--- a/jdk/make/sun/net/FILES_java.gmk Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/make/sun/net/FILES_java.gmk Mon Mar 21 17:22:16 2011 -0700
@@ -1,5 +1,5 @@
#
-# Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -34,6 +34,7 @@
sun/net/ProgressListener.java \
sun/net/ProgressMeteringPolicy.java \
sun/net/SocksProxy.java \
+ sun/net/ResourceManager.java \
sun/net/TelnetInputStream.java \
sun/net/TelnetOutputStream.java \
sun/net/TelnetProtocolException.java \
@@ -100,6 +101,7 @@
sun/net/www/protocol/http/NegotiateAuthentication.java \
sun/net/www/protocol/http/Negotiator.java \
sun/net/www/protocol/http/ntlm/NTLMAuthentication.java \
+ sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java \
sun/net/www/protocol/http/spnego/NegotiatorImpl.java \
sun/net/www/protocol/http/spnego/NegotiateCallbackHandler.java \
sun/net/www/protocol/http/logging/HttpLogFormatter.java \
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Mon Mar 21 17:22:16 2011 -0700
@@ -210,6 +210,8 @@
public static void init() {
if (!alreadyInitialized) {
transformClassHash = new HashMap(10);
+ // make sure builtin algorithms are all registered first
+ com.sun.org.apache.xml.internal.security.Init.init();
alreadyInitialized = true;
}
}
@@ -236,12 +238,7 @@
"algorithm.alreadyRegistered", exArgs);
}
- ClassLoader cl = (ClassLoader) AccessController.doPrivileged(
- new PrivilegedAction() {
- public Object run() {
- return Thread.currentThread().getContextClassLoader();
- }
- });
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
try {
transformClassHash.put
--- a/jdk/src/share/classes/java/awt/AWTEvent.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/awt/AWTEvent.java Mon Mar 21 17:22:16 2011 -0700
@@ -33,6 +33,11 @@
import sun.awt.AWTAccessor;
import sun.util.logging.PlatformLogger;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.io.ObjectInputStream;
+import java.io.IOException;
+
/**
* The root event class for all AWT events.
* This class and its subclasses supercede the original
@@ -97,6 +102,22 @@
*/
protected boolean consumed = false;
+ /*
+ * The event's AccessControlContext.
+ */
+ private transient volatile AccessControlContext acc =
+ AccessController.getContext();
+
+ /*
+ * Returns the acc this event was constructed with.
+ */
+ final AccessControlContext getAccessControlContext() {
+ if (acc == null) {
+ throw new SecurityException("AWTEvent is missing AccessControlContext");
+ }
+ return acc;
+ }
+
transient boolean focusManagerIsDispatching = false;
transient boolean isPosted;
@@ -247,6 +268,10 @@
public boolean isSystemGenerated(AWTEvent ev) {
return ev.isSystemGenerated;
}
+
+ public AccessControlContext getAccessControlContext(AWTEvent ev) {
+ return ev.getAccessControlContext();
+ }
});
}
--- a/jdk/src/share/classes/java/awt/Component.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/awt/Component.java Mon Mar 21 17:22:16 2011 -0700
@@ -59,6 +59,7 @@
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.AccessControlContext;
import javax.accessibility.*;
import java.applet.Applet;
@@ -471,6 +472,12 @@
static final Object LOCK = new AWTTreeLock();
static class AWTTreeLock {}
+ /*
+ * The component's AccessControlContext.
+ */
+ private transient volatile AccessControlContext acc =
+ AccessController.getContext();
+
/**
* Minimum size.
* (This field perhaps should have been transient).
@@ -671,6 +678,16 @@
return objectLock;
}
+ /*
+ * Returns the acc this component was constructed with.
