Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
fe0afded
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
3
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fe0afded
编写于
3月 13, 2009
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
6815182: GSSAPI/SPNEGO does not work with server using MIT Kerberos library
Reviewed-by: valeriep
上级
a57f2b63
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
109 addition
and
32 deletion
+109
-32
src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
+5
-5
src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
...share/classes/sun/security/jgss/spnego/SpNegoContext.java
+12
-27
test/sun/security/krb5/auto/SpnegoReqFlags.java
test/sun/security/krb5/auto/SpnegoReqFlags.java
+92
-0
未找到文件。
src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
浏览文件 @
fe0afded
/*
/*
* Copyright 2005-200
6
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2005-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -66,11 +66,11 @@ public class NegTokenInit extends SpNegoToken {
...
@@ -66,11 +66,11 @@ public class NegTokenInit extends SpNegoToken {
private
byte
[]
mechTypes
=
null
;
private
byte
[]
mechTypes
=
null
;
private
Oid
[]
mechTypeList
=
null
;
private
Oid
[]
mechTypeList
=
null
;
private
byte
[]
reqFlags
=
null
;
private
BitArray
reqFlags
=
null
;
private
byte
[]
mechToken
=
null
;
private
byte
[]
mechToken
=
null
;
private
byte
[]
mechListMIC
=
null
;
private
byte
[]
mechListMIC
=
null
;
NegTokenInit
(
byte
[]
mechTypes
,
byte
[]
flags
,
NegTokenInit
(
byte
[]
mechTypes
,
BitArray
flags
,
byte
[]
token
,
byte
[]
mechListMIC
)
byte
[]
token
,
byte
[]
mechListMIC
)
{
{
super
(
NEG_TOKEN_INIT_ID
);
super
(
NEG_TOKEN_INIT_ID
);
...
@@ -101,7 +101,7 @@ public class NegTokenInit extends SpNegoToken {
...
@@ -101,7 +101,7 @@ public class NegTokenInit extends SpNegoToken {
// write context flags with CONTEXT 01
// write context flags with CONTEXT 01
if
(
reqFlags
!=
null
)
{
if
(
reqFlags
!=
null
)
{
DerOutputStream
flags
=
new
DerOutputStream
();
DerOutputStream
flags
=
new
DerOutputStream
();
flags
.
putBitString
(
reqFlags
);
flags
.
put
Unaligned
BitString
(
reqFlags
);
initToken
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
initToken
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
flags
);
true
,
(
byte
)
0x01
),
flags
);
}
}
...
@@ -237,7 +237,7 @@ public class NegTokenInit extends SpNegoToken {
...
@@ -237,7 +237,7 @@ public class NegTokenInit extends SpNegoToken {
return
mechTypeList
;
return
mechTypeList
;
}
}
byte
[]
getReqFlags
()
{
BitArray
getReqFlags
()
{
return
reqFlags
;
return
reqFlags
;
}
}
...
...
src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
浏览文件 @
fe0afded
/*
/*
* Copyright 2005-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2005-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -53,13 +53,6 @@ public class SpNegoContext implements GSSContextSpi {
...
@@ -53,13 +53,6 @@ public class SpNegoContext implements GSSContextSpi {
private
int
state
=
STATE_NEW
;
private
int
state
=
STATE_NEW
;
private
static
final
int
CHECKSUM_DELEG_FLAG
=
1
;
private
static
final
int
CHECKSUM_MUTUAL_FLAG
=
2
;
private
static
final
int
CHECKSUM_REPLAY_FLAG
=
4
;
private
static
final
int
CHECKSUM_SEQUENCE_FLAG
=
8
;
private
static
final
int
CHECKSUM_CONF_FLAG
=
16
;
private
static
final
int
CHECKSUM_INTEG_FLAG
=
32
;
/*
/*
* Optional features that the application can set and their default
* Optional features that the application can set and their default
* values.
* values.
...
@@ -697,25 +690,17 @@ public class SpNegoContext implements GSSContextSpi {
...
