Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 3
Star 2
Fork 0
D
dragonwell8_jdk

体验新版 GitCode,发现更多精彩内容 >>

提交 f820c65f 编写于 作者: A alanb
浏览文件
操作

Merge

上级 dce228fb 85264a8f
隐藏空白更改
内联 并排
Showing with 328 addition and 586 deletion
make/Makefile
浏览文件 @ f820c65f
#
# Copyright (c) 1995, 2007, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 1995, 2010, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
......@@ -243,6 +243,11 @@ SUBDIRS = tools java javax sun com
SUBDIRS_tools = launchers
SUBDIRS_misc = org sunw jpda mkdemo mksample
# Alternate classes implementation
ifndef OPENJDK
SUBDIRS_misc += altclasses
endif
include $(BUILDDIR)/common/Subdirs.gmk
all build::
......
make/altclasses/Makefile 0 → 100644
浏览文件 @ f820c65f
#
# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Oracle designates this
# particular file as subject to the "Classpath" exception as provided
# by Oracle in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
#
# Makefile for building alternate runtime classes (not used by default)
#
BUILDDIR = ..
PRODUCT = altclasses
include $(BUILDDIR)/common/Defs.gmk
# Root of alternate class sources
ALTCLASSES_SRCDIR = $(CLOSED_SRC)/share/altclasses
# Alternate runtime classes
ALTRT_JAR_FILE = $(LIBDIR)/alt-rt.jar
ALTRT_JAR_SOURCE_FILE = $(TEMPDIR)/alt-rt.jarsrclist
ALTRT_JAR_SOURCES = $(wildcard $(ALTCLASSES_SRCDIR)/java/*/*.java)
# Use a special file suffix for the file that holds the source list
.SUFFIXES: .jarsrclist
# Build rules
all build:
@if [ -d $(ALTCLASSES_SRCDIR) ] ; then \
$(MAKE) $(ALTRT_JAR_FILE); \
fi
# Source list file creation
$(ALTRT_JAR_SOURCE_FILE): $(ALTRT_JAR_SOURCES) FRC
$(prep-target)
$(ECHO) $(ALTRT_JAR_SOURCES) > $@
clean clobber::
$(RM) $(ALTRT_JAR_FILE) $(ALTRT_JAR_SOURCE_FILE)
$(RM) -r $(ALTRT_JAR_SOURCE_FILE).classes
include $(BUILDDIR)/common/Classes.gmk
# Pattern rule to turn a source list file into a jar file
$(LIBDIR)/%.jar : $(TEMPDIR)/%.jarsrclist
$(prep-target)
$(RM) -r $(<).classes
$(MKDIR) -p $(<).classes
$(JAVAC_CMD) -implicit:none -d $(<).classes @$<
$(BOOT_JAR_CMD) cf $@ -C $(<).classes . $(BOOT_JAR_JFLAGS)
# Force target
FRC:
# Non file targets
.PHONY: all build clean clobber
src/share/classes/sun/security/krb5/KrbKdcReq.java
浏览文件 @ f820c65f
......@@ -36,8 +36,7 @@ import java.security.PrivilegedAction;
import java.security.Security;
import java.util.Locale;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.UDPClient;
import sun.security.krb5.internal.TCPClient;
import sun.security.krb5.internal.NetClient;
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.util.StringTokenizer;
......@@ -349,12 +348,16 @@ public abstract class KrbKdcReq {
byte[] ibuf = null;
if (useTCP) {
TCPClient kdcClient = new TCPClient(kdc, port);
for (int i=1; i <= retries; i++) {
String proto = useTCP?"TCP":"UDP";
NetClient kdcClient = NetClient.getInstance(
proto, kdc, port, timeout);
if (DEBUG) {
System.out.println(">>> KDCCommunication: kdc=" + kdc
+ " TCP:"
+ port
+ " " + proto + ":"
+ port + ", timeout="
+ timeout
+ ",Attempt =" + i
+ ", #bytes=" + obuf.length);
}
try {
......@@ -366,50 +369,18 @@ public abstract class KrbKdcReq {
* And get a response.
