133 *
134 * <p>Note: Granting code permission to accept or make connections to remote
135 * hosts may be dangerous because malevolent code can then more easily
136 * transfer and share confidential data among parties who may not
137 * otherwise have access to the data.
138 *
139 * @see java.security.Permissions
140 * @see SocketPermission
141 *
142 *
143 * @author Marianne Mueller
144 * @author Roland Schemers
145 * @since 1.2
146 *
147 * @serial exclude
148 */
149
150 public final class SocketPermission extends Permission
151 implements java.io.Serializable
152 {
153 private static final long serialVersionUID = -7204263841984476862L;
154
155 /**
156 * Connect to host:port
157 */
158 private static final int CONNECT = 0x1;
159
160 /**
161 * Listen on host:port
162 */
163 private static final int LISTEN = 0x2;
164
165 /**
166 * Accept a connection from host:port
167 */
168 private static final int ACCEPT = 0x4;
169
170 /**
171 * Resolve DNS queries
172 */
1169 * Returns a new PermissionCollection object for storing SocketPermission
1170 * objects.
1171 * <p>
1172 * SocketPermission objects must be stored in a manner that allows them
1173 * to be inserted into the collection in any order, but that also enables the
1174 * PermissionCollection {@code implies}
1175 * method to be implemented in an efficient (and consistent) manner.
1176 *
1177 * @return a new PermissionCollection object suitable for storing SocketPermissions.
1178 */
1179 @Override
1180 public PermissionCollection newPermissionCollection() {
1181 return new SocketPermissionCollection();
1182 }
1183
1184 /**
1185 * WriteObject is called to save the state of the SocketPermission
1186 * to a stream. The actions are serialized, and the superclass
1187 * takes care of the name.
1188 */
1189 private synchronized void writeObject(java.io.ObjectOutputStream s)
1190 throws IOException
1191 {
1192 // Write out the actions. The superclass takes care of the name
1193 // call getActions to make sure actions field is initialized
1194 if (actions == null)
1195 getActions();
1196 s.defaultWriteObject();
1197 }
1198
1199 /**
1200 * readObject is called to restore the state of the SocketPermission from
1201 * a stream.
1202 */
1203 private synchronized void readObject(java.io.ObjectInputStream s)
1204 throws IOException, ClassNotFoundException
1205 {
1206 // Read in the action, then initialize the rest
1207 s.defaultReadObject();
1208 init(getName(),getMask(actions));
1209 }
1210
1211 /**
1212 * Check the system/security property for the ephemeral port range
1213 * for this system. The suffix is either "high" or "low"
1214 */
1215 private static int initEphemeralPorts(String suffix, int defval) {
1216 return AccessController.doPrivileged(
1217 new PrivilegedAction<>(){
1218 public Integer run() {
1219 int val = Integer.getInteger(
1220 "jdk.net.ephemeralPortRange."+suffix, -1
1221 );
1222 if (val != -1) {
1431 return true;
1432 }
1433 needed = (desired ^ effective);
1434 }
1435 }
1436 return false;
1437 }
1438
1439 /**
1440 * Returns an enumeration of all the SocketPermission objects in the
1441 * container.
1442 *
1443 * @return an enumeration of all the SocketPermission objects.
1444 */
1445 @Override
1446 @SuppressWarnings("unchecked")
1447 public Enumeration<Permission> elements() {
1448 return (Enumeration)Collections.enumeration(perms.values());
1449 }
1450
1451 private static final long serialVersionUID = 2787186408602843674L;
1452
1453 // Need to maintain serialization interoperability with earlier releases,
1454 // which had the serializable field:
1455
1456 //
1457 // The SocketPermissions for this set.
1458 // @serial
1459 //
1460 // private Vector permissions;
1461
1462 /**
1463 * @serialField permissions java.util.Vector
1464 * A list of the SocketPermissions for this set.
1465 */
1466 private static final ObjectStreamField[] serialPersistentFields = {
1467 new ObjectStreamField("permissions", Vector.class),
1468 };
1469
1470 /**
1471 * @serialData "permissions" field (a Vector containing the SocketPermissions).
1472 */
1473 /*
1474 * Writes the contents of the perms field out as a Vector for
1475 * serialization compatibility with earlier releases.
1476 */
1477 private void writeObject(ObjectOutputStream out) throws IOException {
1478 // Don't call out.defaultWriteObject()
1479
1480 // Write out Vector
1481 Vector<SocketPermission> permissions = new Vector<>(perms.values());
1482
1483 ObjectOutputStream.PutField pfields = out.putFields();
1484 pfields.put("permissions", permissions);
1485 out.writeFields();
1486 }
1487
1488 /*
1489 * Reads in a Vector of SocketPermissions and saves them in the perms field.
1490 */
1491 private void readObject(ObjectInputStream in)
1492 throws IOException, ClassNotFoundException
1493 {
1494 // Don't call in.defaultReadObject()
1495
1496 // Read in serialized fields
1497 ObjectInputStream.GetField gfields = in.readFields();
1498
1499 // Get the one we want
1500 @SuppressWarnings("unchecked")
1501 Vector<SocketPermission> permissions = (Vector<SocketPermission>)gfields.get("permissions", null);
1502 perms = new ConcurrentSkipListMap<>(new SPCComparator());
1503 for (SocketPermission sp : permissions) {
1504 perms.put(sp.getName(), sp);
1505 }
1506 }
1507
1508 /**
1509 * A simple comparator that orders new non-equal entries at the beginning.
1510 */
|
133 *
134 * <p>Note: Granting code permission to accept or make connections to remote
135 * hosts may be dangerous because malevolent code can then more easily
136 * transfer and share confidential data among parties who may not
137 * otherwise have access to the data.
