0N/A/*
2362N/A * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
2362N/A * published by the Free Software Foundation. Oracle designates this
0N/A * particular file as subject to the "Classpath" exception as provided
2362N/A * by Oracle in the LICENSE file that accompanied this code.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/Apackage sun.security.jgss.wrapper;
0N/A
0N/Aimport org.ietf.jgss.*;
0N/Aimport java.security.Provider;
0N/Aimport sun.security.jgss.GSSHeader;
0N/Aimport sun.security.jgss.GSSUtil;
0N/Aimport sun.security.jgss.GSSExceptionImpl;
0N/Aimport sun.security.jgss.spi.*;
0N/Aimport sun.security.util.DerValue;
0N/Aimport sun.security.util.ObjectIdentifier;
0N/Aimport sun.security.jgss.spnego.NegTokenInit;
0N/Aimport sun.security.jgss.spnego.NegTokenTarg;
0N/Aimport javax.security.auth.kerberos.DelegationPermission;
1535N/Aimport com.sun.security.jgss.InquireType;
0N/Aimport java.io.*;
0N/A
0N/A
0N/A/**
0N/A * This class is essentially a wrapper class for the gss_ctx_id_t
0N/A * structure of the native GSS library.
0N/A * @author Valerie Peng
0N/A * @since 1.6
0N/A */
0N/Aclass NativeGSSContext implements GSSContextSpi {
0N/A
0N/A private static final int GSS_C_DELEG_FLAG = 1;
0N/A private static final int GSS_C_MUTUAL_FLAG = 2;
0N/A private static final int GSS_C_REPLAY_FLAG = 4;
0N/A private static final int GSS_C_SEQUENCE_FLAG = 8;
0N/A private static final int GSS_C_CONF_FLAG = 16;
0N/A private static final int GSS_C_INTEG_FLAG = 32;
0N/A private static final int GSS_C_ANON_FLAG = 64;
0N/A private static final int GSS_C_PROT_READY_FLAG = 128;
0N/A private static final int GSS_C_TRANS_FLAG = 256;
0N/A
0N/A private static final int NUM_OF_INQUIRE_VALUES = 6;
0N/A
0N/A private long pContext = 0; // Pointer to the gss_ctx_id_t structure
0N/A private GSSNameElement srcName;
0N/A private GSSNameElement targetName;
0N/A private GSSCredElement cred;
0N/A private boolean isInitiator;
0N/A private boolean isEstablished;
0N/A private Oid actualMech; // Assigned during context establishment
0N/A
0N/A private ChannelBinding cb;
0N/A private GSSCredElement delegatedCred;
0N/A private int flags;
0N/A private int lifetime = GSSCredential.DEFAULT_LIFETIME;
0N/A private final GSSLibStub cStub;
0N/A
0N/A private boolean skipDelegPermCheck;
0N/A private boolean skipServicePermCheck;
0N/A
0N/A // Retrieve the (preferred) mech out of SPNEGO tokens, i.e.