*/
ibuf = kdcClient.receive();
} finally {
kdcClient.close();
}
} else {
// For each KDC we try defaultKdcRetryLimit times to
// get the response
for (int i=1; i <= retries; i++) {
UDPClient kdcClient = new UDPClient(kdc, port, timeout);
break;
} catch (SocketTimeoutException se) {
if (DEBUG) {
System.out.println(">>> KDCCommunication: kdc=" + kdc
+ (useTCP ? " TCP:":" UDP:")
+ port + ", timeout="
+ timeout
+ ",Attempt =" + i
+ ", #bytes=" + obuf.length);
System.out.println ("SocketTimeOutException with " +
"attempt: " + i);
}
try {
/*
* Send the data to the kdc.
*/
kdcClient.send(obuf);
/*
* And get a response.
*/
try {
ibuf = kdcClient.receive();
break;
} catch (SocketTimeoutException se) {
if (DEBUG) {
System.out.println ("SocketTimeOutException with " +
"attempt: " + i);
}
if (i == retries) {
ibuf = null;
throw se;
}
}
} finally {
kdcClient.close();
if (i == retries) {
ibuf = null;
throw se;
}
} finally {
kdcClient.close();
}
}
return ibuf;
......
src/share/classes/sun/security/krb5/internal/TCPClient.java src/share/classes/sun/security/krb5/internal/NetClient.java
浏览文件 @ f820c65f
/*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -34,18 +34,38 @@ package sun.security.krb5.internal;
import java.io.*;
import java.net.*;
public class TCPClient {
public abstract class NetClient {
public static NetClient getInstance(String protocol, String hostname, int port,
int timeout) throws IOException {
if (protocol.equals("TCP")) {
return new TCPClient(hostname, port, timeout);
} else {
return new UDPClient(hostname, port, timeout);
}
}
abstract public void send(byte[] data) throws IOException;
abstract public byte[] receive() throws IOException;
abstract public void close() throws IOException;
}
class TCPClient extends NetClient {
private Socket tcpSocket;
private BufferedOutputStream out;
private BufferedInputStream in;
public TCPClient(String hostname, int port) throws IOException {
TCPClient(String hostname, int port, int timeout)
throws IOException {
tcpSocket = new Socket(hostname, port);
out = new BufferedOutputStream(tcpSocket.getOutputStream());
in = new BufferedInputStream(tcpSocket.getInputStream());
tcpSocket.setSoTimeout(timeout);
}
@Override
public void send(byte[] data) throws IOException {
byte[] lenField = new byte[4];
intToNetworkByteOrder(data.length, lenField, 0, 4);
......@@ -55,6 +75,7 @@ public class TCPClient {
out.flush();
}
@Override
public byte[] receive() throws IOException {
byte[] lenField = new byte[4];
int count = readFully(lenField, 4);
......@@ -94,6 +115,7 @@ public class TCPClient {
}
}
@Override
public void close() throws IOException {
tcpSocket.close();
}
......@@ -120,7 +142,7 @@ public class TCPClient {
/**
* Returns the integer represented by 4 bytes in network byte order.
*/
private static final int networkByteOrderToInt(byte[] buf, int start,
private static int networkByteOrderToInt(byte[] buf, int start,
int count) {
if (count > 4) {
throw new IllegalArgumentException(
......@@ -140,7 +162,7 @@ public class TCPClient {
* Encodes an integer into 4 bytes in network byte order in the buffer
* supplied.
