# HG changeset patch # User ddehaven # Date 1476287273 25200 # Wed Oct 12 08:47:53 2016 -0700 # Node ID 78b8bbb43c1e448dd9bdc3e8f7b7828441a6eda6 # Parent 83581f5ab677a9665e58532146fdfd4985e5e863 8165271: Fix use of reflection to gain access to private fields Reviewed-by: diff --git a/src/java.base/share/classes/java/net/InetAddress.java b/src/java.base/share/classes/java/net/InetAddress.java --- a/src/java.base/share/classes/java/net/InetAddress.java +++ b/src/java.base/share/classes/java/net/InetAddress.java @@ -321,6 +321,13 @@ public String getOriginalHostName(InetAddress ia) { return ia.holder.getOriginalHostName(); } + + public InetAddress getByName(String hostName, + InetAddress hostAddress) + throws UnknownHostException + { + return InetAddress.getByName(hostName, hostAddress); + } } ); init(); diff --git a/src/java.base/share/classes/java/net/URLClassLoader.java b/src/java.base/share/classes/java/net/URLClassLoader.java --- a/src/java.base/share/classes/java/net/URLClassLoader.java +++ b/src/java.base/share/classes/java/net/URLClassLoader.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -51,6 +51,8 @@ import jdk.internal.loader.Resource; import jdk.internal.loader.URLClassPath; +import jdk.internal.misc.JavaNetUrlClassLoaderAccess; +import jdk.internal.misc.SharedSecrets; import jdk.internal.perf.PerfCounter; import sun.net.www.ParseUtil; import sun.security.util.SecurityConstants; @@ -765,6 +767,14 @@ } static { + SharedSecrets.setJavaNetUrlClassLoaderAccess( + new JavaNetUrlClassLoaderAccess() { + @Override + public AccessControlContext getAccessControlContext(URLClassLoader u) { + return u.acc; + } + } + ); ClassLoader.registerAsParallelCapable(); } } diff --git a/src/java.base/share/classes/java/security/ProtectionDomain.java b/src/java.base/share/classes/java/security/ProtectionDomain.java --- a/src/java.base/share/classes/java/security/ProtectionDomain.java +++ b/src/java.base/share/classes/java/security/ProtectionDomain.java @@ -89,6 +89,11 @@ AccessController.getContext(), context); } + @Override + public ProtectionDomain[] getProtectDomains(AccessControlContext context) { + return context.getContext(); + } + private static AccessControlContext getCombinedACC( AccessControlContext context, AccessControlContext stack) { AccessControlContext acc = diff --git a/src/java.base/share/classes/jdk/internal/misc/JavaNetInetAddressAccess.java b/src/java.base/share/classes/jdk/internal/misc/JavaNetInetAddressAccess.java --- a/src/java.base/share/classes/jdk/internal/misc/JavaNetInetAddressAccess.java +++ b/src/java.base/share/classes/jdk/internal/misc/JavaNetInetAddressAccess.java @@ -26,6 +26,7 @@ package jdk.internal.misc; import java.net.InetAddress; +import java.net.UnknownHostException; public interface JavaNetInetAddressAccess { /** @@ -33,4 +34,13 @@ * the given InetAddress object. */ String getOriginalHostName(InetAddress ia); + + /** + * Get the InetAddress of the provided host. If an InetAddress is provided + * then it will be the default address returned for all calls to either + * form of getByName. This is required to maintain consistency when + * caching addresses and hostnames. + */ + InetAddress getByName(String hostName, InetAddress hostAddress) + throws UnknownHostException; } diff --git a/src/java.base/share/classes/jdk/internal/misc/JavaNetUrlClassLoaderAccess.java b/src/java.base/share/classes/jdk/internal/misc/JavaNetUrlClassLoaderAccess.java new file mode 100644 --- /dev/null +++ b/src/java.base/share/classes/jdk/internal/misc/JavaNetUrlClassLoaderAccess.java @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.internal.misc; + +import java.net.URLClassLoader; +import java.security.AccessControlContext; + +public interface JavaNetUrlClassLoaderAccess { + AccessControlContext getAccessControlContext(URLClassLoader u);; +} diff --git