Mercurial > hg > release > icedtea8-forest-3.0 > jdk
changeset 11406:4ef68611a205
8076413: Better JRMP message handling
Reviewed-by: smarks
author | igerasim |
---|---|
date | Sat, 16 May 2015 02:04:38 +0300 |
parents | 12441ef44d78 |
children | 4cedd41c2a19 |
files | src/share/classes/sun/rmi/transport/DGCClient.java |
diffstat | 1 files changed, 31 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/rmi/transport/DGCClient.java Fri May 15 11:24:41 2015 +0300 +++ b/src/share/classes/sun/rmi/transport/DGCClient.java Sat May 16 02:04:38 2015 +0300 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ import java.lang.ref.PhantomReference; import java.lang.ref.ReferenceQueue; +import java.net.SocketPermission; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.HashMap; @@ -46,6 +47,10 @@ import sun.rmi.server.Util; import sun.security.action.GetLongAction; +import java.security.AccessControlContext; +import java.security.Permissions; +import java.security.ProtectionDomain; + /** * DGCClient implements the client-side of the RMI distributed garbage * collection system. @@ -113,6 +118,18 @@ /** ObjID for server-side DGC object */ private static final ObjID dgcID = new ObjID(ObjID.DGC_ID); + /** + * An AccessControlContext with only socket permissions, + * suitable for an RMIClientSocketFactory. + */ + private static final AccessControlContext SOCKET_ACC; + static { + Permissions perms = new Permissions(); + perms.add(new SocketPermission("*", "connect,resolve")); + ProtectionDomain[] pd = { new ProtectionDomain(null, perms) }; + SOCKET_ACC = new AccessControlContext(pd); + } + /* * Disallow anyone from creating one of these. */ @@ -570,13 +587,20 @@ } } - if (needRenewal) { - makeDirtyCall(refsToDirty, sequenceNum); - } + boolean needRenewal_ = needRenewal; + Set<RefEntry> refsToDirty_ = refsToDirty; + long sequenceNum_ = sequenceNum; + AccessController.doPrivileged(new PrivilegedAction<Void>() { + public Void run() { + if (needRenewal_) { + makeDirtyCall(refsToDirty_, sequenceNum_); + } - if (!pendingCleans.isEmpty()) { - makeCleanCalls(); - } + if (!pendingCleans.isEmpty()) { + makeCleanCalls(); + } + return null; + }}, SOCKET_ACC); } while (!removed || !pendingCleans.isEmpty()); } }