*/
private static final void intToNetworkByteOrder(int num, byte[] buf,
private static void intToNetworkByteOrder(int num, byte[] buf,
int start, int count) {
if (count > 4) {
throw new IllegalArgumentException(
......@@ -153,3 +175,47 @@ public class TCPClient {
}
}
}
class UDPClient extends NetClient {
InetAddress iaddr;
int iport;
int bufSize = 65507;
DatagramSocket dgSocket;
DatagramPacket dgPacketIn;
UDPClient(String hostname, int port, int timeout)
throws UnknownHostException, SocketException {
iaddr = InetAddress.getByName(hostname);
iport = port;
dgSocket = new DatagramSocket();
dgSocket.setSoTimeout(timeout);
}
@Override
public void send(byte[] data) throws IOException {
DatagramPacket dgPacketOut = new DatagramPacket(data, data.length,
iaddr, iport);
dgSocket.send(dgPacketOut);
}
@Override
public byte[] receive() throws IOException {
byte ibuf[] = new byte[bufSize];
dgPacketIn = new DatagramPacket(ibuf, ibuf.length);
try {
dgSocket.receive(dgPacketIn);
}
catch (SocketException e) {
dgSocket.receive(dgPacketIn);
}
byte[] data = new byte[dgPacketIn.getLength()];
System.arraycopy(dgPacketIn.getData(), 0, data, 0,
dgPacketIn.getLength());
return data;
}
@Override
public void close() {
dgSocket.close();
}
}
src/share/classes/sun/security/krb5/internal/UDPClient.java 已删除 100644 → 0
浏览文件 @ dce228fb
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
*
* (C) Copyright IBM Corp. 1999 All Rights Reserved.
* Copyright 1997 The Open Group Research Institute. All rights reserved.
*/
package sun.security.krb5.internal;
import java.io.*;
import java.net.*;
public class UDPClient {
InetAddress iaddr;
int iport;
int bufSize = 65507;
DatagramSocket dgSocket;
DatagramPacket dgPacketIn;
public UDPClient(InetAddress newIAddr, int port)
throws SocketException {
iaddr = newIAddr;
iport = port;
dgSocket = new DatagramSocket();
}
public UDPClient(String hostname, int port)
throws UnknownHostException, SocketException {
iaddr = InetAddress.getByName(hostname);
iport = port;
dgSocket = new DatagramSocket();
}
public UDPClient(String hostname, int port, int timeout)
throws UnknownHostException, SocketException {
iaddr = InetAddress.getByName(hostname);
iport = port;
dgSocket = new DatagramSocket();
dgSocket.setSoTimeout(timeout);
}
public void setBufSize(int newBufSize) {
bufSize = newBufSize;
}
public InetAddress getInetAddress() {
if (dgPacketIn != null)
return dgPacketIn.getAddress();
return null;
}
public void send(byte[] data) throws IOException {
DatagramPacket dgPacketOut = new DatagramPacket(data, data.length,
iaddr, iport);
dgSocket.send(dgPacketOut);
}
public byte[] receive() throws IOException {
byte ibuf[] = new byte[bufSize];
dgPacketIn = new DatagramPacket(ibuf, ibuf.length);
try {
dgSocket.receive(dgPacketIn);
}
catch (SocketException e) {
dgSocket.receive(dgPacketIn);
}
byte[] data = new byte[dgPacketIn.getLength()];
System.arraycopy(dgPacketIn.getData(), 0, data, 0,
dgPacketIn.getLength());
return data;
}
public void close() {
dgSocket.close();
}
}
src/solaris/classes/sun/net/www/protocol/http/NTLMAuthentication.java 已删除 100644 → 0
浏览文件 @ dce228fb
/*
* Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.net.www.protocol.http;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.PasswordAuthentication;
import java.net.UnknownHostException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import sun.net.www.HeaderParser;
/**
* NTLMAuthentication:
*
* @author Michael McMahon
*/
/*
* NTLM authentication is nominally based on the framework defined in RFC2617,
* but differs from the standard (Basic & Digest) schemes as follows:
*
* 1. A complete authentication requires three request/response transactions
* as shown below:
* REQ ------------------------------->
* <---- 401 (signalling NTLM) --------
*
* REQ (with type1 NTLM msg) --------->
* <---- 401 (with type 2 NTLM msg) ---
*
* REQ (with type3 NTLM msg) --------->
* <---- OK ---------------------------
*
* 2. The scope of the authentication is the TCP connection (which must be kept-alive)
