Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
8284935: Improve debug in java.security.jgss
Reviewed-by: mullan
  • Loading branch information
XueleiFan committed Apr 18, 2022
1 parent ef25e18 commit c63fabe
Show file tree
Hide file tree
Showing 7 changed files with 82 additions and 58 deletions.
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -90,9 +90,11 @@ protected GSSCredentialImpl(GSSCredentialImpl src) {
} catch (GSSException e) {
if (defaultList) {
// Try the next mechanism
GSSUtil.debug("Ignore " + e + " while acquring cred for "
+ mechs[i]);
//e.printStackTrace();
if (GSSUtil.DEBUG) {
GSSUtil.debug("Ignore " + e + " while acquiring cred for "
+ mechs[i]);
// e.printStackTrace();
}
} else throw e; // else try the next mechanism
}
}
Expand Down
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -88,8 +88,10 @@ public Oid[] getMechsForName(Oid nameType){
}
} catch (GSSException e) {
// Squelch it and just skip over this mechanism
GSSUtil.debug("Skip " + mech +
": error retrieving supported name types");
if (GSSUtil.DEBUG) {
GSSUtil.debug("Skip " + mech +
": error retrieving supported name types");
}
}
}

Expand Down
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -203,10 +203,6 @@ public static final void readFully(InputStream is,
}
}

public static final void debug(String str) {
System.err.print(str);
}

public static final String getHexBytes(byte[] bytes) {
return getHexBytes(bytes, 0, bytes.length);
}
Expand Down
66 changes: 43 additions & 23 deletions src/java.security.jgss/share/classes/sun/security/jgss/GSSUtil.java
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -71,10 +71,8 @@ public class GSSUtil {
GetBooleanAction.privilegedGetProperty("sun.security.jgss.debug");

static void debug(String message) {
if (DEBUG) {
assert(message != null);
System.out.println(message);
}
assert(message != null);
System.out.println(message);
}

// NOTE: this method is only for creating Oid objects with
Expand All @@ -84,7 +82,9 @@ public static Oid createOid(String oidStr) {
try {
return new Oid(oidStr);
} catch (GSSException e) {
debug("Ignored invalid OID: " + oidStr);
if (DEBUG) {
debug("Ignored invalid OID: " + oidStr);
}
return null;
}
}
Expand Down Expand Up @@ -138,7 +138,9 @@ public static Subject getSubject(GSSName name,
KerberosPrincipal krbPrinc = new KerberosPrincipal(krbName);
krb5Principals.add(krbPrinc);
} catch (GSSException ge) {
debug("Skipped name " + name + " due to " + ge);
if (DEBUG) {
debug("Skipped name " + name + " due to " + ge);
}
}
}

Expand All @@ -149,10 +151,12 @@ public static Subject getSubject(GSSName name,
} else {
privCredentials = new HashSet<Object>(); // empty Set
}
debug("Created Subject with the following");
debug("principals=" + krb5Principals);
debug("public creds=" + pubCredentials);
debug("private creds=" + privCredentials);
if (DEBUG) {
debug("Created Subject with the following");
debug("principals=" + krb5Principals);
debug("public creds=" + pubCredentials);
debug("private creds=" + privCredentials);
}

