Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
f820c65f
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f820c65f
编写于
11月 09, 2010
作者:
A
alanb
浏览文件
操作
浏览文件
下载
差异文件
Merge
上级
dce228fb
85264a8f
变更
10
隐藏空白更改
内联
并排
Showing
10 changed file
with
328 addition
and
586 deletion
+328
-586
make/Makefile
make/Makefile
+6
-1
make/altclasses/Makefile
make/altclasses/Makefile
+84
-0
src/share/classes/sun/security/krb5/KrbKdcReq.java
src/share/classes/sun/security/krb5/KrbKdcReq.java
+18
-47
src/share/classes/sun/security/krb5/internal/NetClient.java
src/share/classes/sun/security/krb5/internal/NetClient.java
+71
-5
src/share/classes/sun/security/krb5/internal/UDPClient.java
src/share/classes/sun/security/krb5/internal/UDPClient.java
+0
-99
src/solaris/classes/sun/net/www/protocol/http/NTLMAuthentication.java
...classes/sun/net/www/protocol/http/NTLMAuthentication.java
+0
-427
test/java/lang/reflect/Generics/Probe.java
test/java/lang/reflect/Generics/Probe.java
+1
-4
test/java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java
...PathValidator/nameConstraintsRFC822/ValidateCertPath.java
+6
-2
test/java/util/NavigableMap/LockStep.java
test/java/util/NavigableMap/LockStep.java
+4
-1
test/sun/security/krb5/auto/TcpTimeout.java
test/sun/security/krb5/auto/TcpTimeout.java
+138
-0
未找到文件。
make/Makefile
浏览文件 @
f820c65f
#
# Copyright (c) 1995, 20
07
, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 1995, 20
10
, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
...
...
@@ -243,6 +243,11 @@ SUBDIRS = tools java javax sun com
SUBDIRS_tools
=
launchers
SUBDIRS_misc
=
org sunw jpda mkdemo mksample
# Alternate classes implementation
ifndef
OPENJDK
SUBDIRS_misc
+=
altclasses
endif
include
$(BUILDDIR)/common/Subdirs.gmk
all build
::
...
...
make/altclasses/Makefile
0 → 100644
浏览文件 @
f820c65f
#
# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Oracle designates this
# particular file as subject to the "Classpath" exception as provided
# by Oracle in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
#
# Makefile for building alternate runtime classes (not used by default)
#
BUILDDIR
=
..
PRODUCT
=
altclasses
include
$(BUILDDIR)/common/Defs.gmk
# Root of alternate class sources
ALTCLASSES_SRCDIR
=
$(CLOSED_SRC)
/share/altclasses
# Alternate runtime classes
ALTRT_JAR_FILE
=
$(LIBDIR)
/alt-rt.jar
ALTRT_JAR_SOURCE_FILE
=
$(TEMPDIR)
/alt-rt.jarsrclist
ALTRT_JAR_SOURCES
=
$(
wildcard
$(ALTCLASSES_SRCDIR)
/java/
*
/
*
.java
)
# Use a special file suffix for the file that holds the source list
.SUFFIXES
:
.jarsrclist
# Build rules
all build
:
@
if
[
-d
$(ALTCLASSES_SRCDIR)
]
;
then
\
$(MAKE)
$(ALTRT_JAR_FILE)
;
\
fi
# Source list file creation
$(ALTRT_JAR_SOURCE_FILE)
:
$(ALTRT_JAR_SOURCES) FRC
$
(
prep-target
)
$(ECHO)
$(ALTRT_JAR_SOURCES)
>
$@
clean clobber
::
$(RM)
$(ALTRT_JAR_FILE)
$(ALTRT_JAR_SOURCE_FILE)
$(RM)
-r
$(ALTRT_JAR_SOURCE_FILE)
.classes
include
$(BUILDDIR)/common/Classes.gmk
# Pattern rule to turn a source list file into a jar file
$(LIBDIR)/%.jar
:
$(TEMPDIR)/%.jarsrclist
$
(
prep-target
)
$(RM)
-r
$
(
<
)
.classes
$(MKDIR)
-p
$
(
<
)
.classes
$(JAVAC_CMD)
-implicit
:none
-d
$
(
<
)
.classes @
$<
$(BOOT_JAR_CMD)
cf
$@
-C
$
(
<
)
.classes
.
$(BOOT_JAR_JFLAGS)
# Force target
FRC
:
# Non file targets
.PHONY
:
all build clean clobber
src/share/classes/sun/security/krb5/KrbKdcReq.java
浏览文件 @
f820c65f
...
...
@@ -36,8 +36,7 @@ import java.security.PrivilegedAction;
import
java.security.Security
;
import
java.util.Locale
;
import
sun.security.krb5.internal.Krb5
;
import
sun.security.krb5.internal.UDPClient
;
import
sun.security.krb5.internal.TCPClient
;
import
sun.security.krb5.internal.NetClient
;
import
java.io.IOException
;
import
java.net.SocketTimeoutException
;
import
java.util.StringTokenizer
;
...
...
