Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 d3b300ff 编写于 作者: J jgodinez
浏览文件
操作

Merge

上级 7a5b86c0 54fce0c8
展开全部 显示空白变更内容
内联 并排
Showing with 23020 addition and 1543 deletion
.hgtags
浏览文件 @ d3b300ff
......@@ -46,3 +46,4 @@ b23d905cb5d3b382295240d28ab0bfb266b4503c jdk7-b68
226b20019b1f020c09ea97d137d98e011ce65d76 jdk7-b69
893bcca951b747ddcf6986362b877f0e1dbb835b jdk7-b70
b3f3240135f0c10b9f2481c174b81b7fcf0daa60 jdk7-b71
460639b036f327282832a4fe52b7aa45688afd50 jdk7-b72
make/java/java/FILES_java.gmk
浏览文件 @ d3b300ff
......@@ -454,6 +454,8 @@ JAVA_JAVA_java = \
sun/misc/JavaLangAccess.java \
sun/misc/JavaIOAccess.java \
sun/misc/JavaIOFileDescriptorAccess.java \
sun/misc/JavaNioAccess.java
sun/misc/JavaNioAccess.java \
sun/misc/Perf.java \
sun/misc/PerfCounter.java
FILES_java = $(JAVA_JAVA_java)
make/java/logging/Makefile
浏览文件 @ d3b300ff
......@@ -31,7 +31,7 @@ include $(BUILDDIR)/common/Defs.gmk
#
# Files to compile.
#
AUTO_FILES_JAVA_DIRS = java/util/logging
AUTO_FILES_JAVA_DIRS = java/util/logging sun/util/logging
#
# Resources
......@@ -46,7 +46,6 @@ RESOURCE_BUNDLES_COMPILED_PROPERTIES = \
include $(BUILDDIR)/common/Classes.gmk
properties: $(LIBDIR)/logging.properties
$(LIBDIR)/logging.properties: $(SHARE_SRC)/lib/logging.properties
$(install-file)
......
make/sun/net/FILES_java.gmk
浏览文件 @ d3b300ff
......@@ -86,9 +86,11 @@ FILES_java = \
sun/net/www/protocol/http/AuthCache.java \
sun/net/www/protocol/http/AuthCacheImpl.java \
sun/net/www/protocol/http/AuthCacheValue.java \
sun/net/www/protocol/http/AuthScheme.java \
sun/net/www/protocol/http/BasicAuthentication.java \
sun/net/www/protocol/http/DigestAuthentication.java \
sun/net/www/protocol/http/NTLMAuthentication.java \
sun/net/www/protocol/http/NTLMAuthenticationProxy.java \
sun/net/www/protocol/http/NegotiateAuthentication.java \
sun/net/www/protocol/http/NegotiatorImpl.java \
sun/net/www/protocol/http/NegotiateCallbackHandler.java \
......@@ -123,8 +125,7 @@ FILES_java = \
sun/net/idn/UCharacterEnums.java \
sun/net/idn/UCharacterDirection.java \
sun/net/idn/StringPrepDataReader.java \
sun/net/idn/StringPrep.java \
sun/net/www/protocol/http/InMemoryCookieStore.java
sun/net/idn/StringPrep.java
ifeq ($(PLATFORM), windows)
FILES_java += sun/net/www/protocol/http/NTLMAuthSequence.java
......
make/sun/security/Makefile
浏览文件 @ d3b300ff
......@@ -60,8 +60,15 @@ ifeq ($(PLATFORM), windows)
endif
endif
SUBDIRS = ec other action util tools jgss krb5 smartcardio $(PKCS11) \
$(JGSS_WRAPPER) $(MSCAPI)
# Build in-tree elliptic curve crypto provider only when
# DISABLE_INTREE_EC is not set
INTREE_EC = ec
ifdef DISABLE_INTREE_EC
INTREE_EC =
endif
SUBDIRS = $(INTREE_EC) other action util tools jgss krb5 smartcardio \
$(PKCS11) $(JGSS_WRAPPER) $(MSCAPI)
all build clean clobber::
$(SUBDIRS-loop)
......
make/sun/security/ec/Makefile
浏览文件 @ d3b300ff
......@@ -24,7 +24,7 @@
#
#
# Makefile for building sunec.jar and sunecc native library.
# Makefile for building sunec.jar and sunec native library.
#
# This file was derived from make/com/sun/crypto/provider/Makefile.
#
......@@ -121,7 +121,15 @@ CLASSDESTDIR = $(TEMPDIR)/classes
#
AUTO_FILES_JAVA_DIRS = $(PKGDIR)
include $(BUILDDIR)/common/Classes.gmk
#
# Exclude the sources that get built by ../other/Makefile
#
AUTO_JAVA_PRUNE = \
ECKeyFactory.java \
ECParameters.java \
ECPrivateKeyImpl.java \
ECPublicKeyImpl.java \
NamedCurve.java
#
# Some licensees do not get the native ECC sources, but we still need to
......@@ -130,7 +138,7 @@ include $(BUILDDIR)/common/Classes.gmk
#
NATIVE_ECC_AVAILABLE := $(shell \
if [ -d $(SHARE_SRC)/native/$(PKGDIR) ] ; then \
if [ -d $(SHARE_SRC)/native/$(PKGDIR)/impl ] ; then \
$(ECHO) true; \
else \
$(ECHO) false; \
......@@ -138,7 +146,7 @@ NATIVE_ECC_AVAILABLE := $(shell \
ifeq ($(NATIVE_ECC_AVAILABLE), true)
LIBRARY = sunecc
LIBRARY = sunec
#
# Java files that define native methods
......@@ -166,12 +174,12 @@ ifeq ($(NATIVE_ECC_AVAILABLE), true)
#
vpath %.cpp $(SHARE_SRC)/native/$(PKGDIR)
vpath %.c $(SHARE_SRC)/native/$(PKGDIR)
vpath %.c $(SHARE_SRC)/native/$(PKGDIR)/impl
#
# Find include files
#
OTHER_INCLUDES += -I$(SHARE_SRC)/native/$(PKGDIR)
OTHER_INCLUDES += -I$(SHARE_SRC)/native/$(PKGDIR)/impl
#
# Compiler flags
......@@ -191,6 +199,10 @@ ifeq ($(NATIVE_ECC_AVAILABLE), true)
include $(BUILDDIR)/common/Library.gmk
else # NATIVE_ECC_AVAILABLE
include $(BUILDDIR)/common/Classes.gmk
endif # NATIVE_ECC_AVAILABLE
#
......
make/sun/security/other/Makefile
浏览文件 @ d3b300ff
......@@ -44,6 +44,16 @@ AUTO_FILES_JAVA_DIRS = \
sun/security/x509 \
com/sun/net/ssl/internal/ssl
#
# EC classes used by the packages above
#
FILES_java += \
sun/security/ec/ECKeyFactory.java \
sun/security/ec/ECParameters.java \
sun/security/ec/ECPrivateKeyImpl.java \
sun/security/ec/ECPublicKeyImpl.java \
sun/security/ec/NamedCurve.java
#
# Rules
#
......
src/share/bin/java.h
浏览文件 @ d3b300ff
......@@ -187,9 +187,6 @@ void InitLauncher(jboolean javaw);
*
*/
typedef jclass (JNICALL FindClassFromBootLoader_t(JNIEnv *env,
const char *name,
jboolean init,
jobject loader,
jboolean throwError));
const char *name));
jclass FindBootStrapClass(JNIEnv *env, const char *classname);
#endif /* _JAVA_H_ */
src/share/bin/parse_manifest.c
浏览文件 @ d3b300ff
......@@ -59,7 +59,7 @@ inflate_file(int fd, zentry *entry, int *size_out)
char *out;
z_stream zs;
if (entry->csize == 0xffffffff || entry->isize == 0xffffffff)
if (entry->csize == (size_t) -1 || entry->isize == (size_t) -1 )
return (NULL);
if (lseek(fd, entry->offset, SEEK_SET) < (off_t)0)
return (NULL);
......
src/share/classes/com/sun/rowset/JdbcRowSetResourceBundle.java
浏览文件 @ d3b300ff
......@@ -133,7 +133,7 @@ public class JdbcRowSetResourceBundle implements Serializable {
* This method returns an enumerated handle of the keys
* which correspond to values translated to various locales.
*
* @returns an enumerated keys which have messages tranlated to
* @return an enumeration of keys which have messages tranlated to
* corresponding locales.
*/
public Enumeration getKeys() {
......@@ -146,7 +146,7 @@ public class JdbcRowSetResourceBundle implements Serializable {
* returns the corresponding value reading it
* from the Resource Bundle loaded earlier.
*
* @returns value in locale specific language
* @return value in locale specific language
* according to the key passed.
*/
public Object handleGetObject(String key) {
......
src/share/classes/com/sun/rowset/JoinRowSetImpl.java
浏览文件 @ d3b300ff
......@@ -3737,7 +3737,6 @@ public class JoinRowSetImpl extends WebRowSetImpl implements JoinRowSet {
* Returns a result set containing the original value of the current
* row only.
*
* @return the original result set of the row
* @throws SQLException if there is no current row
* @see #setOriginalRow
*/
......
src/share/classes/com/sun/rowset/internal/WebRowSetXmlReader.java
浏览文件 @ d3b300ff
......@@ -46,6 +46,17 @@ import javax.sql.rowset.spi.*;
*/
public class WebRowSetXmlReader implements XmlReader, Serializable {
private JdbcRowSetResourceBundle resBundle;
public WebRowSetXmlReader(){
try {
resBundle = JdbcRowSetResourceBundle.getJdbcRowSetResourceBundle();
} catch(IOException ioe) {
throw new RuntimeException(ioe);
}
}
/**
* Parses the given <code>WebRowSet</code> object, getting its input from
* the given <code>java.io.Reader</code> object. The parser will send
......@@ -69,17 +80,6 @@ public class WebRowSetXmlReader implements XmlReader, Serializable {
* reader for the given rowset
* @see XmlReaderContentHandler
*/
private JdbcRowSetResourceBundle resBundle;
public WebRowSetXmlReader(){
try {
resBundle = JdbcRowSetResourceBundle.getJdbcRowSetResourceBundle();
} catch(IOException ioe) {
throw new RuntimeException(ioe);
}
}
public void readXML(WebRowSet caller, java.io.Reader reader) throws SQLException {
try {
// Crimson Parser(as in J2SE 1.4.1 is NOT able to handle
......
src/share/classes/java/lang/Class.java
浏览文件 @ d3b300ff
......@@ -565,8 +565,9 @@ public final
* represented by this object.
*/
public String getName() {
String name = this.name;
if (name == null)
name = getName0();
this.name = name = getName0();
return name;
}
......
src/share/classes/java/lang/ClassLoader.java
浏览文件 @ d3b300ff
......@@ -380,16 +380,28 @@ public abstract class ClassLoader {
// First, check if the class has already been loaded
Class c = findLoadedClass(name);
if (c == null) {
long t0 = System.nanoTime();
try {
if (parent != null) {
c = parent.loadClass(name, false);
} else {
c = findBootstrapClass0(name);
c = findBootstrapClassOrNull(name);
}
} catch (ClassNotFoundException e) {
// ClassNotFoundException thrown if class not found
// from the non-null parent class loader
}
if (c == null) {
// If still not found, then invoke findClass in order
// to find the class.
long t1 = System.nanoTime();
c = findClass(name);
// this is the defining class loader; record the stats
sun.misc.PerfCounter.getParentDelegationTime().addTime(t1 - t0);
sun.misc.PerfCounter.getFindClassTime().addElapsedTimeFrom(t1);
sun.misc.PerfCounter.getFindClasses().increment();
}
}
if (resolve) {
......@@ -1008,22 +1020,29 @@ public abstract class ClassLoader {
if (system == null) {
if (!checkName(name))
throw new ClassNotFoundException(name);
return findBootstrapClass(name);
Class cls = findBootstrapClass(name);
if (cls == null) {
throw new ClassNotFoundException(name);
}
return cls;
}
return system.loadClass(name);
}
private Class findBootstrapClass0(String name)
throws ClassNotFoundException
/**
* Returns a class loaded by the bootstrap class loader;
* or return null if not found.
*/
private Class findBootstrapClassOrNull(String name)
{
check();
if (!checkName(name))
throw new ClassNotFoundException(name);
if (!checkName(name)) return null;
return findBootstrapClass(name);
}
private native Class findBootstrapClass(String name)
throws ClassNotFoundException;
// return null if not found
private native Class findBootstrapClass(String name);
// Check to make sure the class loader has been initialized.
private void check() {
......
src/share/classes/java/net/CookieManager.java
浏览文件 @ d3b300ff
......@@ -157,7 +157,7 @@ public class CookieManager extends CookieHandler
// if not specify CookieStore to use, use default one
if (store == null) {
cookieJar = new sun.net.www.protocol.http.InMemoryCookieStore();
cookieJar = new InMemoryCookieStore();
} else {
cookieJar = store;
}
......
src/share/classes/sun/net/www/protocol/http/InMemoryCookieStore.java src/share/classes/java/net/InMemoryCookieStore.java
浏览文件 @ d3b300ff
......@@ -23,7 +23,7 @@
* have any questions.
*/
package sun.net.www.protocol.http;
package java.net;
import java.net.URI;
import java.net.CookieStore;
......@@ -43,7 +43,7 @@ import java.util.concurrent.locks.ReentrantLock;
* @author Edward Wang
* @since 1.6
*/
public class InMemoryCookieStore implements CookieStore {
class InMemoryCookieStore implements CookieStore {
// the in-memory representation of cookies
private List<HttpCookie> cookieJar = null;
......
src/share/classes/java/net/URLClassLoader.java
浏览文件 @ d3b300ff
......@@ -340,6 +340,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* used.
*/
private Class defineClass(String name, Resource res) throws IOException {
long t0 = System.nanoTime();
int i = name.lastIndexOf('.');
URL url = res.getCodeSourceURL();
if (i != -1) {
......@@ -370,12 +371,14 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
// Use (direct) ByteBuffer:
CodeSigner[] signers = res.getCodeSigners();
CodeSource cs = new CodeSource(url, signers);
sun.misc.PerfCounter.getReadClassBytesTime().addElapsedTimeFrom(t0);
return defineClass(name, bb, cs);
} else {
byte[] b = res.getBytes();
// must read certificates AFTER reading bytes.
CodeSigner[] signers = res.getCodeSigners();
CodeSource cs = new CodeSource(url, signers);
sun.misc.PerfCounter.getReadClassBytesTime().addElapsedTimeFrom(t0);
return defineClass(name, b, 0, b.length, cs);
}
}
......
src/share/classes/java/net/doc-files/net-properties.html
浏览文件 @ d3b300ff
......@@ -71,12 +71,12 @@ of proxies.</P>
<LI><P>HTTP</P>
<P>The following proxy settings are used by the HTTP protocol handler.</P>
<UL>
<LI><P><B>http.proxyHost</FONT></B> (default: &lt;none&gt;)<BR>
<LI><P><B>http.proxyHost</B> (default: &lt;none&gt;)<BR>
The hostname, or address, of the proxy server
</P>
<LI><P><B>http.proxyPort</B> (default: 80)<BR>
The port number of the proxy server.</P>
<LI><P><B>http.nonProxyHosts</B> (default: &lt;none&gt;)<BR>
<LI><P><B>http.nonProxyHosts</B> (default: localhost|127.*|[::1])<BR>
Indicates the hosts that should be accessed without going
through the proxy. Typically this defines internal hosts.
The value of this property is a list of hosts,
......@@ -86,6 +86,7 @@ of proxies.</P>
will indicate that every hosts in the foo.com domain and the
localhost should be accessed directly even if a proxy server is
specified.</P>
<P>The default value excludes all common variations of the loopback address.</P>
</UL>
<LI><P>HTTPS<BR>This is HTTP over SSL, a secure version of HTTP
mainly used when confidentiality (like on payment sites) is needed.</P>
......@@ -107,7 +108,7 @@ of proxies.</P>
</P>
<LI><P><B>ftp.proxyPort</B> (default: 80)<BR>
The port number of the proxy server.</P>
<LI><P><B>ftp.nonProxyHosts</B> (default: &lt;none&gt;)<BR>
<LI><P><B>ftp.nonProxyHosts</B> (default: localhost|127.*|[::1])<BR>
Indicates the hosts that should be accessed without going
through the proxy. Typically this defines internal hosts.