0N/A // NegTokenInit & NegTokenTarg
0N/A private static Oid getMechFromSpNegoToken(byte[] token,
0N/A boolean isInitiator)
0N/A throws GSSException {
0N/A Oid mech = null;
0N/A if (isInitiator) {
0N/A GSSHeader header = null;
0N/A try {
0N/A header = new GSSHeader(new ByteArrayInputStream(token));
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A int negTokenLen = header.getMechTokenLength();
0N/A byte[] negToken = new byte[negTokenLen];
0N/A System.arraycopy(token, token.length-negTokenLen,
0N/A negToken, 0, negToken.length);
0N/A
0N/A NegTokenInit ntok = new NegTokenInit(negToken);
0N/A if (ntok.getMechToken() != null) {
0N/A Oid[] mechList = ntok.getMechTypeList();
0N/A mech = mechList[0];
0N/A }
0N/A } else {
0N/A NegTokenTarg ntok = new NegTokenTarg(token);
0N/A mech = ntok.getSupportedMech();
0N/A }
0N/A return mech;
0N/A }
0N/A
0N/A // Perform the Service permission check
0N/A private void doServicePermCheck() throws GSSException {
0N/A if (System.getSecurityManager() != null) {
0N/A String action = (isInitiator? "initiate" : "accept");
0N/A // Need to check Service permission for accessing
0N/A // initiator cred for SPNEGO during context establishment
0N/A if (GSSUtil.isSpNegoMech(cStub.getMech()) && isInitiator
0N/A && !isEstablished) {
0N/A if (srcName == null) {
0N/A // Check by creating default initiator KRB5 cred
0N/A GSSCredElement tempCred =
0N/A new GSSCredElement(null, lifetime,
0N/A GSSCredential.INITIATE_ONLY,
0N/A GSSLibStub.getInstance(GSSUtil.GSS_KRB5_MECH_OID));
0N/A tempCred.dispose();
0N/A } else {
0N/A String tgsName = Krb5Util.getTGSName(srcName);
0N/A Krb5Util.checkServicePermission(tgsName, action);
0N/A }
0N/A }
0N/A String targetStr = targetName.getKrbName();
0N/A Krb5Util.checkServicePermission(targetStr, action);
0N/A skipServicePermCheck = true;
0N/A }
0N/A }
0N/A
0N/A // Perform the Delegation permission check
0N/A private void doDelegPermCheck() throws GSSException {
0N/A SecurityManager sm = System.getSecurityManager();
0N/A if (sm != null) {
0N/A String targetStr = targetName.getKrbName();
0N/A String tgsStr = Krb5Util.getTGSName(targetName);
0N/A StringBuffer buf = new StringBuffer("\"");
0N/A buf.append(targetStr).append("\" \"");
0N/A buf.append(tgsStr).append('\"');
0N/A String krbPrincPair = buf.toString();
0N/A SunNativeProvider.debug("Checking DelegationPermission (" +
0N/A krbPrincPair + ")");
0N/A DelegationPermission perm =
0N/A new DelegationPermission(krbPrincPair);
0N/A sm.checkPermission(perm);
0N/A skipDelegPermCheck = true;
0N/A }
0N/A }
0N/A
0N/A private byte[] retrieveToken(InputStream is, int mechTokenLen)
0N/A throws GSSException {
0N/A try {
0N/A byte[] result = null;
0N/A if (mechTokenLen != -1) {
0N/A // Need to add back the GSS header for a complete GSS token
0N/A SunNativeProvider.debug("Precomputed mechToken length: " +
0N/A mechTokenLen);
0N/A GSSHeader gssHeader = new GSSHeader
0N/A (new ObjectIdentifier(cStub.getMech().toString()),
0N/A mechTokenLen);
0N/A ByteArrayOutputStream baos = new ByteArrayOutputStream(600);
0N/A
0N/A byte[] mechToken = new byte[mechTokenLen];
0N/A int len = is.read(mechToken);
0N/A assert(mechTokenLen == len);
0N/A gssHeader.encode(baos);
0N/A baos.write(mechToken);
0N/A result = baos.toByteArray();
0N/A } else {
0N/A // Must be unparsed GSS token or SPNEGO's NegTokenTarg token
0N/A assert(mechTokenLen == -1);
0N/A DerValue dv = new DerValue(is);
0N/A result = dv.toByteArray();
0N/A }
0N/A SunNativeProvider.debug("Complete Token length: " +
0N/A result.length);
0N/A return result;
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A
0N/A // Constructor for context initiator
0N/A NativeGSSContext(GSSNameElement peer, GSSCredElement myCred,
0N/A int time, GSSLibStub stub) throws GSSException {
0N/A if (peer == null) {
0N/A throw new GSSException(GSSException.FAILURE, 1, "null peer");
0N/A }
0N/A cStub = stub;
0N/A cred = myCred;
0N/A targetName = peer;
0N/A isInitiator = true;
0N/A lifetime = time;
0N/A
0N/A if (GSSUtil.isKerberosMech(cStub.getMech())) {
0N/A doServicePermCheck();
0N/A if (cred == null) {
0N/A cred = new GSSCredElement(null, lifetime,
0N/A GSSCredential.INITIATE_ONLY, cStub);
0N/A }
0N/A srcName = cred.getName();
0N/A }
0N/A }
0N/A
0N/A // Constructor for context acceptor
0N/A NativeGSSContext(GSSCredElement myCred, GSSLibStub stub)
0N/A throws GSSException {
0N/A cStub = stub;
0N/A cred = myCred;
0N/A
0N/A if (cred != null) targetName = cred.getName();
0N/A
0N/A isInitiator = false;
0N/A // Defer Service permission check for default acceptor cred
0N/A // to acceptSecContext()
0N/A if (GSSUtil.isKerberosMech(cStub.getMech()) && targetName != null) {
0N/A doServicePermCheck();
0N/A }
0N/A
0N/A // srcName and potentially targetName (when myCred is null)
0N/A // will be set in GSSLibStub.acceptContext(...)