+ */
+ final AccessControlContext getAccessControlContext() {
+ if (acc == null) {
+ throw new SecurityException("Component is missing AccessControlContext");
+ }
+ return acc;
+ }
+
boolean isPacked = false;
/**
@@ -950,6 +967,10 @@
public void processEvent(Component comp, AWTEvent e) {
comp.processEvent(e);
}
+
+ public AccessControlContext getAccessControlContext(Component comp) {
+ return comp.getAccessControlContext();
+ }
});
}
@@ -8613,6 +8634,8 @@
{
objectLock = new Object();
+ acc = AccessController.getContext();
+
s.defaultReadObject();
appContext = AppContext.getAppContext();
--- a/jdk/src/share/classes/java/awt/EventQueue.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/awt/EventQueue.java Mon Mar 21 17:22:16 2011 -0700
@@ -48,6 +48,12 @@
import java.util.concurrent.locks.Condition;
import java.util.concurrent.locks.Lock;
+import java.security.AccessControlContext;
+import java.security.ProtectionDomain;
+
+import sun.misc.SharedSecrets;
+import sun.misc.JavaSecurityAccess;
+
/**
* <code>EventQueue</code> is a platform-independent class
* that queues events, both from the underlying peer classes
@@ -612,6 +618,9 @@
return null;
}
+ private static final JavaSecurityAccess javaSecurityAccess =
+ SharedSecrets.getJavaSecurityAccess();
+
/**
* Dispatches an event. The manner in which the event is
* dispatched depends upon the type of the event and the
@@ -650,13 +659,49 @@
* @throws NullPointerException if <code>event</code> is <code>null</code>
* @since 1.2
*/
- protected void dispatchEvent(AWTEvent event) {
+ protected void dispatchEvent(final AWTEvent event) {
+ final Object src = event.getSource();
+ final PrivilegedAction<Void> action = new PrivilegedAction<Void>() {
+ public Void run() {
+ dispatchEventImpl(event, src);
+ return null;
+ }
+ };
+
+ final AccessControlContext stack = AccessController.getContext();
+ final AccessControlContext srcAcc = getAccessControlContextFrom(src);
+ final AccessControlContext eventAcc = event.getAccessControlContext();
+ if (srcAcc == null) {
+ javaSecurityAccess.doIntersectionPrivilege(action, stack, eventAcc);
+ } else {
+ javaSecurityAccess.doIntersectionPrivilege(
+ new PrivilegedAction<Void>() {
+ public Void run() {
+ javaSecurityAccess.doIntersectionPrivilege(action, eventAcc);
+ return null;
+ }
+ }, stack, srcAcc);
+ }
+ }
+
+ private static AccessControlContext getAccessControlContextFrom(Object src) {
+ return src instanceof Component ?
+ ((Component)src).getAccessControlContext() :
+ src instanceof MenuComponent ?
+ ((MenuComponent)src).getAccessControlContext() :
+ src instanceof TrayIcon ?
+ ((TrayIcon)src).getAccessControlContext() :
+ null;
+ }
+
+ /**
+ * Called from dispatchEvent() under a correct AccessControlContext
+ */
+ private void dispatchEventImpl(final AWTEvent event, final Object src) {
event.isPosted = true;
- Object src = event.getSource();
if (event instanceof ActiveEvent) {
// This could become the sole method of dispatching in time.
setCurrentEventAndMostRecentTimeImpl(event);
-
((ActiveEvent)event).dispatch();
} else if (src instanceof Component) {
((Component)src).dispatchEvent(event);
--- a/jdk/src/share/classes/java/awt/MenuComponent.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/awt/MenuComponent.java Mon Mar 21 17:22:16 2011 -0700
@@ -33,6 +33,9 @@
import sun.awt.AWTAccessor;
import javax.accessibility.*;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+
/**
* The abstract class <code>MenuComponent</code> is the superclass
* of all menu-related components. In this respect, the class
@@ -100,6 +103,23 @@
boolean newEventsOnly = false;
/*
+ * The menu's AccessControlContext.
+ */
+ private transient volatile AccessControlContext acc =
+ AccessController.getContext();
+
+ /*
+ * Returns the acc this menu component was constructed with.
+ */
+ final AccessControlContext getAccessControlContext() {
+ if (acc == null) {
+ throw new SecurityException(
+ "MenuComponent is missing AccessControlContext");
+ }
+ return acc;
+ }
+
+ /*
* Internal constants for serialization.
