Mon, 25 Apr 2016 10:59:08 -0700
Merge
.hgtags | file | annotate | diff | comparison | revisions |
1.1 --- a/.hgtags Mon Apr 25 09:31:39 2016 -0700 1.2 +++ b/.hgtags Mon Apr 25 10:59:08 2016 -0700 1.3 @@ -384,6 +384,7 @@ 1.4 bd0186cd2419129357b110fe3f13519f68b29774 jdk8u40-b27 1.5 28a1dbd4bb9ec97427790c88d21514af2f878c94 jdk8u40-b31 1.6 663a3151c688bc3f4c092bcad21cc81e29139d62 jdk8u40-b32 1.7 +5b700e0c00471ba1b7575fc6d03d6b0a0e041b50 jdk8u40-b33 1.8 5761efbc739fdedcbff224e22f920e88b29af4cf jdk8u45-b00 1.9 6a52852476c9ccb2d52153d1b94b675e863bb28c jdk8u45-b01 1.10 3b9d342f9f584465ea5976e06357b45682f9681d jdk8u45-b02 1.11 @@ -542,6 +543,19 @@ 1.12 0ce690c17329bde61998e5cd30b1beec9872262f jdk8u74-b01 1.13 5eb60567655e15d7ba4c349658d707f5bde0c2b8 jdk8u74-b02 1.14 d82cbb7a4bfe21b146f7b91ce833ac5a579c94eb jdk8u72-b31 1.15 +e3b496b6ae52f2c018e9c628c31be984bb4907e7 jdk8u73-b00 1.16 +5e484ab4b05f1398e924ab90874f7fe2ddf20731 jdk8u73-b01 1.17 +0cfcffb354bb4c76cac46f52b16a50e3b57794b9 jdk8u73-b02 1.18 +9e88cf03fe09fbf33045f43489be6f9c00e80c35 jdk8u74-b00 1.19 +0ce690c17329bde61998e5cd30b1beec9872262f jdk8u74-b01 1.20 +5eb60567655e15d7ba4c349658d707f5bde0c2b8 jdk8u74-b02 1.21 +3d00f5689b6c6e71fb1a230b7a746b61569b90ec jdk8u74-b31 1.22 +0cec2665affa36496b906c566e22ba7048ae6087 jdk8u74-b32 1.23 +7b719c1dec62535c34030cf3457abe6f478f13a0 jdk8u77-b00 1.24 +cafc1648f432eff2c392040af2db4505c3d290b6 jdk8u77-b01 1.25 +0f0077ee5e53365562ff77a01aa97d0c7374f447 jdk8u77-b02 1.26 +e8dc6eb11c761f20b44d8c4b8acb0846268872f1 jdk8u77-b03 1.27 +af6ddd4cd94c9353cc053b888de6d42d4d0faf47 jdk8u77-b31 1.28 073b951904b3ee7c54fb79a169478fa66d925320 jdk8u75-b00 1.29 5b48f7defe40eab668fe554df0afd87d84d60722 jdk8u75-b01 1.30 0015f4a7f0d02a9bb79b7a0c737590f01feaabd4 jdk8u75-b02 1.31 @@ -581,6 +595,47 @@ 1.32 e0fbd6a51e061025f2d6ad0311a587f7ce3c2b43 jdk8u92-b00 1.33 8f0466c0dce60b1df3bc01785b01a7f09fa7b564 jdk8u92-b13 1.34 5617f9bec354fb2c60bbb816d175f4cee7d2c56e jdk8u92-b14 1.35 +fe88377e18b0c5f3da8e6741e0d5b9bfd45d2648 jdk8u92-b31 1.36 +073b951904b3ee7c54fb79a169478fa66d925320 jdk8u75-b00 1.37 +5b48f7defe40eab668fe554df0afd87d84d60722 jdk8u75-b01 1.38 +0015f4a7f0d02a9bb79b7a0c737590f01feaabd4 jdk8u75-b02 1.39 +74b2903babf0f4138c367e3f9eea8958f5d71b94 jdk8u75-b03 1.40 +aa99436ccf826b3a2eecdaf646814e58cf514efb jdk8u101-b00 1.41 +aa99436ccf826b3a2eecdaf646814e58cf514efb jdk8u75-b04 1.42 +e4dd4a6a2e67aa42d1e22246216f56a5280f83fb jdk8u75-b05 1.43 +6ca185377097c44ee1768f2f817b1b9e3b89068c jdk8u75-b06 1.44 +77880a70d92dbfc0ab1dab1aefad179c711ea852 jdk8u75-b07 1.45 +d267b16e3ecc006200ec6478904b7ea119df5b19 jdk8u75-b08 1.46 +1030aea873cdecfb6f55ab652abc67c901f61f60 jdk8u75-b09 1.47 +964fe4bba121592325cb346e3a4fa677b277d0ec jdk8u75-b10 1.48 +f7cfd44464c3c3efd6d6f29921fad4ed0de75d83 jdk8u75-b12 1.49 +7b719c1dec62535c34030cf3457abe6f478f13a0 jdk8u77-b00 1.50 +cafc1648f432eff2c392040af2db4505c3d290b6 jdk8u77-b01 1.51 +0f0077ee5e53365562ff77a01aa97d0c7374f447 jdk8u77-b02 1.52 +e8dc6eb11c761f20b44d8c4b8acb0846268872f1 jdk8u77-b03 1.53 +cd7cec8fd295c0462a813b5f54dc5457c2bade2d jdk8u91-b00 1.54 +4ea02753e66e348ee4639e157061bcbdef1d7ff3 jdk8u91-b13 1.55 +7deeb4f70404e4f52306f9d0bcfc482fc5f16fb3 jdk8u76-b00 1.56 +5786892e7c7d512ef9104a469ff7eafeaac12c38 jdk8u76-b01 1.57 +239155e48af89968b62e695a3233d42bed1a3282 jdk8u76-b02 1.58 +137e5c45fd5422ecd6c758c6b83a2f184abef91b jdk8u76-b03 1.59 +7bbceb589f5ddb6eefab2b23de0003de67cfc667 jdk8u76-b04 1.60 +ca66a2dd5cfd6d4d0d05ee9861ff3cadd7166761 jdk8u76-b05 1.61 +f8453e7a3185060e5625127fe76b5cd7ae64150a jdk8u76-b06 1.62 +dd1d572083b0b11f70f03408f6bb154bbdef4272 jdk8u76-b07 1.63 +fc122918583747b114b246babc82841a827c56c7 jdk8u76-b08 1.64 +afb55372bcc787b75e24afd28b00cfaaa45bb77d jdk8u76-b09 1.65 +d2f26e6433db89354b028fb75abcc6ca266d035f jdk8u76-b10 1.66 +df2dcefb08f9e3c65a4cbea75e54600649d063d0 jdk8u76-b11 1.67 +94c775e05eb053b8440d82298927a144ed73f340 jdk8u76-b12 1.68 +e0fbd6a51e061025f2d6ad0311a587f7ce3c2b43 jdk8u92-b00 1.69 +8f0466c0dce60b1df3bc01785b01a7f09fa7b564 jdk8u92-b13 1.70 +aa99436ccf826b3a2eecdaf646814e58cf514efb jdk8u81-b00 1.71 +8674aec1be6459f33451690fb106eec314964116 jdk8u101-b01 1.72 +96a43945cb6a69989294b511ecdfc0493ea09bf1 jdk8u101-b02 1.73 +371b0c5477d8613c06fd1206deed27759f18e42e jdk8u101-b03 1.74 +52cca1ce8b473ecd751da2350d4b3ef111b5676e jdk8u101-b04 1.75 +3edb6296456161d67bf33a73faf18dc57ef548de jdk8u101-b05 1.76 223d0e48a55b92255f5a613743a99e7deacaf455 jdk8u102-b00 1.77 223d0e48a55b92255f5a613743a99e7deacaf455 jdk8u82-b00 1.78 9d09a2f1395561fe71b1a83f53907ddc52e699d6 jdk8u102-b01
2.1 --- a/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java Mon Apr 25 09:31:39 2016 -0700 2.2 +++ b/src/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java Mon Apr 25 10:59:08 2016 -0700 2.3 @@ -1,5 +1,5 @@ 2.4 /* 2.5 - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. 2.6 + * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. 2.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 2.8 * 2.9 * This code is free software; you can redistribute it and/or modify it 2.10 @@ -34,21 +34,13 @@ 2.11 import java.security.Policy; 2.12 import java.security.PrivilegedAction; 2.13 import java.security.ProtectionDomain; 2.14 -import java.util.ArrayList; 2.15 -import java.util.Arrays; 2.16 -import java.util.Map; 2.17 -import java.util.List; 2.18 -import java.util.ListIterator; 2.19 -import java.util.Set; 2.20 -import java.util.Map.Entry; 2.21 -import java.util.Collection; 2.22 +import java.security.PrivilegedActionException; 2.23 +import java.security.PrivilegedExceptionAction; 2.24 import java.util.HashMap; 2.25 import java.util.HashSet; 2.26 import java.util.Hashtable; 2.27 import java.util.Iterator; 2.28 import java.util.Enumeration; 2.29 -import java.util.Properties; 2.30 -import java.util.IdentityHashMap; 2.31 import java.util.StringTokenizer; 2.32 import java.util.NoSuchElementException; 2.33 2.34 @@ -165,8 +157,18 @@ 2.35 * Return default ValueHandler 2.36 */ 2.37 public static ValueHandler createValueHandler() { 2.38 + ValueHandler vh; 2.39 + try { 2.40 + vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() { 2.41 + public ValueHandler run() throws Exception { 2.42 return Util.createValueHandler(); 2.43 } 2.44 + }); 2.45 + } catch (PrivilegedActionException e) { 2.46 + throw new InternalError(e.getMessage()); 2.47 + } 2.48 + return vh; 2.49 + } 2.50 2.51 /** 2.52 * Returns true if it was accurately determined that the remote ORB is 2.53 @@ -664,7 +666,16 @@ 2.54 * ValueHandler. 2.55 */ 2.56 public static byte getMaxStreamFormatVersion() { 2.57 - ValueHandler vh = Util.createValueHandler(); 2.58 + ValueHandler vh; 2.59 + try { 2.60 + vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() { 2.61 + public ValueHandler run() throws Exception { 2.62 + return Util.createValueHandler(); 2.63 + } 2.64 + }); 2.65 + } catch (PrivilegedActionException e) { 2.66 + throw new InternalError(e.getMessage()); 2.67 + } 2.68 2.69 if (!(vh instanceof javax.rmi.CORBA.ValueHandlerMultiFormat)) 2.70 return ORBConstants.STREAM_FORMAT_VERSION_1;