The value of this property is a list of hosts, separated by
......@@ -117,6 +118,7 @@ of proxies.</P>
will indicate that every hosts in the foo.com domain and the
localhost should be accessed directly even if a proxy server is
specified.</P>
<P>The default value excludes all common variations of the loopback address.</P>
</UL>
<LI><P>SOCKS<BR>This is another type of proxy. It allows for lower
level type of tunneling since it works at the TCP level. In effect,
......
src/share/classes/java/nio/file/FileTreeWalker.java
浏览文件 @ d3b300ff
......@@ -41,8 +41,12 @@ class FileTreeWalker {
private final boolean detectCycles;
private final LinkOption[] linkOptions;
private final FileVisitor<? super Path> visitor;
private final int maxDepth;
FileTreeWalker(Set<FileVisitOption> options, FileVisitor<? super Path> visitor) {
FileTreeWalker(Set<FileVisitOption> options,
FileVisitor<? super Path> visitor,
int maxDepth)
{
boolean fl = false;
boolean dc = false;
for (FileVisitOption option: options) {
......@@ -58,18 +62,15 @@ class FileTreeWalker {
this.linkOptions = (fl) ? new LinkOption[0] :
new LinkOption[] { LinkOption.NOFOLLOW_LINKS };
this.visitor = visitor;
this.maxDepth = maxDepth;
}
/**
* Walk file tree starting at the given file
*/
void walk(Path start, int maxDepth) {
// don't use attributes of starting file as they may be stale
if (start instanceof BasicFileAttributesHolder) {
((BasicFileAttributesHolder)start).invalidate();
}
void walk(Path start) {
FileVisitResult result = walk(start,
maxDepth,
0,
new ArrayList<AncestorDirectory>());
if (result == null) {
throw new NullPointerException("Visitor returned 'null'");
......@@ -89,12 +90,15 @@ class FileTreeWalker {
List<AncestorDirectory> ancestors)
{
// depth check
if (depth-- < 0)
if (depth > maxDepth)
return FileVisitResult.CONTINUE;
// if attributes are cached then use them if possible
BasicFileAttributes attrs = null;
if (file instanceof BasicFileAttributesHolder) {
if ((depth > 0) &&
(file instanceof BasicFileAttributesHolder) &&
(System.getSecurityManager() == null))
{
BasicFileAttributes cached = ((BasicFileAttributesHolder)file).get();
if (!followLinks || !cached.isSymbolicLink())
attrs = cached;
......@@ -120,6 +124,10 @@ class FileTreeWalker {
}
}
} catch (SecurityException x) {
// If access to starting file is denied then SecurityException
// is thrown, otherwise the file is ignored.
if (depth == 0)
throw x;
return FileVisitResult.CONTINUE;
}
}
......@@ -196,7 +204,7 @@ class FileTreeWalker {
try {
for (Path entry: stream) {
inAction = true;
result = walk(entry, depth, ancestors);
result = walk(entry, depth+1, ancestors);
inAction = false;
// returning null will cause NPE to be thrown
......
src/share/classes/java/nio/file/Files.java
浏览文件 @ d3b300ff
......@@ -223,7 +223,7 @@ public final class Files {
{
if (maxDepth < 0)
throw new IllegalArgumentException("'maxDepth' is negative");
new FileTreeWalker(options, visitor).walk(start, maxDepth);
new FileTreeWalker(options, visitor, maxDepth).walk(start);
}
/**
......
src/share/classes/java/util/Currency.java
浏览文件 @ d3b300ff
......@@ -35,12 +35,12 @@ import java.io.Serializable;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import java.util.regex.Matcher;
import java.util.spi.CurrencyNameProvider;
import java.util.spi.LocaleServiceProvider;
import sun.util.LocaleServiceProviderPool;
import sun.util.logging.PlatformLogger;
import sun.util.resources.LocaleData;
import sun.util.resources.OpenListResourceBundle;
......@@ -244,7 +244,7 @@ public final class Currency implements Serializable {
}
}
} catch (IOException e) {
log(Level.INFO, "currency.properties is ignored because of an IOException", e);
info("currency.properties is ignored because of an IOException", e);
}
return null;
}
......@@ -686,7 +686,7 @@ public final class Currency implements Serializable {
.append("The entry in currency.properties for ")
.append(ctry).append(" is ignored because of the invalid country code.")
.toString();
log(Level.INFO, message, null);
info(message, null);
return;
}
......@@ -698,7 +698,7 @@ public final class Currency implements Serializable {
.append(ctry)
.append(" is ignored because the value format is not recognized.")
.toString();
log(Level.INFO, message, null);
info(message, null);
return;
}
......@@ -726,13 +726,13 @@ public final class Currency implements Serializable {
setMainTableEntry(ctry.charAt(0), ctry.charAt(1), entry);
}
private static void log(Level level, String message, Throwable t) {
Logger logger = Logger.getLogger("java.util.Currency");
if (logger.isLoggable(level)) {
private static void info(String message, Throwable t) {
PlatformLogger logger = PlatformLogger.getLogger("java.util.Currency");
if (logger.isLoggable(PlatformLogger.INFO)) {
if (t != null) {
logger.log(level, message, t);
logger.info(message, t);
} else {
logger.log(level, message);
logger.info(message);
}
}
}
......
src/share/classes/java/util/jar/Attributes.java
浏览文件 @ d3b300ff
......@@ -34,7 +34,7 @@ import java.util.Set;
import java.util.Collection;
import java.util.AbstractSet;
import java.util.Iterator;
import java.util.logging.Logger;
import sun.util.logging.PlatformLogger;
import java.util.Comparator;
import sun.misc.ASCIICaseInsensitiveComparator;
......@@ -419,7 +419,7 @@ public class Attributes implements Map<Object,Object>, Cloneable {
}
try {
if ((putValue(name, value) != null) && (!lineContinued)) {
Logger.getLogger("java.util.jar").warning(
PlatformLogger.getLogger("java.util.jar").warning(
"Duplicate name in Manifest: " + name
+ ".\n"
+ "Ensure that the manifest does not "
......
src/share/classes/java/util/logging/ErrorManager.java
浏览文件 @ d3b300ff
......@@ -28,7 +28,7 @@ package java.util.logging;
/**
* ErrorManager objects can be attached to Handlers to process
* any error that occur on a Handler during Logging.
* any error that occurs on a Handler during Logging.
* <p>
* When processing logging output, if a Handler encounters problems
* then rather than throwing an Exception back to the issuer of
......@@ -72,7 +72,7 @@ public class ErrorManager {
/**
* The error method is called when a Handler failure occurs.
* <p>
* This method may be overriden in subclasses. The default
* This method may be overridden in subclasses. The default
* behavior in this base class is that the first call is
* reported to System.err, and subsequent calls are ignored.
*
......
src/share/classes/java/util/logging/FileHandler.java
浏览文件 @ d3b300ff
......@@ -39,7 +39,7 @@ import java.security.*;
* For a rotating set of files, as each file reaches a given size
* limit, it is closed, rotated out, and a new file opened.
* Successively older files are named by adding "0", "1", "2",
* etc into the base filename.
* etc. into the base filename.
* <p>
* By default buffering is enabled in the IO libraries but each log
* record is flushed out when it is complete.
......@@ -391,7 +391,7 @@ public class FileHandler extends StreamHandler {
// Generate a lock file name from the "unique" int.
lockFileName = generate(pattern, 0, unique).toString() + ".lck";
// Now try to lock that filename.
// Because some systems (e.g. Solaris) can only do file locks
// Because some systems (e.g., Solaris) can only do file locks
// between processes (and not within a process), we first check
// if we ourself already have the file locked.
synchronized(locks) {
......
src/share/classes/java/util/logging/Formatter.java
浏览文件 @ d3b300ff
......@@ -52,7 +52,7 @@ public abstract class Formatter {
* Format the given log record and return the formatted string.
* <p>
* The resulting formatted String will normally include a
* localized and formated version of the LogRecord's message field.
* localized and formatted version of the LogRecord's message field.
* It is recommended to use the {@link Formatter#formatMessage}
* convenience method to localize and format the message field.
*
......@@ -66,7 +66,7 @@ public abstract class Formatter {
* Return the header string for a set of formatted records.
* <p>
* This base class returns an empty string, but this may be
* overriden by subclasses.
* overridden by subclasses.
*
* @param h The target handler (can be null)
* @return header string
......@@ -79,7 +79,7 @@ public abstract class Formatter {
* Return the tail string for a set of formatted records.
* <p>
* This base class returns an empty string, but this may be
* overriden by subclasses.
* overridden by subclasses.
*
* @param h The target handler (can be null)
* @return tail string
......
src/share/classes/java/util/logging/Handler.java
浏览文件 @ d3b300ff
......@@ -274,7 +274,7 @@ public abstract class Handler {
* <tt>Level</tt> and whether it satisfies any <tt>Filter</tt>. It also
* may make other <tt>Handler</tt> specific checks that might prevent a
* handler from logging the <tt>LogRecord</tt>. It will return false if
* the <tt>LogRecord</tt> is Null.
* the <tt>LogRecord</tt> is null.
* <p>
* @param record a <tt>LogRecord</tt>
* @return true if the <tt>LogRecord</tt> would be logged.
......
src/share/classes/java/util/logging/Level.java
浏览文件 @ d3b300ff
......@@ -110,7 +110,7 @@ public class Level implements java.io.Serializable {
* Typically INFO messages will be written to the console
* or its equivalent. So the INFO level should only be
* used for reasonably significant messages that will
* make sense to end users and system admins.
* make sense to end users and system administrators.
* This level is initialized to <CODE>800</CODE>.
*/
public static final Level INFO = new Level("INFO", 800, defaultBundle);
......@@ -245,6 +245,8 @@ public class Level implements java.io.Serializable {
}
/**
* Returns a string representation of this Level.
*
* @return the non-localized name of the Level, for example "INFO".
*/
public final String toString() {
......@@ -299,14 +301,14 @@ public class Level implements java.io.Serializable {
* @throws IllegalArgumentException if the value is not valid.
* Valid values are integers between <CODE>Integer.MIN_VALUE</CODE>
* and <CODE>Integer.MAX_VALUE</CODE>, and all known level names.
* Known names are the levels defined by this class (i.e. <CODE>FINE</CODE>,
* Known names are the levels defined by this class (e.g., <CODE>FINE</CODE>,
* <CODE>FINER</CODE>, <CODE>FINEST</CODE>), or created by this class with
* appropriate package access, or new levels defined or created
* by subclasses.
*
* @return The parsed value. Passing an integer that corresponds to a known name
* (eg 700) will return the associated name (eg <CODE>CONFIG</CODE>).
* Passing an integer that does not (eg 1) will return a new level name
* (e.g., 700) will return the associated name (e.g., <CODE>CONFIG</CODE>).
* Passing an integer that does not (e.g., 1) will return a new level name
* initialized to that value.
*/
public static synchronized Level parse(String name) throws IllegalArgumentException {
......
src/share/classes/java/util/logging/LogManager.java
浏览文件 @ d3b300ff
......@@ -283,6 +283,10 @@ public class LogManager {
AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
public Object run() throws Exception {
readConfiguration();
// Platform loggers begin to delegate to java.util.logging.Logger
sun.util.logging.PlatformLogger.redirectPlatformLoggers();
return null;
}
});
......
src/share/classes/java/util/logging/LogRecord.java
浏览文件 @ d3b300ff
......@@ -188,7 +188,7 @@ public class LogRecord implements java.io.Serializable {
}
/**
* Get the source Logger name's
* Get the source Logger's name.
*
* @return source logger name (may be null)
*/
......@@ -197,7 +197,7 @@ public class LogRecord implements java.io.Serializable {
}
/**
* Set the source Logger name.
* Set the source Logger's name.
*
* @param name the source logger name (may be null)
*/
......@@ -530,6 +530,7 @@ public class LogRecord implements java.io.Serializable {
int depth = access.getStackTraceDepth(throwable);
String logClassName = "java.util.logging.Logger";
String plogClassName = "sun.util.logging.PlatformLogger";
boolean lookingForLogger = true;
for (int ix = 0; ix < depth; ix++) {
// Calling getStackTraceElement directly prevents the VM
......@@ -539,11 +540,13 @@ public class LogRecord implements java.io.Serializable {
String cname = frame.getClassName();
if (lookingForLogger) {
// Skip all frames until we have found the first logger frame.
if (cname.equals(logClassName)) {
if (cname.equals(logClassName) || cname.startsWith(plogClassName)) {
lookingForLogger = false;
}
} else {
if (!cname.equals(logClassName)) {
if (!cname.equals(logClassName) && !cname.startsWith(plogClassName)) {
// skip reflection call
if (!cname.startsWith("java.lang.reflect.") && !cname.startsWith("sun.reflect.")) {
// We've found the relevant frame.
setSourceClassName(cname);
setSourceMethodName(frame.getMethodName());
......@@ -551,6 +554,7 @@ public class LogRecord implements java.io.Serializable {
}
}
}
}
// We haven't found a suitable frame, so just punt. This is
// OK as we are only committed to making a "best effort" here.
}
......
src/share/classes/java/util/logging/Logger.java
浏览文件 @ d3b300ff
......@@ -66,7 +66,7 @@ import java.lang.ref.WeakReference;
* effective level from its parent.
* <p>
* On each logging call the Logger initially performs a cheap
* check of the request level (e.g. SEVERE or FINE) against the
* check of the request level (e.g., SEVERE or FINE) against the
* effective log level of the logger. If the request level is
* lower than the log level, the logging call returns immediately.
* <p>
......@@ -230,7 +230,7 @@ public class Logger {
* Protected method to construct a logger for a named subsystem.
* <p>
* The logger will be initially configured with a null Level
* and with useParentHandlers true.
* and with useParentHandlers set to true.
*
* @param name A name for the logger. This should
* be a dot-separated name and should normally
......@@ -240,7 +240,7 @@ public class Logger {
* @param resourceBundleName name of ResourceBundle to be used for localizing
* messages for this logger. May be null if none
* of the messages require localization.
* @throws MissingResourceException if the ResourceBundleName is non-null and
* @throws MissingResourceException if the resourceBundleName is non-null and
* no corresponding resource can be found.
*/
protected Logger(String name, String resourceBundleName) {
......@@ -285,7 +285,7 @@ public class Logger {
* <p>
* If a new logger is created its log level will be configured
* based on the LogManager configuration and it will configured
* to also send logging output to its parent's handlers. It will
* to also send logging output to its parent's Handlers. It will
* be registered in the LogManager global namespace.
*
* @param name A name for the logger. This should
......@@ -308,7 +308,7 @@ public class Logger {
* <p>
* If a new logger is created its log level will be configured
* based on the LogManager and it will configured to also send logging
* output to its parent loggers Handlers. It will be registered in
* output to its parent's Handlers. It will be registered in
* the LogManager global namespace.
* <p>
* If the named Logger already exists and does not yet have a
......@@ -326,7 +326,8 @@ public class Logger {
* messages for this logger. May be <CODE>null</CODE> if none of
* the messages require localization.
* @return a suitable Logger
* @throws MissingResourceException if the named ResourceBundle cannot be found.
* @throws MissingResourceException if the resourceBundleName is non-null and
* no corresponding resource can be found.
* @throws IllegalArgumentException if the Logger already exists and uses
* a different resource bundle name.
* @throws NullPointerException if the name is null.
......@@ -395,7 +396,8 @@ public class Logger {
* messages for this logger.
* May be null if none of the messages require localization.
* @return a newly created private Logger
* @throws MissingResourceException if the named ResourceBundle cannot be found.
* @throws MissingResourceException if the resourceBundleName is non-null and
* no corresponding resource can be found.
*/
public static synchronized Logger getAnonymousLogger(String resourceBundleName) {
LogManager manager = LogManager.getLogManager();
......@@ -514,7 +516,7 @@ public class Logger {
* level then the given message is forwarded to all the
* registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param msg The string message (or a key in the message catalog)
*/
public void log(Level level, String msg) {
......@@ -532,7 +534,7 @@ public class Logger {
* level then a corresponding LogRecord is created and forwarded
* to all the registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param msg The string message (or a key in the message catalog)
* @param param1 parameter to the message
*/
......@@ -553,7 +555,7 @@ public class Logger {
* level then a corresponding LogRecord is created and forwarded
* to all the registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param msg The string message (or a key in the message catalog)
* @param params array of parameters to the message
*/
......@@ -578,7 +580,7 @@ public class Logger {
* processed specially by output Formatters and is not treated
* as a formatting parameter to the LogRecord message property.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param msg The string message (or a key in the message catalog)
* @param thrown Throwable associated with log message.
*/
......@@ -603,7 +605,7 @@ public class Logger {
* level then the given message is forwarded to all the
* registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param msg The string message (or a key in the message catalog)
......@@ -626,7 +628,7 @@ public class Logger {
* level then a corresponding LogRecord is created and forwarded
* to all the registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param msg The string message (or a key in the message catalog)
......@@ -653,7 +655,7 @@ public class Logger {
* level then a corresponding LogRecord is created and forwarded
* to all the registered output Handler objects.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param msg The string message (or a key in the message catalog)
......@@ -684,7 +686,7 @@ public class Logger {
* processed specially by output Formatters and is not treated
* as a formatting parameter to the LogRecord message property.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param msg The string message (or a key in the message catalog)
......@@ -731,7 +733,7 @@ public class Logger {
* resource bundle name is null, or an empty String or invalid
* then the msg string is not localized.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param bundleName name of resource bundle to localize msg,
......@@ -762,7 +764,7 @@ public class Logger {
* resource bundle name is null, or an empty String or invalid
* then the msg string is not localized.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param bundleName name of resource bundle to localize msg,
......@@ -795,7 +797,7 @@ public class Logger {
* resource bundle name is null, or an empty String or invalid
* then the msg string is not localized.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param bundleName name of resource bundle to localize msg,
......@@ -832,7 +834,7 @@ public class Logger {
* processed specially by output Formatters and is not treated
* as a formatting parameter to the LogRecord message property.