*/
final static String actionListenerK = Component.actionListenerK;
@@ -402,6 +422,9 @@
throws ClassNotFoundException, IOException, HeadlessException
{
GraphicsEnvironment.checkHeadless();
+
+ acc = AccessController.getContext();
+
s.defaultReadObject();
appContext = AppContext.getAppContext();
--- a/jdk/src/share/classes/java/awt/TrayIcon.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/awt/TrayIcon.java Mon Mar 21 17:22:16 2011 -0700
@@ -40,6 +40,8 @@
import sun.awt.SunToolkit;
import sun.awt.HeadlessToolkit;
import java.util.EventObject;
+import java.security.AccessControlContext;
+import java.security.AccessController;
/**
* A <code>TrayIcon</code> object represents a tray icon that can be
@@ -90,6 +92,7 @@
* @author Anton Tarasov
*/
public class TrayIcon {
+
private Image image;
private String tooltip;
private PopupMenu popup;
@@ -103,6 +106,24 @@
transient MouseMotionListener mouseMotionListener;
transient ActionListener actionListener;
+ /*
+ * The tray icon's AccessControlContext.
+ *
+ * Unlike the acc in Component, this field is made final
+ * because TrayIcon is not serializable.
+ */
+ private final AccessControlContext acc = AccessController.getContext();
+
+ /*
+ * Returns the acc this tray icon was constructed with.
+ */
+ final AccessControlContext getAccessControlContext() {
+ if (acc == null) {
+ throw new SecurityException("TrayIcon is missing AccessControlContext");
+ }
+ return acc;
+ }
+
static {
Toolkit.loadLibraries();
if (!GraphicsEnvironment.isHeadless()) {
--- a/jdk/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Mon Mar 21 17:22:16 2011 -0700
@@ -28,6 +28,7 @@
import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.Enumeration;
+import sun.net.ResourceManager;
/**
* Abstract datagram and multicast socket implementation base class.
@@ -66,7 +67,14 @@
*/
protected synchronized void create() throws SocketException {
fd = new FileDescriptor();
- datagramSocketCreate();
+ ResourceManager.beforeUdpCreate();
+ try {
+ datagramSocketCreate();
+ } catch (SocketException ioe) {
+ ResourceManager.afterUdpClose();
+ fd = null;
+ throw ioe;
+ }
}
/**
@@ -211,6 +219,7 @@
protected void close() {
if (fd != null) {
datagramSocketClose();
+ ResourceManager.afterUdpClose();
fd = null;
}
}
--- a/jdk/src/share/classes/java/net/AbstractPlainSocketImpl.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/net/AbstractPlainSocketImpl.java Mon Mar 21 17:22:16 2011 -0700
@@ -32,6 +32,7 @@
import sun.net.ConnectionResetException;
import sun.net.NetHooks;
+import sun.net.ResourceManager;
/**
* Default Socket Implementation. This implementation does
@@ -68,6 +69,10 @@
private int resetState;
private final Object resetLock = new Object();
+ /* whether this Socket is a stream (TCP) socket or not (UDP)
+ */
+ private boolean stream;
+
/**
* Load net library into runtime.
*/
@@ -82,7 +87,19 @@
*/
protected synchronized void create(boolean stream) throws IOException {
fd = new FileDescriptor();
- socketCreate(stream);
+ this.stream = stream;
+ if (!stream) {
+ ResourceManager.beforeUdpCreate();
+ try {
+ socketCreate(false);
+ } catch (IOException ioe) {
+ ResourceManager.afterUdpClose();
+ fd = null;
+ throw ioe;
+ }
+ } else {
+ socketCreate(true);
+ }
if (socket != null)
socket.setCreated();
if (serverSocket != null)
@@ -479,6 +496,9 @@
protected void close() throws IOException {
synchronized(fdLock) {
if (fd != null) {
+ if (!stream) {
+ ResourceManager.afterUdpClose();
+ }
if (fdUseCount == 0) {
if (closePending) {
return;
--- a/jdk/src/share/classes/java/security/AccessControlContext.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/security/AccessControlContext.java Mon Mar 21 17:22:16 2011 -0700
@@ -29,6 +29,9 @@
import java.util.List;
import sun.security.util.Debug;
import sun.security.util.SecurityConstants;
+import sun.misc.JavaSecurityAccess;
+import sun.misc.SharedSecrets;
+
/**
* An AccessControlContext is used to make system resource access decisions
@@ -197,6 +200,24 @@
}
/**
+ * Constructor for JavaSecurityAccess.doIntersectionPrivilege()
+ */
+ AccessControlContext(ProtectionDomain[] context,
+ AccessControlContext privilegedContext)
+ {
+ this.context = context;
+ this.privilegedContext = privilegedContext;
+ this.isPrivileged = true;
+ }
+
+ /**
+ * Returns this context's context.
