1 /* 2 * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package javax.net.ssl; 27 28 import java.security.*; 29 30 /** 31 * This class is for various network permissions. 32 * An SSLPermission contains a name (also referred to as a "target name") but 33 * no actions list; you either have the named permission 34 * or you don't. 35 * <P> 36 * The target name is the name of the network permission (see below). The naming 37 * convention follows the hierarchical property naming convention. 38 * Also, an asterisk 39 * may appear at the end of the name, following a ".", or by itself, to 40 * signify a wildcard match. For example: "foo.*" and "*" signify a wildcard 41 * match, while "*foo" and "a*b" do not. 42 * <P> 43 * The following table lists all the possible SSLPermission target names, 44 * and for each provides a description of what the permission allows 45 * and a discussion of the risks of granting code the permission. 46 * 47 * <table class="striped"> 48 * <caption style="display:none">permission name, what it allows, and associated risks</caption> 49 * <thead> 50 * <tr> 51 * <th scope="col">Permission Target Name</th> 52 * <th scope="col">What the Permission Allows</th> 53 * <th scope="col">Risks of Allowing this Permission</th> 54 * </tr> 55 * </thead> 56 * 57 * <tbody> 58 * <tr> 59 * <th scope="row">setHostnameVerifier</th> 60 * <td>The ability to set a callback which can decide whether to 61 * allow a mismatch between the host being connected to by 62 * an HttpsURLConnection and the common name field in 63 * server certificate. 64 * </td> 65 * <td>Malicious 66 * code can set a verifier that monitors host names visited by 67 * HttpsURLConnection requests or that allows server certificates 68 * with invalid common names. 69 * </td> 70 * </tr> 71 * 72 * <tr> 73 * <th scope="row">getSSLSessionContext</th> 74 * <td>The ability to get the SSLSessionContext of an SSLSession. 75 * </td> 76 * <td>Malicious code may monitor sessions which have been established 77 * with SSL peers or might invalidate sessions to slow down performance. 78 * </td> 79 * </tr> 80 * 81 * <tr> 82 * <th scope="row">setDefaultSSLContext</th> 83 * <td>The ability to set the default SSL context 84 * </td> 85 * <td>Malicious code can set a context that monitors the opening of 86 * connections or the plaintext data that is transmitted. 87 * </td> 88 * </tr> 89 * 90 * </tbody> 91 * </table> 92 * 93 * @see java.security.BasicPermission 94 * @see java.security.Permission 95 * @see java.security.Permissions 96 * @see java.security.PermissionCollection 97 * @see java.lang.SecurityManager 98 * 99 * @since 1.4 100 * @author Marianne Mueller 101 * @author Roland Schemers 102 */ 103 104 public final class SSLPermission extends BasicPermission { 105 106 @java.io.Serial 107 private static final long serialVersionUID = -3456898025505876775L; 108 109 /** 110 * Creates a new SSLPermission with the specified name. 111 * The name is the symbolic name of the SSLPermission, such as 112 * "setDefaultAuthenticator", etc. An asterisk 113 * may appear at the end of the name, following a ".", or by itself, to 114 * signify a wildcard match. 115 * 116 * @param name the name of the SSLPermission. 117 * 118 * @throws NullPointerException if <code>name</code> is null. 119 * @throws IllegalArgumentException if <code>name</code> is empty. 120 */ 121 122 public SSLPermission(String name) 123 { 124 super(name); 125 } 126 127 /** 128 * Creates a new SSLPermission object with the specified name. 129 * The name is the symbolic name of the SSLPermission, and the 130 * actions String is currently unused and should be null. 131 * 132 * @param name the name of the SSLPermission. 133 * @param actions ignored. 134 * 135 * @throws NullPointerException if <code>name</code> is null. 136 * @throws IllegalArgumentException if <code>name</code> is empty. 137 */ 138 139 public SSLPermission(String name, String actions) 140 { 141 super(name, actions); 142 } 143 }