src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
author jwilhelm
Thu, 12 Sep 2019 03:21:11 +0200
changeset 58094 0f6c749acd15
parent 47425 96179f26139e
permissions -rw-r--r--
Added tag jdk-14+14 for changeset cddef3bde924

/*
 * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package javax.management.remote.rmi;

import java.io.IOException;
import java.io.ObjectInputFilter;
import java.rmi.NoSuchObjectException;
import java.rmi.Remote;
import java.rmi.RemoteException;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.rmi.server.UnicastRemoteObject;
import java.rmi.server.RemoteObject;
import java.util.Map;
import java.util.Collections;
import javax.security.auth.Subject;

import com.sun.jmx.remote.internal.rmi.RMIExporter;
import com.sun.jmx.remote.util.EnvHelp;
import java.util.Arrays;
import java.util.Set;
import java.util.stream.Collectors;
import sun.reflect.misc.ReflectUtil;
import sun.rmi.server.UnicastServerRef;
import sun.rmi.server.UnicastServerRef2;
import sun.rmi.transport.LiveRef;

/**
 * <p>An {@link RMIServer} object that is exported through JRMP and that
 * creates client connections as RMI objects exported through JRMP.
 * User code does not usually reference this class directly.</p>
 *
 * @see RMIServerImpl
 *
 * @since 1.5
 */
public class RMIJRMPServerImpl extends RMIServerImpl {

    /**
     * <p>Creates a new {@link RMIServer} object that will be exported
     * on the given port using the given socket factories.</p>
     *
     * @param port the port on which this object and the {@link
     * RMIConnectionImpl} objects it creates will be exported.  Can be
     * zero, to indicate any available port.
     *
     * @param csf the client socket factory for the created RMI
     * objects.  Can be null.
     *
     * @param ssf the server socket factory for the created RMI
     * objects.  Can be null.
     *
     * @param env the environment map.  Can be null.
     *
     * @exception IOException if the {@link RMIServer} object
     * cannot be created.
     *
     * @exception IllegalArgumentException if <code>port</code> is
     * negative.
     */
    public RMIJRMPServerImpl(int port,
                             RMIClientSocketFactory csf,
                             RMIServerSocketFactory ssf,
                             Map<String,?> env)
            throws IOException {

        super(env);

        if (port < 0)
            throw new IllegalArgumentException("Negative port: " + port);

        this.port = port;
        this.csf = csf;
        this.ssf = ssf;
        this.env = (env == null) ? Collections.<String, Object>emptyMap() : env;

        // This attribute was represented by RMIConnectorServer.CREDENTIALS_TYPES.
        // This attribute is superceded by
        // RMIConnectorServer.CREDENTIALS_FILTER_PATTERN.
        // Retaining this for backward compatibility.
        String[] credentialsTypes
                = (String[]) this.env.get("jmx.remote.rmi.server.credential.types");

        String credentialsFilter
                = (String) this.env.get(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN);

        // It is impossible for both attributes to be specified
        if(credentialsTypes != null && credentialsFilter != null)
            throw new IllegalArgumentException("Cannot specify both \""
                    + "jmx.remote.rmi.server.credential.types" + "\" and \""
           + RMIConnectorServer.CREDENTIALS_FILTER_PATTERN + "\"");
        else if(credentialsFilter != null){
            cFilter = ObjectInputFilter.Config.createFilter(credentialsFilter);
            allowedTypes = null;
        }
        else if (credentialsTypes != null) {
            allowedTypes = Arrays.stream(credentialsTypes).filter(
                    s -> s!= null).collect(Collectors.toSet());
            allowedTypes.stream().forEach(ReflectUtil::checkPackageAccess);
            cFilter = this::newClientCheckInput;
        } else {
            allowedTypes = null;
            cFilter = null;
        }

