changeset 9134:d5107c804de5

8028293: Check local configuration for actual ephemeral port range Reviewed-by: alanb, chegar, smarks
author michaelm
date Tue, 26 Nov 2013 10:06:57 +0000
parents a0b6e5895464
children 864667921a05
files make/lib/NetworkingLibraries.gmk make/mapfiles/libnet/mapfile-vers src/share/classes/java/net/SocketPermission.java src/share/classes/sun/rmi/registry/RegistryImpl.java src/share/lib/security/java.security-linux src/share/lib/security/java.security-macosx src/share/lib/security/java.security-solaris src/share/lib/security/java.security-windows src/solaris/classes/sun/net/PortConfig.java src/solaris/native/java/net/net_util_md.c src/solaris/native/java/net/net_util_md.h src/solaris/native/sun/net/portconfig.c src/windows/classes/sun/net/PortConfig.java src/windows/native/sun/net/portconfig.c test/java/rmi/activation/rmidViaInheritedChannel/RmidViaInheritedChannel.java test/java/rmi/registry/readTest/readTest.sh test/java/rmi/testlibrary/TestLibrary.java
diffstat 17 files changed, 459 insertions(+), 102 deletions(-) [+]
line wrap: on
line diff
--- a/make/lib/NetworkingLibraries.gmk	Wed Nov 20 23:33:07 2013 +0000
+++ b/make/lib/NetworkingLibraries.gmk	Tue Nov 26 10:06:57 2013 +0000
@@ -25,6 +25,7 @@
 
 LIBNET_SRC_DIRS := $(JDK_TOPDIR)/src/share/native/java/net \
     $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/java/net \
+    $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/net/ \
     $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/net/dns \
     $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/net/spi
 
--- a/make/mapfiles/libnet/mapfile-vers	Wed Nov 20 23:33:07 2013 +0000
+++ b/make/mapfiles/libnet/mapfile-vers	Tue Nov 26 10:06:57 2013 +0000
@@ -86,6 +86,8 @@
 		Java_java_net_PlainSocketImpl_socketConnect;
 		Java_java_net_PlainDatagramSocketImpl_getTimeToLive;
 		Java_java_net_PlainDatagramSocketImpl_setTimeToLive;
+		Java_sun_net_PortConfig_getUpper0;
+		Java_sun_net_PortConfig_getLower0;
 		Java_sun_net_dns_ResolverConfigurationImpl_localDomain0;
 		Java_sun_net_dns_ResolverConfigurationImpl_fallbackDomain0;
 		Java_sun_net_sdp_SdpSupport_convert0;
--- a/src/share/classes/java/net/SocketPermission.java	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/classes/java/net/SocketPermission.java	Tue Nov 26 10:06:57 2013 +0000
@@ -44,6 +44,7 @@
 import java.io.IOException;
 import sun.net.util.IPAddressUtil;
 import sun.net.RegisteredDomain;
+import sun.net.PortConfig;
 import sun.security.util.SecurityConstants;
 import sun.security.util.Debug;
 
@@ -1217,17 +1218,9 @@
                     if (val != -1) {
                         return val;
                     } else {
-                        String prop = Security.getProperty(
-                            "network.ephemeralPortRange."+suffix
-                        );
-                        try {
-                                val = Integer.parseInt(prop);
-                        } catch (NumberFormatException e) {
-                            // shouldn't happen
-                            return defval;
-                        }
+                        return suffix.equals("low") ?
+                            PortConfig.getLower() : PortConfig.getUpper();
                     }
-                    return val;
                 }
             }
         );
--- a/src/share/classes/sun/rmi/registry/RegistryImpl.java	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/classes/sun/rmi/registry/RegistryImpl.java	Tue Nov 26 10:06:57 2013 +0000
@@ -119,8 +119,23 @@
     public RegistryImpl(int port)
         throws RemoteException
     {
-        LiveRef lref = new LiveRef(id, port);
-        setup(new UnicastServerRef(lref));
+        if (port == Registry.REGISTRY_PORT && System.getSecurityManager() != null) {
+            // grant permission for default port only.
+            try {
+                AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
+                    public Void run() throws RemoteException {
+                        LiveRef lref = new LiveRef(id, port);
+                        setup(new UnicastServerRef(lref));
+                        return null;
+                    }
+                }, null, new SocketPermission("localhost:"+port, "listen,accept"));
+            } catch (PrivilegedActionException pae) {
+                throw (RemoteException)pae.getException();
+            }
+        } else {
+            LiveRef lref = new LiveRef(id, port);
+            setup(new UnicastServerRef(lref));
+        }
     }
 
