< prev index next >

src/java.security.jgss/share/classes/sun/security/jgss/krb5/InitialToken.java

Print this page

        

*** 34,43 **** --- 34,44 ---- import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import sun.security.krb5.*; import sun.security.krb5.internal.Krb5; + import sun.security.jgss.krb5.internal.TlsChannelBindingImpl; abstract class InitialToken extends Krb5Token { private static final int CHECKSUM_TYPE = 0x8003;
*** 55,64 **** --- 56,66 ---- private static final int CHECKSUM_INTEG_FLAG = 32; private final byte[] CHECKSUM_FIRST_BYTES = {(byte)0x10, (byte)0x00, (byte)0x00, (byte)0x00}; + private static final int CHANNEL_BINDING_AF_UNSPEC = 0; private static final int CHANNEL_BINDING_AF_INET = 2; private static final int CHANNEL_BINDING_AF_INET6 = 24; private static final int CHANNEL_BINDING_AF_NULL_ADDR = 255; private static final int Inet4_ADDRSZ = 4;
*** 331,352 **** context.setIntegState(false); } } } ! private int getAddrType(InetAddress addr) { ! int addressType = CHANNEL_BINDING_AF_NULL_ADDR; if (addr instanceof Inet4Address) addressType = CHANNEL_BINDING_AF_INET; else if (addr instanceof Inet6Address) addressType = CHANNEL_BINDING_AF_INET6; return (addressType); } private byte[] getAddrBytes(InetAddress addr) throws GSSException { ! int addressType = getAddrType(addr); byte[] addressBytes = addr.getAddress(); if (addressBytes != null) { switch (addressType) { case CHANNEL_BINDING_AF_INET: if (addressBytes.length != Inet4_ADDRSZ) { --- 333,354 ---- context.setIntegState(false); } } } ! private int getAddrType(InetAddress addr, int defValue) { ! int addressType = defValue; if (addr instanceof Inet4Address) addressType = CHANNEL_BINDING_AF_INET; else if (addr instanceof Inet6Address) addressType = CHANNEL_BINDING_AF_INET6; return (addressType); } private byte[] getAddrBytes(InetAddress addr) throws GSSException { ! int addressType = getAddrType(addr, CHANNEL_BINDING_AF_NULL_ADDR); byte[] addressBytes = addr.getAddress(); if (addressBytes != null) { switch (addressType) { case CHANNEL_BINDING_AF_INET: if (addressBytes.length != Inet4_ADDRSZ) {
*** 373,384 **** InetAddress initiatorAddress = channelBinding.getInitiatorAddress(); InetAddress acceptorAddress = channelBinding.getAcceptorAddress(); int size = 5*4; ! int initiatorAddressType = getAddrType(initiatorAddress); ! int acceptorAddressType = getAddrType(acceptorAddress); byte[] initiatorAddressBytes = null; if (initiatorAddress != null) { initiatorAddressBytes = getAddrBytes(initiatorAddress); size += initiatorAddressBytes.length; --- 375,394 ---- InetAddress initiatorAddress = channelBinding.getInitiatorAddress(); InetAddress acceptorAddress = channelBinding.getAcceptorAddress(); int size = 5*4; ! // LDAP TLS Channel Binding requires CHANNEL_BINDING_AF_UNSPEC address type ! // for unspecified initiator and acceptor addresses. ! // CHANNEL_BINDING_AF_NULL_ADDR value should be used for unspecified address ! // in all other cases. ! int initiatorAddressType = getAddrType(initiatorAddress, ! (channelBinding instanceof TlsChannelBindingImpl)? ! CHANNEL_BINDING_AF_UNSPEC:CHANNEL_BINDING_AF_NULL_ADDR); ! int acceptorAddressType = getAddrType(acceptorAddress, ! (channelBinding instanceof TlsChannelBindingImpl)? ! CHANNEL_BINDING_AF_UNSPEC:CHANNEL_BINDING_AF_NULL_ADDR); byte[] initiatorAddressBytes = null; if (initiatorAddress != null) { initiatorAddressBytes = getAddrBytes(initiatorAddress); size += initiatorAddressBytes.length;
< prev index next >