From 72881debbdd87ed47039aa95efd04054e955e4f8 Mon Sep 17 00:00:00 2001 From: Goetz Lindenmaier Date: Tue, 5 Mar 2024 08:59:35 +0000 Subject: [PATCH 1/9] 8305900: Use loopback IP addresses in security policy files of httpclient tests Reviewed-by: mbaesken Backport-of: 646b666a265c4de961b8ba3f9e4e8c9231be8a6f --- .../net/httpclient/AsFileDownloadTest.java | 44 ++++++------- .../net/httpclient/AsFileDownloadTest.policy | 19 ++++-- .../FilePublisherPermsTest1.policy | 31 ++++++--- .../FilePublisherPermsTest2.policy | 31 ++++++--- .../FilePublisherPermsTest3.policy | 31 ++++++--- .../FilePublisher/FilePublisherTest.policy | 31 ++++++--- .../net/httpclient/HttpServerAdapters.java | 11 +++- .../net/httpclient/LightWeightHttpServer.java | 13 +++- .../httpclient/PathSubscriber/ofFile.policy | 31 ++++++--- .../PathSubscriber/ofFileDownload.policy | 31 ++++++--- .../java/net/httpclient/RequestBodyTest.java | 35 +++++------ .../net/httpclient/RequestBodyTest.policy | 11 ++-- test/jdk/java/net/httpclient/dependent.policy | 20 +++--- .../http2/server/Http2TestServer.java | 7 ++- .../jdk/java/net/httpclient/security/0.policy | 9 +-- .../jdk/java/net/httpclient/security/1.policy | 12 ++-- .../java/net/httpclient/security/10.policy | 12 ++-- .../java/net/httpclient/security/11.policy | 18 ++++-- .../java/net/httpclient/security/12.policy | 18 ++++-- .../java/net/httpclient/security/14.policy | 12 ++-- .../java/net/httpclient/security/15.policy | 12 ++-- .../java/net/httpclient/security/16.policy | 12 ++-- .../java/net/httpclient/security/17.policy | 12 ++-- .../jdk/java/net/httpclient/security/2.policy | 12 ++-- .../jdk/java/net/httpclient/security/3.policy | 12 ++-- .../jdk/java/net/httpclient/security/4.policy | 16 +++-- .../jdk/java/net/httpclient/security/5.policy | 12 ++-- .../jdk/java/net/httpclient/security/6.policy | 12 ++-- .../jdk/java/net/httpclient/security/7.policy | 13 ++-- .../jdk/java/net/httpclient/security/8.policy | 12 ++-- .../jdk/java/net/httpclient/security/9.policy | 12 ++-- .../net/httpclient/security/Security.java | 63 ++++++++++--------- 32 files changed, 391 insertions(+), 236 deletions(-) diff --git a/test/jdk/java/net/httpclient/AsFileDownloadTest.java b/test/jdk/java/net/httpclient/AsFileDownloadTest.java index 890f0701b94..96dc2570536 100644 --- a/test/jdk/java/net/httpclient/AsFileDownloadTest.java +++ b/test/jdk/java/net/httpclient/AsFileDownloadTest.java @@ -21,25 +21,6 @@ * questions. */ -/* - * @test - * @summary Basic test for ofFileDownload - * @bug 8196965 8302475 - * @modules java.base/sun.net.www.http - * java.net.http/jdk.internal.net.http.common - * java.net.http/jdk.internal.net.http.frame - * java.net.http/jdk.internal.net.http.hpack - * java.logging - * jdk.httpserver - * @library /test/lib http2/server - * @build Http2TestServer - * @build jdk.test.lib.net.SimpleSSLContext - * @build jdk.test.lib.Platform - * @build jdk.test.lib.util.FileUtils - * @run testng/othervm AsFileDownloadTest - * @run testng/othervm/java.security.policy=AsFileDownloadTest.policy AsFileDownloadTest - */ - import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpHandler; import com.sun.net.httpserver.HttpServer; @@ -81,6 +62,25 @@ import static org.testng.Assert.assertTrue; import static org.testng.Assert.fail; +/* + * @test + * @summary Basic test for ofFileDownload + * @bug 8196965 8302475 + * @modules java.base/sun.net.www.http + * java.net.http/jdk.internal.net.http.common + * java.net.http/jdk.internal.net.http.frame + * java.net.http/jdk.internal.net.http.hpack + * java.logging + * jdk.httpserver + * @library /test/lib http2/server + * @build Http2TestServer + * @build jdk.test.lib.net.SimpleSSLContext + * @build jdk.test.lib.Platform + * @build jdk.test.lib.util.FileUtils + * @run testng/othervm AsFileDownloadTest + * @run testng/othervm/java.security.policy=AsFileDownloadTest.policy AsFileDownloadTest + */ + public class AsFileDownloadTest { SSLContext sslContext; @@ -267,8 +267,10 @@ void negativeTest(String uriString, String contentDispositionValue) // -- Infrastructure static String serverAuthority(HttpServer server) { - return InetAddress.getLoopbackAddress().getHostName() + ":" - + server.getAddress().getPort(); + final String hostIP = InetAddress.getLoopbackAddress().getHostAddress(); + // escape for ipv6 + final String h = hostIP.contains(":") ? "[" + hostIP + "]" : hostIP; + return h + ":" + server.getAddress().getPort(); } @BeforeTest diff --git a/test/jdk/java/net/httpclient/AsFileDownloadTest.policy b/test/jdk/java/net/httpclient/AsFileDownloadTest.policy index 0f38171503d..79103cac6f6 100644 --- a/test/jdk/java/net/httpclient/AsFileDownloadTest.policy +++ b/test/jdk/java/net/httpclient/AsFileDownloadTest.policy @@ -34,7 +34,8 @@ grant codeBase "file:${test.classes}/../../../../java/net/httpclient/http2/serve permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; @@ -42,10 +43,15 @@ grant codeBase "file:${test.classes}/*" { permission java.io.FilePermission "${user.dir}${/}asFileDownloadTest.tmp.dir", "read,write"; permission java.io.FilePermission "${user.dir}${/}asFileDownloadTest.tmp.dir/-", "read,write"; - permission java.net.URLPermission "http://localhost:*/http1/afdt", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/afdt", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/afdt", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/afdt", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/afdt", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/afdt", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/afdt", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/afdt", "POST"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/afdt", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/afdt", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/afdt", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/afdt", "POST"; // needed to grant permission to the HTTP/2 server @@ -58,7 +64,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest1.policy b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest1.policy index a133d4e9247..b32f23047b1 100644 --- a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest1.policy +++ b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest1.policy @@ -34,19 +34,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions permission java.io.FilePermission "${user.dir}${/}defaultFile.txt", "read,write,delete"; @@ -69,7 +79,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest2.policy b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest2.policy index fdde92b4ea5..eac025611a2 100644 --- a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest2.policy +++ b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest2.policy @@ -36,19 +36,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions permission java.io.FilePermission "${user.dir}${/}defaultFile.txt", "read,write,delete"; @@ -74,7 +84,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest3.policy b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest3.policy index 4f7c4fee363..e855d69d20e 100644 --- a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest3.policy +++ b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherPermsTest3.policy @@ -41,19 +41,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions permission java.io.FilePermission "${user.dir}${/}defaultFile.txt", "read,write,delete"; @@ -77,7 +87,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherTest.policy b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherTest.policy index 82f517858bf..0765c408f9f 100644 --- a/test/jdk/java/net/httpclient/FilePublisher/FilePublisherTest.policy +++ b/test/jdk/java/net/httpclient/FilePublisher/FilePublisherTest.policy @@ -34,19 +34,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions permission java.io.FilePermission "${user.dir}${/}defaultFile.txt", "read,write,delete"; @@ -62,7 +72,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/HttpServerAdapters.java b/test/jdk/java/net/httpclient/HttpServerAdapters.java index 8396c65fc5f..2b0c6bbd857 100644 --- a/test/jdk/java/net/httpclient/HttpServerAdapters.java +++ b/test/jdk/java/net/httpclient/HttpServerAdapters.java @@ -530,8 +530,15 @@ static void enableLogging() { public abstract Version getVersion(); public String serverAuthority() { - return InetAddress.getLoopbackAddress().getHostName() + ":" - + getAddress().getPort(); + InetSocketAddress address = getAddress(); + String hostString = address.getHostString(); + hostString = address.getAddress().isLoopbackAddress() || hostString.equals("localhost") + ? address.getAddress().getHostAddress() // use the raw IP address, if loopback + : hostString; // use whatever host string was used to construct the address + hostString = hostString.contains(":") + ? "[" + hostString + "]" + : hostString; + return hostString + ":" + address.getPort(); } public static HttpTestServer of(HttpServer server) { diff --git a/test/jdk/java/net/httpclient/LightWeightHttpServer.java b/test/jdk/java/net/httpclient/LightWeightHttpServer.java index 54fa174296f..92603d55d0a 100644 --- a/test/jdk/java/net/httpclient/LightWeightHttpServer.java +++ b/test/jdk/java/net/httpclient/LightWeightHttpServer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -119,14 +119,21 @@ public static void initServer() throws IOException { System.out.println("HTTP server port = " + port); httpsport = httpsServer.getAddress().getPort(); System.out.println("HTTPS server port = " + httpsport); - httproot = "http://localhost:" + port + "/"; - httpsroot = "https://localhost:" + httpsport + "/"; + httproot = "http://" + makeServerAuthority(httpServer.getAddress()) + "/"; + httpsroot = "https://" + makeServerAuthority(httpsServer.getAddress()) + "/"; proxy = new ProxyServer(0, false); proxyPort = proxy.getPort(); System.out.println("Proxy port = " + proxyPort); } + private static String makeServerAuthority(final InetSocketAddress addr) { + final String hostIP = addr.getAddress().getHostAddress(); + // escape for ipv6 + final String h = hostIP.contains(":") ? "[" + hostIP + "]" : hostIP; + return h + ":" + addr.getPort(); + } + public static void stop() throws IOException { if (httpServer != null) { httpServer.stop(0); diff --git a/test/jdk/java/net/httpclient/PathSubscriber/ofFile.policy b/test/jdk/java/net/httpclient/PathSubscriber/ofFile.policy index c5df09ae865..de879febb8a 100644 --- a/test/jdk/java/net/httpclient/PathSubscriber/ofFile.policy +++ b/test/jdk/java/net/httpclient/PathSubscriber/ofFile.policy @@ -45,19 +45,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions for test files permission java.io.FilePermission "${user.dir}${/}defaultFile.txt", "read,write,delete"; @@ -77,7 +87,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/PathSubscriber/ofFileDownload.policy b/test/jdk/java/net/httpclient/PathSubscriber/ofFileDownload.policy index a9dc8816241..34068386cd1 100644 --- a/test/jdk/java/net/httpclient/PathSubscriber/ofFileDownload.policy +++ b/test/jdk/java/net/httpclient/PathSubscriber/ofFileDownload.policy @@ -45,19 +45,29 @@ grant codeBase "file:${test.classes}/../../../../../java/net/httpclient/http2/se permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; grant codeBase "file:${test.classes}/*" { - permission java.net.URLPermission "http://localhost:*/http1/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "POST"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "POST"; - permission java.net.URLPermission "https://localhost:*/http1/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https1/echo", "GET"; - permission java.net.URLPermission "http://localhost:*/http2/echo", "GET"; - permission java.net.URLPermission "https://localhost:*/https2/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http1/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/http1/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/echo", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/echo", "GET"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/echo", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "POST"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "POST"; + permission java.net.URLPermission "https://[::1]:*/http1/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https1/echo", "GET"; + permission java.net.URLPermission "http://[::1]:*/http2/echo", "GET"; + permission java.net.URLPermission "https://[::1]:*/https2/echo", "GET"; // file permissions for test files permission java.io.FilePermission "${user.dir}${/}file.zip", "read,write"; @@ -74,7 +84,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/RequestBodyTest.java b/test/jdk/java/net/httpclient/RequestBodyTest.java index b323efd86e5..805a5b490db 100644 --- a/test/jdk/java/net/httpclient/RequestBodyTest.java +++ b/test/jdk/java/net/httpclient/RequestBodyTest.java @@ -21,24 +21,6 @@ * questions. */ -/* - * @test - * @bug 8087112 - * @modules java.net.http - * java.logging - * jdk.httpserver - * @library /test/lib - * @compile ../../../com/sun/net/httpserver/LogFilter.java - * @compile ../../../com/sun/net/httpserver/EchoHandler.java - * @compile ../../../com/sun/net/httpserver/FileServerHandler.java - * @build jdk.test.lib.net.SimpleSSLContext - * @build LightWeightHttpServer - * @build jdk.test.lib.Platform - * @build jdk.test.lib.util.FileUtils - * @run testng/othervm RequestBodyTest - * @run testng/othervm/java.security.policy=RequestBodyTest.policy RequestBodyTest - */ - import java.io.*; import java.net.URI; import java.net.http.HttpClient; @@ -74,6 +56,23 @@ import org.testng.annotations.Test; import static org.testng.Assert.*; +/* + * @test + * @bug 8087112 + * @modules java.net.http + * java.logging + * jdk.httpserver + * @library /test/lib + * @compile ../../../com/sun/net/httpserver/LogFilter.java + * @compile ../../../com/sun/net/httpserver/EchoHandler.java + * @compile ../../../com/sun/net/httpserver/FileServerHandler.java + * @build jdk.test.lib.net.SimpleSSLContext + * @build LightWeightHttpServer + * @build jdk.test.lib.Platform + * @build jdk.test.lib.util.FileUtils + * @run testng/othervm RequestBodyTest + * @run testng/othervm/java.security.policy=RequestBodyTest.policy RequestBodyTest + */ public class RequestBodyTest { static final String fileroot = System.getProperty("test.src", ".") + "/docs"; diff --git a/test/jdk/java/net/httpclient/RequestBodyTest.policy b/test/jdk/java/net/httpclient/RequestBodyTest.policy index d3797cf472d..0bfedf22b84 100644 --- a/test/jdk/java/net/httpclient/RequestBodyTest.policy +++ b/test/jdk/java/net/httpclient/RequestBodyTest.