0N/A }
0N/A
0N/A // Constructor for imported context
0N/A NativeGSSContext(long pCtxt, GSSLibStub stub) throws GSSException {
0N/A assert(pContext != 0);
0N/A pContext = pCtxt;
0N/A cStub = stub;
0N/A
0N/A // Set everything except cred, cb, delegatedCred
0N/A long[] info = cStub.inquireContext(pContext);
0N/A if (info.length != NUM_OF_INQUIRE_VALUES) {
0N/A throw new RuntimeException("Bug w/ GSSLibStub.inquireContext()");
0N/A }
0N/A srcName = new GSSNameElement(info[0], cStub);
0N/A targetName = new GSSNameElement(info[1], cStub);
0N/A isInitiator = (info[2] != 0);
0N/A isEstablished = (info[3] != 0);
0N/A flags = (int) info[4];
0N/A lifetime = (int) info[5];
0N/A
0N/A // Do Service Permission check when importing SPNEGO context
0N/A // just to be safe
0N/A Oid mech = cStub.getMech();
0N/A if (GSSUtil.isSpNegoMech(mech) || GSSUtil.isKerberosMech(mech)) {
0N/A doServicePermCheck();
0N/A }
0N/A }
0N/A
0N/A public Provider getProvider() {
0N/A return SunNativeProvider.INSTANCE;
0N/A }
0N/A
0N/A public byte[] initSecContext(InputStream is, int mechTokenLen)
0N/A throws GSSException {
0N/A byte[] outToken = null;
0N/A if ((!isEstablished) && (isInitiator)) {
0N/A byte[] inToken = null;
0N/A // Ignore the specified input stream on the first call
0N/A if (pContext != 0) {
0N/A inToken = retrieveToken(is, mechTokenLen);
0N/A SunNativeProvider.debug("initSecContext=> inToken len=" +
0N/A inToken.length);
0N/A }
0N/A
0N/A if (!getCredDelegState()) skipDelegPermCheck = true;
0N/A
0N/A if (GSSUtil.isKerberosMech(cStub.getMech()) && !skipDelegPermCheck) {
0N/A doDelegPermCheck();
0N/A }
0N/A
0N/A long pCred = (cred == null? 0 : cred.pCred);
0N/A outToken = cStub.initContext(pCred, targetName.pName,
0N/A cb, inToken, this);
0N/A SunNativeProvider.debug("initSecContext=> outToken len=" +
0N/A (outToken == null ? 0 : outToken.length));
0N/A
0N/A // Only inspect the token when the permission check
0N/A // has not been performed
0N/A if (GSSUtil.isSpNegoMech(cStub.getMech()) && outToken != null) {
0N/A // WORKAROUND for SEAM bug#6287358
0N/A actualMech = getMechFromSpNegoToken(outToken, true);
0N/A
0N/A if (GSSUtil.isKerberosMech(actualMech)) {
0N/A if (!skipServicePermCheck) doServicePermCheck();
0N/A if (!skipDelegPermCheck) doDelegPermCheck();
0N/A }
0N/A }
0N/A
0N/A if (isEstablished) {
0N/A if (srcName == null) {
0N/A srcName = new GSSNameElement
0N/A (cStub.getContextName(pContext, true), cStub);
0N/A }
0N/A if (cred == null) {
0N/A cred = new GSSCredElement(srcName, lifetime,
0N/A GSSCredential.INITIATE_ONLY,
0N/A cStub);
0N/A }
0N/A }
0N/A }
0N/A return outToken;
0N/A }
0N/A
0N/A public byte[] acceptSecContext(InputStream is, int mechTokenLen)
0N/A throws GSSException {
0N/A byte[] outToken = null;
0N/A if ((!isEstablished) && (!isInitiator)) {
0N/A byte[] inToken = retrieveToken(is, mechTokenLen);
0N/A SunNativeProvider.debug("acceptSecContext=> inToken len=" +
0N/A inToken.length);
0N/A long pCred = (cred == null? 0 : cred.pCred);
0N/A outToken = cStub.acceptContext(pCred, cb, inToken, this);
0N/A SunNativeProvider.debug("acceptSecContext=> outToken len=" +
0N/A (outToken == null? 0 : outToken.length));
0N/A
0N/A if (targetName == null) {
0N/A targetName = new GSSNameElement
