Mercurial > hg > icedtea7-forest-aarch64 > jdk
changeset 8208:014a34d10e44
8004488: wrong permissions checked in krb5
Reviewed-by: xuelei
| author | weijun |
|---|---|
| date | Wed, 08 Oct 2014 14:10:25 +0100 |
| parents | 4c1747bcb284 |
| children | 715d90e998c9 |
| files | src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java src/share/classes/sun/security/jgss/krb5/Krb5Util.java test/sun/security/krb5/auto/KeyPermissions.java test/sun/security/krb5/auto/KeyTabCompat.java |
| diffstat | 4 files changed, 63 insertions(+), 57 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java Wed Oct 08 14:24:54 2014 +0400 +++ b/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java Wed Oct 08 14:10:25 2014 +0100 @@ -1062,10 +1062,6 @@ if (ktab != null) { if (!privCredSet.contains(ktab)) { privCredSet.add(ktab); - // Compatibility; also add keys to privCredSet - for (KerberosKey key: ktab.getKeys(kerbClientPrinc)) { - privCredSet.add(new Krb5Util.KeysFromKeyTab(key)); - } } } else { succeeded = false;
--- a/src/share/classes/sun/security/jgss/krb5/Krb5Util.java Wed Oct 08 14:24:54 2014 +0400 +++ b/src/share/classes/sun/security/jgss/krb5/Krb5Util.java Wed Oct 08 14:10:25 2014 +0100 @@ -40,10 +40,7 @@ import sun.security.krb5.KrbException; import java.io.IOException; import java.util.ArrayList; -import java.util.Iterator; import java.util.List; -import java.util.Objects; -import java.util.Set; import sun.misc.SharedSecrets; import sun.security.krb5.PrincipalName; /** @@ -189,16 +186,6 @@ return subject; } - // A special KerberosKey, used as keys read from a KeyTab object. - // Each time new keys are read from KeyTab objects in the private - // credentials set, old ones are removed and new ones added. - public static class KeysFromKeyTab extends KerberosKey { - public KeysFromKeyTab(KerberosKey key) { - super(key.getPrincipal(), key.getEncoded(), - key.getKeyType(), key.getVersionNumber()); - } - } - /** * Credentials of a service, the private secret to authenticate its * identity, which can be: @@ -237,7 +224,7 @@ // Compatibility with old behavior: even when there is no // KerberosPrincipal, we can find one from KerberosKeys List<KerberosKey> keys = SubjectComber.findMany( - subj, null, null, KerberosKey.class); + subj, serverPrincipal, null, KerberosKey.class); if (!keys.isEmpty()) { sc.kp = keys.get(0).getPrincipal(); serverPrincipal = sc.kp.getName(); @@ -264,38 +251,17 @@ } public KerberosKey[] getKKeys() { - if (ktabs.isEmpty()) { - return kk.toArray(new KerberosKey[kk.size()]); - } else { List<KerberosKey> keys = new ArrayList<>(); + for (KerberosKey k: kk) { + keys.add(k); + } for (KeyTab ktab: ktabs) { for (KerberosKey k: ktab.getKeys(kp)) { keys.add(k); } } - // Compatibility: also add keys to privCredSet. Remove old - // ones first, only remove those from keytab. - if (!subj.isReadOnly()) { - Set<Object> pcs = subj.getPrivateCredentials(); - synchronized (pcs) { - Iterator<Object> iterator = pcs.iterator(); - while (iterator.hasNext()) { - Object obj = iterator.next(); - if (obj instanceof KeysFromKeyTab) { - KerberosKey key = (KerberosKey)obj; - if (Objects.equals(key.getPrincipal(), kp)) { - iterator.remove(); - } - } - } - } - for (KerberosKey key: keys) { - subj.getPrivateCredentials().add(new KeysFromKeyTab(key)); - } - } return keys.toArray(new KerberosKey[keys.size()]); } - } public EncryptionKey[] getEKeys() { KerberosKey[] kkeys = getKKeys();
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/krb5/auto/KeyPermissions.java Wed Oct 08 14:10:25 2014 +0100 @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8004488 + * @summary wrong permissions checked in krb5 + * @compile -XDignore.symbol.file KeyPermissions.java + * @run main/othervm KeyPermissions + */ + +import java.security.AccessControlException; +import java.security.Permission; +import javax.security.auth.PrivateCredentialPermission; +import sun.security.jgss.GSSUtil; + +public class KeyPermissions extends SecurityManager { + + @Override + public void checkPermission(Permission perm) { + if (perm instanceof PrivateCredentialPermission) { + if (!perm.getName().startsWith("javax.security.auth.kerberos.")) { + throw new AccessControlException( + "I don't like this", perm); + } + } + } + + public static void main(String[] args) throws Exception { + System.setSecurityManager(new KeyPermissions()); + new OneKDC(null).writeJAASConf(); + Context s = Context.fromJAAS("server"); + s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); + } +} +
--- a/test/sun/security/krb5/auto/KeyTabCompat.java Wed Oct 08 14:24:54 2014 +0400 +++ b/test/sun/security/krb5/auto/KeyTabCompat.java Wed Oct 08 14:10:25 2014 +0100 @@ -24,6 +24,7 @@ /* * @test * @bug 6894072 + * @bug 8004488 * @compile -XDignore.symbol.file KeyTabCompat.java * @run main/othervm KeyTabCompat * @summary always refresh keytab @@ -70,21 +71,8 @@ s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.status(); - if (s.s().getPrivateCredentials(KerberosKey.class).size() != 1) { - throw new Exception("There should be one KerberosKey"); + if (s.s().getPrivateCredentials(KerberosKey.class).size() != 0) { + throw new Exception("There should be no KerberosKey"); } - - Thread.sleep(2000); // make sure ktab timestamp is different - - kdc.addPrincipal(OneKDC.SERVER, "pass2".toCharArray()); - kdc.writeKtab(OneKDC.KTAB); - - Context.handshake(c, s); - s.status(); - - if (s.s().getPrivateCredentials(KerberosKey.class).size() != 1) { - throw new Exception("There should be only one KerberosKey"); } - } -}