RFR: 8356997: /etc/krb5.conf parser should not forbid include/includedir directives after sections
Weijun Wang
weijun at openjdk.org
Fri May 23 18:49:11 UTC 2025
Several changes are made:
1. The "include" and "includedir" directives can appear everywhere, even inside a section or a sub-section. However, it only means the content is inserted here but the included file still need its own full structure -- from section to subsections.
2. The same file can be included multiple times as long as not recursively.
3. Everything is merged. For duplicated values, `get` returns the first one and `getAll` returns all joining by spaces.
Two new tests added. I also separately confirmed that they are parsed in the same way as [MIT krb5](https://github.com/krb5/krb5/blob/master/src/util/profile/test_parse.c). MIT krb5 ignores directory name after "include" but here it's an error.
-------------
Commit messages:
- remove exe bits
- the fix
Changes: https://git.openjdk.org/jdk/pull/25421/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=25421&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8356997
Stats: 434 lines in 3 files changed: 318 ins; 49 del; 67 mod
Patch: https://git.openjdk.org/jdk/pull/25421.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/25421/head:pull/25421
PR: https://git.openjdk.org/jdk/pull/25421
More information about the security-dev
mailing list