aboutsummaryrefslogtreecommitdiff
path: root/src/share/classes/sun/security/krb5
diff options
context:
space:
mode:
authorandrew <unknown>2020-01-15 02:09:49 +0000
committerbell-sw <liberica@bell-sw.com>2020-01-19 09:13:28 +0300
commit00e6887ff48fa51ca98407cc2363f77709771b7e (patch)
tree3ec35a6623e709724169b2bb6beaaa493e088c06 /src/share/classes/sun/security/krb5
parenta230b1b434a41f9af9fc014e34fdf986b0316fca (diff)
downloadjdk8u_jdk-00e6887ff48fa51ca98407cc2363f77709771b7e.tar.gz
8031111: fix krb5 caddr
Reviewed-by: mbalao, sgehwolf
Diffstat (limited to 'src/share/classes/sun/security/krb5')
-rw-r--r--src/share/classes/sun/security/krb5/Config.java7
-rw-r--r--src/share/classes/sun/security/krb5/KrbCred.java23
-rw-r--r--src/share/classes/sun/security/krb5/internal/HostAddresses.java53
3 files changed, 52 insertions, 31 deletions
diff --git a/src/share/classes/sun/security/krb5/Config.java b/src/share/classes/sun/security/krb5/Config.java
index eb2f335c55..fe6565cbab 100644
--- a/src/share/classes/sun/security/krb5/Config.java
+++ b/src/share/classes/sun/security/krb5/Config.java
@@ -291,7 +291,11 @@ public class Config {
}
/**
- * Gets all values for the specified keys.
+ * Gets all values (at least one) for the specified keys separated by
+ * a whitespace, or null if there is no such keys.
+ * The values can either be provided on a single line, or on multiple lines
+ * using the same key. When provided on a single line, the value can be
+ * comma or space separated.
* @throws IllegalArgumentException if any of the keys is illegal
* (See {@link #get})
*/
@@ -301,6 +305,7 @@ public class Config {
StringBuilder sb = new StringBuilder();
boolean first = true;
for (String s: v) {
+ s = s.replaceAll("[\\s,]+", " ");
if (first) {
sb.append(s);
first = false;
diff --git a/src/share/classes/sun/security/krb5/KrbCred.java b/src/share/classes/sun/security/krb5/KrbCred.java
index 8dfe36c49b..7f02df8ef0 100644
--- a/src/share/classes/sun/security/krb5/KrbCred.java
+++ b/src/share/classes/sun/security/krb5/KrbCred.java
@@ -34,6 +34,9 @@ package sun.security.krb5;
import sun.security.krb5.internal.*;
import sun.security.krb5.internal.crypto.KeyUsage;
import java.io.IOException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+
import sun.security.util.DerValue;
/**
@@ -76,10 +79,24 @@ public class KrbCred {
options.set(KDCOptions.FORWARDABLE, true);
HostAddresses sAddrs = null;
- // XXX Also NT_GSS_KRB5_PRINCIPAL can be a host based principal
+
// GSSName.NT_HOSTBASED_SERVICE should display with KRB_NT_SRV_HST
- if (server.getNameType() == PrincipalName.KRB_NT_SRV_HST)
- sAddrs= new HostAddresses(server);
+ if (server.getNameType() == PrincipalName.KRB_NT_SRV_HST) {
+ sAddrs = new HostAddresses(server);
+ } else if (server.getNameType() == PrincipalName.KRB_NT_UNKNOWN) {
+ // Sometimes this is also a server
+ if (server.getNameStrings().length >= 2) {
+ String host = server.getNameStrings()[1];
+ try {
+ InetAddress[] addr = InetAddress.getAllByName(host);
+ if (addr != null && addr.length > 0) {
+ sAddrs = new HostAddresses(addr);
+ }
+ } catch (UnknownHostException ioe) {
+ // maybe we guessed wrong, let sAddrs be null
+ }
+ }
+ }
KrbTgsReq tgsReq = new KrbTgsReq(options, tgt, tgService,
null, null, null, null, null,
diff --git a/src/share/classes/sun/security/krb5/internal/HostAddresses.java b/src/share/classes/sun/security/krb5/internal/HostAddresses.java
index 7f18b98f9c..04eeb5de99 100644
--- a/src/share/classes/sun/security/krb5/internal/HostAddresses.java
+++ b/src/share/classes/sun/security/krb5/internal/HostAddresses.java
@@ -31,16 +31,14 @@
package sun.security.krb5.internal;
+import sun.security.krb5.Config;
import sun.security.krb5.PrincipalName;
import sun.security.krb5.KrbException;
import sun.security.krb5.Asn1Exception;
import sun.security.util.*;
-import java.util.Vector;
-import java.util.ArrayList;
-import java.net.InetAddress;
-import java.net.Inet4Address;
-import java.net.Inet6Address;
-import java.net.UnknownHostException;
+
+import java.net.*;
+import java.util.*;
import java.io.IOException;
import sun.security.krb5.internal.ccache.CCacheOutputStream;
@@ -293,34 +291,35 @@ public class HostAddresses implements Cloneable {
*/
public static HostAddresses getLocalAddresses() throws IOException
{
- String hostname = null;
- InetAddress[] inetAddresses = null;
+ Set<InetAddress> all = new LinkedHashSet<>();
try {
- InetAddress localHost = InetAddress.getLocalHost();
- hostname = localHost.getHostName();
- inetAddresses = InetAddress.getAllByName(hostname);
- HostAddress[] hAddresses = new HostAddress[inetAddresses.length];
- for (int i = 0; i < inetAddresses.length; i++)
- {
- hAddresses[i] = new HostAddress(inetAddresses[i]);
- }
if (DEBUG) {
- System.out.println(">>> KrbKdcReq local addresses for "
- + hostname + " are: ");
-
- for (int i = 0; i < inetAddresses.length; i++) {
- System.out.println("\n\t" + inetAddresses[i]);
- if (inetAddresses[i] instanceof Inet4Address)
- System.out.println("IPv4 address");
- if (inetAddresses[i] instanceof Inet6Address)
- System.out.println("IPv6 address");
+ System.out.println(">>> KrbKdcReq local addresses are:");
+ }
+ String extra = Config.getInstance().getAll(
+ "libdefaults", "extra_addresses");
+ if (extra != null) {
+ for (String s: extra.split("\\s+")) {
+ all.add(InetAddress.getByName(s));
+ if (DEBUG) {
+ System.out.println(" extra_addresses: "
+ + InetAddress.getByName(s));
+ }
}
}
- return (new HostAddresses(hAddresses));
+ for (NetworkInterface ni:
+ Collections.list(NetworkInterface.getNetworkInterfaces())) {
+ if (DEBUG) {
+ System.out.println(" NetworkInterface " + ni + ":");
+ System.out.println(" "
+ + Collections.list(ni.getInetAddresses()));
+ }
+ all.addAll(Collections.list(ni.getInetAddresses()));
+ }
+ return new HostAddresses(all.toArray(new InetAddress[all.size()]));
} catch (Exception exc) {
throw new IOException(exc.toString());
}
-
}
/**
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 17:51:05 +0000