changeset 13688:dd50896e9dec

8218573: Better socket support Reviewed-by: alanb, ahgross, chegar, igerasim
author michaelm
date Mon, 25 Mar 2019 17:15:27 +0000
parents b148d99d5cc3
children 1f5e1d743e4b
files src/share/classes/java/net/NetPermission.java src/share/classes/java/net/ServerSocket.java src/share/classes/java/net/Socket.java src/share/classes/sun/security/util/SecurityConstants.java
diffstat 4 files changed, 48 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/java/net/NetPermission.java	Thu Oct 10 02:30:46 2019 +0100
+++ b/src/share/classes/java/net/NetPermission.java	Mon Mar 25 17:15:27 2019 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -151,6 +151,15 @@
 creating a ProtectionDomain/CodeSource for a class even though
 that class really didn't come from that location.</td>
  * </tr>
+ *
+ * <tr>
+ *   <th scope="row">setSocketImpl</th>
+ *   <td>The ability to create a sub-class of Socket or ServerSocket with a
+ *   user specified SocketImpl.</td>
+ *   <td>Malicious user-defined SocketImpls can change the behavior of
+ *   Socket and ServerSocket in surprising ways, by virtue of their
+ *   ability to access the protected fields of SocketImpl.</td>
+ *   </tr>
  * </table>
  *
  * @see java.security.BasicPermission
--- a/src/share/classes/java/net/ServerSocket.java	Thu Oct 10 02:30:46 2019 +0100
+++ b/src/share/classes/java/net/ServerSocket.java	Mon Mar 25 17:15:27 2019 +0000
@@ -31,6 +31,8 @@
 import java.security.AccessController;
 import java.security.PrivilegedExceptionAction;
 
+import sun.security.util.SecurityConstants;
+
 /**
  * This class implements server sockets. A server socket waits for
  * requests to come in over the network. It performs some operation
@@ -71,12 +73,25 @@
     /**
      * Package-private constructor to create a ServerSocket associated with
      * the given SocketImpl.
+     *
+     * @throws     SecurityException if a security manager is set and
+     *             its {@code checkPermission} method doesn't allow
+     *             {@code NetPermission("setSocketImpl")}.
      */
     ServerSocket(SocketImpl impl) {
+        checkPermission();
         this.impl = impl;
         impl.setServerSocket(this);
     }
 
+    private static Void checkPermission() {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates an unbound server socket.
      *
--- a/src/share/classes/java/net/Socket.java	Thu Oct 10 02:30:46 2019 +0100
+++ b/src/share/classes/java/net/Socket.java	Mon Mar 25 17:15:27 2019 +0000
@@ -25,6 +25,8 @@
 
 package java.net;
 
+import sun.security.util.SecurityConstants;
+
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.IOException;
@@ -159,9 +161,14 @@
      *
      * @exception SocketException if there is an error in the underlying protocol,
      * such as a TCP error.
+     *
+     * @throws SecurityException if {@code impl} is non-null and a security manager is set
+     * and its {@code checkPermission} method doesn't allow {@code NetPermission("setSocketImpl")}.
+     *
      * @since   JDK1.1
      */
     protected Socket(SocketImpl impl) throws SocketException {
+        checkPermission(impl);
         this.impl = impl;
         if (impl != null) {
             checkOldImpl();
@@ -169,6 +176,17 @@
         }
     }
 
+    private static Void checkPermission(SocketImpl impl) {
+        if (impl == null) {
+            return null;
+        }
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates a stream socket and connects it to the specified port
      * number on the named host.
--- a/src/share/classes/sun/security/util/SecurityConstants.java	Thu Oct 10 02:30:46 2019 +0100
+++ b/src/share/classes/sun/security/util/SecurityConstants.java	Mon Mar 25 17:15:27 2019 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -176,6 +176,10 @@
     public static final NetPermission GET_RESPONSECACHE_PERMISSION =
        new NetPermission("getResponseCache");
 
+    // java.net.ServerSocket, java.net.Socket
+    public static final NetPermission SET_SOCKETIMPL_PERMISSION =
+       new NetPermission("setSocketImpl");
+
     // java.lang.SecurityManager, sun.applet.AppletPanel, sun.misc.Launcher
     public static final RuntimePermission CREATE_CLASSLOADER_PERMISSION =
         new RuntimePermission("createClassLoader");