@@ -349,12 +348,16 @@ public abstract class KrbKdcReq {
byte
[]
ibuf
=
null
;
if
(
useTCP
)
{
TCPClient
kdcClient
=
new
TCPClient
(
kdc
,
port
);
for
(
int
i
=
1
;
i
<=
retries
;
i
++)
{
String
proto
=
useTCP
?
"TCP"
:
"UDP"
;
NetClient
kdcClient
=
NetClient
.
getInstance
(
proto
,
kdc
,
port
,
timeout
);
if
(
DEBUG
)
{
System
.
out
.
println
(
">>> KDCCommunication: kdc="
+
kdc
+
" TCP:"
+
port
+
" "
+
proto
+
":"
+
port
+
", timeout="
+
timeout
+
",Attempt ="
+
i
+
", #bytes="
+
obuf
.
length
);
}
try
{
...
...
@@ -366,50 +369,18 @@ public abstract class KrbKdcReq {
* And get a response.
*/
ibuf
=
kdcClient
.
receive
();
}
finally
{
kdcClient
.
close
();
}
}
else
{
// For each KDC we try defaultKdcRetryLimit times to
// get the response
for
(
int
i
=
1
;
i
<=
retries
;
i
++)
{
UDPClient
kdcClient
=
new
UDPClient
(
kdc
,
port
,
timeout
);
break
;
}
catch
(
SocketTimeoutException
se
)
{
if
(
DEBUG
)
{
System
.
out
.
println
(
">>> KDCCommunication: kdc="
+
kdc
+
(
useTCP
?
" TCP:"
:
" UDP:"
)
+
port
+
", timeout="
+
timeout
+
",Attempt ="
+
i
+
", #bytes="
+
obuf
.
length
);
System
.
out
.
println
(
"SocketTimeOutException with "
+
"attempt: "
+
i
);
}
try
{
/*
* Send the data to the kdc.
*/
kdcClient
.
send
(
obuf
);
/*
* And get a response.
*/
try
{
ibuf
=
kdcClient
.
receive
();
break
;
}
catch
(
SocketTimeoutException
se
)
{
if
(
DEBUG
)
{
System
.
out
.
println
(
"SocketTimeOutException with "
+
"attempt: "
+
i
);
}
if
(
i
==
retries
)
{
ibuf
=
null
;
throw
se
;
}
}
}
finally
{
kdcClient
.
close
();
if
(
i
==
retries
)
{
ibuf
=
null
;
throw
se
;
}
}
finally
{
kdcClient
.
close
();
}
}
return
ibuf
;
...
...
src/share/classes/sun/security/krb5/internal/
TCP
Client.java
→
src/share/classes/sun/security/krb5/internal/
Net
Client.java
浏览文件 @
f820c65f
/*
* Copyright (c) 2000, 20
03
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 20
10
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -34,18 +34,38 @@ package sun.security.krb5.internal;
import
java.io.*
;
import
java.net.*
;
public
class
TCPClient
{
public
abstract
class
NetClient
{
public
static
NetClient
getInstance
(
String
protocol
,
String
hostname
,
int
port
,
int
timeout
)
throws
IOException
{
if
(
protocol
.
equals
(
"TCP"
))
{
return
new
TCPClient
(
hostname
,
port
,
timeout
);
}
else
{
return
new
UDPClient
(
hostname
,
port
,
timeout
);
}
}
abstract
public
void
send
(
byte
[]
data
)
throws
IOException
;
abstract
public
byte
[]
receive
()
throws
IOException
;
abstract
public
void
close
()
throws
IOException
;
}
class
TCPClient
extends
NetClient
{
private
Socket
tcpSocket
;
private
BufferedOutputStream
out
;
private
BufferedInputStream
in
;
public
TCPClient
(
String
hostname
,
int
port
)
throws
IOException
{
TCPClient
(
String
hostname
,
int
port
,
int
timeout
)
throws
IOException
{
tcpSocket
=
new
Socket
(
hostname
,
port
);
out
=
new
BufferedOutputStream
(
tcpSocket
.
getOutputStream
());
in
=
new
BufferedInputStream
(
tcpSocket
.
getInputStream
());
tcpSocket
.
setSoTimeout
(
timeout
);
}
@Override
public
void
send
(
byte
[]
data
)
throws
IOException
{
byte
[]
lenField
=
new
byte
[
4
];
intToNetworkByteOrder
(
data
.
length
,
lenField
,
0
,
4
);
...
...
@@ -55,6 +75,7 @@ public class TCPClient {
out
.
flush
();
}
@Override
public
byte
[]
receive
()
throws
IOException
{
byte
[]
lenField
=
new
byte
[
4
];
int
count
=
readFully
(
lenField
,
4
);
...
...
@@ -94,6 +115,7 @@ public class TCPClient {
}
}
@Override
public
void
close
()
throws
IOException
{
tcpSocket
.
close
();
}
...
...
@@ -120,7 +142,7 @@ public class TCPClient {
/**
* Returns the integer represented by 4 bytes in network byte order.
