8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 8047031
27 * @summary SocketPermission tests for legacy socket types
28 * @run testng/othervm SocketPermissionTest
29 */
30 import java.io.IOException;
31 import java.net.DatagramPacket;
32 import java.net.DatagramSocket;
33 import java.net.InetAddress;
34 import java.net.MulticastSocket;
35 import java.net.ServerSocket;
36 import java.net.Socket;
37 import java.net.SocketPermission;
38 import java.security.AccessControlContext;
39 import java.security.AccessController;
40 import java.security.CodeSource;
41 import java.security.Permission;
42 import java.security.PermissionCollection;
43 import java.security.Permissions;
44 import java.security.Policy;
45 import java.security.PrivilegedExceptionAction;
46 import java.security.ProtectionDomain;
47
48 import org.testng.annotations.BeforeMethod;
49 import org.testng.annotations.Test;
50 import static org.testng.Assert.*;
51
52 import static java.nio.charset.StandardCharsets.UTF_8;
53
54 public class SocketPermissionTest {
55
56 @BeforeMethod
57 public void setupSecurityManager() throws Exception {
58 // All permissions, a specific ACC will be used to when testing
59 // with a reduced permission set.
60 Policy.setPolicy(new Policy() {
61 final PermissionCollection perms = new Permissions();
62 { perms.add(new java.security.AllPermission()); }
63 public PermissionCollection getPermissions(ProtectionDomain domain) {
64 return perms;
65 }
66 public PermissionCollection getPermissions(CodeSource codesource) {
67 return perms;
68 }
69 public boolean implies(ProtectionDomain domain, Permission perm) {
70 return perms.implies(perm);
71 }
193 DatagramPacket hi = new DatagramPacket(msg, msg.length, group, port);
194 ds.send(hi);
195 fail("Expected SecurityException");
196 return null;
197 }, RESTRICTED_ACC);
198 } catch (SecurityException expected) { }
199 }
200 }
201
202 @Test
203 public void joinGroupMulticastTest() throws Exception {
204 InetAddress group = InetAddress.getByName("229.227.226.221");
205 try (MulticastSocket s = new MulticastSocket(0)) {
206 int port = s.getLocalPort();
207
208 String addr = "localhost:" + port;
209 AccessControlContext acc = getAccessControlContext(
210 new SocketPermission(addr, "listen,resolve"),
211 new SocketPermission("229.227.226.221", "connect,accept"));
212
213 // Positive
214 AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
215 s.joinGroup(group);
216 s.leaveGroup(group);
217 return null;
218 }, acc);
219
220 // Negative
221 try {
222 AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
223 s.joinGroup(group);
224 s.leaveGroup(group);
225 fail("Expected SecurityException");
226 return null;
227 }, RESTRICTED_ACC);
228 } catch (SecurityException expected) { }
229 }
230
231 }
232
233 @Test
234 public void listenDatagramSocketTest() throws Exception {
235 // the hardcoded port number doesn't really matter since we expect the
236 // security permission to be checked before the underlying operation.
237 int port = 8899;
238 String addr = "localhost:" + port;
|
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 8047031
27 * @summary SocketPermission tests for legacy socket types
28 * @library /lib/testlibrary
29 * @build jdk.testlibrary.NetworkConfiguration
30 * @run testng/othervm SocketPermissionTest
31 */
32
33 import java.io.IOException;
34 import java.net.DatagramPacket;
35 import java.net.DatagramSocket;
36 import java.net.InetAddress;
37 import java.net.MulticastSocket;
38 import java.net.NetworkInterface;
39 import java.net.ServerSocket;
40 import java.net.Socket;
41 import java.net.SocketPermission;
42 import java.security.AccessControlContext;
43 import java.security.AccessController;
44 import java.security.CodeSource;
45 import java.security.Permission;
46 import java.security.PermissionCollection;
47 import java.security.Permissions;
48 import java.security.Policy;
49 import java.security.PrivilegedExceptionAction;
50 import java.security.ProtectionDomain;
51 import java.util.Optional;
52
53 import org.testng.annotations.BeforeMethod;
54 import org.testng.annotations.Test;
55
56 import static org.testng.Assert.*;
57
58 import static jdk.testlibrary.NetworkConfiguration.probe;
59 import static java.nio.charset.StandardCharsets.UTF_8;
60
61 public class SocketPermissionTest {
62
63 @BeforeMethod
64 public void setupSecurityManager() throws Exception {
65 // All permissions, a specific ACC will be used to when testing
66 // with a reduced permission set.
67 Policy.setPolicy(new Policy() {
68 final PermissionCollection perms = new Permissions();
69 { perms.add(new java.security.AllPermission()); }
70 public PermissionCollection getPermissions(ProtectionDomain domain) {
71 return perms;
72 }
73 public PermissionCollection getPermissions(CodeSource codesource) {
74 return perms;
75 }
76 public boolean implies(ProtectionDomain domain, Permission perm) {
77 return perms.implies(perm);
78 }
200 DatagramPacket hi = new DatagramPacket(msg, msg.length, group, port);
201 ds.send(hi);
202 fail("Expected SecurityException");
203 return null;
204 }, RESTRICTED_ACC);
205 } catch (SecurityException expected) { }
206 }
207 }
208
209 @Test
210 public void joinGroupMulticastTest() throws Exception {
211 InetAddress group = InetAddress.getByName("229.227.226.221");
212 try (MulticastSocket s = new MulticastSocket(0)) {
213 int port = s.getLocalPort();
214
215 String addr = "localhost:" + port;
216 AccessControlContext acc = getAccessControlContext(
217 new SocketPermission(addr, "listen,resolve"),
218 new SocketPermission("229.227.226.221", "connect,accept"));
219
220 // Positive ( requires a functional network interface )
221 Optional<NetworkInterface> onif = probe().ip4MulticastInterfaces().findFirst();
222 if (!onif.isPresent()) {
223 s.setNetworkInterface(onif.get());
224
225 AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
226 s.joinGroup(group);
227 s.leaveGroup(group);
228 return null;
229 }, acc);
230 }
231
232 // Negative
233 try {
234 AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
235 s.joinGroup(group);
236 s.leaveGroup(group);
237 fail("Expected SecurityException");
238 return null;
239 }, RESTRICTED_ACC);
240 } catch (SecurityException expected) { }
241 }
242
243 }
244
245 @Test
246 public void listenDatagramSocketTest() throws Exception {
247 // the hardcoded port number doesn't really matter since we expect the
248 // security permission to be checked before the underlying operation.
249 int port = 8899;
250 String addr = "localhost:" + port;
|