* after the type2 response is received. This means that NTLM does not work end-to-end
* through a proxy, rather between client and proxy, or between client and server (with no proxy)
*/
class NTLMAuthentication extends AuthenticationInfo {
private static final long serialVersionUID = -2403849171106437142L;
private byte[] type1;
private byte[] type3;
private SecretKeyFactory fac;
private Cipher cipher;
private MessageDigest md4;
private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */
static {
defaultDomain = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
"domain"));
};
static boolean supportsTransparentAuth () {
return false;
}
private void init0() {
type1 = new byte[256];
type3 = new byte[256];
System.arraycopy (new byte[] {'N','T','L','M','S','S','P',0,1}, 0, type1, 0, 9);
type1[12] = (byte) 3;
type1[13] = (byte) 0xb2;
type1[28] = (byte) 0x20;
System.arraycopy (new byte[] {'N','T','L','M','S','S','P',0,3}, 0, type3, 0, 9);
type3[12] = (byte) 0x18;
type3[14] = (byte) 0x18;
type3[20] = (byte) 0x18;
type3[22] = (byte) 0x18;
type3[32] = (byte) 0x40;
type3[60] = (byte) 1;
type3[61] = (byte) 0x82;
try {
hostname = java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<String>() {
public String run() {
String localhost;
try {
localhost = InetAddress.getLocalHost().getHostName().toUpperCase();
} catch (UnknownHostException e) {
localhost = "localhost";
}
return localhost;
}
});
int x = hostname.indexOf ('.');
if (x != -1) {
hostname = hostname.substring (0, x);
}
fac = SecretKeyFactory.getInstance ("DES");
cipher = Cipher.getInstance ("DES/ECB/NoPadding");
md4 = sun.security.provider.MD4.getInstance();
} catch (NoSuchPaddingException e) {
assert false;
} catch (NoSuchAlgorithmException e) {
assert false;
}
};
PasswordAuthentication pw;
String username;
String ntdomain;
String password;
/**
* Create a NTLMAuthentication:
* Username may be specified as domain<BACKSLASH>username in the application Authenticator.
* If this notation is not used, then the domain will be taken
* from a system property: "http.auth.ntlm.domain".
*/
public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
AuthScheme.NTLM,
url,
"");
init (pw);
}
private void init (PasswordAuthentication pw) {
this.pw = pw;
String s = pw.getUserName();
int i = s.indexOf ('\\');
if (i == -1) {
username = s;
ntdomain = defaultDomain;
} else {
ntdomain = s.substring (0, i).toUpperCase();
username = s.substring (i+1);
}
password = new String (pw.getPassword());
init0();
}
/**
* Constructor used for proxy entries
*/
public NTLMAuthentication(boolean isProxy, String host, int port,
PasswordAuthentication pw) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
AuthScheme.NTLM,
host,
port,
"");
init (pw);
}
/**
* @return true if this authentication supports preemptive authorization
*/
boolean supportsPreemptiveAuthorization() {
return false;
}
/**
* @return the name of the HTTP header this authentication wants set
*/
String getHeaderName() {
if (type == SERVER_AUTHENTICATION) {
return "Authorization";
} else {
return "Proxy-authorization";
}
}
/**
* Not supported. Must use the setHeaders() method
*/
String getHeaderValue(URL url, String method) {
throw new RuntimeException ("getHeaderValue not supported");
}
/**
* Check if the header indicates that the current auth. parameters are stale.
* If so, then replace the relevant field with the new value
* and return true. Otherwise return false.
* returning true means the request can be retried with the same userid/password
* returning false means we have to go back to the user to ask for a new
* username password.
*/
boolean isAuthorizationStale (String header) {
return false; /* should not be called for ntlm */
}
/**
* Set header(s) on the given connection.
* @param conn The connection to apply the header(s) to
* @param p A source of header values for this connection, not used because
* HeaderParser converts the fields to lower case, use raw instead
* @param raw The raw header field.
* @return true if all goes well, false if no headers were set.