a/src/java.base/share/classes/jdk/internal/misc/JavaSecurityAccess.java b/src/java.base/share/classes/jdk/internal/misc/JavaSecurityAccess.java --- a/src/java.base/share/classes/jdk/internal/misc/JavaSecurityAccess.java +++ b/src/java.base/share/classes/jdk/internal/misc/JavaSecurityAccess.java @@ -27,6 +27,7 @@ import java.security.AccessControlContext; import java.security.PrivilegedAction; +import java.security.ProtectionDomain; public interface JavaSecurityAccess { @@ -37,4 +38,5 @@ T doIntersectionPrivilege(PrivilegedAction action, AccessControlContext context); + ProtectionDomain[] getProtectDomains(AccessControlContext context); } diff --git a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java --- a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java +++ b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java @@ -57,6 +57,7 @@ private static JavaNetHttpCookieAccess javaNetHttpCookieAccess; private static JavaNetSocketAccess javaNetSocketAccess; private static JavaNetUriAccess javaNetUriAccess; + private static JavaNetUrlClassLoaderAccess javaNetUrlClassLoaderAccess; private static JavaNioAccess javaNioAccess; private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess; private static JavaIOFilePermissionAccess javaIOFilePermissionAccess; @@ -144,6 +145,16 @@ return javaNetUriAccess; } + public static void setJavaNetUrlClassLoaderAccess(JavaNetUrlClassLoaderAccess jnua) { + javaNetUrlClassLoaderAccess = jnua; + } + + public static JavaNetUrlClassLoaderAccess getJavaNetUrlClassLoaderAccess() { + if (javaNetUrlClassLoaderAccess == null) + unsafe.ensureClassInitialized(java.net.URLClassLoader.class); + return javaNetUrlClassLoaderAccess; + } + public static void setJavaNetInetAddressAccess(JavaNetInetAddressAccess jna) { javaNetInetAddressAccess = jna; } diff --git a/src/java.desktop/share/classes/sun/applet/AppletSecurity.java b/src/java.desktop/share/classes/sun/applet/AppletSecurity.java --- a/src/java.desktop/share/classes/sun/applet/AppletSecurity.java +++ b/src/java.desktop/share/classes/sun/applet/AppletSecurity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -40,36 +40,25 @@ import java.util.StringTokenizer; import java.security.*; import java.lang.reflect.*; +import jdk.internal.misc.JavaNetUrlClassLoaderAccess; +import jdk.internal.misc.JavaSecurityAccess; +import jdk.internal.misc.SharedSecrets; import sun.awt.AWTSecurityManager; import sun.awt.AppContext; import sun.awt.AWTPermissions; import sun.security.util.SecurityConstants; + /** * This class defines an applet security policy * */ public class AppletSecurity extends AWTSecurityManager { - - //URLClassLoader.acc - private static Field facc = null; - - //AccessControlContext.context; - private static Field fcontext = null; - - static { - try { - facc = URLClassLoader.class.getDeclaredField("acc"); - facc.setAccessible(true); - fcontext = AccessControlContext.class.getDeclaredField("context"); - fcontext.setAccessible(true); - } catch (NoSuchFieldException e) { - throw new UnsupportedOperationException(e); - } - } - + private static final JavaNetUrlClassLoaderAccess JNUCLA + = SharedSecrets.getJavaNetUrlClassLoaderAccess(); + private static final JavaSecurityAccess JSA = SharedSecrets.getJavaSecurityAccess(); /** * Construct and initialize. @@ -148,6 +137,7 @@ final ClassLoader currentLoader = context[i].getClassLoader(); if (currentLoader instanceof URLClassLoader) { + URLClassLoader ld = (URLClassLoader)currentLoader; loader = AccessController.doPrivileged( new PrivilegedAction() { public ClassLoader run() { @@ -156,12 +146,12 @@ ProtectionDomain[] pds = null; try { - acc = (AccessControlContext) facc.get(currentLoader); + acc = JNUCLA.getAccessControlContext(ld); if (acc == null) { return null; } - pds = (ProtectionDomain[]) fcontext.get(acc); + pds = JSA.getProtectDomains(acc); if (pds == null) { return null; }