1 /* 2 * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 #import "sun_security_krb5_Credentials.h" 27 #import <Kerberos/Kerberos.h> 28 29 /* 30 * Based largely on klist.c, 31 * 32 * Created by Scott Kovatch on 8/12/04. 33 * 34 * See http://www.opensource.apple.com/darwinsource/10.3.3/Kerberos-47/KerberosClients/klist/Sources/klist.c 35 36 */ 37 38 /* 39 * Statics for this module 40 */ 41 42 static jclass derValueClass = NULL; 43 static jclass ticketClass = NULL; 44 static jclass principalNameClass = NULL; 45 static jclass encryptionKeyClass = NULL; 46 static jclass ticketFlagsClass = NULL; 47 static jclass kerberosTimeClass = NULL; 48 static jclass javaLangStringClass = NULL; 49 static jclass javaLangIntegerClass = NULL; 50 static jclass hostAddressClass = NULL; 51 static jclass hostAddressesClass = NULL; 52 53 static jmethodID derValueConstructor = 0; 54 static jmethodID ticketConstructor = 0; 55 static jmethodID principalNameConstructor = 0; 56 static jmethodID encryptionKeyConstructor = 0; 57 static jmethodID ticketFlagsConstructor = 0; 58 static jmethodID kerberosTimeConstructor = 0; 59 static jmethodID krbcredsConstructor = 0; 60 static jmethodID integerConstructor = 0; 61 static jmethodID hostAddressConstructor = 0; 62 static jmethodID hostAddressesConstructor = 0; 63 64 /* 65 * Function prototypes for internal routines 66 */ 67 68 static jobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket); 69 static jobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal principalName); 70 static jobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey); 71 static jobject BuildTicketFlags(JNIEnv *env, krb5_flags flags); 72 static jobject BuildKerberosTime(JNIEnv *env, krb5_timestamp kerbtime); 73 static jobject BuildAddressList(JNIEnv *env, krb5_address **kerbtime); 74 75 static void printiferr (errcode_t err, const char *format, ...); 76 77 static jclass FindClass(JNIEnv *env, char *className) 78 { 79 jclass cls = (*env)->FindClass(env, className); 80 81 if (cls == NULL) { 82 printf("Couldn't find %s\n", className); 83 return NULL; 84 } 85 #ifdef DEBUG 86 printf("Found %s\n", className); 87 #endif /* DEBUG */ 88 89 jobject returnValue = (*env)->NewWeakGlobalRef(env,cls); 90 return returnValue; 91 } 92 /* 93 * Class: sun_security_krb5_KrbCreds 94 * Method: JNI_OnLoad 95 */ 96 JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *jvm, void *reserved) 97 { 98 JNIEnv *env; 99 100 if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_4)) { 101 return JNI_EVERSION; /* JNI version not supported */ 102 } 103 104 ticketClass = FindClass(env, "sun/security/krb5/internal/Ticket"); 105 if (ticketClass == NULL) return JNI_ERR; 106 107 principalNameClass = FindClass(env, "sun/security/krb5/PrincipalName"); 108 if (principalNameClass == NULL) return JNI_ERR; 109 110 derValueClass = FindClass(env, "sun/security/util/DerValue"); 111 if (derValueClass == NULL) return JNI_ERR; 112 113 encryptionKeyClass = FindClass(env, "sun/security/krb5/EncryptionKey"); 114 if (encryptionKeyClass == NULL) return JNI_ERR; 115 116 ticketFlagsClass = FindClass(env,"sun/security/krb5/internal/TicketFlags"); 117 if (ticketFlagsClass == NULL) return JNI_ERR; 118 119 kerberosTimeClass = FindClass(env,"sun/security/krb5/internal/KerberosTime"); 120 if (kerberosTimeClass == NULL) return JNI_ERR; 121 122 javaLangStringClass = FindClass(env,"java/lang/String"); 