*/
synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
try {
String response;
if (raw.length() < 6) { /* NTLM<sp> */
response = buildType1Msg ();
} else {
String msg = raw.substring (5); /* skip NTLM<sp> */
response = buildType3Msg (msg);
}
conn.setAuthenticationProperty(getHeaderName(), response);
return true;
} catch (IOException e) {
return false;
} catch (GeneralSecurityException e) {
return false;
}
}
private void copybytes (byte[] dest, int destpos, String src, String enc) {
try {
byte[] x = src.getBytes(enc);
System.arraycopy (x, 0, dest, destpos, x.length);
} catch (UnsupportedEncodingException e) {
assert false;
}
}
private String buildType1Msg () {
int dlen = ntdomain.length();
type1[16]= (byte) (dlen % 256);
type1[17]= (byte) (dlen / 256);
type1[18] = type1[16];
type1[19] = type1[17];
int hlen = hostname.length();
type1[24]= (byte) (hlen % 256);
type1[25]= (byte) (hlen / 256);
type1[26] = type1[24];
type1[27] = type1[25];
copybytes (type1, 32, hostname, "ISO8859_1");
copybytes (type1, hlen+32, ntdomain, "ISO8859_1");
type1[20] = (byte) ((hlen+32) % 256);
type1[21] = (byte) ((hlen+32) / 256);
byte[] msg = new byte [32 + hlen + dlen];
System.arraycopy (type1, 0, msg, 0, 32 + hlen + dlen);
String result = "NTLM " + (new B64Encoder()).encode (msg);
return result;
}
/* Convert a 7 byte array to an 8 byte array (for a des key with parity)
* input starts at offset off
*/
private byte[] makeDesKey (byte[] input, int off) {
int[] in = new int [input.length];
for (int i=0; i<in.length; i++ ) {
in[i] = input[i]<0 ? input[i]+256: input[i];
}
byte[] out = new byte[8];
out[0] = (byte)in[off+0];
out[1] = (byte)(((in[off+0] << 7) & 0xFF) | (in[off+1] >> 1));
out[2] = (byte)(((in[off+1] << 6) & 0xFF) | (in[off+2] >> 2));
out[3] = (byte)(((in[off+2] << 5) & 0xFF) | (in[off+3] >> 3));
out[4] = (byte)(((in[off+3] << 4) & 0xFF) | (in[off+4] >> 4));
out[5] = (byte)(((in[off+4] << 3) & 0xFF) | (in[off+5] >> 5));
out[6] = (byte)(((in[off+5] << 2) & 0xFF) | (in[off+6] >> 6));
out[7] = (byte)((in[off+6] << 1) & 0xFF);
return out;
}
private byte[] calcLMHash () throws GeneralSecurityException {
byte[] magic = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
byte[] pwb = password.toUpperCase ().getBytes();
byte[] pwb1 = new byte [14];
int len = password.length();
if (len > 14)
len = 14;
System.arraycopy (pwb, 0, pwb1, 0, len); /* Zero padded */
DESKeySpec dks1 = new DESKeySpec (makeDesKey (pwb1, 0));
DESKeySpec dks2 = new DESKeySpec (makeDesKey (pwb1, 7));
SecretKey key1 = fac.generateSecret (dks1);
SecretKey key2 = fac.generateSecret (dks2);
cipher.init (Cipher.ENCRYPT_MODE, key1);
byte[] out1 = cipher.doFinal (magic, 0, 8);
cipher.init (Cipher.ENCRYPT_MODE, key2);
byte[] out2 = cipher.doFinal (magic, 0, 8);
byte[] result = new byte [21];
System.arraycopy (out1, 0, result, 0, 8);
System.arraycopy (out2, 0, result, 8, 8);
return result;
}
private byte[] calcNTHash () throws GeneralSecurityException {
byte[] pw = null;
try {
pw = password.getBytes ("UnicodeLittleUnmarked");
} catch (UnsupportedEncodingException e) {
assert false;
}
byte[] out = md4.digest (pw);
byte[] result = new byte [21];
System.arraycopy (out, 0, result, 0, 16);
return result;
}
/* key is a 21 byte array. Split it into 3 7 byte chunks,
* Convert each to 8 byte DES keys, encrypt the text arg with
