FULL PRODUCT VERSION : java version "1.8.0_66" Java(TM) SE Runtime Environment (build 1.8.0_66-b17) Java HotSpot(TM) 64-Bit Server VM (build 25.66-b17, mixed mode) ADDITIONAL OS VERSION INFORMATION : Linux <host> 2.6.32-573.8.1.el6.x86_64 #1 SMP Wed Nov 11 15:27:45 CET 2015 x86_64 x86_64 x86_64 GNU/Linux A DESCRIPTION OF THE PROBLEM : Whenever the krb5.conf file has a comment starting with semicolon not in the beginning of file, for example: [libdefaults] default_realm = EXAMPLE.COM ... ; comment [realms] EXAMPLE.ORG = { ... } When parsing the configuration, Java is throwing an exception: KrbException: Illegal config content:; comment at sun.security.krb5.Config.parseStanzaTable(Config.java:609) at sun.security.krb5.Config.<init>(Config.java:177) at sun.security.krb5.Config.getInstance(Config.java:98) ... 9 more While checking the source code of Kerberos (the latest version), you can see that semicolon is a valid comment starting character. Check prof_parce.c file in src/util/profile directory. Other sources suggest that semicolon should be accepted as comment starting character: https://groups.google.com/forum/#!topic/comp.protocols.kerberos/i_Cl2d7TLGU EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - The krb5.conf file with semicolons should be parsed successfully. ACTUAL - Exception is being thrown: KrbException: Illegal config content:; comment at sun.security.krb5.Config.parseStanzaTable(Config.java:609) at sun.security.krb5.Config.<init>(Config.java:177) at sun.security.krb5.Config.getInstance(Config.java:98) ... 9 more ERROR MESSAGES/STACK TRACES THAT OCCUR : KrbException: Illegal config content:; comment at sun.security.krb5.Config.parseStanzaTable(Config.java:609) at sun.security.krb5.Config.<init>(Config.java:177) at sun.security.krb5.Config.getInstance(Config.java:98) ... 9 more REPRODUCIBILITY : This bug can be reproduced always. ---------- BEGIN SOURCE ---------- Taken from Hadoop source code: Object kerbConf; Class<?> classRef; Method getInstanceMethod; Method getDefaultRealmMethod; if (IBM_JAVA) { classRef = Class.forName("com.ibm.security.krb5.internal.Config"); } else { classRef = Class.forName("sun.security.krb5.Config"); } getInstanceMethod = classRef.getMethod("getInstance", new Class[0]); kerbConf = getInstanceMethod.invoke(classRef, new Object[0]); getDefaultRealmMethod = classRef.getDeclaredMethod("getDefaultRealm", new Class[0]); return (String)getDefaultRealmMethod.invoke(kerbConf, new Object[0]); ---------- END SOURCE ---------- CUSTOMER SUBMITTED WORKAROUND : Removing the comment starting with semicolon or replacing semicolon by #.
|