Mercurial > hg > release > icedtea7-forest-2.1 > jdk
changeset 3950:8af27e4ecaed
Merge
| author | lana |
|---|---|
| date | Mon, 21 Mar 2011 17:22:16 -0700 |
| parents | 8fafdc993bf2 (current diff) d19e3b281dcc (diff) |
| children | 6d1b98c84f85 |
| files | src/share/classes/java/awt/Component.java |
| diffstat | 27 files changed, 636 insertions(+), 42 deletions(-) [+] |
line wrap: on
line diff
--- a/make/sun/net/FILES_java.gmk Mon Mar 21 16:57:18 2011 -0700 +++ b/make/sun/net/FILES_java.gmk Mon Mar 21 17:22:16 2011 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ sun/net/ProgressListener.java \ sun/net/ProgressMeteringPolicy.java \ sun/net/SocksProxy.java \ + sun/net/ResourceManager.java \ sun/net/TelnetInputStream.java \ sun/net/TelnetOutputStream.java \ sun/net/TelnetProtocolException.java \ @@ -100,6 +101,7 @@ sun/net/www/protocol/http/NegotiateAuthentication.java \ sun/net/www/protocol/http/Negotiator.java \ sun/net/www/protocol/http/ntlm/NTLMAuthentication.java \ + sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java \ sun/net/www/protocol/http/spnego/NegotiatorImpl.java \ sun/net/www/protocol/http/spnego/NegotiateCallbackHandler.java \ sun/net/www/protocol/http/logging/HttpLogFormatter.java \
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Mon Mar 21 17:22:16 2011 -0700 @@ -210,6 +210,8 @@ public static void init() { if (!alreadyInitialized) { transformClassHash = new HashMap(10); + // make sure builtin algorithms are all registered first + com.sun.org.apache.xml.internal.security.Init.init(); alreadyInitialized = true; } } @@ -236,12 +238,7 @@ "algorithm.alreadyRegistered", exArgs); } - ClassLoader cl = (ClassLoader) AccessController.doPrivileged( - new PrivilegedAction() { - public Object run() { - return Thread.currentThread().getContextClassLoader(); - } - }); + ClassLoader cl = Thread.currentThread().getContextClassLoader(); try { transformClassHash.put
--- a/src/share/classes/java/awt/AWTEvent.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/awt/AWTEvent.java Mon Mar 21 17:22:16 2011 -0700 @@ -33,6 +33,11 @@ import sun.awt.AWTAccessor; import sun.util.logging.PlatformLogger; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.io.ObjectInputStream; +import java.io.IOException; + /** * The root event class for all AWT events. * This class and its subclasses supercede the original @@ -97,6 +102,22 @@ */ protected boolean consumed = false; + /* + * The event's AccessControlContext. + */ + private transient volatile AccessControlContext acc = + AccessController.getContext(); + + /* + * Returns the acc this event was constructed with. + */ + final AccessControlContext getAccessControlContext() { + if (acc == null) { + throw new SecurityException("AWTEvent is missing AccessControlContext"); + } + return acc; + } + transient boolean focusManagerIsDispatching = false; transient boolean isPosted; @@ -247,6 +268,10 @@ public boolean isSystemGenerated(AWTEvent ev) { return ev.isSystemGenerated; } + + public AccessControlContext getAccessControlContext(AWTEvent ev) { + return ev.getAccessControlContext(); + } }); }
--- a/src/share/classes/java/awt/Component.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/awt/Component.java Mon Mar 21 17:22:16 2011 -0700 @@ -59,6 +59,7 @@ import java.lang.reflect.Method; import java.security.AccessController; import java.security.PrivilegedAction; +import java.security.AccessControlContext; import javax.accessibility.*; import java.applet.Applet; @@ -471,6 +472,12 @@ static final Object LOCK = new AWTTreeLock(); static class AWTTreeLock {} + /* + * The component's AccessControlContext. + */ + private transient volatile AccessControlContext acc = + AccessController.getContext(); + /** * Minimum size. * (This field perhaps should have been transient). @@ -671,6 +678,16 @@ return objectLock; } + /* + * Returns the acc this component was constructed with. + */ + final AccessControlContext getAccessControlContext() { + if (acc == null) { + throw new SecurityException("Component is missing AccessControlContext"); + } + return acc; + } + boolean isPacked = false; /** @@ -950,6 +967,10 @@ public void processEvent(Component comp, AWTEvent e) { comp.processEvent(e); } + + public AccessControlContext getAccessControlContext(Component comp) { + return comp.getAccessControlContext(); + } }); } @@ -8613,6 +8634,8 @@ { objectLock = new Object(); + acc = AccessController.getContext(); + s.defaultReadObject(); appContext = AppContext.getAppContext();