* each key and return the three results in a sequential []
*/
private byte[] calcResponse (byte[] key, byte[] text)
throws GeneralSecurityException {
assert key.length == 21;
DESKeySpec dks1 = new DESKeySpec (makeDesKey (key, 0));
DESKeySpec dks2 = new DESKeySpec (makeDesKey (key, 7));
DESKeySpec dks3 = new DESKeySpec (makeDesKey (key, 14));
SecretKey key1 = fac.generateSecret (dks1);
SecretKey key2 = fac.generateSecret (dks2);
SecretKey key3 = fac.generateSecret (dks3);
cipher.init (Cipher.ENCRYPT_MODE, key1);
byte[] out1 = cipher.doFinal (text, 0, 8);
cipher.init (Cipher.ENCRYPT_MODE, key2);
byte[] out2 = cipher.doFinal (text, 0, 8);
cipher.init (Cipher.ENCRYPT_MODE, key3);
byte[] out3 = cipher.doFinal (text, 0, 8);
byte[] result = new byte [24];
System.arraycopy (out1, 0, result, 0, 8);
System.arraycopy (out2, 0, result, 8, 8);
System.arraycopy (out3, 0, result, 16, 8);
return result;
}
private String buildType3Msg (String challenge) throws GeneralSecurityException,
IOException {
/* First decode the type2 message to get the server nonce */
/* nonce is located at type2[24] for 8 bytes */
byte[] type2 = (new sun.misc.BASE64Decoder()).decodeBuffer (challenge);
byte[] nonce = new byte [8];
System.arraycopy (type2, 24, nonce, 0, 8);
int ulen = username.length()*2;
type3[36] = type3[38] = (byte) (ulen % 256);
type3[37] = type3[39] = (byte) (ulen / 256);
int dlen = ntdomain.length()*2;
type3[28] = type3[30] = (byte) (dlen % 256);
type3[29] = type3[31] = (byte) (dlen / 256);
int hlen = hostname.length()*2;
type3[44] = type3[46] = (byte) (hlen % 256);
type3[45] = type3[47] = (byte) (hlen / 256);
int l = 64;
copybytes (type3, l, ntdomain, "UnicodeLittleUnmarked");
type3[32] = (byte) (l % 256);
type3[33] = (byte) (l / 256);
l += dlen;
copybytes (type3, l, username, "UnicodeLittleUnmarked");
type3[40] = (byte) (l % 256);
type3[41] = (byte) (l / 256);
l += ulen;
copybytes (type3, l, hostname, "UnicodeLittleUnmarked");
type3[48] = (byte) (l % 256);
type3[49] = (byte) (l / 256);
l += hlen;
byte[] lmhash = calcLMHash();
byte[] lmresponse = calcResponse (lmhash, nonce);
byte[] nthash = calcNTHash();
byte[] ntresponse = calcResponse (nthash, nonce);
System.arraycopy (lmresponse, 0, type3, l, 24);
type3[16] = (byte) (l % 256);
type3[17] = (byte) (l / 256);
l += 24;
System.arraycopy (ntresponse, 0, type3, l, 24);
type3[24] = (byte) (l % 256);
type3[25] = (byte) (l / 256);
l += 24;
type3[56] = (byte) (l % 256);
type3[57] = (byte) (l / 256);
byte[] msg = new byte [l];
System.arraycopy (type3, 0, msg, 0, l);
String result = "NTLM " + (new B64Encoder()).encode (msg);
return result;
}
}
class B64Encoder extends sun.misc.BASE64Encoder {
/* to force it to to the entire encoding in one line */
protected int bytesPerLine () {
return 1024;
}
}
test/java/lang/reflect/Generics/Probe.java
浏览文件 @ f820c65f
/*
* Copyright (c) 2004, 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -47,9 +47,6 @@ import static java.util.Arrays.*;
"java.util.WeakHashMap$EntryIterator",
"java.util.WeakHashMap$KeyIterator",
"java.util.WeakHashMap$ValueIterator",
"java.util.TreeMap$EntryIterator",
"java.util.TreeMap$KeyIterator",
"java.util.TreeMap$ValueIterator",
"java.util.HashMap$EntryIterator",
"java.util.HashMap$KeyIterator",
"java.util.HashMap$ValueIterator",
......
