Mercurial > hg > release > icedtea6-1.12
view patches/openjdk/8011157-improve_corba_portability.patch @ 3029:dfef77966f7c
Add 2013/10/15 security fixes.
2013-10-29 Andrew John Hughes <gnu.andrew@redhat.com>
* Makefile.am:
(SECURITY_PATCHES): Add security update.
* NEWS: Updated.
* patches/jtreg-LastErrorString.patch,
* patches/use-idx_t.patch,
* patches/openjdk/7162902-corba_fixes.patch,
* patches/openjdk/7196533-timezone_bottleneck.patch,
* patches/openjdk/8010727-empty_logger_name.patch,
* patches/openjdk/8010939-logmanager_deadlock.patch,
* patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch,
* patches/openjdk/8014718-remove_logging_suntoolkit.patch:
Regenerated.
* patches/nss-config.patch: Fix path to java.security.
* patches/openjdk/4075303-javap_update.patch,
* patches/openjdk/4111861-static_fields.patch,
* patches/openjdk/4501661-disallow_mixing.patch,
* patches/openjdk/4884240-javap_additional_option.patch,
* patches/openjdk/6708729-javap_makefile_update.patch,
* patches/openjdk/6715767-javap_crash.patch,
* patches/openjdk/6819246-javap_instruction_decoding.patch,
* patches/openjdk/6824493-experimental.patch,
* patches/openjdk/6841419-classfile_iterator.patch,
* patches/openjdk/6841420-classfile_methods.patch,
* patches/openjdk/6843013-missing_experimental.patch,
* patches/openjdk/6852856-javap_subclasses.patch,
* patches/openjdk/6867671-javap_whitespace.patch,
* patches/openjdk/6868539-constant_pool_tags.patch,
* patches/openjdk/6902264-fix_indentation.patch,
* patches/openjdk/6954275-big_xml_signatures.patch,
* patches/openjdk/7146431-java.security_files.patch,
* patches/openjdk/8000450-restrict_access.patch,
* patches/openjdk/8002070-remove_logger_stack_search.patch,
* patches/openjdk/8003992-embedded_nulls.patch,
* patches/openjdk/8004188-rename_java.security.patch,
* patches/openjdk/8006882-jmockit.patch,
* patches/openjdk/8006900-new_date_time.patch,
* patches/openjdk/8008589-better_mbean_permission_validation.patch,
* patches/openjdk/8010118-caller_sensitive.patch,
* patches/openjdk/8011071-better_crypto_provider_handling.patch,
* patches/openjdk/8011081-improve_jhat.patch,
* patches/openjdk/8011139-revise_checking_getenclosingclass.patch,
* patches/openjdk/8011157-improve_corba_portability-jdk.patch,
* patches/openjdk/8011157-improve_corba_portability.patch,
* patches/openjdk/8011990-logger_test_urls.patch,
* patches/openjdk/8012071-better_bean_building.patch,
* patches/openjdk/8012147-improve_tool.patch,
* patches/openjdk/8012243-serial_regression.patch,
* patches/openjdk/8012277-improve_dataflavour.patch,
* patches/openjdk/8012425-transform_transformfactory.patch,
* patches/openjdk/8012453-runtime.exec.patch,
* patches/openjdk/8013380-logger_stack_walk_glassfish.patch,
* patches/openjdk/8013503-improve_stream_factories.patch,
* patches/openjdk/8013506-better_pack200.patch,
* patches/openjdk/8013510-augment_image_writing.patch,
* patches/openjdk/8013514-improve_cmap_stability.patch,
* patches/openjdk/8013739-better_ldap_resource_management.patch,
* patches/openjdk/8013744-better_tabling.patch,
* patches/openjdk/8013827-createtempfile_hang.patch,
* patches/openjdk/8014085-better_serialization.patch,
* patches/openjdk/8014093-improve_image_parsing.patch,
* patches/openjdk/8014102-improve_image_conversion.patch,
* patches/openjdk/8014341-better_kerberos_service.patch,
* patches/openjdk/8014349-getdeclaredclass_fix.patch,
* patches/openjdk/8014530-better_dsp.patch,
* patches/openjdk/8014534-better_profiling.patch,
