OpenJDK / jdk / jdk10
changeset 43200:ac8db82dab60
8158406: Limited Parameter Processing
Reviewed-by: dfuchs, skoivu
| author | hb |
|---|---|
| date | Tue, 16 Aug 2016 17:05:00 +0530 |
| parents | e7fc78485b36 |
| children | b4c682966e2a |
| files | jdk/src/java.management/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java |
| diffstat | 1 files changed, 45 insertions(+), 22 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/src/java.management/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java Fri Aug 12 10:37:15 2016 +0100 +++ b/jdk/src/java.management/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java Tue Aug 16 17:05:00 2016 +0530 @@ -347,7 +347,7 @@ +", unwrapping parameters using classLoaderWithRepository."); values = - nullIsEmpty(unwrap(params, classLoaderWithRepository, Object[].class)); + nullIsEmpty(unwrap(params, classLoaderWithRepository, Object[].class,delegationSubject)); try { final Object params2[] = @@ -411,7 +411,7 @@ values = nullIsEmpty(unwrap(params, getClassLoader(loaderName), defaultClassLoader, - Object[].class)); + Object[].class,delegationSubject)); try { final Object params2[] = @@ -522,7 +522,7 @@ "connectionId=" + connectionId +" unwrapping query with defaultClassLoader."); - queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class); + queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class, delegationSubject); try { final Object params[] = new Object[] { name, queryValue }; @@ -557,7 +557,7 @@ "connectionId=" + connectionId +" unwrapping query with defaultClassLoader."); - queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class); + queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class, delegationSubject); try { final Object params[] = new Object[] { name, queryValue }; @@ -707,7 +707,7 @@ attr = unwrap(attribute, getClassLoaderFor(name), defaultClassLoader, - Attribute.class); + Attribute.class, delegationSubject); try { final Object params[] = new Object[] { name, attr }; @@ -758,7 +758,7 @@ unwrap(attributes, getClassLoaderFor(name), defaultClassLoader, - AttributeList.class); + AttributeList.class, delegationSubject); try { final Object params[] = new Object[] { name, attrlist }; @@ -810,7 +810,7 @@ values = nullIsEmpty(unwrap(params, getClassLoaderFor(name), defaultClassLoader, - Object[].class)); + Object[].class, delegationSubject)); try { final Object params2[] = @@ -990,7 +990,7 @@ filterValues[i] = unwrap(filters[i], targetCl, defaultClassLoader, - NotificationFilter.class); + NotificationFilter.class, delegationSubjects[i]); if (debug) logger.debug("addNotificationListener"+ "(ObjectName,NotificationFilter)", @@ -1058,7 +1058,7 @@ +" unwrapping filter with target extended ClassLoader."); filterValue = - unwrap(filter, targetCl, defaultClassLoader, NotificationFilter.class); + unwrap(filter, targetCl, defaultClassLoader, NotificationFilter.class, delegationSubject); if (debug) logger.debug("addNotificationListener"+ "(ObjectName,ObjectName,NotificationFilter,Object)", @@ -1066,7 +1066,7 @@ +" unwrapping handback with target extended ClassLoader."); handbackValue = - unwrap(handback, targetCl, defaultClassLoader, Object.class); + unwrap(handback, targetCl, defaultClassLoader, Object.class, delegationSubject); try { final Object params[] = @@ -1197,7 +1197,7 @@ +" unwrapping filter with target extended ClassLoader."); filterValue = - unwrap(filter, targetCl, defaultClassLoader, NotificationFilter.class); + unwrap(filter, targetCl, defaultClassLoader, NotificationFilter.class, delegationSubject); if (debug) logger.debug("removeNotificationListener"+ "(ObjectName,ObjectName,NotificationFilter,Object)", @@ -1205,7 +1205,7 @@ +" unwrapping handback with target extended ClassLoader."); handbackValue = - unwrap(handback, targetCl, defaultClassLoader, Object.class); + unwrap(handback, targetCl, defaultClassLoader, Object.class, delegationSubject); try { final Object params[] = @@ -1549,20 +1549,38 @@ } } - private static <T> T unwrap(final MarshalledObject<?> mo, + private <T> T unwrap(final MarshalledObject<?> mo, final ClassLoader cl, - final Class<T> wrappedClass) + final Class<T> wrappedClass, + Subject delegationSubject) throws IOException { if (mo == null) { return null; } try { final ClassLoader old = AccessController.doPrivileged(new SetCcl(cl)); - try { - return wrappedClass.cast(mo.get()); - } catch (ClassNotFoundException cnfe) { - throw new UnmarshalException(cnfe.toString(), cnfe); - } finally { + try{ + final AccessControlContext reqACC; + if (delegationSubject == null) + reqACC = acc; + else { + if (subject == null) { + final String msg = + "Subject delegation cannot be enabled unless " + + "an authenticated subject is put in place"; + throw new SecurityException(msg); + } + reqACC = subjectDelegator.delegatedContext( + acc, delegationSubject, removeCallerContext); + } + if(reqACC != null){ + return AccessController.doPrivileged( + (PrivilegedExceptionAction<T>) () -> + wrappedClass.cast(mo.get()), reqACC); + }else{ + return wrappedClass.cast(mo.get()); + } + }finally{ AccessController.doPrivileged(new SetCcl(old)); } } catch (PrivilegedActionException pe) { @@ -1575,14 +1593,19 @@ } logger.warning("unwrap", "Failed to unmarshall object: " + e); logger.debug("unwrap", e); + }catch (ClassNotFoundException ex) { + logger.warning("unwrap", "Failed to unmarshall object: " + ex); + logger.debug("unwrap", ex); + throw new UnmarshalException(ex.toString(), ex); } return null; } - private static <T> T unwrap(final MarshalledObject<?> mo, + private <T> T unwrap(final MarshalledObject<?> mo, final ClassLoader cl1, final ClassLoader cl2, - final Class<T> wrappedClass) + final Class<T> wrappedClass, + Subject delegationSubject) throws IOException { if (mo == null) { return null; @@ -1596,7 +1619,7 @@ } } ); - return unwrap(mo, orderCL, wrappedClass); + return unwrap(mo, orderCL, wrappedClass,delegationSubject); } catch (PrivilegedActionException pe) { Exception e = extractException(pe); if (e instanceof IOException) {