| author | ssahoo |
| Thu, 25 Jan 2018 05:57:22 -0800 | |
| changeset 48668 | 2da4a52715d8 |
| parent 47227 | 8052fa06e1b7 |
| child 49682 | 2918e1146106 |
| permissions | -rw-r--r-- |
| 18536 | 1 |
/* |
| 48668 | 2 |
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. |
| 18536 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
22 |
*/ |
|
23 |
||
24 |
/* |
|
25 |
* @test |
|
| 48668 | 26 |
* @bug 8009977 8186884 8194486 |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
27 |
* @summary A test to launch multiple Java processes using either Java GSS |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
28 |
* or native GSS |
| 48668 | 29 |
* @library ../../../../java/security/testlibrary/ /test/lib |
| 18536 | 30 |
* @compile -XDignore.symbol.file BasicProc.java |
| 48668 | 31 |
* @run main jdk.test.lib.FileInstaller TestHosts TestHosts |
32 |
* @run main/othervm -Djdk.net.hosts.file=TestHosts BasicProc launcher |
|
| 18536 | 33 |
*/ |
34 |
||
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
35 |
import java.nio.file.Files; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
36 |
import java.nio.file.Paths; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
37 |
import java.nio.file.attribute.PosixFilePermission; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
38 |
import java.util.Arrays; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
39 |
import java.util.PropertyPermission; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
40 |
import java.util.Random; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
41 |
import java.util.Set; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
42 |
|
| 18536 | 43 |
import org.ietf.jgss.Oid; |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
44 |
import sun.security.krb5.Config; |
| 18536 | 45 |
|
46 |
import javax.security.auth.PrivateCredentialPermission; |
|
47 |
||
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
48 |
/** |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
49 |
* Run this test automatically and test Java GSS with embedded KDC. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
50 |
* |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
51 |
* Run with customized native.krb5.libs to test interop between Java GSS |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
52 |
* and native GSS, and native.kdc.path with a native KDC. For example, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
53 |
* run the following command to test interop among Java, default native, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
54 |
* MIT, and Heimdal krb5 libraries with the Heimdal KDC: |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
55 |
* |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
56 |
* jtreg -Dnative.krb5.libs=j=, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
57 |
* n=, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
58 |
* k=/usr/local/krb5/lib/libgssapi_krb5.so, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
59 |
* h=/space/install/heimdal/lib/libgssapi.so \ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
60 |
* -Dnative.kdc.path=/usr/local/heimdal \ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
61 |
* BasicProc.java |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
62 |
* |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
63 |
* Note: The first 4 lines should be concatenated to make a long system |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
64 |
* property value with no blank around ",". This comma-separated value |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
65 |
* has each element being name=libpath. The special name "j" means the |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
66 |
* Java library and libpath is ignored. Otherwise it means a native library, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
67 |
* and libpath (can be empty) will be the value for the sun.security.jgss.lib |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
68 |
* system property. If this system property is not set, only the Java |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
69 |
* library will be tested. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
70 |
*/ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
71 |
|
| 18536 | 72 |
public class BasicProc {
|
73 |
||
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
74 |
private static final String CONF = "krb5.conf"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
75 |
private static final String KTAB_S = "server.ktab"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
76 |
private static final String KTAB_B = "backend.ktab"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
77 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
78 |
private static final String HOST = "localhost"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
79 |
private static final String SERVER = "server/" + HOST; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
80 |
private static final String BACKEND = "backend/" + HOST; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
81 |
private static final String USER = "user"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
82 |
private static final char[] PASS = "password".toCharArray(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
83 |
private static final String REALM = "REALM"; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
84 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
85 |
private static final int MSGSIZE = 1024; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
86 |
|
| 18536 | 87 |
public static void main(String[] args) throws Exception {
|
88 |
||
89 |
Oid oid = new Oid("1.2.840.113554.1.2.2");
|
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
90 |
byte[] token, msg; |
| 18536 | 91 |
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
92 |
switch (args[0]) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
93 |
case "launcher": |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
94 |
KDC kdc = KDC.create(REALM, HOST, 0, true); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
95 |
try {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
96 |
kdc.addPrincipal(USER, PASS); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
97 |
kdc.addPrincipalRandKey("krbtgt/" + REALM);
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
98 |
kdc.addPrincipalRandKey(SERVER); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
99 |
kdc.addPrincipalRandKey(BACKEND); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
100 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
101 |
// Native lib might do some name lookup |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
102 |
KDC.saveConfig(CONF, kdc, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
103 |
"dns_lookup_kdc = no", |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
104 |
"ticket_lifetime = 1h", |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
105 |
"dns_lookup_realm = no", |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
106 |
"dns_canonicalize_hostname = false", |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
107 |
"forwardable = true"); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
108 |
System.setProperty("java.security.krb5.conf", CONF);
