# HG changeset patch # User chegar # Date 1381698030 -3600 # Node ID 47513cdce4ed2018b46d4d15fccb9e6aaa52cee1 # Parent d7e478820c56048b4c2c76b15c9198145f72ec34# Parent 396854c032bb0ae62a117422fbdd58f977fd1fd9 Merge diff -r d7e478820c56 -r 47513cdce4ed src/share/classes/com/sun/corba/se/impl/presentation/rmi/IDLNameTranslatorImpl.java --- a/src/share/classes/com/sun/corba/se/impl/presentation/rmi/IDLNameTranslatorImpl.java Thu Oct 10 10:08:52 2013 -0700 +++ b/src/share/classes/com/sun/corba/se/impl/presentation/rmi/IDLNameTranslatorImpl.java Sun Oct 13 22:00:30 2013 +0100 @@ -905,28 +905,4 @@ return contents.toString(); } - - public static void main(String[] args) { - - Class remoteInterface = java.rmi.Remote.class; - - if( args.length > 0 ) { - String className = args[0]; - try { - remoteInterface = Class.forName(className); - } catch(Exception e) { - e.printStackTrace(); - System.exit(-1); - } - } - - System.out.println("Building name translation for " + remoteInterface); - try { - IDLNameTranslator nameTranslator = - IDLNameTranslatorImpl.get(remoteInterface); - System.out.println(nameTranslator); - } catch(IllegalStateException ise) { - ise.printStackTrace(); - } - } } diff -r d7e478820c56 -r 47513cdce4ed src/share/classes/com/sun/corba/se/impl/presentation/rmi/InvocationHandlerFactoryImpl.java --- a/src/share/classes/com/sun/corba/se/impl/presentation/rmi/InvocationHandlerFactoryImpl.java Thu Oct 10 10:08:52 2013 -0700 +++ b/src/share/classes/com/sun/corba/se/impl/presentation/rmi/InvocationHandlerFactoryImpl.java Sun Oct 13 22:00:30 2013 +0100 @@ -43,6 +43,8 @@ import com.sun.corba.se.spi.orbutil.proxy.DelegateInvocationHandlerImpl ; import com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandler ; import com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl ; +import java.security.AccessController; +import java.security.PrivilegedAction; public class InvocationHandlerFactoryImpl implements InvocationHandlerFactory { @@ -114,24 +116,32 @@ // which extends org.omg.CORBA.Object. This handler delegates all // calls directly to a DynamicStubImpl, which extends // org.omg.CORBA.portable.ObjectImpl. - InvocationHandler dynamicStubHandler = + final InvocationHandler dynamicStubHandler = DelegateInvocationHandlerImpl.create( stub ) ; // Create an invocation handler that handles any remote interface // methods. - InvocationHandler stubMethodHandler = new StubInvocationHandlerImpl( + final InvocationHandler stubMethodHandler = new StubInvocationHandlerImpl( pm, classData, stub ) ; // Create a composite handler that handles the DynamicStub interface // as well as the remote interfaces. final CompositeInvocationHandler handler = new CustomCompositeInvocationHandlerImpl( stub ) ; + + AccessController.doPrivileged(new PrivilegedAction() { + @Override + public Void run() { handler.addInvocationHandler( DynamicStub.class, dynamicStubHandler ) ; handler.addInvocationHandler( org.omg.CORBA.Object.class, dynamicStubHandler ) ; handler.addInvocationHandler( Object.class, dynamicStubHandler ) ; + return null; + } + }); + // If the method passed to invoke is not from DynamicStub or its superclasses, // it must be from an implemented interface, so we just handle diff -r d7e478820c56 -r 47513cdce4ed src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java --- a/src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java Thu Oct 10 10:08:52 2013 -0700 +++ b/src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java Sun Oct 13 22:00:30 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -55,7 +55,7 @@ /** * @author Harold Carr */ -public class SelectorImpl +class SelectorImpl extends Thread implements diff -r d7e478820c56 -r 47513cdce4ed src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java --- a/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java Thu Oct 10 10:08:52 2013 -0700 +++ b/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java Sun Oct 13 22:00:30 2013 +0100 @@ -36,6 +36,7 @@ import com.sun.corba.se.spi.logging.CORBALogDomains ; import com.sun.corba.se.impl.logging.ORBUtilSystemException ; +import com.sun.corba.se.impl.presentation.rmi.DynamicAccessPermission; public class CompositeInvocationHandlerImpl implements CompositeInvocationHandler @@ -46,11 +47,13 @@ public void addInvocationHandler( Class interf, InvocationHandler handler ) { + checkAccess(); classToInvocationHandler.put( interf, handler ) ; } public void setDefaultHandler( InvocationHandler handler ) { + checkAccess(); defaultHandler = handler ; } @@ -78,4 +81,12 @@ return handler.invoke( proxy, method, args ) ; } + + private static final DynamicAccessPermission perm = new DynamicAccessPermission("access"); + private void checkAccess() { + final SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + sm.checkPermission(perm); } + } +} diff -r d7e478820c56 -r 47513cdce4ed src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java --- a/src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java Thu Oct 10 10:08:52 2013 -0700 +++ b/src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java Sun Oct 13 22:00:30 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,9 @@ import java.io.File; import java.io.IOException; +import java.io.SerializablePermission; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Vector; import java.util.Hashtable; import java.util.Enumeration; @@ -49,6 +52,7 @@ import com.sun.corba.se.impl.util.PackagePrefixChecker; import sun.rmi.rmic.Main; + /** * An IIOP stub/tie generator for rmic. * @@ -78,6 +82,7 @@ protected boolean castArray = false; protected Hashtable transactionalObjects = new Hashtable() ; protected boolean POATie = false ; + protected boolean emitPermissionCheck = false; /** * Default constructor for Main to use. @@ -193,6 +198,9 @@ } else if (argv[i].equals("-standardPackage")) { standardPackage = true; argv[i] = null; + } else if (argv[i].equals("-emitPermissionCheck")) { + emitPermissionCheck = true; + argv[i] = null; } else if (arg.equals("-xstubbase")) { argv[i] = null; if (++i < argv.length && argv[i] != null && !argv[i].startsWith("-")) { @@ -390,9 +398,22 @@ writePackageAndImports(p); +// generate +// import java.security.AccessController; +// import java.security.PrivilegedAction; +// import java.io.SerializablePermission; + if (emitPermissionCheck) { + p.pln("import java.security.AccessController;"); + p.pln("import java.security.PrivilegedAction;"); + p.pln("import java.io.SerializablePermission;"); + p.pln(); + p.pln(); + } + // Declare the stub class; implement all remote interfaces. p.p("public class " + currentClass); + p.p(" extends " + getName(stubBaseClass)); p.p(" implements "); if (remoteInterfaces.length > 0) { @@ -422,6 +443,57 @@ writeIds( p, theType, false ); p.pln(); + if (emitPermissionCheck) { + + // produce the following generated code for example + // private static Void checkPermission() { + // SecurityManager sm = System.getSecurityManager(); + // if (sm != null) { + // sm.checkPermission(new SerializablePermission( + // "enableSubclassImplementation")); // testing + // } + // return null; + // } + // + // private _XXXXX_Stub(Void ignore) { + // } + // + // public _XXXXX_Stub() { + // this(checkPermission()); + // } + // + // where XXXXX is the name of the remote interface + + p.pln(); + p.plnI("private static Void checkPermission() {"); + p.plnI("SecurityManager sm = System.getSecurityManager();"); + p.pln("if (sm != null) {"); + p.pI(); + p.plnI("sm.checkPermission(new SerializablePermission("); + p.plnI("\"enableSubclassImplementation\"));"); + p.pO(); + p.pO(); + p.pOln("}"); + p.pln("return null;"); + p.pO(); + p.pOln("}"); + p.pln(); + p.pO(); + + p.pI(); + p.pln("private " + currentClass + "(Void ignore) { }"); + p.pln(); + + p.plnI("public " + currentClass + "() { "); + p.pln("this(checkPermission());"); + p.pOln("}"); + p.pln(); + } + + if (!emitPermissionCheck) { + p.pI(); + } + // Write the _ids() method... p.plnI("public String[] _ids() { "); @@ -815,7 +887,6 @@ CompoundType theType) throws IOException { // Wtite the method declaration and opening brace... - String methodName = method.getName(); String methodIDLName = method.getIDLName();