test/java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java
浏览文件 @ f820c65f
/*
* Copyright (c) 2002, 2008, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -23,7 +23,7 @@
/*
* @test
* @bug 4684810
* @bug 4684810 6994717
* @summary Verify that RFC822 name constraints are checked correctly
*/
......@@ -38,6 +38,7 @@ import java.security.cert.PKIXReason;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Set;
......@@ -100,6 +101,9 @@ public final class ValidateCertPath {
Set<TrustAnchor> anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
// The certificates expired on 10/22/10, so set the validity date to
// 05/01/2009 to avoid expiration failures
params.setDate(new Date(1243828800000l));
}
/*
......
test/java/util/NavigableMap/LockStep.java
浏览文件 @ f820c65f
/*
* Copyright (c) 2006, 2008, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -25,6 +25,9 @@
* @test
* @bug 6420753 6242436 6691185
* @summary Compare NavigableMap implementations for identical behavior
* @run main LockStep
* @run main/othervm -XX:+AggressiveOpts LockStep
* @run main/othervm -XX:+AggressiveOpts -Dthorough=true LockStep
* @author Martin Buchholz
*/
......
test/sun/security/krb5/auto/TcpTimeout.java 0 → 100644
浏览文件 @ f820c65f
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 6952519
* @run main/timeout=40/othervm TcpTimeout
* @summary kdc_timeout is not being honoured when using TCP
*/
import java.io.*;
import java.net.ServerSocket;
import sun.security.krb5.Config;
public class TcpTimeout {
public static void main(String[] args)
throws Exception {
System.setProperty("sun.security.krb5.debug", "true");
final int p1 = 10000 + new java.util.Random().nextInt(10000);
final int p2 = 20000 + new java.util.Random().nextInt(10000);
final int p3 = 30000 + new java.util.Random().nextInt(10000);
KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, p3, true);
k.addPrincipal(OneKDC.USER, OneKDC.PASS);
k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
// Start two listener that does not communicate, simulate timeout
new Thread() {
public void run() {
try {
new ServerSocket(p1).accept();
} catch (Exception e) {
}}
}.start();
new Thread() {
public void run() {
try {
new ServerSocket(p2).accept();
} catch (Exception e) {
}}
}.start();
FileWriter fw = new FileWriter("alternative-krb5.conf");
fw.write("[libdefaults]\n" +
"udp_preference_limit = 1\n" +
"max_retries = 2\n" +
"default_realm = " + OneKDC.REALM + "\n" +
"kdc_timeout = 5000\n");
fw.write("[realms]\n" + OneKDC.REALM + " = {\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p1 + "\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p2 + "\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p3 + "\n" +
"}\n");
fw.close();
System.setProperty("java.security.krb5.conf", "alternative-krb5.conf");
Config.refresh();
// The correct behavior should be:
// 5 sec on p1, 5 sec on p1, fail
// 5 sec on p2, 5 sec on p2, fail
// p3 ok, p3 ok again for preauth.
// The total time should be 20sec + 2x. x is processing time for AS-REQ.
int count = 6;
long start = System.nanoTime();
ByteArrayOutputStream bo = new ByteArrayOutputStream();
PrintStream oldout = System.out;
System.setOut(new PrintStream(bo));
Context c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
System.setOut(oldout);
String[] lines = new String(bo.toByteArray()).split("\n");
for (String line: lines) {
if (line.startsWith(">>> KDCCommunication")) {
System.out.println(line);
count--;
}
}
if (count != 0) {
throw new Exception("Retry count is " + count + " less");
}
long end = System.nanoTime();
if ((end - start)/1000000000L < 20) {
throw new Exception("Too fast? " + (end - start)/1000000000L);
}
}
private static KDC on(int p) throws Exception {
KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, p, true);
k.addPrincipal(OneKDC.USER, OneKDC.PASS);
k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
return k;
}
private static void addFakeKDCs()
throws Exception {
BufferedReader fr = new BufferedReader(new FileReader(OneKDC.KRB5_CONF));
FileWriter fw = new FileWriter("alternative-krb5.conf");
while (true) {
String s = fr.readLine();
if (s == null) {
break;
}
if (s.trim().startsWith("kdc = ")) {
fw.write(" kdc = localhost:33333\n");
fw.write(" kdc = localhost:22222\n");
}
fw.write(s + "\n");
}
fr.close();
fw.close();
sun.security.krb5.Config.refresh();
}
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册