/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This class is essentially a wrapper class for the gss_ctx_id_t
* structure of the native GSS library.
* @author Valerie Peng
* @since 1.6
*/
private boolean isInitiator;
private boolean isEstablished;
private int flags;
private boolean skipDelegPermCheck;
private boolean skipServicePermCheck;
// Retrieve the (preferred) mech out of SPNEGO tokens, i.e.
// NegTokenInit & NegTokenTarg
boolean isInitiator)
throws GSSException {
if (isInitiator) {
try {
} catch (IOException ioe) {
}
byte[] negToken = new byte[negTokenLen];
}
} else {
}
return mech;
}
// Perform the Service permission check
// Need to check Service permission for accessing
// initiator cred for SPNEGO during context establishment
&& !isEstablished) {
// Check by creating default initiator KRB5 cred
} else {
}
}
skipServicePermCheck = true;
}
}
// Perform the Delegation permission check
krbPrincPair + ")");
skipDelegPermCheck = true;
}
}
throws GSSException {
try {
if (mechTokenLen != -1) {
// Need to add back the GSS header for a complete GSS token
byte[] mechToken = new byte[mechTokenLen];
assert(mechTokenLen == len);
} else {
// Must be unparsed GSS token or SPNEGO's NegTokenTarg token
assert(mechTokenLen == -1);
}
return result;
} catch (IOException ioe) {
}
}
// Constructor for context initiator
}
targetName = peer;
isInitiator = true;
}
}
}
// Constructor for context acceptor
throws GSSException {
isInitiator = false;
// Defer Service permission check for default acceptor cred
// to acceptSecContext()
}
// srcName and potentially targetName (when myCred is null)
// will be set in GSSLibStub.acceptContext(...)
}
// Constructor for imported context
assert(pContext != 0);
// Set everything except cred, cb, delegatedCred
throw new RuntimeException("Bug w/ GSSLibStub.inquireContext()");
}
// Do Service Permission check when importing SPNEGO context
// just to be safe
}
}
return SunNativeProvider.INSTANCE;
}
throws GSSException {
if ((!isEstablished) && (isInitiator)) {
// Ignore the specified input stream on the first call
if (pContext != 0) {
}
if (!getCredDelegState()) skipDelegPermCheck = true;
}
// Only inspect the token when the permission check
// has not been performed
// WORKAROUND for SEAM bug#6287358
if (!skipServicePermCheck) doServicePermCheck();
if (!skipDelegPermCheck) doDelegPermCheck();
}
}
if (isEstablished) {
srcName = new GSSNameElement
}
cStub);
}
}
}
return outToken;
}
throws GSSException {
if ((!isEstablished) && (!isInitiator)) {
if (targetName == null) {
targetName = new GSSNameElement
// Replace the current default acceptor cred now that
// the context acceptor name is available
}
// Only inspect token when the permission check has not
// been performed
(outToken, false))) {
}
}
}
return outToken;
}
public boolean isEstablished() {
return isEstablished;
}
targetName = null;
if (pContext != 0) {
pContext = 0;
}
}
int maxTokenSize)
throws GSSException {
}
}
}
throws GSSException {
try {
} catch (IOException ioe) {
}
}
throws GSSException {
}
try {
} catch (IOException ioe) {
}
}
throws GSSException {
} else {
}
}
} else {
}
}
try {
} catch (IOException ioe) {
}
}
int wLength = 0;
try {
} catch (IOException ioe) {
}
}
}
}
try {
int length = 0;
}
} catch (IOException ioe) {
}
}
}
}
}
try {
} catch (IOException ioe) {
}
}
pContext = 0;
return result;
}
if (isEnable) {
} else {
}
}
}
}
}
}
}
}
}
}
// Not supported, ignore
}
}
}
if (pContext == 0) {
}
}
}
public boolean getCredDelegState() {
return checkFlags(GSS_C_DELEG_FLAG);
}
public boolean getMutualAuthState() {
return checkFlags(GSS_C_MUTUAL_FLAG);
}
public boolean getReplayDetState() {
return checkFlags(GSS_C_REPLAY_FLAG);
}
public boolean getSequenceDetState() {
return checkFlags(GSS_C_SEQUENCE_FLAG);
}
public boolean getAnonymityState() {
return checkFlags(GSS_C_ANON_FLAG);
}
return checkFlags(GSS_C_TRANS_FLAG);
}
public boolean isProtReady() {
return checkFlags(GSS_C_PROT_READY_FLAG);
}
public boolean getConfState() {
return checkFlags(GSS_C_CONF_FLAG);
}
public boolean getIntegState() {
return checkFlags(GSS_C_INTEG_FLAG);
}
public boolean getDelegPolicyState() {
return false;
}
public int getLifetime() {
}
return srcName;
}
return targetName;
}
return actualMech;
} else {
}
}
return delegatedCred;
}
public boolean isInitiator() {
return isInitiator;
}
dispose();
}
throws GSSException {
"Inquire type not supported.");
}
}