*/
private
static
final
int
networkByteOrderToInt
(
byte
[]
buf
,
int
start
,
private
static
int
networkByteOrderToInt
(
byte
[]
buf
,
int
start
,
int
count
)
{
if
(
count
>
4
)
{
throw
new
IllegalArgumentException
(
...
...
@@ -140,7 +162,7 @@ public class TCPClient {
* Encodes an integer into 4 bytes in network byte order in the buffer
* supplied.
*/
private
static
final
void
intToNetworkByteOrder
(
int
num
,
byte
[]
buf
,
private
static
void
intToNetworkByteOrder
(
int
num
,
byte
[]
buf
,
int
start
,
int
count
)
{
if
(
count
>
4
)
{
throw
new
IllegalArgumentException
(
...
...
@@ -153,3 +175,47 @@ public class TCPClient {
}
}
}
class
UDPClient
extends
NetClient
{
InetAddress
iaddr
;
int
iport
;
int
bufSize
=
65507
;
DatagramSocket
dgSocket
;
DatagramPacket
dgPacketIn
;
UDPClient
(
String
hostname
,
int
port
,
int
timeout
)
throws
UnknownHostException
,
SocketException
{
iaddr
=
InetAddress
.
getByName
(
hostname
);
iport
=
port
;
dgSocket
=
new
DatagramSocket
();
dgSocket
.
setSoTimeout
(
timeout
);
}
@Override
public
void
send
(
byte
[]
data
)
throws
IOException
{
DatagramPacket
dgPacketOut
=
new
DatagramPacket
(
data
,
data
.
length
,
iaddr
,
iport
);
dgSocket
.
send
(
dgPacketOut
);
}
@Override
public
byte
[]
receive
()
throws
IOException
{
byte
ibuf
[]
=
new
byte
[
bufSize
];
dgPacketIn
=
new
DatagramPacket
(
ibuf
,
ibuf
.
length
);
try
{
dgSocket
.
receive
(
dgPacketIn
);
}
catch
(
SocketException
e
)
{
dgSocket
.
receive
(
dgPacketIn
);
}
byte
[]
data
=
new
byte
[
dgPacketIn
.
getLength
()];
System
.
arraycopy
(
dgPacketIn
.
getData
(),
0
,
data
,
0
,
dgPacketIn
.
getLength
());
return
data
;
}
@Override
public
void
close
()
{
dgSocket
.
close
();
}
}
src/share/classes/sun/security/krb5/internal/UDPClient.java
已删除
100644 → 0
浏览文件 @
dce228fb
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
*
* (C) Copyright IBM Corp. 1999 All Rights Reserved.
* Copyright 1997 The Open Group Research Institute. All rights reserved.
*/
package
sun.security.krb5.internal
;
import
java.io.*
;
import
java.net.*
;
public
class
UDPClient
{
InetAddress
iaddr
;
int
iport
;
int
bufSize
=
65507
;
DatagramSocket
dgSocket
;
DatagramPacket
dgPacketIn
;
public
UDPClient
(
InetAddress
newIAddr
,
int
port
)
throws
SocketException
{
iaddr
=
newIAddr
;
iport
=
port
;
dgSocket
=
new
DatagramSocket
();
}
public
UDPClient
(
String
hostname
,
int
port
)
throws
UnknownHostException
,
SocketException
{
iaddr
=
InetAddress
.
getByName
(
hostname
);
iport
=
port
;
dgSocket
=
new
DatagramSocket
();
}
public
UDPClient
(
String
hostname
,
int
port
,
int
timeout
)
throws
UnknownHostException
,
SocketException
{
iaddr
=
InetAddress
.
getByName
(
hostname
);
iport
=
port
;
dgSocket
=
new
DatagramSocket
();
dgSocket
.
setSoTimeout
(
timeout
);
}
public
void
setBufSize
(
int
newBufSize
)
{
bufSize
=
newBufSize
;
}
public
InetAddress
getInetAddress
()
{
if
(
dgPacketIn
!=
null
)
return
dgPacketIn
.
getAddress
();
return
null
;
}
public
void
send
(
byte
[]
data
)
throws
IOException
{
DatagramPacket
dgPacketOut
=
new
DatagramPacket
(
data
,
data
.
length
,
iaddr
,
iport
);
dgSocket
.
send
(
dgPacketOut
);
}
public
byte
[]
receive
()
throws
IOException
{
byte
ibuf
[]
=
new
byte
[
bufSize
];
dgPacketIn
=
new
DatagramPacket
(
ibuf
,
ibuf
.
length
);
try
{
dgSocket
.
receive
(
dgPacketIn
);
}
catch
(
SocketException
e
)
{
dgSocket
.
receive
(
dgPacketIn
);
}
byte
[]
data
=
new
byte
[
dgPacketIn
.
getLength
()];
System
.
arraycopy
(
dgPacketIn
.
getData
(),
0
,
data
,
0
,
dgPacketIn
.
getLength
());
return
data
;
}
public
void
close
()
{
dgSocket
.