0N/A (cStub.getContextName(pContext, false), cStub);
0N/A // Replace the current default acceptor cred now that
0N/A // the context acceptor name is available
0N/A if (cred != null) cred.dispose();
0N/A cred = new GSSCredElement(targetName, lifetime,
0N/A GSSCredential.ACCEPT_ONLY, cStub);
0N/A }
0N/A
0N/A // Only inspect token when the permission check has not
0N/A // been performed
0N/A if (GSSUtil.isSpNegoMech(cStub.getMech()) &&
0N/A (outToken != null) && !skipServicePermCheck) {
0N/A if (GSSUtil.isKerberosMech(getMechFromSpNegoToken
0N/A (outToken, false))) {
0N/A doServicePermCheck();
0N/A }
0N/A }
0N/A }
0N/A return outToken;
0N/A }
0N/A
0N/A public boolean isEstablished() {
0N/A return isEstablished;
0N/A }
0N/A
0N/A public void dispose() throws GSSException {
0N/A srcName = null;
0N/A targetName = null;
0N/A cred = null;
0N/A delegatedCred = null;
0N/A if (pContext != 0) {
0N/A pContext = cStub.deleteContext(pContext);
0N/A pContext = 0;
0N/A }
0N/A }
0N/A
0N/A public int getWrapSizeLimit(int qop, boolean confReq,
0N/A int maxTokenSize)
0N/A throws GSSException {
0N/A return cStub.wrapSizeLimit(pContext, (confReq? 1:0), qop,
0N/A maxTokenSize);
0N/A }
0N/A
0N/A public byte[] wrap(byte[] inBuf, int offset, int len,
0N/A MessageProp msgProp) throws GSSException {
0N/A byte[] data = inBuf;
0N/A if ((offset != 0) || (len != inBuf.length)) {
0N/A data = new byte[len];
0N/A System.arraycopy(inBuf, offset, data, 0, len);
0N/A }
0N/A return cStub.wrap(pContext, data, msgProp);
0N/A }
0N/A public void wrap(byte inBuf[], int offset, int len,
0N/A OutputStream os, MessageProp msgProp)
0N/A throws GSSException {
0N/A try {
0N/A byte[] result = wrap(inBuf, offset, len, msgProp);
0N/A os.write(result);
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A public int wrap(byte[] inBuf, int inOffset, int len, byte[] outBuf,
0N/A int outOffset, MessageProp msgProp)
0N/A throws GSSException {
0N/A byte[] result = wrap(inBuf, inOffset, len, msgProp);
0N/A System.arraycopy(result, 0, outBuf, outOffset, result.length);
0N/A return result.length;
0N/A }
0N/A public void wrap(InputStream inStream, OutputStream outStream,
0N/A MessageProp msgProp) throws GSSException {
0N/A try {
0N/A byte[] data = new byte[inStream.available()];
0N/A int length = inStream.read(data);
0N/A byte[] token = wrap(data, 0, length, msgProp);
0N/A outStream.write(token);
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A
0N/A public byte[] unwrap(byte[] inBuf, int offset, int len,
0N/A MessageProp msgProp)
0N/A throws GSSException {
0N/A if ((offset != 0) || (len != inBuf.length)) {
0N/A byte[] temp = new byte[len];
0N/A System.arraycopy(inBuf, offset, temp, 0, len);
0N/A return cStub.unwrap(pContext, temp, msgProp);
0N/A } else {
0N/A return cStub.unwrap(pContext, inBuf, msgProp);
0N/A }
0N/A }
0N/A public int unwrap(byte[] inBuf, int inOffset, int len,
0N/A byte[] outBuf, int outOffset,
0N/A MessageProp msgProp) throws GSSException {
0N/A byte[] result = null;
0N/A if ((inOffset != 0) || (len != inBuf.length)) {
0N/A byte[] temp = new byte[len];
0N/A System.arraycopy(inBuf, inOffset, temp, 0, len);
0N/A result = cStub.unwrap(pContext, temp, msgProp);
0N/A } else {
