Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
a658aee4
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
3
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a658aee4
编写于
7月 06, 2017
作者:
I
igerasim
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8181432: Better processing of unresolved permissions
Reviewed-by: mullan
上级
161d7014
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
53 addition
and
28 deletion
+53
-28
src/share/classes/java/security/CodeSource.java
src/share/classes/java/security/CodeSource.java
+4
-7
src/share/classes/java/security/UnresolvedPermission.java
src/share/classes/java/security/UnresolvedPermission.java
+16
-11
src/share/classes/java/security/cert/CertificateRevokedException.java
...asses/java/security/cert/CertificateRevokedException.java
+6
-5
src/share/classes/sun/misc/IOUtils.java
src/share/classes/sun/misc/IOUtils.java
+21
-3
src/share/classes/sun/security/util/ObjectIdentifier.java
src/share/classes/sun/security/util/ObjectIdentifier.java
+6
-2
未找到文件。
src/share/classes/java/security/CodeSource.java
浏览文件 @
a658aee4
...
...
@@ -34,6 +34,7 @@ import java.util.Hashtable;
import
java.io.ByteArrayInputStream
;
import
java.io.IOException
;
import
java.security.cert.*
;
import
sun.misc.IOUtils
;
/**
*
...
...
@@ -546,6 +547,8 @@ public class CodeSource implements java.io.Serializable {
// could all be present in the stream at the same time
cfs
=
new
Hashtable
<
String
,
CertificateFactory
>(
3
);
certList
=
new
ArrayList
<>(
size
>
20
?
20
:
size
);
}
else
if
(
size
<
0
)
{
throw
new
IOException
(
"size cannot be negative"
);
}
for
(
int
i
=
0
;
i
<
size
;
i
++)
{
...
...
@@ -567,13 +570,7 @@ public class CodeSource implements java.io.Serializable {
cfs
.
put
(
certType
,
cf
);
}
// parse the certificate
byte
[]
encoded
=
null
;
try
{
encoded
=
new
byte
[
ois
.
readInt
()];
}
catch
(
OutOfMemoryError
oome
)
{
throw
new
IOException
(
"Certificate too big"
);
}
ois
.
readFully
(
encoded
);
byte
[]
encoded
=
IOUtils
.
readNBytes
(
ois
,
ois
.
readInt
());
ByteArrayInputStream
bais
=
new
ByteArrayInputStream
(
encoded
);
try
{
certList
.
add
(
cf
.
generateCertificate
(
bais
));
...
...
src/share/classes/java/security/UnresolvedPermission.java
浏览文件 @
a658aee4
/*
* Copyright (c) 1997, 201
3
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 201
7
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,12 +25,16 @@
package
java.security
;
import
sun.misc.IOUtils
;
import
java.io.IOException
;
import
java.io.ByteArrayInputStream
;
import
java.security.cert.Certificate
;
import
java.util.ArrayList
;
import
java.util.Hashtable
;
import
java.lang.reflect.*
;
import
java.security.cert.*
;
import
java.util.List
;
/**
* The UnresolvedPermission class is used to hold Permissions that
...
...
@@ -549,6 +553,7 @@ implements java.io.Serializable
{
CertificateFactory
cf
;
Hashtable
<
String
,
CertificateFactory
>
cfs
=
null
;
List
<
Certificate
>
certList
=
null
;
ois
.
defaultReadObject
();
...
...
@@ -560,8 +565,10 @@ implements java.io.Serializable
if
(
size
>
0
)
{
// we know of 3 different cert types: X.509, PGP, SDSI, which
// could all be present in the stream at the same time
cfs
=
new
Hashtable
<
String
,
CertificateFactory
>(
3
);
this
.
certs
=
new
java
.
security
.
cert
.
Certificate
[
size
];
cfs
=
new
Hashtable
<>(
3
);
certList
=
new
ArrayList
<>(
size
>
20
?
20
:
size
);
}
else
if
(
size
<
0
)
{
throw
new
IOException
(
"size cannot be negative"
);
}
for
(
int
i
=
0
;
i
<
size
;
i
++)
{
...
...
