import java.util.Collection;
import java.util.Map;
import org.jspecify.annotations.Nullable;

/**
 * An implementation of ImmutableMultiset backed by a JDK Map and a list of entries. Used to protect
 * against hash flooding attacks.
 *
 * @author Louis Wasserman
 */
@GwtCompatible
final class JdkBackedImmutableMultiset<E> extends ImmutableMultiset<E> {
  private final Map<E, Integer> delegateMap;
  private final ImmutableList<Entry<E>> entries;

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.smb;

import jcifs.CIFSException;

/**
 * Exception thrown when an SMB protocol downgrade attack is detected.
 * Indicates that the negotiated protocol version is lower than expected or required.
 *
 * @author mbechler
 *
 */
public class SMBProtocolDowngradeException extends CIFSException {

    /**

 */
package jcifs.util;

import java.util.regex.Pattern;

/**
 * Comprehensive input validation utility for SMB protocol implementation.
 * Provides validation methods to prevent buffer overflows, injection attacks,
 * and other security vulnerabilities.
 */
public final class InputValidator {

    private InputValidator() {
        // Utility class
    }

  }

  /** Confirm that URI retains other characters. https://github.com/square/okhttp/issues/5236 */
  @Test
  fun hostToUriStripsCharacters2() {
    val httpUrl = "http://\${tracker}/".toHttpUrl()
    assertThat(httpUrl.toUri().toString()).isEqualTo("http://\$tracker/")
  }

  @Test
  fun fragmentNonAsciiThatOffendsJavaNetUri() {
    val url = "http://host/#\u0080".toHttpUrl()
    assertThat(url.toString()).isEqualTo("http://host/#\u0080")

To add a dependency using Gradle:

```gradle
dependencies {
  test 'com.google.guava:guava-testlib:33.5.0-jre'
}
```

## Links

-   [GitHub project](https://github.com/google/guava)
-   [Issue tracker: Report a defect or feature request](https://github.com/google/guava/issues/new)
-   [StackOverflow: Ask "how-to" and "why-didn't-it-work" questions](https://stackoverflow.com/questions/ask?tags=guava+java)

 */
package jcifs.ntlmssp.av;

import jcifs.internal.util.SMBUtil;

/**
 * NTLMSSP AV pair representing timestamp information in NTLM authentication.
 * Contains time-based data used to prevent replay attacks and ensure message freshness.
 *
 * @author mbechler
 */
public class AvTimestamp extends AvPair {

    /**
     * Constructs an AvTimestamp from raw byte data
     *

- **Encryption Context**: Per-session encryption state management
- **Key Derivation**: SMB3 KDF implementation with dialect-specific parameters
- **Pre-Authentication Integrity**: SMB 3.1.1 PAI for preventing downgrade attacks
- **Automatic Detection**: Encryption automatically enabled when servers require it
- **Secure Key Management**: Proper key derivation and nonce generation

### Core Features

### CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)

A security issue was discovered in kube-apiserver that could allow an attacker controlled aggregated API server to redirect client traffic to any URL.  This could lead to the client performing unexpected actions as well as leaking the client's credentials to third parties. 

import jcifs.internal.util.SMBUtil;

/**
 * SMB2 Pre-authentication Integrity Negotiate Context.
 *
 * This negotiate context is used in SMB 3.1.1 to establish
 * pre-authentication integrity protection against downgrade attacks.
 *
 * @author mbechler
 */
public class PreauthIntegrityNegotiateContext implements NegotiateContextRequest, NegotiateContextResponse {

    /**
     * Context type
     */

-   Our users' guide, [Guava Explained]
-   [A nice collection](https://www.tfnico.com/presentations/google-guava) of
    other helpful links

## Links

-   [GitHub project](https://github.com/google/guava)
-   [Issue tracker: Report a defect or feature request](https://github.com/google/guava/issues/new)
-   [StackOverflow: Ask "how-to" and "why-didn't-it-work" questions](https://stackoverflow.com/questions/ask?tags=guava+java)