Code review request: 8024861: Incomplete token triggers GSS-API NullPointerException
Weijun Wang
weijun.wang at oracle.com
Thu Sep 26 12:28:14 UTC 2013
Hi All
Please take a review at
http://cr.openjdk.java.net/~weijun/8024861/webrev.00/
When the first NegTokenInit does not include the mechToken, Java throws
an NPE. This code change checks it and throw a GSSException instead.
Precisely, the mechToken can be missing and the initiator will send it
in the second packet. Unfortunately, our current SPNEGO impl cannot
handle a handshake with more than 2 rounds nicely. I plan to support the
missing mechToken later when we fully support RFC 4178. The current impl
was coded according to RFC 2478.
Thanks
Max
More information about the security-dev
mailing list