-
Bug
-
Resolution: Unresolved
-
P4
-
11.0.27, 17.0.15, 21.0.7, 25
-
None
-
generic
-
generic
We received a report from a customer that was getting an error when trying to use an includedir directive in their /etc/krb5.conf file.
Java's parser expects include and includedir directives to be at the beginning of the file, before any section is declared [1]. There seems to have been a confusion interpreting the krb5.conf MIT Kerberos Documentation [2] inJDK-8029994: Support "include" and "includedir" in krb5.conf. The documentation says directives are "at the beginning of a line", while JDK-8029994 mentions directives "will appear at the start of the file".
The krb5-libs-1.18.2 parser [3] is clearly searching for directives when reading each line, regardless of the current section, if any.
I'm attaching a test case, intended to be located at test/jdk/sun/security/krb5/config/IncludeAfterSection.java.
[1] https://github.com/openjdk/jdk/blob/940aa7c4cf1bf770690660c8bb21fb3ddc5186e4/src/java.security.jgss/share/classes/sun/security/krb5/Config.java#L601-L602
[2] https://web.mit.edu/~kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html
[3] https://github.com/krb5/krb5/blob/krb5-1.18.2-final/src/util/profile/prof_parse.c#L282-L291
Java's parser expects include and includedir directives to be at the beginning of the file, before any section is declared [1]. There seems to have been a confusion interpreting the krb5.conf MIT Kerberos Documentation [2] in
The krb5-libs-1.18.2 parser [3] is clearly searching for directives when reading each line, regardless of the current section, if any.
I'm attaching a test case, intended to be located at test/jdk/sun/security/krb5/config/IncludeAfterSection.java.
[1] https://github.com/openjdk/jdk/blob/940aa7c4cf1bf770690660c8bb21fb3ddc5186e4/src/java.security.jgss/share/classes/sun/security/krb5/Config.java#L601-L602
[2] https://web.mit.edu/~kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html
[3] https://github.com/krb5/krb5/blob/krb5-1.18.2-final/src/util/profile/prof_parse.c#L282-L291