123 if (javaLangStringClass == NULL) return JNI_ERR; 124 125 javaLangIntegerClass = FindClass(env,"java/lang/Integer"); 126 if (javaLangIntegerClass == NULL) return JNI_ERR; 127 128 hostAddressClass = FindClass(env,"sun/security/krb5/internal/HostAddress"); 129 if (hostAddressClass == NULL) return JNI_ERR; 130 131 hostAddressesClass = FindClass(env,"sun/security/krb5/internal/HostAddresses"); 132 if (hostAddressesClass == NULL) return JNI_ERR; 133 134 derValueConstructor = (*env)->GetMethodID(env, derValueClass, "<init>", "([B)V"); 135 if (derValueConstructor == 0) { 136 printf("Couldn't find DerValue constructor\n"); 137 return JNI_ERR; 138 } 139 #ifdef DEBUG 140 printf("Found DerValue constructor\n"); 141 #endif /* DEBUG */ 142 143 ticketConstructor = (*env)->GetMethodID(env, ticketClass, "<init>", "(Lsun/security/util/DerValue;)V"); 144 if (ticketConstructor == 0) { 145 printf("Couldn't find Ticket constructor\n"); 146 return JNI_ERR; 147 } 148 #ifdef DEBUG 149 printf("Found Ticket constructor\n"); 150 #endif /* DEBUG */ 151 152 principalNameConstructor = (*env)->GetMethodID(env, principalNameClass, "<init>", "(Ljava/lang/String;I)V"); 153 if (principalNameConstructor == 0) { 154 printf("Couldn't find PrincipalName constructor\n"); 155 return JNI_ERR; 156 } 157 #ifdef DEBUG 158 printf("Found PrincipalName constructor\n"); 159 #endif /* DEBUG */ 160 161 encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass, "<init>", "(I[B)V"); 162 if (encryptionKeyConstructor == 0) { 163 printf("Couldn't find EncryptionKey constructor\n"); 164 return JNI_ERR; 165 } 166 #ifdef DEBUG 167 printf("Found EncryptionKey constructor\n"); 168 #endif /* DEBUG */ 169 170 ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass, "<init>", "(I[B)V"); 171 if (ticketFlagsConstructor == 0) { 172 printf("Couldn't find TicketFlags constructor\n"); 173 return JNI_ERR; 174 } 175 #ifdef DEBUG 176 printf("Found TicketFlags constructor\n"); 177 #endif /* DEBUG */ 178 179 kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass, "<init>", "(J)V"); 180 if (kerberosTimeConstructor == 0) { 181 printf("Couldn't find KerberosTime constructor\n"); 182 return JNI_ERR; 183 } 184 #ifdef DEBUG 185 printf("Found KerberosTime constructor\n"); 186 #endif /* DEBUG */ 187 188 integerConstructor = (*env)->GetMethodID(env, javaLangIntegerClass, "<init>", "(I)V"); 189 if (integerConstructor == 0) { 190 printf("Couldn't find Integer constructor\n"); 191 return JNI_ERR; 192 } 193 #ifdef DEBUG 194 printf("Found Integer constructor\n"); 195 #endif /* DEBUG */ 196 197 hostAddressConstructor = (*env)->GetMethodID(env, hostAddressClass, "<init>", "(I[B)V"); 198 if (hostAddressConstructor == 0) { 199 printf("Couldn't find HostAddress constructor\n"); 200 return JNI_ERR; 201 } 202 #ifdef DEBUG 203 printf("Found HostAddress constructor\n"); 204 #endif /* DEBUG */ 205 206 hostAddressesConstructor = (*env)->GetMethodID(env, hostAddressesClass, "<init>", "([Lsun/security/krb5/internal/HostAddress;)V"); 207 if (hostAddressesConstructor == 0) { 208 printf("Couldn't find HostAddresses constructor\n"); 209 return JNI_ERR; 210 } 211 #ifdef DEBUG 212 printf("Found HostAddresses constructor\n"); 213 #endif /* DEBUG */ 214 215 #ifdef DEBUG 216 printf("Finished OnLoad processing\n"); 217 #endif /* DEBUG */ 218 219 return JNI_VERSION_1_2; 220 } 221 222 /* 223 * Class: sun_security_jgss_KrbCreds 224 * Method: JNI_OnUnload 225 */ 226 JNIEXPORT void JNICALL JNI_OnUnload(JavaVM *jvm, void *reserved) 227 { 228 JNIEnv *env; 229 230 if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) { 231 return; /* Nothing else we can do */ 232 } 233 234 if (ticketClass != NULL) { 235 (*env)->DeleteWeakGlobalRef(env,ticketClass); 236 } 237 if (derValueClass != NULL) { 238 (*env)->DeleteWeakGlobalRef(env,derValueClass); 239 } 240 if (principalNameClass != NULL) { 241 (*env)->DeleteWeakGlobalRef(env,principalNameClass); 242 } 243 if (encryptionKeyClass != NULL) { 244 (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass); 245 } 246 if (ticketFlagsClass != NULL) { 247 (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass); 248 } 249 if (kerberosTimeClass != NULL) { 250 (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass); 251 } 252 if (javaLangStringClass != NULL) { 253 (*env)->DeleteWeakGlobalRef(env,javaLangStringClass); 254 } 255 if (javaLangIntegerClass != NULL) { 256 (*env)->DeleteWeakGlobalRef(env,javaLangIntegerClass); 257 } 258 if (hostAddressClass != NULL) { 259 (*env)->DeleteWeakGlobalRef(env,hostAddressClass); 260 } 261 if (hostAddressesClass != NULL) { 262 (*env)->DeleteWeakGlobalRef(env,hostAddressesClass); 263 } 264 265 } 266 267 int isIn(krb5_enctype e, int n, jint* etypes) 268 { 269 int i; 270 for (i=0; i<n; i++) { 271 if (e == etypes[i]) return 1; 272 } 273 return 0; 274 } 275 276 /* 277 * Class: sun_security_krb5_Credentials 278 * Method: acquireDefaultNativeCreds 279 * Signature: ([I])Lsun/security/krb5/Credentials; 280 */ 281 JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds 282 (JNIEnv *env, jclass krbcredsClass, jintArray jetypes) 283 { 284 jobject krbCreds = NULL; 285 krb5_error_code err = 0; 286 krb5_ccache ccache = NULL; 287 krb5_cc_cursor cursor = NULL; 288 krb5_creds creds; 289 krb5_flags flags = 0; 290 krb5_context kcontext = NULL; 291 292 int netypes; 293 jint *etypes = NULL; 294 int proxy_flag = 0; 295 296 /* Initialize the Kerberos 5 context */ 297 err = krb5_init_context (&kcontext); 298 299 if (!err) { 300 err = krb5_cc_default (kcontext, &ccache); 301 } 302 303 if (!err) { 304 err = krb5_cc_set_flags (kcontext, ccache, flags); /* turn off OPENCLOSE */ 305 } 306 307 // First round read. The proxy_impersonator config flag is not supported. 308 // This ccache will not be used if this flag exists. 309 if (!err) { 310 err = krb5_cc_start_seq_get (kcontext, ccache, &cursor); 311 } 312 313 if (!err) { 314 while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) { 315 char *serverName = NULL; 316 317 if (!err) { 318 err = krb5_unparse_name (kcontext, creds.server, &serverName); 319 printiferr (err, "while unparsing server name"); 320 } 321 322 if (!err) { 323 if (!strcmp(serverName, "krb5_ccache_conf_data/proxy_impersonator@X-CACHECONF:")) { 324 proxy_flag = 1; 325 } 326 } 327 328 if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); } 329 330 krb5_free_cred_contents (kcontext, &creds); 331 332 if (proxy_flag) break; 333 } 334 335 if (err == KRB5_CC_END) { err = 0; } 336 printiferr (err, "while retrieving a ticket"); 337 } 338 339 if (!err) { 340 err = krb5_cc_end_seq_get (kcontext, ccache, &cursor); 341 printiferr (err, "while finishing ticket retrieval"); 342 } 343 344 if (proxy_flag) { 345 goto outer_cleanup; 346 } 347 // End of first round read 348 