0N/A result = cStub.unwrap(pContext, inBuf, msgProp);
0N/A }
0N/A System.arraycopy(result, 0, outBuf, outOffset, result.length);
0N/A return result.length;
0N/A }
0N/A public void unwrap(InputStream inStream, OutputStream outStream,
0N/A MessageProp msgProp) throws GSSException {
0N/A try {
0N/A byte[] wrapped = new byte[inStream.available()];
0N/A int wLength = inStream.read(wrapped);
0N/A byte[] data = unwrap(wrapped, 0, wLength, msgProp);
0N/A outStream.write(data);
0N/A outStream.flush();
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A
0N/A public int unwrap(InputStream inStream,
0N/A byte[] outBuf, int outOffset,
0N/A MessageProp msgProp) throws GSSException {
0N/A byte[] wrapped = null;
0N/A int wLength = 0;
0N/A try {
0N/A wrapped = new byte[inStream.available()];
0N/A wLength = inStream.read(wrapped);
0N/A byte[] result = unwrap(wrapped, 0, wLength, msgProp);
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A byte[] result = unwrap(wrapped, 0, wLength, msgProp);
0N/A System.arraycopy(result, 0, outBuf, outOffset, result.length);
0N/A return result.length;
0N/A }
0N/A
0N/A public byte[] getMIC(byte[] in, int offset, int len,
0N/A MessageProp msgProp) throws GSSException {
0N/A int qop = (msgProp == null? 0:msgProp.getQOP());
0N/A byte[] inMsg = in;
0N/A if ((offset != 0) || (len != in.length)) {
0N/A inMsg = new byte[len];
0N/A System.arraycopy(in, offset, inMsg, 0, len);
0N/A }
0N/A return cStub.getMic(pContext, qop, inMsg);
0N/A }
0N/A
0N/A public void getMIC(InputStream inStream, OutputStream outStream,
0N/A MessageProp msgProp) throws GSSException {
0N/A try {
0N/A int length = 0;
0N/A byte[] msg = new byte[inStream.available()];
0N/A length = inStream.read(msg);
0N/A
0N/A byte[] msgToken = getMIC(msg, 0, length, msgProp);
0N/A if ((msgToken != null) && msgToken.length != 0) {
0N/A outStream.write(msgToken);
0N/A }
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A
0N/A public void verifyMIC(byte[] inToken, int tOffset, int tLen,
0N/A byte[] inMsg, int mOffset, int mLen,
0N/A MessageProp msgProp) throws GSSException {
0N/A byte[] token = inToken;
0N/A byte[] msg = inMsg;
0N/A if ((tOffset != 0) || (tLen != inToken.length)) {
0N/A token = new byte[tLen];
0N/A System.arraycopy(inToken, tOffset, token, 0, tLen);
0N/A }
0N/A if ((mOffset != 0) || (mLen != inMsg.length)) {
0N/A msg = new byte[mLen];
0N/A System.arraycopy(inMsg, mOffset, msg, 0, mLen);
0N/A }
0N/A cStub.verifyMic(pContext, token, msg, msgProp);
0N/A }
0N/A
0N/A public void verifyMIC(InputStream tokStream, InputStream msgStream,
0N/A MessageProp msgProp) throws GSSException {
0N/A try {
0N/A byte[] msg = new byte[msgStream.available()];
0N/A int mLength = msgStream.read(msg);
0N/A byte[] tok = new byte[tokStream.available()];
0N/A int tLength = tokStream.read(tok);
0N/A verifyMIC(tok, 0, tLength, msg, 0, mLength, msgProp);
0N/A } catch (IOException ioe) {
0N/A throw new GSSExceptionImpl(GSSException.FAILURE, ioe);
0N/A }
0N/A }
0N/A
0N/A public byte[] export() throws GSSException {
0N/A byte[] result = cStub.exportContext(pContext);
0N/A pContext = 0;
0N/A return result;
0N/A }
0N/A
0N/A private void changeFlags(int flagMask, boolean isEnable) {
0N/A if (isInitiator && pContext == 0) {
