266 * To specify the local machine, use "localhost" as the <i>host</i>.
267 * Also note: An empty <i>host</i> String ("") is equivalent to "localhost".
268 * <p>
269 * The <i>actions</i> parameter contains a comma-separated list of the
270 * actions granted for the specified host (and port(s)). Possible actions are
271 * "connect", "listen", "accept", "resolve", or
272 * any combination of those. "resolve" is automatically added
273 * when any of the other three are specified.
274 * <p>
275 * Examples of SocketPermission instantiation are the following:
276 * <pre>
277 * nr = new SocketPermission("www.catalog.com", "connect");
278 * nr = new SocketPermission("www.sun.com:80", "connect");
279 * nr = new SocketPermission("*.sun.com", "connect");
280 * nr = new SocketPermission("*.edu", "resolve");
281 * nr = new SocketPermission("204.160.241.0", "connect");
282 * nr = new SocketPermission("localhost:1024-65535", "listen");
283 * nr = new SocketPermission("204.160.241.0:1024-65535", "connect");
284 * </pre>
285 *
286 * @param host the hostname or IPaddress of the computer, optionally
287 * including a colon followed by a port or port range.
288 * @param action the action string.
289 */
290 public SocketPermission(String host, String action) {
291 super(getHost(host));
292 // name initialized to getHost(host); NPE detected in getHost()
293 init(getName(), getMask(action));
294 }
295
296
297 SocketPermission(String host, int mask) {
298 super(getHost(host));
299 // name initialized to getHost(host); NPE detected in getHost()
300 init(getName(), mask);
301 }
302
303 private void setDeny() {
304 defaultDeny = true;
305 }
306
307 private static String getHost(String host) {
308 if (host.equals("")) {
309 return "localhost";
310 } else {
311 /* IPv6 literal address used in this context should follow
312 * the format specified in RFC 2732;
313 * if not, we try to solve the unambiguous case
314 */
315 int ind;
316 if (host.charAt(0) != '[') {
317 if ((ind = host.indexOf(':')) != host.lastIndexOf(':')) {
318 /* More than one ":", meaning IPv6 address is not
319 * in RFC 2732 format;
320 * We will rectify user errors for all unambiguious cases
321 */
322 StringTokenizer st = new StringTokenizer(host, ":");
323 int tokens = st.countTokens();
324 if (tokens == 9) {
325 // IPv6 address followed by port
326 ind = host.lastIndexOf(':');
327 host = "[" + host.substring(0, ind) + "]" +
328 host.substring(ind);
329 } else if (tokens == 8 && host.indexOf("::") == -1) {
330 // IPv6 address only, not followed by port
331 host = "[" + host + "]";
332 } else {
333 // could be ambiguous
334 throw new IllegalArgumentException("Ambiguous"+
335 " hostport part");
336 }
337 }
338 }
339 return host;
340 }
944 // check and see if we have any wildcards...
945 if (this.wildcard || that.wildcard) {
946 // if they are both wildcards, return true iff
947 // that's cname ends with this cname (i.e., *.sun.com
948 // implies *.eng.sun.com)
949 if (this.wildcard && that.wildcard)
950 return (that.cname.endsWith(this.cname));
951
952 // a non-wildcard can't imply a wildcard
953 if (that.wildcard)
954 return false;
955
956 // this is a wildcard, lets see if that's cname ends with
957 // it...
958 if (that.cname == null) {
959 that.getCanonName();
960 }
961 return (that.cname.endsWith(this.cname));
962 }
963
964 // comapare IP addresses
965 if (this.addresses == null) {
966 this.getIP();
967 }
968
969 if (that.addresses == null) {
970 that.getIP();
971 }
972
973 if (!(that.init_with_ip && this.isUntrusted())) {
974 for (j = 0; j < this.addresses.length; j++) {
975 for (i=0; i < that.addresses.length; i++) {
976 if (this.addresses[j].equals(that.addresses[i]))
977 return true;
978 }
979 }
980
981 // XXX: if all else fails, compare hostnames?
982 // Do we really want this?
