linkerlau/my-jdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(jdk8): move files to new folder to avoid resources compiled.

Browse Source
This commit is contained in:
linkerlau
2025-09-07 15:25:52 +08:00
parent 3f0047bf6f
commit 8c35cfb1c0
17415 changed files with 217 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
jdkSrc/jdk8/com/sun/jndi/ldap/sasl/DefaultCallbackHandler.java Normal file
View File

@@ -0,0 +1,135 @@
/*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.jndi.ldap.sasl;
import javax.security.auth.callback.*;
import javax.security.sasl.RealmCallback;
import javax.security.sasl.RealmChoiceCallback;
import java.io.IOException;
/**
* DefaultCallbackHandler for satisfying NameCallback and
* PasswordCallback for an LDAP client.
* NameCallback is used for getting the authentication ID and is
* gotten from the java.naming.security.principal property.
* PasswordCallback is gotten from the java.naming.security.credentials
* property and must be of type String, char[] or byte[].
* If byte[], it is assumed to have UTF-8 encoding.
*
* If the caller of getPassword() will be using the password as
* a byte array, then it should encode the char[] array returned by
* getPassword() into a byte[] using UTF-8.
*
* @author Rosanna Lee
*/
final class DefaultCallbackHandler implements CallbackHandler {
private char[] passwd;
private String authenticationID;
private String authRealm;
DefaultCallbackHandler(String principal, Object cred, String realm)
throws IOException {
authenticationID = principal;
authRealm = realm;
if (cred instanceof String) {
passwd = ((String)cred).toCharArray();
} else if (cred instanceof char[]) {
passwd = ((char[])cred).clone();
} else if (cred != null) {
// assume UTF-8 encoding
String orig = new String((byte[])cred, "UTF8");
passwd = orig.toCharArray();
}
}
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
((NameCallback)callbacks[i]).setName(authenticationID);
} else if (callbacks[i] instanceof PasswordCallback) {
((PasswordCallback)callbacks[i]).setPassword(passwd);
} else if (callbacks[i] instanceof RealmChoiceCallback) {
/* Deals with a choice of realms */
String[] choices =
((RealmChoiceCallback)callbacks[i]).getChoices();
int selected = 0;
if (authRealm != null && authRealm.length() > 0) {
selected = -1; // no realm chosen
for (int j = 0; j < choices.length; j++) {
if (choices[j].equals(authRealm)) {
selected = j;
}
}
if (selected == -1) {
StringBuffer allChoices = new StringBuffer();
for (int j = 0; j < choices.length; j++) {
allChoices.append(choices[j] + ",");
}
throw new IOException("Cannot match " +
"'java.naming.security.sasl.realm' property value, '" +
authRealm + "' with choices " + allChoices +
"in RealmChoiceCallback");
}
}
((RealmChoiceCallback)callbacks[i]).setSelectedIndex(selected);
} else if (callbacks[i] instanceof RealmCallback) {
/* 1 or 0 realms specified in challenge */
RealmCallback rcb = (RealmCallback) callbacks[i];
if (authRealm != null) {
rcb.setText(authRealm); // Use what user supplied
} else {
String defaultRealm = rcb.getDefaultText();
if (defaultRealm != null) {
rcb.setText(defaultRealm); // Use what server supplied
} else {
rcb.setText(""); // Specify no realm
}
}
} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
}
void clearPassword() {
if (passwd != null) {
for (int i = 0; i < passwd.length; i++) {
passwd[i] = '\0';
}
passwd = null;
}
}
protected void finalize() throws Throwable {
clearPassword();
}
}