     /*
@@ -419,7 +434,7 @@
          * related classes themselves are more tightly limited by RMI.
          */
         perms.add(new SocketPermission("*", "connect,accept"));
-            perms.add(new SocketPermission("localhost:"+port, "listen,accept"));
+        perms.add(new SocketPermission("localhost:"+port, "listen,accept"));
 
         perms.add(new RuntimePermission("accessClassInPackage.sun.jvmstat.*"));
         perms.add(new RuntimePermission("accessClassInPackage.sun.jvm.hotspot.*"));
--- a/src/share/lib/security/java.security-linux	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/lib/security/java.security-linux	Tue Nov 26 10:06:57 2013 +0000
@@ -496,20 +496,3 @@
 #
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
-
-#
-# Default ephemeral port ranges (operating system specific)
-# used by java.net.SocketPermission to interpret the meaning of the special
-# port value zero, as in the following example:
-#
-#       SocketPermission("localhost:0" , "listen");
-#
-# These can be overridden by the system properties:
-#
-#       jdk.net.ephemeralPortRange.low and
-#       jdk.net.ephemeralPortRange.high
-#
-# respectively.
-#
-network.ephemeralPortRange.low=32768
-network.ephemeralPortRange.high=65535
--- a/src/share/lib/security/java.security-macosx	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/lib/security/java.security-macosx	Tue Nov 26 10:06:57 2013 +0000
@@ -497,22 +497,3 @@
 #
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
-
-
-#
-# Default ephemeral port ranges (operating system specific)
-# used by java.net.SocketPermission to interpret the meaning of the special
-# port value zero, as in the following example:
-#
-#        SocketPermission("localhost:0" , "listen");
-#
-# These can be overridden by the system properties:
-#
-#       jdk.net.ephemeralPortRange.low and
-#       jdk.net.ephemeralPortRange.high
-#
-# respectively.
-#
-network.ephemeralPortRange.low=49152
-network.ephemeralPortRange.high=65535
-
--- a/src/share/lib/security/java.security-solaris	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/lib/security/java.security-solaris	Tue Nov 26 10:06:57 2013 +0000
@@ -496,21 +496,3 @@
 #
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
-
-
-#
-# Default ephemeral port ranges (operating system specific)
-# used by java.net.SocketPermission to interpret the meaning of the special
-# port value zero, as in the following example:
-#
-#        SocketPermission("localhost:0" , "listen");
-#
-# These can be overridden by the system properties:
-#
-#       jdk.net.ephemeralPortRange.low and
-#       jdk.net.ephemeralPortRange.high
-#
-# respectively.
-#
-network.ephemeralPortRange.low=32768
-network.ephemeralPortRange.high=65535
--- a/src/share/lib/security/java.security-windows	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/share/lib/security/java.security-windows	Tue Nov 26 10:06:57 2013 +0000
@@ -497,20 +497,3 @@
 #
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
-
-#
-# Default ephemeral port ranges (operating system specific)
-# used by java.net.SocketPermission to interpret the meaning of the special
-# port value zero, as in the following example:
-#
-#        SocketPermission("localhost:0" , "listen");
-#
-# These can be overridden by the system properties:
-#
-#       jdk.net.ephemeralPortRange.low and
-#       jdk.net.ephemeralPortRange.high
-#
-# respectively.
-#
-network.ephemeralPortRange.low=49152
-network.ephemeralPortRange.high=65535
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/classes/sun/net/PortConfig.java	Tue Nov 26 10:06:57 2013 +0000
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net;
+
+import java.security.AccessController;
+
+/**
+ * Determines the ephemeral port range in use on this system.
+ * If this cannot be determined, then the default settings
+ * of the OS are returned.
+ */
+
+public final class PortConfig {
+
+    private static int defaultUpper, defaultLower;
+    private final static int upper, lower;
+
+    private PortConfig() {}
+
+    static {
+        AccessController.doPrivileged(
+            new java.security.PrivilegedAction<Void>() {
+                public Void run() {
+                    System.loadLibrary("net");
+                    String os = System.getProperty("os.name");
+                    if (os.startsWith("Linux")) {
+                        defaultLower = 32768;
+                        defaultUpper = 61000;
+                    } else if (os.startsWith("SunOS")) {
+                        defaultLower = 32768;
+                        defaultUpper = 65535;
+                    } else if (os.contains("OS X")) {
+                        defaultLower = 49152;
+                        defaultUpper = 65535;
+                    } else {
+                        throw new InternalError(
+                            "sun.net.PortConfig: unknown OS");
+                    }
+                    return null;
+                }
+            });
+
+        int v = getLower0();
+        if (v == -1) {
+            v = defaultLower;
+        }
+        lower = v;
+
+        v = getUpper0();
+        if (v == -1) {
+            v = defaultUpper;
+        }
+        upper = v;
+    }
+
+    static native int getLower0();
+    static native int getUpper0();
+
+    public static int getLower() {
+        return lower;
+    }
+
+    public static int getUpper() {
+        return upper;
+    }
+}
--- a/src/solaris/native/java/net/net_util_md.c	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/solaris/native/java/net/net_util_md.c	Tue Nov 26 10:06:57 2013 +0000
@@ -138,8 +138,7 @@
  * of the parameter is assumed to be an 'int'. If the parameter
  * cannot be obtained return -1
  */
-static int
-getParam(char *driver, char *param)
+int net_getParam(char *driver, char *param)
 {
     struct strioctl stri;
     char buf [64];
@@ -166,7 +165,7 @@
 