+ */
+ ProtectionDomain[] getContext() {
+ return context;
+ }
+
+ /**
* Returns true if this context is privileged.
*/
boolean isPrivileged()
--- a/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Mar 21 17:22:16 2011 -0700
@@ -36,6 +36,8 @@
import sun.misc.SharedSecrets;
import sun.security.util.Debug;
import sun.security.util.SecurityConstants;
+import sun.misc.JavaSecurityAccess;
+import sun.misc.SharedSecrets;
/**
*
@@ -59,6 +61,36 @@
public class ProtectionDomain {
+ static {
+ // Set up JavaSecurityAccess in SharedSecrets
+ SharedSecrets.setJavaSecurityAccess(
+ new JavaSecurityAccess() {
+ public <T> T doIntersectionPrivilege(
+ PrivilegedAction<T> action,
+ final AccessControlContext stack,
+ final AccessControlContext context)
+ {
+ if (action == null) {
+ throw new NullPointerException();
+ }
+ return AccessController.doPrivileged(
+ action,
+ new AccessControlContext(
+ stack.getContext(), context).optimize()
+ );
+ }
+
+ public <T> T doIntersectionPrivilege(
+ PrivilegedAction<T> action,
+ AccessControlContext context)
+ {
+ return doIntersectionPrivilege(action,
+ AccessController.getContext(), context);
+ }
+ }
+ );
+ }
+
/* CodeSource */
private CodeSource codesource ;
--- a/jdk/src/share/classes/javax/swing/Timer.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/javax/swing/Timer.java Mon Mar 21 17:22:16 2011 -0700
@@ -35,6 +35,10 @@
import java.awt.*;
import java.awt.event.*;
import java.io.Serializable;
+import java.io.*;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.swing.event.EventListenerList;
@@ -208,6 +212,22 @@
}
}
+ /*
+ * The timer's AccessControlContext.
+ */
+ private transient volatile AccessControlContext acc =
+ AccessController.getContext();
+
+ /**
+ * Returns the acc this timer was constructed with.
+ */
+ final AccessControlContext getAccessControlContext() {
+ if (acc == null) {
+ throw new SecurityException(
+ "Timer is missing AccessControlContext");
+ }
+ return acc;
+ }
/**
* DoPostEvent is a runnable class that fires actionEvents to
@@ -587,8 +607,13 @@
void post() {
- if (notify.compareAndSet(false, true) || !coalesce) {
- SwingUtilities.invokeLater(doPostEvent);
+ if (notify.compareAndSet(false, true) || !coalesce) {
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ public Void run() {
+ SwingUtilities.invokeLater(doPostEvent);
+ return null;
+ }
+ }, getAccessControlContext());
}
}
@@ -596,6 +621,13 @@
return lock;
}
+ private void readObject(ObjectInputStream in)
+ throws ClassNotFoundException, IOException
+ {
+ this.acc = AccessController.getContext();
+ in.defaultReadObject();
+ }
+
/*
* We have to use readResolve because we can not initialize final
* fields for deserialized object otherwise
--- a/jdk/src/share/classes/javax/swing/TransferHandler.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/javax/swing/TransferHandler.java Mon Mar 21 17:22:16 2011 -0700
@@ -42,6 +42,16 @@
import sun.swing.*;
import sun.awt.SunToolkit;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+import java.security.AccessControlContext;
+import java.security.ProtectionDomain;
+import sun.misc.SharedSecrets;
+import sun.misc.JavaSecurityAccess;
+
+import sun.awt.AWTAccessor;
+
/**
* This class is used to handle the transfer of a <code>Transferable</code>
* to and from Swing components. The <code>Transferable</code> is used to
@@ -1686,7 +1696,37 @@
return true;
}
- public void actionPerformed(ActionEvent e) {
+ private static final JavaSecurityAccess javaSecurityAccess =
+ SharedSecrets.getJavaSecurityAccess();
+
+ public void actionPerformed(final ActionEvent e) {
+ final Object src = e.getSource();
+
+ final PrivilegedAction<Void> action = new PrivilegedAction<Void>() {