983 if (this.cname == null) {
984 this.getCanonName();
|
266 * To specify the local machine, use "localhost" as the <i>host</i>.
267 * Also note: An empty <i>host</i> String ("") is equivalent to "localhost".
268 * <p>
269 * The <i>actions</i> parameter contains a comma-separated list of the
270 * actions granted for the specified host (and port(s)). Possible actions are
271 * "connect", "listen", "accept", "resolve", or
272 * any combination of those. "resolve" is automatically added
273 * when any of the other three are specified.
274 * <p>
275 * Examples of SocketPermission instantiation are the following:
276 * <pre>
277 * nr = new SocketPermission("www.catalog.com", "connect");
278 * nr = new SocketPermission("www.sun.com:80", "connect");
279 * nr = new SocketPermission("*.sun.com", "connect");
280 * nr = new SocketPermission("*.edu", "resolve");
281 * nr = new SocketPermission("204.160.241.0", "connect");
282 * nr = new SocketPermission("localhost:1024-65535", "listen");
283 * nr = new SocketPermission("204.160.241.0:1024-65535", "connect");
284 * </pre>
285 *
286 * @param host the hostname or IP address of the computer, optionally
287 * including a colon followed by a port or port range.
288 * @param action the action string.
289 */
290 public SocketPermission(String host, String action) {
291 super(getHost(host));
292 // name initialized to getHost(host); NPE detected in getHost()
293 init(getName(), getMask(action));
294 }
295
296
297 SocketPermission(String host, int mask) {
298 super(getHost(host));
299 // name initialized to getHost(host); NPE detected in getHost()
300 init(getName(), mask);
301 }
302
303 private void setDeny() {
304 defaultDeny = true;
305 }
306
307 private static String getHost(String host) {
308 if (host.equals("")) {
309 return "localhost";
310 } else {
311 /* IPv6 literal address used in this context should follow
312 * the format specified in RFC 2732;
313 * if not, we try to solve the unambiguous case
314 */
315 int ind;
316 if (host.charAt(0) != '[') {
317 if ((ind = host.indexOf(':')) != host.lastIndexOf(':')) {
318 /* More than one ":", meaning IPv6 address is not
319 * in RFC 2732 format;
320 * We will rectify user errors for all non-ambiguous cases
321 */
322 StringTokenizer st = new StringTokenizer(host, ":");
323 int tokens = st.countTokens();
324 if (tokens == 9) {
325 // IPv6 address followed by port
326 ind = host.lastIndexOf(':');
327 host = "[" + host.substring(0, ind) + "]" +
328 host.substring(ind);
329 } else if (tokens == 8 && host.indexOf("::") == -1) {
330 // IPv6 address only, not followed by port
331 host = "[" + host + "]";
332 } else {
333 // could be ambiguous
334 throw new IllegalArgumentException("Ambiguous"+
335 " hostport part");
336 }
337 }
338 }
339 return host;
340 }
944 // check and see if we have any wildcards...
945 if (this.wildcard || that.wildcard) {
946 // if they are both wildcards, return true iff
947 // that's cname ends with this cname (i.e., *.sun.com
948 // implies *.eng.sun.com)
949 if (this.wildcard && that.wildcard)
950 return (that.cname.endsWith(this.cname));
951
952 // a non-wildcard can't imply a wildcard
953 if (that.wildcard)
954 return false;
955
956 // this is a wildcard, lets see if that's cname ends with
957 // it...
958 if (that.cname == null) {
959 that.getCanonName();
960 }
961 return (that.cname.endsWith(this.cname));
962 }
963
964 // compare IP addresses
965 if (this.addresses == null) {
966 this.getIP();
967 }
968
969 if (that.addresses == null) {
970 that.getIP();
971 }
972
973 if (!(that.init_with_ip && this.isUntrusted())) {
974 for (j = 0; j < this.addresses.length; j++) {
975 for (i=0; i < that.addresses.length; i++) {
976 if (this.addresses[j].equals(that.addresses[i]))
977 return true;
978 }
979 }
980
981 // XXX: if all else fails, compare hostnames?
982 // Do we really want this?
983 if (this.cname == null) {
984 this.getCanonName();
|