Code review request: 7158329: NPE in sun.security.krb5.Credentials.acquireDefaultCreds()
Jonathan Gibbons
jonathan.gibbons at oracle.com
Thu Apr 5 18:29:10 UTC 2012
Max,
If it were me writing the test, I'd avoid using a shell script and would
write Java code using ProcessBuilder to set an env-var and then realunch
the test via new File(new File(System.getProperty("java.home"), "bin"),
"java");
This Java code could even be co-located in the EmptyCC.java file.
-- Jon
On 04/05/2012 02:32 AM, Weijun Wang wrote:
> The webrev is at
>
> http://cr.openjdk.java.net/~weijun/7158329/webrev.00/
>
> There are two places where the content (getDefaultCreds) of a cache
> might be null, one with a specified ccache file name, one default. In
> order to check for both, a KRB5CCNAME environment variable is needed.
> Therefore the test must be a script calling a Java program.
>
> *Jon*: I guess this is the only way to feed an environment variable to
> a Java test?
>
> Thanks
> Max
>
> -------- Original Message --------
> *Change Request ID*: 7158329
> *Synopsis*: NPE in sun.security.krb5.Credentials.acquireDefaultCreds()
>
> Product: java
> Category: java
> Subcategory: classes_security
> Type: Defect
>
> === *Description*
> ============================================================
> FULL PRODUCT VERSION :
> java version "1.6.0_26"
> Java(TM) SE Runtime Environment (build 1.6.0_26-b03)
> Java HotSpot(TM) Client VM (build 20.1-b02, mixed mode, sharing)
>
> ADDITIONAL OS VERSION INFORMATION :
> Microsoft Windows XP [Version 5.1.2600]
>
> A DESCRIPTION OF THE PROBLEM :
> Trying to invoke login with Krb5LoginModule, debug=false,
> doNotPrompt=true, useTicketCache=true, storeKey=false.
>
> When an empty file krb5cc_<username> in <userhome> exists, this throws
> a NullPointerException in
> sun.security.krb5.Credentials.acquireDefaultCreds().
>
> The cause is the following code:
>
> if (cache == null) {
> cache = CredentialsCache.getInstance();
> }
> if (cache != null) {
> if (DEBUG) {
> System.out.println(">>> KrbCreds found the default
> ticket " +
> "granting ticket in credential
> cache.");
> }
> sun.security.krb5.internal.ccache.Credentials temp =
> cache.getDefaultCreds();
> if (EType.isSupported(temp.getEType())) {
> result = temp.setKrbCreds();
> } else {
> if (DEBUG) {
> System.out.println(
> ">>> unsupported key type found the default
> TGT: " +
> temp.getEType());
> }
> }
> }
>
> where cache.getDefaultCreds() can and will return null in case the
> ticket cache is empty, so the EType.isSupported(...) fails.
>
>
> REPRODUCIBILITY :
> This bug can be reproduced always.
>
More information about the security-dev
mailing list