code review request: 7076415: sun/security/krb5/runNameEquals.sh failed on sles 10
Weijun Wang
weijun.wang at oracle.com
Wed Aug 10 10:00:32 UTC 2011
Hi Valerie/Xuelei
Webrev at http://cr.openjdk.java.net/~weijun/7076415/webrev.00/
The test fails when running the native JGSS provider on a sles (SUSE
Linux Enterprise Server) machine throwing:
Exception in thread "main" GSSException: Invalid name provided
(Mechanism level: Hostname cannot be canonicalized)
at sun.security.jgss.wrapper.GSSLibStub.importName(Native Method)
I've seen this before but cannot find an old CR for it. The method called is
gssManager.createName("service at host",...)
This "host" is not the name of a real host. On most systems, either
hostname canonicalization is not performed, or there is a fallback
mechanism, the method does not report any error and the test succeeds.
However, on this sles machine, an exception is thrown.
I don't have any control on the native GSS's importName method, so I can
only try my best to provide a name it can resolve. The only such name I
can think of is "localhost".
The test currently uses 2 GSSName, "service at host" and "service at host2".
Since I can only find one good hostname, I update it to same host with
different service names, i.e. "service at localhost" and
"service2 at localhost". Hopefully this still matches the purpose of the
test. The original author is Xuelei.
I can reproduce the failure on the failed machine, and it succeeds after
the code change.
Just submitted a JPRT job.
Thanks
Max
More information about the security-dev
mailing list