8016051: Possible ClassCastException in KdcComm

Reviewed-by: weijun Contributed-by: N Artem Smotrakov <artem.smotrakov@oracle.com>

8016051: Possible ClassCastException in KdcComm
Reviewed-by: weijun Contributed-by: N Artem Smotrakov <artem.smotrakov@oracle.com>
ffd09344 · weijun · bbc04244 · ffd09344
隐藏空白更改
内联并排

Showing with 43 addition and 34 deletion

src/share/classes/sun/security/krb5/KdcComm.java src/share/classes/sun/security/krb5/KdcComm.java +43 -34

未找到文件。
--- a/src/share/classes/sun/security/krb5/KdcComm.java
+++ b/src/share/classes/sun/security/krb5/KdcComm.java
@@ -46,6 +46,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 import java.util.HashSet;
+import java.util.Iterator;
 import sun.security.krb5.internal.KRBError;
 /**
@@ -203,7 +204,6 @@ public final class KdcComm {
        if (obuf == null)
            return null;
-        Exception savedException = null;
        Config cfg = Config.getInstance();
        if (realm == null) {
@@ -218,42 +218,51 @@ public final class KdcComm {
        if (kdcList == null) {
            throw new KrbException("Cannot get kdc for realm " + realm);
        }
-        String tempKdc = null; // may include the port number also
+        // tempKdc may include the port number also
-        byte[] ibuf = null;
+        Iterator<String> tempKdc = KdcAccessibility.list(kdcList).iterator();
-        for (String tmp: KdcAccessibility.list(kdcList)) {
+        if (!tempKdc.hasNext()) {
-            tempKdc = tmp;
+            throw new KrbException("Cannot get kdc for realm " + realm);
-            try {
+        }
-                ibuf = send(obuf,tempKdc,useTCP);
+        try {
-                KRBError ke = null;
+            return sendIfPossible(obuf, tempKdc.next(), useTCP);
+        } catch(Exception first) {
+            while(tempKdc.hasNext()) {
                try {
-                    ke = new KRBError(ibuf);
+                    return sendIfPossible(obuf, tempKdc.next(), useTCP);
-                } catch (Exception e) {
+                } catch(Exception ignore) {}
-                    // OK
-                }
-                if (ke != null && ke.getErrorCode() ==
-                        Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
-                    ibuf = send(obuf, tempKdc, true);
-                }
-                KdcAccessibility.removeBad(tempKdc);
-                break;
-            } catch (Exception e) {
-                if (DEBUG) {
-                    System.out.println(">>> KrbKdcReq send: error trying " +
-                            tempKdc);
-                    e.printStackTrace(System.out);
-                }
-                KdcAccessibility.addBad(tempKdc);
-                savedException = e;
            }
+            throw first;
        }
-        if (ibuf == null && savedException != null) {
+    }
-            if (savedException instanceof IOException) {
-                throw (IOException) savedException;
+    // send the AS Request to the specified KDC
-            } else {
+    // failover to using TCP if useTCP is not set and response is too big
-                throw (KrbException) savedException;
+    private byte[] sendIfPossible(byte[] obuf, String tempKdc, boolean useTCP)
+        throws IOException, KrbException {
+        try {
+            byte[] ibuf = send(obuf, tempKdc, useTCP);
+            KRBError ke = null;
+            try {
+                ke = new KRBError(ibuf);
+            } catch (Exception e) {
+                // OK
+            }
+            if (ke != null && ke.getErrorCode() ==
+                    Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
+                ibuf = send(obuf, tempKdc, true);
+            }
+            KdcAccessibility.removeBad(tempKdc);
+            return ibuf;
+        } catch(Exception e) {
+            if (DEBUG) {
+                System.out.println(">>> KrbKdcReq send: error trying " +
+                        tempKdc);
+                e.printStackTrace(System.out);
            }
+            KdcAccessibility.addBad(tempKdc);
+            throw e;
        }
-        return ibuf;
    }
    // send the AS Request to the specified KDC
@@ -496,7 +505,7 @@ public final class KdcComm {
        }
        // Returns a preferred KDC list by putting the bad ones at the end
-        private static synchronized String[] list(String kdcList) {
+        private static synchronized List<String> list(String kdcList) {
            StringTokenizer st = new StringTokenizer(kdcList);
            List<String> list = new ArrayList<>();
            if (badPolicy == BpType.TRY_LAST) {
@@ -515,7 +524,7 @@ public final class KdcComm {
                    list.add(st.nextToken());
                }
            }
-            return list.toArray(new String[list.size()]);
+            return list;
        }
    }
 }