--- a/src/share/classes/java/awt/EventQueue.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/awt/EventQueue.java Mon Mar 21 17:22:16 2011 -0700 @@ -48,6 +48,12 @@ import java.util.concurrent.locks.Condition; import java.util.concurrent.locks.Lock; +import java.security.AccessControlContext; +import java.security.ProtectionDomain; + +import sun.misc.SharedSecrets; +import sun.misc.JavaSecurityAccess; + /** * <code>EventQueue</code> is a platform-independent class * that queues events, both from the underlying peer classes @@ -612,6 +618,9 @@ return null; } + private static final JavaSecurityAccess javaSecurityAccess = + SharedSecrets.getJavaSecurityAccess(); + /** * Dispatches an event. The manner in which the event is * dispatched depends upon the type of the event and the @@ -650,13 +659,49 @@ * @throws NullPointerException if <code>event</code> is <code>null</code> * @since 1.2 */ - protected void dispatchEvent(AWTEvent event) { + protected void dispatchEvent(final AWTEvent event) { + final Object src = event.getSource(); + final PrivilegedAction<Void> action = new PrivilegedAction<Void>() { + public Void run() { + dispatchEventImpl(event, src); + return null; + } + }; + + final AccessControlContext stack = AccessController.getContext(); + final AccessControlContext srcAcc = getAccessControlContextFrom(src); + final AccessControlContext eventAcc = event.getAccessControlContext(); + if (srcAcc == null) { + javaSecurityAccess.doIntersectionPrivilege(action, stack, eventAcc); + } else { + javaSecurityAccess.doIntersectionPrivilege( + new PrivilegedAction<Void>() { + public Void run() { + javaSecurityAccess.doIntersectionPrivilege(action, eventAcc); + return null; + } + }, stack, srcAcc); + } + } + + private static AccessControlContext getAccessControlContextFrom(Object src) { + return src instanceof Component ? + ((Component)src).getAccessControlContext() : + src instanceof MenuComponent ? + ((MenuComponent)src).getAccessControlContext() : + src instanceof TrayIcon ? + ((TrayIcon)src).getAccessControlContext() : + null; + } + + /** + * Called from dispatchEvent() under a correct AccessControlContext + */ + private void dispatchEventImpl(final AWTEvent event, final Object src) { event.isPosted = true; - Object src = event.getSource(); if (event instanceof ActiveEvent) { // This could become the sole method of dispatching in time. setCurrentEventAndMostRecentTimeImpl(event); - ((ActiveEvent)event).dispatch(); } else if (src instanceof Component) { ((Component)src).dispatchEvent(event);
--- a/src/share/classes/java/awt/MenuComponent.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/awt/MenuComponent.java Mon Mar 21 17:22:16 2011 -0700 @@ -33,6 +33,9 @@ import sun.awt.AWTAccessor; import javax.accessibility.*; +import java.security.AccessControlContext; +import java.security.AccessController; + /** * The abstract class <code>MenuComponent</code> is the superclass * of all menu-related components. In this respect, the class @@ -100,6 +103,23 @@ boolean newEventsOnly = false; /* + * The menu's AccessControlContext. + */ + private transient volatile AccessControlContext acc = + AccessController.getContext(); + + /* + * Returns the acc this menu component was constructed with. + */ + final AccessControlContext getAccessControlContext() { + if (acc == null) { + throw new SecurityException( + "MenuComponent is missing AccessControlContext"); + } + return acc; + } + + /* * Internal constants for serialization. */ final static String actionListenerK = Component.actionListenerK; @@ -402,6 +422,9 @@ throws ClassNotFoundException, IOException, HeadlessException { GraphicsEnvironment.checkHeadless(); + + acc = AccessController.getContext(); + s.defaultReadObject(); appContext = AppContext.getAppContext();