3.1 --- a/src/share/classes/javax/rmi/CORBA/Util.java Mon Apr 25 09:31:39 2016 -0700 3.2 +++ b/src/share/classes/javax/rmi/CORBA/Util.java Mon Apr 25 10:59:08 2016 -0700 3.3 @@ -1,5 +1,5 @@ 3.4 /* 3.5 - * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. 3.6 + * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved. 3.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 3.8 * 3.9 * This code is free software; you can redistribute it and/or modify it 3.10 @@ -45,6 +45,7 @@ 3.11 import java.rmi.Remote; 3.12 import java.io.File; 3.13 import java.io.FileInputStream; 3.14 +import java.io.SerializablePermission; 3.15 import java.net.MalformedURLException ; 3.16 import java.security.AccessController; 3.17 import java.security.PrivilegedAction; 3.18 @@ -63,8 +64,22 @@ 3.19 private static final javax.rmi.CORBA.UtilDelegate utilDelegate; 3.20 private static final String UtilClassKey = "javax.rmi.CORBA.UtilClass"; 3.21 3.22 + private static final String ALLOW_CREATEVALUEHANDLER_PROP = "jdk.rmi.CORBA.allowCustomValueHandler"; 3.23 + private static boolean allowCustomValueHandler; 3.24 + 3.25 static { 3.26 utilDelegate = (javax.rmi.CORBA.UtilDelegate)createDelegate(UtilClassKey); 3.27 + allowCustomValueHandler = readAllowCustomValueHandlerProperty(); 3.28 + } 3.29 + 3.30 + private static boolean readAllowCustomValueHandlerProperty () { 3.31 + return AccessController 3.32 + .doPrivileged(new PrivilegedAction<Boolean>() { 3.33 + @Override 3.34 + public Boolean run() { 3.35 + return Boolean.getBoolean(ALLOW_CREATEVALUEHANDLER_PROP); 3.36 + } 3.37 + }); 3.38 } 3.39 3.40 private Util(){} 3.41 @@ -111,7 +126,7 @@ 3.42 * Writes a java.lang.Object as a CORBA Object. If <code>obj</code> is 3.43 * an exported RMI-IIOP server object, the tie is found 3.44 * and wired to <code>obj</code>, then written to 3.45 -<code>out.write_Object(org.omg.CORBA.Object)</code>. 3.46 + * <code>out.write_Object(org.omg.CORBA.Object)</code>. 3.47 * If <code>obj</code> is a CORBA Object, it is written to 3.48 * <code>out.write_Object(org.omg.CORBA.Object)</code>. 3.49 * @param out the stream in which to write the object. 3.50 @@ -196,6 +211,8 @@ 3.51 */ 3.52 public static ValueHandler createValueHandler() { 3.53 3.54 + isCustomSerializationPermitted(); 3.55 + 3.56 if (utilDelegate != null) { 3.57 return utilDelegate.createValueHandler(); 3.58 } 3.59 @@ -336,6 +353,7 @@ 3.60 // security reasons. If you know a better solution how to share this code 3.61 // then remove it from PortableRemoteObject. Also in Stub.java 3.62 private static Object createDelegate(String classKey) { 3.63 + 3.64 String className = (String) 3.65 AccessController.doPrivileged(new GetPropertyAction(classKey)); 3.66 if (className == null) { 3.67 @@ -388,4 +406,16 @@ 3.68 new GetORBPropertiesFileAction()); 3.69 } 3.70 3.71 + private static void isCustomSerializationPermitted() { 3.72 + SecurityManager sm = System.getSecurityManager(); 3.73 + if (!allowCustomValueHandler) { 3.74 + if ( sm != null) { 3.75 + // check that a serialization permission has been 3.76 + // set to allow the loading of the Util delegate 3.77 + // which provides access to custom ValueHandler 3.78 + sm.checkPermission(new SerializablePermission( 3.79 + "enableCustomValueHanlder")); 3.80 + } 3.81 + } 3.82 + } 3.83 }