提交 837cb624 编写于 作者: M michaelm

Merge

......@@ -25,11 +25,12 @@
package com.sun.naming.internal;
import java.applet.Applet;
import java.io.InputStream;
import java.io.IOException;
import java.net.URL;
import java.lang.ref.WeakReference;
import java.lang.reflect.Method;
import java.lang.reflect.InvocationTargetException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
......@@ -112,6 +113,52 @@ public final class ResourceManager {
private static final WeakHashMap urlFactoryCache = new WeakHashMap(11);
private static final WeakReference NO_FACTORY = new WeakReference(null);
/**
* A class to allow JNDI properties be specified as applet parameters
* without creating a static dependency on java.applet.
*/
private static class AppletParameter {
private static final Class<?> clazz = getClass("java.applet.Applet");
private static final Method getMethod =
getMethod(clazz, "getParameter", String.class);
private static Class<?> getClass(String name) {
try {
return Class.forName(name, true, null);
} catch (ClassNotFoundException e) {
return null;
}
}
private static Method getMethod(Class<?> clazz,
String name,
Class<?>... paramTypes)
{
if (clazz != null) {
try {
return clazz.getMethod(name, paramTypes);
} catch (NoSuchMethodException e) {
throw new AssertionError(e);
}
} else {
return null;
}
}
/**
* Returns the value of the applet's named parameter.
*/
static Object get(Object applet, String name) {
// if clazz is null then applet cannot be an Applet.
if (clazz == null || !clazz.isInstance(applet))
throw new ClassCastException(applet.getClass().getName());
try {
return getMethod.invoke(applet, name);
} catch (InvocationTargetException e) {
throw new AssertionError(e);
} catch (IllegalAccessException iae) {
throw new AssertionError(iae);
}
}
}
// There should be no instances of this class.
private ResourceManager() {
......@@ -143,7 +190,7 @@ public final class ResourceManager {
if (env == null) {
env = new Hashtable(11);
}
Applet applet = (Applet)env.get(Context.APPLET);
Object applet = env.get(Context.APPLET);
// Merge property values from env param, applet params, and system
// properties. The first value wins: there's no concatenation of
......@@ -157,7 +204,7 @@ public final class ResourceManager {
Object val = env.get(props[i]);
if (val == null) {
if (applet != null) {
val = applet.getParameter(props[i]);
val = AppletParameter.get(applet, props[i]);
}
if (val == null) {
// Read system property.
......
......@@ -40,10 +40,17 @@ import java.io.ObjectStreamException;
* Edition</i>, <a
* href="http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.9">&sect;8.9</a>.
*
* <p> Note that when using an enumeration type as the type of a set
* or as the type of the keys in a map, specialized and efficient
* {@linkplain java.util.EnumSet set} and {@linkplain
* java.util.EnumMap map} implementations are available.
*
* @param <E> The enum type subclass
* @author Josh Bloch
* @author Neal Gafter
* @see Class#getEnumConstants()
* @see java.util.EnumSet
* @see java.util.EnumMap
* @since 1.5
*/
public abstract class Enum<E extends Enum<E>>
......
......@@ -44,6 +44,8 @@ import java.lang.annotation.Annotation;
* as Java Object Serialization or other persistence mechanisms, to
* manipulate objects in a manner that would normally be prohibited.
*
* <p>By default, a reflected object is <em>not</em> accessible.
*
* @see Field
* @see Method
* @see Constructor
......
......@@ -210,7 +210,7 @@ final class SunEntries {
* CertStores
*/
map.put("CertStore.LDAP",
"sun.security.provider.certpath.LDAPCertStore");
"sun.security.provider.certpath.ldap.LDAPCertStore");
map.put("CertStore.LDAP LDAPSchema", "RFC2587");
map.put("CertStore.Collection",
"sun.security.provider.certpath.CollectionCertStore");
......
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.security.provider.certpath;
import java.net.URI;
import java.util.Collection;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertStore;
import java.security.cert.X509CertSelector;
import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
/**
* Helper used by URICertStore when delegating to another CertStore to
* fetch certs and CRLs.
*/
public interface CertStoreHelper {
/**
* Returns a CertStore using the given URI as parameters.
*/
CertStore getCertStore(URI uri)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;
/**
* Wraps an existing X509CertSelector when needing to avoid DN matching
* issues.