--- a/src/share/classes/java/awt/TrayIcon.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/awt/TrayIcon.java Mon Mar 21 17:22:16 2011 -0700 @@ -40,6 +40,8 @@ import sun.awt.SunToolkit; import sun.awt.HeadlessToolkit; import java.util.EventObject; +import java.security.AccessControlContext; +import java.security.AccessController; /** * A <code>TrayIcon</code> object represents a tray icon that can be @@ -90,6 +92,7 @@ * @author Anton Tarasov */ public class TrayIcon { + private Image image; private String tooltip; private PopupMenu popup; @@ -103,6 +106,24 @@ transient MouseMotionListener mouseMotionListener; transient ActionListener actionListener; + /* + * The tray icon's AccessControlContext. + * + * Unlike the acc in Component, this field is made final + * because TrayIcon is not serializable. + */ + private final AccessControlContext acc = AccessController.getContext(); + + /* + * Returns the acc this tray icon was constructed with. + */ + final AccessControlContext getAccessControlContext() { + if (acc == null) { + throw new SecurityException("TrayIcon is missing AccessControlContext"); + } + return acc; + } + static { Toolkit.loadLibraries(); if (!GraphicsEnvironment.isHeadless()) {
--- a/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Mon Mar 21 17:22:16 2011 -0700 @@ -28,6 +28,7 @@ import java.io.IOException; import java.io.InterruptedIOException; import java.util.Enumeration; +import sun.net.ResourceManager; /** * Abstract datagram and multicast socket implementation base class. @@ -66,7 +67,14 @@ */ protected synchronized void create() throws SocketException { fd = new FileDescriptor(); - datagramSocketCreate(); + ResourceManager.beforeUdpCreate(); + try { + datagramSocketCreate(); + } catch (SocketException ioe) { + ResourceManager.afterUdpClose(); + fd = null; + throw ioe; + } } /** @@ -211,6 +219,7 @@ protected void close() { if (fd != null) { datagramSocketClose(); + ResourceManager.afterUdpClose(); fd = null; } }
--- a/src/share/classes/java/net/AbstractPlainSocketImpl.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/net/AbstractPlainSocketImpl.java Mon Mar 21 17:22:16 2011 -0700 @@ -32,6 +32,7 @@ import sun.net.ConnectionResetException; import sun.net.NetHooks; +import sun.net.ResourceManager; /** * Default Socket Implementation. This implementation does @@ -68,6 +69,10 @@ private int resetState; private final Object resetLock = new Object(); + /* whether this Socket is a stream (TCP) socket or not (UDP) + */ + private boolean stream; + /** * Load net library into runtime. */ @@ -82,7 +87,19 @@ */ protected synchronized void create(boolean stream) throws IOException { fd = new FileDescriptor(); - socketCreate(stream); + this.stream = stream; + if (!stream) { + ResourceManager.beforeUdpCreate(); + try { + socketCreate(false); + } catch (IOException ioe) { + ResourceManager.afterUdpClose(); + fd = null; + throw ioe; + } + } else { + socketCreate(true); + } if (socket != null) socket.setCreated(); if (serverSocket != null) @@ -479,6 +496,9 @@ protected void close() throws IOException { synchronized(fdLock) { if (fd != null) { + if (!stream) { + ResourceManager.afterUdpClose(); + } if (fdUseCount == 0) { if (closePending) { return;
