();
+ authorizationData =
+ (AuthorizationData) new_authorizationData.clone();
+ isEncInSKey = new_isEncInSKey;
+ }
+
+ public Credentials(KDCRep kdcRep) {
+ this(kdcRep, null);
+ }
+
+ public Credentials(KDCRep kdcRep, Ticket new_ticket) {
+ sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
+ srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
+ try {
+ sname.setRealm(srealm);
+ } catch (RealmException e) {
+ }
+ cname = (PrincipalName) kdcRep.cname.clone();
+ crealm = (Realm) kdcRep.crealm.clone();
+ try {
+ cname.setRealm(crealm);
+ } catch (RealmException e) {
+ }
+ key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
+ authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
+ if (kdcRep.encKDCRepPart.starttime != null) {
+ starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
+ } else {
+ starttime = null;
+ }
+ endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
+ if (kdcRep.encKDCRepPart.renewTill != null) {
+ renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
+ } else {
+ renewTill = null;
+ }
+ // if (kdcRep.msgType == Krb5.KRB_AS_REP) {
+ // isEncInSKey = false;
+ // secondTicket = null;
+ // }
+ flags = kdcRep.encKDCRepPart.flags;
+ if (kdcRep.encKDCRepPart.caddr != null) {
+ caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
+ } else {
+ caddr = null;
+ }
+ ticket = (Ticket) kdcRep.ticket.clone();
+ if (new_ticket != null) {
+ secondTicket = (Ticket) new_ticket.clone();
+ isEncInSKey = true;
+ } else {
+ secondTicket = null;
+ isEncInSKey = false;
+ }
+ }
+
+ /**
+ * Checks if this credential is expired
+ */
+ public boolean isValid() {
+ boolean valid = true;
+ if (endtime.getTime() < System.currentTimeMillis()) {
+ valid = false;
+ } else if (starttime != null) {
+ if (starttime.getTime() > System.currentTimeMillis()) {
+ valid = false;
+ }
+ } else {
+ if (authtime.getTime() > System.currentTimeMillis()) {
+ valid = false;
+ }
+ }
+ return valid;
+ }
+
+ public PrincipalName getServicePrincipal() throws RealmException {
+ if (sname.getRealm() == null) {
+ sname.setRealm(srealm);
+ }
+ return sname;
+ }
+
+ public sun.security.krb5.Credentials setKrbCreds() {
+ return new sun.security.krb5.Credentials(ticket,
+ cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
+ }
+
public KerberosTime getAuthTime() {
return authtime;
}
diff --git a/src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java b/src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
index 31919fc51f5b6e83d2181fd41b942ba6ce95b169..ea6e2d3eb241722543106fc7c155eecd0922b07d 100644
--- a/src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
+++ b/src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
@@ -440,7 +440,9 @@ public class AesDkCrypto extends DkCrypto {
for (int i = 0; i < hashSize; i++) {
if (calculatedHmac[i] != ciphertext[hmacOffset+i]) {
cksumFailed = true;
- System.err.println("Checksum failed !");
+ if (debug) {
+ System.err.println("Checksum failed !");
+ }
break;
}
}
diff --git a/src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java b/src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
index 57a0c091721199eb5718eeb0fc8050442b2eed2c..8d4c89d60b3e956c6cf7a6bd08a18743c863ae54 100644
--- a/src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
+++ b/src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
@@ -397,7 +397,9 @@ public class ArcFourCrypto extends DkCrypto {
for (int i = 0; i < hashSize; i++) {
if (calculatedHmac[i] != ciphertext[i]) {
cksumFailed = true;
- System.err.println("Checksum failed !");
+ if (debug) {
+ System.err.println("Checksum failed !");
+ }
break;
}
}
diff --git a/src/share/classes/sun/security/ssl/Handshaker.java b/src/share/classes/sun/security/ssl/Handshaker.java
index b8395665d5a3373bb7f16de9f8d08f7533b2b9ac..5b9dae6c59084f5dc9a3ce97cd7cd18f3e34f2f4 100644
--- a/src/share/classes/sun/security/ssl/Handshaker.java
+++ b/src/share/classes/sun/security/ssl/Handshaker.java
@@ -617,7 +617,8 @@ abstract class Handshaker {
r.write(1); // single byte of data
if (conn != null) {
- synchronized (conn.writeLock) {
+ conn.writeLock.lock();
+ try {
conn.writeRecord(r);
conn.changeWriteCiphers();
if (debug != null && Debug.isOn("handshake")) {
@@ -625,6 +626,8 @@ abstract class Handshaker {
}
mesg.write(output);
output.flush();
+ } finally {
+ conn.writeLock.unlock();
}
} else {
synchronized (engine.writeLock) {
diff --git a/src/share/classes/sun/security/ssl/InputRecord.java b/src/share/classes/sun/security/ssl/InputRecord.java
index 56ea2b0483e4fea9c15e0e34fc72aefab7096201..c0e3e4aa526ab29a58eda28573ff5371daa03947 100644
--- a/src/share/classes/sun/security/ssl/InputRecord.java
+++ b/src/share/classes/sun/security/ssl/InputRecord.java
@@ -426,12 +426,12 @@ class InputRecord extends ByteArrayInputStream implements Record {
if (really < 0) {
throw new SSLException("SSL peer shut down incorrectly");
}
-
- // now we've got a complete record.
- count = contentLen + headerSize;
- exlen = 0;
}
+ // now we've got a complete record.
+ count = contentLen + headerSize;
+ exlen = 0;
+
if (debug != null && Debug.isOn("record")) {
if (count < 0 || count > (maxRecordSize - headerSize)) {
System.out.println(Thread.currentThread().getName()
@@ -502,10 +502,11 @@ class InputRecord extends ByteArrayInputStream implements Record {
if (really < 0) {
throw new EOFException("SSL peer shut down incorrectly");
}
-
- // now we've got a complete record.
- exlen = 0;
}
+
+ // now we've got a complete record.
+ exlen = 0;
+
hashInternal(buf, 2, 3);
hashInternal(v2Buf, 0, len);
V2toV3ClientHello(v2Buf);
diff --git a/src/share/classes/sun/security/ssl/OutputRecord.java b/src/share/classes/sun/security/ssl/OutputRecord.java
index 3153b07f1acced0d51b3d8470ce07dda81897fe3..3d580e5cd5b6cde93b3f73192f2d8e353b52ce51 100644
--- a/src/share/classes/sun/security/ssl/OutputRecord.java
+++ b/src/share/classes/sun/security/ssl/OutputRecord.java
@@ -174,6 +174,18 @@ class OutputRecord extends ByteArrayOutputStream implements Record {
return count == headerSize;
}
+ /*
+ * Return true if the record is of a given alert.
+ */
+ boolean isAlert(byte description) {
+ // An alert is defined with a two bytes struct,
+ // {byte level, byte description}, following after the header bytes.
+ if (count > (headerSize + 1) && contentType == ct_alert) {
+ return buf[headerSize + 1] == description;
+ }
+
+ return false;
+ }
/*
* Compute the MAC and append it to this record. In case we
diff --git a/src/share/classes/sun/security/ssl/SSLSocketImpl.java b/src/share/classes/sun/security/ssl/SSLSocketImpl.java
index 0b8a16c0958954b0f8df80bc29ff1c30465ce272..66b6e6d112c0b7cf5856457bb37d17a951cbcc37 100644
--- a/src/share/classes/sun/security/ssl/SSLSocketImpl.java
+++ b/src/share/classes/sun/security/ssl/SSLSocketImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1996-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -33,6 +33,8 @@ import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.PrivilegedAction;
import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.BadPaddingException;
@@ -274,7 +276,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* from the peer are handled properly.
*/
private Object handshakeLock;
- Object writeLock;
+ ReentrantLock writeLock;
private Object readLock;
private InputRecord inrec;
@@ -314,7 +316,6 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
private HashMap
handshakeListeners;
-
/*
* Reuse the same internal input/output streams.
*/
@@ -526,7 +527,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
enabledCipherSuites = CipherSuiteList.getDefault();
enabledProtocols = ProtocolList.getDefault();
handshakeLock = new Object();
- writeLock = new Object();
+ writeLock = new ReentrantLock();
readLock = new Object();
inrec = null;
@@ -677,16 +678,81 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// implementations are fragile and don't like to see empty
// records, so this also increases robustness.
//
- synchronized (writeLock) {
- if (!r.isEmpty()) {
- // r.compress(c);
- r.addMAC(writeMAC);
- r.encrypt(writeCipher);
- r.write(sockOutput);
+ if (!r.isEmpty()) {
+
+ // If the record is a close notify alert, we need to honor
+ // socket option SO_LINGER. Note that we will try to send
+ // the close notify even if the SO_LINGER set to zero.
+ if (r.isAlert(Alerts.alert_close_notify) && getSoLinger() >= 0) {
+
+ // keep and clear the current thread interruption status.
+ boolean interrupted = Thread.interrupted();
+ try {
+ if (writeLock.tryLock(getSoLinger(), TimeUnit.SECONDS)) {
+ try {
+ writeRecordInternal(r);
+ } finally {
+ writeLock.unlock();
+ }
+ } else {
+ SSLException ssle = new SSLException(
+ "SO_LINGER timeout," +
+ " close_notify message cannot be sent.");
+
+
+ // For layered, non-autoclose sockets, we are not
+ // able to bring them into a usable state, so we
+ // treat it as fatal error.
+ if (self != this && !autoClose) {
+ // Note that the alert description is
+ // specified as -1, so no message will be send
+ // to peer anymore.
+ fatal((byte)(-1), ssle);
+ } else if ((debug != null) && Debug.isOn("ssl")) {
+ System.out.println(threadName() +
+ ", received Exception: " + ssle);
+ }
+
+ // RFC2246 requires that the session becomes
+ // unresumable if any connection is terminated
+ // without proper close_notify messages with
+ // level equal to warning.
+ //
+ // RFC4346 no longer requires that a session not be
+ // resumed if failure to properly close a connection.
+ //
+ // We choose to make the session unresumable if
+ // failed to send the close_notify message.
+ //
+ sess.invalidate();
+ }
+ } catch (InterruptedException ie) {
+ // keep interrupted status
+ interrupted = true;
+ }
+
+ // restore the interrupted status
+ if (interrupted) {
+ Thread.currentThread().interrupt();
+ }
+ } else {
+ writeLock.lock();
+ try {
+ writeRecordInternal(r);
+ } finally {
+ writeLock.unlock();
+ }
}
}
}
+ private void writeRecordInternal(OutputRecord r) throws IOException {
+ // r.compress(c);
+ r.addMAC(writeMAC);
+ r.encrypt(writeCipher);
+ r.write(sockOutput);
+ }
+
/*
* Read an application data record. Alerts and handshake
@@ -1533,7 +1599,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
if (oldState == cs_HANDSHAKE) {
sockInput.skip(sockInput.available());
}
- sendAlert(Alerts.alert_fatal, description);
+
+ // If the description equals -1, the alert won't be sent to peer.
+ if (description != -1) {
+ sendAlert(Alerts.alert_fatal, description);
+ }
if (cause instanceof SSLException) { // only true if != null
closeReason = (SSLException)cause;
} else {
@@ -1614,7 +1684,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* Emit alerts. Caller must have synchronized with "this".
