Skip to content

Commit 8e02064

Browse files
committed
8049520: FileCredentialsCache loads cache once and is never refreshed
Reviewed-by: mullan
1 parent 172aed1 commit 8e02064

File tree

2 files changed

+67
-8
lines changed

2 files changed

+67
-8
lines changed

src/java.security.jgss/share/classes/sun/security/krb5/Credentials.java

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,6 @@ public class Credentials {
6161
HostAddresses cAddr;
6262
AuthorizationData authzData;
6363
private static boolean DEBUG = Krb5.DEBUG;
64-
private static CredentialsCache cache;
6564
static boolean alreadyLoaded = false;
6665
private static boolean alreadyTried = false;
6766

@@ -416,9 +415,8 @@ public static Credentials acquireTGTFromCache(PrincipalName princ,
416415
public static synchronized Credentials acquireDefaultCreds() {
417416
Credentials result = null;
418417

419-
if (cache == null) {
420-
cache = CredentialsCache.getInstance();
421-
}
418+
CredentialsCache cache = CredentialsCache.getInstance();
419+
422420
if (cache != null) {
423421
Credentials temp = cache.getInitialCreds();
424422
if (temp != null) {
@@ -505,10 +503,6 @@ public static Credentials acquireS4U2proxyCreds(String service,
505503
service, second, client, ccreds);
506504
}
507505

508-
public CredentialsCache getCache() {
509-
return cache;
510-
}
511-
512506
/*
513507
* Prints out debug info.
514508
*/
Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
/*
2+
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
3+
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4+
*
5+
* This code is free software; you can redistribute it and/or modify it
6+
* under the terms of the GNU General Public License version 2 only, as
7+
* published by the Free Software Foundation.
8+
*
9+
* This code is distributed in the hope that it will be useful, but WITHOUT
10+
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11+
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12+
* version 2 for more details (a copy is included in the LICENSE file that
13+
* accompanied this code).
14+
*
15+
* You should have received a copy of the GNU General Public License version
16+
* 2 along with this work; if not, write to the Free Software Foundation,
17+
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18+
*
19+
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20+
* or visit www.oracle.com if you need additional information or have any
21+
* questions.
22+
*/
23+
24+
/*
25+
* @test
26+
* @bug 8049520
27+
* @summary FileCredentialsCache loads cache once and is never refreshed
28+
* @modules java.security.jgss/sun.security.krb5
29+
* java.security.jgss/sun.security.krb5.internal.ccache:+open
30+
* @library /test/lib
31+
*/
32+
import java.nio.file.Files;
33+
import java.nio.file.Path;
34+
35+
import jdk.test.lib.Asserts;
36+
import jdk.test.lib.process.Proc;
37+
import sun.security.krb5.Credentials;
38+
39+
public class Refresh {
40+
public static void main(String[] args) throws Exception {
41+
if (args.length == 0) {
42+
Proc.create("Refresh")
43+
.args("test")
44+
.env("KRB5CCNAME", "tmpcc")
45+
.inheritIO()
46+
.start()
47+
.waitFor(0);
48+
} else {
49+
Path cache = Path.of(System.getenv("KRB5CCNAME"));
50+
byte[] data = TimeInCCache.ccache.clone();
51+
Files.write(cache, data);
52+
check("dummy@MAXI.LOCAL");
53+
data[0x2A] = data[0x49] = 'f';
54+
Files.write(cache, data);
55+
check("fummy@MAXI.LOCAL");
56+
}
57+
}
58+
59+
static void check(String expected) throws Exception {
60+
var cred = Credentials.acquireTGTFromCache(null, null);
61+
var pn = cred == null ? null : cred.getClient();
62+
var name = pn == null ? null : pn.toString();
63+
Asserts.assertEQ(expected, name);
64+
}
65+
}

0 commit comments

Comments
 (0)