Mercurial > jdk8-mips64-public > jdk / changeset
changeset
8246193: Possible NPE in ENC-PA-REP search in AS-REQ
Sun, 31 May 2020 10:13:04 +0800
- author
- mbalao
- date
- Sun, 31 May 2020 10:13:04 +0800
- changeset 14203
- d8bd882cfd2a
- parent 14202
- e78cf577654b
- child 14204
- ebfae7ddcfc1
8246193: Possible NPE in ENC-PA-REP search in AS-REQ
Reviewed-by: zgu, andrew
1.1 --- a/src/share/classes/sun/security/krb5/KrbKdcRep.java Mon Aug 31 07:09:57 2020 +0100 1.2 +++ b/src/share/classes/sun/security/krb5/KrbKdcRep.java Sun May 31 10:13:04 2020 +0800 1.3 @@ -134,12 +134,14 @@ 1.4 boolean reqPaReqEncPaRep = false; 1.5 boolean repPaReqEncPaRepValid = false; 1.6 1.7 - for (PAData pa : req.pAData) { 1.8 - if (pa.getType() == Krb5.PA_REQ_ENC_PA_REP) { 1.9 - // The KDC supports RFC 6806 and ENC-PA-REP was sent in 1.10 - // the request (AS-REQ). A valid checksum is now required. 1.11 - reqPaReqEncPaRep = true; 1.12 - break; 1.13 + if (req.pAData != null) { 1.14 + for (PAData pa : req.pAData) { 1.15 + if (pa.getType() == Krb5.PA_REQ_ENC_PA_REP) { 1.16 + // The KDC supports RFC 6806 and ENC-PA-REP was sent in 1.17 + // the request (AS-REQ). A valid checksum is now required. 1.18 + reqPaReqEncPaRep = true; 1.19 + break; 1.20 + } 1.21 } 1.22 } 1.23
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/test/sun/security/krb5/auto/AlwaysEncPaReq.java Sun May 31 10:13:04 2020 +0800 2.3 @@ -0,0 +1,40 @@ 2.4 +/* 2.5 + * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. 2.6 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 2.7 + * 2.8 + * This code is free software; you can redistribute it and/or modify it 2.9 + * under the terms of the GNU General Public License version 2 only, as 2.10 + * published by the Free Software Foundation. 2.11 + * 2.12 + * This code is distributed in the hope that it will be useful, but WITHOUT 2.13 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 2.14 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 2.15 + * version 2 for more details (a copy is included in the LICENSE file that 2.16 + * accompanied this code). 2.17 + * 2.18 + * You should have received a copy of the GNU General Public License version 2.19 + * 2 along with this work; if not, write to the Free Software Foundation, 2.20 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2.21 + * 2.22 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2.23 + * or visit www.oracle.com if you need additional information or have any 2.24 + * questions. 2.25 + */ 2.26 + 2.27 +/* 2.28 + * @test 2.29 + * @bug 8246193 2.30 + * @summary Possible NPE in ENC-PA-REP search in AS-REQ 2.31 + * @library /lib/testlibrary 2.32 + * @compile -XDignore.symbol.file AlwaysEncPaReq.java 2.33 + * @run main/othervm -Dtest.kdc.always.enc.pa.rep 2.34 + * -Dsun.net.spi.nameservice.provider.1=ns,mock AlwaysEncPaReq 2.35 + */ 2.36 + 2.37 +public class AlwaysEncPaReq { 2.38 + public static void main(String[] args) throws Exception { 2.39 + new OneKDC(null).writeJAASConf() 2.40 + .setOption(KDC.Option.PREAUTH_REQUIRED, false); 2.41 + Context.fromJAAS("client"); 2.42 + } 2.43 +}
3.1 --- a/test/sun/security/krb5/auto/KDC.java Mon Aug 31 07:09:57 2020 +0100 3.2 +++ b/test/sun/security/krb5/auto/KDC.java Sun May 31 10:13:04 2020 +0800 3.3 @@ -1,5 +1,5 @@ 3.4 /* 3.5 - * Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved. 3.6 + * Copyright (c) 2008, 2020, Oracle and/or its affiliates. All rights reserved. 3.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 3.8 * 3.9 * This code is free software; you can redistribute it and/or modify it 3.10 @@ -1178,6 +1178,9 @@ 3.11 bFlags[Krb5.TKT_OPTS_MAY_POSTDATE] = true; 3.12 } 3.13 bFlags[Krb5.TKT_OPTS_INITIAL] = true; 3.14 + if (System.getProperty("test.kdc.always.enc.pa.rep") != null) { 3.15 + bFlags[Krb5.TKT_OPTS_ENC_PA_REP] = true; 3.16 + } 3.17 3.18 // Creating PA-DATA 3.19 DerValue[] pas2 = null, pas = null;
