security/krb5/nativeccache.c

4648N/A/*
4648N/A * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
4648N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4648N/A *
4648N/A * This code is free software; you can redistribute it and/or modify it
4648N/A * under the terms of the GNU General Public License version 2 only, as
4648N/A * published by the Free Software Foundation.  Oracle designates this
4648N/A * particular file as subject to the "Classpath" exception as provided
4648N/A * by Oracle in the LICENSE file that accompanied this code.
4648N/A *
4648N/A * This code is distributed in the hope that it will be useful, but WITHOUT
4648N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
4648N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
4648N/A * version 2 for more details (a copy is included in the LICENSE file that
4648N/A * accompanied this code).
4648N/A *
4648N/A * You should have received a copy of the GNU General Public License version
4648N/A * 2 along with this work; if not, write to the Free Software Foundation,
4648N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
4648N/A *
4648N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
4648N/A * or visit www.oracle.com if you need additional information or have any
4648N/A * questions.
4648N/A */
4648N/A
4648N/A#import "sun_security_krb5_Credentials.h"
4648N/A#import <Kerberos/Kerberos.h>
4648N/A
4648N/A/*
4648N/A * Based largely on klist.c,
4648N/A *
4648N/A * Created by Scott Kovatch on 8/12/04.
4648N/A *
4648N/A * See http://www.opensource.apple.com/darwinsource/10.3.3/Kerberos-47/KerberosClients/klist/Sources/klist.c
4648N/A
4648N/A */
4648N/A
4648N/A/*
4648N/A * Statics for this module
4648N/A */
4648N/A
4648N/Astatic jclass derValueClass = NULL;
4648N/Astatic jclass ticketClass = NULL;
4648N/Astatic jclass principalNameClass = NULL;
4648N/Astatic jclass encryptionKeyClass = NULL;
4648N/Astatic jclass ticketFlagsClass = NULL;
4648N/Astatic jclass kerberosTimeClass = NULL;
4648N/Astatic jclass javaLangStringClass = NULL;
4648N/Astatic jclass javaLangIntegerClass = NULL;
4648N/Astatic jclass hostAddressClass = NULL;
4648N/Astatic jclass hostAddressesClass = NULL;
4648N/A
4648N/Astatic jmethodID derValueConstructor = 0;
4648N/Astatic jmethodID ticketConstructor = 0;
4648N/Astatic jmethodID principalNameConstructor = 0;
4648N/Astatic jmethodID encryptionKeyConstructor = 0;
4648N/Astatic jmethodID ticketFlagsConstructor = 0;
4648N/Astatic jmethodID kerberosTimeConstructor = 0;
4648N/Astatic jmethodID krbcredsConstructor = 0;
4648N/Astatic jmethodID integerConstructor = 0;
4648N/Astatic jmethodID hostAddressConstructor = 0;
4648N/Astatic jmethodID hostAddressesConstructor = 0;
4648N/A
4648N/A/*
4648N/A * Function prototypes for internal routines
4648N/A */
4648N/A
4648N/Astatic jobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket);
4648N/Astatic jobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal principalName);
4648N/Astatic jobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey);
4648N/Astatic jobject BuildTicketFlags(JNIEnv *env, krb5_flags flags);
4648N/Astatic jobject BuildKerberosTime(JNIEnv *env, krb5_timestamp kerbtime);
4648N/Astatic jobject BuildAddressList(JNIEnv *env, krb5_address **kerbtime);
4648N/A
4648N/Astatic void printiferr (errcode_t err, const char *format, ...);
4648N/A
4648N/Astatic jclass FindClass(JNIEnv *env, char *className)
4648N/A{
4648N/A    jclass cls = (*env)->FindClass(env, className);
4648N/A
4648N/A    if (cls == NULL) {
4648N/A        printf("Couldn't find %s\n", className);
4648N/A        return NULL;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found %s\n", className);
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    jobject returnValue = (*env)->NewWeakGlobalRef(env,cls);
4648N/A    return returnValue;
4648N/A}
4648N/A/*
4648N/A * Class:     sun_security_krb5_KrbCreds
4648N/A * Method:    JNI_OnLoad
4648N/A */
4648N/AJNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *jvm, void *reserved)
4648N/A{
4648N/A    JNIEnv *env;
4648N/A