*/
X509CertSelector wrap(X509CertSelector selector,
X500Principal certSubject,
String dn)
throws IOException;
/**
* Wraps an existing X509CRLSelector when needing to avoid DN matching
* issues.
*/
X509CRLSelector wrap(X509CRLSelector selector,
Collection<X500Principal> certIssuers,
String dn)
throws IOException;
}
......@@ -64,6 +64,8 @@ public final class OCSP {
private static final Debug debug = Debug.getInstance("certpath");
private static final int CONNECT_TIMEOUT = 15000; // 15 seconds
private OCSP() {}
/**
......@@ -176,6 +178,8 @@ public final class OCSP {
debug.println("connecting to OCSP service at: " + url);
}
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setConnectTimeout(CONNECT_TIMEOUT);
con.setReadTimeout(CONNECT_TIMEOUT);
con.setDoOutput(true);
con.setDoInput(true);
con.setRequestMethod("POST");
......
......@@ -25,7 +25,6 @@
package sun.security.provider.certpath;
import java.io.IOException;
import java.math.BigInteger;
import java.util.*;
import java.security.AccessController;
......@@ -335,10 +334,11 @@ class OCSPChecker extends PKIXCertPathChecker {
(issuerCert, currCertImpl.getSerialNumberObject());
response = OCSP.check(Collections.singletonList(certId), uri,
responderCert, pkixParams.getDate());
} catch (IOException ioe) {
// should allow this to pass if network failures are acceptable
} catch (Exception e) {
// Wrap all exceptions in CertPathValidatorException so that
// we can fallback to CRLs, if enabled.
throw new CertPathValidatorException
("Unable to send OCSP request", ioe);
("Unable to send OCSP request", e);
}
RevocationStatus rs = (RevocationStatus) response.getSingleResponse(certId);
......
......@@ -30,6 +30,8 @@ import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URLConnection;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
......@@ -120,6 +122,32 @@ class URICertStore extends CertStoreSpi {
private CertStore ldapCertStore;
private String ldapPath;
/**
* Holder class to lazily load LDAPCertStoreHelper if present.
*/
private static class LDAP {
private static final String CERT_STORE_HELPER =
"sun.security.provider.certpath.ldap.LDAPCertStoreHelper";
private static final CertStoreHelper helper =
AccessController.doPrivileged(
new PrivilegedAction<CertStoreHelper>() {
public CertStoreHelper run() {
try {
Class<?> c = Class.forName(CERT_STORE_HELPER, true, null);
return (CertStoreHelper)c.newInstance();
} catch (ClassNotFoundException cnf) {
return null;
} catch (InstantiationException e) {
throw new AssertionError(e);
} catch (IllegalAccessException e) {
throw new AssertionError(e);
}
}});
static CertStoreHelper helper() {
return helper;
}
}
/**
* Creates a URICertStore.
*
......@@ -135,9 +163,10 @@ class URICertStore extends CertStoreSpi {
this.uri = ((URICertStoreParameters) params).uri;
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase().equals("ldap")) {
if (LDAP.helper() == null)
throw new NoSuchAlgorithmException("LDAP not present");
ldap = true;
ldapCertStore =
LDAPCertStore.getInstance(LDAPCertStore.getParameters(uri));
ldapCertStore = LDAP.helper().getCertStore(uri);
ldapPath = uri.getPath();
// strip off leading '/'
if (ldapPath.charAt(0) == '/') {
......@@ -219,8 +248,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CertSelector xsel = (X509CertSelector) selector;
try {
xsel = new LDAPCertStore.LDAPCertSelector
(xsel, xsel.getSubject(), ldapPath);
xsel = LDAP.helper().wrap(xsel, xsel.getSubject(), ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
......@@ -340,7 +368,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CRLSelector xsel = (X509CRLSelector) selector;
try {
xsel = new LDAPCertStore.LDAPCRLSelector(xsel, null, ldapPath);
xsel = LDAP.helper().wrap(xsel, null, ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
......
......@@ -23,7 +23,7 @@
* have any questions.
*/
package sun.security.provider.certpath;
package sun.security.provider.certpath.ldap;
import java.io.ByteArrayInputStream;
import java.io.IOException;
......@@ -46,6 +46,7 @@ import java.security.cert.*;
import javax.security.auth.x500.X500Principal;
import sun.misc.HexDumpEncoder;
import sun.security.provider.certpath.X509CertificatePair;
import sun.security.util.Cache;
import sun.security.util.Debug;
import sun.security.x509.X500Name;
......
