krb5 bug: Do any of the freebsd java folk (Greg?) have an upstream
contact?
Jan Grant
jan.grant at bristol.ac.uk
Wed Feb 7 16:01:33 UTC 2007
I'm trying to raise a bug with Sun about the sun.security.krb5
implementation. Unfortunately this is somewhat hampered by my suffering
from RSI at the moment.
The problem is a straightforward resource leak, as you can see if you
look at this:
http://java.sun.com/j2se/jrl_download.html
in particular, at
jdk_sec-1_5_0-src-scsl.zip
You'll see that sun.security.krb5.internal.UDPClient has no close()
method; and the UDPClient-using code path in sun.security.krb5.KrbKdcReq
(which has a few other close-to-the-coalface errors) consequently leaks
FDs (unlike the TCP path, which has a try/finally that closes the socket
properly).
We're seeing a krb5 client application (the Yale CAS SSO) keel over in
no time due to FD exhaustion. A trivial fix (the non-whitespace part of
the diff is 8 lines) sorts this out.
Prepping a test case is somewhat difficult when this email represents
most of the typing I'm going to get done today :-(
Cheers,
jan
--
jan grant, ISYS, University of Bristol. http://www.bris.ac.uk/
Tel +44 (0)117 3317661 http://ioctl.org/jan/
Goth is the new black.
More information about the freebsd-java
mailing list