8016051: Possible ClassCastException in KdcComm
Reviewed-by: weijun
This commit is contained in:
parent
5a0793018c
commit
b158c095ac
@ -46,6 +46,7 @@ import java.util.ArrayList;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
import java.util.Iterator;
|
||||||
import sun.security.krb5.internal.KRBError;
|
import sun.security.krb5.internal.KRBError;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -203,7 +204,6 @@ public final class KdcComm {
|
|||||||
|
|
||||||
if (obuf == null)
|
if (obuf == null)
|
||||||
return null;
|
return null;
|
||||||
Exception savedException = null;
|
|
||||||
Config cfg = Config.getInstance();
|
Config cfg = Config.getInstance();
|
||||||
|
|
||||||
if (realm == null) {
|
if (realm == null) {
|
||||||
@ -218,42 +218,51 @@ public final class KdcComm {
|
|||||||
if (kdcList == null) {
|
if (kdcList == null) {
|
||||||
throw new KrbException("Cannot get kdc for realm " + realm);
|
throw new KrbException("Cannot get kdc for realm " + realm);
|
||||||
}
|
}
|
||||||
String tempKdc = null; // may include the port number also
|
// tempKdc may include the port number also
|
||||||
byte[] ibuf = null;
|
Iterator<String> tempKdc = KdcAccessibility.list(kdcList).iterator();
|
||||||
for (String tmp: KdcAccessibility.list(kdcList)) {
|
if (!tempKdc.hasNext()) {
|
||||||
tempKdc = tmp;
|
throw new KrbException("Cannot get kdc for realm " + realm);
|
||||||
try {
|
}
|
||||||
ibuf = send(obuf,tempKdc,useTCP);
|
try {
|
||||||
KRBError ke = null;
|
return sendIfPossible(obuf, tempKdc.next(), useTCP);
|
||||||
|
} catch(Exception first) {
|
||||||
|
while(tempKdc.hasNext()) {
|
||||||
try {
|
try {
|
||||||
ke = new KRBError(ibuf);
|
return sendIfPossible(obuf, tempKdc.next(), useTCP);
|
||||||
} catch (Exception e) {
|
} catch(Exception ignore) {}
|
||||||
// OK
|
}
|
||||||
}
|
throw first;
|
||||||
if (ke != null && ke.getErrorCode() ==
|
}
|
||||||
Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
|
}
|
||||||
ibuf = send(obuf, tempKdc, true);
|
|
||||||
}
|
// send the AS Request to the specified KDC
|
||||||
KdcAccessibility.removeBad(tempKdc);
|
// failover to using TCP if useTCP is not set and response is too big
|
||||||
break;
|
private byte[] sendIfPossible(byte[] obuf, String tempKdc, boolean useTCP)
|
||||||
|
throws IOException, KrbException {
|
||||||
|
|
||||||
|
try {
|
||||||
|
byte[] ibuf = send(obuf, tempKdc, useTCP);
|
||||||
|
KRBError ke = null;
|
||||||
|
try {
|
||||||
|
ke = new KRBError(ibuf);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
if (DEBUG) {
|
// OK
|
||||||
System.out.println(">>> KrbKdcReq send: error trying " +
|
|
||||||
tempKdc);
|
|
||||||
e.printStackTrace(System.out);
|
|
||||||
}
|
|
||||||
KdcAccessibility.addBad(tempKdc);
|
|
||||||
savedException = e;
|
|
||||||
}
|
}
|
||||||
}
|
if (ke != null && ke.getErrorCode() ==
|
||||||
if (ibuf == null && savedException != null) {
|
Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
|
||||||
if (savedException instanceof IOException) {
|
ibuf = send(obuf, tempKdc, true);
|
||||||
throw (IOException) savedException;
|
|
||||||
} else {
|
|
||||||
throw (KrbException) savedException;
|
|
||||||
}
|
}
|
||||||
|
KdcAccessibility.removeBad(tempKdc);
|
||||||
|
return ibuf;
|
||||||
|
} catch(Exception e) {
|
||||||
|
if (DEBUG) {
|
||||||
|
System.out.println(">>> KrbKdcReq send: error trying " +
|
||||||
|
tempKdc);
|
||||||
|
e.printStackTrace(System.out);
|
||||||
|
}
|
||||||
|
KdcAccessibility.addBad(tempKdc);
|
||||||
|
throw e;
|
||||||
}
|
}
|
||||||
return ibuf;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// send the AS Request to the specified KDC
|
// send the AS Request to the specified KDC
|
||||||
@ -496,7 +505,7 @@ public final class KdcComm {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Returns a preferred KDC list by putting the bad ones at the end
|
// Returns a preferred KDC list by putting the bad ones at the end
|
||||||
private static synchronized String[] list(String kdcList) {
|
private static synchronized List<String> list(String kdcList) {
|
||||||
StringTokenizer st = new StringTokenizer(kdcList);
|
StringTokenizer st = new StringTokenizer(kdcList);
|
||||||
List<String> list = new ArrayList<>();
|
List<String> list = new ArrayList<>();
|
||||||
if (badPolicy == BpType.TRY_LAST) {
|
if (badPolicy == BpType.TRY_LAST) {
|
||||||
@ -515,7 +524,7 @@ public final class KdcComm {
|
|||||||
list.add(st.nextToken());
|
list.add(st.nextToken());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return list.toArray(new String[list.size()]);
|
return list;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user