@@ -583,20 +590,18 @@ implements java.io.Serializable
cfs
.
put
(
certType
,
cf
);
}
// parse the certificate
byte
[]
encoded
=
null
;
try
{
encoded
=
new
byte
[
ois
.
readInt
()];
}
catch
(
OutOfMemoryError
oome
)
{
throw
new
IOException
(
"Certificate too big"
);
}
ois
.
readFully
(
encoded
);
byte
[]
encoded
=
IOUtils
.
readNBytes
(
ois
,
ois
.
readInt
());
ByteArrayInputStream
bais
=
new
ByteArrayInputStream
(
encoded
);
try
{
this
.
certs
[
i
]
=
cf
.
generateCertificate
(
bais
);
certList
.
add
(
cf
.
generateCertificate
(
bais
)
);
}
catch
(
CertificateException
ce
)
{
throw
new
IOException
(
ce
.
getMessage
());
}
bais
.
close
();
}
if
(
certList
!=
null
)
{
this
.
certs
=
certList
.
toArray
(
new
java
.
security
.
cert
.
Certificate
[
size
]);
}
}
}
src/share/classes/java/security/cert/CertificateRevokedException.java
浏览文件 @
a658aee4
/*
* Copyright (c) 2007, 201
4
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 201
7
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -34,6 +34,7 @@ import java.util.HashMap;
import
java.util.Map
;
import
javax.security.auth.x500.X500Principal
;
import
sun.misc.IOUtils
;
import
sun.security.util.ObjectIdentifier
;
import
sun.security.x509.InvalidityDateExtension
;
...
...
@@ -228,17 +229,17 @@ public class CertificateRevokedException extends CertificateException {
int
size
=
ois
.
readInt
();
if
(
size
==
0
)
{
extensions
=
Collections
.
emptyMap
();
}
else
if
(
size
<
0
)
{
throw
new
IOException
(
"size cannot be negative"
);
}
else
{
extensions
=
new
HashMap
<
String
,
Extension
>(
size
);
extensions
=
new
HashMap
<
>(
size
>
20
?
20
:
size
);
}
// Read in the extensions and put the mappings in the extensions map
for
(
int
i
=
0
;
i
<
size
;
i
++)
{
String
oid
=
(
String
)
ois
.
readObject
();
boolean
critical
=
ois
.
readBoolean
();
int
length
=
ois
.
readInt
();
byte
[]
extVal
=
new
byte
[
length
];
ois
.
readFully
(
extVal
);
byte
[]
extVal
=
IOUtils
.
readNBytes
(
ois
,
ois
.
readInt
());
Extension
ext
=
sun
.
security
.
x509
.
Extension
.
newExtension
(
new
ObjectIdentifier
(
oid
),
critical
,
extVal
);
extensions
.
put
(
oid
,
ext
);
...
...
src/share/classes/sun/misc/IOUtils.java
浏览文件 @
a658aee4
/*
* Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009,
2017,
Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -37,9 +37,9 @@ import java.util.Arrays;
public
class
IOUtils
{
/**
* Read up to
<code>length</code> of bytes from <code>in</code>
* Read up to
{@code length} of bytes from {@code in}
* until EOF is detected.
* @param i
n
input stream, must not be null
* @param i
s
input stream, must not be null
* @param length number of bytes to read, -1 or Integer.MAX_VALUE means
* read as much as possible
* @param readAll if true, an EOFException will be thrown if not enough
...
...
@@ -77,4 +77,22 @@ public class IOUtils {
}
return
output
;
}
/**
* Read {@code length} of bytes from {@code in}. An exception is
* thrown if there are not enough bytes in the stream.
*
* @param is input stream, must not be null
* @param length number of bytes to read, must not be negative
* @return bytes read
* @throws IOException if any IO error or a premature EOF is detected, or
* if {@code length} is negative since this length is usually also
* read from {@code is}.
*/
public
static
byte
[]
readNBytes
(
InputStream
is
,
int
length
)
throws
IOException
{
if
(
length
<
0
)
{
throw
new
IOException
(
"length cannot be negative: "
+
length
);
}
return
readFully
(
is
,
length
,
true
);
}
}
src/share/classes/sun/security/util/ObjectIdentifier.java
浏览文件 @
a658aee4
/*
* Copyright (c) 1996, 20
06
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 20
17
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -111,7 +111,11 @@ class ObjectIdentifier implements Serializable
is
.
defaultReadObject
();
if
(
encoding
==
null
)
{
// from an old version
init
((
int
[])
components
,
componentLen
);
int
[]
comp
=
(
int
[])
components
;
if
(
componentLen
>
comp
.
length
)
{
componentLen
=
comp
.
length
;
}
init
(
comp
,
componentLen
);
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录