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
109 |
Config.refresh(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
110 |
kdc.writeKtab(KTAB_S, false, SERVER); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
111 |
kdc.writeKtab(KTAB_B, false, BACKEND); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
112 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
113 |
String[] tmp = System.getProperty("native.krb5.libs", "j=")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
114 |
.split(",");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
115 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
116 |
// Library paths. The 1st one is always null which means |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
117 |
// Java, "" means the default native lib. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
118 |
String[] libs = new String[tmp.length]; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
119 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
120 |
// Names for each lib above. Use in file names. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
121 |
String[] names = new String[tmp.length]; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
122 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
123 |
boolean hasNative = false; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
124 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
125 |
for (int i = 0; i < tmp.length; i++) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
126 |
if (tmp[i].isEmpty()) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
127 |
throw new Exception("Invalid native.krb5.libs");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
128 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
129 |
String[] pair = tmp[i].split("=", 2);
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
130 |
names[i] = pair[0]; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
131 |
if (!pair[0].equals("j")) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
132 |
libs[i] = pair.length > 1 ? pair[1] : ""; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
133 |
hasNative = true; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
134 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
135 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
136 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
137 |
if (hasNative) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
138 |
kdc.kinit(USER, "base.ccache"); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
139 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
140 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
141 |
// Try the same lib first |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
142 |
for (int i = 0; i < libs.length; i++) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
143 |
once(names[i] + names[i] + names[i], |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
144 |
libs[i], libs[i], libs[i]); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
145 |
} |
| 18536 | 146 |
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
147 |
for (int i = 0; i < libs.length; i++) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
148 |
for (int j = 0; j < libs.length; j++) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
149 |
for (int k = 0; k < libs.length; k++) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
150 |
if (i != j || i != k) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
151 |
once(names[i] + names[j] + names[k], |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
152 |
libs[i], libs[j], libs[k]); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
153 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
154 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
155 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
156 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
157 |
} finally {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
158 |
kdc.terminate(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
159 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
160 |
break; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
161 |
case "client": |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
162 |
Context c = args[1].equals("n") ?
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
163 |
Context.fromThinAir() : |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
164 |
Context.fromUserPass(USER, PASS, false); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
165 |
c.startAsClient(SERVER, oid); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
166 |
c.x().requestCredDeleg(true); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
167 |
Proc.binOut(c.take(new byte[0])); // AP-REQ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
168 |
token = Proc.binIn(); // AP-REP |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
169 |
c.take(token); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
170 |
break; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
171 |
case "server": |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
172 |
Context s = args[1].equals("n") ?
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
173 |
Context.fromThinAir() : |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
174 |
Context.fromUserKtab(SERVER, KTAB_S, true); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
175 |
s.startAsServer(oid); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
176 |
token = Proc.binIn(); // AP-REQ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
177 |
token = s.take(token); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
178 |
Proc.binOut(token); // AP-REP |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
179 |
Context s2 = s.delegated(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
180 |
s2.startAsClient(BACKEND, oid); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
181 |
Proc.binOut(s2.take(new byte[0])); // AP-REQ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
182 |
token = Proc.binIn(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
183 |
s2.take(token); // AP-REP |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
184 |
Random r = new Random(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
185 |
msg = new byte[MSGSIZE]; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
186 |
r.nextBytes(msg); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
187 |
Proc.binOut(s2.wrap(msg, true)); // enc1 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
188 |
Proc.binOut(s2.wrap(msg, true)); // enc2 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
189 |
Proc.binOut(s2.wrap(msg, true)); // enc3 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
190 |
s2.verifyMic(Proc.binIn(), msg); // mic |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
191 |
byte[] msg2 = Proc.binIn(); // msg |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
192 |
if (!Arrays.equals(msg, msg2)) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
193 |
throw new Exception("diff msg");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
194 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
195 |
break; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
196 |
case "backend": |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
197 |
Context b = args[1].equals("n") ?