 /*
  * Iterative way to find the max value that SO_SNDBUF or SO_RCVBUF
- * for Solaris versions that do not support the ioctl() in getParam().
+ * for Solaris versions that do not support the ioctl() in net_getParam().
  * Ugly, but only called once (for each sotype).
  *
  * As an optimization, we make a guess using the default values for Solaris
@@ -1359,7 +1358,7 @@
              * If that fails, we use the search algorithm in findMaxBuf()
              */
             if (!init_tcp_max_buf && sotype == SOCK_STREAM) {
-                tcp_max_buf = getParam("/dev/tcp", "tcp_max_buf");
+                tcp_max_buf = net_getParam("/dev/tcp", "tcp_max_buf");
                 if (tcp_max_buf == -1) {
                     tcp_max_buf = findMaxBuf(fd, opt, SOCK_STREAM);
                     if (tcp_max_buf == -1) {
@@ -1368,7 +1367,7 @@
                 }
                 init_tcp_max_buf = 1;
             } else if (!init_udp_max_buf && sotype == SOCK_DGRAM) {
-                udp_max_buf = getParam("/dev/udp", "udp_max_buf");
+                udp_max_buf = net_getParam("/dev/udp", "udp_max_buf");
                 if (udp_max_buf == -1) {
                     udp_max_buf = findMaxBuf(fd, opt, SOCK_DGRAM);
                     if (udp_max_buf == -1) {
--- a/src/solaris/native/java/net/net_util_md.h	Wed Nov 20 23:33:07 2013 +0000
+++ b/src/solaris/native/java/net/net_util_md.h	Tue Nov 26 10:06:57 2013 +0000
@@ -81,6 +81,9 @@
 int getDefaultIPv6Interface(struct in6_addr *target_addr);
 #endif
 