--- a/src/share/classes/java/security/AccessControlContext.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/security/AccessControlContext.java Mon Mar 21 17:22:16 2011 -0700 @@ -29,6 +29,9 @@ import java.util.List; import sun.security.util.Debug; import sun.security.util.SecurityConstants; +import sun.misc.JavaSecurityAccess; +import sun.misc.SharedSecrets; + /** * An AccessControlContext is used to make system resource access decisions @@ -197,6 +200,24 @@ } /** + * Constructor for JavaSecurityAccess.doIntersectionPrivilege() + */ + AccessControlContext(ProtectionDomain[] context, + AccessControlContext privilegedContext) + { + this.context = context; + this.privilegedContext = privilegedContext; + this.isPrivileged = true; + } + + /** + * Returns this context's context. + */ + ProtectionDomain[] getContext() { + return context; + } + + /** * Returns true if this context is privileged. */ boolean isPrivileged()
--- a/src/share/classes/java/security/ProtectionDomain.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/java/security/ProtectionDomain.java Mon Mar 21 17:22:16 2011 -0700 @@ -36,6 +36,8 @@ import sun.misc.SharedSecrets; import sun.security.util.Debug; import sun.security.util.SecurityConstants; +import sun.misc.JavaSecurityAccess; +import sun.misc.SharedSecrets; /** * @@ -59,6 +61,36 @@ public class ProtectionDomain { + static { + // Set up JavaSecurityAccess in SharedSecrets + SharedSecrets.setJavaSecurityAccess( + new JavaSecurityAccess() { + public <T> T doIntersectionPrivilege( + PrivilegedAction<T> action, + final AccessControlContext stack, + final AccessControlContext context) + { + if (action == null) { + throw new NullPointerException(); + } + return AccessController.doPrivileged( + action, + new AccessControlContext( + stack.getContext(), context).optimize() + ); + } + + public <T> T doIntersectionPrivilege( + PrivilegedAction<T> action, + AccessControlContext context) + { + return doIntersectionPrivilege(action, + AccessController.getContext(), context); + } + } + ); + } + /* CodeSource */ private CodeSource codesource ;
--- a/src/share/classes/javax/swing/Timer.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/javax/swing/Timer.java Mon Mar 21 17:22:16 2011 -0700 @@ -35,6 +35,10 @@ import java.awt.*; import java.awt.event.*; import java.io.Serializable; +import java.io.*; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedAction; import javax.swing.event.EventListenerList; @@ -208,6 +212,22 @@ } } + /* + * The timer's AccessControlContext. + */ + private transient volatile AccessControlContext acc = + AccessController.getContext(); + + /** + * Returns the acc this timer was constructed with. + */ + final AccessControlContext getAccessControlContext() { + if (acc == null) { + throw new SecurityException( + "Timer is missing AccessControlContext"); + } + return acc; + } /** * DoPostEvent is a runnable class that fires actionEvents to @@ -587,8 +607,13 @@ void post() { - if (notify.compareAndSet(false, true) || !coalesce) { - SwingUtilities.invokeLater(doPostEvent); + if (notify.compareAndSet(false, true) || !coalesce) { + AccessController.doPrivileged(new PrivilegedAction<Void>() { + public Void run() { + SwingUtilities.invokeLater(doPostEvent); + return null; + } + }, getAccessControlContext()); } } @@ -596,6 +621,13 @@ return lock; } + private void readObject(ObjectInputStream in) + throws ClassNotFoundException, IOException + { + this.acc = AccessController.getContext(); + in.defaultReadObject(); + } + /* * We have to use readResolve because we can not initialize final * fields for deserialized object otherwise
--- a/src/share/classes/javax/swing/TransferHandler.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/javax/swing/TransferHandler.java Mon Mar 21 17:22:16 2011 -0700 @@ -42,6 +42,16 @@ import sun.swing.