*/
private void sendAlert(byte level, byte description) {
- if (connectionState >= cs_CLOSED) {
+ if (connectionState >= cs_SENT_CLOSE) {
return;
}
diff --git a/src/share/classes/sun/security/x509/AVA.java b/src/share/classes/sun/security/x509/AVA.java
index 9a6b7a59d1a41c58d958e0e6bf0fc00dd08ff6ae..43d914cba13ea7b58734b7ac25732bc8665972ac 100644
--- a/src/share/classes/sun/security/x509/AVA.java
+++ b/src/share/classes/sun/security/x509/AVA.java
@@ -780,7 +780,8 @@ public class AVA implements DerEncoder {
* Implementations MAY escape other characters.
*
* NOTE: this implementation also recognizes "=" and "#" as
- * characters which need escaping.
+ * characters which need escaping, and null which is escaped as
+ * '\00' (see RFC 4514).
*
* If a character to be escaped is one of the list shown above, then
* it is prefixed by a backslash ('\' ASCII 92).
@@ -805,6 +806,10 @@ public class AVA implements DerEncoder {
// append printable/escaped char
sbuffer.append(c);
+ } else if (c == '\u0000') {
+ // escape null character
+ sbuffer.append("\\00");
+
} else if (debug != null && Debug.isOn("ava")) {
// embed non-printable/non-escaped char
diff --git a/src/solaris/classes/java/net/PlainSocketImpl.java b/src/solaris/classes/java/net/PlainSocketImpl.java
index 113bcb0183e9177f9ef65b49f04528b4f8271816..25e2bab81f597fb2aac0acd68707e4dcd327a10f 100644
--- a/src/solaris/classes/java/net/PlainSocketImpl.java
+++ b/src/solaris/classes/java/net/PlainSocketImpl.java
@@ -76,9 +76,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
native int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
- native int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
- throws SocketException;
-
native void socketSendUrgentData(int data) throws IOException;
}
diff --git a/src/windows/classes/java/net/DualStackPlainSocketImpl.java b/src/windows/classes/java/net/DualStackPlainSocketImpl.java
index 116046603f8592cdb676615b6e78a4d94c6293fd..4e92df7f687d7c6121fec182dd56e1d571c42961 100644
--- a/src/windows/classes/java/net/DualStackPlainSocketImpl.java
+++ b/src/windows/classes/java/net/DualStackPlainSocketImpl.java
@@ -218,9 +218,6 @@ class DualStackPlainSocketImpl extends AbstractPlainSocketImpl
return value;
}
- int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
- throws SocketException {return 0;} // un-implemented REMOVE
-
void socketSendUrgentData(int data) throws IOException {
int nativefd = checkAndReturnNativeFD();
sendOOB(nativefd, data);
diff --git a/src/windows/classes/java/net/PlainSocketImpl.java b/src/windows/classes/java/net/PlainSocketImpl.java
index c65c71c670f9a192a4c9bac8dd2b8a89aab8b6e3..cde60b530878050fa00c99bca7ef6523a566271c 100644
--- a/src/windows/classes/java/net/PlainSocketImpl.java
+++ b/src/windows/classes/java/net/PlainSocketImpl.java
@@ -304,11 +304,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
return impl.socketGetOption(opt, iaContainerObj);
}
- int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
- throws SocketException {
- return impl.socketGetOption1(opt, iaContainerObj, fd);
- }
-
void socketSendUrgentData(int data) throws IOException {
impl.socketSendUrgentData(data);
}
diff --git a/src/windows/classes/java/net/TwoStacksPlainSocketImpl.java b/src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
index 9475bd3f7a10e17ed845d2b7df49599e04344c35..13851124b32ce7723bc12a4f43d30a67d2c21961 100644
--- a/src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
+++ b/src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
@@ -199,8 +199,5 @@ class TwoStacksPlainSocketImpl extends AbstractPlainSocketImpl
native int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
- native int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
- throws SocketException;
-
native void socketSendUrgentData(int data) throws IOException;
}
diff --git a/src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c b/src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
index 29c0a2b3b70e31e0cf8c937df6f3a5d473efd778..580e2fabadb6a5c000069b46cf114245b24e924c 100644
--- a/src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
+++ b/src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
@@ -36,6 +36,8 @@
#include
#include
+#include "jni_util.h"
+
#define SECURITY_WIN32
#include "sspi.h"
#include "issperr.h"
@@ -52,7 +54,7 @@ static INITIALIZE_SECURITY_CONTEXT_FN pInitializeSecurityContext;
static COMPLETE_AUTH_TOKEN_FN pCompleteAuthToken;
static DELETE_SECURITY_CONTEXT_FN pDeleteSecurityContext;
-static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle, SecBufferDesc OutBuffDesc);
+static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle);
static jfieldID ntlm_ctxHandleID;
static jfieldID ntlm_crdHandleID;
@@ -117,22 +119,36 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
{
SEC_WINNT_AUTH_IDENTITY AuthId;
SEC_WINNT_AUTH_IDENTITY * pAuthId;
- CHAR *pUser = 0;
- CHAR *pDomain = 0;
- CHAR *pPassword = 0;
+ const CHAR *pUser = 0;
+ const CHAR *pDomain = 0;
+ const CHAR *pPassword = 0;
CredHandle *pCred;
TimeStamp ltime;
jboolean isCopy;
SECURITY_STATUS ss;
if (user != 0) {
- pUser = (CHAR *)(*env)->GetStringUTFChars(env, user, &isCopy);
+ pUser = JNU_GetStringPlatformChars(env, user, &isCopy);
+ if (pUser == NULL)
+ return 0; // pending Exception
}
if (domain != 0) {
- pDomain = (CHAR *)(*env)->GetStringUTFChars(env, domain, &isCopy);
+ pDomain = JNU_GetStringPlatformChars(env, domain, &isCopy);
+ if (pDomain == NULL) {
+ if (pUser != NULL)
+ JNU_ReleaseStringPlatformChars(env, user, pUser);
+ return 0; // pending Exception
+ }
}
if (password != 0) {
- pPassword = (CHAR *)(*env)->GetStringUTFChars(env, password, &isCopy);
+ pPassword = JNU_GetStringPlatformChars(env, password, &isCopy);
+ if (pPassword == NULL) {
+ if(pUser != NULL)
+ JNU_ReleaseStringPlatformChars(env, user, pUser);
+ if(pDomain != NULL)
+ JNU_ReleaseStringPlatformChars(env, domain, pDomain);
+ return 0; // pending Exception
+ }
}
pCred = (CredHandle *)malloc(sizeof (CredHandle));
@@ -167,6 +183,14 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
pCred, <ime
);
+ /* Release resources held by JNU_GetStringPlatformChars */
+ if (pUser != NULL)
+ JNU_ReleaseStringPlatformChars(env, user, pUser);
+ if (pPassword != NULL)
+ JNU_ReleaseStringPlatformChars(env, password, pPassword);
+ if (pDomain != NULL)
+ JNU_ReleaseStringPlatformChars(env, domain, pDomain);
+
if (ss == 0) {
return (jlong) pCred;
} else {
@@ -181,7 +205,6 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
VOID *pInput = 0;
DWORD inputLen;
CHAR buffOut[512];
- DWORD pcbBuffOut;
jboolean isCopy;
SECURITY_STATUS ss;
SecBufferDesc OutBuffDesc;
@@ -247,7 +270,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
}
if (ss < 0) {
- endSequence (pCred, pCtx, OutBuffDesc);
+ endSequence (pCred, pCtx);
return 0;
}
@@ -255,7 +278,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
ss = pCompleteAuthToken( pCtx, &OutBuffDesc );
if (ss < 0) {
- endSequence (pCred, pCtx, OutBuffDesc);
+ endSequence (pCred, pCtx);
return 0;
}
}
@@ -265,25 +288,23 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
(*env)->SetByteArrayRegion(env, ret, 0, OutSecBuff.cbBuffer,
OutSecBuff.pvBuffer);
if (lastToken != 0) // 2nd stage
- endSequence (pCred, pCtx, OutBuffDesc);
+ endSequence (pCred, pCtx);
result = ret;
}
if ((ss != SEC_I_CONTINUE_NEEDED) && (ss == SEC_I_COMPLETE_AND_CONTINUE)) {
- endSequence (pCred, pCtx, OutBuffDesc);
+ endSequence (pCred, pCtx);
}
return result;
}
-static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle, SecBufferDesc OutBuffDesc) {
+static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle) {
if (credHand != 0) {
pFreeCredentialsHandle (credHand);
free (credHand);
}
- pFreeContextBuffer (&OutBuffDesc);
-
if (ctxHandle != 0) {
pDeleteSecurityContext(ctxHandle);
free (ctxHandle);
diff --git a/src/windows/native/sun/security/krb5/NativeCreds.c b/src/windows/native/sun/security/krb5/NativeCreds.c
index 879dab473880822c42438554c7a2df65bbc548bf..5d2365a415a92040471b617eb3882eab1529a2bd 100644
--- a/src/windows/native/sun/security/krb5/NativeCreds.c
+++ b/src/windows/native/sun/security/krb5/NativeCreds.c
@@ -88,9 +88,9 @@ VOID ShowNTError(LPSTR,NTSTATUS);
VOID
InitUnicodeString(
- PUNICODE_STRING DestinationString,
+ PUNICODE_STRING DestinationString,
PCWSTR SourceString OPTIONAL
- );
+);
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize);
@@ -108,215 +108,215 @@ jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime);
*/
JNIEXPORT jint JNICALL JNI_OnLoad(
- JavaVM *jvm,
- void *reserved) {
-
- jclass cls;
- JNIEnv *env;
-
- if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
- return JNI_EVERSION; /* JNI version not supported */
- }
-
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
-
- if (cls == NULL) {
- printf("Couldn't find Ticket\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found Ticket\n");
- #endif /* DEBUG */
+ JavaVM *jvm,
+ void *reserved) {
- ticketClass = (*env)->NewWeakGlobalRef(env,cls);
- if (ticketClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
-
- cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
+ jclass cls;
+ JNIEnv *env;
- if (cls == NULL) {
- printf("Couldn't find PrincipalName\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found PrincipalName\n");
- #endif /* DEBUG */
-
- principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
- if (principalNameClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
-
- cls = (*env)->FindClass(env,"sun/security/util/DerValue");
+ if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
+ return JNI_EVERSION; /* JNI version not supported */
+ }
- if (cls == NULL) {
- printf("Couldn't find DerValue\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found DerValue\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
- derValueClass = (*env)->NewWeakGlobalRef(env,cls);
- if (derValueClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find Ticket\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found Ticket\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey");
+ ticketClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (ticketClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- if (cls == NULL) {
- printf("Couldn't find EncryptionKey\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found EncryptionKey\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
- encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls);
- if (encryptionKeyClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find PrincipalName\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found PrincipalName\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags");
+ principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (principalNameClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- if (cls == NULL) {
- printf("Couldn't find TicketFlags\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found TicketFlags\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"sun/security/util/DerValue");
- ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls);
- if (ticketFlagsClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find DerValue\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found DerValue\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime");
+ derValueClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (derValueClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- if (cls == NULL) {
- printf("Couldn't find KerberosTime\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found KerberosTime\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey");
- kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls);
- if (kerberosTimeClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find EncryptionKey\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found EncryptionKey\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"java/lang/String");
+ encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (encryptionKeyClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- if (cls == NULL) {
- printf("Couldn't find String\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found String\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags");
- javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls);
- if (javaLangStringClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find TicketFlags\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found TicketFlags\n");
+ #endif /* DEBUG */
- derValueConstructor = (*env)->GetMethodID(env, derValueClass,
- "", "([B)V");
- if (derValueConstructor == 0) {
- printf("Couldn't find DerValue constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found DerValue constructor\n");
- #endif /* DEBUG */
+ ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (ticketFlagsClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- ticketConstructor = (*env)->GetMethodID(env, ticketClass,
- "", "(Lsun/security/util/DerValue;)V");
- if (ticketConstructor == 0) {