* <p>
* @param level One of the message level identifiers, e.g. SEVERE
* @param level One of the message level identifiers, e.g., SEVERE
* @param sourceClass name of class that issued the logging request
* @param sourceMethod name of method that issued the logging request
* @param bundleName name of resource bundle to localize msg,
......@@ -1214,7 +1216,7 @@ public class Logger {
/**
* Specify whether or not this logger should send its output
* to it's parent Logger. This means that any LogRecords will
* to its parent Logger. This means that any LogRecords will
* also be written to the parent's Handlers, and potentially
* to its parent, recursively up the namespace.
*
......
src/share/classes/java/util/logging/LoggingMXBean.java
浏览文件 @ d3b300ff
......@@ -105,8 +105,8 @@ public interface LoggingMXBean extends PlatformManagedObject {
*
* @param loggerName The name of the <tt>Logger</tt> to be set.
* Must be non-null.
* @param levelName The name of the level to set the specified logger to,
* or <tt>null</tt> if to set the level to inherit
* @param levelName The name of the level to set on the specified logger,
* or <tt>null</tt> if setting the level to inherit
* from its nearest ancestor.
*
* @throws IllegalArgumentException if the specified logger
......
src/share/classes/java/util/logging/MemoryHandler.java
浏览文件 @ d3b300ff
......@@ -136,7 +136,7 @@ public class MemoryHandler extends Handler {
* @param size the number of log records to buffer (must be greater than zero)
* @param pushLevel message level to push on
*
* @throws IllegalArgumentException is size is <= 0
* @throws IllegalArgumentException if size is <= 0
*/
public MemoryHandler(Handler target, int size, Level pushLevel) {
if (target == null || pushLevel == null) {
......@@ -258,7 +258,7 @@ public class MemoryHandler extends Handler {
* This method checks if the <tt>LogRecord</tt> has an appropriate level and
* whether it satisfies any <tt>Filter</tt>. However it does <b>not</b>
* check whether the <tt>LogRecord</tt> would result in a "push" of the
* buffer contents. It will return false if the <tt>LogRecord</tt> is Null.
* buffer contents. It will return false if the <tt>LogRecord</tt> is null.
* <p>
* @param record a <tt>LogRecord</tt>
* @return true if the <tt>LogRecord</tt> would be logged.
......
src/share/classes/java/util/logging/StreamHandler.java
浏览文件 @ d3b300ff
......@@ -220,7 +220,7 @@ public class StreamHandler extends Handler {
* <p>
* This method checks if the <tt>LogRecord</tt> has an appropriate level and
* whether it satisfies any <tt>Filter</tt>. It will also return false if
* no output stream has been assigned yet or the LogRecord is Null.
* no output stream has been assigned yet or the LogRecord is null.
* <p>
* @param record a <tt>LogRecord</tt>
* @return true if the <tt>LogRecord</tt> would be logged.
......
src/share/classes/java/util/zip/ZipEntry.java
浏览文件 @ d3b300ff
......@@ -253,14 +253,10 @@ class ZipEntry implements ZipConstants, Cloneable {
* the first 0xFFFF bytes are output to the ZIP file entry.
*
* @param comment the comment string
* @exception IllegalArgumentException if the length of the specified
* comment string is greater than 0xFFFF bytes
*
* @see #getComment()
*/
public void setComment(String comment) {
if (comment != null && comment.length() > 0xffff) {
throw new IllegalArgumentException("invalid entry comment length");
}
this.comment = comment;
}
......
src/share/classes/java/util/zip/ZipFile.java
浏览文件 @ d3b300ff
......@@ -195,7 +195,10 @@ class ZipFile implements ZipConstants, Closeable {
if (charset == null)
throw new NullPointerException("charset is null");
this.zc = ZipCoder.get(charset);
long t0 = System.nanoTime();
jzfile = open(name, mode, file.lastModified());
sun.misc.PerfCounter.getZipFileOpenTime().addElapsedTimeFrom(t0);
sun.misc.PerfCounter.getZipFileCount().increment();
this.name = name;
this.total = getTotal(jzfile);
}
......
src/share/classes/javax/sql/rowset/BaseRowSet.java
浏览文件 @ d3b300ff
......@@ -168,8 +168,8 @@ import javax.sql.rowset.serial.*;
* The majority of methods for setting placeholder parameters take two parameters,
* with the first parameter
* indicating which placeholder parameter is to be set, and the second parameter
* giving the value to be set. Methods such as <code>getInt</code>,
* <code>getString</code>, <code>getBoolean</code>, and <code>getLong</code> fall into
* giving the value to be set. Methods such as <code>setInt</code>,
* <code>setString</code>, <code>setBoolean</code>, and <code>setLong</code> fall into
* this category. After these methods have been called, a call to the method
* <code>getParams</code> will return an array with the values that have been set. Each
* element in the array is an <code>Object</code> instance representing the
......@@ -3259,9 +3259,9 @@ public static final int ASCII_STREAM_PARAM = 2;
* @param x the parameter value
* @exception SQLException if a database access error occurs or
* this method is called on a closed <code>CallableStatement</code>
* @see #getBoolean
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getParams
* @since 1.4
*/
public void setBoolean(String parameterName, boolean x) throws SQLException{
......@@ -3281,7 +3281,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getByte
* @see #getParams
* @since 1.4
*/
public void setByte(String parameterName, byte x) throws SQLException{
......@@ -3301,7 +3301,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getShort
* @see #getParams
* @since 1.4
*/
public void setShort(String parameterName, short x) throws SQLException{
......@@ -3320,7 +3320,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getInt
* @see #getParams
* @since 1.4
*/
public void setInt(String parameterName, int x) throws SQLException{
......@@ -3339,7 +3339,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getLong
* @see #getParams
* @since 1.4
*/
public void setLong(String parameterName, long x) throws SQLException{
......@@ -3358,7 +3358,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getFloat
* @see #getParams
* @since 1.4
*/
public void setFloat(String parameterName, float x) throws SQLException{
......@@ -3377,7 +3377,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getDouble
* @see #getParams
* @since 1.4
*/
public void setDouble(String parameterName, double x) throws SQLException{
......@@ -3398,7 +3398,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getBigDecimal
* @see #getParams
* @since 1.4
*/
public void setBigDecimal(String parameterName, BigDecimal x) throws SQLException{
......@@ -3421,7 +3421,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getString
* @see #getParams
* @since 1.4
*/
public void setString(String parameterName, String x) throws SQLException{
......@@ -3443,7 +3443,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getBytes
* @see #getParams
* @since 1.4
*/
public void setBytes(String parameterName, byte x[]) throws SQLException{
......@@ -3464,7 +3464,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getTimestamp
* @see #getParams
* @since 1.4
*/
public void setTimestamp(String parameterName, java.sql.Timestamp x)
......@@ -3712,7 +3712,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* or <code>STRUCT</code> data type and the JDBC driver does not support
* this data type
* @see Types
* @see #getObject
* @see #getParams
* @since 1.4
*/
public void setObject(String parameterName, Object x, int targetSqlType, int scale)
......@@ -3740,7 +3740,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* <code>REF</code>, <code>ROWID</code>, <code>SQLXML</code>
* or <code>STRUCT</code> data type and the JDBC driver does not support
* this data type
* @see #getObject
* @see #getParams
* @since 1.4
*/
public void setObject(String parameterName, Object x, int targetSqlType)
......@@ -3782,7 +3782,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* <code>Object</code> parameter is ambiguous
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getObject
* @see #getParams
* @since 1.4
*/
public void setObject(String parameterName, Object x) throws SQLException{
......@@ -4064,7 +4064,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getDate
* @see #getParams
* @since 1.4
*/
public void setDate(String parameterName, java.sql.Date x)
......@@ -4091,7 +4091,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getDate
* @see #getParams
* @since 1.4
*/
public void setDate(String parameterName, java.sql.Date x, Calendar cal)
......@@ -4111,7 +4111,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getTime
* @see #getParams
* @since 1.4
*/
public void setTime(String parameterName, java.sql.Time x)
......@@ -4138,7 +4138,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getTime
* @see #getParams
* @since 1.4
*/
public void setTime(String parameterName, java.sql.Time x, Calendar cal)
......@@ -4165,7 +4165,7 @@ public static final int ASCII_STREAM_PARAM = 2;
* this method is called on a closed <code>CallableStatement</code>
* @exception SQLFeatureNotSupportedException if the JDBC driver does not support
* this method
* @see #getTimestamp
* @see #getParams
* @since 1.4
*/
public void setTimestamp(String parameterName, java.sql.Timestamp x, Calendar cal)
......
src/share/classes/sun/misc/PerfCounter.java 0 → 100644
浏览文件 @ d3b300ff
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.misc;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.LongBuffer;
import java.security.AccessController;
/**
* Performance counter support for internal JRE classes.
* This class defines a fixed list of counters for the platform
* to use as an interim solution until RFE# 6209222 is implemented.
* The perf counters will be created in the jvmstat perf buffer
* that the HotSpot VM creates. The default size is 32K and thus
* the number of counters is bounded. You can alter the size
* with -XX:PerfDataMemorySize=<bytes> option. If there is
* insufficient memory in the jvmstat perf buffer, the C heap memory
* will be used and thus the application will continue to run if
* the counters added exceeds the buffer size but the counters
* will be missing.
*
* See HotSpot jvmstat implementation for certain circumstances
* that the jvmstat perf buffer is not supported.
*
*/
public class PerfCounter {
private static final Perf perf =
AccessController.doPrivileged(new Perf.GetPerfAction());
// Must match values defined in hotspot/src/share/vm/runtime/perfdata.hpp
private final static int V_Constant = 1;
private final static int V_Monotonic = 2;
private final static int V_Variable = 3;
private final static int U_None = 1;
private final String name;
private final LongBuffer lb;
private PerfCounter(String name, int type) {
this.name = name;
ByteBuffer bb = perf.createLong(name, U_None, type, 0L);
bb.order(ByteOrder.nativeOrder());
this.lb = bb.asLongBuffer();
}
static PerfCounter newPerfCounter(String name) {
return new PerfCounter(name, V_Variable);
}
static PerfCounter newConstantPerfCounter(String name) {
PerfCounter c = new PerfCounter(name, V_Constant);
return c;
}
/**
* Returns the current value of the perf counter.
*/
public synchronized long get() {
return lb.get(0);
}
/**
* Sets the value of the perf counter to the given newValue.
*/
public synchronized void set(long newValue) {
lb.put(0, newValue);
}
/**
* Adds the given value to the perf counter.
*/
public synchronized void add(long value) {
long res = get() + value;
lb.put(0, res);
}
/**
* Increments the perf counter with 1.
*/
public void increment() {
add(1);
}
/**
* Adds the given interval to the perf counter.
*/
public void addTime(long interval) {
add(interval);
}
/**
* Adds the elapsed time from the given start time (ns) to the perf counter.
*/
public void addElapsedTimeFrom(long startTime) {
add(System.nanoTime() - startTime);
}
@Override
public String toString() {
return name + " = " + get();
}
static class CoreCounters {
static final PerfCounter pdt = newPerfCounter("sun.classloader.parentDelegationTime");
static final PerfCounter lc = newPerfCounter("sun.classloader.findClasses");
static final PerfCounter lct = newPerfCounter("sun.classloader.findClassTime");
static final PerfCounter rcbt = newPerfCounter("sun.urlClassLoader.readClassBytesTime");
static final PerfCounter zfc = newPerfCounter("sun.zip.zipFiles");
static final PerfCounter zfot = newPerfCounter("sun.zip.zipFile.openTime");
}
static class WindowsClientCounters {
static final PerfCounter d3dAvailable = newConstantPerfCounter("sun.java2d.d3d.available");
}
/**
* Number of findClass calls
*/
public static PerfCounter getFindClasses() {
return CoreCounters.lc;
}
/**
* Time (ns) spent in finding classes that includes
* lookup and read class bytes and defineClass
*/
public static PerfCounter getFindClassTime() {
return CoreCounters.lct;
}
/**
* Time (ns) spent in finding classes
*/
public static PerfCounter getReadClassBytesTime() {
return CoreCounters.rcbt;
}
/**
* Time (ns) spent in the parent delegation to
* the parent of the defining class loader
*/
public static PerfCounter getParentDelegationTime() {
return CoreCounters.pdt;
}
/**
* Number of zip files opened.
*/
public static PerfCounter getZipFileCount() {
return CoreCounters.zfc;
}
/**
* Time (ns) spent in opening the zip files that
* includes building the entries hash table
*/
public static PerfCounter getZipFileOpenTime() {
return CoreCounters.zfot;
}
/**
* D3D graphic pipeline available
*/
public static PerfCounter getD3DAvailable() {
return WindowsClientCounters.d3dAvailable;
}
}
src/share/classes/sun/net/spi/DefaultProxySelector.java
浏览文件 @ d3b300ff
/*
* Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -25,11 +25,9 @@
package sun.net.spi;
import sun.net.www.http.*;
import sun.net.NetProperties;
import java.net.*;
import java.util.*;
import java.util.regex.*;
import java.io.*;
import sun.misc.RegexpPool;
import java.security.AccessController;
......@@ -102,17 +100,22 @@ public class DefaultProxySelector extends ProxySelector {
*/
static class NonProxyInfo {
// Default value for nonProxyHosts, this provides backward compatibility
// by excluding localhost and its litteral notations.
static final String defStringVal = "localhost|127.*|[::1]";
String hostsSource;
RegexpPool hostsPool;
String property;
static NonProxyInfo ftpNonProxyInfo = new NonProxyInfo("ftp.nonProxyHosts", null, null);
static NonProxyInfo httpNonProxyInfo = new NonProxyInfo("http.nonProxyHosts", null, null);
final String property;
final String defaultVal;
static NonProxyInfo ftpNonProxyInfo = new NonProxyInfo("ftp.nonProxyHosts", null, null, defStringVal);
static NonProxyInfo httpNonProxyInfo = new NonProxyInfo("http.nonProxyHosts", null, null, defStringVal);
NonProxyInfo(String p, String s, RegexpPool pool) {
NonProxyInfo(String p, String s, RegexpPool pool, String d) {
property = p;
hostsSource = s;
hostsPool = pool;
defaultVal = d;
}
}
......@@ -130,7 +133,6 @@ public class DefaultProxySelector extends ProxySelector {
}
String protocol = uri.getScheme();
String host = uri.getHost();
int port = uri.getPort();
if (host == null) {
// This is a hack to ensure backward compatibility in two
......@@ -149,11 +151,6 @@ public class DefaultProxySelector extends ProxySelector {
}
i = auth.lastIndexOf(':');
if (i >= 0) {
try {
port = Integer.parseInt(auth.substring(i+1));
} catch (NumberFormatException e) {
port = -1;
}
auth = auth.substring(0,i);
}
host = auth;
......@@ -165,13 +162,6 @@ public class DefaultProxySelector extends ProxySelector {
}
List<Proxy> proxyl = new ArrayList<Proxy>(1);
// special case localhost and loopback addresses to
// not go through proxy
if (isLoopback(host)) {
proxyl.add(Proxy.NO_PROXY);
return proxyl;
}
NonProxyInfo pinfo = null;
if ("http".equalsIgnoreCase(protocol)) {
......@@ -244,9 +234,14 @@ public class DefaultProxySelector extends ProxySelector {
nphosts = NetProperties.get(nprop.property);
synchronized (nprop) {
if (nphosts == null) {
if (nprop.defaultVal != null) {
nphosts = nprop.defaultVal;
} else {
nprop.hostsSource = null;
nprop.hostsPool = null;
} else {
}
}
if (nphosts != null) {
if (!nphosts.equals(nprop.hostsSource)) {
RegexpPool pool = new RegexpPool();
StringTokenizer st = new StringTokenizer(nphosts, "|", false);
......@@ -334,107 +329,6 @@ public class DefaultProxySelector extends ProxySelector {
}
}
private boolean isLoopback(String host) {
if (host == null || host.length() == 0)
return false;
if (host.equalsIgnoreCase("localhost"))
return true;
/* The string could represent a numerical IP address.
* For IPv4 addresses, check whether it starts with 127.
* For IPv6 addresses, check whether it is ::1 or its equivalent.
