RFR: 8316771: Krb5.java has not defined messages for all error codes

Sean Mullan mullan at openjdk.org
Mon Oct 2 18:46:51 UTC 2023


On Fri, 22 Sep 2023 20:05:18 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> Added 4 missing error codes and removed 2 wrong ones.
> 
> KRB_AP_ERR_NOREALM claims itself to be "used in setDefaultCreds() in sun.security.krb5.Credentials" but it's no more.
> 
> KRB_AP_ERR_GEN_CRED is used in one place but it's a local error and not meant to be embedded in a message. Therefore safe to be removed.

Marked as reviewed by mullan (Reviewer).

src/java.security.jgss/share/classes/sun/security/krb5/internal/Krb5.java line 282:

> 280:     public static final int KRB_ERR_WRONG_REALM          = 68;   //Wrong realm
> 281: 
> 282:     public static final int KRB_CRYPTO_NOT_SUPPORT      = 100;   //Client does not support this crypto type

Just wondering, and not a specific review comment, but do you know if this error code is necessary? It isn't defined in RFC 4120 and not used in the JDK AFAICT.

-------------

PR Review: https://git.openjdk.org/jdk/pull/15892#pullrequestreview-1653293733
PR Review Comment: https://git.openjdk.org/jdk/pull/15892#discussion_r1343030560


More information about the security-dev mailing list