- printf("Couldn't find Ticket constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found Ticket constructor\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime");
- principalNameConstructor = (*env)->GetMethodID(env, principalNameClass,
- "", "([Ljava/lang/String;)V");
- if (principalNameConstructor == 0) {
- printf("Couldn't find PrincipalName constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found PrincipalName constructor\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find KerberosTime\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found KerberosTime\n");
+ #endif /* DEBUG */
- encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass,
- "", "(I[B)V");
- if (encryptionKeyConstructor == 0) {
- printf("Couldn't find EncryptionKey constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found EncryptionKey constructor\n");
- #endif /* DEBUG */
+ kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (kerberosTimeClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass,
- "", "(I[B)V");
- if (ticketFlagsConstructor == 0) {
- printf("Couldn't find TicketFlags constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found TicketFlags constructor\n");
- #endif /* DEBUG */
+ cls = (*env)->FindClass(env,"java/lang/String");
- kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass,
- "", "(Ljava/lang/String;)V");
- if (kerberosTimeConstructor == 0) {
- printf("Couldn't find KerberosTime constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found KerberosTime constructor\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find String\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found String\n");
+ #endif /* DEBUG */
- // load the setRealm method in PrincipalName
- setRealmMethod = (*env)->GetMethodID(env, principalNameClass,
- "setRealm", "(Ljava/lang/String;)V");
- if (setRealmMethod == 0) {
- printf("Couldn't find setRealm in PrincipalName\n");
- return JNI_ERR;
- }
+ javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (javaLangStringClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
+
+ derValueConstructor = (*env)->GetMethodID(env, derValueClass,
+ "", "([B)V");
+ if (derValueConstructor == 0) {
+ printf("Couldn't find DerValue constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found DerValue constructor\n");
+ #endif /* DEBUG */
+
+ ticketConstructor = (*env)->GetMethodID(env, ticketClass,
+ "", "(Lsun/security/util/DerValue;)V");
+ if (ticketConstructor == 0) {
+ printf("Couldn't find Ticket constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found Ticket constructor\n");
+ #endif /* DEBUG */
+
+ principalNameConstructor = (*env)->GetMethodID(env, principalNameClass,
+ "", "([Ljava/lang/String;)V");
+ if (principalNameConstructor == 0) {
+ printf("Couldn't find PrincipalName constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found PrincipalName constructor\n");
+ #endif /* DEBUG */
+
+ encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass,
+ "", "(I[B)V");
+ if (encryptionKeyConstructor == 0) {
+ printf("Couldn't find EncryptionKey constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found EncryptionKey constructor\n");
+ #endif /* DEBUG */
+
+ ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass,
+ "", "(I[B)V");
+ if (ticketFlagsConstructor == 0) {
+ printf("Couldn't find TicketFlags constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found TicketFlags constructor\n");
+ #endif /* DEBUG */
+
+ kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass,
+ "", "(Ljava/lang/String;)V");
+ if (kerberosTimeConstructor == 0) {
+ printf("Couldn't find KerberosTime constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found KerberosTime constructor\n");
+ #endif /* DEBUG */
+
+ // load the setRealm method in PrincipalName
+ setRealmMethod = (*env)->GetMethodID(env, principalNameClass,
+ "setRealm", "(Ljava/lang/String;)V");
+ if (setRealmMethod == 0) {
+ printf("Couldn't find setRealm in PrincipalName\n");
+ return JNI_ERR;
+ }
- #ifdef DEBUG
- printf("Finished OnLoad processing\n");
- #endif /* DEBUG */
+ #ifdef DEBUG
+ printf("Finished OnLoad processing\n");
+ #endif /* DEBUG */
- return JNI_VERSION_1_2;
+ return JNI_VERSION_1_2;
}
/*
@@ -325,38 +325,38 @@ JNIEXPORT jint JNICALL JNI_OnLoad(
*/
JNIEXPORT void JNICALL JNI_OnUnload(
- JavaVM *jvm,
- void *reserved) {
+ JavaVM *jvm,
+ void *reserved) {
- JNIEnv *env;
+ JNIEnv *env;
- if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
- return; /* Nothing else we can do */
- }
+ if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
+ return; /* Nothing else we can do */
+ }
- if (ticketClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,ticketClass);
- }
- if (derValueClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,derValueClass);
- }
- if (principalNameClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,principalNameClass);
- }
- if (encryptionKeyClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
- }
- if (ticketFlagsClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
- }
- if (kerberosTimeClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
- }
- if (javaLangStringClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
- }
+ if (ticketClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,ticketClass);
+ }
+ if (derValueClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,derValueClass);
+ }
+ if (principalNameClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,principalNameClass);
+ }
+ if (encryptionKeyClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
+ }
+ if (ticketFlagsClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
+ }
+ if (kerberosTimeClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
+ }
+ if (javaLangStringClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
+ }
- return;
+ return;
}
/*
@@ -365,31 +365,31 @@ JNIEXPORT void JNICALL JNI_OnUnload(
* Signature: ()Lsun/security/krb5/Credentials;
*/
JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds(
- JNIEnv *env,
- jclass krbcredsClass) {
-
- KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
- PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
- PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
- PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
- NTSTATUS Status, SubStatus;
- ULONG requestSize = 0;
- ULONG responseSize = 0;
- ULONG rspSize = 0;
- HANDLE LogonHandle = NULL;
- ULONG PackageId;
- jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
- jobject ticketFlags, startTime, endTime, krbCreds = NULL;
- jobject authTime, renewTillTime, hostAddresses = NULL;
- KERB_EXTERNAL_TICKET *msticket;
- int ignore_cache = 0;
- FILETIME Now, EndTime, LocalEndTime;
-
- while (TRUE) {
+ JNIEnv *env,
+ jclass krbcredsClass) {
+
+ KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
+ PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
+ PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
+ PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
+ NTSTATUS Status, SubStatus;
+ ULONG requestSize = 0;
+ ULONG responseSize = 0;
+ ULONG rspSize = 0;
+ HANDLE LogonHandle = NULL;
+ ULONG PackageId;
+ jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
+ jobject ticketFlags, startTime, endTime, krbCreds = NULL;
+ jobject authTime, renewTillTime, hostAddresses = NULL;
+ KERB_EXTERNAL_TICKET *msticket;
+ int ignore_cache = 0;
+ FILETIME Now, EndTime, LocalEndTime;
+
+ while (TRUE) {
if (krbcredsConstructor == 0) {
- krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "",
- "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
+ krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "",
+ "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
if (krbcredsConstructor == 0) {
printf("Couldn't find sun.security.krb5.Credentials constructor\n");
break;
@@ -510,88 +510,88 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ
msticket = &(pTicketResponse->Ticket);
}
-/*
-
-typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
- KERB_EXTERNAL_TICKET Ticket;
-} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
-
-typedef struct _KERB_EXTERNAL_TICKET {
- PKERB_EXTERNAL_NAME ServiceName;
- PKERB_EXTERNAL_NAME TargetName;
- PKERB_EXTERNAL_NAME ClientName;
- UNICODE_STRING DomainName;
- UNICODE_STRING TargetDomainName;
- UNICODE_STRING AltTargetDomainName;
- KERB_CRYPTO_KEY SessionKey;
- ULONG TicketFlags;
- ULONG Flags;
- LARGE_INTEGER KeyExpirationTime;
- LARGE_INTEGER StartTime;
- LARGE_INTEGER EndTime;
- LARGE_INTEGER RenewUntil;
- LARGE_INTEGER TimeSkew;
- ULONG EncodedTicketSize;
- PUCHAR EncodedTicket; <========== Here's the good stuff
-} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
-
-typedef struct _KERB_EXTERNAL_NAME {
- SHORT NameType;
- USHORT NameCount;
- UNICODE_STRING Names[ANYSIZE_ARRAY];
-} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
-
-typedef struct _LSA_UNICODE_STRING {
- USHORT Length;
- USHORT MaximumLength;
- PWSTR Buffer;
-} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
-
-typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
-
-typedef struct KERB_CRYPTO_KEY {
- LONG KeyType;
- ULONG Length;
- PUCHAR Value;
-} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
+ /*
-*/
+ typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
+ KERB_EXTERNAL_TICKET Ticket;
+ } KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
+
+ typedef struct _KERB_EXTERNAL_TICKET {
+ PKERB_EXTERNAL_NAME ServiceName;
+ PKERB_EXTERNAL_NAME TargetName;
+ PKERB_EXTERNAL_NAME ClientName;
+ UNICODE_STRING DomainName;
+ UNICODE_STRING TargetDomainName;
+ UNICODE_STRING AltTargetDomainName;
+ KERB_CRYPTO_KEY SessionKey;
+ ULONG TicketFlags;
+ ULONG Flags;
+ LARGE_INTEGER KeyExpirationTime;
+ LARGE_INTEGER StartTime;
+ LARGE_INTEGER EndTime;
+ LARGE_INTEGER RenewUntil;
+ LARGE_INTEGER TimeSkew;
+ ULONG EncodedTicketSize;
+ PUCHAR EncodedTicket; <========== Here's the good stuff
+ } KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
+
+ typedef struct _KERB_EXTERNAL_NAME {
+ SHORT NameType;
+ USHORT NameCount;
+ UNICODE_STRING Names[ANYSIZE_ARRAY];
+ } KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
+
+ typedef struct _LSA_UNICODE_STRING {
+ USHORT Length;
+ USHORT MaximumLength;
+ PWSTR Buffer;
+ } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
+
+ typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
+
+ typedef struct KERB_CRYPTO_KEY {
+ LONG KeyType;
+ ULONG Length;
+ PUCHAR Value;
+ } KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
+
+ */
// Build a com.sun.security.krb5.Ticket
ticket = BuildTicket(env, msticket->EncodedTicket,
msticket->EncodedTicketSize);
if (ticket == NULL) {
- break;
+ break;
}
// OK, have a Ticket, now need to get the client name
clientPrincipal = BuildPrincipal(env, msticket->ClientName,
msticket->TargetDomainName); // mdu
if (clientPrincipal == NULL) {
- break;
+ break;
}
// and the "name" of tgt
targetPrincipal = BuildPrincipal(env, msticket->ServiceName,
msticket->DomainName);
if (targetPrincipal == NULL) {
- break;
+ break;
}
// Get the encryption key
encryptionKey = BuildEncryptionKey(env, &(msticket->SessionKey));
if (encryptionKey == NULL) {
- break;
+ break;
}
// and the ticket flags
ticketFlags = BuildTicketFlags(env, &(msticket->TicketFlags));
if (ticketFlags == NULL) {
- break;
+ break;
}
// Get the start time
startTime = BuildKerberosTime(env, &(msticket->StartTime));
if (startTime == NULL) {
- break;
+ break;
}
/*
@@ -604,13 +604,13 @@ typedef struct KERB_CRYPTO_KEY {
// and the end time
endTime = BuildKerberosTime(env, &(msticket->EndTime));
if (endTime == NULL) {
- break;
+ break;
}
// Get the renew till time
renewTillTime = BuildKerberosTime(env, &(msticket->RenewUntil));
if (renewTillTime == NULL) {
- break;
+ break;
}
// and now go build a KrbCreds object
@@ -630,87 +630,87 @@ typedef struct KERB_CRYPTO_KEY {
hostAddresses);
break;
- } // end of WHILE
+ } // end of WHILE
- // clean up resources
- if (TktCacheResponse != NULL) {
- LsaFreeReturnBuffer(TktCacheResponse);
- }
- if (pTicketRequest) {
- LocalFree(pTicketRequest);
- }
- if (pTicketResponse != NULL) {
- LsaFreeReturnBuffer(pTicketResponse);
- }
+ // clean up resources
+ if (TktCacheResponse != NULL) {
+ LsaFreeReturnBuffer(TktCacheResponse);
+ }
+ if (pTicketRequest) {
+ LocalFree(pTicketRequest);
+ }
+ if (pTicketResponse != NULL) {
+ LsaFreeReturnBuffer(pTicketResponse);
+ }
- return krbCreds;
+ return krbCreds;
}
static NTSTATUS
ConstructTicketRequest(UNICODE_STRING DomainName,
PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize)
{
- NTSTATUS Status;
- UNICODE_STRING TargetPrefix;
- USHORT TargetSize;
- ULONG RequestSize;
- ULONG Length;
- PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
+ NTSTATUS Status;
+ UNICODE_STRING TargetPrefix;
+ USHORT TargetSize;
+ ULONG RequestSize;
+ ULONG Length;
+ PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
- *outRequest = NULL;
- *outSize = 0;
+ *outRequest = NULL;
+ *outSize = 0;
- //
- // Set up the "krbtgt/" target prefix into a UNICODE_STRING so we
- // can easily concatenate it later.