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.security.provider.certpath.ldap;
import java.net.URI;
import java.util.Collection;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertStore;
import java.security.cert.X509CertSelector;
import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
import sun.security.provider.certpath.CertStoreHelper;
/**
* LDAP implementation of CertStoreHelper.
*/
public class LDAPCertStoreHelper
implements CertStoreHelper
{
public LDAPCertStoreHelper() { }
@Override
public CertStore getCertStore(URI uri)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException
{
return LDAPCertStore.getInstance(LDAPCertStore.getParameters(uri));
}
@Override
public X509CertSelector wrap(X509CertSelector selector,
X500Principal certSubject,
String ldapDN)
throws IOException
{
return new LDAPCertStore.LDAPCertSelector(selector, certSubject, ldapDN);
}
@Override
public X509CRLSelector wrap(X509CRLSelector selector,
Collection<X500Principal> certIssuers,
String ldapDN)
throws IOException
{
return new LDAPCertStore.LDAPCRLSelector(selector, certIssuers, ldapDN);
}
}
......@@ -49,6 +49,21 @@ public class GetSystemProperties {
private static final String VALUE4 = "test.property.value4";
public static void main(String[] argv) throws Exception {
// Save a copy of the original system properties
Properties props = System.getProperties();
try {
// replace the system Properties object for any modification
// in case jtreg caches a copy
System.setProperties(new Properties(props));
runTest();
} finally {
// restore original system properties
System.setProperties(props);
}
}
private static void runTest() throws Exception {
RuntimeMXBean mbean = ManagementFactory.getRuntimeMXBean();
// Print all system properties
......@@ -88,7 +103,10 @@ public class GetSystemProperties {
Map<String,String> props2 = mbean.getSystemProperties();
// expect the system properties returned should be
// same as the one before adding KEY3 and KEY4
props1.equals(props2);
if (!props1.equals(props2)) {
throw new RuntimeException("Two copies of system properties " +
"are expected to be equal");
}
System.out.println("Test passed.");
}
......
......@@ -40,8 +40,21 @@ import java.lang.management.RuntimeMXBean;
public class PropertiesTest {
private static int NUM_MYPROPS = 3;
public static void main(String[] argv) throws Exception {
Properties sysProps = System.getProperties();
// Save a copy of the original system properties
Properties props = System.getProperties();
try {
// replace the system Properties object for any modification
// in case jtreg caches a copy
System.setProperties(new Properties(props));
runTest(props.size());
} finally {
// restore original system properties
System.setProperties(props);
}
}
private static void runTest(int sysPropsCount) throws Exception {
// Create a new system properties using the old one
// as the defaults
Properties myProps = new Properties( System.getProperties() );
......@@ -65,10 +78,10 @@ public class PropertiesTest {
System.out.println(i++ + ": " + key + " : " + value);
}
if (props.size() != NUM_MYPROPS + sysProps.size()) {
if (props.size() != NUM_MYPROPS + sysPropsCount) {
throw new RuntimeException("Test Failed: " +
"Expected number of properties = " +
NUM_MYPROPS + sysProps.size() +
NUM_MYPROPS + sysPropsCount +
" but found = " + props.size());
}
}
......
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6648344
* @summary Test that default accessibility is false
* @author Joseph D. Darcy
*/
import java.lang.reflect.*;
public class DefaultAccessibility {
private DefaultAccessibility() {
super();
}
private static int f = 42;
public static void main(String... args) throws Exception {
Class<?> daClass = (new DefaultAccessibility()).getClass();
int elementCount = 0;
for(Constructor<?> ctor : daClass.getDeclaredConstructors()) {
elementCount++;
if (ctor.isAccessible())
throw new RuntimeException("Unexpected accessibility for constructor " +
ctor);
}
for(Method method : daClass.getDeclaredMethods()) {
elementCount++;
if (method.isAccessible())
throw new RuntimeException("Unexpected accessibility for method " +
method);
}
for(Field field : daClass.getDeclaredFields()) {
elementCount++;
if (field.isAccessible())
throw new RuntimeException("Unexpected accessibility for field " +
field);
}
if (elementCount < 3)
throw new RuntimeException("Expected at least three members; only found " +
elementCount);
}
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册