8284935: Improve debug in java.security.jgss

Reviewed-by: mullan
This commit is contained in:
Xue-Lei Andrew Fan 2022-04-18 14:07:56 +00:00
parent ef25e189c7
commit c63fabe3d5
7 changed files with 82 additions and 58 deletions

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -90,9 +90,11 @@ public class GSSCredentialImpl implements GSSCredential {
} catch (GSSException e) {
if (defaultList) {
// Try the next mechanism
GSSUtil.debug("Ignore " + e + " while acquring cred for "
+ mechs[i]);
//e.printStackTrace();
if (GSSUtil.DEBUG) {
GSSUtil.debug("Ignore " + e + " while acquiring cred for "
+ mechs[i]);
// e.printStackTrace();
}
} else throw e; // else try the next mechanism
}
}

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -88,8 +88,10 @@ public class GSSManagerImpl extends GSSManager {
}
} catch (GSSException e) {
// Squelch it and just skip over this mechanism
GSSUtil.debug("Skip " + mech +
": error retrieving supported name types");
if (GSSUtil.DEBUG) {
GSSUtil.debug("Skip " + mech +
": error retrieving supported name types");
}
}
}

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -203,10 +203,6 @@ public abstract class GSSToken {
}
}
public static final void debug(String str) {
System.err.print(str);
}
public static final String getHexBytes(byte[] bytes) {
return getHexBytes(bytes, 0, bytes.length);
}

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -71,10 +71,8 @@ public class GSSUtil {
GetBooleanAction.privilegedGetProperty("sun.security.jgss.debug");
static void debug(String message) {
if (DEBUG) {
assert(message != null);
System.out.println(message);
}
assert(message != null);
System.out.println(message);
}
// NOTE: this method is only for creating Oid objects with
@ -84,7 +82,9 @@ public class GSSUtil {
try {
return new Oid(oidStr);
} catch (GSSException e) {
debug("Ignored invalid OID: " + oidStr);
if (DEBUG) {
debug("Ignored invalid OID: " + oidStr);
}
return null;
}
}
@ -138,7 +138,9 @@ public class GSSUtil {
KerberosPrincipal krbPrinc = new KerberosPrincipal(krbName);
krb5Principals.add(krbPrinc);
} catch (GSSException ge) {
debug("Skipped name " + name + " due to " + ge);
if (DEBUG) {
debug("Skipped name " + name + " due to " + ge);
}
}
}
@ -149,10 +151,12 @@ public class GSSUtil {
} else {
privCredentials = new HashSet<Object>(); // empty Set
}
debug("Created Subject with the following");
debug("principals=" + krb5Principals);
debug("public creds=" + pubCredentials);
debug("private creds=" + privCredentials);
if (DEBUG) {
debug("Created Subject with the following");
debug("principals=" + krb5Principals);
debug("public creds=" + pubCredentials);
debug("private creds=" + privCredentials);
}
return new Subject(false, krb5Principals, pubCredentials,
privCredentials);
@ -212,7 +216,9 @@ public class GSSUtil {
credentials.add(cred);
} else {
// Ignore non-KerberosTicket and non-KerberosKey elements
debug("Skipped cred element: " + cred);
if (DEBUG) {
debug("Skipped cred element: " + cred);
}
}
}
}
@ -308,10 +314,12 @@ public class GSSUtil {
final Oid mech,
final boolean initiate,
final Class<? extends T> credCls) {
debug("Search Subject for " + getMechStr(mech) +
(initiate? " INIT" : " ACCEPT") + " cred (" +
(name == null? "<<DEF>>" : name.toString()) + ", " +
credCls.getName() + ")");
if (DEBUG) {
debug("Search Subject for " + getMechStr(mech) +
(initiate ? " INIT" : " ACCEPT") + " cred (" +
(name == null ? "<<DEF>>" : name.toString()) + ", " +
credCls.getName() + ")");
}
try {
@SuppressWarnings("removal")
Vector<T> creds =
@ -327,30 +335,42 @@ public class GSSUtil {
(GSSCredentialImpl.class).iterator();
while (iterator.hasNext()) {
GSSCredentialImpl cred = iterator.next();
debug("...Found cred" + cred);
if (DEBUG) {
debug("...Found cred" + cred);
}
try {
GSSCredentialSpi ce =
cred.getElement(mech, initiate);
debug("......Found element: " + ce);
if (DEBUG) {
debug("......Found element: " + ce);
}
if (ce.getClass().equals(credCls) &&
(name == null ||
name.equals((Object) ce.getName()))) {
result.add(credCls.cast(ce));
} else {
debug("......Discard element");
if (DEBUG) {
debug("......Discard element");
}
}
} catch (GSSException ge) {
debug("...Discard cred (" + ge + ")");
if (DEBUG) {
debug("...Discard cred (" + ge + ")");
}
}
}
} else debug("No Subject");
} else if (DEBUG) {
debug("No Subject");
}
return result;
}
});
return creds;
} catch (PrivilegedActionException pae) {
debug("Unexpected exception when searching Subject:");
if (DEBUG) pae.printStackTrace();
if (DEBUG) {
debug("Unexpected exception when searching Subject:");
pae.printStackTrace();
}
return null;
}
}