- //
+ //
+ // Set up the "krbtgt/" target prefix into a UNICODE_STRING so we
+ // can easily concatenate it later.
+ //
- TargetPrefix.Buffer = L"krbtgt/";
- Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR);
- TargetPrefix.Length = (USHORT)Length;
- TargetPrefix.MaximumLength = TargetPrefix.Length;
+ TargetPrefix.Buffer = L"krbtgt/";
+ Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR);
+ TargetPrefix.Length = (USHORT)Length;
+ TargetPrefix.MaximumLength = TargetPrefix.Length;
- //
- // We will need to concatenate the "krbtgt/" prefix and the
- // Logon Session's DnsDomainName into our request's target name.
- //
- // Therefore, first compute the necessary buffer size for that.
- //
- // Note that we might theoretically have integer overflow.
- //
+ //
+ // We will need to concatenate the "krbtgt/" prefix and the
+ // Logon Session's DnsDomainName into our request's target name.
+ //
+ // Therefore, first compute the necessary buffer size for that.
+ //
+ // Note that we might theoretically have integer overflow.
+ //
- TargetSize = TargetPrefix.Length + DomainName.Length;
+ TargetSize = TargetPrefix.Length + DomainName.Length;
- //
- // The ticket request buffer needs to be a single buffer. That buffer
- // needs to include the buffer for the target name.
- //
+ //
+ // The ticket request buffer needs to be a single buffer. That buffer
+ // needs to include the buffer for the target name.
+ //
- RequestSize = sizeof (*pTicketRequest) + TargetSize;
+ RequestSize = sizeof (*pTicketRequest) + TargetSize;
- //
- // Allocate the request buffer and make sure it's zero-filled.
- //
+ //
+ // Allocate the request buffer and make sure it's zero-filled.
+ //
- pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST)
- LocalAlloc(LMEM_ZEROINIT, RequestSize);
- if (!pTicketRequest)
- return GetLastError();
+ pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST)
+ LocalAlloc(LMEM_ZEROINIT, RequestSize);
+ if (!pTicketRequest)
+ return GetLastError();
- //
- // Concatenate the target prefix with the previous reponse's
- // target domain.
- //
+ //
+ // Concatenate the target prefix with the previous reponse's
+ // target domain.
+ //
- pTicketRequest->TargetName.Length = 0;
- pTicketRequest->TargetName.MaximumLength = TargetSize;
- pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
- Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName),
- TargetPrefix,
- DomainName);
- *outRequest = pTicketRequest;
- *outSize = RequestSize;
- return Status;
+ pTicketRequest->TargetName.Length = 0;
+ pTicketRequest->TargetName.MaximumLength = TargetSize;
+ pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
+ Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName),
+ TargetPrefix,
+ DomainName);
+ *outRequest = pTicketRequest;
+ *outSize = RequestSize;
+ return Status;
}
DWORD
@@ -720,22 +720,22 @@ ConcatenateUnicodeStrings(
UNICODE_STRING Source2
)
{
- //
- // The buffers for Source1 and Source2 cannot overlap pTarget's
- // buffer. Source1.Length + Source2.Length must be <= 0xFFFF,
- // otherwise we overflow...
- //
+ //
+ // The buffers for Source1 and Source2 cannot overlap pTarget's
+ // buffer. Source1.Length + Source2.Length must be <= 0xFFFF,
+ // otherwise we overflow...
+ //
- USHORT TotalSize = Source1.Length + Source2.Length;
- PBYTE buffer = (PBYTE) pTarget->Buffer;
+ USHORT TotalSize = Source1.Length + Source2.Length;
+ PBYTE buffer = (PBYTE) pTarget->Buffer;
- if (TotalSize > pTarget->MaximumLength)
- return ERROR_INSUFFICIENT_BUFFER;
+ if (TotalSize > pTarget->MaximumLength)
+ return ERROR_INSUFFICIENT_BUFFER;
- pTarget->Length = TotalSize;
- memcpy(buffer, Source1.Buffer, Source1.Length);
- memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length);
- return ERROR_SUCCESS;
+ pTarget->Length = TotalSize;
+ memcpy(buffer, Source1.Buffer, Source1.Length);
+ memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length);
+ return ERROR_SUCCESS;
}
BOOL
@@ -783,27 +783,27 @@ ShowLastError(
DWORD dwError
)
{
- #define MAX_MSG_SIZE 256
-
- static WCHAR szMsgBuf[MAX_MSG_SIZE];
- DWORD dwRes;
-
- printf("Error calling function %s: %lu\n", szAPI, dwError);
-
- dwRes = FormatMessage (
- FORMAT_MESSAGE_FROM_SYSTEM,
- NULL,
- dwError,
- 0,
- szMsgBuf,
- MAX_MSG_SIZE,
- NULL);
- if (0 == dwRes) {
- printf("FormatMessage failed with %d\n", GetLastError());
- // ExitProcess(EXIT_FAILURE);
- } else {
- printf("%S",szMsgBuf);
- }
+ #define MAX_MSG_SIZE 256
+
+ static WCHAR szMsgBuf[MAX_MSG_SIZE];
+ DWORD dwRes;
+
+ printf("Error calling function %s: %lu\n", szAPI, dwError);
+
+ dwRes = FormatMessage (
+ FORMAT_MESSAGE_FROM_SYSTEM,
+ NULL,
+ dwError,
+ 0,
+ szMsgBuf,
+ MAX_MSG_SIZE,
+ NULL);
+ if (0 == dwRes) {
+ printf("FormatMessage failed with %d\n", GetLastError());
+ // ExitProcess(EXIT_FAILURE);
+ } else {
+ printf("%S",szMsgBuf);
+ }
}
VOID
@@ -831,189 +831,189 @@ InitUnicodeString(
Length = (ULONG)wcslen( SourceString ) * sizeof( WCHAR );
DestinationString->Length = (USHORT)Length;
DestinationString->MaximumLength = (USHORT)(Length + sizeof(UNICODE_NULL));
- }
+ }
else {
DestinationString->MaximumLength = 0;
DestinationString->Length = 0;
- }
+ }
}
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize) {
- /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
- * But before we can do that, we need to make a byte array out of the ET.
- */
-
- jobject derValue, ticket;
- jbyteArray ary;
+ /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
+ * But before we can do that, we need to make a byte array out of the ET.
+ */
- ary = (*env)->NewByteArray(env,encodedTicketSize);
- if ((*env)->ExceptionOccurred(env)) {
- return (jobject) NULL;
- }
+ jobject derValue, ticket;
+ jbyteArray ary;
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize,
- (jbyte *)encodedTicket);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- return (jobject) NULL;
- }
+ ary = (*env)->NewByteArray(env,encodedTicketSize);
+ if ((*env)->ExceptionOccurred(env)) {
+ return (jobject) NULL;
+ }
- derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- return (jobject) NULL;
- }
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize,
+ (jbyte *)encodedTicket);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ return (jobject) NULL;
+ }
+ derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
+ if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, ary);
- ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, derValue);
- return (jobject) NULL;
- }
+ return (jobject) NULL;
+ }
+
+ (*env)->DeleteLocalRef(env, ary);
+ ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
+ if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, derValue);
- return ticket;
+ return (jobject) NULL;
+ }
+ (*env)->DeleteLocalRef(env, derValue);
+ return ticket;
}
// mdu
jobject BuildPrincipal(JNIEnv *env, PKERB_EXTERNAL_NAME principalName,
UNICODE_STRING domainName) {
- /*
- * To build the Principal, we need to get the names out of
- * this goofy MS structure
- */
- jobject principal = NULL;
- jobject realmStr = NULL;
- jobjectArray stringArray;
- jstring tempString;
- int nameCount,i;
- PUNICODE_STRING scanner;
- WCHAR *realm;
- ULONG realmLen;
-
- realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT,
- ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL)));
- wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR));
-
- #ifdef DEBUG
- printf("Principal domain is %S\n", realm);
- printf("Name type is %x\n", principalName->NameType);
- printf("Name count is %x\n", principalName->NameCount);
- #endif
-
- nameCount = principalName->NameCount;
- stringArray = (*env)->NewObjectArray(env, nameCount,
- javaLangStringClass, NULL);
- if (stringArray == NULL) {
- printf("Can't allocate String array for Principal\n");
- LocalFree(realm);
- return principal;
- }
+ /*
+ * To build the Principal, we need to get the names out of
+ * this goofy MS structure
+ */
+ jobject principal = NULL;
+ jobject realmStr = NULL;
+ jobjectArray stringArray;
+ jstring tempString;
+ int nameCount,i;
+ PUNICODE_STRING scanner;
+ WCHAR *realm;
+ ULONG realmLen;
+
+ realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT,
+ ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL)));
+ wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR));
+
+ #ifdef DEBUG
+ printf("Principal domain is %S\n", realm);
+ printf("Name type is %x\n", principalName->NameType);
+ printf("Name count is %x\n", principalName->NameCount);
+ #endif
+
+ nameCount = principalName->NameCount;
+ stringArray = (*env)->NewObjectArray(env, nameCount,
+ javaLangStringClass, NULL);
+ if (stringArray == NULL) {
+ printf("Can't allocate String array for Principal\n");
+ LocalFree(realm);
+ return principal;
+ }
- for (i=0; iNames[i]);
+ for (i=0; iNames[i]);
- // OK, got a Char array, so construct a String
- tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer,
- scanner->Length/sizeof(WCHAR));
- // Set the String into the StringArray
- (*env)->SetObjectArrayElement(env, stringArray, i, tempString);
+ // OK, got a Char array, so construct a String
+ tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer,
+ scanner->Length/sizeof(WCHAR));
+ // Set the String into the StringArray
+ (*env)->SetObjectArrayElement(env, stringArray, i, tempString);
- // Do I have to worry about storage reclamation here?
