372 JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds(
373 JNIEnv *env,
374 jclass krbcredsClass,
375 jintArray jetypes) {
376
377 KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
378 PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
379 PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
380 PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
381 NTSTATUS Status, SubStatus;
382 ULONG requestSize = 0;
383 ULONG responseSize = 0;
384 ULONG rspSize = 0;
385 HANDLE LogonHandle = NULL;
386 ULONG PackageId;
387 jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
388 jobject ticketFlags, startTime, endTime, krbCreds = NULL;
389 jobject authTime, renewTillTime, hostAddresses = NULL;
390 KERB_EXTERNAL_TICKET *msticket;
391 int found = 0;
392 FILETIME Now, EndTime, LocalEndTime;
393
394 int i, netypes;
395 jint *etypes = NULL;
396
397 while (TRUE) {
398
399 if (krbcredsConstructor == 0) {
400 krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
401 "(Lsun/security/krb5/internal/Ticket;"
402 "Lsun/security/krb5/PrincipalName;"
403 "Lsun/security/krb5/PrincipalName;"
404 "Lsun/security/krb5/EncryptionKey;"
405 "Lsun/security/krb5/internal/TicketFlags;"
406 "Lsun/security/krb5/internal/KerberosTime;"
407 "Lsun/security/krb5/internal/KerberosTime;"
408 "Lsun/security/krb5/internal/KerberosTime;"
409 "Lsun/security/krb5/internal/KerberosTime;"
410 "Lsun/security/krb5/internal/HostAddresses;)V");
411 if (krbcredsConstructor == 0) {
412 printf("LSA: Couldn't find sun.security.krb5.Credentials constructor\n");
459
460 // got the native MS TGT
461 msticket = &(TktCacheResponse->Ticket);
462
463 netypes = (*env)->GetArrayLength(env, jetypes);
464 etypes = (jint *) (*env)->GetIntArrayElements(env, jetypes, NULL);
465
466 if (etypes == NULL) {
467 break;
468 }
469
470 // check TGT validity
471 if (native_debug) {
472 printf("LSA: TICKET SessionKey KeyType is %d\n", msticket->SessionKey.KeyType);
473 }
474
475 if ((msticket->TicketFlags & KERB_TICKET_FLAGS_invalid) == 0) {
476 GetSystemTimeAsFileTime(&Now);
477 EndTime.dwLowDateTime = msticket->EndTime.LowPart;
478 EndTime.dwHighDateTime = msticket->EndTime.HighPart;
479 FileTimeToLocalFileTime(&EndTime, &LocalEndTime);
480 if (CompareFileTime(&Now, &LocalEndTime) < 0) {
481 for (i=0; i<netypes; i++) {
482 if (etypes[i] == msticket->SessionKey.KeyType) {
483 found = 1;
484 if (native_debug) {
485 printf("LSA: Valid etype found: %d\n", etypes[i]);
486 }
487 break;
488 }
489 }
490 }
491 }
492
493 if (!found) {
494 if (native_debug) {
495 printf("LSA: MS TGT in cache is invalid/not supported; request new ticket\n");
496 }
497
498 // use domain to request Ticket
499 Status = ConstructTicketRequest(msticket->TargetDomainName,
500 &pTicketRequest, &requestSize);
|
372 JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds(
373 JNIEnv *env,
374 jclass krbcredsClass,
375 jintArray jetypes) {
376
377 KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
378 PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
379 PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
380 PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
381 NTSTATUS Status, SubStatus;
382 ULONG requestSize = 0;
383 ULONG responseSize = 0;
384 ULONG rspSize = 0;
385 HANDLE LogonHandle = NULL;
386 ULONG PackageId;
387 jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
388 jobject ticketFlags, startTime, endTime, krbCreds = NULL;
389 jobject authTime, renewTillTime, hostAddresses = NULL;
390 KERB_EXTERNAL_TICKET *msticket;
391 int found = 0;
392 FILETIME Now, EndTime;
393
394 int i, netypes;
395 jint *etypes = NULL;
396
397 while (TRUE) {
398
399 if (krbcredsConstructor == 0) {
400 krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
401 "(Lsun/security/krb5/internal/Ticket;"
402 "Lsun/security/krb5/PrincipalName;"
403 "Lsun/security/krb5/PrincipalName;"
404 "Lsun/security/krb5/EncryptionKey;"
405 "Lsun/security/krb5/internal/TicketFlags;"
406 "Lsun/security/krb5/internal/KerberosTime;"
407 "Lsun/security/krb5/internal/KerberosTime;"
408 "Lsun/security/krb5/internal/KerberosTime;"
409 "Lsun/security/krb5/internal/KerberosTime;"
410 "Lsun/security/krb5/internal/HostAddresses;)V");
411 if (krbcredsConstructor == 0) {
412 printf("LSA: Couldn't find sun.security.krb5.Credentials constructor\n");
459
460 // got the native MS TGT
461 msticket = &(TktCacheResponse->Ticket);
462
463 netypes = (*env)->GetArrayLength(env, jetypes);
464 etypes = (jint *) (*env)->GetIntArrayElements(env, jetypes, NULL);
465
466 if (etypes == NULL) {
467 break;
468 }
469
470 // check TGT validity
471 if (native_debug) {
472 printf("LSA: TICKET SessionKey KeyType is %d\n", msticket->SessionKey.KeyType);
473 }
474
475 if ((msticket->TicketFlags & KERB_TICKET_FLAGS_invalid) == 0) {
476 GetSystemTimeAsFileTime(&Now);
477 EndTime.dwLowDateTime = msticket->EndTime.LowPart;
478 EndTime.dwHighDateTime = msticket->EndTime.HighPart;
479 if (CompareFileTime(&Now, &EndTime) < 0) {
480 for (i=0; i<netypes; i++) {
481 if (etypes[i] == msticket->SessionKey.KeyType) {
482 found = 1;
483 if (native_debug) {
484 printf("LSA: Valid etype found: %d\n", etypes[i]);
485 }
486 break;
487 }
488 }
489 }
490 }
491
492 if (!found) {
493 if (native_debug) {
494 printf("LSA: MS TGT in cache is invalid/not supported; request new ticket\n");
495 }
496
497 // use domain to request Ticket
498 Status = ConstructTicketRequest(msticket->TargetDomainName,
499 &pTicketRequest, &requestSize);
|