aboutsummaryrefslogtreecommitdiff
path: root/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java')
-rw-r--r--src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java24
1 files changed, 22 insertions, 2 deletions
diff --git a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java
index 30461e25f7..baa836efe5 100644
--- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java
+++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -73,8 +73,12 @@ abstract class GssKrb5Base extends AbstractSaslImpl {
}
try {
- MessageProp msgProp = new MessageProp(JGSS_QOP, privacy);
+ MessageProp msgProp = new MessageProp(JGSS_QOP, false);
byte[] answer = secCtx.unwrap(incoming, start, len, msgProp);
+ if (privacy && !msgProp.getPrivacy()) {
+ throw new SaslException("Privacy not protected");
+ }
+ checkMessageProp("", msgProp);
if (logger.isLoggable(Level.FINEST)) {
traceOutput(myClassName, "KRB501:Unwrap", "incoming: ",
incoming, start, len);
@@ -128,4 +132,20 @@ abstract class GssKrb5Base extends AbstractSaslImpl {
protected void finalize() throws Throwable {
dispose();
}
+
+ void checkMessageProp(String label, MessageProp msgProp)
+ throws SaslException {
+ if (msgProp.isDuplicateToken()) {
+ throw new SaslException(label + "Duplicate token");
+ }
+ if (msgProp.isGapToken()) {
+ throw new SaslException(label + "Gap token");
+ }
+ if (msgProp.isOldToken()) {
+ throw new SaslException(label + "Old token");
+ }
+ if (msgProp.isUnseqToken()) {
+ throw new SaslException(label + "Token not in sequence");
+ }
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 07:39:23 +0000