201
jdkSrc/jdk8/com/sun/jndi/ldap/sasl/LdapSasl.java Normal file
View File

@@ -0,0 +1,201 @@
/*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.jndi.ldap.sasl;
import java.io.*;
import java.util.Vector;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.naming.AuthenticationException;
import javax.naming.AuthenticationNotSupportedException;
import javax.naming.NamingException;
import javax.naming.ldap.Control;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.*;
import com.sun.jndi.ldap.Connection;
import com.sun.jndi.ldap.LdapClient;
import com.sun.jndi.ldap.LdapResult;
/**
* Handles SASL support.
*
* @author Vincent Ryan
* @author Rosanna Lee
*/
final public class LdapSasl {
// SASL stuff
private static final String SASL_CALLBACK = "java.naming.security.sasl.callback";
private static final String SASL_AUTHZ_ID =
"java.naming.security.sasl.authorizationId";
private static final String SASL_REALM =
"java.naming.security.sasl.realm";
private static final int LDAP_SUCCESS = 0;
private static final int LDAP_SASL_BIND_IN_PROGRESS = 14; // LDAPv3
private LdapSasl() {
}
/**
* Performs SASL bind.
* Creates a SaslClient by using a default CallbackHandler
* that uses the Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS
* properties to satisfy the callbacks, and by using the
* SASL_AUTHZ_ID property as the authorization id. If the SASL_AUTHZ_ID
* property has not been set, Context.SECURITY_PRINCIPAL is used.
* If SASL_CALLBACK has been set, use that instead of the default
* CallbackHandler.
*<p>
* If bind is successful and the selected SASL mechanism has a security
* layer, set inStream and outStream to be filter streams that use
* the security layer. These will be used for subsequent communication
* with the server.
*<p>
* @param conn The non-null connection to use for sending an LDAP BIND
* @param server Non-null string name of host to connect to
* @param dn Non-null DN to bind as; also used as authentication ID
* @param pw Possibly null password; can be byte[], char[] or String
* @param authMech A non-null space-separated list of SASL authentication
* mechanisms.
* @param env The possibly null environment of the context, possibly containing
* properties for used by SASL mechanisms
* @param bindCtls The possibly null controls to accompany the bind
* @return LdapResult containing status of the bind
*/
@SuppressWarnings("unchecked")
public static LdapResult saslBind(LdapClient clnt, Connection conn,
String server, String dn, Object pw,
String authMech, Hashtable<?,?> env, Control[] bindCtls)
throws IOException, NamingException {
SaslClient saslClnt = null;
boolean cleanupHandler = false;
// Use supplied callback handler or create default
CallbackHandler cbh =
(env != null) ? (CallbackHandler)env.get(SASL_CALLBACK) : null;
if (cbh == null) {
cbh = new DefaultCallbackHandler(dn, pw, (String)env.get(SASL_REALM));
cleanupHandler = true;
}
// Prepare parameters for creating SASL client
String authzId = (env != null) ? (String)env.get(SASL_AUTHZ_ID) : null;
String[] mechs = getSaslMechanismNames(authMech);
try {
// Create SASL client to use using SASL package
saslClnt = Sasl.createSaslClient(
mechs, authzId, "ldap", server, (Hashtable<String, ?>)env, cbh);
if (saslClnt == null) {
throw new AuthenticationNotSupportedException(authMech);
}
LdapResult res;
String mechName = saslClnt.getMechanismName();
byte[] response = saslClnt.hasInitialResponse() ?
saslClnt.evaluateChallenge(NO_BYTES) : null;
res = clnt.ldapBind(null, response, bindCtls, mechName, true);
while (!saslClnt.isComplete() &&
(res.status == LDAP_SASL_BIND_IN_PROGRESS ||
res.status == LDAP_SUCCESS)) {
response = saslClnt.evaluateChallenge(
res.serverCreds != null? res.serverCreds : NO_BYTES);
if (res.status == LDAP_SUCCESS) {
if (response != null) {
throw new AuthenticationException(
"SASL client generated response after success");
}
break;
}
res = clnt.ldapBind(null, response, bindCtls, mechName, true);
}
if (res.status == LDAP_SUCCESS) {
if (!saslClnt.isComplete()) {
throw new AuthenticationException(
"SASL authentication not complete despite server claims");
}
String qop = (String) saslClnt.getNegotiatedProperty(Sasl.QOP);
// If negotiated integrity or privacy,
if (qop != null && (qop.equalsIgnoreCase("auth-int")
|| qop.equalsIgnoreCase("auth-conf"))) {
InputStream newIn = new SaslInputStream(saslClnt,
conn.inStream);
OutputStream newOut = new SaslOutputStream(saslClnt,
conn.outStream);
conn.replaceStreams(newIn, newOut);
} else {
saslClnt.dispose();
}
}
return res;
} catch (SaslException e) {
NamingException ne = new AuthenticationException(
authMech);
ne.setRootCause(e);
throw ne;
} finally {
if (cleanupHandler) {
((DefaultCallbackHandler)cbh).clearPassword();
}
}
}
/**
* Returns an array of SASL mechanisms given a string of space
* separated SASL mechanism names.
* @param The non-null string containing the mechanism names
* @return A non-null array of String; each element of the array
* contains a single mechanism name.
*/
private static String[] getSaslMechanismNames(String str) {
StringTokenizer parser = new StringTokenizer(str);
Vector<String> mechs = new Vector<>(10);
while (parser.hasMoreTokens()) {
mechs.addElement(parser.nextToken());
}
String[] mechNames = new String[mechs.size()];
for (int i = 0; i < mechs.size(); i++) {
mechNames[i] = mechs.elementAt(i);
}
return mechNames;
}
private static final byte[] NO_BYTES = new byte[0];
}