@ -134,8 +134,10 @@ public final class ProviderList {
addProviderAtEnd(prov, null);
} catch (GSSException ge) {
// Move on to the next provider
GSSUtil.debug("Error in adding provider " +
prov.getName() + ": " + ge);
if (GSSUtil.DEBUG) {
GSSUtil.debug("Error in adding provider " +
prov.getName() + ": " + ge);
}
}
} // End of for loop
}
@ -421,8 +423,10 @@ public final class ProviderList {
retVal = true;
} catch (GSSException e) {
// Skip to next property
GSSUtil.debug("Ignore the invalid property " +
prop + " from provider " + p.getName());
if (GSSUtil.DEBUG) {
GSSUtil.debug("Ignore the invalid property " +
prop + " from provider " + p.getName());
}
}
} // Processed GSS property
} // while loop

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,6 +30,7 @@ import java.security.Provider;
import java.security.AccessController;
import java.security.PrivilegedAction;
import org.ietf.jgss.Oid;
import sun.security.action.GetBooleanAction;
import sun.security.action.PutAllAction;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
@ -51,14 +52,14 @@ public final class SunNativeProvider extends Provider {
private static final String INFO = "Sun Native GSS provider";
private static final String MF_CLASS =
"sun.security.jgss.wrapper.NativeGSSFactory";
static boolean DEBUG;
private static final boolean DEBUG =
GetBooleanAction.privilegedGetProperty("sun.security.nativegss.debug");
static void debug(String message) {
if (DEBUG) {
if (message == null) {
throw new NullPointerException();
}
System.out.println(NAME + ": " + message);
if (message == null) {
throw new NullPointerException();
}
System.out.println(NAME + ": " + message);
}
@SuppressWarnings("removal")
@ -66,8 +67,6 @@ public final class SunNativeProvider extends Provider {
AccessController.doPrivileged(
new PrivilegedAction<>() {
public HashMap<String, String> run() {
DEBUG = Boolean.parseBoolean(
System.getProperty("sun.security.nativegss.debug"));
try {
// Ensure the InetAddress class is loaded before
// loading j2gss. The library will access this class
@ -75,8 +74,10 @@ public final class SunNativeProvider extends Provider {
Class.forName("java.net.InetAddress");
System.loadLibrary("j2gss");
} catch (ClassNotFoundException | Error err) {
debug("No j2gss library found!");
if (DEBUG) err.printStackTrace();
if (DEBUG) {
debug("No j2gss library found!");
err.printStackTrace();
}
return null;
}
String[] gssLibs;
@ -107,11 +108,15 @@ public final class SunNativeProvider extends Provider {
}
for (String libName: gssLibs) {
if (GSSLibStub.init(libName, DEBUG)) {
debug("Loaded GSS library: " + libName);
if (DEBUG) {
debug("Loaded GSS library: " + libName);
}
Oid[] mechs = GSSLibStub.indicateMechs();
HashMap<String,String> map = new HashMap<>();
for (int i = 0; i < mechs.length; i++) {
debug("Native MF for " + mechs[i]);
if (DEBUG) {
debug("Native MF for " + mechs[i]);
}
map.put("GssApiMechanism." + mechs[i],
MF_CLASS);
}

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -340,12 +340,7 @@ public class KrbTgsReq extends KrbKdcReq {
return serverAlias;
}
private static void debug(String message) {
// System.err.println(">>> KrbTgsReq: " + message);
}
boolean usedSubkey() {
return useSubkey;
}
}