+#ifdef __solaris__
+extern int net_getParam(char *driver, char *param);
+#endif
 
 /* needed from libsocket on Solaris 8 */
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/native/sun/net/portconfig.c	Tue Nov 26 10:06:57 2013 +0000
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+
+#if defined(_ALLBSD_SOURCE)
+#include <sys/sysctl.h>
+#endif
+
+#include "jni.h"
+#include "net_util.h"
+#include "sun_net_PortConfig.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct portrange {
+    int lower;
+    int higher;
+};
+
+static int getPortRange(struct portrange *range)
+{
+#ifdef __linux__
+    {
+        FILE *f;
+        int ret;
+
+        f = fopen("/proc/sys/net/ipv4/ip_local_port_range", "r");
+        if (f != NULL) {
+            ret = fscanf(f, "%d %d", &range->lower, &range->higher);
+            fclose(f);
+            return ret == 2 ? 0 : -1;
+        }
+        return -1;
+    }
+
+#elif defined(__solaris__)
+    {
+        range->higher = net_getParam("/dev/tcp", "tcp_largest_anon_port");
+        range->lower = net_getParam("/dev/tcp", "tcp_smallest_anon_port");
+        return 0;
+    }
+#elif defined(_ALLBSD_SOURCE)
+    {
+        int ret;
+        size_t size = sizeof(range->lower);
+        ret = sysctlbyname(
+            "net.inet.ip.portrange.first", &range->lower, &size, 0, 0
+        );
+        if (ret == -1) {
+            return -1;
+        }
+        size = sizeof(range->higher);
+        ret = sysctlbyname(
+            "net.inet.ip.portrange.last", &range->higher, &size, 0, 0
+        );
+        return ret;
+    }
+#else
+    return -1;
+#endif
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getLower0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    if (getPortRange(&range) < 0) {
+        return -1;
+    }
+    return range.lower;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getUpper0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    if (getPortRange(&range) < 0) {
+        return -1;
+    }
+    return range.higher;
+}
+
+#ifdef __cplusplus
+}
+#endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/classes/sun/net/PortConfig.java	Tue Nov 26 10:06:57 2013 +0000
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net;
+
+import java.security.AccessController;
+
+/**
+ * Determines the ephemeral port range in use on this system.
+ * If this cannot be determined, then the default settings
+ * of the OS are returned.
+ */
+
+public final class PortConfig {
+
+    private static int defaultUpper, defaultLower;
+    private final static int upper, lower;
+
+    static {
+        AccessController.doPrivileged(
+            new java.security.PrivilegedAction<Void>() {
+                public Void run() {
+                    System.loadLibrary("net");
+                    return null;
+                }
+            });
+
+        int v = getLower0();
+        if (v == -1) {
+            v = defaultLower;
+        }
+        lower = v;
+
+        v = getUpper0();
+        if (v == -1) {
+            v = defaultUpper;
+        }
+        upper = v;
+    }
+
+    static native int getLower0();
+    static native int getUpper0();
+
+    public static int getLower() {
