答复: RFR 8036779: sun.security.krb5.KdcComm interprets kdc_timeout asmsec instead of sec
Weijun Wang
weijun.wang at oracle.com
Wed May 14 12:24:12 UTC 2014
On 5/14/2014 15:19, Xuelei Fan wrote:
> On 5/14/2014 2:04 PM, Weijun Wang wrote:
>> What do you mean by detecting the platform? So if I find the file is
>> also used by NetBSD krb5 then I treat it as second and if not
>> millisecond?
> Yes.
>
>> That's quite impossible. In my opinion, it all depends on
>> how the writer is educated, Java or some else.
>>
> The spec should be clear, and the writer should be well educated. It
> cannot be a condition to update the implementation that the write is not
> educated.
>
>> How is this unsafe, especially compared to if we don't fix it? The only
>> bad thing is that if someone wants to set the timeout to be less than
>> 120 ms, now there will be no way to do it. But that should never happen,
>> right?
>>
> My concerns is that it might happen. 120ms is not a small number, and
> 120s is not a big number in some circumstances.
120ms and 120s are possible values, but I doubt people will set them in
krb5.conf.
>
> Alternatively, for better inerop, we can suggest to use explicit spec in
> the configure instead of guess the what the spec is. Support two
> default specs is really confusing.
>
Unless we drop kdc_timeout and invent a new key name, we will have to
deal with the correctness (sec) and compatibility (msec) at the same
time. Yes, we can suggest people always adding a unit, but it looks most
people simply put a bare number there.
--Max
> Xuelei
>
>> My comment in the bug mentions we can support "5s", but then I realize
>> it does not really solve the unit-less case.
>>
>> Thanks
>> Max
>> ------------------------------------------------------------------------
>> 发件人: Xuelei Fan
>> 发送时间: 2014/5/14 13:21
>> 收件人: security-dev at openjdk.java.net
>> 主题: Re: RFR 8036779: sun.security.krb5.KdcComm interprets kdc_timeout
>> asmsec instead of sec
>>
>> This does not sound like a safe update to me. Is it possible to
>> detected the actual kdc_timeout spec (for example, using the known
>> platform) of the underlying configuration?
>>
>> Xuelei
>>
>>
>> On 5/14/2014 8:38 AM, Weijun Wang wrote:
>> > Please review the code changes at
>> >
>> > http://cr.openjdk.java.net/~weijun/8036779/webrev.00/
>> >
>> > The problem is that Java treats kdc_timeout as milliseconds but others
>> > (NetBSD here) might treat it as seconds. With this code change,
>> when the
>> > number is <= 120, it's seconds, otherwise, milliseconds.
>> >
>> > One exception would be that someone thinking NetBSD style could set it
>> > to 999 for a "maximum" timeout but the final result is less than 1
>> > second. In that case, we should advise him/her to set it to 99999999.
>> >
>> > Thanks
>> > Max
>>
>
More information about the security-dev
mailing list