jdk Udiff src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java

src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -70,14 +70,13 @@
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManagerFactory;
 import javax.rmi.ssl.SslRMIClientSocketFactory;
 import javax.rmi.ssl.SslRMIServerSocketFactory;
 import javax.security.auth.Subject;
-
 import com.sun.jmx.remote.internal.rmi.RMIExporter;
+import com.sun.jmx.remote.security.HashedPasswordManager;
 import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
-
 import jdk.internal.agent.Agent;
 import jdk.internal.agent.AgentConfigurationError;
 import static jdk.internal.agent.AgentConfigurationError.*;
 import jdk.internal.agent.ConnectorAddressLink;
 import jdk.internal.agent.FileSystem;

@@ -101,10 +100,11 @@
         public static final String USE_SSL = "true";
         public static final String USE_LOCAL_ONLY = "true";
         public static final String USE_REGISTRY_SSL = "false";
         public static final String USE_AUTHENTICATION = "true";
         public static final String PASSWORD_FILE_NAME = "jmxremote.password";
+        public static final String HASH_PASSWORDS = "true";
         public static final String ACCESS_FILE_NAME = "jmxremote.access";
         public static final String SSL_NEED_CLIENT_AUTH = "false";
     }
 
     /**

@@ -128,10 +128,12 @@
                 "com.sun.management.jmxremote.registry.ssl";
         public static final String USE_AUTHENTICATION =
                 "com.sun.management.jmxremote.authenticate";
         public static final String PASSWORD_FILE_NAME =
                 "com.sun.management.jmxremote.password.file";
+        public static final String HASH_PASSWORDS
+                = "com.sun.management.jmxremote.password.hashpasswords";
         public static final String ACCESS_FILE_NAME =
                 "com.sun.management.jmxremote.access.file";
         public static final String LOGIN_CONFIG_NAME =
                 "com.sun.management.jmxremote.login.config";
         public static final String SSL_ENABLED_CIPHER_SUITES =

@@ -408,10 +410,11 @@
         final String sslConfigFileName =
                 props.getProperty(PropertyNames.SSL_CONFIG_FILE_NAME);
 
         String loginConfigName = null;
         String passwordFileName = null;
+        boolean shouldHashPasswords = true;
         String accessFileName = null;
 
         // Initialize settings when authentication is active
         if (useAuthentication) {

@@ -422,10 +425,15 @@
             if (loginConfigName == null) {
                 // Get password file
                 passwordFileName =
                         props.getProperty(PropertyNames.PASSWORD_FILE_NAME,
                         getDefaultFileName(DefaultValues.PASSWORD_FILE_NAME));
+                String hashPasswords
+                        = props.getProperty(PropertyNames.HASH_PASSWORDS,
+                                DefaultValues.HASH_PASSWORDS);
+                shouldHashPasswords = Boolean.parseBoolean(hashPasswords);
+
                 checkPasswordFile(passwordFileName);
             }
 
             // Get access file
             accessFileName = props.getProperty(PropertyNames.ACCESS_FILE_NAME,

@@ -469,11 +477,11 @@
             final JMXConnectorServerData data = exportMBeanServer(
                     mbs, port, rmiPort, useSsl, useRegistrySsl,
                     sslConfigFileName, enabledCipherSuitesList,
                     enabledProtocolsList, sslNeedClientAuth,
                     useAuthentication, loginConfigName,
-                    passwordFileName, accessFileName, bindAddress);
+                    passwordFileName, shouldHashPasswords, accessFileName, bindAddress);
             cs = data.jmxConnectorServer;
             url = data.jmxRemoteURL;
             config("startRemoteConnectorServer",
                    Agent.getText("jmxremote.ConnectorBootstrap.ready",
                    url.toString()));

@@ -726,10 +734,11 @@
             String[] enabledProtocols,
             boolean sslNeedClientAuth,
             boolean useAuthentication,
             String loginConfigName,
             String passwordFileName,
+            boolean shouldHashPasswords,
             String accessFileName,
             String bindAddress)
             throws IOException, MalformedURLException {
 
         /* Make sure we use non-guessable RMI object IDs.  Otherwise

@@ -755,10 +764,13 @@
                 env.put("jmx.remote.x.login.config", loginConfigName);
             }
             if (passwordFileName != null) {
                 env.put("jmx.remote.x.password.file", passwordFileName);
             }
+            if (shouldHashPasswords) {
+                env.put("jmx.remote.x.password.hashpasswords", "true");
+            }
 
             env.put("jmx.remote.x.access.file", accessFileName);
 
             if (env.get("jmx.remote.x.password.file") != null ||
                     env.get("jmx.remote.x.login.config") != null) {

< prev index next >