4648N/A    if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_4)) {
4648N/A        return JNI_EVERSION; /* JNI version not supported */
4648N/A    }
4648N/A
4648N/A    ticketClass = FindClass(env, "sun/security/krb5/internal/Ticket");
4648N/A    if (ticketClass == NULL) return JNI_ERR;
4648N/A
4648N/A    principalNameClass = FindClass(env, "sun/security/krb5/PrincipalName");
4648N/A    if (principalNameClass == NULL) return JNI_ERR;
4648N/A
4648N/A    derValueClass = FindClass(env, "sun/security/util/DerValue");
4648N/A    if (derValueClass == NULL) return JNI_ERR;
4648N/A
4648N/A    encryptionKeyClass = FindClass(env, "sun/security/krb5/EncryptionKey");
4648N/A    if (encryptionKeyClass == NULL) return JNI_ERR;
4648N/A
4648N/A    ticketFlagsClass = FindClass(env,"sun/security/krb5/internal/TicketFlags");
4648N/A    if (ticketFlagsClass == NULL) return JNI_ERR;
4648N/A
4648N/A    kerberosTimeClass = FindClass(env,"sun/security/krb5/internal/KerberosTime");
4648N/A    if (kerberosTimeClass == NULL) return JNI_ERR;
4648N/A
4648N/A    javaLangStringClass = FindClass(env,"java/lang/String");
4648N/A    if (javaLangStringClass == NULL) return JNI_ERR;
4648N/A
4648N/A    javaLangIntegerClass = FindClass(env,"java/lang/Integer");
4648N/A    if (javaLangIntegerClass == NULL) return JNI_ERR;
4648N/A
4648N/A    hostAddressClass = FindClass(env,"sun/security/krb5/internal/HostAddress");
4648N/A    if (hostAddressClass == NULL) return JNI_ERR;
4648N/A
4648N/A    hostAddressesClass = FindClass(env,"sun/security/krb5/internal/HostAddresses");
4648N/A    if (hostAddressesClass == NULL) return JNI_ERR;
4648N/A
4648N/A    derValueConstructor = (*env)->GetMethodID(env, derValueClass, "<init>", "([B)V");
4648N/A    if (derValueConstructor == 0) {
4648N/A        printf("Couldn't find DerValue constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found DerValue constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    ticketConstructor = (*env)->GetMethodID(env, ticketClass, "<init>", "(Lsun/security/util/DerValue;)V");
4648N/A    if (derValueConstructor == 0) {
4648N/A        printf("Couldn't find Ticket constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found Ticket constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    principalNameConstructor = (*env)->GetMethodID(env, principalNameClass, "<init>", "(Ljava/lang/String;I)V");
4648N/A    if (principalNameConstructor == 0) {
4648N/A        printf("Couldn't find PrincipalName constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found PrincipalName constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass, "<init>", "(I[B)V");
4648N/A    if (encryptionKeyConstructor == 0) {
4648N/A        printf("Couldn't find EncryptionKey constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found EncryptionKey constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass, "<init>", "(I[B)V");
4648N/A    if (ticketFlagsConstructor == 0) {
4648N/A        printf("Couldn't find TicketFlags constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found TicketFlags constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass, "<init>", "(J)V");
4648N/A    if (kerberosTimeConstructor == 0) {
4648N/A        printf("Couldn't find KerberosTime constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found KerberosTime constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    integerConstructor = (*env)->GetMethodID(env, javaLangIntegerClass, "<init>", "(I)V");
4648N/A    if (integerConstructor == 0) {
4648N/A        printf("Couldn't find Integer constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found Integer constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    hostAddressConstructor = (*env)->GetMethodID(env, hostAddressClass, "<init>", "(I[B)V");
4648N/A    if (hostAddressConstructor == 0) {
4648N/A        printf("Couldn't find HostAddress constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found HostAddress constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    hostAddressesConstructor = (*env)->GetMethodID(env, hostAddressesClass, "<init>", "([Lsun/security/krb5/internal/HostAddress;)V");
