Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/jgss/GSSManagerImpl.java
38830 views
/*1* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.jgss;2627import org.ietf.jgss.*;28import sun.security.jgss.spi.*;29import java.security.Provider;30import java.security.AccessController;31import java.security.PrivilegedAction;3233/**34* This class provides the default implementation of the GSSManager35* interface.36*/37public class GSSManagerImpl extends GSSManager {3839// Undocumented property40private static final String USE_NATIVE_PROP =41"sun.security.jgss.native";42private static final Boolean USE_NATIVE;4344static {45USE_NATIVE =46AccessController.doPrivileged(new PrivilegedAction<Boolean>() {47public Boolean run() {48String osname = System.getProperty("os.name");49if (osname.startsWith("SunOS") ||50osname.contains("OS X") ||51osname.startsWith("Linux")) {52return new Boolean(System.getProperty53(USE_NATIVE_PROP));54}55return Boolean.FALSE;56}57});5859}6061private ProviderList list;6263// Used by java SPNEGO impl to make sure native is disabled64public GSSManagerImpl(GSSCaller caller, boolean useNative) {65list = new ProviderList(caller, useNative);66}6768// Used by HTTP/SPNEGO NegotiatorImpl69public GSSManagerImpl(GSSCaller caller) {70list = new ProviderList(caller, USE_NATIVE);71}7273public GSSManagerImpl() {74list = new ProviderList(GSSCaller.CALLER_UNKNOWN, USE_NATIVE);75}7677public Oid[] getMechs(){78return list.getMechs();79}8081public Oid[] getNamesForMech(Oid mech)82throws GSSException {83MechanismFactory factory = list.getMechFactory(mech);84return factory.getNameTypes().clone();85}8687public Oid[] getMechsForName(Oid nameType){88Oid[] mechs = list.getMechs();89Oid[] retVal = new Oid[mechs.length];90int pos = 0;9192// Compatibility with RFC 2853 old NT_HOSTBASED_SERVICE value.93if (nameType.equals(GSSNameImpl.oldHostbasedServiceName)) {94nameType = GSSName.NT_HOSTBASED_SERVICE;95}9697// Iterate thru all mechs in GSS98for (int i = 0; i < mechs.length; i++) {99// what nametypes does this mech support?100Oid mech = mechs[i];101try {102Oid[] namesForMech = getNamesForMech(mech);103// Is the desired Oid present in that list?104if (nameType.containedIn(namesForMech)) {105retVal[pos++] = mech;106}107} catch (GSSException e) {108// Squelch it and just skip over this mechanism109GSSUtil.debug("Skip " + mech +110": error retrieving supported name types");111}112}113114// Trim the list if needed115if (pos < retVal.length) {116Oid[] temp = new Oid[pos];117for (int i = 0; i < pos; i++)118temp[i] = retVal[i];119retVal = temp;120}121122return retVal;123}124125public GSSName createName(String nameStr, Oid nameType)126throws GSSException {127return new GSSNameImpl(this, nameStr, nameType);128}129130public GSSName createName(byte name[], Oid nameType)131throws GSSException {132return new GSSNameImpl(this, name, nameType);133}134135public GSSName createName(String nameStr, Oid nameType,136Oid mech) throws GSSException {137return new GSSNameImpl(this, nameStr, nameType, mech);138}139140public GSSName createName(byte name[], Oid nameType, Oid mech)141throws GSSException {142return new GSSNameImpl(this, name, nameType, mech);143}144145public GSSCredential createCredential(int usage)146throws GSSException {147return new GSSCredentialImpl(this, usage);148}149150public GSSCredential createCredential(GSSName aName,151int lifetime, Oid mech, int usage)152throws GSSException {153return new GSSCredentialImpl(this, aName, lifetime, mech, usage);154}155156public GSSCredential createCredential(GSSName aName,157int lifetime, Oid mechs[], int usage)158throws GSSException {159return new GSSCredentialImpl(this, aName, lifetime, mechs, usage);160}161162public GSSContext createContext(GSSName peer, Oid mech,163GSSCredential myCred, int lifetime)164throws GSSException {165return new GSSContextImpl(this, peer, mech, myCred, lifetime);166}167168public GSSContext createContext(GSSCredential myCred)169throws GSSException {170return new GSSContextImpl(this, myCred);171}172173public GSSContext createContext(byte[] interProcessToken)174throws GSSException {175return new GSSContextImpl(this, interProcessToken);176}177178public void addProviderAtFront(Provider p, Oid mech)179throws GSSException {180list.addProviderAtFront(p, mech);181}182183public void addProviderAtEnd(Provider p, Oid mech)184throws GSSException {185list.addProviderAtEnd(p, mech);186}187188public GSSCredentialSpi getCredentialElement(GSSNameSpi name, int initLifetime,189int acceptLifetime, Oid mech, int usage)190throws GSSException {191MechanismFactory factory = list.getMechFactory(mech);192return factory.getCredentialElement(name, initLifetime,193acceptLifetime, usage);194}195196// Used by java SPNEGO impl197public GSSNameSpi getNameElement(String name, Oid nameType, Oid mech)198throws GSSException {199// Just use the most preferred MF impl assuming GSSNameSpi200// objects are interoperable among providers201MechanismFactory factory = list.getMechFactory(mech);202return factory.getNameElement(name, nameType);203}204205// Used by java SPNEGO impl206public GSSNameSpi getNameElement(byte[] name, Oid nameType, Oid mech)207throws GSSException {208// Just use the most preferred MF impl assuming GSSNameSpi209// objects are interoperable among providers210MechanismFactory factory = list.getMechFactory(mech);211return factory.getNameElement(name, nameType);212}213214GSSContextSpi getMechanismContext(GSSNameSpi peer,215GSSCredentialSpi myInitiatorCred,216int lifetime, Oid mech)217throws GSSException {218Provider p = null;219if (myInitiatorCred != null) {220p = myInitiatorCred.getProvider();221}222MechanismFactory factory = list.getMechFactory(mech, p);223return factory.getMechanismContext(peer, myInitiatorCred, lifetime);224}225226GSSContextSpi getMechanismContext(GSSCredentialSpi myAcceptorCred,227Oid mech)228throws GSSException {229Provider p = null;230if (myAcceptorCred != null) {231p = myAcceptorCred.getProvider();232}233MechanismFactory factory = list.getMechFactory(mech, p);234return factory.getMechanismContext(myAcceptorCred);235}236237GSSContextSpi getMechanismContext(byte[] exportedContext)238throws GSSException {239if ((exportedContext == null) || (exportedContext.length == 0)) {240throw new GSSException(GSSException.NO_CONTEXT);241}242GSSContextSpi result = null;243244// Only allow context import with native provider since JGSS245// still has not defined its own interprocess token format246Oid[] mechs = list.getMechs();247for (int i = 0; i < mechs.length; i++) {248MechanismFactory factory = list.getMechFactory(mechs[i]);249if (factory.getProvider().getName().equals("SunNativeGSS")) {250result = factory.getMechanismContext(exportedContext);251if (result != null) break;252}253}254if (result == null) {255throw new GSSException(GSSException.UNAVAILABLE);256}257return result;258}259}260261262