218
jdkSrc/jdk8/com/sun/jndi/ldap/sasl/SaslInputStream.java Normal file
View File

@@ -0,0 +1,218 @@
/*
* Copyright (c) 2001, 2003, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.jndi.ldap.sasl;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import java.io.IOException;
import java.io.EOFException;
import java.io.InputStream;
/**
* This class is used by clients of Java SASL that need to create an input stream
* that uses SaslClient's unwrap() method to decode the SASL buffers
* sent by the SASL server.
*
* Extend from InputStream instead of FilterInputStream because
* we need to override less methods in InputStream. That is, the
* behavior of the default implementations in InputStream matches
* more closely with the behavior we want in SaslInputStream.
*
* @author Rosanna Lee
*/
public class SaslInputStream extends InputStream {
private static final boolean debug = false;
private byte[] saslBuffer; // buffer for storing raw bytes
private byte[] lenBuf = new byte[4]; // buffer for storing length
private byte[] buf = new byte[0]; // buffer for storing processed bytes
// Initialized to empty buffer
private int bufPos = 0; // read position in buf
private InputStream in; // underlying input stream
private SaslClient sc;
private int recvMaxBufSize = 65536;
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
super();
this.in = in;
this.sc = sc;
String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
if (str != null) {
try {
recvMaxBufSize = Integer.parseInt(str);
} catch (NumberFormatException e) {
throw new SaslException(Sasl.MAX_BUFFER +
" property must be numeric string: " + str);
}
}
saslBuffer = new byte[recvMaxBufSize];
}
public int read() throws IOException {
byte[] inBuf = new byte[1];
int count = read(inBuf, 0, 1);
if (count > 0) {
return inBuf[0];
} else {
return -1;
}
}
public int read(byte[] inBuf, int start, int count) throws IOException {
if (bufPos >= buf.length) {
int actual = fill(); // read and unwrap next SASL buffer
while (actual == 0) { // ignore zero length content
actual = fill();
}
if (actual == -1) {
return -1; // EOF
}
}
int avail = buf.length - bufPos;
if (count > avail) {
// Requesting more that we have stored
// Return all that we have; next invocation of read() will
// trigger fill()
System.arraycopy(buf, bufPos, inBuf, start, avail);
bufPos = buf.length;
return avail;
} else {
// Requesting less than we have stored
// Return all that was requested
System.arraycopy(buf, bufPos, inBuf, start, count);
bufPos += count;
return count;
}
}
/**
* Fills the buf with more data by reading a SASL buffer, unwrapping it,
* and leaving the bytes in buf for read() to return.
* @return The number of unwrapped bytes available
*/
private int fill() throws IOException {
// Read in length of buffer
int actual = readFully(lenBuf, 4);
if (actual != 4) {
return -1;
}
int len = networkByteOrderToInt(lenBuf, 0, 4);
if (len > recvMaxBufSize) {
throw new IOException(
len + "exceeds the negotiated receive buffer size limit:" +
recvMaxBufSize);
}
if (debug) {
System.err.println("reading " + len + " bytes from network");
}
// Read SASL buffer
actual = readFully(saslBuffer, len);
if (actual != len) {
throw new EOFException("Expecting to read " + len +
" bytes but got " + actual + " bytes before EOF");
}
// Unwrap
buf = sc.unwrap(saslBuffer, 0, len);
bufPos = 0;
return buf.length;
}
/**
* Read requested number of bytes before returning.
* @return The number of bytes actually read; -1 if none read
*/
private int readFully(byte[] inBuf, int total) throws IOException {
int count, pos = 0;
if (debug) {
System.err.println("readFully " + total + " from " + in);
}
while (total > 0) {
count = in.read(inBuf, pos, total);
if (debug) {
System.err.println("readFully read " + count);
}
if (count == -1 ) {
return (pos == 0? -1 : pos);
}
pos += count;
total -= count;
}
return pos;
}
public int available() throws IOException {
return buf.length - bufPos;
}
public void close() throws IOException {
SaslException save = null;
try {
sc.dispose(); // Dispose of SaslClient's state
} catch (SaslException e) {
// Save exception for throwing after closing 'in'
save = e;
}
in.close(); // Close underlying input stream
if (save != null) {
throw save;
}
}
/**
* Returns the integer represented by 4 bytes in network byte order.
*/
// Copied from com.sun.security.sasl.util.SaslImpl.
private static int networkByteOrderToInt(byte[] buf, int start, int count) {
if (count > 4) {
throw new IllegalArgumentException("Cannot handle more than 4 bytes");
}
int answer = 0;
for (int i = 0; i < count; i++) {
answer <<= 8;
answer |= ((int)buf[start+i] & 0xff);
}
return answer;
}
}