4648N/A    if (hostAddressesConstructor == 0) {
4648N/A        printf("Couldn't find HostAddresses constructor\n");
4648N/A        return JNI_ERR;
4648N/A    }
4648N/A#ifdef DEBUG
4648N/A    printf("Found HostAddresses constructor\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A#ifdef DEBUG
4648N/A    printf("Finished OnLoad processing\n");
4648N/A#endif /* DEBUG */
4648N/A
4648N/A    return JNI_VERSION_1_2;
4648N/A}
4648N/A
4648N/A/*
4648N/A * Class:     sun_security_jgss_KrbCreds
4648N/A * Method:    JNI_OnUnload
4648N/A */
4648N/AJNIEXPORT void JNICALL JNI_OnUnload(JavaVM *jvm, void *reserved)
4648N/A{
4648N/A    JNIEnv *env;
4648N/A
4648N/A    if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
4648N/A        return; /* Nothing else we can do */
4648N/A    }
4648N/A
4648N/A    if (ticketClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,ticketClass);
4648N/A    }
4648N/A    if (derValueClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,derValueClass);
4648N/A    }
4648N/A    if (principalNameClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,principalNameClass);
4648N/A    }
4648N/A    if (encryptionKeyClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
4648N/A    }
4648N/A    if (ticketFlagsClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
4648N/A    }
4648N/A    if (kerberosTimeClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
4648N/A    }
4648N/A    if (javaLangStringClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
4648N/A    }
4648N/A    if (javaLangIntegerClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,javaLangIntegerClass);
4648N/A    }
4648N/A    if (hostAddressClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,hostAddressClass);
4648N/A    }
4648N/A    if (hostAddressesClass != NULL) {
4648N/A        (*env)->DeleteWeakGlobalRef(env,hostAddressesClass);
4648N/A    }
4648N/A
4648N/A}
4648N/A
4648N/A/*
4648N/A * Class:     sun_security_krb5_Credentials
4648N/A * Method:    acquireDefaultNativeCreds
4648N/A * Signature: ()Lsun/security/krb5/Credentials;
4648N/A */
4648N/AJNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds
4648N/A(JNIEnv *env, jclass krbcredsClass)
4648N/A{
4648N/A    jobject krbCreds = NULL;
4648N/A    krb5_error_code err = 0;
4648N/A    krb5_ccache ccache = NULL;
4648N/A    krb5_cc_cursor cursor = NULL;
4648N/A    krb5_creds creds;
4648N/A    krb5_flags flags = 0;
4648N/A    krb5_context kcontext = NULL;
4648N/A
4648N/A    /* Initialize the Kerberos 5 context */
4648N/A    err = krb5_init_context (&kcontext);
4648N/A
4648N/A    if (!err) {
4648N/A        err = krb5_cc_default (kcontext, &ccache);
4648N/A    }
4648N/A
4648N/A    if (!err) {
4648N/A        err = krb5_cc_set_flags (kcontext, ccache, flags); /* turn off OPENCLOSE */
4648N/A    }
4648N/A
4648N/A    if (!err) {
4648N/A        err = krb5_cc_start_seq_get (kcontext, ccache, &cursor);
4648N/A    }
4648N/A
4648N/A    if (!err) {
4648N/A        while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) {
4648N/A            char *serverName = NULL;
4648N/A
4648N/A            if (!err) {
4648N/A                err = krb5_unparse_name (kcontext, creds.server, &serverName);
4648N/A                printiferr (err, "while unparsing server name");
4648N/A            }
4648N/A
4648N/A            if (!err) {
4648N/A                if (strncmp (serverName, "krbtgt", strlen("krbtgt")) == 0) {
4648N/A                    jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
4648N/A                    jobject ticketFlags, startTime, endTime;
4648N/A                    jobject authTime, renewTillTime, hostAddresses;
4648N/A
4648N/A                    ticket = clientPrincipal = targetPrincipal = encryptionKey = NULL;
4648N/A                    ticketFlags = startTime = endTime = NULL;
4648N/A                    authTime = renewTillTime = hostAddresses = NULL;
4648N/A
4648N/A                    // For the default credentials we're only interested in the krbtgt server.