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -38,14 +38,17 @@ grant codeBase "file:${test.classes}/*" { permission java.io.FilePermission "${test.src}${/}docs${/}files${/}notsobigfile.txt", "read"; permission java.io.FilePermission "RequestBodyTest.tmp", "read,write,delete"; - permission java.net.URLPermission "http://localhost:*/echo/foo", "POST"; - permission java.net.URLPermission "https://localhost:*/echo/foo", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/echo/foo", "POST"; + permission java.net.URLPermission "https://127.0.0.1:*/echo/foo", "POST"; + permission java.net.URLPermission "http://[::1]:*/echo/foo", "POST"; + permission java.net.URLPermission "https://[::1]:*/echo/foo", "POST"; // for HTTP/1.1 server logging permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP server - permission java.net.SocketPermission "localhost:*", "accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/dependent.policy b/test/jdk/java/net/httpclient/dependent.policy index 2396a118b20..a7562f43364 100644 --- a/test/jdk/java/net/httpclient/dependent.policy +++ b/test/jdk/java/net/httpclient/dependent.policy @@ -34,7 +34,8 @@ grant codeBase "file:${test.classes}/../../../../java/net/httpclient/http2/serve permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.hpack"; permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.http"; - permission java.net.SocketPermission "localhost:*", "listen,accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "listen,accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "listen,accept,resolve"; permission java.lang.RuntimePermission "modifyThread"; }; @@ -42,11 +43,15 @@ grant codeBase "file:${test.classes}/*" { permission java.io.FilePermission "${user.dir}${/}asFileDownloadTest.tmp.dir", "read,write"; permission java.io.FilePermission "${user.dir}${/}asFileDownloadTest.tmp.dir/-", "read,write"; - permission java.net.URLPermission "http://localhost:*/http1/-", "GET,POST"; - permission java.net.URLPermission "https://localhost:*/https1/-", "GET,POST"; - permission java.net.URLPermission "http://localhost:*/http2/-", "GET,POST"; - permission java.net.URLPermission "https://localhost:*/https2/-", "GET,POST"; - + permission java.net.URLPermission "http://127.0.0.1:*/http1/-", "GET,POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https1/-", "GET,POST"; + permission java.net.URLPermission "http://127.0.0.1:*/http2/-", "GET,POST"; + permission java.net.URLPermission "https://127.0.0.1:*/https2/-", "GET,POST"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/http1/-", "GET,POST"; + permission java.net.URLPermission "https://[::1]:*/https1/-", "GET,POST"; + permission java.net.URLPermission "http://[::1]:*/http2/-", "GET,POST"; + permission java.net.URLPermission "https://[::1]:*/https2/-", "GET,POST"; // needed to grant permission to the HTTP/2 server permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.net.http.common"; @@ -58,7 +63,8 @@ grant codeBase "file:${test.classes}/*" { permission java.util.logging.LoggingPermission "control"; // needed to grant the HTTP servers - permission java.net.SocketPermission "localhost:*", "listen,accept,resolve"; + permission java.net.SocketPermission "127.0.0.1:*", "listen,accept,resolve"; + permission java.net.SocketPermission "[::1]:*", "listen,accept,resolve"; permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "modifyThread"; diff --git a/test/jdk/java/net/httpclient/http2/server/Http2TestServer.java b/test/jdk/java/net/httpclient/http2/server/Http2TestServer.java index f8592272588..ab756b543ba 100644 --- a/test/jdk/java/net/httpclient/http2/server/Http2TestServer.java +++ b/test/jdk/java/net/httpclient/http2/server/Http2TestServer.java @@ -81,8 +81,11 @@ public InetSocketAddress getAddress() { } public String serverAuthority() { - return InetAddress.getLoopbackAddress().getHostName() + ":" - + getAddress().getPort(); + final InetSocketAddress inetSockAddr = getAddress(); + final String hostIP = inetSockAddr.getAddress().getHostAddress(); + // escape for ipv6 + final String h = hostIP.contains(":") ? "[" + hostIP + "]" : hostIP; + return h + ":" + inetSockAddr.getPort(); } public Http2TestServer(boolean secure, diff --git a/test/jdk/java/net/httpclient/security/0.policy b/test/jdk/java/net/httpclient/security/0.policy index 32a1e54da52..2e2b4588168 100644 --- a/test/jdk/java/net/httpclient/security/0.policy +++ b/test/jdk/java/net/httpclient/security/0.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,8 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; @@ -39,8 +40,8 @@ grant { // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/1.policy b/test/jdk/java/net/httpclient/security/1.policy index 3c5d96da67d..ee9e021c50e 100644 --- a/test/jdk/java/net/httpclient/security/1.policy +++ b/test/jdk/java/net/httpclient/security/1.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET"; + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/10.policy b/test/jdk/java/net/httpclient/security/10.policy index f131a44dcfd..a83bf44153c 100644 --- a/test/jdk/java/net/httpclient/security/10.policy +++ b/test/jdk/java/net/httpclient/security/10.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,16 +28,18 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET:*"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/11.policy b/test/jdk/java/net/httpclient/security/11.policy index 51fee36bc17..f75fdcc7dfd 100644 --- a/test/jdk/java/net/httpclient/security/11.policy +++ b/test/jdk/java/net/httpclient/security/11.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,18 +28,26 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "socket://127.0.0.1:${port.number1}", "CONNECT"; + // ipv6 + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "socket://[::1]:${port.number1}", "CONNECT"; + // this specific test uses a proxy configured to loopback address. the httpclient implementation + // during permissions check uses the InetAddress.hostString() API which can return resolved + // hostname, so we use include a permission for "localhost" to cover that case too permission java.net.URLPermission "socket://localhost:${port.number1}", "CONNECT"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/12.policy b/test/jdk/java/net/httpclient/security/12.policy index 51fee36bc17..f75fdcc7dfd 100644 --- a/test/jdk/java/net/httpclient/security/12.policy +++ b/test/jdk/java/net/httpclient/security/12.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,18 +28,26 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "socket://127.0.0.1:${port.number1}", "CONNECT"; + // ipv6 + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET:*"; + permission java.net.URLPermission "socket://[::1]:${port.number1}", "CONNECT"; + // this specific test uses a proxy configured to loopback address. the httpclient implementation + // during permissions check uses the InetAddress.hostString() API which can return resolved + // hostname, so we use include a permission for "localhost" to cover that case too permission java.net.URLPermission "socket://localhost:${port.number1}", "CONNECT"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/14.policy b/test/jdk/java/net/httpclient/security/14.policy index 0a6562b2691..39bdbea6654 100644 --- a/test/jdk/java/net/httpclient/security/14.policy +++ b/test/jdk/java/net/httpclient/security/14.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/15.policy b/test/jdk/java/net/httpclient/security/15.policy index 6fa7a0d4a17..ba6b9feb363 100644 --- a/test/jdk/java/net/httpclient/security/15.policy +++ b/test/jdk/java/net/httpclient/security/15.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,12 +28,14 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "GET:*"; // Test checks for this explicitly permission java.lang.RuntimePermission "foobar"; @@ -42,6 +44,6 @@ grant { // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/16.policy b/test/jdk/java/net/httpclient/security/16.policy index 5d9939fa00c..7d755cfff94 100644 --- a/test/jdk/java/net/httpclient/security/16.policy +++ b/test/jdk/java/net/httpclient/security/16.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -29,17 +29,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET:Host"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:Host"; + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET:Host"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/17.policy b/test/jdk/java/net/httpclient/security/17.policy index ae26c857b02..92ee7f3d609 100644 --- a/test/jdk/java/net/httpclient/security/17.policy +++ b/test/jdk/java/net/httpclient/security/17.