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
198 |
Context.fromThinAir() : |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
199 |
Context.fromUserKtab(BACKEND, KTAB_B, true); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
200 |
b.startAsServer(oid); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
201 |
token = Proc.binIn(); // AP-REQ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
202 |
Proc.binOut(b.take(token)); // AP-REP |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
203 |
msg = b.unwrap(Proc.binIn(), true); // enc1 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
204 |
if (!Arrays.equals(msg, b.unwrap(Proc.binIn(), true))) { // enc2
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
205 |
throw new Exception("diff msg");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
206 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
207 |
if (!Arrays.equals(msg, b.unwrap(Proc.binIn(), true))) { // enc3
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
208 |
throw new Exception("diff msg");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
209 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
210 |
Proc.binOut(b.getMic(msg)); // mic |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
211 |
Proc.binOut(msg); // msg |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
212 |
break; |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
213 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
214 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
215 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
216 |
/** |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
217 |
* One test run. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
218 |
* |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
219 |
* @param label test label |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
220 |
* @param lc lib of client |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
221 |
* @param ls lib of server |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
222 |
* @param lb lib of backend |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
223 |
*/ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
224 |
private static void once(String label, String lc, String ls, String lb) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
225 |
throws Exception {
|
| 18536 | 226 |
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
227 |
Proc pc = proc(lc) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
228 |
.args("client", lc == null ? "j" : "n")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
229 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
230 |
"krbtgt/" + REALM + "@" + REALM, "initiate")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
231 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
232 |
SERVER + "@" + REALM, "initiate")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
233 |
.perm(new javax.security.auth.kerberos.DelegationPermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
234 |
"\"" + SERVER + "@" + REALM + "\" " + |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
235 |
"\"krbtgt/" + REALM + "@" + REALM + "\"")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
236 |
.debug(label + "-C"); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
237 |
if (lc == null) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
238 |
// for Krb5LoginModule::promptForName |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
239 |
pc.perm(new PropertyPermission("user.name", "read"));
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
240 |
} else {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
241 |
Files.copy(Paths.get("base.ccache"), Paths.get(label + ".ccache"));
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
242 |
Files.setPosixFilePermissions(Paths.get(label + ".ccache"), |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
243 |
Set.of(PosixFilePermission.OWNER_READ, |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
244 |
PosixFilePermission.OWNER_WRITE)); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
245 |
pc.env("KRB5CCNAME", label + ".ccache");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
246 |
// Do not try system ktab if ccache fails |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
247 |
pc.env("KRB5_KTNAME", "none");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
248 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
249 |
pc.start(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
250 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
251 |
Proc ps = proc(ls) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
252 |
.args("server", ls == null ? "j" : "n")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
253 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
254 |
SERVER + "@" + REALM, "accept")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
255 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
256 |
BACKEND + "@" + REALM, "initiate")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
257 |
.debug(label + "-S"); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
258 |
if (ls == null) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
259 |
ps.perm(new PrivateCredentialPermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
260 |
"javax.security.auth.kerberos.KeyTab * \"*\"", "read")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
261 |
.perm(new java.io.FilePermission(KTAB_S, "read")); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
262 |
} else {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
263 |
ps.env("KRB5_KTNAME", KTAB_S);
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
264 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
265 |
ps.start(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
266 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
267 |
Proc pb = proc(lb) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
268 |
.args("backend", lb == null ? "j" : "n")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
269 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
270 |
BACKEND + "@" + REALM, "accept")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
271 |
.debug(label + "-B"); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
272 |
if (lb == null) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
273 |
pb.perm(new PrivateCredentialPermission( |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
274 |
"javax.security.auth.kerberos.KeyTab * \"*\"", "read")) |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
275 |
.perm(new java.io.FilePermission(KTAB_B, "read")); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
276 |
} else {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
277 |
pb.env("KRB5_KTNAME", KTAB_B);
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
278 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
279 |
pb.start(); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
280 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
281 |
// Client and server handshake |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
282 |
ps.println(pc.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
283 |
pc.println(ps.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
284 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
285 |
// Server and backend handshake |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
286 |
pb.println(ps.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
287 |
ps.println(pb.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
288 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
289 |
// wrap/unwrap/getMic/verifyMic and plain text |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
290 |
pb.println(ps.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
291 |
pb.println(ps.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
292 |
pb.println(ps.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
293 |
ps.println(pb.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
294 |
ps.println(pb.readData()); |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
295 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
296 |
if ((pc.waitFor() | ps.waitFor() | pb.waitFor()) != 0) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
297 |
throw new Exception("Process failed");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
298 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
299 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
300 |
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
301 |
/** |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
302 |
* A Proc for a child process. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
303 |
* |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
304 |
* @param lib the library. Null is Java. "" is default native lib. |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
305 |
*/ |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
306 |
private static Proc proc(String lib) throws Exception {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
307 |
Proc p = Proc.create("BasicProc")
|
| 48668 | 308 |
.inheritProp("jdk.net.hosts.file")
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
309 |
.prop("java.security.manager", "")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
310 |
.perm(new javax.security.auth.AuthPermission("doAs"));
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
311 |
if (lib != null) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
312 |
p.env("KRB5_CONFIG", CONF)
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
313 |
.env("KRB5_TRACE", "/dev/stderr")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
314 |
.prop("sun.security.jgss.native", "true")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
315 |
.prop("sun.security.jgss.lib", lib)
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
316 |
.prop("javax.security.auth.useSubjectCredsOnly", "false")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
317 |
.prop("sun.security.nativegss.debug", "true");
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
318 |
int pos = lib.lastIndexOf('/');
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
319 |
if (pos > 0) {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
320 |
p.env("LD_LIBRARY_PATH", lib.substring(0, pos));
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
321 |
p.env("DYLD_LIBRARY_PATH", lib.substring(0, pos));
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
322 |
} |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
323 |
} else {
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
324 |
p.perm(new java.util.PropertyPermission( |
| 18536 | 325 |
"sun.security.krb5.principal", "read")) |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
326 |
// For Krb5LoginModule::login. |
| 18536 | 327 |
.perm(new javax.security.auth.AuthPermission( |
328 |
"modifyPrincipals")) |
|
329 |
.perm(new javax.security.auth.AuthPermission( |
|
330 |
"modifyPrivateCredentials")) |
|
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
331 |
.prop("sun.security.krb5.debug", "true")
|
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
332 |
.prop("java.security.krb5.conf", CONF);
|
| 18536 | 333 |
} |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
334 |
return p; |
| 18536 | 335 |
} |
336 |
} |