138 *
139 * @see java.security.Permissions
140 * @see SocketPermission
141 *
142 *
143 * @author Marianne Mueller
144 * @author Roland Schemers
145 * @since 1.2
146 *
147 * @serial exclude
148 */
149
150 public final class SocketPermission extends Permission
151 implements java.io.Serializable
152 {
153 @java.io.Serial
154 private static final long serialVersionUID = -7204263841984476862L;
155
156 /**
157 * Connect to host:port
158 */
159 private static final int CONNECT = 0x1;
160
161 /**
162 * Listen on host:port
163 */
164 private static final int LISTEN = 0x2;
165
166 /**
167 * Accept a connection from host:port
168 */
169 private static final int ACCEPT = 0x4;
170
171 /**
172 * Resolve DNS queries
173 */
1170 * Returns a new PermissionCollection object for storing SocketPermission
1171 * objects.
1172 * <p>
1173 * SocketPermission objects must be stored in a manner that allows them
1174 * to be inserted into the collection in any order, but that also enables the
1175 * PermissionCollection {@code implies}
1176 * method to be implemented in an efficient (and consistent) manner.
1177 *
1178 * @return a new PermissionCollection object suitable for storing SocketPermissions.
1179 */
1180 @Override
1181 public PermissionCollection newPermissionCollection() {
1182 return new SocketPermissionCollection();
1183 }
1184
1185 /**
1186 * WriteObject is called to save the state of the SocketPermission
1187 * to a stream. The actions are serialized, and the superclass
1188 * takes care of the name.
1189 */
1190 @java.io.Serial
1191 private synchronized void writeObject(java.io.ObjectOutputStream s)
1192 throws IOException
1193 {
1194 // Write out the actions. The superclass takes care of the name
1195 // call getActions to make sure actions field is initialized
1196 if (actions == null)
1197 getActions();
1198 s.defaultWriteObject();
1199 }
1200
1201 /**
1202 * readObject is called to restore the state of the SocketPermission from
1203 * a stream.
1204 */
1205 @java.io.Serial
1206 private synchronized void readObject(java.io.ObjectInputStream s)
1207 throws IOException, ClassNotFoundException
1208 {
1209 // Read in the action, then initialize the rest
1210 s.defaultReadObject();
1211 init(getName(),getMask(actions));
1212 }
1213
1214 /**
1215 * Check the system/security property for the ephemeral port range
1216 * for this system. The suffix is either "high" or "low"
1217 */
1218 private static int initEphemeralPorts(String suffix, int defval) {
1219 return AccessController.doPrivileged(
1220 new PrivilegedAction<>(){
1221 public Integer run() {
1222 int val = Integer.getInteger(
1223 "jdk.net.ephemeralPortRange."+suffix, -1
1224 );
1225 if (val != -1) {
1434 return true;
1435 }
1436 needed = (desired ^ effective);
1437 }
1438 }
1439 return false;
1440 }
1441
1442 /**
1443 * Returns an enumeration of all the SocketPermission objects in the
1444 * container.
1445 *
1446 * @return an enumeration of all the SocketPermission objects.
1447 */
1448 @Override
1449 @SuppressWarnings("unchecked")
1450 public Enumeration<Permission> elements() {
1451 return (Enumeration)Collections.enumeration(perms.values());
1452 }
1453
1454 @java.io.Serial
1455 private static final long serialVersionUID = 2787186408602843674L;
1456
1457 // Need to maintain serialization interoperability with earlier releases,
1458 // which had the serializable field:
1459
1460 //
1461 // The SocketPermissions for this set.
1462 // @serial
1463 //
1464 // private Vector permissions;
1465
1466 /**
1467 * @serialField permissions java.util.Vector
1468 * A list of the SocketPermissions for this set.
1469 */
1470 @java.io.Serial
1471 private static final ObjectStreamField[] serialPersistentFields = {
1472 new ObjectStreamField("permissions", Vector.class),
1473 };
1474
1475 /**
1476 * @serialData "permissions" field (a Vector containing the SocketPermissions).
1477 */
1478 /*
1479 * Writes the contents of the perms field out as a Vector for
1480 * serialization compatibility with earlier releases.
1481 */
1482 @java.io.Serial
1483 private void writeObject(ObjectOutputStream out) throws IOException {
1484 // Don't call out.defaultWriteObject()
1485
1486 // Write out Vector
1487 Vector<SocketPermission> permissions = new Vector<>(perms.values());
1488
1489 ObjectOutputStream.PutField pfields = out.putFields();
1490 pfields.put("permissions", permissions);
1491 out.writeFields();
1492 }
1493
1494 /*
1495 * Reads in a Vector of SocketPermissions and saves them in the perms field.
1496 */
1497 @java.io.Serial
1498 private void readObject(ObjectInputStream in)
1499 throws IOException, ClassNotFoundException
1500 {
1501 // Don't call in.defaultReadObject()
1502
1503 // Read in serialized fields
1504 ObjectInputStream.GetField gfields = in.readFields();
1505
1506 // Get the one we want
1507 @SuppressWarnings("unchecked")
1508 Vector<SocketPermission> permissions = (Vector<SocketPermission>)gfields.get("permissions", null);
1509 perms = new ConcurrentSkipListMap<>(new SPCComparator());
1510 for (SocketPermission sp : permissions) {
1511 perms.put(sp.getName(), sp);
1512 }
1513 }
1514
1515 /**
1516 * A simple comparator that orders new non-equal entries at the beginning.
1517 */
|