changeset 9140:b32e9aba4888

8031046: Native Windows ccache might still get unsupported ticket Reviewed-by: valeriep
author weijun
date Tue, 14 Jan 2014 13:31:44 +0800
parents 86cadbe50775
children 919264f5562c
files src/windows/native/sun/security/krb5/NativeCreds.c
diffstat 1 files changed, 15 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/windows/native/sun/security/krb5/NativeCreds.c	Fri Feb 07 17:18:33 2014 +0000
+++ b/src/windows/native/sun/security/krb5/NativeCreds.c	Tue Jan 14 13:31:44 2014 +0800
@@ -388,7 +388,7 @@
     jobject ticketFlags, startTime, endTime, krbCreds = NULL;
     jobject authTime, renewTillTime, hostAddresses = NULL;
     KERB_EXTERNAL_TICKET *msticket;
-    int found_in_cache = 0;
+    int found = 0;
     FILETIME Now, EndTime, LocalEndTime;
 
     int i, netypes;
@@ -476,7 +476,7 @@
             if (CompareFileTime(&Now, &LocalEndTime) < 0) {
                 for (i=0; i<netypes; i++) {
                     if (etypes[i] == msticket->SessionKey.KeyType) {
-                        found_in_cache = 1;
+                        found = 1;
                         if (native_debug) {
                             printf("LSA: Valid etype found: %d\n", etypes[i]);
                         }
@@ -486,7 +486,7 @@
             }
         }
 
-        if (!found_in_cache) {
+        if (!found) {
             if (native_debug) {
                 printf("LSA: MS TGT in cache is invalid/not supported; request new ticket\n");
             }
@@ -529,6 +529,14 @@
 
                 // got the native MS Kerberos TGT
                 msticket = &(pTicketResponse->Ticket);
+
+                if (msticket->SessionKey.KeyType != etypes[i]) {
+                    if (native_debug) {
+                        printf("LSA: Response etype is %d for %d. Retry.\n", msticket->SessionKey.KeyType, etypes[i]);
+                    }
+                    continue;
+                }
+                found = 1;
                 break;
             }
         }
@@ -583,6 +591,10 @@
         } KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
 
         */
+        if (!found) {
+            break;
+        }
+
         // Build a com.sun.security.krb5.Ticket
         ticket = BuildTicket(env, msticket->EncodedTicket,
                                 msticket->EncodedTicketSize);