7102369: remove java.rmi.server.codebase property parsing from registyimpl
7094468: rmiregistry clean up
Reviewed-by: smarks
--- a/jdk/src/share/classes/sun/rmi/registry/RegistryImpl.java Wed Nov 23 12:30:19 2011 +0000
+++ b/jdk/src/share/classes/sun/rmi/registry/RegistryImpl.java Wed Nov 23 14:55:01 2011 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
import java.util.Hashtable;
import java.util.MissingResourceException;
import java.util.ResourceBundle;
+import java.io.FilePermission;
import java.io.IOException;
import java.net.*;
import java.rmi.*;
@@ -54,7 +55,6 @@
import sun.rmi.transport.LiveRef;
import sun.rmi.transport.ObjectTable;
import sun.rmi.transport.Target;
-import sun.security.action.GetPropertyAction;
/**
* A "registry" exists on every node that allows RMI connections to
@@ -335,19 +335,6 @@
URL[] urls = sun.misc.URLClassPath.pathToURLs(envcp);
ClassLoader cl = new URLClassLoader(urls);
- String codebaseProperty = null;
- String prop = java.security.AccessController.doPrivileged(
- new GetPropertyAction("java.rmi.server.codebase"));
- if (prop != null && prop.trim().length() > 0) {
- codebaseProperty = prop;
- }
- URL[] codebaseURLs = null;
- if (codebaseProperty != null) {
- codebaseURLs = sun.misc.URLClassPath.pathToURLs(codebaseProperty);
- } else {
- codebaseURLs = new URL[0];
- }
-
/*
* Fix bugid 4242317: Classes defined by this class loader should
* be annotated with the value of the "java.rmi.server.codebase"
@@ -365,7 +352,7 @@
public RegistryImpl run() throws RemoteException {
return new RegistryImpl(regPort);
}
- }, getAccessControlContext(codebaseURLs));
+ }, getAccessControlContext());
} catch (PrivilegedActionException ex) {
throw (RemoteException) ex.getException();
}
@@ -391,11 +378,11 @@
}
/**
- * Generates an AccessControlContext from several URLs.
+ * Generates an AccessControlContext with minimal permissions.
* The approach used here is taken from the similar method
* getAccessControlContext() in the sun.applet.AppletPanel class.
*/
- private static AccessControlContext getAccessControlContext(URL[] urls) {
+ private static AccessControlContext getAccessControlContext() {
// begin with permissions granted to all code in current policy
PermissionCollection perms = AccessController.doPrivileged(
new java.security.PrivilegedAction<PermissionCollection>() {
@@ -420,17 +407,15 @@
perms.add(new RuntimePermission("accessClassInPackage.sun.*"));
- // add permissions required to load from codebase URL path
- LoaderHandler.addPermissionsForURLs(urls, perms, false);
+ perms.add(new FilePermission("<<ALL FILES>>", "read"));
/*
* Create an AccessControlContext that consists of a single
* protection domain with only the permissions calculated above.
*/
ProtectionDomain pd = new ProtectionDomain(
- new CodeSource((urls.length > 0 ? urls[0] : null),
- (java.security.cert.Certificate[]) null),
- perms);
+ new CodeSource(null,
+ (java.security.cert.Certificate[]) null), perms);
return new AccessControlContext(new ProtectionDomain[] { pd });
}
}
--- a/jdk/src/share/classes/sun/rmi/server/LoaderHandler.java Wed Nov 23 12:30:19 2011 +0000
+++ b/jdk/src/share/classes/sun/rmi/server/LoaderHandler.java Wed Nov 23 14:55:01 2011 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -1031,7 +1031,7 @@
* loader. A given permission is only added to the collection if
* it is not already implied by the collection.
