/* * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ /* * @test * @bug 7152176 * @summary More krb5 tests * @library ../../../../java/security/testlibrary/ * @compile -XDignore.symbol.file ReplayCacheTestProc.java * @run main/othervm/timeout=100 ReplayCacheTestProc */ import java.io.*; import java.nio.BufferUnderflowException; import java.nio.channels.SeekableByteChannel; import java.nio.file.Files; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; import java.nio.file.StandardOpenOption; import java.security.MessageDigest; import java.util.*; import sun.security.jgss.GSSUtil; import sun.security.krb5.internal.APReq; import sun.security.krb5.internal.rcache.AuthTime; // This test runs multiple acceptor Procs to mimin AP-REQ replays. public class ReplayCacheTestProc { private static Proc[] ps; private static Proc pc; private static List reqs = new ArrayList<>(); private static String HOST = "localhost"; // Where should the rcache be saved. It seems KRB5RCACHEDIR is not // recognized on Solaris. Maybe version too low? I see 1.6. private static String cwd = System.getProperty("os.name").startsWith("SunOS") ? "/var/krb5/rcache/" : System.getProperty("user.dir"); private static int uid; public static void main0(String[] args) throws Exception { System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF); if (args.length == 0) { // The controller int ns = 5; // number of servers int nu = 5; // number of users int nx = 50; // number of experiments int np = 5; // number of peers (services) int mode = 0; // native(1), random(0), java(-1) boolean random = true; // random experiments choreograph // Do not test interop with native GSS on some platforms String os = System.getProperty("os.name", "???"); if (!os.startsWith("SunOS") && !os.startsWith("Linux")) { mode = -1; } try { Class clazz = Class.forName( "com.sun.security.auth.module.UnixSystem"); uid = (int)(long)(Long) clazz.getMethod("getUid").invoke(clazz.newInstance()); } catch (Exception e) { uid = -1; } KDC kdc = KDC.create(OneKDC.REALM, HOST, 0, true); for (int i=0; i>4]; h[2*i+1] = hexConst[hash[i]&0xf]; } return new String(h); } // return size of dfl file, excluding the null hash ones private static int csize(int p) throws Exception { try (SeekableByteChannel chan = Files.newByteChannel( Paths.get(dfl(p)), StandardOpenOption.READ)) { chan.position(6); int cc = 0; while (true) { try { if (AuthTime.readFrom(chan) != null) cc++; } catch (BufferUnderflowException e) { break; } } return cc; } catch (IOException ioe) { return 0; } } // models an experiement private static class Ex { int i; // # boolean expected; // expected result boolean actual; // actual output int old; // which ap-req to send String server; // which server to send to String hash; // the hash of req int user; // which initiator int peer; // which acceptor int csize; // size of rcache after test } // models a saved ap-req msg private static class Req { String msg; // based64-ed req int user; // which initiator int peer; // which accceptor Req(int user, int peer, String msg) { this.msg = msg; this.user= user; this.peer = peer; } } }