0N/A if (isEnable) {
0N/A flags |= flagMask;
0N/A } else {
0N/A flags &= ~flagMask;
0N/A }
0N/A }
0N/A }
0N/A public void requestMutualAuth(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_MUTUAL_FLAG, state);
0N/A }
0N/A public void requestReplayDet(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_REPLAY_FLAG, state);
0N/A }
0N/A public void requestSequenceDet(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_SEQUENCE_FLAG, state);
0N/A }
0N/A public void requestCredDeleg(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_DELEG_FLAG, state);
0N/A }
0N/A public void requestAnonymity(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_ANON_FLAG, state);
0N/A }
0N/A public void requestConf(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_CONF_FLAG, state);
0N/A }
0N/A public void requestInteg(boolean state) throws GSSException {
0N/A changeFlags(GSS_C_INTEG_FLAG, state);
0N/A }
1941N/A public void requestDelegPolicy(boolean state) throws GSSException {
1941N/A // Not supported, ignore
1941N/A }
0N/A public void requestLifetime(int lifetime) throws GSSException {
0N/A if (isInitiator && pContext == 0) {
0N/A this.lifetime = lifetime;
0N/A }
0N/A }
0N/A public void setChannelBinding(ChannelBinding cb) throws GSSException {
0N/A if (pContext == 0) {
0N/A this.cb = cb;
0N/A }
0N/A }
0N/A
0N/A private boolean checkFlags(int flagMask) {
0N/A return ((flags & flagMask) != 0);
0N/A }
0N/A public boolean getCredDelegState() {
0N/A return checkFlags(GSS_C_DELEG_FLAG);
0N/A }
0N/A public boolean getMutualAuthState() {
0N/A return checkFlags(GSS_C_MUTUAL_FLAG);
0N/A }
0N/A public boolean getReplayDetState() {
0N/A return checkFlags(GSS_C_REPLAY_FLAG);
0N/A }
0N/A public boolean getSequenceDetState() {
0N/A return checkFlags(GSS_C_SEQUENCE_FLAG);
0N/A }
0N/A public boolean getAnonymityState() {
0N/A return checkFlags(GSS_C_ANON_FLAG);
0N/A }
0N/A public boolean isTransferable() throws GSSException {
0N/A return checkFlags(GSS_C_TRANS_FLAG);
0N/A }
0N/A public boolean isProtReady() {
0N/A return checkFlags(GSS_C_PROT_READY_FLAG);
0N/A }
0N/A public boolean getConfState() {
0N/A return checkFlags(GSS_C_CONF_FLAG);
0N/A }
0N/A public boolean getIntegState() {
0N/A return checkFlags(GSS_C_INTEG_FLAG);
0N/A }
1941N/A public boolean getDelegPolicyState() {
1941N/A return false;
1941N/A }
0N/A public int getLifetime() {
0N/A return cStub.getContextTime(pContext);
0N/A }
0N/A public GSSNameSpi getSrcName() throws GSSException {
0N/A return srcName;
0N/A }
0N/A public GSSNameSpi getTargName() throws GSSException {
0N/A return targetName;
0N/A }
0N/A public Oid getMech() throws GSSException {
0N/A if (isEstablished && actualMech != null) {
0N/A return actualMech;
0N/A } else {
0N/A return cStub.getMech();
0N/A }
0N/A }
0N/A public GSSCredentialSpi getDelegCred() throws GSSException {
0N/A return delegatedCred;
0N/A }
0N/A public boolean isInitiator() {
0N/A return isInitiator;
0N/A }
0N/A
0N/A protected void finalize() throws Throwable {
0N/A dispose();
0N/A }
1535N/A
1535N/A public Object inquireSecContext(InquireType type)
1535N/A throws GSSException {
1535N/A throw new GSSException(GSSException.UNAVAILABLE, -1,
1535N/A "Inquire type not supported.");
1535N/A }
0N/A}