--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/util/KerberosString.java Mon Apr 09 10:39:29 2018 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/util/KerberosString.java Tue Apr 10 11:02:09 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,8 +26,7 @@
package sun.security.krb5.internal.util;
import java.io.IOException;
-import java.security.AccessController;
-import sun.security.action.GetBooleanAction;
+import sun.security.action.GetPropertyAction;
import sun.security.util.DerValue;
/**
@@ -45,15 +44,21 @@
public final class KerberosString {
/**
* RFC 4120 defines KerberosString as GeneralString (IA5String), which
- * only includes ASCII characters. However, other implementations have been
- * known to use GeneralString to contain UTF-8 encoding. To interop
- * with these implementations, the following system property is defined.
- * When set as true, KerberosString is encoded as UTF-8. Note that this
- * only affects the byte encoding, the tag of the ASN.1 type is still
- * GeneralString.
+ * only includes ASCII characters. However, most implementations have been
+ * known to use GeneralString to contain UTF-8 encoding. The following
+ * system property is defined. When set as true, KerberosString is encoded
+ * as UTF-8. Otherwise, it's ASCII. The default is true.
+ *
+ * Note that this only affects the byte encoding, the tag of the ASN.1
+ * type is still GeneralString.
*/
- public static final boolean MSNAME = AccessController.doPrivileged(
- new GetBooleanAction("sun.security.krb5.msinterop.kstring"));
+ public static final boolean MSNAME;
+
+ static {
+ String prop = GetPropertyAction.privilegedGetProperty(
+ "sun.security.krb5.msinterop.kstring", "true");
+ MSNAME = Boolean.parseBoolean(prop);
+ }
private final String s;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/krb5/auto/NonAscii.java Tue Apr 10 11:02:09 2018 +0800
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8200152
+ * @summary KerberosString should use UTF-8 by default
+ * @library /test/lib
+ * @compile -XDignore.symbol.file NonAscii.java
+ * @run main jdk.test.lib.FileInstaller TestHosts TestHosts
+ * @run main/othervm -Djdk.net.hosts.file=TestHosts NonAscii
+ * @run main/othervm/fail -Djdk.net.hosts.file=TestHosts
+ * -Dsun.security.krb5.msinterop.kstring=false
+ * NonAscii
+ * @run main/othervm/fail -Djdk.net.hosts.file=TestHosts
+ * -Dsun.security.krb5.msinterop.kstring=no
+ * NonAscii
+ */
+
+public class NonAscii {
+ public static void main(String[] args) throws Exception {
+ String name = "ab\u00e7";
+ char[] password = "password".toCharArray();
+ new OneKDC(null).addPrincipal(name, password);
+ Context.fromUserPass(name, password, false);
+ }
+}