changeset 12997:7e9eeb74e84b jdk8u172-b07

Merge
author asaha
date Tue, 20 Feb 2018 13:07:38 -0800
parents d84393f0a392 0bafb5654e0c
children 3db75ee84f69
files .hgtags
diffstat 12 files changed, 288 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Tue Feb 13 12:57:32 2018 -0800
+++ b/.hgtags	Tue Feb 20 13:07:38 2018 -0800
@@ -864,6 +864,7 @@
 ac700f67341a20ddae093c319da1c65e41edcacd jdk8u171-b04
 863ef3413aa42c15fbdc14fef6732f2741f97046 jdk8u171-b05
 6cbe2e5989a85f82833191be05ccb531f685d171 jdk8u171-b06
+9cf14f22734a057adceff1764b4bb6c71329088b jdk8u171-b07
 64df143be721d3ef031d765d86277c1e114d627a jdk8u172-b00
 25f7b0cd25cf13106783050fc8e6f4a78487a7bd jdk8u172-b01
 db8272cb8c99eea536a66c4c368c4bf2bf013a81 jdk8u172-b02
--- a/src/share/classes/java/io/ObjectInputStream.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/java/io/ObjectInputStream.java	Tue Feb 20 13:07:38 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -245,7 +245,7 @@
 
     static {
         /* Setup access so sun.misc can invoke package private functions. */
-        sun.misc.SharedSecrets.setJavaOISAccess(new JavaOISAccess() {
+        JavaOISAccess javaOISAccess = new JavaOISAccess() {
             public void setObjectInputFilter(ObjectInputStream stream, ObjectInputFilter filter) {
                 stream.setInternalObjectInputFilter(filter);
             }
@@ -259,7 +259,11 @@
             {
                 stream.checkArray(arrayType, arrayLength);
             }
-        });
+        };
+
+        sun.misc.SharedSecrets.setJavaOISAccess(javaOISAccess);
+
+        sun.corba.SharedSecrets.setJavaOISAccess(javaOISAccess);
     }
 
     /*
--- a/src/share/classes/java/util/concurrent/PriorityBlockingQueue.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/java/util/concurrent/PriorityBlockingQueue.java	Tue Feb 20 13:07:38 2018 -0800
@@ -48,6 +48,7 @@
 import java.util.SortedSet;
 import java.util.Spliterator;
 import java.util.function.Consumer;
+import sun.misc.SharedSecrets;
 
 /**
  * An unbounded {@linkplain BlockingQueue blocking queue} that uses
@@ -940,7 +941,9 @@
         throws java.io.IOException, ClassNotFoundException {
         try {
             s.defaultReadObject();
-            this.queue = new Object[q.size()];
+            int sz = q.size();
+            SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, sz);
+            this.queue = new Object[sz];
             comparator = q.comparator();
             addAll(q);
         } finally {
--- a/src/share/classes/javax/management/openmbean/TabularDataSupport.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/javax/management/openmbean/TabularDataSupport.java	Tue Feb 20 13:07:38 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,6 +45,7 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import sun.misc.SharedSecrets;
 
 // jmx import
 //
@@ -911,6 +912,8 @@
             throws IOException, ClassNotFoundException {
       in.defaultReadObject();
       List<String> tmpNames = tabularType.getIndexNames();
-      indexNamesArray = tmpNames.toArray(new String[tmpNames.size()]);
+      int size = tmpNames.size();
+      SharedSecrets.getJavaOISAccess().checkArray(in, String[].class, size);
+      indexNamesArray = tmpNames.toArray(new String[size]);
     }
 }
--- a/src/share/classes/sun/misc/Launcher.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/sun/misc/Launcher.java	Tue Feb 20 13:07:38 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -48,7 +48,7 @@
 
 /**
  * This class is used by the system to launch the main application.
-Launcher */
+ */
 public class Launcher {
     private static URLStreamHandlerFactory factory = new Factory();
     private static Launcher launcher = new Launcher();
@@ -121,6 +121,7 @@
         static {
             ClassLoader.registerAsParallelCapable();
         }
+        private static volatile ExtClassLoader instance = null;
 
         /**
          * create an ExtClassLoader. The ExtClassLoader is created
@@ -128,6 +129,17 @@
          */
         public static ExtClassLoader getExtClassLoader() throws IOException
         {
+            if (instance == null) {
+                synchronized(ExtClassLoader.class) {
+                    if (instance == null) {
+                        instance = createExtClassLoader();
+                    }
+                }
+            }
+            return instance;
+        }
+
+        private static ExtClassLoader createExtClassLoader() throws IOException {
             try {
                 // Prior implementations of this doPrivileged() block supplied
                 // aa synthesized ACC via a call to the private method
--- a/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java	Tue Feb 20 13:07:38 2018 -0800
@@ -119,6 +119,11 @@
                 }
             });
 