+ public Void run() {
+ actionPerformedImpl(e);
+ return null;
+ }
+ };
+
+ final AccessControlContext stack = AccessController.getContext();
+ final AccessControlContext srcAcc = AWTAccessor.getComponentAccessor().getAccessControlContext((Component)src);
+ final AccessControlContext eventAcc = AWTAccessor.getAWTEventAccessor().getAccessControlContext(e);
+
+ if (srcAcc == null) {
+ javaSecurityAccess.doIntersectionPrivilege(action, stack, eventAcc);
+ } else {
+ javaSecurityAccess.doIntersectionPrivilege(
+ new PrivilegedAction<Void>() {
+ public Void run() {
+ javaSecurityAccess.doIntersectionPrivilege(action, eventAcc);
+ return null;
+ }
+ }, stack, srcAcc);
+ }
+ }
+
+ private void actionPerformedImpl(ActionEvent e) {
Object src = e.getSource();
if (src instanceof JComponent) {
JComponent c = (JComponent) src;
--- a/jdk/src/share/classes/sun/awt/AWTAccessor.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/awt/AWTAccessor.java Mon Mar 21 17:22:16 2011 -0700
@@ -33,6 +33,9 @@
import sun.misc.Unsafe;
import java.awt.peer.ComponentPeer;
+import java.security.AccessController;
+import java.security.AccessControlContext;
+
/**
* The AWTAccessor utility class.
* The main purpose of this class is to enable accessing
@@ -221,6 +224,13 @@
* Processes events occurring on this component.
*/
void processEvent(Component comp, AWTEvent e);
+
+
+ /*
+ * Returns the acc this component was constructed with.
+ */
+ AccessControlContext getAccessControlContext(Component comp);
+
}
/*
@@ -323,6 +333,13 @@
* Indicates whether this AWTEvent was generated by the system.
*/
boolean isSystemGenerated(AWTEvent ev);
+
+
+ /*
+ * Returns the acc this event was constructed with.
+ */
+ AccessControlContext getAccessControlContext(AWTEvent ev);
+
}
public interface InputEventAccessor {
--- a/jdk/src/share/classes/sun/font/FileFont.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/font/FileFont.java Mon Mar 21 17:22:16 2011 -0700
@@ -32,22 +32,13 @@
import java.awt.geom.Rectangle2D;
import java.io.File;
import java.nio.ByteBuffer;
-import java.nio.channels.FileChannel;
import sun.java2d.Disposer;
import sun.java2d.DisposerRecord;
-import java.lang.ref.WeakReference;
-import java.io.FileNotFoundException;
import java.io.IOException;
-import java.io.RandomAccessFile;
-import java.io.UnsupportedEncodingException;
-import java.nio.ByteOrder;
-import java.nio.MappedByteBuffer;
-import java.nio.BufferUnderflowException;
-import java.nio.channels.ClosedChannelException;
-import java.util.HashSet;
-import java.util.HashMap;
-import java.awt.Font;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
public abstract class FileFont extends PhysicalFont {
@@ -286,4 +277,49 @@
});
}
}
+
+ protected String getPublicFileName() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ return platName;
+ }
+ boolean canReadProperty = true;
+
+ try {
+ sm.checkPropertyAccess("java.io.tmpdir");
+ } catch (SecurityException e) {
+ canReadProperty = false;
+ }
+
+ if (canReadProperty) {
+ return platName;
+ }
+
+ final File f = new File(platName);
+
+ Boolean isTmpFile = Boolean.FALSE;
+ try {
+ isTmpFile = AccessController.doPrivileged(
+ new PrivilegedExceptionAction<Boolean>() {
+ public Boolean run() {
+ File tmp = new File(System.getProperty("java.io.tmpdir"));
+ try {
+ String tpath = tmp.getCanonicalPath();
+ String fpath = f.getCanonicalPath();
+
+ return (fpath == null) || fpath.startsWith(tpath);
+ } catch (IOException e) {
+ return Boolean.TRUE;
+ }
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ // unable to verify whether value of java.io.tempdir will be
+ // exposed, so return only a name of the font file.