*; import sun.awt.SunToolkit; +import java.security.AccessController; +import java.security.PrivilegedAction; + +import java.security.AccessControlContext; +import java.security.ProtectionDomain; +import sun.misc.SharedSecrets; +import sun.misc.JavaSecurityAccess; + +import sun.awt.AWTAccessor; + /** * This class is used to handle the transfer of a <code>Transferable</code> * to and from Swing components. The <code>Transferable</code> is used to @@ -1686,7 +1696,37 @@ return true; } - public void actionPerformed(ActionEvent e) { + private static final JavaSecurityAccess javaSecurityAccess = + SharedSecrets.getJavaSecurityAccess(); + + public void actionPerformed(final ActionEvent e) { + final Object src = e.getSource(); + + final PrivilegedAction<Void> action = new PrivilegedAction<Void>() { + public Void run() { + actionPerformedImpl(e); + return null; + } + }; + + final AccessControlContext stack = AccessController.getContext(); + final AccessControlContext srcAcc = AWTAccessor.getComponentAccessor().getAccessControlContext((Component)src); + final AccessControlContext eventAcc = AWTAccessor.getAWTEventAccessor().getAccessControlContext(e); + + if (srcAcc == null) { + javaSecurityAccess.doIntersectionPrivilege(action, stack, eventAcc); + } else { + javaSecurityAccess.doIntersectionPrivilege( + new PrivilegedAction<Void>() { + public Void run() { + javaSecurityAccess.doIntersectionPrivilege(action, eventAcc); + return null; + } + }, stack, srcAcc); + } + } + + private void actionPerformedImpl(ActionEvent e) { Object src = e.getSource(); if (src instanceof JComponent) { JComponent c = (JComponent) src;
--- a/src/share/classes/sun/awt/AWTAccessor.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/awt/AWTAccessor.java Mon Mar 21 17:22:16 2011 -0700 @@ -33,6 +33,9 @@ import sun.misc.Unsafe; import java.awt.peer.ComponentPeer; +import java.security.AccessController; +import java.security.AccessControlContext; + /** * The AWTAccessor utility class. * The main purpose of this class is to enable accessing @@ -221,6 +224,13 @@ * Processes events occurring on this component. */ void processEvent(Component comp, AWTEvent e); + + + /* + * Returns the acc this component was constructed with. + */ + AccessControlContext getAccessControlContext(Component comp); + } /* @@ -323,6 +333,13 @@ * Indicates whether this AWTEvent was generated by the system. */ boolean isSystemGenerated(AWTEvent ev); + + + /* + * Returns the acc this event was constructed with. + */ + AccessControlContext getAccessControlContext(AWTEvent ev); + } public interface InputEventAccessor {
--- a/src/share/classes/sun/font/FileFont.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/font/FileFont.java Mon Mar 21 17:22:16 2011 -0700 @@ -32,22 +32,13 @@ import java.awt.geom.Rectangle2D; import java.io.File; import java.nio.ByteBuffer; -import java.nio.channels.FileChannel; import sun.java2d.Disposer; import sun.java2d.DisposerRecord; -import java.lang.ref.WeakReference; -import java.io.FileNotFoundException; import java.io.IOException; -import java.io.RandomAccessFile; -import java.io.UnsupportedEncodingException; -import java.nio.ByteOrder; -import java.nio.MappedByteBuffer; -import java.nio.BufferUnderflowException; -import java.nio.channels.ClosedChannelException; -import java.util.HashSet; -import java.util.HashMap; -import java.awt.Font; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; public abstract class FileFont extends PhysicalFont { @@ -286,4 +277,49 @@ }); } } + + protected String getPublicFileName() { + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + return platName; + } + boolean canReadProperty = true; + + try { + sm.checkPropertyAccess("java.io.tmpdir"); + } catch (SecurityException e) { + canReadProperty = false; + } + + if (canReadProperty) { + return platName; + } + + final File f = new File(platName); + + Boolean isTmpFile = Boolean.FALSE; + try { + isTmpFile = AccessController.doPrivileged( + new PrivilegedExceptionAction<Boolean>() { + public Boolean run() { + File tmp = new File(System.getProperty("java.io.tmpdir")); + try { + String tpath = tmp.getCanonicalPath(); + String fpath = f.getCanonicalPath(); + + return (fpath == null) || fpath.startsWith(tpath); + } catch (IOException e) { + return Boolean.TRUE; + } + } + } + ); + } catch (PrivilegedActionException e) { + // unable to verify whether value of java.io.tempdir will be + // exposed, so return only a name of the font file. + isTmpFile = Boolean.TRUE; + } + + return isTmpFile ? "temp file" : platName; + } }