+        return lower;
+    }
+
+    public static int getUpper() {
+        return upper;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/native/sun/net/portconfig.c	Tue Nov 26 10:06:57 2013 +0000
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <windows.h>
+#include "jni.h"
+#include "net_util.h"
+#include "sun_net_PortConfig.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct portrange {
+    int lower;
+    int higher;
+};
+
+static int getPortRange(struct portrange *range)
+{
+    OSVERSIONINFO ver;
+    ver.dwOSVersionInfoSize = sizeof(ver);
+    GetVersionEx(&ver);
+
+    /* Check for major version 5 or less = Windows XP/2003 or older */
+    if (ver.dwMajorVersion <= 5) {
+        LONG ret;
+        HKEY hKey;
+        range->lower = 1024;
+        range->higher = 4999;
+
+        /* check registry to see if upper limit was raised */
+        ret = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
+                   "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters",
+                   0, KEY_READ, (PHKEY)&hKey
+        );
+        if (ret == ERROR_SUCCESS) {
+            DWORD maxuserport;
+            ULONG ulType;
+            DWORD dwLen = sizeof(maxuserport);
+            ret = RegQueryValueEx(hKey, "MaxUserPort",  NULL, &ulType,
+                             (LPBYTE)&maxuserport, &dwLen);
+            RegCloseKey(hKey);
+            if (ret == ERROR_SUCCESS) {
+                range->higher = maxuserport;
+            }
+        }
+    } else {
+        /* There doesn't seem to be an API to access this. "MaxUserPort"
+          * is affected, but is not sufficient to determine.
+         * so we just use the defaults, which are less likely to change
+          */
+        range->lower = 49152;
+        range->higher = 65535;
+    }
+    return 0;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getLower0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    getPortRange(&range);
+    return range.lower;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getUpper0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    getPortRange(&range);
+    return range.higher;
+}
+#ifdef __cplusplus
+}
+#endif
--- a/test/java/rmi/activation/rmidViaInheritedChannel/RmidViaInheritedChannel.java	Wed Nov 20 23:33:07 2013 +0000
+++ b/test/java/rmi/activation/rmidViaInheritedChannel/RmidViaInheritedChannel.java	Tue Nov 26 10:06:57 2013 +0000
@@ -88,6 +88,17 @@
                                    TestLibrary.RMIDVIAINHERITEDCHANNEL_ACTIVATION_PORT);
             rmid.addOptions(new String[]{
                 "-Djava.nio.channels.spi.SelectorProvider=RmidViaInheritedChannel$RmidSelectorProvider"});
+            if (System.getProperty("os.name").startsWith("Windows") &&
+                System.getProperty("os.version").startsWith("5."))
+            {
+                /* Windows XP/2003 or older
+                 * Need to expand ephemeral range to include RMI test ports
+                 */
+                rmid.addOptions(new String[]{
+                    "-Djdk.net.ephemeralPortRange.low=1024",
+                    "-Djdk.net.ephemeralPortRange.high=64000"
+                });
+            }
             rmid.start();
 
