6801071: Remote sites can compromise user privacy and possibly hijack web sessions
Reviewed-by: jccollet, hawtin
--- a/jdk/make/sun/net/FILES_java.gmk Fri May 08 16:15:15 2009 +0400
+++ b/jdk/make/sun/net/FILES_java.gmk Tue May 12 16:32:34 2009 +0100
@@ -24,6 +24,7 @@
#
FILES_java = \
+ sun/net/ApplicationProxy.java \
sun/net/InetAddressCachePolicy.java \
sun/net/URLCanonicalizer.java \
sun/net/NetworkClient.java \
--- a/jdk/src/share/classes/java/net/Socket.java Fri May 08 16:15:15 2009 +0400
+++ b/jdk/src/share/classes/java/net/Socket.java Tue May 12 16:32:34 2009 +0100
@@ -118,7 +118,7 @@
if (proxy == null) {
throw new IllegalArgumentException("Invalid Proxy");
}
- Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : new Proxy(proxy.type(), proxy.address());
+ Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy);
if (p.type() == Proxy.Type.SOCKS) {
SecurityManager security = System.getSecurityManager();
InetSocketAddress epoint = (InetSocketAddress) p.address();
--- a/jdk/src/share/classes/java/net/SocksSocketImpl.java Fri May 08 16:15:15 2009 +0400
+++ b/jdk/src/share/classes/java/net/SocksSocketImpl.java Tue May 12 16:32:34 2009 +0100
@@ -47,6 +47,9 @@
private Socket cmdsock = null;
private InputStream cmdIn = null;
private OutputStream cmdOut = null;
+ /* true if the Proxy has been set programatically */
+ private boolean applicationSetProxy; /* false */
+
SocksSocketImpl() {
// Nothing needed
@@ -64,6 +67,7 @@
// Use getHostString() to avoid reverse lookups
server = ad.getHostString();
port = ad.getPort();
+ applicationSetProxy = true;
}
}
@@ -165,8 +169,7 @@
throw (IOException) pae.getException();
}
} else {
- userName = java.security.AccessController.doPrivileged(
- new sun.security.action.GetPropertyAction("user.name"));
+ userName = getUserName();
}
}
if (userName == null)
@@ -267,8 +270,7 @@
out.write((endpoint.getPort() >> 8) & 0xff);
out.write((endpoint.getPort() >> 0) & 0xff);
out.write(endpoint.getAddress().getAddress());
- String userName = java.security.AccessController.doPrivileged(
- new sun.security.action.GetPropertyAction("user.name"));
+ String userName = getUserName();
try {
out.write(userName.getBytes("ISO-8859-1"));
} catch (java.io.UnsupportedEncodingException uee) {
@@ -588,8 +590,7 @@
out.write((super.getLocalPort() >> 8) & 0xff);
out.write((super.getLocalPort() >> 0) & 0xff);
out.write(addr1);
- String userName = java.security.AccessController.doPrivileged(
- new sun.security.action.GetPropertyAction("user.name"));
+ String userName = getUserName();
try {
out.write(userName.getBytes("ISO-8859-1"));
} catch (java.io.UnsupportedEncodingException uee) {
@@ -1052,4 +1053,16 @@
super.close();
}
+ private String getUserName() {
+ String userName = "";
+ if (applicationSetProxy) {
+ try {
+ userName = System.getProperty("user.name");
+ } catch (SecurityException se) { /* swallow Exception */ }
+ } else {
+ userName = java.security.AccessController.doPrivileged(
+ new sun.security.action.GetPropertyAction("user.name"));
+ }
+ return userName;
+ }
}
--- a/jdk/src/share/classes/java/net/URL.java Fri May 08 16:15:15 2009 +0400
+++ b/jdk/src/share/classes/java/net/URL.java Tue May 12 16:32:34 2009 +0100
@@ -1005,7 +1005,7 @@
}
// Create a copy of Proxy as a security measure
- Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : new Proxy(proxy.type(), proxy.address());
+ Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy);
SecurityManager sm = System.getSecurityManager();
if (p.type() != Proxy.Type.DIRECT && sm != null) {
InetSocketAddress epoint = (InetSocketAddress) p.address();
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/net/ApplicationProxy.java Tue May 12 16:32:34 2009 +0100
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.net;
+
+import java.net.Proxy;
+import java.net.SocketAddress;
+
+/**
+ * Proxy wrapper class so that we can determine application set
+ * proxies by type.
+ */
+public final class ApplicationProxy extends Proxy {
+ private ApplicationProxy(Proxy proxy) {
+ super(proxy.type(), proxy.address());
+ }
+
+ public static ApplicationProxy create(Proxy proxy) {
+ return new ApplicationProxy(proxy);
+ }
+}
--- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Fri May 08 16:15:15 2009 +0400
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Tue May 12 16:32:34 2009 +0100
@@ -575,12 +575,20 @@
responses = new MessageHeader();
this.handler = handler;
instProxy = p;
- cookieHandler = java.security.AccessController.doPrivileged(
- new java.security.PrivilegedAction<CookieHandler>() {
+ if (instProxy instanceof sun.net.ApplicationProxy) {
+ /* Application set Proxies should not have access to cookies
+ * in a secure environment unless explicitly allowed. */
+ try {
+ cookieHandler = CookieHandler.getDefault();
+ } catch (SecurityException se) { /* swallow exception */ }
+ } else {
+ cookieHandler = java.security.AccessController.doPrivileged(
+ new java.security.PrivilegedAction<CookieHandler>() {
public CookieHandler run() {
- return CookieHandler.getDefault();
- }
- });
+ return CookieHandler.getDefault();
+ }
+ });
+ }
cacheHandler = java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<ResponseCache>() {
public ResponseCache run() {