Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/krb5/auto/IgnoreChannelBinding.java
38853 views
/*1* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 685197326* @run main/othervm -Dsun.net.spi.nameservice.provider.1=ns,mock IgnoreChannelBinding27* @summary ignore incoming channel binding if acceptor does not set one28*/2930import java.net.InetAddress;31import org.ietf.jgss.ChannelBinding;32import org.ietf.jgss.GSSException;33import sun.security.jgss.GSSUtil;3435public class IgnoreChannelBinding {3637public static void main(String[] args)38throws Exception {3940new OneKDC(null).writeJAASConf();4142Context c = Context.fromJAAS("client");43Context s = Context.fromJAAS("server");4445// All silent46c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);47s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);48Context.handshake(c, s);4950// Initiator req, acceptor ignore51c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);52c.x().setChannelBinding(new ChannelBinding(53InetAddress.getByName("client.rabbit.hole"),54InetAddress.getByName("host.rabbit.hole"),55new byte[0]56));57s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);58Context.handshake(c, s);5960// Both req, and match61c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);62c.x().setChannelBinding(new ChannelBinding(63InetAddress.getByName("client.rabbit.hole"),64InetAddress.getByName("host.rabbit.hole"),65new byte[0]66));67s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);68s.x().setChannelBinding(new ChannelBinding(69InetAddress.getByName("client.rabbit.hole"),70InetAddress.getByName("host.rabbit.hole"),71new byte[0]72));73Context.handshake(c, s);7475// Both req, NOT match76c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);77c.x().setChannelBinding(new ChannelBinding(78InetAddress.getByName("client.rabbit.hole"),79InetAddress.getByName("host.rabbit.hole"),80new byte[0]81));82s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);83s.x().setChannelBinding(new ChannelBinding(84InetAddress.getByName("client.rabbit.hole"),85InetAddress.getByName("host.rabbit.hole"),86new byte[1] // 0 -> 187));88try {89Context.handshake(c, s);90throw new Exception("Acceptor should reject initiator");91} catch (GSSException ge) {92// Expected bahavior93}9495// Acceptor req, reject96c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);97s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);98s.x().setChannelBinding(new ChannelBinding(99InetAddress.getByName("client.rabbit.hole"),100InetAddress.getByName("host.rabbit.hole"),101new byte[0]102));103try {104Context.handshake(c, s);105throw new Exception("Acceptor should reject initiator");106} catch (GSSException ge) {107// Expected bahavior108if (ge.getMajor() != GSSException.BAD_BINDINGS) {109throw ge;110}111}112}113}114115116