             /*
--- a/test/java/rmi/registry/readTest/readTest.sh	Wed Nov 20 23:33:07 2013 +0000
+++ b/test/java/rmi/registry/readTest/readTest.sh	Tue Nov 26 10:06:57 2013 +0000
@@ -29,6 +29,10 @@
 # @run shell readTest.sh
 
 OS=`uname -s`
+VER=`uname -r`
+ARGS=""
+REGARGS=""
+
 case "$OS" in
   SunOS | Linux | Darwin )
     PS=":"
@@ -39,11 +43,19 @@
     PS=";"
     FS="\\"
     FILEURL="file:/"
+    if [ "$VER" -eq "5" ]; then
+        ARGS="-Djdk.net.ephemeralPortRange.low=1024 -Djdk.net.ephemeralPortRange.high=65000"
+        REGARGS="-J-Djdk.net.ephemeralPortRange.low=1024 -J-Djdk.net.ephemeralPortRange.high=65000"
+    fi
     ;;
   CYGWIN* )
     PS=";"
     FS="/"
     FILEURL="file:/"
+    if [ "$VER" -eq "5" ]; then
+        ARGS="-Djdk.net.ephemeralPortRange.low=1024 -Djdk.net.ephemeralPortRange.high=65000"
+        REGARGS="-J-Djdk.net.ephemeralPortRange.low=1024 -J-Djdk.net.ephemeralPortRange.high=65000"
+    fi
     ;;
   * )
     echo "Unrecognized system!"
@@ -61,8 +73,8 @@
 #start rmiregistry without any local classes on classpath
 cd rmi_tmp
 # NOTE: This RMI Registry port must match TestLibrary.READTEST_REGISTRY_PORT
-${TESTJAVA}${FS}bin${FS}rmiregistry -J-Djava.rmi.server.useCodebaseOnly=false \
-    ${TESTTOOLVMOPTS} 64005 > ..${FS}${RMIREG_OUT} 2>&1 &
+${TESTJAVA}${FS}bin${FS}rmiregistry ${REGARGS} -J-Djava.rmi.server.useCodebaseOnly=false \
+    ${TESTTOOLVMOPTS} 60005 > ..${FS}${RMIREG_OUT} 2>&1 &
 RMIREG_PID=$!
 # allow some time to start
 sleep 3
@@ -74,10 +86,10 @@
     ;;
   * )
     CODEBASE=`pwd`
-    ;;  
+    ;;
 esac
 # trailing / after code base is important for rmi codebase property.
-${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} -cp $TEST_CLASSPATH -Djava.rmi.server.codebase=${FILEURL}$CODEBASE/ readTest > OUT.TXT 2>&1 &
+${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} -cp $TEST_CLASSPATH ${ARGS} -Djava.rmi.server.codebase=${FILEURL}$CODEBASE/ readTest > OUT.TXT 2>&1 &
 TEST_PID=$!
 #bulk of testcase - let it run for a while
 sleep 5
@@ -100,7 +112,7 @@
 result2=$?
 
 if [ $result1 -eq 0  -a $result2 -eq 0 ]
-then 
+then
     echo "Passed"
     exitCode=0;
 else
@@ -108,6 +120,6 @@
     exitCode=1
 fi
 rm -rf OUT.TXT ${RMIREG_OUT} rmi_tmp
-exit ${exitCode}    
+exit ${exitCode}
 
 
--- a/test/java/rmi/testlibrary/TestLibrary.java	Wed Nov 20 23:33:07 2013 +0000
+++ b/test/java/rmi/testlibrary/TestLibrary.java	Tue Nov 26 10:06:57 2013 +0000
@@ -86,13 +86,13 @@
      * FIXED_PORT_MIN or above FIXED_PORT_MAX, then adjust
      * FIXED_PORT_MIN/MAX appropriately.
      */
-    public final static int FIXED_PORT_MIN = 64001;
-    public final static int FIXED_PORT_MAX = 64010;
-    public final static int RMIDVIAINHERITEDCHANNEL_ACTIVATION_PORT = 64001;
-    public final static int RMIDVIAINHERITEDCHANNEL_REGISTRY_PORT = 64002;
-    public final static int INHERITEDCHANNELNOTSERVERSOCKET_ACTIVATION_PORT = 64003;
-    public final static int INHERITEDCHANNELNOTSERVERSOCKET_REGISTRY_PORT = 64004;
-    public final static int READTEST_REGISTRY_PORT = 64005;
+    public final static int FIXED_PORT_MIN = 60001;
+    public final static int FIXED_PORT_MAX = 60010;
+    public final static int RMIDVIAINHERITEDCHANNEL_ACTIVATION_PORT = 60001;
+    public final static int RMIDVIAINHERITEDCHANNEL_REGISTRY_PORT = 60002;
+    public final static int INHERITEDCHANNELNOTSERVERSOCKET_ACTIVATION_PORT = 60003;
+    public final static int INHERITEDCHANNELNOTSERVERSOCKET_REGISTRY_PORT = 60004;
+    public final static int READTEST_REGISTRY_PORT = 60005;
     private final static int MAX_SERVER_SOCKET_TRIES = 2*(FIXED_PORT_MAX-FIXED_PORT_MIN+1);
 
     static void mesg(Object mesg) {