* patches/openjdk/8014745-logger_stack_walk_switch.patch,
* patches/openjdk/8014987-augment_serialization.patch,
* patches/openjdk/8015144-performance_regression.patch,
* patches/openjdk/8015614-update_build.patch,
* patches/openjdk/8015731-auth_improvements.patch,
* patches/openjdk/8015743-address_internet_addresses.patch,
* patches/openjdk/8015965-typo_in_property_name.patch,
* patches/openjdk/8015978-incorrect_transformation.patch,
* patches/openjdk/8016256-finalization_final.patch,
* patches/openjdk/8016357-update_hs_diagnostic_class.patch,
* patches/openjdk/8016653-ignoreable_characters.patch,
* patches/openjdk/8016675-robust_javadoc.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch,
* patches/openjdk/8017287-better_resource_disposal.patch,
* patches/openjdk/8017291-cast_proxies_aside.patch,
* patches/openjdk/8017298-better_xml_support.patch,
* patches/openjdk/8017300-improve_interface_implementation.patch,
* patches/openjdk/8017505-better_client_service.patch,
* patches/openjdk/8017566-backout_part_of_8000450.patch,
* patches/openjdk/8019292-better_attribute_value_exceptions.patch,
* patches/openjdk/8019584-invalid_notification_fix.patch,
* patches/openjdk/8019617-better_view_of_objects.patch,
* patches/openjdk/8019969-inet6_test_case_fix.patch,
* patches/openjdk/8019979-better_access_test.patch,
* patches/openjdk/8020293-jvm_crash.patch,
* patches/openjdk/8021290-signature_validation.patch,
* patches/openjdk/8021355-splashscreen_regression.patch,
* patches/openjdk/8021366-jaxp_test_fix-01.patch,
* patches/openjdk/8021577-bean_serialization_fix.patch,
* patches/openjdk/8021933-jaxp_test_fix-02.patch,
* patches/openjdk/8021969-jnlp_load_failure.patch,
* patches/openjdk/8022661-writeobject_flush.patch,
* patches/openjdk/8022682-supporting_xom.patch,
* patches/openjdk/8022940-enhance_corba_translations.patch,
* patches/openjdk/8023683-enhance_class_file_parsing.patch,
* patches/openjdk/8023964-ignore_test.patch,
* patches/openjdk/8024914-swapped_usage.patch,
* patches/openjdk/8025128-createtempfile_absolute_prefix.patch,
* patches/openjdk/oj6-19-fix_8010118_test_cases.patch,
* patches/openjdk/oj6-20-merge.patch,
* patches/openjdk/oj6-21-overrides.patch: Added.
| author | Andrew John Hughes <gnu.andrew@redhat.com> |
|---|---|
| date | Wed, 20 Nov 2013 22:56:43 +0000 |
| parents | |
| children |
line wrap: on
line source
# HG changeset patch # User msheppar # Date 1381847065 -3600 # Tue Oct 15 15:24:25 2013 +0100 # Node ID 9e7e1b6ab5cdf0096c9c16d991e6a982771a15f1 # Parent 14308db8214e69d7cad09a8f4d49d421b5b13ba0 8011157: Improve CORBA portablility Summary: fix also reviewed by Alexander Fomin Reviewed-by: alanb, coffeys, skoivu diff -r 14308db8214e -r 9e7e1b6ab5cd src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java --- openjdk/corba/src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java Mon Jun 17 19:01:08 2013 +0200 +++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/transport/SelectorImpl.java Tue Oct 15 15:24:25 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -54,7 +54,7 @@ /** * @author Harold Carr */ -public class SelectorImpl +class SelectorImpl extends Thread implements diff -r 14308db8214e -r 9e7e1b6ab5cd src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java --- openjdk/corba/src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java Mon Jun 17 19:01:08 2013 +0200 +++ openjdk/corba/src/share/classes/sun/rmi/rmic/iiop/StubGenerator.java Tue Oct 15 15:24:25 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,9 @@ import