< prev index next >
src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
Print this page
@@ -32,10 +32,12 @@
/* Constants for indicating what type of info is needed for inquiries */
const int TYPE_CRED_NAME = 10;
const int TYPE_CRED_TIME = 11;
const int TYPE_CRED_USAGE = 12;
+static jclass tlsCBCl = NULL;
+
/*
* Class: sun_security_jgss_wrapper_GSSLibStub
* Method: init
* Signature: (Ljava/lang/String;Z)Z
*/
@@ -67,10 +69,21 @@
/* initialize global function table */
failed = loadNative(libName);
(*env)->ReleaseStringUTFChars(env, jlibName, libName);
+ if (tlsCBCl == NULL) {
+
+ /* initialize TLS Channel Binding class wrapper */
+ jclass cl = (*env)->FindClass(env,
+ "sun/security/jgss/krb5/internal/TlsChannelBindingImpl");
+ if (cl == NULL) { /* exception thrown */
+ return JNI_FALSE;
+ }
+ tlsCBCl = (*env)->NewGlobalRef(env, cl);
+ }
+
if (!failed) {
return JNI_TRUE;
} else {
if (JGSS_DEBUG) {
#ifdef WIN32
@@ -152,15 +165,17 @@
void deleteGSSCB(gss_channel_bindings_t cb) {
if (cb == GSS_C_NO_CHANNEL_BINDINGS) return;
/* release initiator address */
- if (cb->initiator_addrtype != GSS_C_AF_NULLADDR) {
+ if (cb->initiator_addrtype != GSS_C_AF_NULLADDR &&
+ cb->initiator_addrtype != GSS_C_AF_UNSPEC) {
resetGSSBuffer(&(cb->initiator_address));
}
/* release acceptor address */
- if (cb->acceptor_addrtype != GSS_C_AF_NULLADDR) {
+ if (cb->acceptor_addrtype != GSS_C_AF_NULLADDR &&
+ cb->acceptor_addrtype != GSS_C_AF_UNSPEC) {
resetGSSBuffer(&(cb->acceptor_address));
}
/* release application data */
if (cb->application_data.length != 0) {
resetGSSBuffer(&(cb->application_data));
@@ -187,13 +202,23 @@
throwOutOfMemoryError(env,NULL);
return NULL;
}
// initialize addrtype in CB first
+ // LDAP TLS Channel Binding requires GSS_C_AF_UNSPEC address type
+ // for unspecified initiator and acceptor addresses.
+ // GSS_C_AF_NULLADDR value should be used for unspecified address
+ // in all other cases.
+
+ if ((*env)->IsInstanceOf(env, jcb, tlsCBCl)) {
+ // TLS Channel Binding requires unspecified addrtype=0
+ cb->initiator_addrtype = GSS_C_AF_UNSPEC;
+ cb->acceptor_addrtype = GSS_C_AF_UNSPEC;
+ } else {
cb->initiator_addrtype = GSS_C_AF_NULLADDR;
cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
-
+ }
// addresses needs to be initialized to empty
memset(&cb->initiator_address, 0, sizeof(cb->initiator_address));
memset(&cb->acceptor_address, 0, sizeof(cb->acceptor_address));
/* set up initiator address */
< prev index next >