4648N/A                    clientPrincipal = BuildClientPrincipal(env, kcontext, creds.client);
4648N/A                    if (clientPrincipal == NULL) goto cleanup;
4648N/A
4648N/A                    targetPrincipal = BuildClientPrincipal(env, kcontext, creds.server);
4648N/A                    if (targetPrincipal == NULL) goto cleanup;
4648N/A
4648N/A                    // Build a com.ibm.security.krb5.Ticket
4648N/A                    ticket = BuildTicket(env, &creds.ticket);
4648N/A                    if (ticket == NULL) goto cleanup;
4648N/A
4648N/A                    // Get the encryption key
4648N/A                    encryptionKey = BuildEncryptionKey(env, &creds.keyblock);
4648N/A                    if (encryptionKey == NULL) goto cleanup;
4648N/A
4648N/A                    // and the ticket flags
4648N/A                    ticketFlags = BuildTicketFlags(env, creds.ticket_flags);
4648N/A                    if (ticketFlags == NULL) goto cleanup;
4648N/A
4648N/A                    // Get the timestamps out.
4648N/A                    startTime = BuildKerberosTime(env, creds.times.starttime);
4648N/A                    if (startTime == NULL) goto cleanup;
4648N/A
4648N/A                    authTime = BuildKerberosTime(env, creds.times.authtime);
4648N/A                    if (authTime == NULL) goto cleanup;
4648N/A
4648N/A                    endTime = BuildKerberosTime(env, creds.times.endtime);
4648N/A                    if (endTime == NULL) goto cleanup;
4648N/A
4648N/A                    renewTillTime = BuildKerberosTime(env, creds.times.renew_till);
4648N/A                    if (renewTillTime == NULL) goto cleanup;
4648N/A
4648N/A                    // Create the addresses object.
4648N/A                    hostAddresses = BuildAddressList(env, creds.addresses);
4648N/A
4648N/A                    if (krbcredsConstructor == 0) {
4648N/A                        krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
4648N/A                                                                  "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
4648N/A                        if (krbcredsConstructor == 0) {
4648N/A                            printf("Couldn't find com.ibm.security.krb5.Credentials constructor\n");
4648N/A                            break;
4648N/A                        }
4648N/A                    }
4648N/A
4648N/A                    // and now go build a KrbCreds object
4648N/A                    krbCreds = (*env)->NewObject(
4648N/A                                                 env,
4648N/A                                                 krbcredsClass,
4648N/A                                                 krbcredsConstructor,
4648N/A                                                 ticket,
4648N/A                                                 clientPrincipal,
4648N/A                                                 targetPrincipal,
4648N/A                                                 encryptionKey,
4648N/A                                                 ticketFlags,
4648N/A                                                 authTime,
4648N/A                                                 startTime,
4648N/A                                                 endTime,
4648N/A                                                 renewTillTime,
4648N/A                                                 hostAddresses);
4648N/Acleanup:
4648N/A                    if (ticket) (*env)->DeleteLocalRef(env, ticket);
4648N/A                    if (clientPrincipal) (*env)->DeleteLocalRef(env, clientPrincipal);
4648N/A                    if (targetPrincipal) (*env)->DeleteLocalRef(env, targetPrincipal);
4648N/A                    if (encryptionKey) (*env)->DeleteLocalRef(env, encryptionKey);
4648N/A                    if (ticketFlags) (*env)->DeleteLocalRef(env, ticketFlags);
4648N/A                    if (authTime) (*env)->DeleteLocalRef(env, authTime);
4648N/A                    if (startTime) (*env)->DeleteLocalRef(env, startTime);
4648N/A                    if (endTime) (*env)->DeleteLocalRef(env, endTime);
4648N/A                    if (renewTillTime) (*env)->DeleteLocalRef(env, renewTillTime);