- }
- principal = (*env)->NewObject(env, principalNameClass,
- principalNameConstructor, stringArray);
+ // Do I have to worry about storage reclamation here?
+ }
+ principal = (*env)->NewObject(env, principalNameClass,
+ principalNameConstructor, stringArray);
- // now set the realm in the principal
- realmLen = (ULONG)wcslen((PWCHAR)realm);
- realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen);
- (*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr);
+ // now set the realm in the principal
+ realmLen = (ULONG)wcslen((PWCHAR)realm);
+ realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen);
+ (*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr);
- // free local resources
- LocalFree(realm);
+ // free local resources
+ LocalFree(realm);
- return principal;
+ return principal;
}
jobject BuildEncryptionKey(JNIEnv *env, PKERB_CRYPTO_KEY cryptoKey) {
- // First, need to build a byte array
- jbyteArray ary;
- jobject encryptionKey = NULL;
-
- ary = (*env)->NewByteArray(env,cryptoKey->Length);
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length,
- (jbyte *)cryptoKey->Value);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- } else {
- encryptionKey = (*env)->NewObject(env, encryptionKeyClass,
- encryptionKeyConstructor, cryptoKey->KeyType, ary);
- }
+ // First, need to build a byte array
+ jbyteArray ary;
+ jobject encryptionKey = NULL;
+
+ ary = (*env)->NewByteArray(env,cryptoKey->Length);
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length,
+ (jbyte *)cryptoKey->Value);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ } else {
+ encryptionKey = (*env)->NewObject(env, encryptionKeyClass,
+ encryptionKeyConstructor, cryptoKey->KeyType, ary);
+ }
- return encryptionKey;
+ return encryptionKey;
}
jobject BuildTicketFlags(JNIEnv *env, PULONG flags) {
- jobject ticketFlags = NULL;
- jbyteArray ary;
- /*
- * mdu: Convert the bytes to nework byte order before copying
- * them to a Java byte array.
- */
- ULONG nlflags = htonl(*flags);
-
- ary = (*env)->NewByteArray(env, sizeof(*flags));
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags),
- (jbyte *)&nlflags);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- } else {
- ticketFlags = (*env)->NewObject(env, ticketFlagsClass,
- ticketFlagsConstructor, sizeof(*flags)*8, ary);
- }
+ jobject ticketFlags = NULL;
+ jbyteArray ary;
+ /*
+ * mdu: Convert the bytes to nework byte order before copying
+ * them to a Java byte array.
+ */
+ ULONG nlflags = htonl(*flags);
+
+ ary = (*env)->NewByteArray(env, sizeof(*flags));
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags),
+ (jbyte *)&nlflags);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ } else {
+ ticketFlags = (*env)->NewObject(env, ticketFlagsClass,
+ ticketFlagsConstructor, sizeof(*flags)*8, ary);
+ }
- return ticketFlags;
+ return ticketFlags;
}
jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime) {
- jobject kerberosTime = NULL;
- jstring stringTime = NULL;
- SYSTEMTIME systemTime;
- WCHAR timeString[16];
- WCHAR month[3];
- WCHAR day[3];
- WCHAR hour[3];
- WCHAR minute[3];
- WCHAR second[3];
-
- if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
-// XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
-// So, print them to strings, and then print them to the master string with a
-// format pattern that makes it two digits and prefix with a 0 if necessary.
- swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
- swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
- swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
- swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute);
- swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond);
- swprintf( (wchar_t *)timeString,
- L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ",
+ jobject kerberosTime = NULL;
+ jstring stringTime = NULL;
+ SYSTEMTIME systemTime;
+ WCHAR timeString[16];
+ WCHAR month[3];
+ WCHAR day[3];
+ WCHAR hour[3];
+ WCHAR minute[3];
+ WCHAR second[3];
+
+ if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
+ // XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
+ // So, print them to strings, and then print them to the master string with a
+ // format pattern that makes it two digits and prefix with a 0 if necessary.
+ swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
+ swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
+ swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
+ swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute);
+ swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond);
+ swprintf( (wchar_t *)timeString,
+ L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ",
systemTime.wYear,
month,
day,
hour,
minute,
second );
- #ifdef DEBUG
- printf("%S\n", (wchar_t *)timeString);
- #endif /* DEBUG */
- stringTime = (*env)->NewString(env, timeString,
- (sizeof(timeString)/sizeof(WCHAR))-1);
- if (stringTime != NULL) { // everything's OK so far
- kerberosTime = (*env)->NewObject(env, kerberosTimeClass,
- kerberosTimeConstructor, stringTime);
- }
+ #ifdef DEBUG
+ printf("%S\n", (wchar_t *)timeString);
+ #endif /* DEBUG */
+ stringTime = (*env)->NewString(env, timeString,
+ (sizeof(timeString)/sizeof(WCHAR))-1);
+ if (stringTime != NULL) { // everything's OK so far
+ kerberosTime = (*env)->NewObject(env, kerberosTimeClass,
+ kerberosTimeConstructor, stringTime);
}
- return kerberosTime;
+ }
+ return kerberosTime;
}
diff --git a/test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java b/test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
new file mode 100644
index 0000000000000000000000000000000000000000..6fe480cb6e08cd03c6db4574f3a64cba85d78c6f
--- /dev/null
+++ b/test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6578538
+ * @summary com.sun.crypto.provider.SunJCE instance leak using KRB5 and
+ * LoginContext
+ * @author Brad Wetmore
+ *
+ * @run main/othervm -Xmx2m TestProviderLeak
+ */
+
+/*
+ * We force the leak to become a problem by specifying the minimum
+ * size heap we can (above). In current runs on a server and client
+ * machine, it took roughly 220-240 iterations to have the memory leak
+ * shut down other operations. It complained about "Unable to verify
+ * the SunJCE provider."
+ */
+
+import javax.crypto.*;
+import javax.crypto.spec.*;
+
+public class TestProviderLeak {
+ private static void dumpMemoryStats(String s) throws Exception {
+ Runtime rt = Runtime.getRuntime();
+ System.out.println(s + ":\t" +
+ rt.freeMemory() + " bytes free");
+ }
+
+ public static void main(String [] args) throws Exception {
+ SecretKeyFactory skf =
+ SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1", "SunJCE");
+ PBEKeySpec pbeKS = new PBEKeySpec(
+ "passPhrase".toCharArray(), new byte [] { 0 }, 5, 512);
+ for (int i = 0; i <= 1000; i++) {
+ try {
+ skf.generateSecret(pbeKS);
+ if ((i % 20) == 0) {
+ // Calling gc() isn't dependable, but doesn't hurt.
+ // Gives better output in leak cases.
+ System.gc();
+ dumpMemoryStats("Iteration " + i);
+ }
+ } catch (Exception e) {
+ dumpMemoryStats("\nException seen at iteration " + i);
+ throw e;
+ }
+ }
+ }
+}
diff --git a/test/java/net/CookieHandler/CookieManagerTest.java b/test/java/net/CookieHandler/CookieManagerTest.java
index a2c9db3b411ea7ac4083ebbf82567630d1e78b54..b83c27fcefc7527825bedf72808b48a0d7ac22b4 100644
--- a/test/java/net/CookieHandler/CookieManagerTest.java
+++ b/test/java/net/CookieHandler/CookieManagerTest.java
@@ -132,17 +132,17 @@ class CookieHttpTransaction implements HttpCallback {
),
new CookieTestCase("Set-Cookie",
"PART_NUMBER=ROCKET_LAUNCHER_0001; path=/;" + "domain=." + localHostAddr,
- "CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001",
+ "CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/"
),
new CookieTestCase("Set-Cookie",
"SHIPPING=FEDEX; path=/foo;" + "domain=." + localHostAddr,
- "CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001",
+ "CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/"
),
new CookieTestCase("Set-Cookie",
"SHIPPING=FEDEX; path=/foo;" + "domain=." + localHostAddr,
- "CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001;SHIPPING=FEDEX",
+ "CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001; SHIPPING=FEDEX",
"/foo"
)
};
@@ -157,7 +157,7 @@ class CookieHttpTransaction implements HttpCallback {
),
new CookieTestCase("Set-Cookie",
"PART_NUMBER=RIDING_ROCKET_0023; path=/ammo;" + "domain=." + localHostAddr,
- "PART_NUMBER=RIDING_ROCKET_0023;PART_NUMBER=ROCKET_LAUNCHER_0001",
+ "PART_NUMBER=RIDING_ROCKET_0023; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/ammo"
)
};
@@ -167,17 +167,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Customer=\"WILE_E_COYOTE\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme/login"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\";Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/pickitem"
),
new CookieTestCase("Set-Cookie2",
"Shipping=\"FedEx\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Shipping=\"FedEx\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Shipping=\"FedEx\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/shipping"
)
};
@@ -187,17 +187,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme/ammo"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Riding_Rocket_0023\"; Version=\"1\"; Path=\"/acme/ammo\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Part_Number=\"Riding_Rocket_0023\";$Path=\"/acme/ammo\";$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Part_Number=\"Riding_Rocket_0023\";$Path=\"/acme/ammo\";$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/ammo"
),
new CookieTestCase("",
"",
- "$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/parts"
)
};
@@ -207,12 +207,12 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_2000\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
- "$Version=\"1\";Part_Number=\"Rocket_Launcher_2000\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
+ "$Version=\"1\"; Part_Number=\"Rocket_Launcher_2000\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme"
)
};
@@ -222,17 +222,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Customer=\"WILE_E_COYOTE\"; Version=\"1\"; Path=\"/acme\"",
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"",
"/acme/login"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\";Path=\"/acme\"",
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"",
"/acme/pickitem"
),
new CookieTestCase("Set-Cookie2",
"Shipping=\"FedEx\"; Version=\"1\"; Path=\"/acme\"",
- "$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"" + ";Shipping=\"FedEx\";$Path=\"/acme\"",
+ "$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"" + "; Shipping=\"FedEx\";$Path=\"/acme\"",
"/acme/shipping"
)
};
diff --git a/test/java/net/InterfaceAddress/Equals.java b/test/java/net/InterfaceAddress/Equals.java
new file mode 100644
index 0000000000000000000000000000000000000000..5403bebe04c8866fd04f7fa6dba1c8c1a1cdc625
--- /dev/null
+++ b/test/java/net/InterfaceAddress/Equals.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/* @test
+ * @bug 6628576
+ * @summary InterfaceAddress.equals() NPE when broadcast field == null
+ */
+
+import java.net.InterfaceAddress;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+
+public class Equals
+{
+ public static void main(String[] args) {
+ InterfaceAddress ia1;
+ InterfaceAddress ia2;
+ InetAddress loopbackAddr = InetAddress.getLoopbackAddress();
+ InetAddress broadcast1 = null;
+ InetAddress broadcast2 = null;
+
+ try {
+ broadcast1 = InetAddress.getByName("255.255.255.0");
+ broadcast2 = InetAddress.getByName("255.255.0.0");
+ } catch (UnknownHostException e) {
+ e.printStackTrace();
+ }
+
+ ia1 = createInterfaceAddress(loopbackAddr, (InetAddress) null, (short)45);
+ ia2 = createInterfaceAddress(loopbackAddr, (InetAddress) null, (short)45);
+
+ compare(ia1, ia2, true);
+
+ ia2 = createInterfaceAddress(loopbackAddr, broadcast1, (short)45);
+ compare(ia1, ia2, false);
+
+ ia2 = createInterfaceAddress((InetAddress)null, broadcast1, (short)45);
+ compare(ia1, ia2, false);
+
+ ia1 = createInterfaceAddress(loopbackAddr, broadcast2, (short)45);
+ ia2 = createInterfaceAddress(loopbackAddr, broadcast2, (short)45);
+ compare(ia1, ia2, true);
+
+ ia1.equals(null);
+ }
+
+ static void compare(InterfaceAddress ia1, InterfaceAddress ia2, boolean equal) {
+ if (ia1.equals(ia2) != equal)
+ throw new RuntimeException("Failed: " + ia1 + " not equals to " + ia2);
+
+ if (ia2.equals(ia1) != equal)
+ throw new RuntimeException("Failed: " + ia2 + " not equals to " + ia1);
+ }
+
+ /**
+ * Returns an InterfaceAddress instance with its fields set the the values
+ * specificed.