--- a/src/share/classes/sun/font/TrueTypeFont.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/font/TrueTypeFont.java Mon Mar 21 17:22:16 2011 -0700 @@ -519,7 +519,8 @@ break; default: - throw new FontFormatException("Unsupported sfnt " + platName); + throw new FontFormatException("Unsupported sfnt " + + getPublicFileName()); } /* Now have the offset of this TT font (possibly within a TTC) @@ -1680,7 +1681,6 @@ @Override public String toString() { return "** TrueType Font: Family="+familyName+ " Name="+fullName+ - " style="+style+" fileName="+platName; + " style="+style+" fileName="+getPublicFileName(); } - }
--- a/src/share/classes/sun/font/Type1Font.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/font/Type1Font.java Mon Mar 21 17:22:16 2011 -0700 @@ -677,6 +677,6 @@ public String toString() { return "** Type1 Font: Family="+familyName+ " Name="+fullName+ - " style="+style+" fileName="+platName; + " style="+style+" fileName="+getPublicFileName(); } }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/misc/JavaSecurityAccess.java Mon Mar 21 17:22:16 2011 -0700 @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.misc; + +import java.security.AccessControlContext; +import java.security.PrivilegedAction; + +public interface JavaSecurityAccess { + + <T> T doIntersectionPrivilege(PrivilegedAction<T> action, + AccessControlContext stack, + AccessControlContext context); + + <T> T doIntersectionPrivilege(PrivilegedAction<T> action, + AccessControlContext context); + +}
--- a/src/share/classes/sun/misc/SharedSecrets.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/misc/SharedSecrets.java Mon Mar 21 17:22:16 2011 -0700 @@ -30,6 +30,8 @@ import java.io.FileDescriptor; import java.security.ProtectionDomain; +import java.security.AccessController; + /** A repository of "shared secrets", which are a mechanism for calling implementation-private methods in another package without using reflection. A package-private class implements a public @@ -48,6 +50,7 @@ private static JavaNioAccess javaNioAccess; private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess; private static JavaSecurityProtectionDomainAccess javaSecurityProtectionDomainAccess; + private static JavaSecurityAccess javaSecurityAccess; public static JavaUtilJarAccess javaUtilJarAccess() { if (javaUtilJarAccess == null) { @@ -125,4 +128,15 @@ unsafe.ensureClassInitialized(ProtectionDomain.class); return javaSecurityProtectionDomainAccess; } + + public static void setJavaSecurityAccess(JavaSecurityAccess jsa) { + javaSecurityAccess = jsa; + } + + public static JavaSecurityAccess getJavaSecurityAccess() { + if (javaSecurityAccess == null) { + unsafe.ensureClassInitialized(AccessController.class); + } + return javaSecurityAccess; + } }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/net/ResourceManager.java Mon Mar 21 17:22:16 2011 -0700 @@ -0,0 +1,82 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.net; + +import java.net.SocketException; +import java.util.concurrent.atomic.AtomicInteger; +import sun.security.action.GetPropertyAction; + +/** + * Manages count of total number of UDP sockets and ensures + * that exception is thrown if we try to create more than the + * configured limit. + * + * This functionality could be put in NetHooks some time in future. + */ + +public class ResourceManager { + + /* default maximum number of udp sockets per VM + * when a security manager is enabled. + * The default is 1024 which is high enough to be useful + * but low enough to be well below the maximum number + * of port numbers actually available on all OSes for + * such sockets (5000 on some versions of windows) + */ + + private static final int DEFAULT_MAX_SOCKETS = 1024; + private static final int maxSockets; + private static final AtomicInteger numSockets; + + static { + String prop = java.security.AccessController.doPrivileged( + new GetPropertyAction("sun.net.maxDatagramSockets") + ); + int defmax = DEFAULT_MAX_SOCKETS; + try { + if (prop != null) { + defmax = Integer.parseInt(prop); + } + } catch (NumberFormatException e) {} + maxSockets = defmax; + numSockets = new AtomicInteger(0); + } + + public static void beforeUdpCreate() throws SocketException { + if (System.getSecurityManager() != null) { + if (numSockets.incrementAndGet() > maxSockets) { + numSockets.decrementAndGet(); + throw new SocketException("maximum number of DatagramSockets reached"); + } + } + } + + public static void afterUdpClose() { + if (System.getSecurityManager() != null) { + numSockets.decrementAndGet(); + } + } +}
--- a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Mar 21 17:22:16 2011 -0700 @@ -2173,6 +2173,13 @@ if (tryTransparentNTLMServer) { tryTransparentNTLMServer = NTLMAuthenticationProxy.proxy.supportsTransparentAuth; + /* If the platform supports transparent authentication + * then check if we are in a secure environment + * whether, or not, we should try transparent authentication.*/ + if (tryTransparentNTLMServer) { + tryTransparentNTLMServer = + NTLMAuthenticationProxy.proxy.isTrustedSite(url); + } } a = null; if (tryTransparentNTLMServer) {
--- a/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Mar 21 17:22:16 2011 -0700 @@ -36,12 +36,14 @@ */ class NTLMAuthenticationProxy { private static Method supportsTA; + private static Method isTrustedSite; private static final String clazzStr = "sun.net.www.protocol.http.ntlm.NTLMAuthentication"; private static final String supportsTAStr = "supportsTransparentAuth"; + private static final String isTrustedSiteStr = "isTrustedSite"; static final NTLMAuthenticationProxy proxy = tryLoadNTLMAuthentication(); static final boolean supported = proxy != null ? true : false; - static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth(supportsTA) : false; + static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth() : false; private final Constructor<? extends AuthenticationInfo> threeArgCtr; private final Constructor<? extends AuthenticationInfo> fiveArgCtr; @@ -82,9 +84,22 @@ * authentication (try with the current users credentials before * prompting for username and password, etc). */ - private static boolean supportsTransparentAuth(Method method) { + private static boolean supportsTransparentAuth() { try { - return (Boolean)method.invoke(null); + return (Boolean)supportsTA.invoke(null); + } catch (ReflectiveOperationException roe) { + finest(roe); + } + + return false; + } + + /* Transparent authentication should only be tried with a trusted + * site ( when running in a secure environment ). + */ + public static boolean isTrustedSite(URL url) { + try { + return (Boolean)isTrustedSite.invoke(null, url); } catch (ReflectiveOperationException roe) { finest(roe); } @@ -112,6 +127,7 @@ int.class, PasswordAuthentication.class); supportsTA = cl.getDeclaredMethod(supportsTAStr); + isTrustedSite = cl.getDeclaredMethod(isTrustedSiteStr, java.net.URL.class); return new NTLMAuthenticationProxy(threeArg, fiveArg); }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java Mon Mar 21 17:22:16 2011 -0700 @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.net.www.protocol.http.ntlm; + +import java.net.URL; + +/** + * This class is used to call back to deployment to determine if a given + * URL is trusted. Transparent authentication (try with logged in users + * credentials without prompting) should only be tried with trusted sites. + */ +public abstract class NTLMAuthenticationCallback { + private static volatile NTLMAuthenticationCallback callback = + new DefaultNTLMAuthenticationCallback(); + + public static void setNTLMAuthenticationCallback( + NTLMAuthenticationCallback callback) { + NTLMAuthenticationCallback.callback = callback; + } + + public static NTLMAuthenticationCallback getNTLMAuthenticationCallback() { + return callback; + } + + /** + * Returns true if the given site is trusted, i.e. we can try + * transparent Authentication. + */ + public abstract boolean isTrustedSite(URL url); + + static class DefaultNTLMAuthenticationCallback extends NTLMAuthenticationCallback { + @Override + public boolean isTrustedSite(URL url) { return true; } + } +} +