java.io.File; import java.io.IOException; +import java.io.SerializablePermission; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Vector; import java.util.Hashtable; import java.util.Enumeration; @@ -49,6 +52,7 @@ import com.sun.corba.se.impl.util.PackagePrefixChecker; import sun.rmi.rmic.Main; + /** * An IIOP stub/tie generator for rmic. * @@ -78,6 +82,7 @@ protected boolean castArray = false; protected Hashtable transactionalObjects = new Hashtable() ; protected boolean POATie = false ; + protected boolean emitPermissionCheck = false; /** * Default constructor for Main to use. @@ -193,6 +198,9 @@ } else if (argv[i].equals("-standardPackage")) { standardPackage = true; argv[i] = null; + } else if (argv[i].equals("-emitPermissionCheck")) { + emitPermissionCheck = true; + argv[i] = null; } else if (arg.equals("-xstubbase")) { argv[i] = null; if (++i < argv.length && argv[i] != null && !argv[i].startsWith("-")) { @@ -390,9 +398,22 @@ writePackageAndImports(p); +// generate +// import java.security.AccessController; +// import java.security.PrivilegedAction; +// import java.io.SerializablePermission; + if (emitPermissionCheck) { + p.pln("import java.security.AccessController;"); + p.pln("import java.security.PrivilegedAction;"); + p.pln("import java.io.SerializablePermission;"); + p.pln(); + p.pln(); + } + // Declare the stub class; implement all remote interfaces. p.p("public class " + currentClass); + p.p(" extends " + getName(stubBaseClass)); p.p(" implements "); if (remoteInterfaces.length > 0) { @@ -422,6 +443,56 @@ writeIds( p, theType, false ); p.pln(); + if (emitPermissionCheck) { + + // produce the following generated code + // private static Void checkPermission() { + // SecurityManager sm = System.getSecurityManager(); + // if (sm != null) { + // sm.checkPermission(new SerializablePermission( + // "enableSubclassImplementation")); // testing + // } + // return null; + // } + // + // private _XXXXXX_Stub(Void ignore) { + // } + // + // public _XXXXXX_Stub() { + // this(checkPermission()); + // } + // where XXXXXX is the name of the remote interface + + p.pln(); + p.plnI("private static Void checkPermission() {"); + p.plnI("SecurityManager sm = System.getSecurityManager();"); + p.pln("if (sm != null) {"); + p.pI(); + p.plnI("sm.checkPermission(new SerializablePermission("); + p.plnI("\"enableSubclassImplementation\"));"); + p.pO(); + p.pO(); + p.pOln("}"); + p.pln("return null;"); + p.pO(); + p.pOln("}"); + p.pln(); + p.pO(); + + p.pI(); + p.pln("private " + currentClass + "(Void ignore) { }"); + p.pln(); + + p.plnI("public " + currentClass + "() { "); + p.pln("this(checkPermission());"); + p.pOln("}"); + p.pln(); + } + + if (!emitPermissionCheck) { + p.pI(); + } + // Write the _ids() method... p.plnI("public String[] _ids() { "); @@ -815,7 +886,6 @@ CompoundType theType) throws IOException { // Wtite the method declaration and opening brace... - String methodName = method.getName(); String methodIDLName = method.getIDLName(); @@ -1631,7 +1701,7 @@ // Write data members... p.pln(); - p.pln("private " + getName(theType) + " target = null;"); + p.pln("volatile private " + getName(theType) + " target = null;"); p.pln(); // Write the ids... @@ -1695,6 +1765,10 @@ if (remoteMethods.length > 0) { p.plnI("try {"); + p.pln(getName(theType) + " target = this.target;"); + p.plnI("if (target == null) {"); + p.pln("throw new java.io.IOException();"); + p.pOln("}"); p.plnI(idExtInputStream + " "+in+" = "); p.pln("(" + idExtInputStream + ") "+_in+";"); p.pO();