* Don't check IPv4-mapped or IPv4-compatible addresses
*/
if (host.startsWith("127.")) {
// possible IPv4 loopback address
int p = 4;
int q;
int n = host.length();
// Per RFC2732: At most three digits per byte
// Further constraint: Each element fits in a byte
if ((q = scanByte(host, p, n)) <= p) return false; p = q;
if ((q = scan(host, p, n, '.')) <= p) return q == n && number > 0; p = q;
if ((q = scanByte(host, p, n)) <= p) return false; p = q;
if ((q = scan(host, p, n, '.')) <= p) return q == n && number > 0; p = q;
if ((q = scanByte(host, p, n)) <= p) return false;
return q == n && number > 0;
}
if (host.endsWith(":1")) {
final Pattern p6 = Pattern.compile("::1|(0:){7}1|(0:){1,6}:1");
return p6.matcher(host).matches();
}
return false;
}
// Character-class masks, in reverse order from RFC2396 because
// initializers for static fields cannot make forward references.
// Compute a low-order mask for the characters
// between first and last, inclusive
private static long lowMask(char first, char last) {
long m = 0;
int f = Math.max(Math.min(first, 63), 0);
int l = Math.max(Math.min(last, 63), 0);
for (int i = f; i <= l; i++)
m |= 1L << i;
return m;
}
// digit = "0" | "1" | "2" | "3" | "4" | "5" | "6" | "7" |
// "8" | "9"
private static final long L_DIGIT = lowMask('0', '9');
private static final long H_DIGIT = 0L;
// Scan a string of decimal digits whose value fits in a byte
//
private int number;
private int scanByte(String input, int start, int n)
{
int p = start;
int q = scan(input, p, n, L_DIGIT, H_DIGIT);
if (q <= p) return q;
number = Integer.parseInt(input.substring(p, q));
if (number > 255) return p;
return q;
}
// Scan a specific char: If the char at the given start position is
// equal to c, return the index of the next char; otherwise, return the
// start position.
//
private int scan(String input, int start, int end, char c) {
if ((start < end) && (input.charAt(start) == c))
return start + 1;
return start;
}
// Scan chars that match the given mask pair
//
private int scan(String input, int start, int n, long lowMask, long highMask)
{
int p = start;
while (p < n) {
char c = input.charAt(p);
if (match(c, lowMask, highMask)) {
p++;
continue;
}
break;
}
return p;
}
// Tell whether the given character is permitted by the given mask pair
private boolean match(char c, long lowMask, long highMask) {
if (c < 64)
return ((1L << c) & lowMask) != 0;
if (c < 128)
return ((1L << (c - 64)) & highMask) != 0;
return false;
}
private native static boolean init();
private native Proxy getSystemProxy(String protocol, String host);
}
src/share/classes/sun/net/www/http/HttpCapture.java
浏览文件 @ d3b300ff
......@@ -24,14 +24,12 @@
*/
package sun.net.www.http;
import java.io.*;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import sun.net.NetProperties;
import java.util.regex.*;
import sun.net.NetProperties;
import sun.util.logging.PlatformLogger;
/**
* Main class of the HTTP traffic capture tool.
......@@ -62,76 +60,6 @@ public class HttpCapture {
private static boolean initialized = false;
private static volatile ArrayList<Pattern> patterns = null;
private static volatile ArrayList<String> capFiles = null;
/* Logging is done in an ugly way so that it does not require the presence
* the java.util.logging package. If the Logger class is not available, then
* logging is turned off. This is for helping the modularization effort.
*/
private static Object logger = null;
private static boolean logging = false;
static {
Class cl;
try {
cl = Class.forName("java.util.logging.Logger");
} catch (ClassNotFoundException ex) {
cl = null;
}
if (cl != null) {
try {
Method m = cl.getMethod("getLogger", String.class);
logger = m.invoke(null, "sun.net.www.protocol.http.HttpURLConnection");
logging = true;
} catch (NoSuchMethodException noSuchMethodException) {
} catch (SecurityException securityException) {
} catch (IllegalAccessException illegalAccessException) {
} catch (IllegalArgumentException illegalArgumentException) {
} catch (InvocationTargetException invocationTargetException) {
}
}
}
public static void fine(String s) {
if (logging) {
((Logger)logger).fine(s);
}
}
public static void finer(String s) {
if (logging) {
((Logger)logger).finer(s);
}
}
public static void finest(String s) {
if (logging) {
((Logger)logger).finest(s);
}
}
public static void severe(String s) {
if (logging) {
((Logger)logger).finest(s);
}
}
public static void info(String s) {
if (logging) {
((Logger)logger).info(s);
}
}
public static void warning(String s) {
if (logging) {
((Logger)logger).warning(s);
}
}
public static boolean isLoggable(String level) {
if (!logging) {
return false;
}
return ((Logger)logger).isLoggable(Level.parse(level));
}
private static synchronized void init() {
initialized = true;
......@@ -187,7 +115,7 @@ public class HttpCapture {
out = new BufferedWriter(new FileWriter(file, true));
out.write("URL: " + url + "\n");
} catch (IOException ex) {
Logger.getLogger(HttpCapture.class.getName()).log(Level.SEVERE, null, ex);
PlatformLogger.getLogger(HttpCapture.class.getName()).severe(null, ex);
}
}
......
src/share/classes/sun/net/www/http/HttpClient.java
浏览文件 @ d3b300ff
......@@ -35,6 +35,7 @@ import sun.net.www.HeaderParser;
import sun.net.www.MeteredStream;
import sun.net.www.ParseUtil;
import sun.net.www.protocol.http.HttpURLConnection;
import sun.util.logging.PlatformLogger;
/**
* @author Herb Jellinek
......@@ -804,8 +805,9 @@ public class HttpClient extends NetworkClient {
if (isKeepingAlive()) {
// Wrap KeepAliveStream if keep alive is enabled.
if (HttpCapture.isLoggable("FINEST")) {
HttpCapture.finest("KeepAlive stream used: " + url);
PlatformLogger logger = HttpURLConnection.getHttpLogger();
if (logger.isLoggable(PlatformLogger.FINEST)) {
logger.finest("KeepAlive stream used: " + url);
}
serverInput = new KeepAliveStream(serverInput, pi, cl, this);
failedOnce = false;
......
src/share/classes/sun/net/www/http/KeepAliveCache.java
浏览文件 @ d3b300ff
......@@ -25,12 +25,11 @@
package sun.net.www.http;
import java.io.InputStream;
import java.io.IOException;
import java.io.NotSerializableException;
import java.util.*;
import java.util.ArrayList;
import java.util.HashMap;
import java.net.URL;
import java.util.concurrent.ConcurrentHashMap;
/**
* A class that implements a cache of idle Http connections for keep-alive
......@@ -39,7 +38,7 @@ import java.util.concurrent.ConcurrentHashMap;
* @author Dave Brown
*/
public class KeepAliveCache
extends ConcurrentHashMap<KeepAliveKey, ClientVector>
extends HashMap<KeepAliveKey, ClientVector>
implements Runnable {
private static final long serialVersionUID = -2937172892064557949L;
......@@ -163,8 +162,8 @@ public class KeepAliveCache
* Errs on the side of caution (leave connections idle for a relatively
* short time).
*/
@Override
public void run() {
int total_cache;
do {
try {
Thread.sleep(LIFETIME);
......@@ -311,6 +310,7 @@ class KeepAliveKey {
/**
* Determine whether or not two objects of this type are equal
*/
@Override
public boolean equals(Object obj) {
if ((obj instanceof KeepAliveKey) == false)
return false;
......@@ -325,6 +325,7 @@ class KeepAliveKey {
* The hashCode() for this object is the string hashCode() of
* concatenation of the protocol, host name and port.
*/
@Override
public int hashCode() {
String str = protocol+host+port;
return this.obj == null? str.hashCode() :
......
src/share/classes/sun/net/www/http/KeepAliveStream.java
浏览文件 @ d3b300ff
......@@ -25,10 +25,7 @@
package sun.net.www.http;
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.*;
import java.util.StringTokenizer;
import sun.net.ProgressSource;
import sun.net.www.MeteredStream;
......@@ -50,9 +47,8 @@ class KeepAliveStream extends MeteredStream implements Hurryable {
// has this KeepAliveStream been put on the queue for asynchronous cleanup.
protected boolean queuedForCleanup = false;
private static KeepAliveStreamCleaner queue = new KeepAliveStreamCleaner();
private static Thread cleanerThread = null;
private static boolean startCleanupThread;
private static final KeepAliveStreamCleaner queue = new KeepAliveStreamCleaner();
private static Thread cleanerThread; // null
/**
* Constructor
......@@ -155,17 +151,19 @@ class KeepAliveStream extends MeteredStream implements Hurryable {
}
}
private static synchronized void queueForCleanup(KeepAliveCleanerEntry kace) {
if(queue != null && !kace.getQueuedForCleanup()) {
private static void queueForCleanup(KeepAliveCleanerEntry kace) {
synchronized(queue) {
if(!kace.getQueuedForCleanup()) {
if (!queue.offer(kace)) {
kace.getHttpClient().closeServer();
return;
}
kace.setQueuedForCleanup();
queue.notifyAll();
}
startCleanupThread = (cleanerThread == null);
boolean startCleanupThread = (cleanerThread == null);
if (!startCleanupThread) {
if (!cleanerThread.isAlive()) {
startCleanupThread = true;
......@@ -192,6 +190,7 @@ class KeepAliveStream extends MeteredStream implements Hurryable {
}
});
}
} // queue
}
protected long remainingToRead() {
......
src/share/classes/sun/net/www/http/KeepAliveStreamCleaner.java
浏览文件 @ d3b300ff
......@@ -25,9 +25,8 @@
package sun.net.www.http;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.io.IOException;
import java.util.LinkedList;
import sun.net.NetProperties;
import java.security.AccessController;
import java.security.PrivilegedAction;
......@@ -44,7 +43,9 @@ import java.security.PrivilegedAction;
*/
@SuppressWarnings("serial") // never serialized
public class KeepAliveStreamCleaner extends LinkedBlockingQueue<KeepAliveCleanerEntry> implements Runnable
class KeepAliveStreamCleaner
extends LinkedList<KeepAliveCleanerEntry>
implements Runnable
{
// maximum amount of remaining data that we will try to cleanup
protected static int MAX_DATA_REMAINING = 512;
......@@ -78,23 +79,39 @@ public class KeepAliveStreamCleaner extends LinkedBlockingQueue<KeepAliveCleaner
}
public KeepAliveStreamCleaner()
{
super(MAX_CAPACITY);
}
@Override
public boolean offer(KeepAliveCleanerEntry e) {
if (size() >= MAX_CAPACITY)
return false;
public KeepAliveStreamCleaner(int capacity)
{
super(capacity);
return super.offer(e);
}
@Override
public void run()
{
KeepAliveCleanerEntry kace = null;
do {
try {
kace = poll((long)TIMEOUT, TimeUnit.MILLISECONDS);
synchronized(this) {
long before = System.currentTimeMillis();
long timeout = TIMEOUT;
while ((kace = poll()) == null) {
this.wait(timeout);
long after = System.currentTimeMillis();
long elapsed = after - before;
if (elapsed > timeout) {
/* one last try */
kace = poll();
break;
}
before = after;
timeout -= elapsed;
}
}
if(kace == null)
break;
......
src/share/classes/sun/net/www/protocol/http/AuthCache.java
浏览文件 @ d3b300ff
......@@ -25,14 +25,6 @@
package sun.net.www.protocol.http;
import java.io.IOException;
import java.net.URL;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.ListIterator;
import java.util.Enumeration;
import java.util.HashMap;
/**
* @author Michael McMahon
*
......@@ -49,7 +41,7 @@ public interface AuthCache {
* A:[B:]C:D:E[:F] Between 4 and 6 fields separated by ":"
* where the fields have the following meaning:
* A is "s" or "p" for server or proxy authentication respectively
* B is optional and is "D", "B", or "N" for digest, basic or ntlm auth.
* B is optional and is the {@link AuthScheme}, e.g. BASIC, DIGEST, NTLM, etc
* C is either "http" or "https"
* D is the hostname
* E is the port number
......
src/share/classes/sun/net/www/protocol/http/AuthCacheValue.java
浏览文件 @ d3b300ff
......@@ -25,15 +25,8 @@
package sun.net.www.protocol.http;
import java.io.IOException;
import java.io.Serializable;
import java.net.*;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.ListIterator;
import java.util.Enumeration;
import java.util.HashMap;
import java.net.PasswordAuthentication;
/**
* AuthCacheValue: interface to minimise exposure to authentication cache
......@@ -62,8 +55,16 @@ public abstract class AuthCacheValue implements Serializable {
AuthCacheValue() {}
/**
* Proxy or Server
*/
abstract Type getAuthType ();
/**
* Authentication scheme
*/
abstract AuthScheme getAuthScheme();
/**
* name of server/proxy
*/
......
src/share/classes/sun/net/www/protocol/http/AuthScheme.java 0 → 100644
浏览文件 @ d3b300ff
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.net.www.protocol.http;
/* Authentication schemes supported by the http implementation. New schemes, if
* supported, should be defined here.
*/
public enum AuthScheme {
BASIC,
DIGEST,
NTLM,
NEGOTIATE,
KERBEROS,
UNKNOWN;
}
src/share/classes/sun/net/www/protocol/http/AuthenticationInfo.java
浏览文件 @ d3b300ff
......@@ -85,6 +85,11 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
AuthCacheValue.Type.Server:
AuthCacheValue.Type.Proxy;
}
AuthScheme getAuthScheme() {
return authScheme;
}
public String getHost() {
return host;
}
......@@ -151,7 +156,7 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
}
//public String toString () {
//return ("{"+type+":"+authType+":"+protocol+":"+host+":"+port+":"+realm+":"+path+"}");
//return ("{"+type+":"+authScheme+":"+protocol+":"+host+":"+port+":"+realm+":"+path+"}");
//}
// REMIND: This cache just grows forever. We should put in a bounded
......@@ -160,8 +165,8 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
/** The type (server/proxy) of authentication this is. Used for key lookup */
char type;
/** The authentication type (basic/digest). Also used for key lookup */
char authType;
/** The authentication scheme (basic/digest). Also used for key lookup */
AuthScheme authScheme;
/** The protocol/scheme (i.e. http or https ). Need to keep the caches
* logically separate for the two protocols. This field is only used
......@@ -183,9 +188,9 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
String path;
/** Use this constructor only for proxy entries */
AuthenticationInfo(char type, char authType, String host, int port, String realm) {
AuthenticationInfo(char type, AuthScheme authScheme, String host, int port, String realm) {
this.type = type;
this.authType = authType;
this.authScheme = authScheme;
this.protocol = "";
this.host = host.toLowerCase();
this.port = port;
......@@ -206,9 +211,9 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
* Constructor used to limit the authorization to the path within
* the URL. Use this constructor for origin server entries.
*/
AuthenticationInfo(char type, char authType, URL url, String realm) {
AuthenticationInfo(char type, AuthScheme authScheme, URL url, String realm) {
this.type = type;
this.authType = authType;
this.authScheme = authScheme;
this.protocol = url.getProtocol().toLowerCase();
this.host = url.getHost().toLowerCase();
this.port = url.getPort();
......@@ -264,12 +269,12 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
* In this case we do not use the path because the protection space
* is identified by the host:port:realm only
*/
static AuthenticationInfo getServerAuth(URL url, String realm, char atype) {
static AuthenticationInfo getServerAuth(URL url, String realm, AuthScheme scheme) {
int port = url.getPort();
if (port == -1) {
port = url.getDefaultPort();
}
String key = SERVER_AUTHENTICATION + ":" + atype + ":" + url.getProtocol().toLowerCase()
String key = SERVER_AUTHENTICATION + ":" + scheme + ":" + url.getProtocol().toLowerCase()
+ ":" + url.getHost().toLowerCase() + ":" + port + ":" + realm;
AuthenticationInfo cached = getAuth(key, null);
if ((cached == null) && requestIsInProgress (key)) {
......@@ -308,8 +313,8 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
* Used in response to a challenge. Note, the protocol field is always
* blank for proxies.