+ isTmpFile = Boolean.TRUE;
+ }
+
+ return isTmpFile ? "temp file" : platName;
+ }
}
--- a/jdk/src/share/classes/sun/font/TrueTypeFont.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/font/TrueTypeFont.java Mon Mar 21 17:22:16 2011 -0700
@@ -519,7 +519,8 @@
break;
default:
- throw new FontFormatException("Unsupported sfnt " + platName);
+ throw new FontFormatException("Unsupported sfnt " +
+ getPublicFileName());
}
/* Now have the offset of this TT font (possibly within a TTC)
@@ -1680,7 +1681,6 @@
@Override
public String toString() {
return "** TrueType Font: Family="+familyName+ " Name="+fullName+
- " style="+style+" fileName="+platName;
+ " style="+style+" fileName="+getPublicFileName();
}
-
}
--- a/jdk/src/share/classes/sun/font/Type1Font.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/font/Type1Font.java Mon Mar 21 17:22:16 2011 -0700
@@ -677,6 +677,6 @@
public String toString() {
return "** Type1 Font: Family="+familyName+ " Name="+fullName+
- " style="+style+" fileName="+platName;
+ " style="+style+" fileName="+getPublicFileName();
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/misc/JavaSecurityAccess.java Mon Mar 21 17:22:16 2011 -0700
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.misc;
+
+import java.security.AccessControlContext;
+import java.security.PrivilegedAction;
+
+public interface JavaSecurityAccess {
+
+ <T> T doIntersectionPrivilege(PrivilegedAction<T> action,
+ AccessControlContext stack,
+ AccessControlContext context);
+
+ <T> T doIntersectionPrivilege(PrivilegedAction<T> action,
+ AccessControlContext context);
+
+}
--- a/jdk/src/share/classes/sun/misc/SharedSecrets.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/misc/SharedSecrets.java Mon Mar 21 17:22:16 2011 -0700
@@ -30,6 +30,8 @@
import java.io.FileDescriptor;
import java.security.ProtectionDomain;
+import java.security.AccessController;
+
/** A repository of "shared secrets", which are a mechanism for
calling implementation-private methods in another package without
using reflection. A package-private class implements a public
@@ -48,6 +50,7 @@
private static JavaNioAccess javaNioAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
private static JavaSecurityProtectionDomainAccess javaSecurityProtectionDomainAccess;
+ private static JavaSecurityAccess javaSecurityAccess;
public static JavaUtilJarAccess javaUtilJarAccess() {
if (javaUtilJarAccess == null) {
@@ -125,4 +128,15 @@
unsafe.ensureClassInitialized(ProtectionDomain.class);
return javaSecurityProtectionDomainAccess;
}
+
+ public static void setJavaSecurityAccess(JavaSecurityAccess jsa) {
+ javaSecurityAccess = jsa;
+ }
+
+ public static JavaSecurityAccess getJavaSecurityAccess() {
+ if (javaSecurityAccess == null) {
+ unsafe.ensureClassInitialized(AccessController.class);
+ }
+ return javaSecurityAccess;
+ }
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/net/ResourceManager.java Mon Mar 21 17:22:16 2011 -0700
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net;
+
+import java.net.SocketException;
+import java.util.concurrent.atomic.AtomicInteger;
+import sun.security.action.GetPropertyAction;
+
+/**
+ * Manages count of total number of UDP sockets and ensures
+ * that exception is thrown if we try to create more than the
+ * configured limit.
+ *
+ * This functionality could be put in NetHooks some time in future.
+ */
+
+public class ResourceManager {
+
+ /* default maximum number of udp sockets per VM
+ * when a security manager is enabled.
