Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
8cd943b6
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
8cd943b6
编写于
8月 30, 2011
作者:
S
smarks
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7083012: fix for RMI Registry
Reviewed-by: jdn, valeriep
上级
dd9b83c2
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
80 addition
and
7 deletion
+80
-7
src/share/classes/sun/rmi/registry/RegistryImpl.java
src/share/classes/sun/rmi/registry/RegistryImpl.java
+77
-4
src/share/classes/sun/rmi/server/LoaderHandler.java
src/share/classes/sun/rmi/server/LoaderHandler.java
+3
-3
未找到文件。
src/share/classes/sun/rmi/registry/RegistryImpl.java
浏览文件 @
8cd943b6
...
...
@@ -38,13 +38,23 @@ import java.rmi.server.ServerNotActiveException;
import
java.rmi.registry.Registry
;
import
java.rmi.server.RMIClientSocketFactory
;
import
java.rmi.server.RMIServerSocketFactory
;
import
java.security.AccessControlContext
;
import
java.security.AccessController
;
import
java.security.CodeSource
;
import
java.security.Policy
;
import
java.security.PrivilegedActionException
;
import
java.security.PrivilegedExceptionAction
;
import
java.security.PermissionCollection
;
import
java.security.Permissions
;
import
java.security.ProtectionDomain
;
import
java.text.MessageFormat
;
import
sun.rmi.server.LoaderHandler
;
import
sun.rmi.server.UnicastServerRef
;
import
sun.rmi.server.UnicastServerRef2
;
import
sun.rmi.transport.LiveRef
;
import
sun.rmi.transport.ObjectTable
;
import
sun.rmi.transport.Target
;
import
sun.security.action.GetPropertyAction
;
/**
* A "registry" exists on every node that allows RMI connections to
...
...
@@ -325,6 +335,19 @@ public class RegistryImpl extends java.rmi.server.RemoteServer
URL
[]
urls
=
sun
.
misc
.
URLClassPath
.
pathToURLs
(
envcp
);
ClassLoader
cl
=
new
URLClassLoader
(
urls
);
String
codebaseProperty
=
null
;
String
prop
=
java
.
security
.
AccessController
.
doPrivileged
(
new
GetPropertyAction
(
"java.rmi.server.codebase"
));
if
(
prop
!=
null
&&
prop
.
trim
().
length
()
>
0
)
{
codebaseProperty
=
prop
;
}
URL
[]
codebaseURLs
=
null
;
if
(
codebaseProperty
!=
null
)
{
codebaseURLs
=
sun
.
misc
.
URLClassPath
.
pathToURLs
(
codebaseProperty
);
}
else
{
codebaseURLs
=
new
URL
[
0
];
}
/*
* Fix bugid 4242317: Classes defined by this class loader should
* be annotated with the value of the "java.rmi.server.codebase"
...
...
@@ -334,11 +357,19 @@ public class RegistryImpl extends java.rmi.server.RemoteServer
Thread
.
currentThread
().
setContextClassLoader
(
cl
);
int
regPort
=
Registry
.
REGISTRY_PORT
;
if
(
args
.
length
>=
1
)
{
regPort
=
Integer
.
parseInt
(
args
[
0
]);
final
int
regPort
=
(
args
.
length
>=
1
)
?
Integer
.
parseInt
(
args
[
0
])
:
Registry
.
REGISTRY_PORT
;
try
{
registry
=
AccessController
.
doPrivileged
(
new
PrivilegedExceptionAction
<
RegistryImpl
>()
{
public
RegistryImpl
run
()
throws
RemoteException
{
return
new
RegistryImpl
(
regPort
);
}
},
getAccessControlContext
(
codebaseURLs
));
}
catch
(
PrivilegedActionException
ex
)
{
throw
(
RemoteException
)
ex
.
getException
();
}
registry
=
new
RegistryImpl
(
regPort
);
// prevent registry from exiting
while
(
true
)
{
try
{
...
...
@@ -358,4 +389,46 @@ public class RegistryImpl extends java.rmi.server.RemoteServer
}
System
.
exit
(
1
);
}
/**
* Generates an AccessControlContext from several URLs.
* The approach used here is taken from the similar method
* getAccessControlContext() in the sun.applet.AppletPanel class.
*/
private
static
AccessControlContext
getAccessControlContext
(
URL
[]
urls
)
{
// begin with permissions granted to all code in current policy
PermissionCollection
perms
=
AccessController
.
doPrivileged
(
new
java
.
security
.
PrivilegedAction
<
PermissionCollection
>()
{
public
PermissionCollection
run
()
{
CodeSource
codesource
=
new
CodeSource
(
null
,
(
java
.
security
.
cert
.
Certificate
[])
null
);
Policy
p
=
java
.
security
.
Policy
.
getPolicy
();
if
(
p
!=
null
)
{
return
p
.
getPermissions
(
codesource
);
}
else
{
return
new
Permissions
();
}
}
});
/*
* Anyone can connect to the registry and the registry can connect
* to and possibly download stubs from anywhere. Downloaded stubs and
* related classes themselves are more tightly limited by RMI.
*/
perms
.
add
(
new
SocketPermission
(
"*"
,
"connect,accept"
));
// add permissions required to load from codebase URL path
LoaderHandler
.
addPermissionsForURLs
(
urls
,
perms
,
false
);
/*
* Create an AccessControlContext that consists of a single
* protection domain with only the permissions calculated above.
*/
ProtectionDomain
pd
=
new
ProtectionDomain
(
new
CodeSource
((
urls
.
length
>
0
?
urls
[
0
]
:
null
),
(
java
.
security
.
cert
.
Certificate
[])
null
),
perms
);
return
new
AccessControlContext
(
new
ProtectionDomain
[]
{
pd
});
}
}
src/share/classes/sun/rmi/server/LoaderHandler.java
浏览文件 @
8cd943b6
...
...
@@ -1031,9 +1031,9 @@ public final class LoaderHandler {
* loader. A given permission is only added to the collection if
* it is not already implied by the collection.
*/
p
rivate
static
void
addPermissionsForURLs
(
URL
[]
urls
,
PermissionCollection
perms
,
boolean
forLoader
)
p
ublic
static
void
addPermissionsForURLs
(
URL
[]
urls
,
PermissionCollection
perms
,
boolean
forLoader
)
{
for
(
int
i
=
0
;
i
<
urls
.
length
;
i
++)
{
URL
url
=
urls
[
i
];
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录