close
();
}
}
src/solaris/classes/sun/net/www/protocol/http/NTLMAuthentication.java
已删除
100644 → 0
浏览文件 @
dce228fb
/*
* Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package
sun.net.www.protocol.http
;
import
java.io.IOException
;
import
java.io.UnsupportedEncodingException
;
import
java.net.InetAddress
;
import
java.net.PasswordAuthentication
;
import
java.net.UnknownHostException
;
import
java.net.URL
;
import
java.security.GeneralSecurityException
;
import
java.security.MessageDigest
;
import
java.security.NoSuchAlgorithmException
;
import
javax.crypto.Cipher
;
import
javax.crypto.NoSuchPaddingException
;
import
javax.crypto.SecretKey
;
import
javax.crypto.SecretKeyFactory
;
import
javax.crypto.spec.DESKeySpec
;
import
sun.net.www.HeaderParser
;
/**
* NTLMAuthentication:
*
* @author Michael McMahon
*/
/*
* NTLM authentication is nominally based on the framework defined in RFC2617,
* but differs from the standard (Basic & Digest) schemes as follows:
*
* 1. A complete authentication requires three request/response transactions
* as shown below:
* REQ ------------------------------->
* <---- 401 (signalling NTLM) --------
*
* REQ (with type1 NTLM msg) --------->
* <---- 401 (with type 2 NTLM msg) ---
*
* REQ (with type3 NTLM msg) --------->
* <---- OK ---------------------------
*
* 2. The scope of the authentication is the TCP connection (which must be kept-alive)
* after the type2 response is received. This means that NTLM does not work end-to-end
* through a proxy, rather between client and proxy, or between client and server (with no proxy)
*/
class
NTLMAuthentication
extends
AuthenticationInfo
{
private
static
final
long
serialVersionUID
=
-
2403849171106437142L
;
private
byte
[]
type1
;
private
byte
[]
type3
;
private
SecretKeyFactory
fac
;
private
Cipher
cipher
;
private
MessageDigest
md4
;
private
String
hostname
;
private
static
String
defaultDomain
;
/* Domain to use if not specified by user */
static
{
defaultDomain
=
java
.
security
.
AccessController
.
doPrivileged
(
new
sun
.
security
.
action
.
GetPropertyAction
(
"http.auth.ntlm.domain"
,
"domain"
));
};
static
boolean
supportsTransparentAuth
()
{
return
false
;
}
private
void
init0
()
{
type1
=
new
byte
[
256
];
type3
=
new
byte
[
256
];
System
.
arraycopy
(
new
byte
[]
{
'N'
,
'T'
,
'L'
,
'M'
,
'S'
,
'S'
,
'P'
,
0
,
1
},
0
,
type1
,
0
,
9
);
type1
[
12
]
=
(
byte
)
3
;
type1
[
13
]
=
(
byte
)
0xb2
;
type1
[
28
]
=
(
byte
)
0x20
;
System
.
arraycopy
(
new
byte
[]
{
'N'
,
'T'
,
'L'
,
'M'
,
'S'
,
'S'
,
'P'
,
0
,
3
},
0
,
type3
,
0
,
9
);
type3
[
12
]
=
(
byte
)
0x18
;
type3
[
14
]
=
(
byte
)
0x18
;
type3
[
20
]
=
(
byte
)
0x18
;
type3
[
22
]
=
(
byte
)
0x18
;
type3
[
32
]
=
(
byte
)
0x40
;
type3
[
60
]
=
(
byte
)
1
;
type3
[
61
]
=
(
byte
)
0x82
;
try
{
hostname
=
java
.
security
.
AccessController
.
doPrivileged
(
new
java
.
security
.
PrivilegedAction
<
String
>()
{
public
String
run
()
{
String
localhost
;
try
{
localhost
=
InetAddress
.
getLocalHost
().
getHostName
().
toUpperCase
();
}
catch
(
UnknownHostException
e
)
{
localhost
=
"localhost"
;
}
return
localhost
;
}
});
int
x
=
hostname
.
indexOf
(
'.'
);
if
(
x
!=
-
1
)
{
hostname
=
hostname
.
substring
(
0
,
x
);
}
fac
=
SecretKeyFactory
.
getInstance
(
"DES"
);
cipher
=
Cipher
.
getInstance
(
"DES/ECB/NoPadding"
);
md4
=
sun
.
security
.
provider
.
MD4
.
getInstance
();
}
catch
(
NoSuchPaddingException
e
)
{
assert
false
;
}
catch
(
NoSuchAlgorithmException
e
)
{
assert
false
;
}
};
PasswordAuthentication
pw
;
String
username
;
String
ntdomain
;
String
password
;
/**
* Create a NTLMAuthentication:
* Username may be specified as domain<BACKSLASH>username in the application Authenticator.
* If this notation is not used, then the domain will be taken
* from a system property: "http.auth.ntlm.domain".
*/
public
NTLMAuthentication
(
boolean
isProxy
,
URL
url
,
PasswordAuthentication
pw
)
{
super
(
isProxy
?
PROXY_AUTHENTICATION
:
SERVER_AUTHENTICATION
,
AuthScheme
.