+ */
+ static InterfaceAddress createInterfaceAddress(
+ InetAddress address, InetAddress broadcast, short prefixlength) {
+ try {
+ Class IAClass = InterfaceAddress.class;
+ InterfaceAddress ia;
+ Constructor ctr = IAClass.getDeclaredConstructor();
+ ctr.setAccessible(true);
+
+ Field addressField = IAClass.getDeclaredField("address");
+ addressField.setAccessible(true);
+
+ Field broadcastField = IAClass.getDeclaredField("broadcast");
+ broadcastField.setAccessible(true);
+
+ Field maskLengthField = IAClass.getDeclaredField("maskLength");
+ maskLengthField.setAccessible(true);
+
+ ia = ctr.newInstance();
+ addressField.set(ia, address);
+ broadcastField.set(ia, broadcast);
+ maskLengthField.setShort(ia, prefixlength);
+
+ return ia;
+ } catch (NoSuchFieldException nsfe) {
+ nsfe.printStackTrace();
+ } catch (NoSuchMethodException e) {
+ e.printStackTrace();
+ } catch (InstantiationException ie) {
+ ie.printStackTrace();
+ } catch (IllegalAccessException iae) {
+ iae.printStackTrace();
+ } catch (InvocationTargetException ite) {
+ ite.printStackTrace();
+ }
+
+ return null;
+ }
+}
diff --git a/test/java/net/ResponseCache/file2.1 b/test/java/net/ResponseCache/file2.1
index 428de11adaa6bbf21e59db4908df028e401bb87f..1878bc2fe8824d743ea73c9d0fa986d15f14d440 100644
--- a/test/java/net/ResponseCache/file2.1
+++ b/test/java/net/ResponseCache/file2.1
@@ -1,4 +1,4 @@
-/* @test
+/* @test @(#)file2.1 1.1 03/08/09
* @summary Unit test for java.net.ResponseCacheHandler
* @bug 4837267
* @author Yingxian Wang
diff --git a/test/java/security/AccessControlContext/FailureDebugOption.java b/test/java/security/AccessControlContext/FailureDebugOption.java
new file mode 100644
index 0000000000000000000000000000000000000000..df48203ecb918c7a622ea7e3d31094d8e566b1fb
--- /dev/null
+++ b/test/java/security/AccessControlContext/FailureDebugOption.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6648816
+ * @summary REGRESSION: setting -Djava.security.debug=failure result in NPE
+ * in ACC
+ * @run main/othervm -Djava.security.debug=failure FailureDebugOption
+ */
+
+import java.security.ProtectionDomain;
+import java.security.AccessController;
+import java.security.AccessControlException;
+import java.security.BasicPermission;
+
+public class FailureDebugOption {
+
+ public static void main (String argv[]) throws Exception {
+ try {
+ AccessController.checkPermission(
+ new BasicPermission("no such permission"){});
+ } catch (NullPointerException npe) {
+ throw new Exception("Unexpected NullPointerException for security" +
+ " debug option, -Djava.security.debug=failure");
+ } catch (AccessControlException ace) {
+ }
+ }
+}
+
diff --git a/test/javax/security/auth/x500/X500Principal/RFC4514.java b/test/javax/security/auth/x500/X500Principal/RFC4514.java
new file mode 100644
index 0000000000000000000000000000000000000000..6169314abf047d14fa24dcc709ed1359b15a6e4a
--- /dev/null
+++ b/test/javax/security/auth/x500/X500Principal/RFC4514.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+import javax.security.auth.x500.X500Principal;
+
+/**
+ * @test
+ * @bug 6611991
+ * @summary Add support for parsing RFC 4514 DNs to X500Principal
+ *
+ * Ensure RFC 4514 Distinguished Name Strings can be parsed by X500Principal.
+ * RFC 4514 obsoleted RFC 2253 so we should make sure we can parse DNs of
+ * that form that contain subtle differences or clarifications in the grammar.
+ */
+public class RFC4514 {
+
+ private int failed = 0;
+
+ public static void main(String[] args) throws Exception {
+ new RFC4514().test();
+ }
+
+ private void test() throws Exception {
+
+ /**
+ * RFC 4514 allows space to be escaped as '\ '.
+ */
+ parse("CN=\\ Space\\ ,C=US");
+ parse("CN=Sp\\ ace,C=US");
+ /**
+ * RFC 4514 does not require escaping of '=' characters.
+ */
+ parse("CN=Eq=uals,C=US");
+ /**
+ * RFC 4514 requires the null character to be escaped.
+ */
+ parse("CN=\\00,C=US");
+ /**
+ * RFC 4514 does not require escaping of non-leading '#' characters.
+ */
+ parse("CN=Num#ber,C=US");
+ /**
+ * XMLDSig (http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/)
+ * allows implementations to escape trailing whitespace as '\20'.
+ */
+ parse("CN=Trailing \\20,C=US");
+ /**
+ * XMLDSig allows implementations to escape ASCII control characters
+ * (Unicode range \x00 - \x1f) by replacing them with "\" followed by
+ * a two digit hex number showing its Unicode number.
+ */
+ parse("CN=Con\\09trol,C=US");
+
+ if (failed != 0) {
+ throw new Exception("Some RFC4514 tests FAILED");
+ }
+ }
+
+ public void parse(String dnString) throws Exception {
+
+ System.out.println("Parsing " + dnString);
+ X500Principal dn = new X500Principal(dnString);
+ String dnString2 = dn.getName();
+ X500Principal dn2 = new X500Principal(dnString2);
+ if (dn.equals(dn2)) {
+ System.out.println("PASSED");
+ } else {
+ System.out.println("FAILED");
+ failed++;
+ }
+ }
+}
diff --git a/test/sun/net/www/http/ChunkedOutputStream/Test.java b/test/sun/net/www/http/ChunkedOutputStream/Test.java
index 89bc8b3bf854f7987da6517c2b6512c5567dccfc..3866761ade6e7203efc6283dfd2d44b4d4db4a13 100644
--- a/test/sun/net/www/http/ChunkedOutputStream/Test.java
+++ b/test/sun/net/www/http/ChunkedOutputStream/Test.java
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 5026745
+ * @bug 5026745 6631048
* @run main/othervm/timeout=500 Test
* @summary Cannot flush output stream when writing to an HttpUrlConnection
*/
@@ -158,6 +158,50 @@ public class Test implements HttpHandler {
exchange.sendResponseHeaders(200, 0);
}
break;
+ case 10: /* test11 */
+ printRequestURI(exchange);
+ is = exchange.getRequestBody();
+ s = read (is, str1.length());
+
+ error = false;
+ for (int i=10; i< 30 * 1024; i++) {
+ byte c = (byte)is.read();
+
+ if (c != (byte)i) {
+ error = true;
+ System.out.println ("error at position " + i);
+ }
+ }
+ if (!s.equals(str1) ) {
+ System.out.println ("received string : " + s);
+ exchange.sendResponseHeaders(500, 0);
+ } else if (error) {
+ System.out.println ("error");
+ exchange.sendResponseHeaders(500, 0);
+ } else {
+ exchange.sendResponseHeaders(200, 0);
+ }
+ break;
+ case 11: /* test12 */
+ printRequestURI(exchange);
+ is = exchange.getRequestBody();
+
+ error = false;
+ for (int i=10; i< 30 * 1024; i++) {
+ byte c = (byte)is.read();
+
+ if (c != (byte)i) {
+ error = true;
+ System.out.println ("error at position " + i);
+ }
+ }
+ if (error) {
+ System.out.println ("error");
+ exchange.sendResponseHeaders(500, 0);
+ } else {
+ exchange.sendResponseHeaders(200, 0);
+ }
+ break;
}
exchange.close();
count ++;
@@ -390,6 +434,56 @@ public class Test implements HttpHandler {
}
}
+ static void test11 (String u) throws Exception {
+ URL url = new URL (u);
+ System.out.println ("client opening connection to: " + u);
+ HttpURLConnection urlc = (HttpURLConnection)url.openConnection ();
+ urlc.setChunkedStreamingMode (36 * 1024);
+ urlc.setDoOutput(true);
+ urlc.setRequestMethod ("POST");
+ OutputStream os = urlc.getOutputStream ();
+ byte[] buf = new byte [30 * 1024];
+ for (int i=0; i< 30 * 1024; i++) {
+ buf[i] = (byte) i;
+ }
+ /* write a small bit first, and then the large buffer */
+ os.write (str1.getBytes());
+ //os.write (buf, 10, buf.length - 10); /* skip 10 bytes to test offset */
+ os.write (buf, 10, (10 * 1024) - 10);
+ os.write (buf, (10 * 1024), (10 * 1024));
+ os.write (buf, (20 * 1024), (10 * 1024));
+ os.close();
+ InputStream is = urlc.getInputStream();
+ is.close();
+ int ret = urlc.getResponseCode();
+ if (ret != 200) {
+ throw new Exception ("Expected 200: got " + ret);
+ }
+ }
+
+ static void test12 (String u) throws Exception {
+ URL url = new URL (u);
+ System.out.println ("client opening connection to: " + u);
+ HttpURLConnection urlc = (HttpURLConnection)url.openConnection ();
+ urlc.setChunkedStreamingMode (36 * 1024);
+ urlc.setDoOutput(true);
+ urlc.setRequestMethod ("POST");
+ OutputStream os = urlc.getOutputStream ();
+ byte[] buf = new byte [30 * 1024];
+ for (int i=0; i< 30 * 1024; i++) {
+ buf[i] = (byte) i;
+ }
+ os.write (buf, 10, buf.length - 10); /* skip 10 bytes to test offset */
+ os.close();
+ InputStream is = urlc.getInputStream();
+ is.close();
+ int ret = urlc.getResponseCode();
+ if (ret != 200) {
+ throw new Exception ("Expected 200: got " + ret);
+ }
+ }
+
+
static com.sun.net.httpserver.HttpServer httpserver;
public static void main (String[] args) throws Exception {
@@ -411,6 +505,8 @@ public class Test implements HttpHandler {
test8("http://localhost:"+ port + "/test/test8");
test9("http://localhost:"+ port + "/test/test9");
test10("http://localhost:"+ port + "/test/test10");
+ test11("http://localhost:"+ port + "/test/test11");
+ test12("http://localhost:"+ port + "/test/test12");
} finally {
if (httpserver != null)
httpserver.stop(0);
diff --git a/test/sun/net/www/protocol/http/B6641309.java b/test/sun/net/www/protocol/http/B6641309.java
new file mode 100644
