1 /*
2 * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 6952519
27 * @compile -XDignore.symbol.file TcpTimeout.java
28 * @run main/othervm -Dsun.net.spi.nameservice.provider.1=ns,mock TcpTimeout
29 * @summary kdc_timeout is not being honoured when using TCP
30 */
31
32 import java.io.*;
33 import java.net.ServerSocket;
34 import sun.security.krb5.Config;
35
36 public class TcpTimeout {
37 public static void main(String[] args)
38 throws Exception {
39
40 // Set debug to grab debug output like ">>> KDCCommunication"
41 System.setProperty("sun.security.krb5.debug", "true");
42
43 // Called before new ServerSocket on p1 and p2 to make sure
44 // customized nameservice is used
45 KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, 0, true);
46 int p3 = k.getPort();
47 k.addPrincipal(OneKDC.USER, OneKDC.PASS);
48 k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
49
50 // Start two listener that does not communicate, simulate timeout
51 ServerSocket ss1 = null;
52 ServerSocket ss2 = null;
53
54 try {
55 ss1 = new ServerSocket(0);
56 ss2 = new ServerSocket(0);
57 int p1 = ss1.getLocalPort();
58 int p2 = ss2.getLocalPort();
59
60 FileWriter fw = new FileWriter("alternative-krb5.conf");
61
62 fw.write("[libdefaults]\n" +
63 "udp_preference_limit = 1\n" +
64 "max_retries = 2\n" +
65 "default_realm = " + OneKDC.REALM + "\n" +
66 "kdc_timeout = " + BadKdc.toReal(5000) + "\n");
67 fw.write("[realms]\n" + OneKDC.REALM + " = {\n" +
68 "kdc = " + OneKDC.KDCHOST + ":" + p1 + "\n" +
69 "kdc = " + OneKDC.KDCHOST + ":" + p2 + "\n" +
70 "kdc = " + OneKDC.KDCHOST + ":" + p3 + "\n" +
71 "}\n");
72
73 fw.close();
74 System.setProperty("java.security.krb5.conf",
75 "alternative-krb5.conf");
76 Config.refresh();
77
78 System.out.println("Ports opened on " + p1 + ", " + p2 + ", " + p3);
79
80 // The correct behavior should be:
81 // 5 sec on p1, 5 sec on p1, fail
82 // 5 sec on p2, 5 sec on p2, fail
83 // p3 ok, p3 ok again for preauth.
84 int count = 6;
85
86 ByteArrayOutputStream bo = new ByteArrayOutputStream();
87 PrintStream oldout = System.out;
88 System.setOut(new PrintStream(bo));
89 Context c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
90 System.setOut(oldout);
91
92 String[] lines = new String(bo.toByteArray()).split("\n");
93 for (String line: lines) {
94 if (line.startsWith(">>> KDCCommunication")) {
95 System.out.println(line);
96 count--;
97 }
98 }
99 if (count != 0) {
100 throw new Exception("Retry count is " + count + " less");
101 }
102 } finally {
103 if (ss1 != null) ss1.close();
104 if (ss2 != null) ss2.close();
105 }
106 }
107 }