diff -r ea6446a9121b -r 913603a4fe1f jdk/test/java/net/SocketPermission/SocketPermissionTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/net/SocketPermission/SocketPermissionTest.java Thu Oct 16 10:50:17 2014 +0100 @@ -0,0 +1,236 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8047031 + * @summary SocketPermission tests for legacy socket types + * @library ../../../lib/testlibrary + * @run testng/othervm/policy=policy SocketPermissionTest + */ +import java.io.IOException; +import java.net.DatagramPacket; +import java.net.DatagramSocket; +import java.net.InetAddress; +import java.net.MulticastSocket; +import java.net.ServerSocket; +import java.net.Socket; +import java.net.SocketPermission; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.Permission; +import java.security.Permissions; +import java.security.PrivilegedAction; +import java.security.ProtectionDomain; +import java.util.Arrays; +import java.util.function.Function; +import java.util.function.IntConsumer; +import static jdk.testlibrary.Utils.getFreePort; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +public class SocketPermissionTest { + private int freePort = -1; + + //positive tests + @Test(dataProvider = "positiveProvider") + public void testPositive(Function genAcc, IntConsumer func) { + String addr = "localhost:" + freePort; + AccessControlContext acc = genAcc.apply(addr); + AccessController.doPrivileged((PrivilegedAction) () -> { + func.accept(freePort); + return null; + }, acc); + } + + //negative tests + @Test(dataProvider = "negativeProvider", expectedExceptions = SecurityException.class) + public void testNegative(AccessControlContext acc, IntConsumer func) { + AccessController.doPrivileged((PrivilegedAction) () -> { + func.accept(freePort); + return null; + }, acc); + } + + @BeforeMethod + public void setFreePort() throws Exception { + freePort = getFreePort(); + } + + @DataProvider + public Object[][] positiveProvider() { + //test for SocketPermission "host:port","connect,resolve"; + Function generateAcc1 = (addr) -> getAccessControlContext( + new SocketPermission(addr, "listen, connect,resolve")); + IntConsumer func1 = (i) -> connectSocketTest(i); + IntConsumer func2 = (i) -> connectDatagramSocketTest(i); + + //test for SocketPermission "localhost:1024-","accept"; + Function generateAcc2 = (addr) -> getAccessControlContext( + new SocketPermission(addr, "listen,connect,resolve"), + new SocketPermission("localhost:1024-", "accept")); + IntConsumer func3 = (i) -> acceptServerSocketTest(i); + + //test for SocketPermission "229.227.226.221", "connect,accept" + Function generateAcc3 = (addr) -> getAccessControlContext( + new SocketPermission(addr, "listen,resolve"), + new SocketPermission("229.227.226.221", "connect,accept")); + IntConsumer func4 = (i) -> sendDatagramPacketTest(i); + IntConsumer func5 = (i) -> joinGroupMulticastTest(i); + + //test for SocketPermission "host:port", "listen" + Function generateAcc4 = (addr) -> getAccessControlContext( + new SocketPermission(addr, "listen")); + IntConsumer func6 = (i) -> listenDatagramSocketTest(i); + IntConsumer func7 = (i) -> listenMulticastSocketTest(i); + IntConsumer func8 = (i) -> listenServerSocketTest(i); + + return new Object[][]{ + {generateAcc1, func1}, + {generateAcc1, func2}, + {generateAcc2, func3}, + {generateAcc3, func4}, + {generateAcc3, func5}, + {generateAcc4, func6}, + {generateAcc4, func7}, + {generateAcc4, func8} + }; + } + + @DataProvider + public Object[][] negativeProvider() { + IntConsumer[] funcs = {i -> connectSocketTest(i), + i -> connectDatagramSocketTest(i), i -> acceptServerSocketTest(i), + i -> sendDatagramPacketTest(i), i -> joinGroupMulticastTest(i), + i -> listenDatagramSocketTest(i), i -> listenMulticastSocketTest(i), + i -> listenServerSocketTest(i)}; + return Arrays.stream(funcs).map(f -> { + //Construct an AccessControlContext without SocketPermission + AccessControlContext acc = getAccessControlContext( + new java.io.FilePermission("<>", "read,write,execute,delete"), + new java.net.NetPermission("*"), + new java.util.PropertyPermission("*", "read,write"), + new java.lang.reflect.ReflectPermission("*"), + new java.lang.RuntimePermission("*"), + new java.security.SecurityPermission("*"), + new java.io.SerializablePermission("*")); + return new Object[]{acc, f}; + }).toArray(Object[][]::new); + } + + public void connectSocketTest(int port) { + try (ServerSocket server = new ServerSocket(port); + Socket client = new Socket(InetAddress.getLocalHost(), port);) { + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void connectDatagramSocketTest(int port) { + String msg = "Hello"; + try { + InetAddress me = InetAddress.getLocalHost(); + try (DatagramSocket ds = new DatagramSocket(port, me)) { + DatagramPacket dp = new DatagramPacket(msg.getBytes(), + msg.length(), me, port); + ds.send(dp); + } + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void acceptServerSocketTest(int port) { + try { + InetAddress me = InetAddress.getLocalHost(); + try (ServerSocket server = new ServerSocket(port)) { + Socket client = new Socket(me, port); + server.accept(); + } + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public static void sendDatagramPacketTest(int port) { + String msg = "Hello"; + try { + InetAddress group = InetAddress.getByName("229.227.226.221"); + try (DatagramSocket s = new DatagramSocket(port)) { + DatagramPacket hi = new DatagramPacket(msg.getBytes(), + msg.length(), group, port); + s.send(hi); + } + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void joinGroupMulticastTest(int port) { + try { + InetAddress group = InetAddress.getByName("229.227.226.221"); + try (MulticastSocket s = new MulticastSocket(port)) { + s.joinGroup(group); + s.leaveGroup(group); + } + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void listenDatagramSocketTest(int port) { + try (DatagramSocket ds = new DatagramSocket(port)) { + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void listenMulticastSocketTest(int port) { + try (MulticastSocket ms = new MulticastSocket(port)) { + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + public void listenServerSocketTest(int port) { + try (ServerSocket ms = new ServerSocket(port)) { + } catch (IOException ex) { + throw new RuntimeException(ex); + } + } + + private static AccessControlContext getAccessControlContext(Permission... ps) { + Permissions perms = new Permissions(); + for (Permission p : ps) { + perms.add(p); + } + /* + *Create an AccessControlContext that consist a single protection domain + * with only the permissions calculated above + */ + ProtectionDomain pd = new ProtectionDomain(null, perms); + return new AccessControlContext(new ProtectionDomain[]{pd}); + } + +}