| /* |
| * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package sun.security.jgss; |
| |
| import org.ietf.jgss.*; |
| import sun.security.jgss.spi.*; |
| import java.security.Provider; |
| import java.security.AccessController; |
| import java.security.PrivilegedAction; |
| |
| /** |
| * This class provides the default implementation of the GSSManager |
| * interface. |
| */ |
| public class GSSManagerImpl extends GSSManager { |
| |
| // Undocumented property |
| private static final String USE_NATIVE_PROP = |
| "sun.security.jgss.native"; |
| private static final Boolean USE_NATIVE; |
| |
| static { |
| USE_NATIVE = |
| AccessController.doPrivileged(new PrivilegedAction<Boolean>() { |
| public Boolean run() { |
| String osname = System.getProperty("os.name"); |
| if (osname.startsWith("SunOS") || |
| osname.contains("OS X") || |
| osname.startsWith("Linux")) { |
| return new Boolean(System.getProperty |
| (USE_NATIVE_PROP)); |
| } |
| return Boolean.FALSE; |
| } |
| }); |
| |
| } |
| |
| private ProviderList list; |
| |
| // Used by java SPNEGO impl to make sure native is disabled |
| public GSSManagerImpl(GSSCaller caller, boolean useNative) { |
| list = new ProviderList(caller, useNative); |
| } |
| |
| // Used by HTTP/SPNEGO NegotiatorImpl |
| public GSSManagerImpl(GSSCaller caller) { |
| list = new ProviderList(caller, USE_NATIVE); |
| } |
| |
| public GSSManagerImpl() { |
| list = new ProviderList(GSSCaller.CALLER_UNKNOWN, USE_NATIVE); |
| } |
| |
| public Oid[] getMechs(){ |
| return list.getMechs(); |
| } |
| |
| public Oid[] getNamesForMech(Oid mech) |
| throws GSSException { |
| MechanismFactory factory = list.getMechFactory(mech); |
| return factory.getNameTypes().clone(); |
| } |
| |
| public Oid[] getMechsForName(Oid nameType){ |
| Oid[] mechs = list.getMechs(); |
| Oid[] retVal = new Oid[mechs.length]; |
| int pos = 0; |
| |
| // Compatibility with RFC 2853 old NT_HOSTBASED_SERVICE value. |
| if (nameType.equals(GSSNameImpl.oldHostbasedServiceName)) { |
| nameType = GSSName.NT_HOSTBASED_SERVICE; |
| } |
| |
| // Iterate thru all mechs in GSS |
| for (int i = 0; i < mechs.length; i++) { |
| // what nametypes does this mech support? |
| Oid mech = mechs[i]; |
| try { |
| Oid[] namesForMech = getNamesForMech(mech); |
| // Is the desired Oid present in that list? |
| if (nameType.containedIn(namesForMech)) { |
| retVal[pos++] = mech; |
| } |
| } catch (GSSException e) { |
| // Squelch it and just skip over this mechanism |
| GSSUtil.debug("Skip " + mech + |
| ": error retrieving supported name types"); |
| } |
| } |
| |
| // Trim the list if needed |
| if (pos < retVal.length) { |
| Oid[] temp = new Oid[pos]; |
| for (int i = 0; i < pos; i++) |
| temp[i] = retVal[i]; |
| retVal = temp; |
| } |
| |
| return retVal; |
| } |
| |
| public GSSName createName(String nameStr, Oid nameType) |
| throws GSSException { |
| return new GSSNameImpl(this, nameStr, nameType); |
| } |
| |
| public GSSName createName(byte name[], Oid nameType) |
| throws GSSException { |
| return new GSSNameImpl(this, name, nameType); |
| } |
| |
| public GSSName createName(String nameStr, Oid nameType, |
| Oid mech) throws GSSException { |
| return new GSSNameImpl(this, nameStr, nameType, mech); |
| } |
| |
| public GSSName createName(byte name[], Oid nameType, Oid mech) |
| throws GSSException { |
| return new GSSNameImpl(this, name, nameType, mech); |
| } |
| |
| public GSSCredential createCredential(int usage) |
| throws GSSException { |
| return new GSSCredentialImpl(this, usage); |
| } |
| |
| public GSSCredential createCredential(GSSName aName, |
| int lifetime, Oid mech, int usage) |
