diff options
author | andrew <unknown> | 2020-01-15 02:09:49 +0000 |
---|---|---|
committer | bell-sw <liberica@bell-sw.com> | 2020-01-19 09:13:28 +0300 |
commit | 00e6887ff48fa51ca98407cc2363f77709771b7e (patch) | |
tree | 3ec35a6623e709724169b2bb6beaaa493e088c06 /src/share/classes/sun/security/krb5 | |
parent | a230b1b434a41f9af9fc014e34fdf986b0316fca (diff) | |
download | jdk8u_jdk-00e6887ff48fa51ca98407cc2363f77709771b7e.tar.gz |
8031111: fix krb5 caddr
Reviewed-by: mbalao, sgehwolf
Diffstat (limited to 'src/share/classes/sun/security/krb5')
-rw-r--r-- | src/share/classes/sun/security/krb5/Config.java | 7 | ||||
-rw-r--r-- | src/share/classes/sun/security/krb5/KrbCred.java | 23 | ||||
-rw-r--r-- | src/share/classes/sun/security/krb5/internal/HostAddresses.java | 53 |
3 files changed, 52 insertions, 31 deletions
diff --git a/src/share/classes/sun/security/krb5/Config.java b/src/share/classes/sun/security/krb5/Config.java index eb2f335c55..fe6565cbab 100644 --- a/src/share/classes/sun/security/krb5/Config.java +++ b/src/share/classes/sun/security/krb5/Config.java @@ -291,7 +291,11 @@ public class Config { } /** - * Gets all values for the specified keys. + * Gets all values (at least one) for the specified keys separated by + * a whitespace, or null if there is no such keys. + * The values can either be provided on a single line, or on multiple lines + * using the same key. When provided on a single line, the value can be + * comma or space separated. * @throws IllegalArgumentException if any of the keys is illegal * (See {@link #get}) */ @@ -301,6 +305,7 @@ public class Config { StringBuilder sb = new StringBuilder(); boolean first = true; for (String s: v) { + s = s.replaceAll("[\\s,]+", " "); if (first) { sb.append(s); first = false; diff --git a/src/share/classes/sun/security/krb5/KrbCred.java b/src/share/classes/sun/security/krb5/KrbCred.java index 8dfe36c49b..7f02df8ef0 100644 --- a/src/share/classes/sun/security/krb5/KrbCred.java +++ b/src/share/classes/sun/security/krb5/KrbCred.java @@ -34,6 +34,9 @@ package sun.security.krb5; import sun.security.krb5.internal.*; import sun.security.krb5.internal.crypto.KeyUsage; import java.io.IOException; +import java.net.InetAddress; +import java.net.UnknownHostException; + import sun.security.util.DerValue; /** @@ -76,10 +79,24 @@ public class KrbCred { options.set(KDCOptions.FORWARDABLE, true); HostAddresses sAddrs = null; - // XXX Also NT_GSS_KRB5_PRINCIPAL can be a host based principal + // GSSName.NT_HOSTBASED_SERVICE should display with KRB_NT_SRV_HST - if (server.getNameType() == PrincipalName.KRB_NT_SRV_HST) - sAddrs= new HostAddresses(server); + if (server.getNameType() == PrincipalName.KRB_NT_SRV_HST) { + sAddrs = new HostAddresses(server); + } else if (server.getNameType() == PrincipalName.KRB_NT_UNKNOWN) { + // Sometimes this is also a server + if (server.getNameStrings().length >= 2) { + String host = server.getNameStrings()[1]; + try { + InetAddress[] addr = InetAddress.getAllByName(host); + if (addr != null && addr.length > 0) { + sAddrs = new HostAddresses(addr); + } + } catch (UnknownHostException ioe) { + // maybe we guessed wrong, let sAddrs be null + } + } + } KrbTgsReq tgsReq = new KrbTgsReq(options, tgt, tgService, null, null, null, null, null, diff --git a/src/share/classes/sun/security/krb5/internal/HostAddresses.java b/src/share/classes/sun/security/krb5/internal/HostAddresses.java index 7f18b98f9c..04eeb5de99 100644 --- a/src/share/classes/sun/security/krb5/internal/HostAddresses.java +++ b/src/share/classes/sun/security/krb5/internal/HostAddresses.java @@ -31,16 +31,14 @@ package sun.security.krb5.internal; +import sun.security.krb5.Config; import sun.security.krb5.PrincipalName; import sun.security.krb5.KrbException; import sun.security.krb5.Asn1Exception; import sun.security.util.*; -import java.util.Vector; -import java.util.ArrayList; -import java.net.InetAddress; -import java.net.Inet4Address; -import java.net.Inet6Address; -import java.net.UnknownHostException; + +import java.net.*; +import java.util.*; import java.io.IOException; import sun.security.krb5.internal.ccache.CCacheOutputStream; @@ -293,34 +291,35 @@ public class HostAddresses implements Cloneable { */ public static HostAddresses getLocalAddresses() throws IOException { - String hostname = null; - InetAddress[] inetAddresses = null; + Set<InetAddress> all = new LinkedHashSet<>(); try { - InetAddress localHost = InetAddress.getLocalHost(); - hostname = localHost.getHostName(); - inetAddresses = InetAddress.getAllByName(hostname); - HostAddress[] hAddresses = new HostAddress[inetAddresses.length]; - for (int i = 0; i < inetAddresses.length; i++) - { - hAddresses[i] = new HostAddress(inetAddresses[i]); - } if (DEBUG) { - System.out.println(">>> KrbKdcReq local addresses for " - + hostname + " are: "); - - for (int i = 0; i < inetAddresses.length; i++) { - System.out.println("\n\t" + inetAddresses[i]); - if (inetAddresses[i] instanceof Inet4Address) - System.out.println("IPv4 address"); - if (inetAddresses[i] instanceof Inet6Address) - System.out.println("IPv6 address"); + System.out.println(">>> KrbKdcReq local addresses are:"); + } + String extra = Config.getInstance().getAll( + "libdefaults", "extra_addresses"); + if (extra != null) { + for (String s: extra.split("\\s+")) { + all.add(InetAddress.getByName(s)); + if (DEBUG) { + System.out.println(" extra_addresses: " + + InetAddress.getByName(s)); + } } } - return (new HostAddresses(hAddresses)); + for (NetworkInterface ni: + Collections.list(NetworkInterface.getNetworkInterfaces())) { + if (DEBUG) { + System.out.println(" NetworkInterface " + ni + ":"); + System.out.println(" " + + Collections.list(ni.getInetAddresses())); + } + all.addAll(Collections.list(ni.getInetAddresses())); + } + return new HostAddresses(all.toArray(new InetAddress[all.size()])); } catch (Exception exc) { throw new IOException(exc.toString()); } - } /** |