jdk-sandbox: jdk/test/sun/security/krb5/auto/ReplayCacheTestProc.java@abb4cc4647ee (annotated)

18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	1	/*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	2	* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	4	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	7	* published by the Free Software Foundation.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	8	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	13	* accompanied this code).
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	14	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	18	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	21	* questions.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	22	*/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	23
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	24	/*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	25	* @test
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	26	* @bug 7152176
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	27	* @summary More krb5 tests
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	28	* @library ../../../../java/security/testlibrary/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	29	* @compile -XDignore.symbol.file ReplayCacheTestProc.java
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	30	* @run main/othervm/timeout=100 ReplayCacheTestProc
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	31	*/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	32
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	33	import java.io.*;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	34	import java.nio.BufferUnderflowException;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	35	import java.nio.channels.SeekableByteChannel;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	36	import java.nio.file.Files;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	37	import java.nio.file.Paths;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	38	import java.nio.file.StandardCopyOption;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	39	import java.nio.file.StandardOpenOption;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	40	import java.security.MessageDigest;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	41	import java.util.*;
24271 19000122bb5e 8039951: com.sun.security.auth.module missing classes on some platforms weijun parents: 18826 diff changeset	42
18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	43	import sun.security.jgss.GSSUtil;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	44	import sun.security.krb5.internal.APReq;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	45	import sun.security.krb5.internal.rcache.AuthTime;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	46
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	47	// This test runs multiple acceptor Procs to mimin AP-REQ replays.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	48	public class ReplayCacheTestProc {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	49
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	50	private static Proc[] ps;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	51	private static Proc pc;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	52	private static List<Req> reqs = new ArrayList<>();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	53	private static String HOST = "localhost";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	54
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	55	// Where should the rcache be saved. It seems KRB5RCACHEDIR is not
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	56	// recognized on Solaris. Maybe version too low? I see 1.6.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	57	private static String cwd =
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	58	System.getProperty("os.name").startsWith("SunOS") ?
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	59	"/var/krb5/rcache/" :
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	60	System.getProperty("user.dir");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	61
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	62
24271 19000122bb5e 8039951: com.sun.security.auth.module missing classes on some platforms weijun parents: 18826 diff changeset	63	private static long uid;
18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	64
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	65	public static void main0(String[] args) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	66	System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	67	if (args.length == 0) { // The controller
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	68	int ns = 5; // number of servers
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	69	int nu = 5; // number of users
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	70	int nx = 50; // number of experiments
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	71	int np = 5; // number of peers (services)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	72	int mode = 0; // native(1), random(0), java(-1)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	73	boolean random = true; // random experiments choreograph
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	74
18542 7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	75	// Do not test interop with native GSS on some platforms
7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	76	String os = System.getProperty("os.name", "???");
7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	77	if (!os.startsWith("SunOS") && !os.startsWith("Linux")) {
7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	78	mode = -1;
7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	79	}
7b1fa08a804e 8017453: ReplayCache tests fail on multiple platforms weijun parents: 18536 diff changeset	80
24506 abb4cc4647ee 8043537: Changes for JDK-8039951 introduced circular dependency between Kerberos and com.sun.security.auth weijun parents: 24271 diff changeset	81	uid = sun.misc.VM.geteuid();
18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	82
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	83	KDC kdc = KDC.create(OneKDC.REALM, HOST, 0, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	84	for (int i=0; i<nu; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	85	kdc.addPrincipal(user(i), OneKDC.PASS);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	86	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	87	kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	88	for (int i=0; i<np; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	89	kdc.addPrincipalRandKey(peer(i));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	90	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	91
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	92	kdc.writeKtab(OneKDC.KTAB);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	93	KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	94
18826 aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	95	if (mode != -1) {
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	96	// A special native server to check basic sanity
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	97	if (ns(-1).waitFor() != 0) {
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	98	Proc.d("Native mode sanity check failed, revert to java");
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	99	mode = -1;
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	100	}
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	101	}
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	102
18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	103	pc = Proc.create("ReplayCacheTestProc").debug("C")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	104	.args("client")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	105	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	106	ps = new Proc[ns];
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	107	Ex[] result = new Ex[nx];
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	108
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	109	if (!random) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	110	// 2 experiments, 2 server, 1 peer, 1 user
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	111	nx = 2; ns = 2; np = 1; nu = 1;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	112
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	113	// Creates reqs from user# to peer#
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	114	req(0, 0);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	115
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	116	// Creates server#
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	117	ps[0] = ns(0);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	118	ps[1] = js(1);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	119
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	120	// Runs ex# using req# to server# with expected result
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	121	result[0] = round(0, 0, 0, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	122	result[1] = round(1, 0, 1, false);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	123	} else {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	124	Random r = new Random();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	125	for (int i=0; i<ns; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	126	boolean useNative = (mode == 1) ? true
