JDK-8194073 : Invalid SunNativeProvider.INSTANCE initialization
- Type: Bug
- Component: security-libs
- Sub-Component: org.ietf.jgss
- Affected Version: 8,9.0.1,10
- Priority: P4
- Status: Closed
- Resolution: Fixed
- OS: linux
- CPU: x86_64
- Submitted: 2017-12-15
- Updated: 2018-06-28
- Resolved: 2018-06-11
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 |
|---|
11 b18Fixed  |
Description
FULL PRODUCT VERSION :
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
---
current upstream OpenJDK 9 affected too
ADDITIONAL OS VERSION INFORMATION :
Linux dhcp-10-40-4-225.brq.redhat.com 4.13.16-302.fc27.x86_64 #1 SMP Thu Nov 30 15:33:36 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
The SunNativeProvider.INSTANCE is initialized before the hashmap MECH_MAP, so it is initialized with empy list of supported mechanism. When trying to acceptSecContext, it fails on exception of unsupported mechanism:
GSSException: Provider SunNativeGSS does not support mechanism 1.2.840.113554.1.2.2
at java.security.jgss/sun.security.jgss.ProviderList.getMechFactory(ProviderList.java:253)
at java.security.jgss/sun.security.jgss.ProviderList.getMechFactory(ProviderList.java:209)
at java.security.jgss/sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:234)
at java.security.jgss/sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:337)
at java.security.jgss/sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:302)
There is trivial fix, which also fixed the problem for me when applied on upstream OpenJDK 9:
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java b/src/java.security.jgss/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java
--- a/src/java.security.jgss/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java
@@ -54,7 +54,7 @@
private static final String LIB_PROP = "sun.security.jgss.lib";
private static final String DEBUG_PROP = "sun.security.nativegss.debug";
private static HashMap<String, String> MECH_MAP;
- static final Provider INSTANCE = new SunNativeProvider();
+
static boolean DEBUG;
static void debug(String message) {
if (DEBUG) {
@@ -119,6 +119,8 @@
});
}
+ static final Provider INSTANCE = new SunNativeProvider();
+
public SunNativeProvider() {
/* We are the Sun NativeGSS provider */
super(NAME, PROVIDER_VER, INFO);
REGRESSION. Last worked in version 8u151
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Try to acceptSecContext when native GSS is used.
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
I was not able to find workaround without patching OpenJDK source (patch above)
Comments
|