return new Subject(false, krb5Principals, pubCredentials,
privCredentials);
Expand Down Expand Up @@ -212,7 +216,9 @@ private static void populateCredentials(Set<Object> credentials,
credentials.add(cred);
} else {
// Ignore non-KerberosTicket and non-KerberosKey elements
debug("Skipped cred element: " + cred);
if (DEBUG) {
debug("Skipped cred element: " + cred);
}
}
}
}
Expand Down Expand Up @@ -308,10 +314,12 @@ public static boolean useMSInterop() {
final Oid mech,
final boolean initiate,
final Class<? extends T> credCls) {
debug("Search Subject for " + getMechStr(mech) +
(initiate? " INIT" : " ACCEPT") + " cred (" +
(name == null? "<<DEF>>" : name.toString()) + ", " +
credCls.getName() + ")");
if (DEBUG) {
debug("Search Subject for " + getMechStr(mech) +
(initiate ? " INIT" : " ACCEPT") + " cred (" +
(name == null ? "<<DEF>>" : name.toString()) + ", " +
credCls.getName() + ")");
}
try {
@SuppressWarnings("removal")
Vector<T> creds =
Expand All @@ -327,30 +335,42 @@ public Vector<T> run() throws Exception {
(GSSCredentialImpl.class).iterator();
while (iterator.hasNext()) {
GSSCredentialImpl cred = iterator.next();
debug("...Found cred" + cred);
if (DEBUG) {
debug("...Found cred" + cred);
}
try {
GSSCredentialSpi ce =
cred.getElement(mech, initiate);
debug("......Found element: " + ce);
if (DEBUG) {
debug("......Found element: " + ce);
}
if (ce.getClass().equals(credCls) &&
(name == null ||
name.equals((Object) ce.getName()))) {
result.add(credCls.cast(ce));
} else {
debug("......Discard element");
if (DEBUG) {
debug("......Discard element");
}
}
} catch (GSSException ge) {
debug("...Discard cred (" + ge + ")");
if (DEBUG) {
debug("...Discard cred (" + ge + ")");
}
}
}
} else debug("No Subject");
} else if (DEBUG) {
debug("No Subject");
}
return result;
}
});
return creds;
} catch (PrivilegedActionException pae) {
debug("Unexpected exception when searching Subject:");
if (DEBUG) pae.printStackTrace();
if (DEBUG) {
debug("Unexpected exception when searching Subject:");
pae.printStackTrace();
}
return null;
}
}
Expand Down
Expand Up @@ -134,8 +134,10 @@ public ProviderList(GSSCaller caller, boolean useNative) {
addProviderAtEnd(prov, null);
} catch (GSSException ge) {
// Move on to the next provider
GSSUtil.debug("Error in adding provider " +
prov.getName() + ": " + ge);
if (GSSUtil.DEBUG) {
GSSUtil.debug("Error in adding provider " +
prov.getName() + ": " + ge);
}
}
} // End of for loop
}
Expand Down Expand Up @@ -421,8 +423,10 @@ private boolean addAllMechsFromProvider(Provider p) {
retVal = true;
} catch (GSSException e) {
// Skip to next property
GSSUtil.debug("Ignore the invalid property " +
prop + " from provider " + p.getName());
if (GSSUtil.DEBUG) {
GSSUtil.debug("Ignore the invalid property " +
prop + " from provider " + p.getName());
}
}
} // Processed GSS property
} // while loop
Expand Down
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -30,6 +30,7 @@
import java.security.AccessController;
import java.security.PrivilegedAction;
import org.ietf.jgss.Oid;
import sun.security.action.GetBooleanAction;
import sun.security.action.PutAllAction;
import static sun.security.util.SecurityConstants.PROVIDER_VER;

Expand All @@ -51,32 +52,32 @@ public final class SunNativeProvider extends Provider {
private static final String INFO = "Sun Native GSS provider";
private static final String MF_CLASS =
"sun.security.jgss.wrapper.NativeGSSFactory";
static boolean DEBUG;
private static final boolean DEBUG =
GetBooleanAction.privilegedGetProperty("sun.security.nativegss.debug");

static void debug(String message) {
if (DEBUG) {
if (message == null) {
throw new NullPointerException();
}
System.out.println(NAME + ": " + message);
if (message == null) {
throw new NullPointerException();
}
System.out.println(NAME + ": " + message);
}

@SuppressWarnings("removal")
private static final HashMap<String, String> MECH_MAP =
AccessController.doPrivileged(
new PrivilegedAction<>() {
public HashMap<String, String> run() {
DEBUG = Boolean.parseBoolean(
System.getProperty("sun.security.nativegss.debug"));
try {
// Ensure the InetAddress class is loaded before
// loading j2gss. The library will access this class
// and a deadlock might happen. See JDK-8210373.
Class.forName("java.net.InetAddress");
System.loadLibrary("j2gss");
} catch (ClassNotFoundException | Error err) {
debug("No j2gss library found!");
if (DEBUG) err.printStackTrace();
if (DEBUG) {
debug("No j2gss library found!");
err.printStackTrace();
}
return null;
}
String[] gssLibs;
Expand Down Expand Up @@ -107,11 +108,15 @@ public HashMap<String, String> run() {
}
for (String libName: gssLibs) {
if (GSSLibStub.init(libName, DEBUG)) {
debug("Loaded GSS library: " + libName);
if (DEBUG) {
debug("Loaded GSS library: " + libName);
}
Oid[] mechs = GSSLibStub.indicateMechs();
HashMap<String,String> map = new HashMap<>();
for (int i = 0; i < mechs.length; i++) {
debug("Native MF for " + mechs[i]);
if (DEBUG) {
debug("Native MF for " + mechs[i]);
}
map.put("GssApiMechanism." + mechs[i],
MF_CLASS);
}
Expand Down
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -340,12 +340,7 @@ PrincipalName getServerAlias() {
return serverAlias;
}

private static void debug(String message) {
// System.err.println(">>> KrbTgsReq: " + message);
}

boolean usedSubkey() {
return useSubkey;
}

}

1 comment on commit c63fabe

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.