@@ -697,25 +690,17 @@ public class SpNegoContext implements GSSContextSpi {
/**
/**
* get the context flags
* get the context flags
*/
*/
private
byte
[]
getContextFlags
()
{
private
BitArray
getContextFlags
()
{
int
flags
=
0
;
BitArray
out
=
new
BitArray
(
7
);
if
(
getCredDelegState
())
if
(
getCredDelegState
())
out
.
set
(
0
,
true
);
flags
|=
CHECKSUM_DELEG_FLAG
;
if
(
getMutualAuthState
())
out
.
set
(
1
,
true
);
if
(
getMutualAuthState
())
if
(
getReplayDetState
())
out
.
set
(
2
,
true
);
flags
|=
CHECKSUM_MUTUAL_FLAG
;
if
(
getSequenceDetState
())
out
.
set
(
3
,
true
);
if
(
getReplayDetState
())
if
(
getConfState
())
out
.
set
(
5
,
true
);
flags
|=
CHECKSUM_REPLAY_FLAG
;
if
(
getIntegState
())
out
.
set
(
6
,
true
);
if
(
getSequenceDetState
())
flags
|=
CHECKSUM_SEQUENCE_FLAG
;
return
out
;
if
(
getIntegState
())
flags
|=
CHECKSUM_INTEG_FLAG
;
if
(
getConfState
())
flags
|=
CHECKSUM_CONF_FLAG
;
byte
[]
temp
=
new
byte
[
1
];
temp
[
0
]
=
(
byte
)(
flags
&
0xff
);
return
temp
;
}
}
private
void
setContextFlags
()
{
private
void
setContextFlags
()
{
...
...
test/sun/security/krb5/auto/SpnegoReqFlags.java
0 → 100644
浏览文件 @
fe0afded
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6815182
* @summary GSSAPI/SPNEGO does not work with server using MIT Kerberos library
*/
import
sun.security.jgss.GSSUtil
;
import
sun.security.util.BitArray
;
import
sun.security.util.DerInputStream
;
import
sun.security.util.DerValue
;
public
class
SpnegoReqFlags
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
// Create and start the KDC
new
OneKDC
(
null
).
writeJAASConf
();
new
SpnegoReqFlags
().
go
();
}
void
go
()
throws
Exception
{
Context
c
=
Context
.
fromJAAS
(
"client"
);
c
.
startAsClient
(
OneKDC
.
SERVER
,
GSSUtil
.
GSS_SPNEGO_MECH_OID
);
byte
[]
token
=
c
.
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
me
.
x
().
requestCredDeleg
(
true
);
me
.
x
().
requestReplayDet
(
false
);
me
.
x
().
requestSequenceDet
(
false
);
return
me
.
x
().
initSecContext
(
new
byte
[
0
],
0
,
0
);
}
},
null
);
DerValue
d
=
new
DerValue
(
token
);
// GSSToken
DerInputStream
ins
=
d
.
data
;
// OID + mech token
d
.
data
.
getDerValue
();
// skip OID
d
=
d
.
data
.
getDerValue
();
// NegTokenInit
d
=
d
.
data
.
getDerValue
();
// The SEQUENCE inside
boolean
found
=
false
;
// Go through all fields inside NegTokenInit. The reqFlags field
// is optional. It's even not recommended in RFC 4178.
while
(
d
.
data
.
available
()
>
0
)
{
DerValue
d2
=
d
.
data
.
getDerValue
();
if
(
d2
.
isContextSpecific
((
byte
)
1
))
{
found
=
true
;
System
.
out
.
println
(
"regFlags field located."
);
BitArray
ba
=
d2
.
data
.
getUnalignedBitString
();
if
(
ba
.
length
()
!=
7
)
{
throw
new
Exception
(
"reqFlags should contain 7 bits"
);
}
if
(!
ba
.
get
(
0
))
{
throw
new
Exception
(
"delegFlag should be true"
);
}
if
(
ba
.
get
(
2
)
||
ba
.
get
(
3
))
{
throw
new
Exception
(
"replay/sequenceFlag should be false"
);
}
}
}
if
(!
found
)
{
System
.
out
.
println
(
"Warning: regFlags field not found, too new?"
);
}
c
.
dispose
();
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录