NTLM
,
url
,
""
);
init
(
pw
);
}
private
void
init
(
PasswordAuthentication
pw
)
{
this
.
pw
=
pw
;
String
s
=
pw
.
getUserName
();
int
i
=
s
.
indexOf
(
'\\'
);
if
(
i
==
-
1
)
{
username
=
s
;
ntdomain
=
defaultDomain
;
}
else
{
ntdomain
=
s
.
substring
(
0
,
i
).
toUpperCase
();
username
=
s
.
substring
(
i
+
1
);
}
password
=
new
String
(
pw
.
getPassword
());
init0
();
}
/**
* Constructor used for proxy entries
*/
public
NTLMAuthentication
(
boolean
isProxy
,
String
host
,
int
port
,
PasswordAuthentication
pw
)
{
super
(
isProxy
?
PROXY_AUTHENTICATION
:
SERVER_AUTHENTICATION
,
AuthScheme
.
NTLM
,
host
,
port
,
""
);
init
(
pw
);
}
/**
* @return true if this authentication supports preemptive authorization
*/
boolean
supportsPreemptiveAuthorization
()
{
return
false
;
}
/**
* @return the name of the HTTP header this authentication wants set
*/
String
getHeaderName
()
{
if
(
type
==
SERVER_AUTHENTICATION
)
{
return
"Authorization"
;
}
else
{
return
"Proxy-authorization"
;
}
}
/**
* Not supported. Must use the setHeaders() method
*/
String
getHeaderValue
(
URL
url
,
String
method
)
{
throw
new
RuntimeException
(
"getHeaderValue not supported"
);
}
/**
* Check if the header indicates that the current auth. parameters are stale.
* If so, then replace the relevant field with the new value
* and return true. Otherwise return false.
* returning true means the request can be retried with the same userid/password
* returning false means we have to go back to the user to ask for a new
* username password.
*/
boolean
isAuthorizationStale
(
String
header
)
{
return
false
;
/* should not be called for ntlm */
}
/**
* Set header(s) on the given connection.
* @param conn The connection to apply the header(s) to
* @param p A source of header values for this connection, not used because
* HeaderParser converts the fields to lower case, use raw instead
* @param raw The raw header field.
* @return true if all goes well, false if no headers were set.
*/
synchronized
boolean
setHeaders
(
HttpURLConnection
conn
,
HeaderParser
p
,
String
raw
)
{
try
{
String
response
;
if
(
raw
.
length
()
<
6
)
{
/* NTLM<sp> */
response
=
buildType1Msg
();
}
else
{
String
msg
=
raw
.
substring
(
5
);
/* skip NTLM<sp> */
response
=
buildType3Msg
(
msg
);
}
conn
.
setAuthenticationProperty
(
getHeaderName
(),
response
);
return
true
;
}
catch
(
IOException
e
)
{
return
false
;
}
catch
(
GeneralSecurityException
e
)
{
return
false
;
}
}
private
void
copybytes
(
byte
[]
dest
,
int
destpos
,
String
src
,
String
enc
)
{
try
{
byte
[]
x
=
src
.
getBytes
(
enc
);
System
.
arraycopy
(
x
,
0
,
dest
,
destpos
,
x
.
length
);
}
catch
(
UnsupportedEncodingException
e
)
{
assert
false
;
}
}
private
String
buildType1Msg
()
{
int
dlen
=
ntdomain
.
length
();
type1
[
16
]=
(
byte
)
(
dlen
%
256
);
type1
[
17
]=
(
byte
)
(
dlen
/
256
);
type1
[
18
]
=
type1
[
16
];
type1
[
19
]
=
type1
[
17
];
int
hlen
=
hostname
.
length
();
type1
[
24
]=
(
byte
)
(
hlen
%
256
);
type1
[
25
]=
(
byte
)
(
hlen
/
256
);
type1
[
26
]
=
type1
[
24
];
type1
[
27
]
=
type1
[
25
];
copybytes
(
type1
,
32
,
hostname
,
"ISO8859_1"
);
copybytes
(
type1
,
hlen
+
32
,
ntdomain
,
"ISO8859_1"
);
type1
[
20
]
=
(
byte
)
((
hlen
+
32
)
%
256
);
type1
[
21
]
=
(
byte
)
((
hlen
+
32
)
/
256
);
byte
[]
msg
=
new
byte
[
32
+
hlen
+
dlen
];
System
.
arraycopy
(
type1
,
0
,
msg
,
0
,
32
+
hlen
+
dlen
);
String
result
=
"NTLM "
+
(
new
B64Encoder
()).
encode
(
msg
);
return
result
;
}
/* Convert a 7 byte array to an 8 byte array (for a des key with parity)
* input starts at offset off
*/
private
byte
[]
makeDesKey
(
byte
[]
input
,
int
off
)
{
int
[]
in
=
new
int
[
input
.
length
];
for
(
int
i
=
0
;
i
<
in
.
length
;
i
++
)
{
in
[
i
]
=
input
[
i
]<
0
?