index 0000000000000000000000000000000000000000..15e8fdc31bc602e349ae6f2f337bf61c4dbbd011
--- /dev/null
+++ b/test/sun/net/www/protocol/http/B6641309.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6641309
+ * @summary Wrong Cookie separator used in HttpURLConnection
+ */
+
+import java.net.*;
+import java.util.*;
+import java.io.*;
+import com.sun.net.httpserver.*;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ExecutorService;
+
+public class B6641309
+{
+ com.sun.net.httpserver.HttpServer httpServer;
+ ExecutorService executorService;
+
+ public static void main(String[] args)
+ {
+ new B6641309();
+ }
+
+ public B6641309()
+ {
+ try {
+ startHttpServer();
+ doClient();
+ } catch (IOException ioe) {
+ System.err.println(ioe);
+ }
+ }
+
+ void doClient() {
+ CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));
+ try {
+ InetSocketAddress address = httpServer.getAddress();
+
+ // GET Request
+ URL url = new URL("http://localhost:" + address.getPort() + "/test/");
+ CookieHandler ch = CookieHandler.getDefault();
+ Map> header = new HashMap>();
+ List values = new LinkedList();
+ values.add("Test1Cookie=TEST1; path=/test/");
+ values.add("Test2Cookie=TEST2; path=/test/");
+ header.put("Set-Cookie", values);
+
+ // preload the CookieHandler with a cookie for our URL
+ // so that it will be sent during the first request
+ ch.put(url.toURI(), header);
+ HttpURLConnection uc = (HttpURLConnection)url.openConnection();
+ int resp = uc.getResponseCode();
+ if (resp != 200)
+ throw new RuntimeException("Failed: Response code from GET is not 200");
+
+ System.out.println("Response code from GET = 200 OK");
+
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (URISyntaxException e) {
+ e.printStackTrace();
+ } finally {
+ httpServer.stop(1);
+ executorService.shutdown();
+ }
+ }
+
+ /**
+ * Http Server
+ */
+ public void startHttpServer() throws IOException {
+ httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0);
+
+ // create HttpServer context
+ HttpContext ctx = httpServer.createContext("/test/", new MyHandler());
+
+ executorService = Executors.newCachedThreadPool();
+ httpServer.setExecutor(executorService);
+ httpServer.start();
+ }
+
+ class MyHandler implements HttpHandler {
+ public void handle(HttpExchange t) throws IOException {
+ InputStream is = t.getRequestBody();
+ Headers reqHeaders = t.getRequestHeaders();
+ int i = 0;
+ // Read till end of stream
+ do {
+ i = is.read();
+ } while (i != -1);
+ is.close();
+
+ List cookies = reqHeaders.get("Cookie");
+ if (cookies != null) {
+ for (String str : cookies) {
+ // The separator between the 2 cookies should be
+ // a semi-colon AND a space
+ if (str.equals("Test1Cookie=TEST1; Test2Cookie=TEST2"))
+ t.sendResponseHeaders(200, -1);
+ }
+ }
+ t.sendResponseHeaders(400, -1);
+ t.close();
+ }
+ }
+}
diff --git a/test/sun/net/www/protocol/http/B6660405.java b/test/sun/net/www/protocol/http/B6660405.java
new file mode 100644
index 0000000000000000000000000000000000000000..2309497c2fb7c575b09ad32385710aeca3b48d1c
--- /dev/null
+++ b/test/sun/net/www/protocol/http/B6660405.java
@@ -0,0 +1,163 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6660405
+ * @summary HttpURLConnection returns the wrong InputStream
+ */
+
+import java.net.*;
+import java.util.*;
+import java.io.*;
+import com.sun.net.httpserver.*;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ExecutorService;
+
+public class B6660405
+{
+ com.sun.net.httpserver.HttpServer httpServer;
+ ExecutorService executorService;
+
+ static class MyCacheResponse extends CacheResponse {
+ private byte[] buf = new byte[1024];
+
+ public MyCacheResponse() {
+ }
+
+ @Override
+ public Map> getHeaders() throws IOException
+ {
+ Map> h = new HashMap>();
+ ArrayList l = new ArrayList();
+ l.add("HTTP/1.1 200 OK");
+ h.put(null, l);
+ l = new ArrayList();
+ l.add("1024");
+ h.put("Content-Length", l);
+ return h;
+ }
+
+ @Override
+ public InputStream getBody() throws IOException
+ {
+ return new ByteArrayInputStream(buf);
+ }
+
+ }
+ static class MyResponseCache extends ResponseCache {
+
+ public MyResponseCache() {
+ }
+
+ @Override
+ public CacheResponse get(URI uri, String rqstMethod, Map> rqstHeaders) throws IOException
+ {
+ if (uri.getPath().equals("/redirect/index.html")) {
+ return new MyCacheResponse();
+ }
+ return null;
+ }
+
+ @Override
+ public CacheRequest put(URI uri, URLConnection conn) throws IOException
+ {
+ return null;
+ }
+
+ }
+
+ public static void main(String[] args)
+ {
+ new B6660405();
+ }
+
+ public B6660405()
+ {
+ try {
+ startHttpServer();
+ doClient();
+ } catch (IOException ioe) {
+ System.err.println(ioe);
+ }
+ }
+
+ void doClient() {
+ ResponseCache.setDefault(new MyResponseCache());
+ try {
+ InetSocketAddress address = httpServer.getAddress();
+
+ // GET Request
+ URL url = new URL("http://localhost:" + address.getPort() + "/test/index.html");
+ HttpURLConnection uc = (HttpURLConnection)url.openConnection();
+ int code = uc.getResponseCode();
+ System.err.println("response code = " + code);
+ int l = uc.getContentLength();
+ System.err.println("content-length = " + l);
+ InputStream in = uc.getInputStream();
+ int i = 0;
+ // Read till end of stream
+ do {
+ i = in.read();
+ } while (i != -1);
+ in.close();
+ } catch (IOException e) {
+ throw new RuntimeException("Got the wrong InputStream after checking headers");
+ } finally {
+ httpServer.stop(1);
+ executorService.shutdown();
+ }
+ }
+
+ /**
+ * Http Server
+ */
+ public void startHttpServer() throws IOException {
+ httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0);
+
+ // create HttpServer context
+ HttpContext ctx = httpServer.createContext("/test/", new MyHandler());
+
+ executorService = Executors.newCachedThreadPool();
+ httpServer.setExecutor(executorService);
+ httpServer.start();
+ }
+
+ class MyHandler implements HttpHandler {
+ public void handle(HttpExchange t) throws IOException {
+ InputStream is = t.getRequestBody();
+ Headers reqHeaders = t.getRequestHeaders();
+ Headers resHeaders = t.getResponseHeaders();
+
+ int i = 0;
+ // Read till end of stream
+ do {
+ i = is.read();
+ } while (i != -1);
+ is.close();
+ resHeaders.add("Location", "http://foo.bar/redirect/index.html");
+ t.sendResponseHeaders(302, -1);
+ t.close();
+ }
+ }
+}
diff --git a/test/sun/security/krb5/DnsFallback.java b/test/sun/security/krb5/DnsFallback.java
new file mode 100644
index 0000000000000000000000000000000000000000..95fbf3b165b513d73e940c75115644a883299aa7
--- /dev/null
+++ b/test/sun/security/krb5/DnsFallback.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+/*
+ * @test
+ * @bug 6673164
+ * @summary dns_fallback parse error
+ */
+
+import sun.security.krb5.*;
+import java.io.*;
+
+public class DnsFallback {
+ public static void main(String[] args) throws Exception {
+ check("true", "true", true);
+ check("false", "true", false);
+ check("true", "false", true);
+ check("false", "false", false);
+ check("true", null, true);
+ check("false", null, false);
+ check(null, "true", true);
+ check(null, "false", false);
+ }
+
+ static void check(String realm, String fallback, boolean output) throws Exception {
+ FileOutputStream fo = new FileOutputStream("dnsfallback.conf");
+ StringBuffer sb = new StringBuffer();
+ sb.append("[libdefaults]\n");
+ if (realm != null) {
+ sb.append("dns_lookup_realm=" + realm + "\n");
+ }
+ if (fallback != null) {
+ sb.append("dns_fallback=" + fallback + "\n");
+ }
+ fo.write(sb.toString().getBytes());
+ fo.close();
+ System.setProperty("java.security.krb5.conf", "dnsfallback.conf");
+ Config.refresh();
+ System.out.println("Testing " + realm + ", " + fallback + ", " + output);
+ if (Config.getInstance().useDNS_Realm() != output) {
+ throw new Exception("Fail");
+ }
+ }
+}
+
diff --git a/test/sun/security/krb5/OptionPADataInKDCReq.java b/test/sun/security/krb5/OptionPADataInKDCReq.java
new file mode 100644
index 0000000000000000000000000000000000000000..2229b541e890668f1b2b6e29ec7a4794ab36e1b5
--- /dev/null
+++ b/test/sun/security/krb5/OptionPADataInKDCReq.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+/*
+ * @test
+ * @bug 6648972
+ * @summary KDCReq.init always read padata
+ */
+import sun.security.krb5.internal.ETypeInfo2;
+import sun.security.krb5.internal.KDCReq;
+import sun.security.util.DerValue;
+
+public class OptionPADataInKDCReq {
+ public static void main(String[] args) throws Exception {
+ /*
+ * This is a AS-REQ block without padata. The content is --
+ [APPLICATION 10] SEQUENCE {
+ [1] INTEGER 5
+ [2] INTEGER 10
+ [4] SEQUENCE {
+ [0] BIT STRING 01000000 10000001 00000000 00010000
+ [1] SEQUENCE {
+ [0] INTEGER 1
+ [1] SEQUENCE {
+ STRING administrator
+ }
+ }
+ [2] STRING N3
+ [3] SEQUENCE {
+ [0] INTEGER 2
+ [1] SEQUENCE {
+ STRING krbtgt
+ STRING N3
+ }
+ }
+ [5] TIME Sun Sep 13 10:48:05 CST 2037
+ [6] TIME Sun Sep 13 10:48:05 CST 2037
+ [7] INTEGER 2101281516
+ [8] SEQUENCE {
+ INTEGER 23
+ INTEGER -133