+ * The default is 1024 which is high enough to be useful
+ * but low enough to be well below the maximum number
+ * of port numbers actually available on all OSes for
+ * such sockets (5000 on some versions of windows)
+ */
+
+ private static final int DEFAULT_MAX_SOCKETS = 1024;
+ private static final int maxSockets;
+ private static final AtomicInteger numSockets;
+
+ static {
+ String prop = java.security.AccessController.doPrivileged(
+ new GetPropertyAction("sun.net.maxDatagramSockets")
+ );
+ int defmax = DEFAULT_MAX_SOCKETS;
+ try {
+ if (prop != null) {
+ defmax = Integer.parseInt(prop);
+ }
+ } catch (NumberFormatException e) {}
+ maxSockets = defmax;
+ numSockets = new AtomicInteger(0);
+ }
+
+ public static void beforeUdpCreate() throws SocketException {
+ if (System.getSecurityManager() != null) {
+ if (numSockets.incrementAndGet() > maxSockets) {
+ numSockets.decrementAndGet();
+ throw new SocketException("maximum number of DatagramSockets reached");
+ }
+ }
+ }
+
+ public static void afterUdpClose() {
+ if (System.getSecurityManager() != null) {
+ numSockets.decrementAndGet();
+ }
+ }
+}
--- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Mar 21 17:22:16 2011 -0700
@@ -2173,6 +2173,13 @@
if (tryTransparentNTLMServer) {
tryTransparentNTLMServer =
NTLMAuthenticationProxy.proxy.supportsTransparentAuth;
+ /* If the platform supports transparent authentication
+ * then check if we are in a secure environment
+ * whether, or not, we should try transparent authentication.*/
+ if (tryTransparentNTLMServer) {
+ tryTransparentNTLMServer =
+ NTLMAuthenticationProxy.proxy.isTrustedSite(url);
+ }
}
a = null;
if (tryTransparentNTLMServer) {
--- a/jdk/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Mar 21 17:22:16 2011 -0700
@@ -36,12 +36,14 @@
*/
class NTLMAuthenticationProxy {
private static Method supportsTA;
+ private static Method isTrustedSite;
private static final String clazzStr = "sun.net.www.protocol.http.ntlm.NTLMAuthentication";
private static final String supportsTAStr = "supportsTransparentAuth";
+ private static final String isTrustedSiteStr = "isTrustedSite";
static final NTLMAuthenticationProxy proxy = tryLoadNTLMAuthentication();
static final boolean supported = proxy != null ? true : false;
- static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth(supportsTA) : false;
+ static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth() : false;
private final Constructor<? extends AuthenticationInfo> threeArgCtr;
private final Constructor<? extends AuthenticationInfo> fiveArgCtr;
@@ -82,9 +84,22 @@
* authentication (try with the current users credentials before
* prompting for username and password, etc).
*/
- private static boolean supportsTransparentAuth(Method method) {
+ private static boolean supportsTransparentAuth() {
try {
- return (Boolean)method.invoke(null);
+ return (Boolean)supportsTA.invoke(null);
+ } catch (ReflectiveOperationException roe) {
+ finest(roe);
+ }
+
+ return false;
+ }
+
+ /* Transparent authentication should only be tried with a trusted
+ * site ( when running in a secure environment ).
+ */
+ public static boolean isTrustedSite(URL url) {
+ try {
+ return (Boolean)isTrustedSite.invoke(null, url);
} catch (ReflectiveOperationException roe) {
finest(roe);
}
@@ -112,6 +127,7 @@
int.class,
PasswordAuthentication.class);
supportsTA = cl.getDeclaredMethod(supportsTAStr);
+ isTrustedSite = cl.getDeclaredMethod(isTrustedSiteStr, java.net.URL.class);
return new NTLMAuthenticationProxy(threeArg,
fiveArg);
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java Mon Mar 21 17:22:16 2011 -0700
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net.www.protocol.http.ntlm;
+
+import java.net.URL;
+
+/**
+ * This class is used to call back to deployment to determine if a given
+ * URL is trusted. Transparent authentication (try with logged in users
+ * credentials without prompting) should only be tried with trusted sites.
