src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
Print this page
rev 10175 : 8048073: Cannot read ccache entry with a realm-less service name
@@ -332,19 +332,32 @@
* entry is used by KDC to inform the client that it support certain
* features. Its ticket is not a valid krb5 ticket and thus this method
* returns null.
*/
Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
- PrincipalName cpname = readPrincipal(version);
- if (DEBUG)
+ PrincipalName cpname = null;
+ try {
+ cpname = readPrincipal(version);
+ } catch (Exception e) {
+ // cpname is null
+ }
+ if (DEBUG) {
System.out.println(">>>DEBUG <CCacheInputStream> client principal is " + cpname);
- PrincipalName spname = readPrincipal(version);
- if (DEBUG)
+ }
+ PrincipalName spname = null;
+ try {
+ spname = readPrincipal(version);
+ } catch (Exception e) {
+ // spname is null
+ }
+ if (DEBUG) {
System.out.println(">>>DEBUG <CCacheInputStream> server principal is " + spname);
+ }
EncryptionKey key = readKey(version);
- if (DEBUG)
+ if (DEBUG) {
System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());
+ }
long times[] = readTimes();
KerberosTime authtime = new KerberosTime(times[0]);
KerberosTime starttime =
(times[1]==0) ? null : new KerberosTime(times[1]);
KerberosTime endtime = new KerberosTime(times[2]);
@@ -373,10 +386,14 @@
auData = new AuthorizationData(auDataEntry);
}
byte[] ticketData = readData();
byte[] ticketData2 = readData();
+ if (cpname == null || spname == null) {
+ return null;
+ }
+
try {
return new Credentials(cpname, spname, key, authtime, starttime,
endtime, renewTill, skey, tFlags,
addrs, auData,
ticketData != null ? new Ticket(ticketData) : null,