+ INTEGER -128
+ INTEGER 3
+ INTEGER 1
+ INTEGER 24
+ INTEGER -135
+ }
+ [9] SEQUENCE {
+ SEQUENCE {
+ [0] INTEGER 20
+ [1] OCTET STRING
+ 0000: 58 50 20 20 20 20 20 20 20 20 20 20 20 20 20 20 XP
+ }
+ }
+ }
+ }
+ */
+ byte[] b = {
+ (byte)0x6a, (byte)0x81, (byte)0xbf, (byte)0x30, (byte)0x81, (byte)0xbc, (byte)0xa1, (byte)0x03,
+ (byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa2, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x0a,
+ (byte)0xa4, (byte)0x81, (byte)0xaf, (byte)0x30, (byte)0x81, (byte)0xac, (byte)0xa0, (byte)0x07,
+ (byte)0x03, (byte)0x05, (byte)0x00, (byte)0x40, (byte)0x81, (byte)0x00, (byte)0x10, (byte)0xa1,
+ (byte)0x1a, (byte)0x30, (byte)0x18, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x01,
+ (byte)0xa1, (byte)0x11, (byte)0x30, (byte)0x0f, (byte)0x1b, (byte)0x0d, (byte)0x61, (byte)0x64,
+ (byte)0x6d, (byte)0x69, (byte)0x6e, (byte)0x69, (byte)0x73, (byte)0x74, (byte)0x72, (byte)0x61,
+ (byte)0x74, (byte)0x6f, (byte)0x72, (byte)0xa2, (byte)0x04, (byte)0x1b, (byte)0x02, (byte)0x4e,
+ (byte)0x33, (byte)0xa3, (byte)0x17, (byte)0x30, (byte)0x15, (byte)0xa0, (byte)0x03, (byte)0x02,
+ (byte)0x01, (byte)0x02, (byte)0xa1, (byte)0x0e, (byte)0x30, (byte)0x0c, (byte)0x1b, (byte)0x06,
+ (byte)0x6b, (byte)0x72, (byte)0x62, (byte)0x74, (byte)0x67, (byte)0x74, (byte)0x1b, (byte)0x02,
+ (byte)0x4e, (byte)0x33, (byte)0xa5, (byte)0x11, (byte)0x18, (byte)0x0f, (byte)0x32, (byte)0x30,
+ (byte)0x33, (byte)0x37, (byte)0x30, (byte)0x39, (byte)0x31, (byte)0x33, (byte)0x30, (byte)0x32,
+ (byte)0x34, (byte)0x38, (byte)0x30, (byte)0x35, (byte)0x5a, (byte)0xa6, (byte)0x11, (byte)0x18,
+ (byte)0x0f, (byte)0x32, (byte)0x30, (byte)0x33, (byte)0x37, (byte)0x30, (byte)0x39, (byte)0x31,
+ (byte)0x33, (byte)0x30, (byte)0x32, (byte)0x34, (byte)0x38, (byte)0x30, (byte)0x35, (byte)0x5a,
+ (byte)0xa7, (byte)0x06, (byte)0x02, (byte)0x04, (byte)0x7d, (byte)0x3f, (byte)0x02, (byte)0xec,
+ (byte)0xa8, (byte)0x19, (byte)0x30, (byte)0x17, (byte)0x02, (byte)0x01, (byte)0x17, (byte)0x02,
+ (byte)0x02, (byte)0xff, (byte)0x7b, (byte)0x02, (byte)0x01, (byte)0x80, (byte)0x02, (byte)0x01,
+ (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x01, (byte)0x02, (byte)0x01, (byte)0x18, (byte)0x02,
+ (byte)0x02, (byte)0xff, (byte)0x79, (byte)0xa9, (byte)0x1d, (byte)0x30, (byte)0x1b, (byte)0x30,
+ (byte)0x19, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x14, (byte)0xa1, (byte)0x12,
+ (byte)0x04, (byte)0x10, (byte)0x58, (byte)0x50, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20,
+ (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20,
+ (byte)0x20, (byte)0x20,
+ };
+ new KDCReq(b, 0x0a);
+
+ /*
+ * This is a fake ETYPEINFO2 block with no salt
+ SEQUENCE {
+ [0] INTEGER 0
+ [2] OCTET STRING 0000: 00 .
+ }
+ */
+ byte[] b2 = {
+ (byte)0x30, (byte)0x0a, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0xa2,
+ (byte)0x03, (byte)0x04, (byte)0x01, (byte)0x00,
+ };
+
+ ETypeInfo2 e2 = new ETypeInfo2(new DerValue(b2));
+ if (e2.getSalt() != null || e2.getParams() == null) {
+ throw new Exception("ETypeInfo2 decoding error");
+ }
+ }
+}
diff --git a/test/sun/security/krb5/TimeInCCache.java b/test/sun/security/krb5/TimeInCCache.java
new file mode 100644
index 0000000000000000000000000000000000000000..5ef8b5370df426633f886c1f981296b229b891e4
--- /dev/null
+++ b/test/sun/security/krb5/TimeInCCache.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+/*
+ * @test
+ * @bug 6590930
+ * @summary read/write does not match for ccache
+ */
+
+import java.io.ByteArrayInputStream;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import sun.security.krb5.internal.ccache.CCacheInputStream;
+import sun.security.krb5.internal.ccache.Credentials;
+
+public class TimeInCCache {
+ public static void main(String[] args) throws Exception {
+ // A trivial cache file, with startdate and renewTill being zero.
+ // The endtime is set to sometime in year 2022, so that isValid()
+ // will always check starttime.
+ byte[] ccache = new byte[]{
+ 5, 4, 0, 12, 0, 1, 0, 8, -1, -1, -1, 19, -1, -2, 89, 51,
+ 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 10, 77, 65, 88, 73,
+ 46, 76, 79, 67, 65, 76, 0, 0, 0, 5, 100, 117, 109, 109, 121, 0,
+ 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 10, 77, 65, 88, 73, 46,
+ 76, 79, 67, 65, 76, 0, 0, 0, 5, 100, 117, 109, 109, 121, 0, 0,
+ 0, 0, 0, 0, 0, 2, 0, 0, 0, 10, 77, 65, 88, 73, 46, 76,
+ 79, 67, 65, 76, 0, 0, 0, 6, 107, 114, 98, 116, 103, 116, 0, 0,
+ 0, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, 0, 17, 0, 0,
+ 0, 16, -78, -85, -90, -50, -68, 115, 68, 8, -39, -109, 91, 61, -17, -27,
+ -122, -120, 71, 69, 16, -121, 0, 0, 0, 0, 98, 69, 16, -121, 0, 0,
+ 0, 0, 0, 64, -32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 1, 0, 97, -127, -3, 48, -127, -6, -96, 3, 2, 1, 5, -95, 12,
+ 27, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, -94, 31, 48, 29,
+ -96, 3, 2, 1, 0, -95, 22, 48, 20, 27, 6, 107, 114, 98, 116, 103,
+ 116, 27, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, -93, -127, -61,
+ 48, -127, -64, -96, 3, 2, 1, 17, -95, 3, 2, 1, 1, -94, -127, -77,
+ 4, -127, -80, 43, 65, -66, 34, 21, -34, 37, 35, 32, 50, -14, 122, 77,
+ -3, -29, 37, 99, 50, 125, -43, -96, -78, 85, 23, 41, -80, 68, 2, -109,
+ -27, 38, -41, -72, -32, 127, 63, -76, -22, 81, 33, -114, -30, 104, 125, -81,
+ -29, 70, -25, 23, 100, -75, -25, 62, -120, -78, -61, -100, -74, 50, -117, -127,
+ -16, 79, -106, 62, -39, 91, 100, -10, 23, -88, -18, -47, 51, -19, 113, 18,
+ 98, -101, 31, 98, 22, -81, 11, -41, -42, 67, 87, 92, -2, 42, -54, 79,
+ 49, -90, 43, -37, 90, -102, 125, 62, -88, -77, 100, 102, 23, -57, -51, 38,
+ 68, -44, -57, -102, 103, -6, 85, -58, 74, -117, -87, 67, -103, -36, 110, -122,
+ 115, 12, 118, -106, -114, -51, 79, 68, 32, -91, -53, -5, -51, 89, 72, 70,
+ 123, -12, -95, 9, 40, -30, -117, 74, 77, 38, 91, 126, -82, 17, 98, 98,
+ -49, 78, 36, 36, 103, -76, -100, -23, 118, -92, -8, 80, 103, -23, -98, 56,
+ 21, 65, -77, 0, 0, 0, 0
+ };
+ System.setProperty("sun.security.krb5.debug", "true"); // test code changes in DEBUG
+ CCacheInputStream cis = new CCacheInputStream(new ByteArrayInputStream(ccache));
+ cis.readVersion();
+ cis.readTag();
+ cis.readPrincipal(0x504);
+ Method m = CCacheInputStream.class.getDeclaredMethod("readCred", Integer.TYPE);
+ m.setAccessible(true);
+ Credentials c = (Credentials) m.invoke(cis, new Integer(0x504));
+ sun.security.krb5.Credentials cc = c.setKrbCreds();
+
+ // 1. Make sure starttime is still null
+ if (cc.getStartTime() != null) {
+ throw new Exception("Fail, starttime should be zero here");
+ }
+
+ // 2. Make sure renewTill is still null
+ if (cc.getRenewTill() != null) {
+ throw new Exception("Fail, renewTill should be zero here");
+ }
+
+ // 3. Make sure isValid works
+ c.isValid();
+ }
+}
diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
new file mode 100644
index 0000000000000000000000000000000000000000..21fe5303a6ec4eb404e58b71a097fa490d339d91
--- /dev/null
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6447412
+ * @summary Issue with socket.close() for ssl sockets when poweroff on
+ * other system
+ */
+
+import javax.net.ssl.*;
+import java.io.*;
+
+public class AsyncSSLSocketClose implements Runnable
+{
+ SSLSocket socket;
+ SSLServerSocket ss;
+
+ // Where do we find the keystores?
+ static String pathToStores = "../../../../../../../etc";
+ static String keyStoreFile = "keystore";
+ static String trustStoreFile = "truststore";
+ static String passwd = "passphrase";
+
+ public static void main(String[] args) {
+ String keyFilename =
+ System.getProperty("test.src", "./") + "/" + pathToStores +
+ "/" + keyStoreFile;
+ String trustFilename =
+ System.getProperty("test.src", "./") + "/" + pathToStores +
+ "/" + trustStoreFile;
+
+ System.setProperty("javax.net.ssl.keyStore", keyFilename);
+ System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+ System.setProperty("javax.net.ssl.trustStore", trustFilename);
+ System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+ new AsyncSSLSocketClose();
+ }
+
+ public AsyncSSLSocketClose() {
+ try {
+ SSLServerSocketFactory sslssf =
+ (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
+ ss = (SSLServerSocket) sslssf.createServerSocket(0);
+
+ SSLSocketFactory sslsf =
+ (SSLSocketFactory)SSLSocketFactory.getDefault();
+ socket = (SSLSocket)sslsf.createSocket("localhost",
+ ss.getLocalPort());
+ SSLSocket serverSoc = (SSLSocket) ss.accept();
+ ss.close();
+
+ (new Thread(this)).start();
+ serverSoc.startHandshake();
+
+ try {
+ Thread.sleep(5000);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ socket.setSoLinger(true, 10);
+ System.out.println("Calling Socket.close");
+ socket.close();
+ System.out.println("ssl socket get closed");
+ System.out.flush();
+
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+
+ }
+
+ // block in write
+ public void run() {
+ try {
+ byte[] ba = new byte[1024];
+ for (int i=0; i