# HG changeset patch
# User vinnie
# Date 1475771637 -3600
# Node ID abc45540077de931854241e1bedbf5b4d6d4d72f
# Parent  569e0c1d851d075666448eb7e959d354c54873e6
8158997: JNDI Protocols Switch
Reviewed-by: dfuchs

diff -r 569e0c1d851d -r abc45540077d jdk/src/jdk.naming.rmi/share/classes/com/sun/jndi/rmi/registry/RegistryContext.java
--- a/jdk/src/jdk.naming.rmi/share/classes/com/sun/jndi/rmi/registry/RegistryContext.java	Wed Oct 05 11:30:16 2016 -0700
+++ b/jdk/src/jdk.naming.rmi/share/classes/com/sun/jndi/rmi/registry/RegistryContext.java	Thu Oct 06 17:33:57 2016 +0100
@@ -32,6 +32,8 @@
 import java.rmi.server.*;
 import java.rmi.registry.Registry;
 import java.rmi.registry.LocateRegistry;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.naming.*;
 import javax.naming.spi.NamingManager;
@@ -52,6 +54,18 @@
     private int port;
     private static final NameParser nameParser = new AtomicNameParser();
     private static final String SOCKET_FACTORY = "com.sun.jndi.rmi.factory.socket";
+    /**
+     * Determines whether classes may be loaded from an arbitrary URL code base.
+     */
+    static final boolean trustURLCodebase;
+    static {
+        // System property to control whether classes may be loaded from an
+        // arbitrary URL codebase
+        PrivilegedAction<String> act = () -> System.getProperty(
+            "com.sun.jndi.rmi.object.trustURLCodebase", "false");
+        String trust = AccessController.doPrivileged(act);
+        trustURLCodebase = "true".equalsIgnoreCase(trust);
+    }
 
     Reference reference = null; // ref used to create this context, if any
 
@@ -460,6 +474,27 @@
             Object obj = (r instanceof RemoteReference)
                         ? ((RemoteReference)r).getReference()
                         : (Object)r;
+
+            /*
+             * Classes may only be loaded from an arbitrary URL codebase when
+             * the system property com.sun.jndi.rmi.object.trustURLCodebase
+             * has been set to "true".
+             */
+
+            // Use reference if possible
+            Reference ref = null;
+            if (obj instanceof Reference) {
+                ref = (Reference) obj;
+            } else if (obj instanceof Referenceable) {
+                ref = ((Referenceable)(obj)).getReference();
+            }
+
+            if (ref != null && ref.getFactoryClassLocation() != null &&
+                !trustURLCodebase) {
+                throw new ConfigurationException(
+                    "The object factory is untrusted. Set the system property" +
+                    " 'com.sun.jndi.rmi.object.trustURLCodebase' to 'true'.");
+            }
             return NamingManager.getObjectInstance(obj, name, this,
                                                    environment);
         } catch (NamingException e) {