< prev index next >
src/java.security.jgss/share/classes/sun/security/krb5/KrbTgsReq.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 34,43 ****
--- 34,44 ----
import sun.security.krb5.internal.*;
import sun.security.krb5.internal.crypto.*;
import java.io.IOException;
import java.net.UnknownHostException;
import java.time.Instant;
+ import java.util.Arrays;
/**
* This class encapsulates a Kerberos TGS-REQ that is sent from the
* client to the KDC.
*/
*** 55,117 ****
private byte[] obuf;
private byte[] ibuf;
// Used in CredentialsUtil
! public KrbTgsReq(Credentials asCreds,
! PrincipalName sname)
throws KrbException, IOException {
! this(new KDCOptions(),
asCreds,
sname,
null, // KerberosTime from
null, // KerberosTime till
null, // KerberosTime rtime
! null, // eTypes, // null, // int[] eTypes
null, // HostAddresses addresses
null, // AuthorizationData authorizationData
! null, // Ticket[] additionalTickets
! null); // EncryptionKey subSessionKey
! }
!
! // S4U2proxy
! public KrbTgsReq(Credentials asCreds,
! Ticket second,
! PrincipalName sname)
! throws KrbException, IOException {
! this(KDCOptions.with(KDCOptions.CNAME_IN_ADDL_TKT,
! KDCOptions.FORWARDABLE),
! asCreds,
! sname,
! null,
! null,
! null,
! null,
! null,
! null,
! new Ticket[] {second}, // the service ticket
! null);
! }
!
! // S4U2user
! public KrbTgsReq(Credentials asCreds,
! PrincipalName sname,
! PAData extraPA)
! throws KrbException, IOException {
! this(KDCOptions.with(KDCOptions.FORWARDABLE),
! asCreds,
! asCreds.getClient(),
! sname,
! null,
! null,
! null,
! null,
! null,
! null,
! null,
! null,
! extraPA); // the PA-FOR-USER
}
// Called by Credentials, KrbCred
KrbTgsReq(
KDCOptions options,
--- 56,82 ----
private byte[] obuf;
private byte[] ibuf;
// Used in CredentialsUtil
! public KrbTgsReq(KDCOptions options, Credentials asCreds,
! PrincipalName cname, PrincipalName sname,
! Ticket[] additionalTickets, PAData[] extraPAs)
throws KrbException, IOException {
! this(options,
asCreds,
+ cname,
sname,
null, // KerberosTime from
null, // KerberosTime till
null, // KerberosTime rtime
! null, // int[] eTypes
null, // HostAddresses addresses
null, // AuthorizationData authorizationData
! additionalTickets,
! null, // EncryptionKey subKey
! extraPAs);
}
// Called by Credentials, KrbCred
KrbTgsReq(
KDCOptions options,
*** 141,151 ****
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey,
! PAData extraPA) throws KrbException, IOException {
princName = cname;
servName = sname;
ctime = KerberosTime.now();
--- 106,116 ----
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey,
! PAData[] extraPAs) throws KrbException, IOException {
princName = cname;
servName = sname;
ctime = KerberosTime.now();
*** 214,224 ****
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey,
! extraPA);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
--- 179,189 ----
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey,
! extraPAs);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
*** 280,290 ****
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey,
! PAData extraPA)
throws IOException, KrbException, UnknownHostException {
KerberosTime req_till = null;
if (till == null) {
String d = Config.getInstance().get("libdefaults", "ticket_lifetime");
if (d != null) {
--- 245,255 ----
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey,
! PAData[] extraPAs)
throws IOException, KrbException, UnknownHostException {
KerberosTime req_till = null;
if (till == null) {
String d = Config.getInstance().get("libdefaults", "ticket_lifetime");
if (d != null) {
*** 380,394 ****
reqKey,
null,
null).getMessage();
PAData tgsPAData = new PAData(Krb5.PA_TGS_REQ, tgs_ap_req);
! return new TGSReq(
! extraPA != null ?
! new PAData[] {extraPA, tgsPAData } :
! new PAData[] {tgsPAData},
! reqBody);
}
TGSReq getMessage() {
return tgsReqMessg;
}
--- 345,362 ----
reqKey,
null,
null).getMessage();
PAData tgsPAData = new PAData(Krb5.PA_TGS_REQ, tgs_ap_req);
! PAData[] pa;
! if (extraPAs != null) {
! pa = Arrays.copyOf(extraPAs, extraPAs.length + 1);
! pa[extraPAs.length] = tgsPAData;
! } else {
! pa = new PAData[] {tgsPAData};
! }
! return new TGSReq(pa, reqBody);
}
TGSReq getMessage() {
return tgsReqMessg;
}
< prev index next >