+    private static final boolean disableIncomingHttp =
+        java.security.AccessController.doPrivileged(
+            new GetPropertyAction("java.rmi.server.disableIncomingHttp", "true"))
+                .equalsIgnoreCase("true");
+
     /** total connections handled */
     private static final AtomicInteger connectionCount = new AtomicInteger(0);
 
@@ -722,6 +727,10 @@
                 int magic = in.readInt();
 
                 if (magic == POST) {
+                    System.err.println("DISABLED: " + disableIncomingHttp);
+                    if (disableIncomingHttp) {
+                        throw new RemoteException("RMI over HTTP is disabled");
+                    }
                     tcpLog.log(Log.BRIEF, "decoding HTTP-wrapped call");
 
                     // It's really a HTTP-wrapped request.  Repackage
--- a/src/share/classes/sun/security/util/ManifestDigester.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/src/share/classes/sun/security/util/ManifestDigester.java	Tue Feb 20 13:07:38 2018 -0800
@@ -169,10 +169,15 @@
                             }
                         }
 
-                        entries.computeIfAbsent(nameBuf.toString(),
-                                                dummy -> new Entry())
+                        Entry e = entries.get(nameBuf.toString());
+                        if (e == null) {
+                            entries.put(nameBuf.toString(), new Entry()
                                 .addSection(new Section(start, sectionLen,
-                                        sectionLenWithBlank, rawBytes));
+                                    sectionLenWithBlank, rawBytes)));
+                        } else {
+                            e.addSection(new Section(start, sectionLen,
+                                    sectionLenWithBlank, rawBytes));
+                        }
 
                     } catch (java.io.UnsupportedEncodingException uee) {
                         throw new IllegalStateException(
--- a/test/sun/rmi/transport/proxy/EagerHttpFallback.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/test/sun/rmi/transport/proxy/EagerHttpFallback.java	Tue Feb 20 13:07:38 2018 -0800
@@ -28,7 +28,7 @@
  *
  * @library ../../../../java/rmi/testlibrary
  * @build TestLibrary
- * @run main/othervm EagerHttpFallback
+ * @run main/othervm -Djava.rmi.server.disableIncomingHttp=false EagerHttpFallback
  */
 
 import java.rmi.*;
@@ -46,6 +46,8 @@
                            "true");
         LocateRegistry.createRegistry(FALLBACK_PORT);
 