--- a/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Mon Mar 21 17:22:16 2011 -0700 @@ -32,6 +32,7 @@ import java.nio.channels.*; import java.nio.channels.spi.*; import java.util.*; +import sun.net.ResourceManager; /** @@ -101,14 +102,22 @@ throws IOException { super(sp); - this.family = Net.isIPv6Available() ? - StandardProtocolFamily.INET6 : StandardProtocolFamily.INET; - this.fd = Net.socket(family, false); - this.fdVal = IOUtil.fdVal(fd); - this.state = ST_UNCONNECTED; + ResourceManager.beforeUdpCreate(); + try { + this.family = Net.isIPv6Available() ? + StandardProtocolFamily.INET6 : StandardProtocolFamily.INET; + this.fd = Net.socket(family, false); + this.fdVal = IOUtil.fdVal(fd); + this.state = ST_UNCONNECTED; + } catch (IOException ioe) { + ResourceManager.afterUdpClose(); + throw ioe; + } } - public DatagramChannelImpl(SelectorProvider sp, ProtocolFamily family) { + public DatagramChannelImpl(SelectorProvider sp, ProtocolFamily family) + throws IOException + { super(sp); if ((family != StandardProtocolFamily.INET) && (family != StandardProtocolFamily.INET6)) @@ -957,6 +966,7 @@ protected void implCloseSelectableChannel() throws IOException { synchronized (stateLock) { nd.preClose(fd); + ResourceManager.afterUdpClose(); // if member of mulitcast group then invalidate all keys if (registry != null)
--- a/src/share/classes/sun/nio/ch/Net.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/share/classes/sun/nio/ch/Net.java Mon Mar 21 17:22:16 2011 -0700 @@ -312,11 +312,12 @@ private static native boolean canJoin6WithIPv4Group0(); - static FileDescriptor socket(boolean stream) { + static FileDescriptor socket(boolean stream) throws IOException { return socket(UNSPEC, stream); } - static FileDescriptor socket(ProtocolFamily family, boolean stream) { + static FileDescriptor socket(ProtocolFamily family, boolean stream) + throws IOException { boolean preferIPv6 = isIPv6Available() && (family != StandardProtocolFamily.INET); return IOUtil.newFD(socket0(preferIPv6, stream, false));
--- a/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 17:22:16 2011 -0700 @@ -68,6 +68,9 @@ public class NTLMAuthentication extends AuthenticationInfo { private static final long serialVersionUID = 170L; + private static final NTLMAuthenticationCallback NTLMAuthCallback = + NTLMAuthenticationCallback.getNTLMAuthenticationCallback(); + private String hostname; private static String defaultDomain; /* Domain to use if not specified by user */ @@ -81,6 +84,14 @@ return false; } + /** + * Returns true if the given site is trusted, i.e. we can try + * transparent Authentication. + */ + public static boolean isTrustedSite(URL url) { + return NTLMAuthCallback.isTrustedSite(url); + } + private void init0() { hostname = java.security.AccessController.doPrivileged(
--- a/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 16:57:18 2011 -0700 +++ b/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 17:22:16 2011 -0700 @@ -45,6 +45,9 @@ private static final long serialVersionUID = 100L; + private static final NTLMAuthenticationCallback NTLMAuthCallback = + NTLMAuthenticationCallback.getNTLMAuthenticationCallback(); + private String hostname; private static String defaultDomain; /* Domain to use if not specified by user */ @@ -143,6 +146,14 @@ } /** + * Returns true if the given site is trusted, i.e. we can try + * transparent Authentication. + */ + public static boolean isTrustedSite(URL url) { + return NTLMAuthCallback.isTrustedSite(url); + } + + /** * Not supported. Must use the setHeaders() method */ @Override