RFR 8130720: BadKDC1 failed again
Xuelei Fan
xuelei.fan at oracle.com
Wed Jul 8 02:34:23 UTC 2015
Looks fine to me.
Xuelei
On 7/8/2015 10:25 AM, Weijun Wang wrote:
> Hi All
>
> Please review the fix at
>
> http://cr.openjdk.java.net/~weijun/8130720/webrev.00/
>
> As the bug description [1] says, at this stage, when k1 and k2 are on,
> although the most likely output is 1212 (try #1 without preauth,
> succeeds; try #1 with preauth, succeed), the actual output we spotted in
> a test run 122212 (try #1 without preauth, timeout; try #2 without
> preauth, succeed; try #1 with preauth, succeed) is still possible.
>
> It will be a mess to list all possible outputs because of possible
> timeout at each request and its different consequences. In the case, the
> list is "(12(12){1,2}|122232-)". The main reason I want to add a new
> output is that compare to 122232- (timeout at #1, timeout at #2, timeout
> at #3, fail at last), 122212 is much more likely to happen.
>
> Thanks
> Max
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8130720
More information about the security-dev
mailing list