code review request: 7076415: sun/security/krb5/runNameEquals.sh failed on sles 10

Xuelei Fan xuelei.fan at oracle.com
Wed Aug 10 11:24:01 UTC 2011


Is it necessary to enable debug log in runNameEquals.sh?

Otherwise, looks fine to me.

Xuelei

On 8/10/2011 6:00 PM, Weijun Wang wrote:
> Hi Valerie/Xuelei
> 
> Webrev at http://cr.openjdk.java.net/~weijun/7076415/webrev.00/
> 
> The test fails when running the native JGSS provider on a sles (SUSE
> Linux Enterprise Server) machine throwing:
> 
>    Exception in thread "main" GSSException: Invalid name provided
>     (Mechanism level: Hostname cannot be canonicalized)
>     at sun.security.jgss.wrapper.GSSLibStub.importName(Native Method)
> 
> I've seen this before but cannot find an old CR for it. The method
> called is
> 
>    gssManager.createName("service at host",...)
> 
> This "host" is not the name of a real host. On most systems, either
> hostname canonicalization is not performed, or there is a fallback
> mechanism, the method does not report any error and the test succeeds.
> However, on this sles machine, an exception is thrown.
> 
> I don't have any control on the native GSS's importName method, so I can
> only try my best to provide a name it can resolve. The only such name I
> can think of is "localhost".
> 
> The test currently uses 2 GSSName, "service at host" and "service at host2".
> Since I can only find one good hostname, I update it to same host with
> different service names, i.e. "service at localhost" and
> "service2 at localhost". Hopefully this still matches the purpose of the
> test. The original author is Xuelei.
> 
> I can reproduce the failure on the failed machine, and it succeeds after
> the code change.
> 
> Just submitted a JPRT job.
> 
> Thanks
> Max




More information about the security-dev mailing list