+        System.err.println("1-DISABLED: " + System.getProperty("java.rmi.server.disableIncomingHttp"));
+
         /*
          * The call below should trigger a ConnectException in the
          * RMIMasterSocketFactory when it attempts a direct connection to
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/rmi/transport/tcp/DisableRMIOverHttp/DisableRMIOverHTTPTest.java	Tue Feb 20 13:07:38 2018 -0800
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+ * @bug 8193833
+ *
+ * @summary Disable RMI over HTTP by default
+ *
+ * @library ../../../../../java/rmi/testlibrary
+ * @build TestIface TestImpl
+ * @run main/othervm/timeout=60 DisableRMIOverHTTPTest
+ * @run main/othervm/timeout=60 -Djava.rmi.server.disableIncomingHttp=false DisableRMIOverHTTPTest
+ */
+
+/*
+ * This test is an adaptation of ../blockAccept/BlockAcceptTest.java
+ *
+ * This test:
+ * 1. Creates an object and exports it.
+ * 2. Makes a regular call, using HTTP tunnelling.
+ * 3. Either throws an exception if RMI over HTTP is disabled or completes
+ *    execution if not.
+ */
+
+import java.rmi.*;
+import java.rmi.server.RMISocketFactory;
+import java.io.*;
+import java.net.*;
+
+import sun.rmi.transport.proxy.RMIMasterSocketFactory;
+import sun.rmi.transport.proxy.RMIHttpToPortSocketFactory;
+
+public class DisableRMIOverHTTPTest
+{
+    public static void main(String[] args)
+        throws Exception
+    {
+        // HTTP direct to the server port
+        System.setProperty("http.proxyHost", "127.0.0.1");
+        boolean incomingHttpDisabled =
+                Boolean.valueOf(
+                    System.getProperty(
+                            "java.rmi.server.disableIncomingHttp", "true")
+                        .equalsIgnoreCase("true"));
+
+        // Set the socket factory.
+        System.err.println("(installing HTTP-out socket factory)");
+        HttpOutFactory fac = new HttpOutFactory();
+        RMISocketFactory.setSocketFactory(fac);
+
+        // Create remote object
+        TestImpl impl = new TestImpl();
+
+        // Export and get which port.
+        System.err.println("(exporting remote object)");
+        TestIface stub = impl.export();
+        try {
+            int port = fac.whichPort();
+
+            // Sanity
+            if (port == 0)
+                throw new Error("TEST FAILED: export didn't reserve a port(?)");
+
+            // The test itself: make a remote call and see if it's blocked or
+            // if it works
+            //Thread.sleep(2000);
+            System.err.println("(making RMI-through-HTTP call)");
+            String result = stub.testCall("dummy load");
+            System.err.println(" => " + result);
+
+            if ("OK".equals(result)) {
+                if (incomingHttpDisabled) {
+                    throw new Error(
+                        "TEST FAILED: should not receive result if incoming http is disabled");
+                }
+            } else {
+                if (!incomingHttpDisabled) {
+                    throw new Error("TEST FAILED: result not OK");
+                }
+            }
+            System.err.println("Test passed.");
+        } catch (UnmarshalException e) {
+            if (!incomingHttpDisabled) {
+                throw e;
+            } else {
+                System.err.println("Test passed.");
+            }
+        } finally {
+            try {
+                impl.unexport();
+            } catch (Throwable unmatter) {
+            }
+        }
+
+        // Should exit here
+    }
+
+    private static class HttpOutFactory
+        extends RMISocketFactory
+    {
+        private int servport = 0;
+
+        public Socket createSocket(String h, int p)
+            throws IOException
+        {
+            return ((new RMIHttpToPortSocketFactory()).createSocket(h, p));
+        }
+
+        /** Create a server socket and remember which port it's on.
+         * Aborts if createServerSocket(0) is called twice, because then
+         * it doesn't know whether to remember the first or second port.
+         */
+        public ServerSocket createServerSocket(int p)
+            throws IOException
+        {
+            ServerSocket ss;
+            ss = (new RMIMasterSocketFactory()).createServerSocket(p);
+            if (p == 0) {
+                if (servport != 0) {
+                    System.err.println("TEST FAILED: " +
+                                       "Duplicate createServerSocket(0)");
+                    throw new Error("Test aborted (createServerSocket)");
+                }
+                servport = ss.getLocalPort();
+            }
+            return (ss);
+        }
+
+        /** Return which port was reserved by createServerSocket(0).
+         * If the return value was 0, createServerSocket(0) wasn't called.
+         */
+        public int whichPort() {
+            return (servport);
+        }
+    } // end class HttpOutFactory
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/rmi/transport/tcp/DisableRMIOverHttp/TestIface.java	Tue Feb 20 13:07:38 2018 -0800
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.rmi.*;
+
+public interface TestIface
+    extends Remote
+{
+    public String testCall(String ign)
+        throws RemoteException;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/rmi/transport/tcp/DisableRMIOverHttp/TestImpl.java	Tue Feb 20 13:07:38 2018 -0800
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.rmi.*;
+import java.rmi.server.*;
+
+public class TestImpl
+    extends Object
+    implements TestIface
+{
+    public TestImpl() {
+    }
+
+    public TestIface export()
+        throws RemoteException
+    {
+        return (TestIface)UnicastRemoteObject.exportObject(this, 0);
+    }
+
+    public void unexport()
+        throws NoSuchObjectException
+    {
+        UnicastRemoteObject.unexportObject(this, true);
+    }
+
+    public String testCall(String ign) {
+        return ("OK");
+    }
+}
--- a/test/sun/rmi/transport/tcp/blockAccept/BlockAcceptTest.java	Tue Feb 13 12:57:32 2018 -0800
+++ b/test/sun/rmi/transport/tcp/blockAccept/BlockAcceptTest.java	Tue Feb 20 13:07:38 2018 -0800
@@ -29,7 +29,7 @@
  *
  * @library ../../../../../java/rmi/testlibrary
  * @build TestIface TestImpl TestImpl_Stub
- * @run main/othervm/policy=security.policy/timeout=60 BlockAcceptTest
+ * @run main/othervm/policy=security.policy/timeout=60 -Djava.rmi.server.disableIncomingHttp=false BlockAcceptTest
  */
 
 /* This test attempts to stymie the RMI accept loop.  The accept loop in