*/
static AuthenticationInfo getProxyAuth(String host, int port, String realm, char atype) {
String key = PROXY_AUTHENTICATION + ":" + atype + "::" + host.toLowerCase()
static AuthenticationInfo getProxyAuth(String host, int port, String realm, AuthScheme scheme) {
String key = PROXY_AUTHENTICATION + ":" + scheme + "::" + host.toLowerCase()
+ ":" + port + ":" + realm;
AuthenticationInfo cached = (AuthenticationInfo) cache.get(key, null);
if ((cached == null) && requestIsInProgress (key)) {
......@@ -409,7 +414,7 @@ abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
// This must be kept in sync with the getXXXAuth() methods in this
// class.
if (includeRealm) {
return type + ":" + authType + ":" + protocol + ":"
return type + ":" + authScheme + ":" + protocol + ":"
+ host + ":" + port + ":" + realm;
} else {
return type + ":" + protocol + ":" + host + ":" + port;
......
src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java
浏览文件 @ d3b300ff
......@@ -44,8 +44,6 @@ class BasicAuthentication extends AuthenticationInfo {
private static final long serialVersionUID = 100L;
static final char BASIC_AUTH = 'B';
/** The authentication string for this host, port, and realm. This is
a simple BASE64 encoding of "login:password". */
String auth;
......@@ -56,7 +54,7 @@ class BasicAuthentication extends AuthenticationInfo {
public BasicAuthentication(boolean isProxy, String host, int port,
String realm, PasswordAuthentication pw) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
BASIC_AUTH, host, port, realm);
AuthScheme.BASIC, host, port, realm);
String plain = pw.getUserName() + ":";
byte[] nameBytes = null;
try {
......@@ -86,7 +84,7 @@ class BasicAuthentication extends AuthenticationInfo {
public BasicAuthentication(boolean isProxy, String host, int port,
String realm, String auth) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
BASIC_AUTH, host, port, realm);
AuthScheme.BASIC, host, port, realm);
this.auth = "Basic " + auth;
}
......@@ -96,7 +94,7 @@ class BasicAuthentication extends AuthenticationInfo {
public BasicAuthentication(boolean isProxy, URL url, String realm,
PasswordAuthentication pw) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
BASIC_AUTH, url, realm);
AuthScheme.BASIC, url, realm);
String plain = pw.getUserName() + ":";
byte[] nameBytes = null;
try {
......@@ -126,7 +124,7 @@ class BasicAuthentication extends AuthenticationInfo {
public BasicAuthentication(boolean isProxy, URL url, String realm,
String auth) {
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
BASIC_AUTH, url, realm);
AuthScheme.BASIC, url, realm);
this.auth = "Basic " + auth;
}
......
src/share/classes/sun/net/www/protocol/http/DigestAuthentication.java
浏览文件 @ d3b300ff
......@@ -38,7 +38,6 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import static sun.net.www.protocol.http.HttpURLConnection.HTTP_CONNECT;
/**
* DigestAuthentication: Encapsulate an http server authentication using
* the "Digest" scheme, as described in RFC2069 and updated in RFC2617
......@@ -50,8 +49,6 @@ class DigestAuthentication extends AuthenticationInfo {
private static final long serialVersionUID = 100L;
static final char DIGEST_AUTH = 'D';
private String authMethod;
// Authentication parameters defined in RFC2617.
......@@ -178,7 +175,10 @@ class DigestAuthentication extends AuthenticationInfo {
public DigestAuthentication(boolean isProxy, URL url, String realm,
String authMethod, PasswordAuthentication pw,
Parameters params) {
super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, DIGEST_AUTH,url, realm);
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
AuthScheme.DIGEST,
url,
realm);
this.authMethod = authMethod;
this.pw = pw;
this.params = params;
......@@ -187,7 +187,11 @@ class DigestAuthentication extends AuthenticationInfo {
public DigestAuthentication(boolean isProxy, String host, int port, String realm,
String authMethod, PasswordAuthentication pw,
Parameters params) {
super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, DIGEST_AUTH,host, port, realm);
super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
AuthScheme.DIGEST,
host,
port,
realm);
this.authMethod = authMethod;
this.pw = pw;
this.params = params;
......
src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java
浏览文件 @ d3b300ff
......@@ -49,8 +49,10 @@ public class HttpLogFormatter extends java.util.logging.SimpleFormatter {
@Override
public String format(LogRecord record) {
if (!"sun.net.www.http.HttpCapture".equalsIgnoreCase(record.getSourceClassName())) {
// Don't change format for stuff that doesn't concern us
String sourceClassName = record.getSourceClassName();
if (sourceClassName == null ||
!(sourceClassName.startsWith("sun.net.www.protocol.http") ||
sourceClassName.startsWith("sun.net.www.http"))) {
return super.format(record);
}
String src = record.getMessage();
......
src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java 0 → 100644
浏览文件 @ d3b300ff
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.net.www.protocol.http;
import java.net.URL;
import java.net.PasswordAuthentication;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import sun.util.logging.PlatformLogger;
/**
* Proxy class for loading NTLMAuthentication, so as to remove static
* dependancy.
*/
class NTLMAuthenticationProxy {
private static Method supportsTA;
private static final String clazzStr = "sun.net.www.protocol.http.NTLMAuthentication";
private static final String supportsTAStr = "supportsTransparentAuth";
static final NTLMAuthenticationProxy proxy = tryLoadNTLMAuthentication();
static final boolean supported = proxy != null ? true : false;
static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth(supportsTA) : false;
private final Constructor<? extends AuthenticationInfo> threeArgCtr;
private final Constructor<? extends AuthenticationInfo> fiveArgCtr;
private NTLMAuthenticationProxy(Constructor<? extends AuthenticationInfo> threeArgCtr,
Constructor<? extends AuthenticationInfo> fiveArgCtr) {
this.threeArgCtr = threeArgCtr;
this.fiveArgCtr = fiveArgCtr;
}
AuthenticationInfo create(boolean isProxy,
URL url,
PasswordAuthentication pw) {
try {
return threeArgCtr.newInstance(isProxy, url, pw);
} catch (ReflectiveOperationException roe) {
finest(roe);
}
return null;
}
AuthenticationInfo create(boolean isProxy,
String host,
int port,
PasswordAuthentication pw) {
try {
return fiveArgCtr.newInstance(isProxy, host, port, pw);
} catch (ReflectiveOperationException roe) {
finest(roe);
}
return null;
}
/* Returns true if the NTLM implementation supports transparent
* authentication (try with the current users credentials before
* prompting for username and password, etc).
*/
private static boolean supportsTransparentAuth(Method method) {
try {
return (Boolean)method.invoke(null);
} catch (ReflectiveOperationException roe) {
finest(roe);
}
return false;
}
/**
* Loads the NTLM authentiation implementation through reflection. If
* the class is present, then it must have the required constructors and
* method. Otherwise, it is considered an error.
*/
@SuppressWarnings("unchecked")
private static NTLMAuthenticationProxy tryLoadNTLMAuthentication() {
Class<? extends AuthenticationInfo> cl;
Constructor<? extends AuthenticationInfo> threeArg, fiveArg;
try {
cl = (Class<? extends AuthenticationInfo>)Class.forName(clazzStr, true, null);
if (cl != null) {
threeArg = cl.getConstructor(boolean.class,
URL.class,
PasswordAuthentication.class);
fiveArg = cl.getConstructor(boolean.class,
String.class,
int.class,
PasswordAuthentication.class);
supportsTA = cl.getDeclaredMethod(supportsTAStr);
return new NTLMAuthenticationProxy(threeArg,
fiveArg);
}
} catch (ClassNotFoundException cnfe) {
finest(cnfe);
} catch (ReflectiveOperationException roe) {
throw new AssertionError(roe);
}
return null;
}
static void finest(Exception e) {
PlatformLogger logger = HttpURLConnection.getHttpLogger();
logger.finest("NTLMAuthenticationProxy: " + e);
}
}
src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java
浏览文件 @ d3b300ff
......@@ -30,11 +30,14 @@ import java.util.HashMap;
import sun.net.www.HeaderParser;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import sun.util.logging.PlatformLogger;
import java.net.URL;
import java.io.IOException;
import java.net.Authenticator.RequestorType;
import java.lang.reflect.Constructor;
import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
/**
* NegotiateAuthentication:
......@@ -49,9 +52,6 @@ class NegotiateAuthentication extends AuthenticationInfo {
final private HttpCallerInfo hci;
static final char NEGOTIATE_AUTH = 'S';
static final char KERBEROS_AUTH = 'K';
// These maps are used to manage the GSS availability for diffrent
// hosts. The key for both maps is the host name.
// <code>supported</code> is set when isSupported is checked,
......@@ -68,11 +68,10 @@ class NegotiateAuthentication extends AuthenticationInfo {
* @param hci a schemed object.
*/
public NegotiateAuthentication(HttpCallerInfo hci) {
super(RequestorType.PROXY==hci.authType?
PROXY_AUTHENTICATION:SERVER_AUTHENTICATION,
hci.scheme.equalsIgnoreCase("Negotiate")?
NEGOTIATE_AUTH:KERBEROS_AUTH,
hci.url, "");
super(RequestorType.PROXY==hci.authType ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
hci.scheme.equalsIgnoreCase("Negotiate") ? NEGOTIATE : KERBEROS,
hci.url,
"");
this.hci = hci;
}
......@@ -249,13 +248,41 @@ abstract class Negotiator {
// The current implementation will make sure NegotiatorImpl is not
// directly referenced when compiling, thus smooth the way of building
// the J2SE platform where HttpURLConnection is a bootstrap class.
//
// Makes NegotiatorImpl, and the security classes it references, a
// runtime dependency rather than a static one.
Class clazz;
Constructor c;
try {
clazz = Class.forName("sun.net.www.protocol.http.NegotiatorImpl", true, null);
c = clazz.getConstructor(HttpCallerInfo.class);
} catch (ClassNotFoundException cnfe) {
finest(cnfe);
throw cnfe;
} catch (ReflectiveOperationException roe) {
// if the class is there then something seriously wrong if
// the constructor is not.
throw new AssertionError(roe);
}
Class clazz = Class.forName("sun.net.www.protocol.http.NegotiatorImpl");
java.lang.reflect.Constructor c = clazz.getConstructor(HttpCallerInfo.class);
try {
return (Negotiator) (c.newInstance(hci));
} catch (ReflectiveOperationException roe) {
finest(roe);
Throwable t = roe.getCause();
if (t != null && t instanceof Exception)
finest((Exception)t);
throw roe;
}
}
abstract byte[] firstToken() throws IOException;
abstract byte[] nextToken(byte[] in) throws IOException;
static void finest(Exception e) {
PlatformLogger logger = HttpURLConnection.getHttpLogger();
logger.finest("NegotiateAuthentication: " + e);
}
}
src/share/classes/sun/security/action/GetBooleanSecurityPropertyAction.java 0 → 100644
浏览文件 @ d3b300ff
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.security.action;
import java.security.Security;
/**
* A convenience class for retrieving the boolean value of a security property
* as a privileged action.
*
* <p>An instance of this class can be used as the argument of
* <code>AccessController.doPrivileged</code>.
*
* <p>The following code retrieves the boolean value of the security
* property named <code>"prop"</code> as a privileged action: <p>
*
* <pre>
* boolean b = java.security.AccessController.doPrivileged
* (new GetBooleanSecurityPropertyAction("prop")).booleanValue();
* </pre>
*
*/
public class GetBooleanSecurityPropertyAction
implements java.security.PrivilegedAction<Boolean> {
private String theProp;
/**
* Constructor that takes the name of the security property whose boolean
* value needs to be determined.
*
* @param theProp the name of the security property
*/
public GetBooleanSecurityPropertyAction(String theProp) {
this.theProp = theProp;
}
/**
* Determines the boolean value of the security property whose name was
* specified in the constructor.
*
* @return the <code>Boolean</code> value of the security property.
*/
public Boolean run() {
boolean b = false;
try {
String value = Security.getProperty(theProp);
b = (value != null) && value.equalsIgnoreCase("true");
} catch (NullPointerException e) {}
return b;
}
}
src/share/classes/sun/security/ec/ECDHKeyAgreement.java
浏览文件 @ d3b300ff
......@@ -39,21 +39,6 @@ import javax.crypto.spec.*;
*/
public final class ECDHKeyAgreement extends KeyAgreementSpi {
// flag indicating whether the native ECC implementation is present
private static boolean implementationPresent = true;
static {
try {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("sunecc");
return null;
}
});
} catch (UnsatisfiedLinkError e) {
implementationPresent = false;
}
}
// private key, if initialized
private ECPrivateKey privateKey;
......@@ -65,16 +50,12 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
/**
* Constructs a new ECDHKeyAgreement.
*
* @exception ProviderException if the native ECC library is unavailable.
*/
public ECDHKeyAgreement() {
if (!implementationPresent) {
throw new ProviderException("ECDH implementation is not available");
}
}
// see JCE spec
@Override
protected void engineInit(Key key, SecureRandom random)
throws InvalidKeyException {
if (!(key instanceof PrivateKey)) {
......@@ -86,6 +67,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
// see JCE spec
@Override
protected void engineInit(Key key, AlgorithmParameterSpec params,
SecureRandom random) throws InvalidKeyException,
InvalidAlgorithmParameterException {
......@@ -97,6 +79,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
// see JCE spec
@Override
protected Key engineDoPhase(Key key, boolean lastPhase)
throws InvalidKeyException, IllegalStateException {
if (privateKey == null) {
......@@ -130,6 +113,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
// see JCE spec
@Override
protected byte[] engineGenerateSecret() throws IllegalStateException {
if ((privateKey == null) || (publicValue == null)) {
throw new IllegalStateException("Not initialized correctly");
......@@ -150,6 +134,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
// see JCE spec
@Override
protected int engineGenerateSecret(byte[] sharedSecret, int
offset) throws IllegalStateException, ShortBufferException {
if (offset + secretLen > sharedSecret.length) {
......@@ -162,6 +147,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
// see JCE spec
@Override
protected SecretKey engineGenerateSecret(String algorithm)
throws IllegalStateException, NoSuchAlgorithmException,
InvalidKeyException {
......
src/share/classes/sun/security/ec/ECDSASignature.java
浏览文件 @ d3b300ff
......@@ -52,21 +52,6 @@ import sun.security.x509.AlgorithmId;
*/
abstract class ECDSASignature extends SignatureSpi {
// flag indicating whether the native ECC implementation is present
private static boolean implementationPresent = true;
static {
try {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("sunecc");
return null;
}
});
} catch (UnsatisfiedLinkError e) {
implementationPresent = false;
}
}
// message digest implementation we use
private final MessageDigest messageDigest;
......@@ -88,24 +73,13 @@ abstract class ECDSASignature extends SignatureSpi {
* @exception ProviderException if the native ECC library is unavailable.
*/
ECDSASignature() {
if (!implementationPresent) {
throw new
ProviderException("ECDSA implementation is not available");
}
messageDigest = null;
}
/**
* Constructs a new ECDSASignature. Used by subclasses.
*
* @exception ProviderException if the native ECC library is unavailable.
*/
ECDSASignature(String digestName) {
if (!implementationPresent) {
throw new
ProviderException("ECDSA implementation is not available");
}
try {
messageDigest = MessageDigest.getInstance(digestName);
} catch (NoSuchAlgorithmException e) {
......@@ -299,8 +273,8 @@ abstract class ECDSASignature extends SignatureSpi {
byte[] encodedParams = ECParameters.encodeParameters(params); // DER OID
int keySize = params.getCurve().getField().getFieldSize();
// seed is twice the key size (in bytes)
byte[] seed = new byte[((keySize + 7) >> 3) * 2];
// seed is twice the key size (in bytes) plus 1
byte[] seed = new byte[(((keySize + 7) >> 3) + 1) * 2];
if (random == null) {
random = JCAUtil.getSecureRandom();
}
......@@ -356,6 +330,7 @@ abstract class ECDSASignature extends SignatureSpi {
// Convert the concatenation of R and S into their DER encoding
private byte[] encodeSignature(byte[] signature) throws SignatureException {
try {
int n = signature.length >> 1;
......
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
浏览文件 @ d3b300ff
......@@ -46,20 +46,6 @@ import sun.security.jca.JCAUtil;
*/
public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
// flag indicating whether the native ECC implementation is present
private static boolean implementationPresent = true;
static {
try {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("sunecc");
return null;
}
});
} catch (UnsatisfiedLinkError e) {
implementationPresent = false;
}
}
private static final int KEY_SIZE_MIN = 112; // min bits (see ecc_impl.h)
private static final int KEY_SIZE_MAX = 571; // max bits (see ecc_impl.h)
private static final int KEY_SIZE_DEFAULT = 256;
......@@ -75,13 +61,8 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
/**
* Constructs a new ECKeyPairGenerator.
*
* @exception ProviderException if the native ECC library is unavailable.
*/
public ECKeyPairGenerator() {
if (!implementationPresent) {
throw new ProviderException("EC implementation is not available");
}
// initialize to default in case the app does not call initialize()
initialize(KEY_SIZE_DEFAULT, null);
}
......@@ -133,8 +114,8 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
byte[] encodedParams =
ECParameters.encodeParameters((ECParameterSpec)params);
// seed is twice the key size (in bytes)
byte[] seed = new byte[2 * ((keySize + 7) >> 3)];
// seed is twice the key size (in bytes) plus 1
byte[] seed = new byte[(((keySize + 7) >> 3) + 1) * 2];
if (random == null) {
random = JCAUtil.getSecureRandom();
}
......
src/share/classes/sun/security/ec/SunEC.java
浏览文件 @ d3b300ff
......@@ -39,7 +39,10 @@ import sun.security.action.PutAllAction;
* via JNI to a C++ wrapper class which in turn calls C functions.