input
[
i
]+
256
:
input
[
i
];
}
byte
[]
out
=
new
byte
[
8
];
out
[
0
]
=
(
byte
)
in
[
off
+
0
];
out
[
1
]
=
(
byte
)(((
in
[
off
+
0
]
<<
7
)
&
0xFF
)
|
(
in
[
off
+
1
]
>>
1
));
out
[
2
]
=
(
byte
)(((
in
[
off
+
1
]
<<
6
)
&
0xFF
)
|
(
in
[
off
+
2
]
>>
2
));
out
[
3
]
=
(
byte
)(((
in
[
off
+
2
]
<<
5
)
&
0xFF
)
|
(
in
[
off
+
3
]
>>
3
));
out
[
4
]
=
(
byte
)(((
in
[
off
+
3
]
<<
4
)
&
0xFF
)
|
(
in
[
off
+
4
]
>>
4
));
out
[
5
]
=
(
byte
)(((
in
[
off
+
4
]
<<
3
)
&
0xFF
)
|
(
in
[
off
+
5
]
>>
5
));
out
[
6
]
=
(
byte
)(((
in
[
off
+
5
]
<<
2
)
&
0xFF
)
|
(
in
[
off
+
6
]
>>
6
));
out
[
7
]
=
(
byte
)((
in
[
off
+
6
]
<<
1
)
&
0xFF
);
return
out
;
}
private
byte
[]
calcLMHash
()
throws
GeneralSecurityException
{
byte
[]
magic
=
{
0x4b
,
0x47
,
0x53
,
0x21
,
0x40
,
0x23
,
0x24
,
0x25
};
byte
[]
pwb
=
password
.
toUpperCase
().
getBytes
();
byte
[]
pwb1
=
new
byte
[
14
];
int
len
=
password
.
length
();
if
(
len
>
14
)
len
=
14
;
System
.
arraycopy
(
pwb
,
0
,
pwb1
,
0
,
len
);
/* Zero padded */
DESKeySpec
dks1
=
new
DESKeySpec
(
makeDesKey
(
pwb1
,
0
));
DESKeySpec
dks2
=
new
DESKeySpec
(
makeDesKey
(
pwb1
,
7
));
SecretKey
key1
=
fac
.
generateSecret
(
dks1
);
SecretKey
key2
=
fac
.
generateSecret
(
dks2
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key1
);
byte
[]
out1
=
cipher
.
doFinal
(
magic
,
0
,
8
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key2
);
byte
[]
out2
=
cipher
.
doFinal
(
magic
,
0
,
8
);
byte
[]
result
=
new
byte
[
21
];
System
.
arraycopy
(
out1
,
0
,
result
,
0
,
8
);
System
.
arraycopy
(
out2
,
0
,
result
,
8
,
8
);
return
result
;
}
private
byte
[]
calcNTHash
()
throws
GeneralSecurityException
{
byte
[]
pw
=
null
;
try
{
pw
=
password
.
getBytes
(
"UnicodeLittleUnmarked"
);
}
catch
(
UnsupportedEncodingException
e
)
{
assert
false
;
}
byte
[]
out
=
md4
.
digest
(
pw
);
byte
[]
result
=
new
byte
[
21
];
System
.
arraycopy
(
out
,
0
,
result
,
0
,
16
);
return
result
;
}
/* key is a 21 byte array. Split it into 3 7 byte chunks,
* Convert each to 8 byte DES keys, encrypt the text arg with
* each key and return the three results in a sequential []
*/
private
byte
[]
calcResponse
(
byte
[]
key
,
byte
[]
text
)
throws
GeneralSecurityException
{
assert
key
.
length
==
21
;
DESKeySpec
dks1
=
new
DESKeySpec
(
makeDesKey
(
key
,
0
));
DESKeySpec
dks2
=
new
DESKeySpec
(
makeDesKey
(
key
,
7
));
DESKeySpec
dks3
=
new
DESKeySpec
(
makeDesKey
(
key
,
14
));
SecretKey
key1
=
fac
.
generateSecret
(
dks1
);
SecretKey
key2
=
fac
.
generateSecret
(
dks2
);
SecretKey
key3
=
fac
.
generateSecret
(
dks3
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key1
);
byte
[]
out1
=
cipher
.
doFinal
(
text
,
0
,
8
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key2
);
byte
[]
out2
=
cipher
.
doFinal
(
text
,
0
,
8
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key3
);
byte
[]
out3
=
cipher
.
doFinal
(
text
,
0
,
8
);
byte
[]
result
=
new
byte
[
24
];
System
.
arraycopy
(
out1
,
0
,
result
,
0
,
8
);
System
.
arraycopy
(
out2
,
0
,
result
,
8
,
8
);
System
.
arraycopy
(
out3
,
0
,
result
,
16
,
8
);
return
result
;
}
private
String
buildType3Msg
(
String
challenge
)
throws
GeneralSecurityException
,
IOException
{
/* First decode the type2 message to get the server nonce */
/* nonce is located at type2[24] for 8 bytes */
byte
[]
type2
=
(
new
sun
.
misc
.