349 if (!err) { 350 err = krb5_cc_start_seq_get (kcontext, ccache, &cursor); 351 } 352 353 netypes = (*env)->GetArrayLength(env, jetypes); 354 etypes = (jint *) (*env)->GetIntArrayElements(env, jetypes, NULL); 355 356 if (etypes != NULL && !err) { 357 while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) { 358 char *serverName = NULL; 359 360 if (!err) { 361 err = krb5_unparse_name (kcontext, creds.server, &serverName); 362 printiferr (err, "while unparsing server name"); 363 } 364 365 if (!err) { 366 char* slash = strchr(serverName, '/'); 367 char* at = strchr(serverName, '@'); 368 // Make sure the server's name is krbtgt/REALM@REALM, the etype 369 // is supported, and the ticket has not expired 370 if (slash && at && 371 strncmp (serverName, "krbtgt", slash-serverName) == 0 && 372 // the ablove line shows at must be after slash 373 strncmp (slash+1, at+1, at-slash-1) == 0 && 374 isIn (creds.keyblock.enctype, netypes, etypes) && 375 creds.times.endtime > time(0)) { 376 jobject ticket, clientPrincipal, targetPrincipal, encryptionKey; 377 jobject ticketFlags, startTime, endTime; 378 jobject authTime, renewTillTime, hostAddresses; 379 380 ticket = clientPrincipal = targetPrincipal = encryptionKey = NULL; 381 ticketFlags = startTime = endTime = NULL; 382 authTime = renewTillTime = hostAddresses = NULL; 383 384 // For the default credentials we're only interested in the krbtgt server. 385 clientPrincipal = BuildClientPrincipal(env, kcontext, creds.client); 386 if (clientPrincipal == NULL) goto cleanup; 387 388 targetPrincipal = BuildClientPrincipal(env, kcontext, creds.server); 389 if (targetPrincipal == NULL) goto cleanup; 390 391 // Build a sun/security/krb5/internal/Ticket 392 ticket = BuildTicket(env, &creds.ticket); 393 if (ticket == NULL) goto cleanup; 394 395 // Get the encryption key 396 encryptionKey = BuildEncryptionKey(env, &creds.keyblock); 397 if (encryptionKey == NULL) goto cleanup; 398 399 // and the ticket flags 400 ticketFlags = BuildTicketFlags(env, creds.ticket_flags); 401 if (ticketFlags == NULL) goto cleanup; 402 403 // Get the timestamps out. 404 startTime = BuildKerberosTime(env, creds.times.starttime); 405 if (startTime == NULL) goto cleanup; 406 407 authTime = BuildKerberosTime(env, creds.times.authtime); 408 if (authTime == NULL) goto cleanup; 409 410 endTime = BuildKerberosTime(env, creds.times.endtime); 411 if (endTime == NULL) goto cleanup; 412 413 renewTillTime = BuildKerberosTime(env, creds.times.renew_till); 414 if (renewTillTime == NULL) goto cleanup; 415 416 // Create the addresses object. 417 hostAddresses = BuildAddressList(env, creds.addresses); 418 419 if (krbcredsConstructor == 0) { 420 krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>", 421 "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V"); 422 if (krbcredsConstructor == 0) { 423 printf("Couldn't find sun.security.krb5.internal.Ticket constructor\n"); 424 break; 425 } 426 } 427 428 // and now go build a KrbCreds object 429 krbCreds = (*env)->NewObject( 430 env, 431 krbcredsClass, 432 krbcredsConstructor, 433 ticket, 434 clientPrincipal, 435 NULL, 436 targetPrincipal, 437 NULL, 438 encryptionKey, 439 ticketFlags, 440 authTime, 441 startTime, 442 endTime, 443 renewTillTime, 444 hostAddresses); 445 cleanup: 446 if (ticket) (*env)->DeleteLocalRef(env, ticket); 447 if (clientPrincipal) (*env)->DeleteLocalRef(env, clientPrincipal); 