* The Java classes are packaged into the signed sunec.jar in the JRE
* extensions directory and the C++ and C functions are packaged into
* libsunecc.so or sunecc.dll in the JRE native libraries directory.
* libsunec.so or sunec.dll in the JRE native libraries directory.
* If the native library is not present then this provider is registered
* with support for fewer ECC algorithms (KeyPairGenerator, Signature and
* KeyAgreement are omitted).
*
* @since 1.7
*/
......@@ -47,6 +50,22 @@ public final class SunEC extends Provider {
private static final long serialVersionUID = -2279741672933606418L;
// flag indicating whether the full EC implementation is present
// (when native library is absent then fewer EC algorithms are available)
private static boolean useFullImplementation = true;
static {
try {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("sunec"); // check for native library
return null;
}
});
} catch (UnsatisfiedLinkError e) {
useFullImplementation = false;
}
}
public SunEC() {
super("SunEC", 1.7d, "Sun Elliptic Curve provider (EC, ECDSA, ECDH)");
......@@ -54,10 +73,10 @@ public final class SunEC extends Provider {
// the provider. Otherwise, create a temporary map and use a
// doPrivileged() call at the end to transfer the contents
if (System.getSecurityManager() == null) {
SunECEntries.putEntries(this);
SunECEntries.putEntries(this, useFullImplementation);
} else {
Map<Object, Object> map = new HashMap<Object, Object>();
SunECEntries.putEntries(map);
SunECEntries.putEntries(map, useFullImplementation);
AccessController.doPrivileged(new PutAllAction(this, map));
}
}
......
src/share/classes/sun/security/ec/SunECEntries.java
浏览文件 @ d3b300ff
......@@ -38,7 +38,93 @@ final class SunECEntries {
// empty
}
static void putEntries(Map<Object, Object> map) {
static void putEntries(Map<Object, Object> map,
boolean useFullImplementation) {
/*
* Key Factory engine
*/
map.put("KeyFactory.EC", "sun.security.ec.ECKeyFactory");
map.put("Alg.Alias.KeyFactory.EllipticCurve", "EC");
map.put("KeyFactory.EC ImplementedIn", "Software");
/*
* Algorithm Parameter engine
*/
map.put("AlgorithmParameters.EC", "sun.security.ec.ECParameters");
map.put("Alg.Alias.AlgorithmParameters.EllipticCurve", "EC");
map.put("AlgorithmParameters.EC KeySize", "256");
map.put("AlgorithmParameters.EC ImplementedIn", "Software");
map.put("AlgorithmParameters.EC SupportedCurves",
// A list comprising lists of curve names and object identifiers.
// '[' ( <curve-name> ',' )+ <curve-object-identifier> ']' '|'
// SEC 2 prime curves
"[secp112r1,1.3.132.0.6]|" +
"[secp112r2,1.3.132.0.7]|" +
"[secp128r1,1.3.132.0.28]|" +
"[secp128r2,1.3.132.0.29]|" +
"[secp160k1,1.3.132.0.9]|" +
"[secp160r1,1.3.132.0.8]|" +
"[secp160r2,1.3.132.0.30]|" +
"[secp192k1,1.3.132.0.31]|" +
"[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|" +
"[secp224k1,1.3.132.0.32]|" +
"[secp224r1,NIST P-224,1.3.132.0.33]|" +
"[secp256k1,1.3.132.0.10]|" +
"[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|" +
"[secp384r1,NIST P-384,1.3.132.0.34]|" +
"[secp521r1,NIST P-521,1.3.132.0.35]|" +
// ANSI X9.62 prime curves
"[X9.62 prime192v2,1.2.840.10045.3.1.2]|" +
"[X9.62 prime192v3,1.2.840.10045.3.1.3]|" +
"[X9.62 prime239v1,1.2.840.10045.3.1.4]|" +
"[X9.62 prime239v2,1.2.840.10045.3.1.5]|" +
"[X9.62 prime239v3,1.2.840.10045.3.1.6]|" +
// SEC 2 binary curves
"[sect113r1,1.3.132.0.4]|" +
"[sect113r2,1.3.132.0.5]|" +
"[sect131r1,1.3.132.0.22]|" +
"[sect131r2,1.3.132.0.23]|" +
"[sect163k1,NIST K-163,1.3.132.0.1]|" +
"[sect163r1,1.3.132.0.2]|" +
"[sect163r2,NIST B-163,1.3.132.0.15]|" +
"[sect193r1,1.3.132.0.24]|" +
"[sect193r2,1.3.132.0.25]|" +
"[sect233k1,NIST K-233,1.3.132.0.26]|" +
"[sect233r1,NIST B-233,1.3.132.0.27]|" +
"[sect239k1,1.3.132.0.3]|" +
"[sect283k1,NIST K-283,1.3.132.0.16]|" +
"[sect283r1,NIST B-283,1.3.132.0.17]|" +
"[sect409k1,NIST K-409,1.3.132.0.36]|" +
"[sect409r1,NIST B-409,1.3.132.0.37]|" +
"[sect571k1,NIST K-571,1.3.132.0.38]|" +
"[sect571r1,NIST B-571,1.3.132.0.39]|" +
// ANSI X9.62 binary curves
"[X9.62 c2tnb191v1,1.2.840.10045.3.0.5]|" +
"[X9.62 c2tnb191v2,1.2.840.10045.3.0.6]|" +
"[X9.62 c2tnb191v3,1.2.840.10045.3.0.7]|" +
"[X9.62 c2tnb239v1,1.2.840.10045.3.0.11]|" +
"[X9.62 c2tnb239v2,1.2.840.10045.3.0.12]|" +
"[X9.62 c2tnb239v3,1.2.840.10045.3.0.13]|" +
"[X9.62 c2tnb359v1,1.2.840.10045.3.0.18]|" +
"[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]");
/*
* Register the algorithms below only when the full ECC implementation
* is available
*/
if (!useFullImplementation) {
return;
}
/*
* Signature engines
......@@ -62,48 +148,31 @@ final class SunECEntries {
map.put("Signature.SHA384withECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA512withECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA1withECDSA KeySize", "256");
map.put("Signature.NONEwithECDSA ImplementedIn", "Software");
map.put("Signature.SHA1withECDSA ImplementedIn", "Software");
map.put("Signature.SHA256withECDSA ImplementedIn", "Software");
map.put("Signature.SHA384withECDSA ImplementedIn", "Software");
map.put("Signature.SHA512withECDSA ImplementedIn", "Software");
/*
* Key Pair Generator engine
*/
map.put("KeyPairGenerator.EC", "sun.security.ec.ECKeyPairGenerator");
map.put("Alg.Alias.KeyPairGenerator.EllipticCurve", "EC");
/*
* Key Factory engine
*/
map.put("KeyFactory.EC", "sun.security.ec.ECKeyFactory");
map.put("Alg.Alias.KeyFactory.EllipticCurve", "EC");
map.put("KeyPairGenerator.EC KeySize", "256");
/*
* Algorithm Parameter engine
*/
map.put("AlgorithmParameters.EC", "sun.security.ec.ECParameters");
map.put("Alg.Alias.AlgorithmParameters.EllipticCurve", "EC");
map.put("KeyPairGenerator.EC ImplementedIn", "Software");
/*
* Key Agreement engine
*/
map.put("KeyAgreement.ECDH", "sun.security.ec.ECDHKeyAgreement");
map.put("KeyAgreement.ECDH SupportedKeyClasses", ecKeyClasses);
/*
* Key sizes
*/
map.put("Signature.SHA1withECDSA KeySize", "256");
map.put("KeyPairGenerator.EC KeySize", "256");
map.put("AlgorithmParameterGenerator.ECDSA KeySize", "256");
map.put("KeyAgreement.ECDH SupportedKeyClasses", ecKeyClasses);
/*
* Implementation type: software or hardware
*/
map.put("Signature.NONEwithECDSA ImplementedIn", "Software");
map.put("Signature.SHA1withECDSA ImplementedIn", "Software");
map.put("Signature.SHA256withECDSA ImplementedIn", "Software");
map.put("Signature.SHA384withECDSA ImplementedIn", "Software");
map.put("Signature.SHA512withECDSA ImplementedIn", "Software");
map.put("KeyPairGenerator.EC ImplementedIn", "Software");
map.put("KeyFactory.EC ImplementedIn", "Software");
map.put("KeyAgreement.ECDH ImplementedIn", "Software");
map.put("AlgorithmParameters.EC ImplementedIn", "Software");
}
}
src/share/classes/sun/security/krb5/KrbKdcReq.java
浏览文件 @ d3b300ff
/*
* Portions Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
* Portions Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -149,6 +149,11 @@ public abstract class KrbKdcReq {
send(realm,tempKdc,useTCP);
break;
} catch (Exception e) {
if (DEBUG) {
System.out.println(">>> KrbKdcReq send: error trying " +
tempKdc);
e.printStackTrace(System.out);
}
savedException = e;
}
}
......@@ -179,10 +184,36 @@ public abstract class KrbKdcReq {
/*
* Get port number for this KDC.
*/
StringTokenizer strTok = new StringTokenizer(tempKdc, ":");
String kdc = strTok.nextToken();
if (strTok.hasMoreTokens()) {
String portStr = strTok.nextToken();
String kdc = null;
String portStr = null;
if (tempKdc.charAt(0) == '[') { // Explicit IPv6 in []
int pos = tempKdc.indexOf(']', 1);
if (pos == -1) {
throw new IOException("Illegal KDC: " + tempKdc);
}
kdc = tempKdc.substring(1, pos);
if (pos != tempKdc.length() - 1) { // with port number
if (tempKdc.charAt(pos+1) != ':') {
throw new IOException("Illegal KDC: " + tempKdc);
}
portStr = tempKdc.substring(pos+2);
}
} else {
int colon = tempKdc.indexOf(':');
if (colon == -1) { // Hostname or IPv4 host only
kdc = tempKdc;
} else {
int nextColon = tempKdc.indexOf(':', colon+1);
if (nextColon > 0) { // >=2 ":", IPv6 with no port
kdc = tempKdc;
} else { // 1 ":", hostname or IPv4 with port
kdc = tempKdc.substring(0, colon);
portStr = tempKdc.substring(colon+1);
}
}
}
if (portStr != null) {
int tempPort = parsePositiveIntString(portStr);
if (tempPort > 0)
port = tempPort;
......
src/share/classes/sun/security/provider/certpath/Builder.java
浏览文件 @ d3b300ff
/*
* Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -26,12 +26,14 @@
package sun.security.provider.certpath;
import java.io.IOException;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.cert.*;
import java.util.*;
import javax.security.auth.x500.X500Principal;
import sun.security.action.GetBooleanAction;
import sun.security.util.Debug;
import sun.security.x509.GeneralNames;
import sun.security.x509.GeneralNameInterface;
......@@ -64,9 +66,8 @@ public abstract class Builder {
* Authority Information Access extension shall be enabled. Currently
* disabled by default for compatibility reasons.
*/
final static boolean USE_AIA =
DistributionPointFetcher.getBooleanProperty
("com.sun.security.enableAIAcaIssuers", false);
final static boolean USE_AIA = AccessController.doPrivileged
(new GetBooleanAction("com.sun.security.enableAIAcaIssuers"));
/**
* Initialize the builder with the input parameters.
......
src/share/classes/sun/security/provider/certpath/CertId.java
浏览文件 @ d3b300ff
/*
* Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -25,9 +25,11 @@
package sun.security.provider.certpath;
import java.io.*;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import sun.misc.HexDumpEncoder;
import sun.security.x509.*;
......@@ -54,21 +56,28 @@ import sun.security.util.*;
public class CertId {
private static final boolean debug = false;
private AlgorithmId hashAlgId;
private byte[] issuerNameHash;
private byte[] issuerKeyHash;
private SerialNumber certSerialNumber;
private static final AlgorithmId SHA1_ALGID
= new AlgorithmId(AlgorithmId.SHA_oid);
private final AlgorithmId hashAlgId;
private final byte[] issuerNameHash;
private final byte[] issuerKeyHash;
private final SerialNumber certSerialNumber;
private int myhash = -1; // hashcode for this CertId
/**
* Creates a CertId. The hash algorithm used is SHA-1.
*/
public CertId(X509CertImpl issuerCert, SerialNumber serialNumber)
throws Exception {
public CertId(X509Certificate issuerCert, SerialNumber serialNumber)
throws IOException {
// compute issuerNameHash
MessageDigest md = MessageDigest.getInstance("SHA1");
hashAlgId = AlgorithmId.get("SHA1");
MessageDigest md = null;
try {
md = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException nsae) {
throw new IOException("Unable to create CertId", nsae);
}
hashAlgId = SHA1_ALGID;
md.update(issuerCert.getSubjectX500Principal().getEncoded());
issuerNameHash = md.digest();
......@@ -90,6 +99,7 @@ public class CertId {
encoder.encode(issuerNameHash));
System.out.println("issuerKeyHash is " +
encoder.encode(issuerKeyHash));
System.out.println("SerialNumber is " + serialNumber.getNumber());
}
}
......@@ -97,7 +107,6 @@ public class CertId {
* Creates a CertId from its ASN.1 DER encoding.
*/
public CertId(DerInputStream derIn) throws IOException {
hashAlgId = AlgorithmId.parse(derIn.getDerValue());
issuerNameHash = derIn.getOctetString();
issuerKeyHash = derIn.getOctetString();
......@@ -157,7 +166,7 @@ public class CertId {
*
* @return the hashcode value.
*/
public int hashCode() {
@Override public int hashCode() {
if (myhash == -1) {
myhash = hashAlgId.hashCode();
for (int i = 0; i < issuerNameHash.length; i++) {
......@@ -180,8 +189,7 @@ public class CertId {
* @param other the object to test for equality with this object.
* @return true if the objects are considered equal, false otherwise.
*/
public boolean equals(Object other) {
@Override public boolean equals(Object other) {
if (this == other) {
return true;
}
......@@ -203,7 +211,7 @@ public class CertId {
/**
* Create a string representation of the CertId.
*/
public String toString() {
@Override public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("CertId \n");
sb.append("Algorithm: " + hashAlgId.toString() +"\n");
......
src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java
浏览文件 @ d3b300ff
......@@ -80,6 +80,7 @@ class CrlRevocationChecker extends PKIXCertPathChecker {
{ false, false, false, false, false, false, true };
private static final boolean[] ALL_REASONS =
{true, true, true, true, true, true, true, true, true};
private boolean mOnlyEECert = false;
// Maximum clock skew in milliseconds (15 minutes) allowed when checking
// validity of CRLs
......@@ -114,6 +115,12 @@ class CrlRevocationChecker extends PKIXCertPathChecker {
CrlRevocationChecker(TrustAnchor anchor, PKIXParameters params,
Collection<X509Certificate> certs) throws CertPathValidatorException
{
this(anchor, params, certs, false);
}
CrlRevocationChecker(TrustAnchor anchor, PKIXParameters params,
Collection<X509Certificate> certs, boolean onlyEECert)
throws CertPathValidatorException {
mAnchor = anchor;
mParams = params;
mStores = new ArrayList<CertStore>(params.getCertStores());
......@@ -133,6 +140,7 @@ class CrlRevocationChecker extends PKIXCertPathChecker {
}
Date testDate = params.getDate();
mCurrentTime = (testDate != null ? testDate : new Date());
mOnlyEECert = onlyEECert;
init(false);
}
......@@ -264,6 +272,13 @@ class CrlRevocationChecker extends PKIXCertPathChecker {
" ---checking " + msg + "...");
}
if (mOnlyEECert && currCert.getBasicConstraints() != -1) {
if (debug != null) {
debug.println("Skipping revocation check, not end entity cert");
}
return;
}
// reject circular dependencies - RFC 3280 is not explicit on how
// to handle this, so we feel it is safest to reject them until
// the issue is resolved in the PKIX WG.
......
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
浏览文件 @ d3b300ff
......@@ -32,7 +32,7 @@ import java.security.*;
import java.security.cert.*;
import javax.security.auth.x500.X500Principal;
import sun.security.action.GetPropertyAction;
import sun.security.action.GetBooleanAction;
import sun.security.util.Debug;
import sun.security.util.DerOutputStream;
import sun.security.x509.*;
......@@ -62,28 +62,8 @@ class DistributionPointFetcher {
* extension shall be enabled. Currently disabled by default for
* compatibility and legal reasons.
*/
private final static boolean USE_CRLDP =
getBooleanProperty("com.sun.security.enableCRLDP", false);
/**
* Return the value of the boolean System property propName.