*/
- public static void addPermissionsForURLs(URL[] urls,
+ private static void addPermissionsForURLs(URL[] urls,
PermissionCollection perms,
boolean forLoader)
{
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/rmi/registry/readTest/readTest.java Wed Nov 23 14:55:01 2011 +0000
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.rmi.registry.Registry;
+import java.rmi.registry.LocateRegistry;
+import java.rmi.RemoteException;
+import java.rmi.server.UnicastRemoteObject;
+
+public class readTest {
+
+ public static void main(String args[]) throws Exception {
+ int port = 7491;
+ try {
+ testPkg.Server obj = new testPkg.Server();
+ testPkg.Hello stub = (testPkg.Hello) UnicastRemoteObject.exportObject(obj, 0);
+ // Bind the remote object's stub in the registry
+ Registry registry = LocateRegistry.getRegistry(port);
+ registry.bind("Hello", stub);
+
+ System.err.println("Server ready");
+
+ // now, let's test client
+ testPkg.Client client = new testPkg.Client(port);
+ String testStubReturn = client.testStub();
+ if(!testStubReturn.equals(obj.hello)) {
+ throw new RuntimeException("Test Fails : unexpected string from stub call");
+ } else {
+ System.out.println("Test passed");
+ }
+ registry.unbind("Hello");
+
+ } catch (Exception e) {
+ System.err.println("Server exception: " + e.toString());
+ e.printStackTrace();
+ }
+
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/rmi/registry/readTest/readTest.sh Wed Nov 23 14:55:01 2011 +0000
@@ -0,0 +1,95 @@
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7102369 7094468 7100592
+# @summary remove java.rmi.server.codebase property parsing from registyimpl
+# @run shell readTest.sh
+
+OS=`uname -s`
+case "$OS" in
+ SunOS | Linux )
+ PS=":"
+ FS="/"
+ FILEURL="file:"
+ ;;
+ Windows* | CYGWIN* )
+ PS=";"
+ FS="\\"
+ FILEURL="file:/"
+ ;;
+ * )
+ echo "Unrecognized system!"
+ exit 1;
+ ;;
+esac
+
+cp -r ${TESTSRC}${FS}* .
+${TESTJAVA}${FS}bin${FS}javac testPkg${FS}*java
+${TESTJAVA}${FS}bin${FS}javac readTest.java
+
+mkdir rmi_tmp
+RMIREG_OUT=rmi.out
+#start rmiregistry without any local classes on classpath
+cd rmi_tmp
+${TESTJAVA}${FS}bin${FS}rmiregistry 7491 > ..${FS}${RMIREG_OUT} 2>&1 &
+RMIREG_PID=$!
+# allow some time to start
+sleep 3
+cd ..
+
+# trailing / after code base is important for rmi codebase property.
+${TESTJAVA}${FS}bin${FS}java -Djava.rmi.server.codebase=${FILEURL}`pwd`/ readTest > OUT.TXT 2>&1 &
+TEST_PID=$!
+#bulk of testcase - let it run for a while
+sleep 5
+
+#we're done, kill processes first
+kill -9 ${RMIREG_PID} ${TEST_PID}
+sleep 3
+
+echo "Test output : "
+
+cat OUT.TXT
+echo "=============="
+echo "rmiregistry output : "
+cat ${RMIREG_OUT}
+echo "=============="
+
+grep "Server ready" OUT.TXT
+result1=$?
+grep "Test passed" OUT.TXT
+result2=$?
+
+if [ $result1 -eq 0 -a $result2 -eq 0 ]
+then
+ echo "Passed"
+ exitCode=0;
+else
+ echo "Failed"
+ exitCode=1
+fi
+rm -rf OUT.TXT ${RMIREG_OUT} rmi_tmp
+exit ${exitCode}
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/rmi/registry/readTest/testPkg/Client.java Wed Nov 23 14:55:01 2011 +0000
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package testPkg;
+
+import java.rmi.registry.LocateRegistry;
+import java.rmi.registry.Registry;
+
+public class Client {
+ int port;
+
+ public Client(int p) {
+ port = p;
+ }
+
+ public String testStub() throws Exception {
+ try {
+ Registry registry = LocateRegistry.getRegistry(port);
+ Hello stub = (Hello) registry.lookup("Hello");
+ String response = stub.sayHello();
+ return response;
+ } catch (Exception e) {
+ System.err.println("Client exception: " + e.toString());
+ throw e;
+ }
+ }
+ }
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/rmi/registry/readTest/testPkg/Hello.java Wed Nov 23 14:55:01 2011 +0000
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package testPkg;
+
+import java.rmi.Remote;
+import java.rmi.RemoteException;
+
+public interface Hello extends Remote {
+ String sayHello() throws RemoteException;
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/rmi/registry/readTest/testPkg/Server.java Wed Nov 23 14:55:01 2011 +0000
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package testPkg;
+
+public class Server implements Hello {
+
+ public String hello = "Hello, world!";
+
+ public Server() {}
+
+ public String sayHello() {
+ return hello;
+ }
+
+}