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,18 +28,20 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:${port.number}/files/foo.txt", "GET:Host"; + permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:Host"; + permission java.net.URLPermission "http://[::1]:${port.number}/files/foo.txt", "GET:Host"; permission java.net.URLPermission "http://foohost:123/files/foo.txt", "GET:Host"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/2.policy b/test/jdk/java/net/httpclient/security/2.policy index 4d7f859556b..b69c589ee68 100644 --- a/test/jdk/java/net/httpclient/security/2.policy +++ b/test/jdk/java/net/httpclient/security/2.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/*", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/files/*", "GET"; + permission java.net.URLPermission "http://[::1]:*/files/*", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/3.policy b/test/jdk/java/net/httpclient/security/3.policy index 81837843368..32383fe88d3 100644 --- a/test/jdk/java/net/httpclient/security/3.policy +++ b/test/jdk/java/net/httpclient/security/3.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/redirect/foo.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/redirect/foo.txt", "GET"; + permission java.net.URLPermission "http://[::1]:*/redirect/foo.txt", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/4.policy b/test/jdk/java/net/httpclient/security/4.policy index 5ea9284a4f1..7973c76d981 100644 --- a/test/jdk/java/net/httpclient/security/4.policy +++ b/test/jdk/java/net/httpclient/security/4.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,18 +28,22 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/redirect/foo.txt", "GET"; - permission java.net.URLPermission "http://localhost:*/redirect/bar.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/redirect/foo.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/redirect/bar.txt", "GET"; + // ipv6 + permission java.net.URLPermission "http://[::1]:*/redirect/foo.txt", "GET"; + permission java.net.URLPermission "http://[::1]:*/redirect/bar.txt", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/5.policy b/test/jdk/java/net/httpclient/security/5.policy index b20917a9444..0b480f95234 100644 --- a/test/jdk/java/net/httpclient/security/5.policy +++ b/test/jdk/java/net/httpclient/security/5.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/redirect/bar.txt", "GET"; + permission java.net.URLPermission "http://127.0.0.1:*/redirect/bar.txt", "GET"; + permission java.net.URLPermission "http://[::1]:*/redirect/bar.txt", "GET"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/6.policy b/test/jdk/java/net/httpclient/security/6.policy index f535b51ec20..80d2838bebe 100644 --- a/test/jdk/java/net/httpclient/security/6.policy +++ b/test/jdk/java/net/httpclient/security/6.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "POST"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "POST"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "POST"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/7.policy b/test/jdk/java/net/httpclient/security/7.policy index 29564ef73a1..8fddf36c66e 100644 --- a/test/jdk/java/net/httpclient/security/7.policy +++ b/test/jdk/java/net/httpclient/security/7.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,20 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "GET:X-Bar"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET:X-Bar"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "GET:X-Bar"; + }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/8.policy b/test/jdk/java/net/httpclient/security/8.policy index 7a2cd1b4904..4bc507b3e31 100644 --- a/test/jdk/java/net/httpclient/security/8.policy +++ b/test/jdk/java/net/httpclient/security/8.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "GET:X-Foo1,X-Foo,X-Bar"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET:X-Foo1,X-Foo,X-Bar"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "GET:X-Foo1,X-Foo,X-Bar"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/9.policy b/test/jdk/java/net/httpclient/security/9.policy index 79cdee73b73..ce7336c2975 100644 --- a/test/jdk/java/net/httpclient/security/9.policy +++ b/test/jdk/java/net/httpclient/security/9.policy @@ -1,5 +1,5 @@ // -// Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. +// Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. // // This code is free software; you can redistribute it and/or modify it @@ -28,17 +28,19 @@ grant { permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; permission java.lang.RuntimePermission "modifyThread"; permission java.util.logging.LoggingPermission "control", ""; - permission java.net.SocketPermission "localhost:1024-", "accept,listen"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen"; permission java.io.FilePermission "${test.src}${/}docs${/}-", "read"; permission java.lang.RuntimePermission "createClassLoader"; // permissions specific to this test - permission java.net.URLPermission "http://localhost:*/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET:*"; + permission java.net.URLPermission "http://[::1]:*/files/foo.txt", "GET:*"; }; // For proxy only. Not being tested grant codebase "file:${test.classes}/proxydir/-" { - permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect"; - permission java.net.SocketPermission "localhost:1024-", "connect,resolve"; + permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve"; + permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve"; }; diff --git a/test/jdk/java/net/httpclient/security/Security.java b/test/jdk/java/net/httpclient/security/Security.java index fc2fcd1503e..5e6566dcd82 100644 --- a/test/jdk/java/net/httpclient/security/Security.java +++ b/test/jdk/java/net/httpclient/security/Security.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -103,6 +103,7 @@ public class Security { static String httproot, fileuri, fileroot, redirectroot; static List clients = new LinkedList<>(); static URI uri; + static String serverAuthority; interface ThrowingRunnable { void run() throws Throwable; } @@ -201,56 +202,56 @@ static TestAndResult[] createTests() { return new TestAndResult[] { // (0) policy does not have permission for file. Should fail TestAndResult.of(true, () -> { // Policy 0 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (1) policy has permission for file URL TestAndResult.of(false, () -> { //Policy 1 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (2) policy has permission for all file URLs under /files TestAndResult.of(false, () -> { // Policy 2 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (3) policy has permission for first URL but not redirected URL TestAndResult.of(true, () -> { // Policy 3 - URI u = URI.create("http://localhost:" + port + "/redirect/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/redirect/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (4) policy has permission for both first URL and redirected URL TestAndResult.of(false, () -> { // Policy 4 - URI u = URI.create("http://localhost:" + port + "/redirect/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/redirect/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (5) policy has permission for redirected but not first URL TestAndResult.of(true, () -> { // Policy 5 - URI u = URI.create("http://localhost:" + port + "/redirect/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/redirect/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (6) policy has permission for file URL, but not method TestAndResult.of(true, () -> { //Policy 6 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse response = client.send(request, ofString()); System.out.println("Received response:" + response); }), // (7) policy has permission for file URL, method, but not header