jdk-sandbox: comparison jdk/src/share/classes/sun/security/krb5/KdcComm.java

equal deleted inserted replaced

-:b44a353664b8
+:da638a97c27a
 import java.security.PrivilegedActionException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 import java.util.HashSet;
+import java.util.Iterator;
 import sun.security.krb5.internal.KRBError;
 /**
 * KDC-REQ/KDC-REP communication. No more base class for KrbAsReq and
 * KrbTgsReq. This class is now communication only.
 private byte[] send(byte[] obuf, boolean useTCP)
 throws IOException, KrbException {
 if (obuf == null)
 return null;
-Exception savedException = null;
 Config cfg = Config.getInstance();
 if (realm == null) {
 realm = cfg.getDefaultRealm();
 if (realm == null) {
 String kdcList = cfg.getKDCList(realm);
 if (kdcList == null) {
 throw new KrbException("Cannot get kdc for realm " + realm);
 }
-String tempKdc = null; // may include the port number also
+// tempKdc may include the port number also
+Iterator<String> tempKdc = KdcAccessibility.list(kdcList).iterator();
+if (!tempKdc.hasNext()) {
+throw new KrbException("Cannot get kdc for realm " + realm);
+}
 byte[] ibuf = null;
-for (String tmp: KdcAccessibility.list(kdcList)) {
+try {
-tempKdc = tmp;
+ibuf = sendIfPossible(obuf, tempKdc.next(), useTCP);
+} catch(Exception first) {
+while(tempKdc.hasNext()) {
+try {
+ibuf = sendIfPossible(obuf, tempKdc.next(), useTCP);
+if (ibuf != null) {
+return ibuf;
+}
+} catch(Exception ignore) {}
+}
+throw first;
+}
+if (ibuf == null) {
+throw new IOException("Cannot get a KDC reply");
+}
+return ibuf;
+}
+// send the AS Request to the specified KDC
+// failover to using TCP if useTCP is not set and response is too big
+private byte[] sendIfPossible(byte[] obuf, String tempKdc, boolean useTCP)
+throws IOException, KrbException {
+try {
+byte[] ibuf = send(obuf, tempKdc, useTCP);
+KRBError ke = null;
 try {
-ibuf = send(obuf,tempKdc,useTCP);
+ke = new KRBError(ibuf);
-KRBError ke = null;
-try {
-ke = new KRBError(ibuf);
-} catch (Exception e) {
-// OK
-}
-if (ke != null && ke.getErrorCode() ==
-Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
-ibuf = send(obuf, tempKdc, true);
-}
-KdcAccessibility.removeBad(tempKdc);
-break;
 } catch (Exception e) {
-if (DEBUG) {
+// OK
-System.out.println(">>> KrbKdcReq send: error trying " +
+}
-tempKdc);
+if (ke != null && ke.getErrorCode() ==
-e.printStackTrace(System.out);
+Krb5.KRB_ERR_RESPONSE_TOO_BIG) {
-}
+ibuf = send(obuf, tempKdc, true);
-KdcAccessibility.addBad(tempKdc);
+}
-savedException = e;
+KdcAccessibility.removeBad(tempKdc);
-}
+return ibuf;
-}
+} catch(Exception e) {
-if (ibuf == null) {
+if (DEBUG) {
-if (savedException != null) {
+System.out.println(">>> KrbKdcReq send: error trying " +
-if (savedException instanceof IOException) {
+tempKdc);
-throw (IOException) savedException;
+e.printStackTrace(System.out);
-} else {
+}
-throw (KrbException) savedException;
+KdcAccessibility.addBad(tempKdc);
-}
+throw e;
-} else {
+}
-throw new IOException("Cannot get a KDC reply");
-}
-}
-return ibuf;
 }
 // send the AS Request to the specified KDC
 private byte[] send(byte[] obuf, String tempKdc, boolean useTCP)
 }
 bads.clear();
 }
 // Returns a preferred KDC list by putting the bad ones at the end
-private static synchronized String[] list(String kdcList) {
+private static synchronized List<String> list(String kdcList) {
 StringTokenizer st = new StringTokenizer(kdcList);
 List<String> list = new ArrayList<>();
 if (badPolicy == BpType.TRY_LAST) {
 List<String> badkdcs = new ArrayList<>();
 while (st.hasMoreTokens()) {
 // This include TRY_LESS and NONE
 while (st.hasMoreTokens()) {
 list.add(st.nextToken());
 }
 }
-return list.toArray(new String[list.size()]);
+return list;
 }
 }
 }

changeset 20818	da638a97c27a
parent 20804	18285d130365
parent 18549	66e6e111be22
child 20827	29e3da385ed2