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	127	: (mode == -1 ? false : r.nextBoolean());
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	128	ps[i] = useNative?ns(i):js(i);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	129	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	130	for (int i=0; i<nx; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	131	result[i] = new Ex();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	132	int old; // which req to send
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	133	boolean expected;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	134	if (reqs.isEmpty() \|\| r.nextBoolean()) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	135	Proc.d("Console get new AP-REQ");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	136	old = req(r.nextInt(nu), r.nextInt(np));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	137	expected = true;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	138	} else {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	139	Proc.d("Console resue old");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	140	old = r.nextInt(reqs.size());
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	141	expected = false;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	142	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	143	int s = r.nextInt(ns);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	144	Proc.d("Console send to " + s);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	145	result[i] = round(i, old, s, expected);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	146	Proc.d("Console sees " + result[i].actual);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	147	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	148	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	149
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	150	pc.println("END");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	151	for (int i=0; i<ns; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	152	ps[i].println("END");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	153	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	154	System.out.println("Result\n======");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	155	boolean finalOut = true;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	156	for (int i=0; i<nx; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	157	boolean out = result[i].expected==result[i].actual;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	158	finalOut &= out;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	159	System.out.printf("%3d: %s (%2d): u%d h%d %s %s %s %2d\n",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	160	i,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	161	result[i].expected?"----":" ",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	162	result[i].old,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	163	result[i].user, result[i].peer, result[i].server,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	164	result[i].actual?"Good":"Bad ",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	165	out?" ":"xxx",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	166	result[i].csize);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	167	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	168	if (!finalOut) throw new Exception();
18826 aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	169	} else if (args[0].equals("N-1")) {
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	170	// Native mode sanity check
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	171	Proc.d("Detect start");
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	172	Context s = Context.fromUserKtab("*", OneKDC.KTAB, true);
aba6cde7fafb 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java weijun parents: 18542 diff changeset	173	s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	174	} else if (args[0].equals("client")) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	175	while (true) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	176	String title = Proc.textIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	177	Proc.d("Client see " + title);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	178	if (title.equals("END")) break;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	179	String[] cas = title.split(" ");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	180	Context c = Context.fromUserPass(cas[0], OneKDC.PASS, false);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	181	c.startAsClient(cas[1], GSSUtil.GSS_KRB5_MECH_OID);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	182	c.x().requestCredDeleg(true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	183	byte[] token = c.take(new byte[0]);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	184	Proc.d("Client AP-REQ generated");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	185	Proc.binOut(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	186	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	187	} else {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	188	Proc.d("Server start");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	189	Context s = Context.fromUserKtab("*", OneKDC.KTAB, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	190	Proc.d("Server login");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	191	while (true) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	192	String title = Proc.textIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	193	Proc.d("Server " + args[0] + " sees " + title);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	194	if (title.equals("END")) break;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	195	s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	196	byte[] token = Proc.binIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	197	try {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	198	s.take(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	199	Proc.textOut("true");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	200	Proc.d(args[0] + " Good");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	201	} catch (Exception e) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	202	Proc.textOut("false");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	203	Proc.d(args[0] + " Bad");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	204	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	205	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	206	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	207	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	208
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	209	public static void main(String[] args) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	210	try {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	211	main0(args);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	212	} catch (Exception e) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	213	Proc.d(e);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	214	throw e;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	215	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	216	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	217
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	218	// returns the user name
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	219	private static String user(int p) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	220	return "USER" + p;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	221	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	222	// returns the peer name
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	223	private static String peer(int p) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	224	return "host" + p + "/" + HOST;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	225	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	226	// returns the dfl name for a host
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	227	private static String dfl(int p) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	228	return cwd + "host" + p + (uid == -1 ? "" : ("_"+uid));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	229	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	230	// generates an ap-req and save into reqs, returns the index
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	231	private static int req(int user, int peer) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	232	pc.println(user(user) + " " + peer(peer));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	233	Req req = new Req(user, peer, pc.readData());
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	234	reqs.add(req);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	235	return reqs.size() - 1;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	236	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	237	// carries out a round of experiment
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	238	// i: ex#, old: which req, server: which server, expected: result?