4648N/A                    if (hostAddresses) (*env)->DeleteLocalRef(env, hostAddresses);
4648N/A                }
4648N/A
4648N/A            }
4648N/A
4648N/A            if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); }
4648N/A
4648N/A            krb5_free_cred_contents (kcontext, &creds);
4648N/A        }
4648N/A
4648N/A        if (err == KRB5_CC_END) { err = 0; }
4648N/A        printiferr (err, "while retrieving a ticket");
4648N/A
4648N/A    }
4648N/A
4648N/A    if (!err) {
4648N/A        err = krb5_cc_end_seq_get (kcontext, ccache, &cursor);
4648N/A        printiferr (err, "while finishing ticket retrieval");
4648N/A    }
4648N/A
4648N/A    if (!err) {
4648N/A        flags = KRB5_TC_OPENCLOSE; /* restore OPENCLOSE mode */
4648N/A        err = krb5_cc_set_flags (kcontext, ccache, flags);
4648N/A        printiferr (err, "while finishing ticket retrieval");
4648N/A    }
4648N/A
4648N/A    krb5_free_context (kcontext);
4648N/A    return krbCreds;
4648N/A}
4648N/A
4648N/A
4648N/A#pragma mark -
4648N/A
4648N/Ajobject BuildTicket(JNIEnv *env, krb5_data *encodedTicket)
4648N/A{
4648N/A    /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
4648N/A    * But before we can do that, we need to make a byte array out of the ET.
4648N/A    */
4648N/A
4648N/A    jobject derValue, ticket;
4648N/A    jbyteArray ary;
4648N/A
4648N/A    ary = (*env)->NewByteArray(env, encodedTicket->length);
4648N/A    if ((*env)->ExceptionOccurred(env)) {
4648N/A        return (jobject) NULL;
4648N/A    }
4648N/A
4648N/A    (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicket->length, (jbyte *)encodedTicket->data);
4648N/A    if ((*env)->ExceptionOccurred(env)) {
4648N/A        (*env)->DeleteLocalRef(env, ary);
4648N/A        return (jobject) NULL;
4648N/A    }
4648N/A
4648N/A    derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
4648N/A    if ((*env)->ExceptionOccurred(env)) {
4648N/A        (*env)->DeleteLocalRef(env, ary);
4648N/A        return (jobject) NULL;
4648N/A    }
4648N/A
4648N/A    (*env)->DeleteLocalRef(env, ary);
4648N/A    ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
4648N/A    if ((*env)->ExceptionOccurred(env)) {
4648N/A        (*env)->DeleteLocalRef(env, derValue);
4648N/A        return (jobject) NULL;
4648N/A    }
4648N/A    (*env)->DeleteLocalRef(env, derValue);
4648N/A    return ticket;
4648N/A}
4648N/A
4648N/Ajobject BuildClientPrincipal(JNIEnv *env, krb5_context kcontext, krb5_principal principalName) {
4648N/A    // Get the full principal string.
4648N/A    char *principalString = NULL;
4648N/A    jobject principal = NULL;
4648N/A    int err = krb5_unparse_name (kcontext, principalName, &principalString);
4648N/A
4648N/A    if (!err) {
4648N/A        // Make a PrincipalName from the full string and the type.  Let the PrincipalName class parse it out.
4648N/A        jstring principalStringObj = (*env)->NewStringUTF(env, principalString);
4648N/A        principal = (*env)->NewObject(env, principalNameClass, principalNameConstructor, principalStringObj, principalName->type);
4648N/A        if (principalString != NULL) { krb5_free_unparsed_name (kcontext, principalString); }
4648N/A        (*env)->DeleteLocalRef(env, principalStringObj);
4648N/A    }
4648N/A
4648N/A    return principal;
4648N/A}
4648N/A
4648N/Ajobject BuildEncryptionKey(JNIEnv *env, krb5_keyblock *cryptoKey) {
4648N/A    // First, need to build a byte array
4648N/A    jbyteArray ary;
4648N/A    jobject encryptionKey = NULL;
4648N/A
4648N/A    ary = (*env)->NewByteArray(env,cryptoKey->length);
4648N/A    (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->length, (jbyte *)cryptoKey->contents);
4648N/A    if (!(*env)->ExceptionOccurred(env)) {
4648N/A        encryptionKey = (*env)->NewObject(env, encryptionKeyClass, encryptionKeyConstructor, cryptoKey->enctype, ary);
4648N/A    }
4648N/A
4648N/A    (*env)->DeleteLocalRef(env, ary);
4648N/A    return encryptionKey;
4648N/A}
4648N/A
4648N/Ajobject BuildTicketFlags(JNIEnv *env, krb5_flags flags) {
4648N/A    jobject ticketFlags = NULL;
4648N/A    jbyteArray ary;
4648N/A
4648N/A    /*
4648N/A     * Convert the bytes to network byte order before copying
4648N/A     * them to a Java byte array.
