Code review request: 7043737: klist does not detect non-existing keytab
Weijun Wang
weijun.wang at oracle.com
Thu May 12 15:59:19 PDT 2011
On May 13, 2011, at 5:05 AM, "Valerie (Yu-Ching) Peng" <valerie.peng at oracle.com> wrote:
> The changes look fine.
> (I suppose you'll integrate this into the next 7u since this isn't a showstopper. But still want to finish the review now so I don't forget it later.)
Correct.
Thanks
Max
> Valerie
>
> On 05/11/11 00:35, Weijun Wang wrote:
>> Hi Valerie
>>
>> http://cr.openjdk.java.net/~weijun/7043737/webrev.00/
>>
>> Not only a missing keytab is detected, but also an invalid one, where I use a similar error message like the native klist:
>>
>> $ klist -k ASSEMBLY_EXCEPTION
>> Keytab name: WRFILE:ASSEMBLY_EXCEPTION
>> klist: Unsupported key table format version number while starting keytab scan
>>
>> I'll ask for JDK 7 approval for this bug.
>>
>> Thanks
>> Max
>>
>>
>> -------- Original Message --------
>> *Change Request ID*: 7043737
>> *Synopsis*: klist does not detect non-existing keytab
>>
>> === *Description* ============================================================
>> Since "6894072: always refresh keytab", we support "dynamic" keytabs which means a keytab file can change during the execution of a program, this even includes accepting a non-existing keytab at the beginning and read it when it appears at a later time.
>>
>> On the other hand, the klist tool is used to list the current content of a static keytab file. When the file does not exist, we should warn the user. This behavior is also consistent with klist from other vendors.
>>
>
More information about the security-dev
mailing list