1 /* |
|
2 * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 /* |
|
27 * NOTE: this file was copied from javax.net.ssl.SSLPermission |
|
28 */ |
|
29 |
|
30 package com.sun.net.ssl; |
|
31 |
|
32 import java.security.*; |
|
33 import java.util.Enumeration; |
|
34 import java.util.Hashtable; |
|
35 import java.util.StringTokenizer; |
|
36 import java.security.Permissions; |
|
37 import java.lang.SecurityManager; |
|
38 |
|
39 /** |
|
40 * This class is for various network permissions. |
|
41 * An SSLPermission contains a name (also referred to as a "target name") but |
|
42 * no actions list; you either have the named permission |
|
43 * or you don't. |
|
44 * <P> |
|
45 * The target name is the name of the network permission (see below). The naming |
|
46 * convention follows the hierarchical property naming convention. |
|
47 * Also, an asterisk |
|
48 * may appear at the end of the name, following a ".", or by itself, to |
|
49 * signify a wildcard match. For example: "foo.*" and "*" signify a wildcard |
|
50 * match, while "*foo" and "a*b" do not. |
|
51 * <P> |
|
52 * The following table lists all the possible SSLPermission target names, |
|
53 * and for each provides a description of what the permission allows |
|
54 * and a discussion of the risks of granting code the permission. |
|
55 * |
|
56 * <table border=1 cellpadding=5> |
|
57 * <tr> |
|
58 * <th>Permission Target Name</th> |
|
59 * <th>What the Permission Allows</th> |
|
60 * <th>Risks of Allowing this Permission</th> |
|
61 * </tr> |
|
62 * |
|
63 * <tr> |
|
64 * <td>setHostnameVerifier</td> |
|
65 * <td>The ability to set a callback which can decide whether to |
|
66 * allow a mismatch between the host being connected to by |
|
67 * an HttpsURLConnection and the common name field in |
|
68 * server certificate. |
|
69 * </td> |
|
70 * <td>Malicious |
|
71 * code can set a verifier that monitors host names visited by |
|
72 * HttpsURLConnection requests or that allows server certificates |
|
73 * with invalid common names. |
|
74 * </td> |
|
75 * </tr> |
|
76 * |
|
77 * <tr> |
|
78 * <td>getSSLSessionContext</td> |
|
79 * <td>The ability to get the SSLSessionContext of an SSLSession. |
|
80 * </td> |
|
81 * <td>Malicious code may monitor sessions which have been established |
|
82 * with SSL peers or might invalidate sessions to slow down performance. |
|
83 * </td> |
|
84 * </tr> |
|
85 * |
|
86 * </table> |
|
87 * |
|
88 * @see java.security.BasicPermission |
|
89 * @see java.security.Permission |
|
90 * @see java.security.Permissions |
|
91 * @see java.security.PermissionCollection |
|
92 * @see java.lang.SecurityManager |
|
93 * |
|
94 * |
|
95 * @author Marianne Mueller |
|
96 * @author Roland Schemers |
|
97 * |
|
98 * @deprecated As of JDK 1.4, this implementation-specific class was |
|
99 * replaced by {@link javax.net.ssl.SSLPermission}. |
|
100 */ |
|
101 @Deprecated(since="1.4") |
|
102 public final class SSLPermission extends BasicPermission { |
|
103 |
|
104 private static final long serialVersionUID = -2583684302506167542L; |
|
105 |
|
106 /** |
|
107 * Creates a new SSLPermission with the specified name. |
|
108 * The name is the symbolic name of the SSLPermission, such as |
|
109 * "setDefaultAuthenticator", etc. An asterisk |
|
110 * may appear at the end of the name, following a ".", or by itself, to |
|
111 * signify a wildcard match. |
|
112 * |
|
113 * @param name the name of the SSLPermission. |
|
114 */ |
|
115 |
|
116 public SSLPermission(String name) |
|
117 { |
|
118 super(name); |
|
119 } |
|
120 |
|
121 /** |
|
122 * Creates a new SSLPermission object with the specified name. |
|
123 * The name is the symbolic name of the SSLPermission, and the |
|
124 * actions String is currently unused and should be null. This |
|
125 * constructor exists for use by the <code>Policy</code> object |
|
126 * to instantiate new Permission objects. |
|
127 * |
|
128 * @param name the name of the SSLPermission. |
|
129 * @param actions should be null. |
|
130 */ |
|
131 |
|
132 public SSLPermission(String name, String actions) |
|
133 { |
|
134 super(name, actions); |
|
135 } |
|
136 } |
|