TestAndResult.of(true, () -> { //Policy 7 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .header("X-Foo", "bar") .GET() @@ -260,7 +261,7 @@ static TestAndResult[] createTests() { }), // (8) policy has permission for file URL, method and header TestAndResult.of(false, () -> { //Policy 8 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .header("X-Foo", "bar") .GET() @@ -270,7 +271,7 @@ static TestAndResult[] createTests() { }), // (9) policy has permission for file URL, method and header TestAndResult.of(false, () -> { //Policy 9 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .headers("X-Foo", "bar", "X-Bar", "foo") .GET() @@ -292,7 +293,7 @@ static TestAndResult[] createTests() { }), // (13) async version of test 0 TestAndResult.of(true, () -> { // Policy 0 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); try { HttpResponse response = client.sendAsync(request, ofString()).get(); @@ -307,14 +308,14 @@ static TestAndResult[] createTests() { }), // (14) async version of test 1 TestAndResult.of(false, () -> { //Policy 1 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); try { HttpResponse response = client.sendAsync(request, ofString()).get(); System.out.println("Received response:" + response); } catch (ExecutionException e) { - if (e.getCause() instanceof SecurityException) { - throw (SecurityException)e.getCause(); + if (e.getCause() instanceof SecurityException se) { + throw se; } else { throw new RuntimeException(e); } @@ -323,7 +324,7 @@ static TestAndResult[] createTests() { // (15) check that user provided unprivileged code running on a worker // thread does not gain ungranted privileges. TestAndResult.of(true, () -> { //Policy 12 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u).GET().build(); HttpResponse.BodyHandler sth = ofString(); @@ -369,18 +370,18 @@ public void onComplete() { System.out.println("Received response:" + response); } catch (CompletionException e) { Throwable t = e.getCause(); - if (t instanceof SecurityException) - throw (SecurityException)t; + if (t instanceof SecurityException se) + throw se; else if ((t instanceof IOException) - && (t.getCause() instanceof SecurityException)) - throw ((SecurityException)t.getCause()); + && (t.getCause() instanceof SecurityException se)) + throw se; else throw new RuntimeException(t); } }), // (16) allowed to set Host header but does not have permission TestAndResult.of(true, () -> { //Policy 16 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .header("Host", "foohost:123") .GET().build(); @@ -389,7 +390,7 @@ else if ((t instanceof IOException) }), // (17) allowed to set Host header and does have permission TestAndResult.of(false, () -> { //Policy 17 - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .header("Host", "foohost:123") .GET().build(); @@ -426,14 +427,13 @@ private static void directProxyTest(int proxyPort, boolean samePort) } System.out.println("Proxy port, p:" + p); - InetSocketAddress addr = new InetSocketAddress(InetAddress.getLoopbackAddress(), - p); + InetSocketAddress addr = new InetSocketAddress(InetAddress.getLoopbackAddress(), p); HttpClient cl = HttpClient.newBuilder() .proxy(ProxySelector.of(addr)) .build(); clients.add(cl); - URI u = URI.create("http://localhost:" + port + "/files/foo.txt"); + URI u = URI.create("http://" + serverAuthority + "/files/foo.txt"); HttpRequest request = HttpRequest.newBuilder(u) .headers("X-Foo", "bar", "X-Bar", "foo") .build(); @@ -498,13 +498,20 @@ public static void initServer() throws Exception { throw new RuntimeException("Error wrong port"); System.out.println("Port was assigned by Driver"); } - System.out.println("HTTP server port = " + port); - httproot = "http://localhost:" + port + "/files/"; - redirectroot = "http://localhost:" + port + "/redirect/"; + serverAuthority = makeServerAuthority(addr.getAddress().getHostAddress(), port); + System.out.println("HTTP server started at " + serverAuthority); + httproot = "http://" + serverAuthority + "/files/"; + redirectroot = "http://" + serverAuthority + "/redirect/"; uri = new URI(httproot); fileuri = httproot + "foo.txt"; } + private static String makeServerAuthority(final String host, final int port) { + // escape for ipv6 + final String h = host.contains(":") ? "[" + host + "]" : host; + return h + ":" + port; + } + static class RedirectHandler implements HttpHandler { String root; From f45e5871d7003ba48e74efbb0ef5a9a188436128 Mon Sep 17 00:00:00 2001 From: Sergey Bylokhov Date: Tue, 5 Mar 2024 09:06:13 +0000 Subject: [PATCH 2/9] 8322750: Test "api/java_awt/interactive/SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray Backport-of: 5a988a5087d0afbb577c6715fd5e1e44564888cb --- .../unix/classes/sun/awt/UNIXToolkit.java | 72 ++++++++++++++++++- .../classes/sun/awt/X11/XSystemTrayPeer.java | 27 +++++-- 2 files changed, 92 insertions(+), 7 deletions(-) diff --git a/src/java.desktop/unix/classes/sun/awt/UNIXToolkit.java b/src/java.desktop/unix/classes/sun/awt/UNIXToolkit.java index 31764c74948..d785823ea8e 100644 --- a/src/java.desktop/unix/classes/sun/awt/UNIXToolkit.java +++ b/src/java.desktop/unix/classes/sun/awt/UNIXToolkit.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,12 @@ import java.awt.RenderingHints; import static java.awt.RenderingHints.*; +import static java.util.concurrent.TimeUnit.SECONDS; import java.awt.color.ColorSpace; import java.awt.image.*; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; import java.security.AccessController; import java.security.PrivilegedAction; @@ -214,6 +218,72 @@ protected Object lazilyLoadGTKIcon(String longname) { return img; } + private static volatile Boolean shouldDisableSystemTray = null; + + /** + * There is an issue displaying the xembed icons in appIndicators + * area with certain Gnome Shell versions. + * To avoid any loss of quality of service, we are disabling + * SystemTray support in such cases. + * + * @return true if system tray should be disabled + */ + public boolean shouldDisableSystemTray() { + Boolean result = shouldDisableSystemTray; + if (result == null) { + synchronized (GTK_LOCK) { + result = shouldDisableSystemTray; + if (result == null) { + if ("gnome".equals(getDesktop())) { + @SuppressWarnings("removal") + Integer gnomeShellMajorVersion = + AccessController + .doPrivileged((PrivilegedAction) + this::getGnomeShellMajorVersion); + + if (gnomeShellMajorVersion == null + || gnomeShellMajorVersion < 45) { + + return shouldDisableSystemTray = true; + } + } + shouldDisableSystemTray = result = false; + } + } + } + return result; + } + + private Integer getGnomeShellMajorVersion() { + try { + Process process = + new ProcessBuilder("/usr/bin/gnome-shell", "--version") + .start(); + try (InputStreamReader isr = new InputStreamReader(process.getInputStream()); + BufferedReader reader = new BufferedReader(isr)) { + + if (process.waitFor(2, SECONDS) && process.exitValue() == 0) { + String line = reader.readLine(); + if (line != null) { + String[] versionComponents = line + .replaceAll("[^\\d.]", "") + .split("\\."); + + if (versionComponents.length >= 1) { + return Integer.parseInt(versionComponents[0]); + } + } + } + } + } catch (IOException + | InterruptedException + | IllegalThreadStateException + | NumberFormatException ignored) { + } + + return null; + } + /** * Returns a BufferedImage which contains the Gtk icon requested. If no * such icon exists or an error occurs loading the icon the result will diff --git a/src/java.desktop/unix/classes/sun/awt/X11/XSystemTrayPeer.java b/src/java.desktop/unix/classes/sun/awt/X11/XSystemTrayPeer.java index 1a9d040616e..cdbb74ddac1 100644 --- a/src/java.desktop/unix/classes/sun/awt/X11/XSystemTrayPeer.java +++ b/src/java.desktop/unix/classes/sun/awt/X11/XSystemTrayPeer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ import sun.awt.SunToolkit; import sun.awt.AppContext; import sun.awt.AWTAccessor; +import sun.awt.UNIXToolkit; import sun.util.logging.PlatformLogger; public class XSystemTrayPeer implements SystemTrayPeer, XMSelectionListener { @@ -48,22 +49,32 @@ public class XSystemTrayPeer implements SystemTrayPeer, XMSelectionListener { private static final XAtom _NET_SYSTEM_TRAY_OPCODE = XAtom.get("_NET_SYSTEM_TRAY_OPCODE"); private static final XAtom _NET_WM_ICON = XAtom.get("_NET_WM_ICON"); private static final long SYSTEM_TRAY_REQUEST_DOCK = 0; + private final boolean shouldDisableSystemTray; XSystemTrayPeer(SystemTray target) { this.target = target; peerInstance = this; - selection.addSelectionListener(this); + UNIXToolkit tk = (UNIXToolkit)Toolkit.getDefaultToolkit(); + shouldDisableSystemTray = tk.shouldDisableSystemTray(); - long selection_owner = selection.getOwner(SCREEN); - available = (selection_owner != XConstants.None); + if (!shouldDisableSystemTray) { + selection.addSelectionListener(this); - if (log.isLoggable(PlatformLogger.Level.FINE)) { - log.fine(" check if system tray is available. selection owner: " + selection_owner); + long selection_owner = selection.getOwner(SCREEN); + available = (selection_owner != XConstants.None); + + if (log.isLoggable(PlatformLogger.Level.FINE)) { + log.fine(" check if system tray is available. selection owner: " + selection_owner); + } } } public void ownerChanged(int screen, XMSelection sel, long newOwner, long data, long timestamp) { + if (shouldDisableSystemTray) { + return; + } + if (screen != SCREEN) { return; } @@ -77,6 +88,10 @@ public void ownerChanged(int screen, XMSelection sel, long newOwner, long data, } public void ownerDeath(int screen, XMSelection sel, long deadOwner) { + if (shouldDisableSystemTray) { + return; + } + if (screen != SCREEN) { return; } From e100cf5d5466e8a3c93bf8f7a3b9b0683c3bf958 Mon Sep 17 00:00:00 2001 From: Goetz Lindenmaier Date: Fri, 15 Mar 2024 08:50:15 +0000 Subject: [PATCH 3/9] 8327036: [macosx-aarch64] SIGBUS in MarkActivationClosure::do_code_blob reached from Unsafe_CopySwapMemory0 Backport-of: f38add6f8d9c07442e5f6bb5c280a2d907b38b24 --- src/hotspot/share/runtime/interfaceSupport.inline.hpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/hotspot/share/runtime/interfaceSupport.inline.hpp b/src/hotspot/share/runtime/interfaceSupport.inline.hpp index ba246a46d8f..3cae644d63a 100644 --- a/src/hotspot/share/runtime/interfaceSupport.inline.hpp +++ b/src/hotspot/share/runtime/interfaceSupport.inline.hpp @@ -464,6 +464,7 @@ extern "C" { \ #define JVM_ENTRY_FROM_LEAF(env, result_type, header) \ { { \ JavaThread* thread=JavaThread::thread_from_jni_environment(env); \ + MACOS_AARCH64_ONLY(ThreadWXEnable __wx(WXWrite, thread)); \ ThreadInVMfromNative __tiv(thread); \ debug_only(VMNativeEntryWrapper __vew;) \ VM_ENTRY_BASE_FROM_LEAF(result_type, header, thread) From 5fb5ba651db3f6428916ad9e49cf5ff3faaed509 Mon Sep 17 00:00:00 2001 From: Goetz Lindenmaier Date: Fri, 15 Mar 2024 08:58:11 +0000 Subject: [PATCH 4/9] 8327391: Add SipHash attribution file Backport-of: fcf48ab3d36a7f8eed84e81c3e2445adcbc95374 --- src/hotspot/share/legal/siphash.md | 150 +++++++++++++++++++++++++++++ 1 file changed, 150 insertions(+) create mode 100644 src/hotspot/share/legal/siphash.md diff --git a/src/hotspot/share/legal/siphash.md b/src/hotspot/share/legal/siphash.md new file mode 100644 index 00000000000..1583f229e1e --- /dev/null +++ b/src/hotspot/share/legal/siphash.md @@ -0,0 +1,150 @@ +## SipHash v1.0-68c8a7c + +### Notice +SipHash reference C implementation + +``` + Copyright (c) 2012-2021 Jean-Philippe Aumasson + + Copyright (c) 2012-2014 Daniel J. Bernstein + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + You should have received a copy of the CC0 Public Domain Dedication along + with + this software. If not, see + . +``` + +### Licenses +The code is dual-licensed CCO and MIT + +#### MIT License +``` +Copyright 2012-2024 JP Aumasson + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +``` + +#### CC0 1.0 Universal +``` +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator and +subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for the +purpose of contributing to a commons of creative, cultural and scientific +works ("Commons") that the public can reliably and without fear of later +claims of infringement build upon, modify, incorporate in other works, reuse +and redistribute as freely as possible in any form whatsoever and for any +purposes, including without limitation commercial purposes. These owners may +contribute to the Commons to promote the ideal of a free culture and the +further production of creative, cultural and scientific works, or to gain +reputation or greater distribution for their Work in part through the use and +efforts of others. + +For these and/or other purposes and motivations, and without any expectation +of additional consideration or compensation, the person associating CC0 with a +Work (the "Affirmer"), to the extent that he or she is an owner of Copyright +and Related Rights in the Work, voluntarily elects to apply CC0 to the Work +and publicly distribute the Work under its terms, with knowledge of his or her +Copyright and Related Rights in the Work and the meaning and intended legal +effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not limited +to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, communicate, + and translate a Work; + + ii. moral rights retained by the original author(s) and/or performer(s); + + iii. publicity and privacy rights pertaining to a person's image or likeness + depicted in a Work; + + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + + v. rights protecting the extraction, dissemination, use and reuse of data in + a Work; + + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation thereof, + including any amended or successor version of such directive); and + + vii. other similar, equivalent or corresponding rights throughout the world + based on applicable law or treaty, and any national implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention of, +applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and +unconditionally waives, abandons, and surrenders all of Affirmer's Copyright +and Related Rights and associated claims and causes of action, whether now +known or unknown (including existing as well as future claims and causes of +action), in the Work (i) in all territories worldwide, (ii) for the maximum +duration provided by applicable law or treaty (including future time +extensions), (iii) in any current or future medium and for any number of +copies, and (iv) for any purpose whatsoever, including without limitation +commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes +the Waiver for the benefit of each member of the public at large and to the +detriment of Affirmer's heirs and successors, fully intending that such Waiver +shall not be subject to revocation, rescission, cancellation, termination, or +any other legal or equitable action to disrupt the quiet enjoyment of the Work +by the public as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason be +judged legally invalid or ineffective under applicable law, then the Waiver +shall be preserved to the maximum extent permitted taking into account +Affirmer's express Statement of Purpose. In addition, to the extent the Waiver +is so judged Affirmer hereby grants to each affected person a royalty-free, +non transferable, non sublicensable, non exclusive, irrevocable and +unconditional license to exercise Affirmer's Copyright and Related Rights in +the Work (i) in all territories worldwide, (ii) for the