RFR: 8253829: Wrong length compared in SSPI bridge
Weijun Wang
weijun at openjdk.java.net
Wed Sep 30 03:06:56 UTC 2020
For two principals to be the same, they are either all "user at R", or one is "user" and the other is "user at R". The check
here wants to fail early if the length are different. "l" is the whole length and "r" is the length of the name
(without realm). The comparison should be reflective but there is a typo.
For example, for "user at R" and "user", l1 = 6, l2 = 4, r1 = 4, r2 = 4, the check will succeed and the names are treated
as different. This is not the expected behavior.
No regression test because we don't support SSPI testing in the OpenJDK repo now.
-------------
Commit messages:
- 8253829: Wrong length compared in SSPI bridge
Changes: https://git.openjdk.java.net/jdk/pull/419/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=419&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8253829
Stats: 2 lines in 1 file changed: 0 ins; 0 del; 2 mod
Patch: https://git.openjdk.java.net/jdk/pull/419.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/419/head:pull/419
PR: https://git.openjdk.java.net/jdk/pull/419
More information about the security-dev
mailing list