1 /*
2 * Copyright (c) 2018, Red Hat, Inc.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.krb5.internal;
27
28 import java.util.Date;
29 import java.util.HashMap;
30 import java.util.LinkedList;
31 import java.util.List;
32 import java.util.Map;
33 import java.util.Map.Entry;
34
35 import sun.security.krb5.PrincipalName;
36
37 final class ReferralsCache {
38
39 private static Map<PrincipalName, Map<String, ReferralCacheEntry>> referralsMap =
40 new HashMap<>();
41
42 private static final class ReferralCacheEntry {
43 private final String toRealm;
44 private final Date validUntil;
45 ReferralCacheEntry(String toRealm, Date validUntil) {
46 this.toRealm = toRealm;
47 this.validUntil = validUntil;
48 }
49 String getToRealm() {
50 return toRealm;
51 }
52 Date getValidUntil() {
53 return validUntil;
54 }
55 }
56
57 static synchronized void put(PrincipalName service,
58 String fromRealm, String toRealm, Date validUntil) {
59 pruneExpired(service);
60 if (validUntil.before(new Date())) {
61 return;
62 }
63 Map<String, ReferralCacheEntry> entries = referralsMap.get(service);
64 if (entries == null) {
65 entries = new HashMap<String, ReferralCacheEntry>();
66 referralsMap.put(service, entries);
67 }
68 entries.remove(fromRealm);
69 ReferralCacheEntry newEntry = new ReferralCacheEntry(toRealm, validUntil);
70 entries.put(fromRealm, newEntry);
71
72 // Remove loops within the cache
73 ReferralCacheEntry current = newEntry;
74 List<ReferralCacheEntry> seen = new LinkedList<>();
75 while (current != null) {
76 if (seen.contains(current)) {
77 // Loop found. Remove the first referral to cut the loop.
78 entries.remove(newEntry.getToRealm());
79 break;
80 }
81 seen.add(current);
82 current = entries.get(current.getToRealm());
83 }
84 }
85
86 static synchronized String get(PrincipalName service, String fromRealm) {
87 pruneExpired(service);
88 Map<String, ReferralCacheEntry> entries = referralsMap.get(service);
89 if (entries != null) {
90 ReferralCacheEntry toRef = entries.get(fromRealm);
91 if (toRef != null) {
92 return toRef.getToRealm();
93 }
94 }
95 return null;
96 }
97
98 private static void pruneExpired(PrincipalName service) {
99 Date now = new Date();
100 Map<String, ReferralCacheEntry> entries = referralsMap.get(service);
101 if (entries != null) {
102 for (Entry<String, ReferralCacheEntry> mapEntry : entries.entrySet()) {
103 if (mapEntry.getValue().getValidUntil().before(now)) {
104 entries.remove(mapEntry.getKey());
105 }
106 }
107 }
108 }
109 }