maximum duration +provided by applicable law or treaty (including future time extensions), (iii) +in any current or future medium and for any number of copies, and (iv) for any +purpose whatsoever, including without limitation commercial, advertising or +promotional purposes (the "License"). The License shall be deemed effective as +of the date CC0 was applied by Affirmer to the Work. Should any part of the +License for any reason be judged legally invalid or ineffective under +applicable law, such partial invalidity or ineffectiveness shall not +invalidate the remainder of the License, and in such case Affirmer hereby +affirms that he or she will not (i) exercise any of his or her remaining +Copyright and Related Rights in the Work or (ii) assert any associated claims +and causes of action with respect to the Work, in either case contrary to +Affirmer's express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + + b. Affirmer offers the Work as-is and makes no representations or warranties + of any kind concerning the Work, express, implied, statutory or otherwise, + including without limitation warranties of title, merchantability, fitness + for a particular purpose, non infringement, or the absence of latent or + other defects, accuracy, or the present or absence of errors, whether or not + discoverable, all to the greatest extent permissible under applicable law. + + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without limitation + any person's Copyright and Related Rights in the Work. Further, Affirmer + disclaims responsibility for obtaining any necessary consents, permissions + or other rights required for any use of the Work. + + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to this + CC0 or use of the Work. + +For more information, please see + + +``` From 692600074d5262d518e8f8d592de9e9c889b7106 Mon Sep 17 00:00:00 2001 From: Yuri Nesterenko Date: Tue, 30 Jan 2024 20:27:44 +0400 Subject: [PATCH 5/9] 8315708: Enhance HTTP/2 client usage Reviewed-by: mbalao Backport-of: 4bd9637dfe12d330afd7409c27c5778b28a24cf4 --- .../jdk/internal/net/http/ConnectionPool.java | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/src/java.net.http/share/classes/jdk/internal/net/http/ConnectionPool.java b/src/java.net.http/share/classes/jdk/internal/net/http/ConnectionPool.java index 6c31b8b87e4..a13aadd07c7 100644 --- a/src/java.net.http/share/classes/jdk/internal/net/http/ConnectionPool.java +++ b/src/java.net.http/share/classes/jdk/internal/net/http/ConnectionPool.java @@ -103,14 +103,10 @@ public boolean equals(Object obj) { return false; } if (secure && destination != null) { - if (destination.getHostName() != null) { - if (!destination.getHostName().equalsIgnoreCase( - other.destination.getHostName())) { - return false; - } - } else { - if (other.destination.getHostName() != null) - return false; + String hostString = destination.getHostString(); + if (hostString == null || !hostString.equalsIgnoreCase( + other.destination.getHostString())) { + return false; } } return true; From 515387589e751a6a016c7fe804d7cdf7e7bf1373 Mon Sep 17 00:00:00 2001 From: Alexey Bakhtin Date: Mon, 5 Feb 2024 11:26:23 -0800 Subject: [PATCH 6/9] 8318340: Improve RSA key implementations Reviewed-by: mbalao Backport-of: 62d9cec1d6b804a70381bfb8ac902b6bb649f8ae --- .../security/rsa/RSAPrivateCrtKeyImpl.java | 8 -------- .../sun/security/rsa/RSAPrivateKeyImpl.java | 8 -------- .../classes/sun/security/mscapi/CKey.java | 18 +++++++++++++++++- .../sun/security/mscapi/CPrivateKey.java | 12 +----------- .../sun/security/mscapi/CPublicKey.java | 19 +++++-------------- 5 files changed, 23 insertions(+), 42 deletions(-) diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java index 4c5af4b953c..dca389eadad 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java @@ -306,14 +306,6 @@ public AlgorithmParameterSpec getParams() { return keyParams; } - // return a string representation of this key for debugging - @Override - public String toString() { - return "SunRsaSign " + type.keyAlgo + " private CRT key, " - + n.bitLength() + " bits" + "\n params: " + keyParams - + "\n modulus: " + n + "\n private exponent: " + d; - } - // utility method for parsing DER encoding of RSA private keys in PKCS#1 // format as defined in RFC 8017 Appendix A.1.2, i.e. SEQ of version, n, // e, d, p, q, pe, qe, and coeff, and return the parsed components. diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java index 5a645c7e887..a79b01445e9 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java @@ -143,14 +143,6 @@ public AlgorithmParameterSpec getParams() { return keyParams; } - // return a string representation of this key for debugging - @Override - public String toString() { - return "Sun " + type.keyAlgo + " private key, " + n.bitLength() - + " bits" + "\n params: " + keyParams + "\n modulus: " + n - + "\n private exponent: " + d; - } - /** * Restores the state of this object from the stream. *

diff --git a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java index fe0fac5f10a..801d2ad0b59 100644 --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java @@ -75,10 +75,14 @@ protected void finalize() throws Throwable { protected final String algorithm; - protected CKey(String algorithm, NativeHandles handles, int keyLength) { + private final boolean isPublic; + + protected CKey(String algorithm, NativeHandles handles, int keyLength, + boolean isPublic) { this.algorithm = algorithm; this.handles = handles; this.keyLength = keyLength; + this.isPublic = isPublic; } // Native method to cleanup the key handle. @@ -101,6 +105,18 @@ public String getAlgorithm() { return algorithm; } + public String toString() { + String typeStr; + if (handles.hCryptKey != 0) { + typeStr = getKeyType(handles.hCryptKey) + ", container=" + + getContainerName(handles.hCryptProv); + } else { + typeStr = "CNG"; + } + return algorithm + " " + (isPublic ? "PublicKey" : "PrivateKey") + + " [size=" + keyLength + " bits, type=" + typeStr + "]"; + } + protected native static String getContainerName(long hCryptProv); protected native static String getKeyType(long hCryptKey); diff --git a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java index 91a7775b8bd..c3882616615 100644 --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java @@ -42,7 +42,7 @@ class CPrivateKey extends CKey implements PrivateKey { private static final long serialVersionUID = 8113152807912338063L; private CPrivateKey(String alg, NativeHandles handles, int keyLength) { - super(alg, handles, keyLength); + super(alg, handles, keyLength, false); } // Called by native code inside security.cpp @@ -65,16 +65,6 @@ public byte[] getEncoded() { return null; } - public String toString() { - if (handles.hCryptKey != 0) { - return algorithm + "PrivateKey [size=" + keyLength + " bits, type=" + - getKeyType(handles.hCryptKey) + ", container=" + - getContainerName(handles.hCryptProv) + "]"; - } else { - return algorithm + "PrivateKey [size=" + keyLength + " bits, type=CNG]"; - } - } - // This class is not serializable @java.io.Serial private void writeObject(java.io.ObjectOutputStream out) diff --git a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java index efbd74c5bb8..7f02aa5c651 100644 --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java @@ -113,9 +113,8 @@ public ECParameterSpec getParams() { } public String toString() { - StringBuffer sb = new StringBuffer(); - sb.append(algorithm).append("PublicKey [size=").append(keyLength) - .append("]\n ECPoint: ").append(getW()) + StringBuffer sb = new StringBuffer(super.toString()); + sb.append("\n ECPoint: ").append(getW()) .append("\n params: ").append(getParams()); return sb.toString(); } @@ -134,16 +133,8 @@ public static