| throws GSSException { |
| return new GSSCredentialImpl(this, aName, lifetime, mech, usage); |
| } |
| |
| public GSSCredential createCredential(GSSName aName, |
| int lifetime, Oid mechs[], int usage) |
| throws GSSException { |
| return new GSSCredentialImpl(this, aName, lifetime, mechs, usage); |
| } |
| |
| public GSSContext createContext(GSSName peer, Oid mech, |
| GSSCredential myCred, int lifetime) |
| throws GSSException { |
| return new GSSContextImpl(this, peer, mech, myCred, lifetime); |
| } |
| |
| public GSSContext createContext(GSSCredential myCred) |
| throws GSSException { |
| return new GSSContextImpl(this, myCred); |
| } |
| |
| public GSSContext createContext(byte[] interProcessToken) |
| throws GSSException { |
| return new GSSContextImpl(this, interProcessToken); |
| } |
| |
| public void addProviderAtFront(Provider p, Oid mech) |
| throws GSSException { |
| list.addProviderAtFront(p, mech); |
| } |
| |
| public void addProviderAtEnd(Provider p, Oid mech) |
| throws GSSException { |
| list.addProviderAtEnd(p, mech); |
| } |
| |
| public GSSCredentialSpi getCredentialElement(GSSNameSpi name, int initLifetime, |
| int acceptLifetime, Oid mech, int usage) |
| throws GSSException { |
| MechanismFactory factory = list.getMechFactory(mech); |
| return factory.getCredentialElement(name, initLifetime, |
| acceptLifetime, usage); |
| } |
| |
| // Used by java SPNEGO impl |
| public GSSNameSpi getNameElement(String name, Oid nameType, Oid mech) |
| throws GSSException { |
| // Just use the most preferred MF impl assuming GSSNameSpi |
| // objects are interoperable among providers |
| MechanismFactory factory = list.getMechFactory(mech); |
| return factory.getNameElement(name, nameType); |
| } |
| |
| // Used by java SPNEGO impl |
| public GSSNameSpi getNameElement(byte[] name, Oid nameType, Oid mech) |
| throws GSSException { |
| // Just use the most preferred MF impl assuming GSSNameSpi |
| // objects are interoperable among providers |
| MechanismFactory factory = list.getMechFactory(mech); |
| return factory.getNameElement(name, nameType); |
| } |
| |
| GSSContextSpi getMechanismContext(GSSNameSpi peer, |
| GSSCredentialSpi myInitiatorCred, |
| int lifetime, Oid mech) |
| throws GSSException { |
| Provider p = null; |
| if (myInitiatorCred != null) { |
| p = myInitiatorCred.getProvider(); |
| } |
| MechanismFactory factory = list.getMechFactory(mech, p); |
| return factory.getMechanismContext(peer, myInitiatorCred, lifetime); |
| } |
| |
| GSSContextSpi getMechanismContext(GSSCredentialSpi myAcceptorCred, |
| Oid mech) |
| throws GSSException { |
| Provider p = null; |
| if (myAcceptorCred != null) { |
| p = myAcceptorCred.getProvider(); |
| } |
| MechanismFactory factory = list.getMechFactory(mech, p); |
| return factory.getMechanismContext(myAcceptorCred); |
| } |
| |
| GSSContextSpi getMechanismContext(byte[] exportedContext) |
| throws GSSException { |
| if ((exportedContext == null) || (exportedContext.length == 0)) { |
| throw new GSSException(GSSException.NO_CONTEXT); |
| } |
| GSSContextSpi result = null; |
| |
| // Only allow context import with native provider since JGSS |
| // still has not defined its own interprocess token format |
| Oid[] mechs = list.getMechs(); |
| for (int i = 0; i < mechs.length; i++) { |
| MechanismFactory factory = list.getMechFactory(mechs[i]); |
| if (factory.getProvider().getName().equals("SunNativeGSS")) { |
| result = factory.getMechanismContext(exportedContext); |
| if (result != null) break; |
| } |
| } |
| if (result == null) { |
| throw new GSSException(GSSException.UNAVAILABLE); |
| } |
| return result; |
| } |
| } |