4648N/A     */
4648N/A    unsigned long nlflags = htonl(flags);
4648N/A
4648N/A    ary = (*env)->NewByteArray(env, sizeof(flags));
4648N/A    (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(flags), (jbyte *)&nlflags);
4648N/A
4648N/A    if (!(*env)->ExceptionOccurred(env)) {
4648N/A        ticketFlags = (*env)->NewObject(env, ticketFlagsClass, ticketFlagsConstructor, sizeof(flags)*8, ary);
4648N/A    }
4648N/A
4648N/A    (*env)->DeleteLocalRef(env, ary);
4648N/A    return ticketFlags;
4648N/A}
4648N/A
4648N/Ajobject BuildKerberosTime(JNIEnv *env, krb5_timestamp kerbtime) {
4648N/A    jlong time = kerbtime;
4648N/A
4648N/A    // Kerberos time is in seconds, but the KerberosTime class assumes milliseconds, so multiply by 1000.
4648N/A    time *= 1000;
4648N/A    return (*env)->NewObject(env, kerberosTimeClass, kerberosTimeConstructor, time);
4648N/A}
4648N/A
4648N/Ajobject BuildAddressList(JNIEnv *env, krb5_address **addresses) {
4648N/A
4648N/A    if (addresses == NULL) {
4648N/A        return NULL;
4648N/A    }
4648N/A
4648N/A    int addressCount = 0;
4648N/A
4648N/A    // See how many we have.
4648N/A    krb5_address **p = addresses;
4648N/A
4648N/A    while (*p != 0) {
4648N/A        addressCount++;
4648N/A        p++;
4648N/A    }
4648N/A
4648N/A    jobject address_list = (*env)->NewObjectArray(env, addressCount, hostAddressClass, NULL);
4648N/A
4648N/A    // Create a new HostAddress object for each address block.
4648N/A    // First, reset the iterator.
4648N/A    p = addresses;
4648N/A    jsize index = 0;
4648N/A    while (*p != 0) {
4648N/A        krb5_address *currAddress = *p;
4648N/A
4648N/A        // HostAddres needs a byte array of the host data.
4648N/A        jbyteArray ary = (*env)->NewByteArray(env, currAddress->length);
4648N/A
4648N/A        if (ary == NULL) return NULL;
4648N/A
4648N/A        (*env)->SetByteArrayRegion(env, ary, (jsize) 0, currAddress->length, (jbyte *)currAddress->contents);
4648N/A        jobject address = (*env)->NewObject(env, hostAddressClass, hostAddressConstructor, currAddress->length, ary);
4648N/A
4648N/A        (*env)->DeleteLocalRef(env, ary);
4648N/A
4648N/A        // Add the HostAddress to the arrray.
4648N/A        (*env)->SetObjectArrayElement(env, address_list, index, address);
4648N/A
4648N/A        index++;
4648N/A        p++;
4648N/A    }
4648N/A
4648N/A    return address_list;
4648N/A}
4648N/A
4648N/A#pragma mark - Utility methods -
4648N/A
4648N/Astatic void printiferr (errcode_t err, const char *format, ...)
4648N/A{
4648N/A    if (err) {
4648N/A        va_list pvar;
4648N/A
4648N/A        va_start (pvar, format);
4648N/A        com_err_va ("ticketParser:", err, format, pvar);
4648N/A        va_end (pvar);
4648N/A    }
4648N/A}
4648N/A