521 valid = false;
522 }
523
524 /*
525 * Select the best match between the list of mechs
526 * that the initiator requested and the list that
527 * the acceptor will support.
528 */
529 Oid[] supported_mechSet = getAvailableMechs();
530 Oid mech_wanted =
531 negotiate_mech_type(supported_mechSet, mechList);
532 if (mech_wanted == null) {
533 valid = false;
534 }
535 // save the desired mechanism
536 internal_mech = mech_wanted;
537
538 // get the token for mechanism
539 byte[] accept_token;
540
541 if (mechList[0].equals(mech_wanted)) {
542 // get the mechanism token
543 byte[] mechToken = initToken.getMechToken();
544 if (mechToken == null) {
545 throw new GSSException(GSSException.FAILURE, -1,
546 "mechToken is missing");
547 }
548 accept_token = GSS_acceptSecContext(mechToken);
549 } else {
550 accept_token = null;
551 }
552
553 // verify MIC
554 if (!GSSUtil.useMSInterop() && valid) {
555 valid = verifyMechListMIC(DER_mechTypes,
556 initToken.getMechListMIC());
557 }
558
559 // determine negotiated result status
560 if (valid) {
561 if (isMechContextEstablished()) {
562 negoResult = SpNegoToken.NegoResult.ACCEPT_COMPLETE;
563 state = STATE_DONE;
564 // now set the context flags for acceptor
565 setContextFlags();
566 // print the negotiated mech info
567 if (DEBUG) {
568 System.out.println("SPNEGO Negotiated Mechanism = "
|
521 valid = false;
522 }
523
524 /*
525 * Select the best match between the list of mechs
526 * that the initiator requested and the list that
527 * the acceptor will support.
528 */
529 Oid[] supported_mechSet = getAvailableMechs();
530 Oid mech_wanted =
531 negotiate_mech_type(supported_mechSet, mechList);
532 if (mech_wanted == null) {
533 valid = false;
534 }
535 // save the desired mechanism
536 internal_mech = mech_wanted;
537
538 // get the token for mechanism
539 byte[] accept_token;
540
541 if (mechList[0].equals(mech_wanted) ||
542 (GSSUtil.isKerberosMech(mechList[0]) &&
543 GSSUtil.isKerberosMech(mech_wanted))) {
544 // get the mechanism token
545 if (DEBUG && !mech_wanted.equals(mechList[0])) {
546 System.out.println("SpNegoContext.acceptSecContext: " +
547 "negotiated mech adjusted to " + mechList[0]);
548 }
549 byte[] mechToken = initToken.getMechToken();
550 if (mechToken == null) {
551 throw new GSSException(GSSException.FAILURE, -1,
552 "mechToken is missing");
553 }
554 accept_token = GSS_acceptSecContext(mechToken);
555 mech_wanted = mechList[0];
556 } else {
557 accept_token = null;
558 }
559
560 // verify MIC
561 if (!GSSUtil.useMSInterop() && valid) {
562 valid = verifyMechListMIC(DER_mechTypes,
563 initToken.getMechListMIC());
564 }
565
566 // determine negotiated result status
567 if (valid) {
568 if (isMechContextEstablished()) {
569 negoResult = SpNegoToken.NegoResult.ACCEPT_COMPLETE;
570 state = STATE_DONE;
571 // now set the context flags for acceptor
572 setContextFlags();
573 // print the negotiated mech info
574 if (DEBUG) {
575 System.out.println("SPNEGO Negotiated Mechanism = "
|