BASE64Decoder
()).
decodeBuffer
(
challenge
);
byte
[]
nonce
=
new
byte
[
8
];
System
.
arraycopy
(
type2
,
24
,
nonce
,
0
,
8
);
int
ulen
=
username
.
length
()*
2
;
type3
[
36
]
=
type3
[
38
]
=
(
byte
)
(
ulen
%
256
);
type3
[
37
]
=
type3
[
39
]
=
(
byte
)
(
ulen
/
256
);
int
dlen
=
ntdomain
.
length
()*
2
;
type3
[
28
]
=
type3
[
30
]
=
(
byte
)
(
dlen
%
256
);
type3
[
29
]
=
type3
[
31
]
=
(
byte
)
(
dlen
/
256
);
int
hlen
=
hostname
.
length
()*
2
;
type3
[
44
]
=
type3
[
46
]
=
(
byte
)
(
hlen
%
256
);
type3
[
45
]
=
type3
[
47
]
=
(
byte
)
(
hlen
/
256
);
int
l
=
64
;
copybytes
(
type3
,
l
,
ntdomain
,
"UnicodeLittleUnmarked"
);
type3
[
32
]
=
(
byte
)
(
l
%
256
);
type3
[
33
]
=
(
byte
)
(
l
/
256
);
l
+=
dlen
;
copybytes
(
type3
,
l
,
username
,
"UnicodeLittleUnmarked"
);
type3
[
40
]
=
(
byte
)
(
l
%
256
);
type3
[
41
]
=
(
byte
)
(
l
/
256
);
l
+=
ulen
;
copybytes
(
type3
,
l
,
hostname
,
"UnicodeLittleUnmarked"
);
type3
[
48
]
=
(
byte
)
(
l
%
256
);
type3
[
49
]
=
(
byte
)
(
l
/
256
);
l
+=
hlen
;
byte
[]
lmhash
=
calcLMHash
();
byte
[]
lmresponse
=
calcResponse
(
lmhash
,
nonce
);
byte
[]
nthash
=
calcNTHash
();
byte
[]
ntresponse
=
calcResponse
(
nthash
,
nonce
);
System
.
arraycopy
(
lmresponse
,
0
,
type3
,
l
,
24
);
type3
[
16
]
=
(
byte
)
(
l
%
256
);
type3
[
17
]
=
(
byte
)
(
l
/
256
);
l
+=
24
;
System
.
arraycopy
(
ntresponse
,
0
,
type3
,
l
,
24
);
type3
[
24
]
=
(
byte
)
(
l
%
256
);
type3
[
25
]
=
(
byte
)
(
l
/
256
);
l
+=
24
;
type3
[
56
]
=
(
byte
)
(
l
%
256
);
type3
[
57
]
=
(
byte
)
(
l
/
256
);
byte
[]
msg
=
new
byte
[
l
];
System
.
arraycopy
(
type3
,
0
,
msg
,
0
,
l
);
String
result
=
"NTLM "
+
(
new
B64Encoder
()).
encode
(
msg
);
return
result
;
}
}
class
B64Encoder
extends
sun
.
misc
.
BASE64Encoder
{
/* to force it to to the entire encoding in one line */
protected
int
bytesPerLine
()
{
return
1024
;
}
}
test/java/lang/reflect/Generics/Probe.java
浏览文件 @
f820c65f
/*
* Copyright (c) 2004, 20
06
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 20
10
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -47,9 +47,6 @@ import static java.util.Arrays.*;
"java.util.WeakHashMap$EntryIterator"
,
"java.util.WeakHashMap$KeyIterator"
,
"java.util.WeakHashMap$ValueIterator"
,
"java.util.TreeMap$EntryIterator"
,
"java.util.TreeMap$KeyIterator"
,
"java.util.TreeMap$ValueIterator"
,
"java.util.HashMap$EntryIterator"
,
"java.util.HashMap$KeyIterator"
,
"java.util.HashMap$ValueIterator"
,
...
...
test/java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java
浏览文件 @
f820c65f
/*
* Copyright (c) 2002, 20
08
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 20
10
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -23,7 +23,7 @@
/*
* @test
* @bug 4684810
* @bug 4684810
6994717
* @summary Verify that RFC822 name constraints are checked correctly
*/
...
...
@@ -38,6 +38,7 @@ import java.security.cert.PKIXReason;
import
java.util.ArrayList
;
import
java.util.Collections
;
import
java.util.Date
;
import
java.util.List
;
import
java.util.Set
;
...
...
@@ -100,6 +101,9 @@ public final class ValidateCertPath {
Set
<
TrustAnchor
>
anchors
=
Collections
.
singleton
(
anchor
);
params
=
new
PKIXParameters
(
anchors
);
params
.
setRevocationEnabled
(
false
);
// The certificates expired on 10/22/10, so set the validity date to
// 05/01/2009 to avoid expiration failures
params
.
setDate
(
new
Date
(
1243828800000
l
));
}
/*
...
...
test/java/util/NavigableMap/LockStep.java
浏览文件 @
f820c65f
/*
* Copyright (c) 2006, 20
08
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 20
10
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,6 +25,9 @@
* @test
* @bug 6420753 6242436 6691185
* @summary Compare NavigableMap implementations for identical behavior
* @run main LockStep
* @run main/othervm -XX:+AggressiveOpts LockStep
* @run main/othervm -XX:+AggressiveOpts -Dthorough=true LockStep
* @author Martin Buchholz
*/
...
