Skip to content

Commit

Permalink
8304264: Debug messages always show up for NativeGSS
Browse files Browse the repository at this point in the history 
Reviewed-by: mullan
  • Loading branch information
@wangweij @nicowilliams
wangweij authored and nicowilliams committed Apr 10, 2023
1 parent cd57b40 commit a42c4ac
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 32 deletions.
6 changes: 4 additions & 2 deletions src/java.security.jgss/share/classes/sun/security/jgss/wrapper/GSSLibStub.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -111,7 +111,9 @@ static GSSLibStub getInstance(Oid mech) throws GSSException {
return s;
}
private GSSLibStub(Oid mech) throws GSSException {
SunNativeProvider.debug("Created GSSLibStub for mech " + mech);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Created GSSLibStub for mech " + mech);
}
this.mech = mech;
this.pMech = getMechPtr(mech.getDER());
}
Expand Down
30 changes: 20 additions & 10 deletions src/java.security.jgss/share/classes/sun/security/jgss/wrapper/GSSNameElement.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -74,21 +74,27 @@ private static Oid getNativeNameType(Oid nameType, GSSLibStub stub) {
supportedNTs = stub.inquireNamesForMech();
} catch (GSSException ge2) {
// Should never happen
SunNativeProvider.debug("Name type list unavailable: " +
ge2.getMajorString());
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Name type list unavailable: " +
ge2.getMajorString());
}
}
} else {
SunNativeProvider.debug("Name type list unavailable: " +
ge.getMajorString());
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Name type list unavailable: " +
ge.getMajorString());
}
}
}
if (supportedNTs != null) {
for (int i = 0; i < supportedNTs.length; i++) {
if (supportedNTs[i].equals(nameType)) return nameType;
}
// Special handling the specified name type
SunNativeProvider.debug("Override " + nameType +
" with mechanism default(null)");
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Override " + nameType +
" with mechanism default(null)");
}
return null; // Use mechanism specific default
}
}
Expand Down Expand Up @@ -187,8 +193,10 @@ && new String(nameBytes).endsWith(atRealm)) {
}
}

SunNativeProvider.debug("Imported " + printableName + " w/ type " +
printableType);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Imported " + printableName + " w/ type " +
printableType);
}
}

private void setPrintables() throws GSSException {
Expand Down Expand Up @@ -234,7 +242,9 @@ public String getKrbName() throws GSSException {
mName = stub.canonicalizeName(pName);
Object[] printables2 = stub.displayName(mName);
stub.releaseName(mName);
SunNativeProvider.debug("Got kerberized name: " + printables2[0]);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Got kerberized name: " + printables2[0]);
}
return (String) printables2[0];
}

Expand Down
8 changes: 5 additions & 3 deletions src/java.security.jgss/share/classes/sun/security/jgss/wrapper/Krb5Util.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -53,8 +53,10 @@ static void checkServicePermission(String target, String action) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
SunNativeProvider.debug("Checking ServicePermission(" +
target + ", " + action + ")");
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Checking ServicePermission(" +
target + ", " + action + ")");
}
ServicePermission perm =
new ServicePermission(target, action);
sm.checkPermission(perm);
Expand Down
44 changes: 29 additions & 15 deletions src/java.security.jgss/share/classes/sun/security/jgss/wrapper/NativeGSSContext.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -144,8 +144,10 @@ private void doDelegPermCheck() throws GSSException {
String tgsStr = Krb5Util.getTGSName(targetName);
String krbPrincPair = "\"" + targetStr + "\" \"" +
tgsStr + '\"';
SunNativeProvider.debug("Checking DelegationPermission (" +
krbPrincPair + ")");
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Checking DelegationPermission (" +
krbPrincPair + ")");
}
DelegationPermission perm =
new DelegationPermission(krbPrincPair);
sm.checkPermission(perm);
Expand All @@ -159,8 +161,10 @@ private byte[] retrieveToken(InputStream is, int mechTokenLen)
byte[] result;
if (mechTokenLen != -1) {
// Need to add back the GSS header for a complete GSS token
SunNativeProvider.debug("Precomputed mechToken length: " +
mechTokenLen);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Precomputed mechToken length: " +
mechTokenLen);
}
GSSHeader gssHeader = new GSSHeader
(ObjectIdentifier.of(cStub.getMech().toString()),
mechTokenLen);
Expand All @@ -178,8 +182,10 @@ private byte[] retrieveToken(InputStream is, int mechTokenLen)
DerValue dv = new DerValue(is);
result = dv.toByteArray();
}
SunNativeProvider.debug("Complete Token length: " +
result.length);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("Complete Token length: " +
result.length);
}
return result;
} catch (IOException ioe) {
throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
Expand Down Expand Up @@ -276,8 +282,10 @@ public byte[] initSecContext(InputStream is, int mechTokenLen)
// Ignore the specified input stream on the first call
if (pContext != 0) {
inToken = retrieveToken(is, mechTokenLen);
SunNativeProvider.debug("initSecContext=> inToken len=" +
inToken.length);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("initSecContext=> inToken len=" +
inToken.length);
}
}

if (!getCredDelegState()) skipDelegPermCheck = true;
Expand All @@ -289,8 +297,10 @@ public byte[] initSecContext(InputStream is, int mechTokenLen)
long pCred = (cred == null? 0 : cred.pCred);
outToken = cStub.initContext(pCred, targetName.pName,
cb, inToken, this);
SunNativeProvider.debug("initSecContext=> outToken len=" +
(outToken == null ? 0 : outToken.length));
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("initSecContext=> outToken len=" +
(outToken == null ? 0 : outToken.length));
}

// Only inspect the token when the permission check
// has not been performed
Expand Down Expand Up @@ -338,13 +348,17 @@ public byte[] acceptSecContext(InputStream is, int mechTokenLen)
byte[] outToken = null;
if ((!isEstablished) && (!isInitiator)) {
byte[] inToken = retrieveToken(is, mechTokenLen);
SunNativeProvider.debug("acceptSecContext=> inToken len=" +
inToken.length);
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("acceptSecContext=> inToken len=" +
inToken.length);
}
long pCred = (cred == null? 0 : cred.pCred);
outToken = cStub.acceptContext(pCred, cb, inToken, this);
disposeDelegatedCred = delegatedCred;
SunNativeProvider.debug("acceptSecContext=> outToken len=" +
(outToken == null? 0 : outToken.length));
if (SunNativeProvider.DEBUG) {
SunNativeProvider.debug("acceptSecContext=> outToken len=" +
(outToken == null ? 0 : outToken.length));
}

if (isEstablished && targetName == null) {
targetName = new GSSNameElement
Expand Down
5 changes: 3 additions & 2 deletions src/java.security.jgss/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -54,7 +54,8 @@ public final class SunNativeProvider extends Provider {
private static final String INFO = "Sun Native GSS provider";
private static final String MF_CLASS =
"sun.security.jgss.wrapper.NativeGSSFactory";
private static final boolean DEBUG =

static final boolean DEBUG =
GetBooleanAction.privilegedGetProperty("sun.security.nativegss.debug");

static void debug(String message) {
Expand Down

0 comments on commit a42c4ac

Please sign in to comment.