+ */
+public abstract class NTLMAuthenticationCallback {
+ private static volatile NTLMAuthenticationCallback callback =
+ new DefaultNTLMAuthenticationCallback();
+
+ public static void setNTLMAuthenticationCallback(
+ NTLMAuthenticationCallback callback) {
+ NTLMAuthenticationCallback.callback = callback;
+ }
+
+ public static NTLMAuthenticationCallback getNTLMAuthenticationCallback() {
+ return callback;
+ }
+
+ /**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public abstract boolean isTrustedSite(URL url);
+
+ static class DefaultNTLMAuthenticationCallback extends NTLMAuthenticationCallback {
+ @Override
+ public boolean isTrustedSite(URL url) { return true; }
+ }
+}
+
--- a/jdk/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Mon Mar 21 17:22:16 2011 -0700
@@ -32,6 +32,7 @@
import java.nio.channels.*;
import java.nio.channels.spi.*;
import java.util.*;
+import sun.net.ResourceManager;
/**
@@ -101,14 +102,22 @@
throws IOException
{
super(sp);
- this.family = Net.isIPv6Available() ?
- StandardProtocolFamily.INET6 : StandardProtocolFamily.INET;
- this.fd = Net.socket(family, false);
- this.fdVal = IOUtil.fdVal(fd);
- this.state = ST_UNCONNECTED;
+ ResourceManager.beforeUdpCreate();
+ try {
+ this.family = Net.isIPv6Available() ?
+ StandardProtocolFamily.INET6 : StandardProtocolFamily.INET;
+ this.fd = Net.socket(family, false);
+ this.fdVal = IOUtil.fdVal(fd);
+ this.state = ST_UNCONNECTED;
+ } catch (IOException ioe) {
+ ResourceManager.afterUdpClose();
+ throw ioe;
+ }
}
- public DatagramChannelImpl(SelectorProvider sp, ProtocolFamily family) {
+ public DatagramChannelImpl(SelectorProvider sp, ProtocolFamily family)
+ throws IOException
+ {
super(sp);
if ((family != StandardProtocolFamily.INET) &&
(family != StandardProtocolFamily.INET6))
@@ -957,6 +966,7 @@
protected void implCloseSelectableChannel() throws IOException {
synchronized (stateLock) {
nd.preClose(fd);
+ ResourceManager.afterUdpClose();
// if member of mulitcast group then invalidate all keys
if (registry != null)
--- a/jdk/src/share/classes/sun/nio/ch/Net.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/share/classes/sun/nio/ch/Net.java Mon Mar 21 17:22:16 2011 -0700
@@ -312,11 +312,12 @@
private static native boolean canJoin6WithIPv4Group0();
- static FileDescriptor socket(boolean stream) {
+ static FileDescriptor socket(boolean stream) throws IOException {
return socket(UNSPEC, stream);
}
- static FileDescriptor socket(ProtocolFamily family, boolean stream) {
+ static FileDescriptor socket(ProtocolFamily family, boolean stream)
+ throws IOException {
boolean preferIPv6 = isIPv6Available() &&
(family != StandardProtocolFamily.INET);
return IOUtil.newFD(socket0(preferIPv6, stream, false));
--- a/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 17:22:16 2011 -0700
@@ -68,6 +68,9 @@
public class NTLMAuthentication extends AuthenticationInfo {
private static final long serialVersionUID = 170L;
+ private static final NTLMAuthenticationCallback NTLMAuthCallback =
+ NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
+
private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */
@@ -81,6 +84,14 @@
return false;
}
+ /**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public static boolean isTrustedSite(URL url) {
+ return NTLMAuthCallback.isTrustedSite(url);
+ }
+
private void init0() {
hostname = java.security.AccessController.doPrivileged(
--- a/jdk/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 16:57:18 2011 -0700
+++ b/jdk/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Mar 21 17:22:16 2011 -0700
@@ -45,6 +45,9 @@
private static final long serialVersionUID = 100L;
+ private static final NTLMAuthenticationCallback NTLMAuthCallback =
+ NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
+
private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */
@@ -143,6 +146,14 @@
}
/**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public static boolean isTrustedSite(URL url) {
+ return NTLMAuthCallback.isTrustedSite(url);
+ }
+
+ /**
* Not supported. Must use the setHeaders() method
*/
@Override