changeset 2408:ba95fd03440b

6932525: Incorrect encryption types of KDC_REQ_BODY of AS-REQ with pre-authentication Reviewed-by: valeriep
author weijun
date Mon, 24 May 2010 10:05:04 +0800
parents 625c75559b0d
children 41a5722e6e10
files src/share/classes/sun/security/krb5/KrbAsReq.java test/sun/security/krb5/auto/KDC.java
diffstat 2 files changed, 6 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/krb5/KrbAsReq.java	Mon May 24 09:37:16 2010 +0800
+++ b/src/share/classes/sun/security/krb5/KrbAsReq.java	Mon May 24 10:05:04 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Portions Copyright 2000-2009 Sun Microsystems, Inc.  All Rights Reserved.
+ * Portions Copyright 2000-2010 Sun Microsystems, Inc.  All Rights Reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -344,16 +344,13 @@
         princName = cname;
 
         EncryptionKey key = null;
-        int[] tktETypes = null;
+        int[] tktETypes = EType.getDefaults("default_tkt_enctypes");
         if (pa_exists && pa_etype != EncryptedData.ETYPE_NULL) {
             if (DEBUG) {
                 System.out.println("Pre-Authenticaton: find key for etype = " + pa_etype);
             }
             key = EncryptionKey.findKey(pa_etype, keys);
-            tktETypes = new int[1];
-            tktETypes[0] = pa_etype;
         } else {
-            tktETypes = EType.getDefaults("default_tkt_enctypes", keys);
             key = EncryptionKey.findKey(tktETypes[0], keys);
         }
 
--- a/test/sun/security/krb5/auto/KDC.java	Mon May 24 09:37:16 2010 +0800
+++ b/test/sun/security/krb5/auto/KDC.java	Mon May 24 10:05:04 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2009 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2008-2010 Sun Microsystems, Inc.  All Rights Reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -740,6 +740,9 @@
             Field f = KDCReqBody.class.getDeclaredField("eType");
             f.setAccessible(true);
             eTypes = (int[])f.get(body);
+            if (eTypes.length < 2) {
+                throw new KrbException(Krb5.KDC_ERR_ETYPE_NOSUPP);
+            }
             int eType = eTypes[0];
 
             EncryptionKey ckey = keyForUser(body.cname, eType, false);