8382403: Enhance Kerberos DNS KDC discovery logging to expose sanitized DNS failure

Reviewed-by: weijun
2026-05-03 10:20:57 +00:00 · 2026-04-30 13:09:34 +00:00 · 2026-04-30 13:09:34 +00:00 · 91a4910edc
commit 91a4910edc
parent c2a4966864
1 changed files with 9 additions and 6 deletions
--- a/src/java.security.jgss/share/classes/sun/security/krb5/KrbServiceLocator.java
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/KrbServiceLocator.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2024, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2026, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -25,8 +25,6 @@

 package sun.security.krb5;

-import sun.security.krb5.internal.Krb5;
-
 import java.util.Arrays;
 import java.util.Hashtable;
 import java.util.Random;
@ -36,6 +34,8 @@ import javax.naming.*;
 import javax.naming.directory.*;
 import javax.naming.spi.NamingManager;

+import static sun.security.krb5.internal.Krb5.DEBUG;
+
 /**
 * This class discovers the location of Kerberos services by querying DNS,
 * as defined in RFC 4120.
@ -115,7 +115,9 @@ class KrbServiceLocator {
                }
            }
        } catch (NamingException e) {
-            // ignore
+            if (DEBUG != null) {
+                e.printStackTrace(DEBUG.getPrintStream());
+            }
        }
        return records;
    }
@ -187,8 +189,9 @@ class KrbServiceLocator {
                hostports = extractHostports(srvRecords);
            }
        } catch (NamingException e) {
-            // e.printStackTrace();
-            // ignore
+            if (DEBUG != null) {
+                e.printStackTrace(DEBUG.getPrintStream());
+            }
        }
        return hostports;
    }