Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.security.jgss/share/classes/sun/security/krb5/PrincipalName.java
changeset 51979 3241975b1830
parent 47216 71c04702a3d5
child 52220 9c260a6b6471 
--- a/src/java.security.jgss/share/classes/sun/security/krb5/PrincipalName.java	Mon Oct 01 20:16:55 2018 -0400
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/PrincipalName.java	Tue Oct 02 16:02:35 2018 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -406,26 +406,37 @@
         case KRB_NT_SRV_HST:
             if (nameParts.length >= 2) {
                 String hostName = nameParts[1];
+                Boolean option;
                 try {
-                    // RFC4120 does not recommend canonicalizing a hostname.
-                    // However, for compatibility reason, we will try
-                    // canonicalize it and see if the output looks better.
-
-                    String canonicalized = (InetAddress.getByName(hostName)).
-                            getCanonicalHostName();
+                    // If true, try canonicalizing and accept it if it starts
+                    // with the short name. Otherwise, never. Default true.
+                    option = Config.getInstance().getBooleanObject(
+                            "libdefaults", "dns_canonicalize_hostname");
+                } catch (KrbException e) {
+                    option = null;
+                }
+                if (option != Boolean.FALSE) {
+                    try {
+                        // RFC4120 does not recommend canonicalizing a hostname.
+                        // However, for compatibility reason, we will try
+                        // canonicalizing it and see if the output looks better.
 
-                    // Looks if canonicalized is a longer format of hostName,
-                    // we accept cases like
-                    //     bunny -> bunny.rabbit.hole
-                    if (canonicalized.toLowerCase(Locale.ENGLISH).startsWith(
-                                hostName.toLowerCase(Locale.ENGLISH)+".")) {
-                        hostName = canonicalized;
+                        String canonicalized = (InetAddress.getByName(hostName)).
+                                getCanonicalHostName();
+
+                        // Looks if canonicalized is a longer format of hostName,
+                        // we accept cases like
+                        //     bunny -> bunny.rabbit.hole
+                        if (canonicalized.toLowerCase(Locale.ENGLISH).startsWith(
+                                hostName.toLowerCase(Locale.ENGLISH) + ".")) {
+                            hostName = canonicalized;
+                        }
+                    } catch (UnknownHostException | SecurityException e) {
+                        // not canonicalized or no permission to do so, use old
                     }
-                } catch (UnknownHostException | SecurityException e) {
-                    // not canonicalized or no permission to do so, use old
-                }
-                if (hostName.endsWith(".")) {
-                    hostName = hostName.substring(0, hostName.length() - 1);
+                    if (hostName.endsWith(".")) {
+                        hostName = hostName.substring(0, hostName.length() - 1);
+                    }
                 }
                 nameParts[1] = hostName.toLowerCase(Locale.ENGLISH);
             }
jdk-sandbox