3991N/A * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A {(
byte)
0x10, (
byte)
0x00, (
byte)
0x00, (
byte)
0x00};
0N/A * Called on the initiator side when creating the 0N/A * InitSecContextToken. 1941N/A // delegation not permitted by server policy, mark it 0N/A // System.out.println("ChannelBinding hash: " 0N/A // + getHexBytes(localBindingsBytes)); 0N/A // Cannot use '\"' instead of "\"" in constructor because 0N/A // it is interpreted as suggested length! 0N/A * Write 1 in little endian but in two bytes 0N/A * Write the length of the delegated credential in little 0N/A * endian but in two bytes for Dlgth 0N/A "Incorrect messsage length");
0N/A * Called on the acceptor side when reading an InitSecContextToken. 0N/A // XXX Passing in Checksum is not required. byte[] can 0N/A // be passed in if this checksum type denotes a 0N/A // raw_checksum. In that case, make Checksum class krb5 2894N/A "No cksum in AP_REQ's authenticator");
0N/A "Incorrect checksum");
1304N/A // Ignore remote channel binding info when not requested at 1304N/A // local side (RFC 4121 4.1.1.2: the acceptor MAY ignore...). 1304N/A // All major krb5 implementors implement this "MAY", 1304N/A // and some applications depend on it as a workaround 1304N/A // for not having a way to negotiate the use of channel 1304N/A // binding -- the initiator application always uses CB 1304N/A // and hopes the acceptor will ignore the CB if the 1304N/A // acceptor doesn't support CB. 1304N/A "Token missing ChannelBinding!");
0N/A * if ((checksumBytes[24] != (byte)0x01) && 0N/A * (checksumBytes[25] != (byte)0x00)) 0N/A // check if KRB-CRED message should use NULL_KEY for encryption 0N/A // for "newer" etypes and RC4-HMAC do not use NULL KEY 0N/A // default for cred delegation is false 0N/A // default for the following are true 0N/A "Incorrect AF-INET address length in ChannelBinding.");
0N/A "Incorrect AF-INET6 address length in ChannelBinding.");
0N/A "Cannot handle non AF-INET addresses in ChannelBinding.");
0N/A "Could not get MD5 Message Digest - "