src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java

Print this page
rev 10175 : 8048073: Cannot read ccache entry with a realm-less service name


 317             }
 318             if (flags[11] == true) {
 319                 msg += " HW_AUTH;";
 320             }
 321             System.out.println(msg);
 322         }
 323         return flags;
 324     }
 325 
 326     /**
 327      * Reads the next cred in stream.
 328      * @return the next cred, null if ticket or second_ticket unparseable.
 329      *
 330      * Note: MIT krb5 1.8.1 might generate a config entry with server principal
 331      * X-CACHECONF:/krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM. The
 332      * entry is used by KDC to inform the client that it support certain
 333      * features. Its ticket is not a valid krb5 ticket and thus this method
 334      * returns null.
 335      */
 336     Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
 337         PrincipalName cpname = readPrincipal(version);
 338         if (DEBUG)





 339             System.out.println(">>>DEBUG <CCacheInputStream>  client principal is " + cpname);
 340         PrincipalName spname = readPrincipal(version);
 341         if (DEBUG)






 342             System.out.println(">>>DEBUG <CCacheInputStream> server principal is " + spname);

 343         EncryptionKey key = readKey(version);
 344         if (DEBUG)
 345             System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());

 346         long times[] = readTimes();
 347         KerberosTime authtime = new KerberosTime(times[0]);
 348         KerberosTime starttime =
 349                 (times[1]==0) ? null : new KerberosTime(times[1]);
 350         KerberosTime endtime = new KerberosTime(times[2]);
 351         KerberosTime renewTill =
 352                 (times[3]==0) ? null : new KerberosTime(times[3]);
 353 
 354         if (DEBUG) {
 355             System.out.println(">>>DEBUG <CCacheInputStream> auth time: " + authtime.toDate().toString());
 356             System.out.println(">>>DEBUG <CCacheInputStream> start time: " +
 357                     ((starttime==null)?"null":starttime.toDate().toString()));
 358             System.out.println(">>>DEBUG <CCacheInputStream> end time: " + endtime.toDate().toString());
 359             System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " +
 360                     ((renewTill==null)?"null":renewTill.toDate().toString()));
 361         }
 362         boolean skey = readskey();
 363         boolean flags[] = readFlags();
 364         TicketFlags tFlags = new TicketFlags(flags);
 365         HostAddress addr[] = readAddr();
 366         HostAddresses addrs = null;
 367         if (addr != null) {
 368             addrs = new HostAddresses(addr);
 369         }
 370         AuthorizationDataEntry[] auDataEntry = readAuth();
 371         AuthorizationData auData = null;
 372         if (auDataEntry != null) {
 373             auData = new AuthorizationData(auDataEntry);
 374         }
 375         byte[] ticketData = readData();
 376         byte[] ticketData2 = readData();
 377 




 378         try {
 379             return new Credentials(cpname, spname, key, authtime, starttime,
 380                 endtime, renewTill, skey, tFlags,
 381                 addrs, auData,
 382                 ticketData != null ? new Ticket(ticketData) : null,
 383                 ticketData2 != null ? new Ticket(ticketData2) : null);
 384         } catch (Exception e) {     // If any of new Ticket(*) fails.
 385             return null;
 386         }
 387     }
 388 }


 317             }
 318             if (flags[11] == true) {
 319                 msg += " HW_AUTH;";
 320             }
 321             System.out.println(msg);
 322         }
 323         return flags;
 324     }
 325 
 326     /**
 327      * Reads the next cred in stream.
 328      * @return the next cred, null if ticket or second_ticket unparseable.
 329      *
 330      * Note: MIT krb5 1.8.1 might generate a config entry with server principal
 331      * X-CACHECONF:/krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM. The
 332      * entry is used by KDC to inform the client that it support certain
 333      * features. Its ticket is not a valid krb5 ticket and thus this method
 334      * returns null.
 335      */
 336     Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
 337         PrincipalName cpname = null;
 338         try {
 339             cpname = readPrincipal(version);
 340         } catch (Exception e) {
 341             // cpname is null
 342         }
 343         if (DEBUG) {
 344             System.out.println(">>>DEBUG <CCacheInputStream>  client principal is " + cpname);
 345         }
 346         PrincipalName spname = null;
 347         try {
 348             spname = readPrincipal(version);
 349         } catch (Exception e) {
 350             // spname is null
 351         }
 352         if (DEBUG) {
 353             System.out.println(">>>DEBUG <CCacheInputStream> server principal is " + spname);
 354         }
 355         EncryptionKey key = readKey(version);
 356         if (DEBUG) {
 357             System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());
 358         }
 359         long times[] = readTimes();
 360         KerberosTime authtime = new KerberosTime(times[0]);
 361         KerberosTime starttime =
 362                 (times[1]==0) ? null : new KerberosTime(times[1]);
 363         KerberosTime endtime = new KerberosTime(times[2]);
 364         KerberosTime renewTill =
 365                 (times[3]==0) ? null : new KerberosTime(times[3]);
 366 
 367         if (DEBUG) {
 368             System.out.println(">>>DEBUG <CCacheInputStream> auth time: " + authtime.toDate().toString());
 369             System.out.println(">>>DEBUG <CCacheInputStream> start time: " +
 370                     ((starttime==null)?"null":starttime.toDate().toString()));
 371             System.out.println(">>>DEBUG <CCacheInputStream> end time: " + endtime.toDate().toString());
 372             System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " +
 373                     ((renewTill==null)?"null":renewTill.toDate().toString()));
 374         }
 375         boolean skey = readskey();
 376         boolean flags[] = readFlags();
 377         TicketFlags tFlags = new TicketFlags(flags);
 378         HostAddress addr[] = readAddr();
 379         HostAddresses addrs = null;
 380         if (addr != null) {
 381             addrs = new HostAddresses(addr);
 382         }
 383         AuthorizationDataEntry[] auDataEntry = readAuth();
 384         AuthorizationData auData = null;
 385         if (auDataEntry != null) {
 386             auData = new AuthorizationData(auDataEntry);
 387         }
 388         byte[] ticketData = readData();
 389         byte[] ticketData2 = readData();
 390 
 391         if (cpname == null || spname == null) {
 392             return null;
 393         }
 394 
 395         try {
 396             return new Credentials(cpname, spname, key, authtime, starttime,
 397                 endtime, renewTill, skey, tFlags,
 398                 addrs, auData,
 399                 ticketData != null ? new Ticket(ticketData) : null,
 400                 ticketData2 != null ? new Ticket(ticketData2) : null);
 401         } catch (Exception e) {     // If any of new Ticket(*) fails.
 402             return null;
 403         }
 404     }
 405 }