448 if (targetPrincipal) (*env)->DeleteLocalRef(env, targetPrincipal); 449 if (encryptionKey) (*env)->DeleteLocalRef(env, encryptionKey); 450 if (ticketFlags) (*env)->DeleteLocalRef(env, ticketFlags); 451 if (authTime) (*env)->DeleteLocalRef(env, authTime); 452 if (startTime) (*env)->DeleteLocalRef(env, startTime); 453 if (endTime) (*env)->DeleteLocalRef(env, endTime); 454 if (renewTillTime) (*env)->DeleteLocalRef(env, renewTillTime); 455 if (hostAddresses) (*env)->DeleteLocalRef(env, hostAddresses); 456 457 // Stop if there is an exception or we already found the initial TGT 458 if ((*env)->ExceptionCheck(env) || krbCreds) { 459 break; 460 } 461 } 462 } 463 464 if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); } 465 466 krb5_free_cred_contents (kcontext, &creds); 467 } 468 469 if (err == KRB5_CC_END) { err = 0; } 470 printiferr (err, "while retrieving a ticket"); 471 } 472 473 if (!err) { 474 err = krb5_cc_end_seq_get (kcontext, ccache, &cursor); 475 printiferr (err, "while finishing ticket retrieval"); 476 } 477 478 outer_cleanup: 479 if (!err) { 480 flags = KRB5_TC_OPENCLOSE; /* restore OPENCLOSE mode */ 481 err = krb5_cc_set_flags (kcontext, ccache, flags); 482 printiferr (err, "while finishing ticket retrieval"); 483 } 484 485 if (etypes != NULL) { 486 (*env)->ReleaseIntArrayElements(env, jetypes, etypes, 0); 487 } 488 489 krb5_free_context (kcontext); 490 return krbCreds; 491 } 492 493 494 #pragma mark - 495 496 jobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket) 497 { 498 /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket. 499 * But before we can do that, we need to make a byte array out of the ET. 500 */ 501 502 jobject derValue, ticket; 503 jbyteArray ary; 504 505 ary = (*env)->NewByteArray(env, encodedTicket->length); 506 if ((*env)->ExceptionCheck(env)) { 507 return (jobject) NULL; 508 } 509 510 (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicket->length, (jbyte *)encodedTicket->data); 511 if ((*env)->ExceptionCheck(env)) { 512 (*env)->DeleteLocalRef(env, ary); 513 return (jobject) NULL; 514 } 515 516 derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary); 517 if ((*env)->ExceptionCheck(env)) { 518 (*env)->DeleteLocalRef(env, ary); 519 return (jobject) NULL; 520 } 521 522 (*env)->DeleteLocalRef(env, ary); 523 ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue); 524 if ((*env)->ExceptionCheck(env)) { 525 (*env)->DeleteLocalRef(env, derValue); 526 return (jobject) NULL; 527 } 528 (*env)->DeleteLocalRef(env, derValue); 529 return ticket; 530 } 531 532 jobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal principalName) { 533 // Get the full principal string. 534 char *principalString = NULL; 535 jobject principal = NULL; 536 int err = krb5_unparse_name (kcontext, principalName, &principalString); 537 538 if (!err) { 539 // Make a PrincipalName from the full string and the type. Let the PrincipalName class parse it out. 540 jstring principalStringObj = (*env)->NewStringUTF(env, principalString); 541 if (principalStringObj == NULL) { 542 if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); } 543 return (jobject) NULL; 544 } 545 principal = (*env)->NewObject(env, principalNameClass, principalNameConstructor, principalStringObj, principalName->type); 546 if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); } 547 (*env)->DeleteLocalRef(env, principalStringObj); 548 } 549 550 return principal; 551 } 552 553 jobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey) { 554 // First, need to build a byte array 555 jbyteArray ary; 556 jobject encryptionKey = NULL; 557 558 ary = (*env)->NewByteArray(env,cryptoKey->length); 559 560 if (ary == NULL) { 561 return (jobject) NULL; 562 } 563 564 (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->length, (jbyte *)cryptoKey->contents); 565 if (!