*/
public static boolean getBooleanProperty(String propName,
boolean defaultValue) {
// if set, require value of either true or false
String b = AccessController.doPrivileged(
new GetPropertyAction(propName));
if (b == null) {
return defaultValue;
} else if (b.equalsIgnoreCase("false")) {
return false;
} else if (b.equalsIgnoreCase("true")) {
return true;
} else {
throw new RuntimeException("Value of " + propName
+ " must either be 'true' or 'false'");
}
}
private final static boolean USE_CRLDP = AccessController.doPrivileged
(new GetBooleanAction("com.sun.security.enableCRLDP"));
// singleton instance
private static final DistributionPointFetcher INSTANCE =
......
src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
浏览文件 @ d3b300ff
......@@ -82,6 +82,7 @@ class ForwardBuilder extends Builder {
TrustAnchor trustAnchor;
private Comparator<X509Certificate> comparator;
private boolean searchAllCertStores = true;
private boolean onlyEECert = false;
/**
* Initialize the builder with the input parameters.
......@@ -89,7 +90,8 @@ class ForwardBuilder extends Builder {
* @param params the parameter set used to build a certification path
*/
ForwardBuilder(PKIXBuilderParameters buildParams,
X500Principal targetSubjectDN, boolean searchAllCertStores)
X500Principal targetSubjectDN, boolean searchAllCertStores,
boolean onlyEECert)
{
super(buildParams, targetSubjectDN);
......@@ -108,6 +110,7 @@ class ForwardBuilder extends Builder {
}
comparator = new PKIXCertComparator(trustedSubjectDNs);
this.searchAllCertStores = searchAllCertStores;
this.onlyEECert = onlyEECert;
}
/**
......@@ -875,8 +878,8 @@ class ForwardBuilder extends Builder {
/* Check revocation if it is enabled */
if (buildParams.isRevocationEnabled()) {
try {
CrlRevocationChecker crlChecker =
new CrlRevocationChecker(anchor, buildParams);
CrlRevocationChecker crlChecker = new CrlRevocationChecker
(anchor, buildParams, null, onlyEECert);
crlChecker.check(cert, anchor.getCAPublicKey(), true);
} catch (CertPathValidatorException cpve) {
if (debug != null) {
......
src/share/classes/sun/security/provider/certpath/OCSP.java 0 → 100644
浏览文件 @ d3b300ff
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.security.provider.certpath;
import java.io.InputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.URI;
import java.net.URL;
import java.net.HttpURLConnection;
import java.security.cert.CertificateException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CRLReason;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Map;
import static sun.security.provider.certpath.OCSPResponse.*;
import sun.security.util.Debug;
import sun.security.x509.AccessDescription;
import sun.security.x509.AuthorityInfoAccessExtension;
import sun.security.x509.GeneralName;
import sun.security.x509.GeneralNameInterface;
import sun.security.x509.URIName;
import sun.security.x509.X509CertImpl;
/**
* This is a class that checks the revocation status of a certificate(s) using
* OCSP. It is not a PKIXCertPathChecker and therefore can be used outside of
* the CertPathValidator framework. It is useful when you want to
* just check the revocation status of a certificate, and you don't want to
* incur the overhead of validating all of the certificates in the
* associated certificate chain.
*
* @author Sean Mullan
*/
public final class OCSP {
private static final Debug debug = Debug.getInstance("certpath");
private OCSP() {}
/**
* Obtains the revocation status of a certificate using OCSP using the most
* common defaults. The OCSP responder URI is retrieved from the
* certificate's AIA extension. The OCSP responder certificate is assumed
* to be the issuer's certificate (or issued by the issuer CA).
*
* @param cert the certificate to be checked
* @param issuerCert the issuer certificate
* @return the RevocationStatus
* @throws IOException if there is an exception connecting to or
* communicating with the OCSP responder
* @throws CertPathValidatorException if an exception occurs while
* encoding the OCSP Request or validating the OCSP Response
*/
public static RevocationStatus check(X509Certificate cert,
X509Certificate issuerCert)
throws IOException, CertPathValidatorException {
CertId certId = null;
URI responderURI = null;
try {
X509CertImpl certImpl = X509CertImpl.toImpl(cert);
responderURI = getResponderURI(certImpl);
if (responderURI == null) {
throw new CertPathValidatorException
("No OCSP Responder URI in certificate");
}
certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
} catch (CertificateException ce) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", ce);
} catch (IOException ioe) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", ioe);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
responderURI, issuerCert, null);
return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
/**
* Obtains the revocation status of a certificate using OCSP.
*
* @param cert the certificate to be checked
* @param issuerCert the issuer certificate
* @param responderURI the URI of the OCSP responder
* @param responderCert the OCSP responder's certificate
* @param date the time the validity of the OCSP responder's certificate
* should be checked against. If null, the current time is used.
* @return the RevocationStatus
* @throws IOException if there is an exception connecting to or
* communicating with the OCSP responder
* @throws CertPathValidatorException if an exception occurs while
* encoding the OCSP Request or validating the OCSP Response
*/
public static RevocationStatus check(X509Certificate cert,
X509Certificate issuerCert, URI responderURI, X509Certificate
responderCert, Date date)
throws IOException, CertPathValidatorException {
CertId certId = null;
try {
X509CertImpl certImpl = X509CertImpl.toImpl(cert);
certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
} catch (CertificateException ce) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", ce);
} catch (IOException ioe) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", ioe);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
responderURI, responderCert, date);
return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
/**
* Checks the revocation status of a list of certificates using OCSP.
*
* @param certs the CertIds to be checked
* @param responderURI the URI of the OCSP responder
* @param responderCert the OCSP responder's certificate
* @param date the time the validity of the OCSP responder's certificate
* should be checked against. If null, the current time is used.
* @return the OCSPResponse
* @throws IOException if there is an exception connecting to or
* communicating with the OCSP responder
* @throws CertPathValidatorException if an exception occurs while
* encoding the OCSP Request or validating the OCSP Response
*/
static OCSPResponse check(List<CertId> certIds, URI responderURI,
X509Certificate responderCert, Date date)
throws IOException, CertPathValidatorException {
byte[] bytes = null;
try {
OCSPRequest request = new OCSPRequest(certIds);
bytes = request.encodeBytes();
} catch (IOException ioe) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", ioe);
}
InputStream in = null;
OutputStream out = null;
byte[] response = null;
try {
URL url = responderURI.toURL();
if (debug != null) {
debug.println("connecting to OCSP service at: " + url);
}
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setDoOutput(true);
con.setDoInput(true);
con.setRequestMethod("POST");
con.setRequestProperty
("Content-type", "application/ocsp-request");
con.setRequestProperty
("Content-length", String.valueOf(bytes.length));
out = con.getOutputStream();
out.write(bytes);
out.flush();
// Check the response
if (debug != null &&
con.getResponseCode() != HttpURLConnection.HTTP_OK) {
debug.println("Received HTTP error: " + con.getResponseCode()
+ " - " + con.getResponseMessage());
}
in = con.getInputStream();
int contentLength = con.getContentLength();
if (contentLength == -1) {
contentLength = Integer.MAX_VALUE;
}
response = new byte[contentLength > 2048 ? 2048 : contentLength];
int total = 0;
while (total < contentLength) {
int count = in.read(response, total, response.length - total);
if (count < 0)
break;
total += count;
if (total >= response.length && total < contentLength) {
response = Arrays.copyOf(response, total * 2);
}
}
response = Arrays.copyOf(response, total);
} finally {
if (in != null) {
try {
in.close();
} catch (IOException ioe) {
throw ioe;
}
}
if (out != null) {
try {
out.close();
} catch (IOException ioe) {
throw ioe;
}
}
}
OCSPResponse ocspResponse = null;
try {
ocspResponse = new OCSPResponse(response, date, responderCert);
} catch (IOException ioe) {
// response decoding exception
throw new CertPathValidatorException(ioe);
}
if (ocspResponse.getResponseStatus() != ResponseStatus.SUCCESSFUL) {
throw new CertPathValidatorException
("OCSP response error: " + ocspResponse.getResponseStatus());
}
// Check that the response includes a response for all of the
// certs that were supplied in the request
for (CertId certId : certIds) {
SingleResponse sr = ocspResponse.getSingleResponse(certId);
if (sr == null) {
if (debug != null) {
debug.println("No response found for CertId: " + certId);
}
throw new CertPathValidatorException(
"OCSP response does not include a response for a " +
"certificate supplied in the OCSP request");
}
if (debug != null) {
debug.println("Status of certificate (with serial number " +
certId.getSerialNumber() + ") is: " + sr.getCertStatus());
}
}
return ocspResponse;
}
/**
* Returns the URI of the OCSP Responder as specified in the
* certificate's Authority Information Access extension, or null if
* not specified.
*
* @param cert the certificate
* @return the URI of the OCSP Responder, or null if not specified
*/
public static URI getResponderURI(X509Certificate cert) {
try {
return getResponderURI(X509CertImpl.toImpl(cert));
} catch (CertificateException ce) {
// treat this case as if the cert had no extension
return null;
}
}
static URI getResponderURI(X509CertImpl certImpl) {
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia =
certImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
return null;
}
List<AccessDescription> descriptions = aia.getAccessDescriptions();
for (AccessDescription description : descriptions) {
if (description.getAccessMethod().equals(
AccessDescription.Ad_OCSP_Id)) {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
URIName uri = (URIName) generalName.getName();
return uri.getURI();
}
}
}
return null;
}
/**
* The Revocation Status of a certificate.
*/
public static interface RevocationStatus {
public enum CertStatus { GOOD, REVOKED, UNKNOWN };
/**
* Returns the revocation status.
*/
CertStatus getCertStatus();
/**
* Returns the time when the certificate was revoked, or null
* if it has not been revoked.
*/
Date getRevocationTime();
/**
* Returns the reason the certificate was revoked, or null if it
* has not been revoked.
*/
CRLReason getRevocationReason();
/**
* Returns a Map of additional extensions.
*/
Map<String, Extension> getSingleExtensions();
}
}
src/share/classes/sun/security/provider/certpath/OCSPChecker.java
浏览文件 @ d3b300ff
......@@ -25,19 +25,20 @@
package sun.security.provider.certpath;
import java.io.*;
import java.io.IOException;
import java.math.BigInteger;
import java.util.*;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.cert.*;
import java.security.cert.CertPathValidatorException.BasicReason;
import java.net.*;
import java.net.URI;
import java.net.URISyntaxException;
import javax.security.auth.x500.X500Principal;
import sun.security.util.*;
import static sun.security.provider.certpath.OCSP.*;
import sun.security.util.Debug;
import sun.security.x509.*;
/**
......@@ -50,27 +51,18 @@ import sun.security.x509.*;
*/
class OCSPChecker extends PKIXCertPathChecker {
public static final String OCSP_ENABLE_PROP = "ocsp.enable";
public static final String OCSP_URL_PROP = "ocsp.responderURL";
public static final String OCSP_CERT_SUBJECT_PROP =
static final String OCSP_ENABLE_PROP = "ocsp.enable";
static final String OCSP_URL_PROP = "ocsp.responderURL";
static final String OCSP_CERT_SUBJECT_PROP =
"ocsp.responderCertSubjectName";
public static final String OCSP_CERT_ISSUER_PROP =
"ocsp.responderCertIssuerName";
public static final String OCSP_CERT_NUMBER_PROP =
static final String OCSP_CERT_ISSUER_PROP = "ocsp.responderCertIssuerName";
static final String OCSP_CERT_NUMBER_PROP =
"ocsp.responderCertSerialNumber";
private static final String HEX_DIGITS = "0123456789ABCDEFabcdef";
private static final Debug DEBUG = Debug.getInstance("certpath");
private static final boolean dump = false;
// Supported extensions
private static final int OCSP_NONCE_DATA[] =
{ 1, 3, 6, 1, 5, 5, 7, 48, 1, 2 };
private static final ObjectIdentifier OCSP_NONCE_OID;
static {
OCSP_NONCE_OID = ObjectIdentifier.newInternal(OCSP_NONCE_DATA);
}
private int remainingCerts;
private X509Certificate[] certs;
......@@ -79,19 +71,26 @@ class OCSPChecker extends PKIXCertPathChecker {
private PKIXParameters pkixParams;
private boolean onlyEECert = false;
/**
* Default Constructor
*
* @param certPath the X509 certification path
* @param pkixParams the input PKIX parameter set
* @exception CertPathValidatorException Exception thrown if cert path
* does not validate.
* @throws CertPathValidatorException if OCSPChecker can not be created
*/
OCSPChecker(CertPath certPath, PKIXParameters pkixParams)
throws CertPathValidatorException {
this(certPath, pkixParams, false);
}
OCSPChecker(CertPath certPath, PKIXParameters pkixParams, boolean onlyEECert)
throws CertPathValidatorException {
this.cp = certPath;
this.pkixParams = pkixParams;
this.onlyEECert = onlyEECert;
List<? extends Certificate> tmp = cp.getCertificates();
certs = tmp.toArray(new X509Certificate[tmp.size()]);
init(false);
......@@ -101,6 +100,7 @@ class OCSPChecker extends PKIXCertPathChecker {
* Initializes the internal state of the checker from parameters
* specified in the constructor
*/
@Override
public void init(boolean forward) throws CertPathValidatorException {
if (!forward) {
remainingCerts = certs.length + 1;
......@@ -110,11 +110,11 @@ class OCSPChecker extends PKIXCertPathChecker {
}
}
public boolean isForwardCheckingSupported() {
@Override public boolean isForwardCheckingSupported() {
return false;
}
public Set<String> getSupportedExtensions() {
@Override public Set<String> getSupportedExtensions() {
return Collections.<String>emptySet();
}
......@@ -127,26 +127,26 @@ class OCSPChecker extends PKIXCertPathChecker {
* @exception CertPathValidatorException Exception is thrown if the
* certificate has been revoked.
*/
@Override
public void check(Certificate cert, Collection<String> unresolvedCritExts)
throws CertPathValidatorException {
InputStream in = null;
OutputStream out = null;
// Decrement the certificate counter
remainingCerts--;
X509CertImpl currCertImpl = null;
try {
X509Certificate responderCert = null;
boolean seekResponderCert = false;
X500Principal responderSubjectName = null;
X500Principal responderIssuerName = null;
BigInteger responderSerialNumber = null;
currCertImpl = X509CertImpl.toImpl((X509Certificate)cert);
} catch (CertificateException ce) {
throw new CertPathValidatorException(ce);
}
boolean seekIssuerCert = true;
X509CertImpl issuerCertImpl = null;
X509CertImpl currCertImpl =
X509CertImpl.toImpl((X509Certificate)cert);
if (onlyEECert && currCertImpl.getBasicConstraints() != -1) {
if (DEBUG != null) {
DEBUG.println("Skipping revocation check, not end entity cert");
}
return;
}
/*
* OCSP security property values, in the following order:
......@@ -155,22 +155,24 @@ class OCSPChecker extends PKIXCertPathChecker {
* 3. ocsp.responderCertIssuerName
* 4. ocsp.responderCertSerialNumber
*/
// should cache these properties to avoid calling every time?
String[] properties = getOCSPProperties();
// Check whether OCSP is feasible before seeking cert information
URL url = getOCSPServerURL(currCertImpl, properties);
URI uri = getOCSPServerURI(currCertImpl, properties[0]);
// When responder's subject name is set then the issuer/serial
// properties are ignored
X500Principal responderSubjectName = null;
X500Principal responderIssuerName = null;
BigInteger responderSerialNumber = null;
if (properties[1] != null) {
responderSubjectName = new X500Principal(properties[1]);
} else if (properties[2] != null && properties[3] != null) {
responderIssuerName = new X500Principal(properties[2]);
// remove colon or space separators
String value = stripOutSeparators(properties[3]);
responderSerialNumber = new BigInteger(value, 16);
} else if (properties[2] != null || properties[3] != null) {
throw new CertPathValidatorException(
"Must specify both ocsp.responderCertIssuerName and " +
......@@ -180,20 +182,24 @@ class OCSPChecker extends PKIXCertPathChecker {
// If the OCSP responder cert properties are set then the
// identified cert must be located in the trust anchors or
// in the cert stores.
boolean seekResponderCert = false;
if (responderSubjectName != null || responderIssuerName != null) {
seekResponderCert = true;
}
// Set the issuer certificate to the next cert in the chain
// (unless we're processing the final cert).