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	239	private static Ex round(int i, int old, int server, boolean expected)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	240	throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	241	ps[server].println("TEST");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	242	ps[server].println(reqs.get(old).msg);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	243	String reply = ps[server].readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	244	Ex result = new Ex();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	245	result.i = i;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	246	result.expected = expected;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	247	result.server = ps[server].debug();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	248	result.actual = Boolean.valueOf(reply);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	249	result.user = reqs.get(old).user;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	250	result.peer = reqs.get(old).peer;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	251	result.old = old;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	252	result.csize = csize(result.peer);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	253	result.hash = hash(reqs.get(old).msg);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	254	if (new File(dfl(result.peer)).exists()) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	255	Files.copy(Paths.get(dfl(result.peer)), Paths.get(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	256	String.format("%03d-USER%d-host%d-%s-%s",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	257	i, result.user, result.peer, result.server,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	258	result.actual)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	259	+ "-" + result.hash),
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	260	StandardCopyOption.COPY_ATTRIBUTES);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	261	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	262	return result;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	263	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	264	// create a native server
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	265	private static Proc ns(int i) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	266	return Proc.create("ReplayCacheTestProc")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	267	.args("N"+i)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	268	.env("KRB5_CONFIG", OneKDC.KRB5_CONF)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	269	.env("KRB5_KTNAME", OneKDC.KTAB)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	270	.env("KRB5RCACHEDIR", cwd)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	271	.prop("sun.security.jgss.native", "true")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	272	.prop("javax.security.auth.useSubjectCredsOnly", "false")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	273	.prop("sun.security.nativegss.debug", "true")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	274	.debug("N"+i)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	275	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	276	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	277	// creates a java server
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	278	private static Proc js(int i) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	279	return Proc.create("ReplayCacheTestProc")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	280	.debug("S"+i)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	281	.args("S"+i)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	282	.prop("sun.security.krb5.rcache", "dfl")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	283	.prop("java.io.tmpdir", cwd)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	284	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	285	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	286	// generates hash of authenticator inside ap-req inside initsectoken
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	287	private static String hash(String req) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	288	byte[] data = Base64.getDecoder().decode(req);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	289	data = Arrays.copyOfRange(data, 17, data.length);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	290	byte[] hash = MessageDigest.getInstance("MD5").digest(new APReq(data).authenticator.getBytes());
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	291	char[] h = new char[hash.length * 2];
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	292	char[] hexConst = "0123456789ABCDEF".toCharArray();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	293	for (int i=0; i<hash.length; i++) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	294	h[2*i] = hexConst[(hash[i]&0xff)>>4];
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	295	h[2*i+1] = hexConst[hash[i]&0xf];
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	296	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	297	return new String(h);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	298	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	299	// return size of dfl file, excluding the null hash ones
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	300	private static int csize(int p) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	301	try (SeekableByteChannel chan = Files.newByteChannel(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	302	Paths.get(dfl(p)), StandardOpenOption.READ)) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	303	chan.position(6);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	304	int cc = 0;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	305	while (true) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	306	try {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	307	if (AuthTime.readFrom(chan) != null) cc++;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	308	} catch (BufferUnderflowException e) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	309	break;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	310	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	311	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	312	return cc;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	313	} catch (IOException ioe) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	314	return 0;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	315	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	316	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	317	// models an experiement
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	318	private static class Ex {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	319	int i; // #
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	320	boolean expected; // expected result
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	321	boolean actual; // actual output
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	322	int old; // which ap-req to send
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	323	String server; // which server to send to
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	324	String hash; // the hash of req
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	325	int user; // which initiator
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	326	int peer; // which acceptor
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	327	int csize; // size of rcache after test
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	328	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	329	// models a saved ap-req msg
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	330	private static class Req {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	331	String msg; // based64-ed req
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	332	int user; // which initiator
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	333	int peer; // which accceptor
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	334	Req(int user, int peer, String msg) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	335	this.msg = msg;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	336	this.user= user;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	337	this.peer = peer;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	338	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	339	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	340	}

author	weijun
	Thu, 22 May 2014 07:04:57 +0800
changeset 24506	abb4cc4647ee
parent 24271	19000122bb5e
child 30820	0d4717a011d3
permissions	-rw-r--r--