(*env)->ExceptionCheck(env)) { 566 encryptionKey = (*env)->NewObject(env, encryptionKeyClass, encryptionKeyConstructor, cryptoKey->enctype, ary); 567 } 568 569 (*env)->DeleteLocalRef(env, ary); 570 return encryptionKey; 571 } 572 573 jobject BuildTicketFlags(JNIEnv *env, krb5_flags flags) { 574 jobject ticketFlags = NULL; 575 jbyteArray ary; 576 577 /* 578 * Convert the bytes to network byte order before copying 579 * them to a Java byte array. 580 */ 581 unsigned long nlflags = htonl(flags); 582 583 ary = (*env)->NewByteArray(env, sizeof(flags)); 584 585 if (ary == NULL) { 586 return (jobject) NULL; 587 } 588 589 (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(flags), (jbyte *)&nlflags); 590 591 if (!(*env)->ExceptionCheck(env)) { 592 ticketFlags = (*env)->NewObject(env, ticketFlagsClass, ticketFlagsConstructor, sizeof(flags)*8, ary); 593 } 594 595 (*env)->DeleteLocalRef(env, ary); 596 return ticketFlags; 597 } 598 599 jobject BuildKerberosTime(JNIEnv *env, krb5_timestamp kerbtime) { 600 jlong time = kerbtime; 601 602 // Kerberos time is in seconds, but the KerberosTime class assumes milliseconds, so multiply by 1000. 603 time *= 1000; 604 return (*env)->NewObject(env, kerberosTimeClass, kerberosTimeConstructor, time); 605 } 606 607 jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) { 608 609 if (addresses == NULL) { 610 return NULL; 611 } 612 613 int addressCount = 0; 614 615 // See how many we have. 616 krb5_address **p = addresses; 617 618 while (*p != 0) { 619 addressCount++; 620 p++; 621 } 622 623 jobject address_list = (*env)->NewObjectArray(env, addressCount, hostAddressClass, NULL); 624 625 if (address_list == NULL) { 626 return (jobject) NULL; 627 } 628 629 // Create a new HostAddress object for each address block. 630 // First, reset the iterator. 631 p = addresses; 632 jsize index = 0; 633 while (*p != 0) { 634 krb5_address *currAddress = *p; 635 636 // HostAddres needs a byte array of the host data. 637 jbyteArray ary = (*env)->NewByteArray(env, currAddress->length); 638 639 if (ary == NULL) return NULL; 640 641 (*env)->SetByteArrayRegion(env, ary, (jsize) 0, currAddress->length, (jbyte *)currAddress->contents); 642 jobject address = (*env)->NewObject(env, hostAddressClass, hostAddressConstructor, currAddress->length, ary); 643 644 (*env)->DeleteLocalRef(env, ary); 645 646 if (address == NULL) { 647 return (jobject) NULL; 648 } 649 // Add the HostAddress to the arrray. 650 (*env)->SetObjectArrayElement(env, address_list, index, address); 651 652 if ((*env)->ExceptionCheck(env)) { 653 return (jobject) NULL; 654 } 655 656 index++; 657 p++; 658 } 659 660 return address_list; 661 } 662 663 #pragma mark - Utility methods - 664 665 static void printiferr (errcode_t err, const char *format, ...) 666 { 667 if (err) { 668 va_list pvar; 669 670 va_start (pvar, format); 671 com_err_va ("ticketParser:", err, format, pvar); 672 va_end (pvar); 673 } 674 } 675