X509Certificate issuerCert = null;
boolean seekIssuerCert = true;
X509Certificate responderCert = null;
if (remainingCerts < certs.length) {
issuerCertImpl = X509CertImpl.toImpl(certs[remainingCerts]);
issuerCert = certs[remainingCerts];
seekIssuerCert = false; // done
// By default, the OCSP responder's cert is the same as the
// issuer of the cert being validated.
if (! seekResponderCert) {
responderCert = certs[remainingCerts];
if (!seekResponderCert) {
responderCert = issuerCert;
if (DEBUG != null) {
DEBUG.println("Responder's certificate is the same " +
"as the issuer of the certificate being validated");
......@@ -212,38 +218,37 @@ class OCSPChecker extends PKIXCertPathChecker {
}
// Extract the anchor certs
Iterator anchors = pkixParams.getTrustAnchors().iterator();
if (! anchors.hasNext()) {
Iterator<TrustAnchor> anchors
= pkixParams.getTrustAnchors().iterator();
if (!anchors.hasNext()) {
throw new CertPathValidatorException(
"Must specify at least one trust anchor");
}
X500Principal certIssuerName =
currCertImpl.getIssuerX500Principal();
while (anchors.hasNext() &&
(seekIssuerCert || seekResponderCert)) {
while (anchors.hasNext() && (seekIssuerCert || seekResponderCert)) {
TrustAnchor anchor = (TrustAnchor)anchors.next();
TrustAnchor anchor = anchors.next();
X509Certificate anchorCert = anchor.getTrustedCert();
X500Principal anchorSubjectName =
anchorCert.getSubjectX500Principal();
if (dump) {
System.out.println("Issuer DN is " + certIssuerName);
System.out.println("Subject DN is " +
anchorSubjectName);
System.out.println("Subject DN is " + anchorSubjectName);
}
// Check if anchor cert is the issuer cert
if (seekIssuerCert &&
certIssuerName.equals(anchorSubjectName)) {
issuerCertImpl = X509CertImpl.toImpl(anchorCert);
issuerCert = anchorCert;
seekIssuerCert = false; // done
// By default, the OCSP responder's cert is the same as
// the issuer of the cert being validated.
if (! seekResponderCert && responderCert == null) {
if (!seekResponderCert && responderCert == null) {
responderCert = anchorCert;
if (DEBUG != null) {
DEBUG.println("Responder's certificate is the" +
......@@ -272,10 +277,9 @@ class OCSPChecker extends PKIXCertPathChecker {
}
}
}
if (issuerCertImpl == null) {
if (issuerCert == null) {
throw new CertPathValidatorException(
"No trusted certificate for " +
currCertImpl.getIssuerDN());
"No trusted certificate for " + currCertImpl.getIssuerDN());
}
// Check cert stores if responder cert has not yet been found
......@@ -287,18 +291,26 @@ class OCSPChecker extends PKIXCertPathChecker {
X509CertSelector filter = null;
if (responderSubjectName != null) {
filter = new X509CertSelector();
filter.setSubject(responderSubjectName.getName());
filter.setSubject(responderSubjectName);
} else if (responderIssuerName != null &&
responderSerialNumber != null) {
filter = new X509CertSelector();
filter.setIssuer(responderIssuerName.getName());
filter.setIssuer(responderIssuerName);
filter.setSerialNumber(responderSerialNumber);
}
if (filter != null) {
List<CertStore> certStores = pkixParams.getCertStores();
for (CertStore certStore : certStores) {
Iterator i =
certStore.getCertificates(filter).iterator();
Iterator i = null;
try {
i = certStore.getCertificates(filter).iterator();
} catch (CertStoreException cse) {
// ignore and try next certStore
if (DEBUG != null) {
DEBUG.println("CertStore exception:" + cse);
}
continue;
}
if (i.hasNext()) {
responderCert = (X509Certificate) i.next();
seekResponderCert = false; // done
......@@ -316,112 +328,33 @@ class OCSPChecker extends PKIXCertPathChecker {
"(set using the OCSP security properties).");
}
// Construct an OCSP Request
OCSPRequest ocspRequest =
new OCSPRequest(currCertImpl, issuerCertImpl);
// Use the URL to the OCSP service that was created earlier
HttpURLConnection con = (HttpURLConnection)url.openConnection();
if (DEBUG != null) {
DEBUG.println("connecting to OCSP service at: " + url);
}
// Indicate that both input and output will be performed,
// that the method is POST, and that the content length is
// the length of the byte array
con.setDoOutput(true);
con.setDoInput(true);
con.setRequestMethod("POST");
con.setRequestProperty("Content-type", "application/ocsp-request");
byte[] bytes = ocspRequest.encodeBytes();
CertId certId = ocspRequest.getCertId();
con.setRequestProperty("Content-length",
String.valueOf(bytes.length));
out = con.getOutputStream();
out.write(bytes);
out.flush();
// Check the response
if (DEBUG != null &&
con.getResponseCode() != HttpURLConnection.HTTP_OK) {
DEBUG.println("Received HTTP error: " + con.getResponseCode() +
" - " + con.getResponseMessage());
}
in = con.getInputStream();
byte[] response = null;
int total = 0;
int contentLength = con.getContentLength();
if (contentLength != -1) {
response = new byte[contentLength];
} else {
response = new byte[2048];
contentLength = Integer.MAX_VALUE;
}
while (total < contentLength) {
int count = in.read(response, total, response.length - total);
if (count < 0)
break;
total += count;
if (total >= response.length && total < contentLength) {
response = Arrays.copyOf(response, total * 2);
}
}
response = Arrays.copyOf(response, total);
OCSPResponse ocspResponse = new OCSPResponse(response, pkixParams,
responderCert);
// Check that response applies to the cert that was supplied
if (! certId.equals(ocspResponse.getCertId())) {
throw new CertPathValidatorException(
"Certificate in the OCSP response does not match the " +
"certificate supplied in the OCSP request.");
}
SerialNumber serialNumber = currCertImpl.getSerialNumberObject();
int certOCSPStatus = ocspResponse.getCertStatus(serialNumber);
if (DEBUG != null) {
DEBUG.println("Status of certificate (with serial number " +
serialNumber.getNumber() + ") is: " +
OCSPResponse.certStatusToText(certOCSPStatus));
CertId certId = null;
OCSPResponse response = null;
try {
certId = new CertId
(issuerCert, currCertImpl.getSerialNumberObject());
response = OCSP.check(Collections.singletonList(certId), uri,
responderCert, pkixParams.getDate());
} catch (IOException ioe) {
// should allow this to pass if network failures are acceptable
throw new CertPathValidatorException
("Unable to send OCSP request", ioe);
}
if (certOCSPStatus == OCSPResponse.CERT_STATUS_REVOKED) {
RevocationStatus rs = (RevocationStatus) response.getSingleResponse(certId);
RevocationStatus.CertStatus certStatus = rs.getCertStatus();
if (certStatus == RevocationStatus.CertStatus.REVOKED) {
Throwable t = new CertificateRevokedException(
ocspResponse.getRevocationTime(),
ocspResponse.getRevocationReason(),
rs.getRevocationTime(), rs.getRevocationReason(),
responderCert.getSubjectX500Principal(),
ocspResponse.getSingleExtensions());
rs.getSingleExtensions());
throw new CertPathValidatorException(t.getMessage(), t,
null, -1, BasicReason.REVOKED);
} else if (certOCSPStatus == OCSPResponse.CERT_STATUS_UNKNOWN) {
} else if (certStatus == RevocationStatus.CertStatus.UNKNOWN) {
throw new CertPathValidatorException(
"Certificate's revocation status is unknown", null, cp,
remainingCerts, BasicReason.UNDETERMINED_REVOCATION_STATUS);
}
} catch (Exception e) {
throw new CertPathValidatorException(e);
} finally {
if (in != null) {
try {
in.close();
} catch (IOException ioe) {
throw new CertPathValidatorException(ioe);
}
}
if (out != null) {
try {
out.close();
} catch (IOException ioe) {
throw new CertPathValidatorException(ioe);
}
}
}
}
/*
......@@ -431,20 +364,18 @@ class OCSPChecker extends PKIXCertPathChecker {
* 3. ocsp.responderCertIssuerName
* 4. ocsp.responderCertSerialNumber
*/
private static URL getOCSPServerURL(X509CertImpl currCertImpl,
String[] properties)
throws CertificateParsingException, CertPathValidatorException {
private static URI getOCSPServerURI(X509CertImpl currCertImpl,
String responderURL) throws CertPathValidatorException {
if (properties[0] != null) {
if (responderURL != null) {
try {
return new URL(properties[0]);
} catch (java.net.MalformedURLException e) {
return new URI(responderURL);
} catch (URISyntaxException e) {
throw new CertPathValidatorException(e);
}
}
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia =
currCertImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
......@@ -459,13 +390,8 @@ class OCSPChecker extends PKIXCertPathChecker {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
try {
URIName uri = (URIName) generalName.getName();
return (new URL(uri.getName()));
} catch (java.net.MalformedURLException e) {
throw new CertPathValidatorException(e);
}
return uri.getURI();
}
}
}
......
src/share/classes/sun/security/provider/certpath/OCSPRequest.java
浏览文件 @ d3b300ff
/*
* Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -26,9 +26,9 @@
package sun.security.provider.certpath;
import java.io.IOException;
import java.security.cert.CertPathValidatorException;
import java.util.Collections;
import java.util.List;
import sun.misc.HexDumpEncoder;
import sun.security.x509.*;
import sun.security.util.*;
/**
......@@ -77,47 +77,33 @@ class OCSPRequest {
private static final Debug debug = Debug.getInstance("certpath");
private static final boolean dump = false;
// Serial number of the certificates to be checked for revocation
private SerialNumber serialNumber;
// Issuer's certificate (for computing certId hash values)
private X509CertImpl issuerCert;
// CertId of the certificate to be checked
private CertId certId = null;
// List of request CertIds
private final List<CertId> certIds;
/*
* Constructs an OCSPRequest. This constructor is used
* to construct an unsigned OCSP Request for a single user cert.
*/
// used by OCSPChecker
OCSPRequest(X509CertImpl userCert, X509CertImpl issuerCert)
throws CertPathValidatorException {
if (issuerCert == null) {
throw new CertPathValidatorException("Null IssuerCertificate");
OCSPRequest(CertId certId) {
this.certIds = Collections.singletonList(certId);
}
this.issuerCert = issuerCert;
serialNumber = userCert.getSerialNumberObject();
OCSPRequest(List<CertId> certIds) {
this.certIds = certIds;
}
// used by OCSPChecker
byte[] encodeBytes() throws IOException {
// encode tbsRequest
DerOutputStream tmp = new DerOutputStream();
DerOutputStream derSingleReqList = new DerOutputStream();
SingleRequest singleRequest = null;
try {
singleRequest = new SingleRequest(issuerCert, serialNumber);
} catch (Exception e) {
throw new IOException("Error encoding OCSP request");
DerOutputStream requestsOut = new DerOutputStream();
for (CertId certId : certIds) {
DerOutputStream certIdOut = new DerOutputStream();
certId.encode(certIdOut);
requestsOut.write(DerValue.tag_Sequence, certIdOut);
}
certId = singleRequest.getCertId();
singleRequest.encode(derSingleReqList);
tmp.write(DerValue.tag_Sequence, derSingleReqList);
tmp.write(DerValue.tag_Sequence, requestsOut);
// No extensions supported
DerOutputStream tbsRequest = new DerOutputStream();
tbsRequest.write(DerValue.tag_Sequence, tmp);
......@@ -130,35 +116,14 @@ class OCSPRequest {
if (dump) {
HexDumpEncoder hexEnc = new HexDumpEncoder();
System.out.println ("OCSPRequest bytes are... ");
System.out.println("OCSPRequest bytes are... ");
System.out.println(hexEnc.encode(bytes));
}
return(bytes);
}
// used by OCSPChecker
CertId getCertId() {
return certId;
return bytes;
}
private static class SingleRequest {
private CertId certId;
// No extensions are set
private SingleRequest(X509CertImpl cert, SerialNumber serialNo) throws Exception {
certId = new CertId(cert, serialNo);
}
private void encode(DerOutputStream out) throws IOException {
DerOutputStream tmp = new DerOutputStream();
certId.encode(tmp);
out.write(DerValue.tag_Sequence, tmp);
}
private CertId getCertId() {
return certId;
}
List<CertId> getCertIds() {
return certIds;
}
}
src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
浏览文件 @ d3b300ff
/*
* Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -28,8 +28,6 @@ package sun.security.provider.certpath;
import java.io.IOException;
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.cert.CertPath;
import java.security.cert.CertPathParameters;
import java.security.cert.CertPathValidatorException;
......@@ -49,6 +47,7 @@ import java.util.ArrayList;
import java.util.Date;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import sun.security.action.GetBooleanSecurityPropertyAction;
import sun.security.util.Debug;
/**
......@@ -67,7 +66,8 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi {
private List<PKIXCertPathChecker> userCheckers;
private String sigProvider;
private BasicChecker basicChecker;
private String ocspProperty;
private boolean ocspEnabled = false;
private boolean onlyEECert = false;
/**
* Default constructor.
......@@ -253,13 +253,12 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi {
if (pkixParam.isRevocationEnabled()) {
// Examine OCSP security property
ocspProperty = AccessController.doPrivileged(
new PrivilegedAction<String>() {
public String run() {
return
Security.getProperty(OCSPChecker.OCSP_ENABLE_PROP);
}
});
ocspEnabled = AccessController.doPrivileged(
new GetBooleanSecurityPropertyAction
(OCSPChecker.OCSP_ENABLE_PROP));
onlyEECert = AccessController.doPrivileged(
new GetBooleanSecurityPropertyAction
("com.sun.security.onlyCheckRevocationOfEECert"));
}
}
......@@ -301,15 +300,15 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi {
if (pkixParam.isRevocationEnabled()) {
// Use OCSP if it has been enabled
if ("true".equalsIgnoreCase(ocspProperty)) {
if (ocspEnabled) {
OCSPChecker ocspChecker =
new OCSPChecker(cpOriginal, pkixParam);
new OCSPChecker(cpOriginal, pkixParam, onlyEECert);
certPathCheckers.add(ocspChecker);
}
// Always use CRLs
CrlRevocationChecker revocationChecker =
new CrlRevocationChecker(anchor, pkixParam, certList);
CrlRevocationChecker revocationChecker = new
CrlRevocationChecker(anchor, pkixParam, certList, onlyEECert);
certPathCheckers.add(revocationChecker);
}
......
src/share/classes/sun/security/x509/AccessDescription.java
浏览文件 @ d3b300ff
......@@ -113,7 +113,7 @@ public final class AccessDescription {
} else {
method = accessMethod.toString();
}
return ("accessMethod: " + method +
return ("\n accessMethod: " + method +
"\n accessLocation: " + accessLocation.toString() + "\n");
}
}
src/share/classes/sun/util/logging/PlatformLogger.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/demo/jvmti/waiters/Agent.hpp
浏览文件 @ d3b300ff
......@@ -34,8 +34,12 @@
class Agent {
private:
jrawMonitorID lock;
enum {
initial_monitor_list_size = 64,
monitor_list_grow_size = 16
};
Monitor **monitor_list;
unsigned monitor_list_size;
unsigned monitor_count;
Thread *get_thread(jvmtiEnv *jvmti, JNIEnv *env, jthread thread);
Monitor *get_monitor(jvmtiEnv *jvmti, JNIEnv *env, jobject object);
......
src/share/javavm/export/jvm.h
浏览文件 @ d3b300ff
......@@ -374,6 +374,12 @@ JVM_FindPrimitiveClass(JNIEnv *env, const char *utf);
JNIEXPORT void JNICALL
JVM_ResolveClass(JNIEnv *env, jclass cls);
/*
* Find a class from a boot class loader. Returns NULL if class not found.
*/
JNIEXPORT jclass JNICALL
JVM_FindClassFromBootLoader(JNIEnv *env, const char *name);
/*
* Find a class from a given class loader. Throw ClassNotFoundException
* or NoClassDefFoundError depending on the value of the last
......
src/share/lib/net.properties
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2_163.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2_193.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2_233.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2_aff.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec2_mont.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ec_naf.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecc_impl.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecdecode.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl-curve.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl-exp.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl-priv.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl_curve.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl_gf.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecl_mult.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_192.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_224.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_256.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_384.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_521.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_aff.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_jac.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_jm.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/ecp_mont.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/logtab.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mp_gf2m-priv.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mp_gf2m.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mp_gf2m.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpi-config.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpi-priv.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpi.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpi.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mplogic.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mplogic.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpmontg.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/mpprime.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/oid.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/secitem.c 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/share/native/sun/security/ec/impl/secoidt.h 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
src/solaris/bin/java_md.c
浏览文件 @ d3b300ff
此差异已折叠。
src/windows/bin/java_md.c
浏览文件 @ d3b300ff
此差异已折叠。
test/com/sun/jdi/BreakpointWithFullGC.sh 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/java/net/ProxySelector/B6737819.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/java/nio/file/Files/WalkWithSecurity.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/java/nio/file/Files/denyAll.policy 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/java/nio/file/Files/grantAll.policy 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/java/nio/file/Files/grantTopOnly.policy 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/security/ec/TestEC.java
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/security/ec/certs/sunlabscerts.pem 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/security/ec/keystore 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/security/ec/truststore 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/security/krb5/IPv6.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/sun/util/logging/PlatformLoggerTest.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/tools/launcher/6842838/CreateBadJar.java 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
test/tools/launcher/6842838/Test6842838.sh 0 → 100644
浏览文件 @ d3b300ff
此差异已折叠。
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册