135
jdkSrc/jdk8/com/sun/jndi/ldap/sasl/SaslOutputStream.java Normal file
View File

@@ -0,0 +1,135 @@
/*
* Copyright (c) 2001, 2003, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.jndi.ldap.sasl;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import java.io.IOException;
import java.io.FilterOutputStream;
import java.io.OutputStream;
class SaslOutputStream extends FilterOutputStream {
private static final boolean debug = false;
private byte[] lenBuf = new byte[4]; // buffer for storing length
private int rawSendSize = 65536;
private SaslClient sc;
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
super(out);
this.sc = sc;
if (debug) {
System.err.println("SaslOutputStream: " + out);
}
String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
if (str != null) {
try {
rawSendSize = Integer.parseInt(str);
} catch (NumberFormatException e) {
throw new SaslException(Sasl.RAW_SEND_SIZE +
" property must be numeric string: " + str);
}
}
}
// Override this method to call write(byte[], int, int) counterpart
// super.write(int) simply calls out.write(int)
public void write(int b) throws IOException {
byte[] buffer = new byte[1];
buffer[0] = (byte)b;
write(buffer, 0, 1);
}
/**
* Override this method to "wrap" the outgoing buffer before
* writing it to the underlying output stream.
*/
public void write(byte[] buffer, int offset, int total) throws IOException {
int count;
byte[] wrappedToken, saslBuffer;
// "Packetize" buffer to be within rawSendSize
if (debug) {
System.err.println("Total size: " + total);
}
for (int i = 0; i < total; i += rawSendSize) {
// Calculate length of current "packet"
count = (total - i) < rawSendSize ? (total - i) : rawSendSize;
// Generate wrapped token
wrappedToken = sc.wrap(buffer, offset+i, count);
// Write out length
intToNetworkByteOrder(wrappedToken.length, lenBuf, 0, 4);
if (debug) {
System.err.println("sending size: " + wrappedToken.length);
}
out.write(lenBuf, 0, 4);
// Write out wrapped token
out.write(wrappedToken, 0, wrappedToken.length);
}
}
public void close() throws IOException {
SaslException save = null;
try {
sc.dispose(); // Dispose of SaslClient's state
} catch (SaslException e) {
// Save exception for throwing after closing 'in'
save = e;
}
super.close(); // Close underlying output stream
if (save != null) {
throw save;
}
}
// Copied from com.sun.security.sasl.util.SaslImpl
/**
* Encodes an integer into 4 bytes in network byte order in the buffer
* supplied.
*/
private static void intToNetworkByteOrder(int num, byte[] buf, int start,
int count) {
if (count > 4) {
throw new IllegalArgumentException("Cannot handle more than 4 bytes");
}
for (int i = count-1; i >= 0; i--) {
buf[start+i] = (byte)(num & 0xff);
num >>>= 8;
}
}
}