...
test/sun/security/krb5/auto/TcpTimeout.java
0 → 100644
浏览文件 @
f820c65f
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 6952519
* @run main/timeout=40/othervm TcpTimeout
* @summary kdc_timeout is not being honoured when using TCP
*/
import
java.io.*
;
import
java.net.ServerSocket
;
import
sun.security.krb5.Config
;
public
class
TcpTimeout
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
System
.
setProperty
(
"sun.security.krb5.debug"
,
"true"
);
final
int
p1
=
10000
+
new
java
.
util
.
Random
().
nextInt
(
10000
);
final
int
p2
=
20000
+
new
java
.
util
.
Random
().
nextInt
(
10000
);
final
int
p3
=
30000
+
new
java
.
util
.
Random
().
nextInt
(
10000
);
KDC
k
=
new
KDC
(
OneKDC
.
REALM
,
OneKDC
.
KDCHOST
,
p3
,
true
);
k
.
addPrincipal
(
OneKDC
.
USER
,
OneKDC
.
PASS
);
k
.
addPrincipalRandKey
(
"krbtgt/"
+
OneKDC
.
REALM
);
// Start two listener that does not communicate, simulate timeout
new
Thread
()
{
public
void
run
()
{
try
{
new
ServerSocket
(
p1
).
accept
();
}
catch
(
Exception
e
)
{
}}
}.
start
();
new
Thread
()
{
public
void
run
()
{
try
{
new
ServerSocket
(
p2
).
accept
();
}
catch
(
Exception
e
)
{
}}
}.
start
();
FileWriter
fw
=
new
FileWriter
(
"alternative-krb5.conf"
);
fw
.
write
(
"[libdefaults]\n"
+
"udp_preference_limit = 1\n"
+
"max_retries = 2\n"
+
"default_realm = "
+
OneKDC
.
REALM
+
"\n"
+
"kdc_timeout = 5000\n"
);
fw
.
write
(
"[realms]\n"
+
OneKDC
.
REALM
+
" = {\n"
+
"kdc = "
+
OneKDC
.
KDCHOST
+
":"
+
p1
+
"\n"
+
"kdc = "
+
OneKDC
.
KDCHOST
+
":"
+
p2
+
"\n"
+
"kdc = "
+
OneKDC
.
KDCHOST
+
":"
+
p3
+
"\n"
+
"}\n"
);
fw
.
close
();
System
.
setProperty
(
"java.security.krb5.conf"
,
"alternative-krb5.conf"
);
Config
.
refresh
();
// The correct behavior should be:
// 5 sec on p1, 5 sec on p1, fail
// 5 sec on p2, 5 sec on p2, fail
// p3 ok, p3 ok again for preauth.
// The total time should be 20sec + 2x. x is processing time for AS-REQ.
int
count
=
6
;
long
start
=
System
.
nanoTime
();
ByteArrayOutputStream
bo
=
new
ByteArrayOutputStream
();
PrintStream
oldout
=
System
.
out
;
System
.
setOut
(
new
PrintStream
(
bo
));
Context
c
=
Context
.
fromUserPass
(
OneKDC
.
USER
,
OneKDC
.
PASS
,
false
);
System
.
setOut
(
oldout
);
String
[]
lines
=
new
String
(
bo
.
toByteArray
()).
split
(
"\n"
);
for
(
String
line:
lines
)
{
if
(
line
.
startsWith
(
">>> KDCCommunication"
))
{
System
.
out
.
println
(
line
);
count
--;
}
}
if
(
count
!=
0
)
{
throw
new
Exception
(
"Retry count is "
+
count
+
" less"
);
}
long
end
=
System
.
nanoTime
();
if
((
end
-
start
)/
1000000000L
<
20
)
{
throw
new
Exception
(
"Too fast? "
+
(
end
-
start
)/
1000000000L
);
}
}
private
static
KDC
on
(
int
p
)
throws
Exception
{
KDC
k
=
new
KDC
(
OneKDC
.
REALM
,
OneKDC
.
KDCHOST
,
p
,
true
);
k
.
addPrincipal
(
OneKDC
.
USER
,
OneKDC
.
PASS
);
k
.
addPrincipalRandKey
(
"krbtgt/"
+
OneKDC
.
REALM
);
return
k
;
}
private
static
void
addFakeKDCs
()
throws
Exception
{
BufferedReader
fr
=
new
BufferedReader
(
new
FileReader
(
OneKDC
.
KRB5_CONF
));
FileWriter
fw
=
new
FileWriter
(
"alternative-krb5.conf"
);
while
(
true
)
{
String
s
=
fr
.
readLine
();
if
(
s
==
null
)
{
break
;
}
if
(
s
.
trim
().
startsWith
(
"kdc = "
))
{
fw
.
write
(
" kdc = localhost:33333\n"
);
fw
.
write
(
" kdc = localhost:22222\n"
);
}
fw
.
write
(
s
+
"\n"
);
}
fr
.
close
();
fw
.
close
();
sun
.
security
.
krb5
.
Config
.
refresh
();
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录