        String userJmxFilter =
                (String) this.env.get(RMIConnectorServer.SERIAL_FILTER_PATTERN);
        if(userJmxFilter != null && !userJmxFilter.isEmpty())
            jmxRmiFilter = ObjectInputFilter.Config.createFilter(userJmxFilter);
        else
            jmxRmiFilter = null;
    }

    protected void export() throws IOException {
        export(this, cFilter);
    }

    private void export(Remote obj, ObjectInputFilter typeFilter) throws RemoteException {
        final RMIExporter exporter =
            (RMIExporter) env.get(RMIExporter.EXPORTER_ATTRIBUTE);
        final boolean daemon = EnvHelp.isServerDaemon(env);

        if (daemon && exporter != null) {
            throw new IllegalArgumentException("If "+EnvHelp.JMX_SERVER_DAEMON+
                    " is specified as true, "+RMIExporter.EXPORTER_ATTRIBUTE+
                    " cannot be used to specify an exporter!");
        }

        if (exporter != null) {
            exporter.exportObject(obj, port, csf, ssf, typeFilter);
        } else {
            if (csf == null && ssf == null) {
                new UnicastServerRef(new LiveRef(port), typeFilter).exportObject(obj, null, daemon);
            } else {
                new UnicastServerRef2(port, csf, ssf, typeFilter).exportObject(obj, null, daemon);
            }
        }
    }

    private void unexport(Remote obj, boolean force)
            throws NoSuchObjectException {
        RMIExporter exporter =
            (RMIExporter) env.get(RMIExporter.EXPORTER_ATTRIBUTE);
        if (exporter == null)
            UnicastRemoteObject.unexportObject(obj, force);
        else
            exporter.unexportObject(obj, force);
    }

    protected String getProtocol() {
        return "rmi";
    }

    /**
     * <p>Returns a serializable stub for this {@link RMIServer} object.</p>
     *
     * @return a serializable stub.
     *
     * @exception IOException if the stub cannot be obtained - e.g the
     *            RMIJRMPServerImpl has not been exported yet.
     */
    public Remote toStub() throws IOException {
        return RemoteObject.toStub(this);
    }

    /**
     * <p>Creates a new client connection as an RMI object exported
     * through JRMP. The port and socket factories for the new
     * {@link RMIConnection} object are the ones supplied
     * to the <code>RMIJRMPServerImpl</code> constructor.</p>
     *
     * @param connectionId the ID of the new connection. Every
     * connection opened by this connector server will have a
     * different id.  The behavior is unspecified if this parameter is
     * null.
     *
     * @param subject the authenticated subject.  Can be null.
     *
     * @return the newly-created <code>RMIConnection</code>.
     *
     * @exception IOException if the new {@link RMIConnection}
     * object cannot be created or exported.
     */
    protected RMIConnection makeClient(String connectionId, Subject subject)
            throws IOException {

        if (connectionId == null)
            throw new NullPointerException("Null connectionId");

        RMIConnection client =
            new RMIConnectionImpl(this, connectionId, getDefaultClassLoader(),
                                  subject, env);
        export(client, jmxRmiFilter);
        return client;
    }

    protected void closeClient(RMIConnection client) throws IOException {
        unexport(client, true);
    }

    /**
     * <p>Called by {@link #close()} to close the connector server by
     * unexporting this object.  After returning from this method, the
     * connector server must not accept any new connections.</p>
     *
     * @exception IOException if the attempt to close the connector
     * server failed.
     */
    protected void closeServer() throws IOException {
        unexport(this, true);
    }

    /**
     * Check that a type in the remote invocation of {@link RMIServerImpl#newClient}
     * is one of the {@code allowedTypes}.
     *
     * @param clazz       the class; may be null
     * @param size        the size for arrays, otherwise is 0
     * @param nObjectRefs the current number of object references
     * @param depth       the current depth
     * @param streamBytes the current number of bytes consumed
     * @return {@code ObjectInputFilter.Status.ALLOWED} if the class is allowed,
     *          otherwise {@code ObjectInputFilter.Status.REJECTED}
     */
    ObjectInputFilter.Status newClientCheckInput(ObjectInputFilter.FilterInfo filterInfo) {
        ObjectInputFilter.Status status = ObjectInputFilter.Status.UNDECIDED;
        if (allowedTypes != null && filterInfo.serialClass() != null) {
            // If enabled, check type
            String type = filterInfo.serialClass().getName();
            if (allowedTypes.contains(type))
                status = ObjectInputFilter.Status.ALLOWED;
            else
                status = ObjectInputFilter.Status.REJECTED;
        }
        return status;
    }

    private final int port;
    private final RMIClientSocketFactory csf;
    private final RMIServerSocketFactory ssf;
    private final Map<String, ?> env;
    private final Set<String> allowedTypes;
    private final ObjectInputFilter jmxRmiFilter;
    private final ObjectInputFilter cFilter;
}