class CRSAPublicKey extends CPublicKey implements RSAPublicKey { } public String toString() { - StringBuffer sb = new StringBuffer(); - sb.append(algorithm).append("PublicKey [size=").append(keyLength) - .append(" bits, type="); - if (handles.hCryptKey != 0) { - sb.append(getKeyType(handles.hCryptKey)) - .append(", container=").append(getContainerName(handles.hCryptProv)); - } else { - sb.append("CNG"); - } - sb.append("]\n modulus: ").append(getModulus()) + StringBuffer sb = new StringBuffer(super.toString()); + sb.append("\n modulus: ").append(getModulus()) .append("\n public exponent: ").append(getPublicExponent()); return sb.toString(); } @@ -214,7 +205,7 @@ public static CPublicKey of( protected CPublicKey( String alg, NativeHandles handles, int keyLength) { - super(alg, handles, keyLength); + super(alg, handles, keyLength, true); } @Override From 07873cca21dc961f5f303422340fc0a3c2d68f0d Mon Sep 17 00:00:00 2001 From: Martin Balao Date: Fri, 9 Feb 2024 13:06:47 +0000 Subject: [PATCH 7/9] 8322122: Enhance generation of addresses Backport-of: 1a4a46e102a2bc282fcbec571169867d715f4ade --- src/hotspot/cpu/aarch64/c1_LIRGenerator_aarch64.cpp | 8 +++++--- src/hotspot/cpu/ppc/c1_LIRGenerator_ppc.cpp | 8 +++++--- src/hotspot/cpu/s390/c1_LIRGenerator_s390.cpp | 8 +++++--- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/hotspot/cpu/aarch64/c1_LIRGenerator_aarch64.cpp b/src/hotspot/cpu/aarch64/c1_LIRGenerator_aarch64.cpp index d2cbdbdba26..209f50efe8f 100644 --- a/src/hotspot/cpu/aarch64/c1_LIRGenerator_aarch64.cpp +++ b/src/hotspot/cpu/aarch64/c1_LIRGenerator_aarch64.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2014, Red Hat Inc. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * @@ -167,8 +167,10 @@ LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index, if (index->is_register()) { // apply the shift and accumulate the displacement if (shift > 0) { - LIR_Opr tmp = new_pointer_register(); - __ shift_left(index, shift, tmp); + // Use long register to avoid overflow when shifting large index values left. + LIR_Opr tmp = new_register(T_LONG); + __ convert(Bytecodes::_i2l, index, tmp); + __ shift_left(tmp, shift, tmp); index = tmp; } if (large_disp != 0) { diff --git a/src/hotspot/cpu/ppc/c1_LIRGenerator_ppc.cpp b/src/hotspot/cpu/ppc/c1_LIRGenerator_ppc.cpp index 2c685920367..0a5ab12d3a4 100644 --- a/src/hotspot/cpu/ppc/c1_LIRGenerator_ppc.cpp +++ b/src/hotspot/cpu/ppc/c1_LIRGenerator_ppc.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2012, 2019 SAP SE. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * @@ -164,8 +164,10 @@ LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index, if (index->is_register()) { // Apply the shift and accumulate the displacement. if (shift > 0) { - LIR_Opr tmp = new_pointer_register(); - __ shift_left(index, shift, tmp); + // Use long register to avoid overflow when shifting large index values left. + LIR_Opr tmp = new_register(T_LONG); + __ convert(Bytecodes::_i2l, index, tmp); + __ shift_left(tmp, shift, tmp); index = tmp; } if (large_disp != 0) { diff --git a/src/hotspot/cpu/s390/c1_LIRGenerator_s390.cpp b/src/hotspot/cpu/s390/c1_LIRGenerator_s390.cpp index c6d5085079f..67d838bdcea 100644 --- a/src/hotspot/cpu/s390/c1_LIRGenerator_s390.cpp +++ b/src/hotspot/cpu/s390/c1_LIRGenerator_s390.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2017 SAP SE. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * @@ -157,8 +157,10 @@ LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index, return new LIR_Address(base, index, type); } else { if (shift > 0) { - LIR_Opr tmp = new_pointer_register(); - __ shift_left(index, shift, tmp); + // Use long register to avoid overflow when shifting large index values left. + LIR_Opr tmp = new_register(T_LONG); + __ convert(Bytecodes::_i2l, index, tmp); + __ shift_left(tmp, shift, tmp); index = tmp; } return new LIR_Address(base, index, disp, type); From 109e0227b59d1f6761ee3ea23c0f88b0ac441b65 Mon Sep 17 00:00:00 2001 From: Martin Balao Date: Wed, 21 Feb 2024 23:31:47 +0000 Subject: [PATCH 8/9] 8319851: Improve exception logging Reviewed-by: mbaesken Backport-of: 87dfeeb14fdd0fa1648a8bec91b5b713cc2c1b83 --- src/hotspot/share/classfile/javaClasses.cpp | 29 +++++++------- src/hotspot/share/classfile/javaClasses.hpp | 8 ++-- .../share/classfile/resolutionErrors.cpp | 23 +++++------ .../share/classfile/resolutionErrors.hpp | 21 +++++----- .../share/classfile/systemDictionary.cpp | 6 +-- .../share/classfile/systemDictionary.hpp | 4 +- src/hotspot/share/oops/constantPool.cpp | 38 ++++++++++--------- src/hotspot/share/oops/cpCache.cpp | 4 +- src/hotspot/share/utilities/exceptions.cpp | 6 +-- 9 files changed, 72 insertions(+), 67 deletions(-) diff --git a/src/hotspot/share/classfile/javaClasses.cpp b/src/hotspot/share/classfile/javaClasses.cpp index d5c31932e31..bf817989dc1 100644 --- a/src/hotspot/share/classfile/javaClasses.cpp +++ b/src/hotspot/share/classfile/javaClasses.cpp @@ -2076,18 +2076,17 @@ oop java_lang_Throwable::message(oop throwable) { return throwable->obj_field(_detailMessage_offset); } -oop java_lang_Throwable::cause(oop throwable) { - return throwable->obj_field(_cause_offset); +const char* java_lang_Throwable::message_as_utf8(oop throwable) { + oop msg = java_lang_Throwable::message(throwable); + const char* msg_utf8 = nullptr; + if (msg != nullptr) { + msg_utf8 = java_lang_String::as_utf8_string(msg); + } + return msg_utf8; } -// Return Symbol for detailed_message or NULL -Symbol* java_lang_Throwable::detail_message(oop throwable) { - PreserveExceptionMark pm(Thread::current()); - oop detailed_message = java_lang_Throwable::message(throwable); - if (detailed_message != NULL) { - return java_lang_String::as_symbol(detailed_message); - } - return NULL; +oop java_lang_Throwable::cause(oop throwable) { + return throwable->obj_field(_cause_offset); } void java_lang_Throwable::set_message(oop throwable, oop value) { @@ -2739,15 +2738,19 @@ Handle java_lang_Throwable::create_initialization_error(JavaThread* current, Han assert(throwable.not_null(), "shouldn't be"); // Now create the message from the original exception and thread name. - Symbol* message = java_lang_Throwable::detail_message(throwable()); ResourceMark rm(current); stringStream st; + const char *message = nullptr; + oop detailed_message = java_lang_Throwable::message(throwable()); + if (detailed_message != nullptr) { + message = java_lang_String::as_utf8_string(detailed_message); + } st.print("Exception %s%s ", throwable()->klass()->name()->as_klass_external_name(), message == nullptr ? "" : ":"); - if (message == NULL) { + if (message == nullptr) { st.print("[in thread \"%s\"]", current->name()); } else { - st.print("%s [in thread \"%s\"]", message->as_C_string(), current->name()); + st.print("%s [in thread \"%s\"]", message, current->name()); } Symbol* exception_name = vmSymbols::java_lang_ExceptionInInitializerError(); diff --git a/src/hotspot/share/classfile/javaClasses.hpp b/src/hotspot/share/classfile/javaClasses.hpp index 4a3d37e50dc..f1883878141 100644 --- a/src/hotspot/share/classfile/javaClasses.hpp +++ b/src/hotspot/share/classfile/javaClasses.hpp @@ -549,12 +549,14 @@ class java_lang_Throwable: AllStatic { static void set_backtrace(oop throwable, oop value); static int depth(oop throwable); static void set_depth(oop throwable, int value); - static int get_detailMessage_offset() { CHECK_INIT(_detailMessage_offset); } // Message + static int get_detailMessage_offset() { CHECK_INIT(_detailMessage_offset); } static oop message(oop throwable); - static oop cause(oop throwable); + static const char* message_as_utf8(oop throwable); static void set_message(oop throwable, oop value); - static Symbol* detail_message(oop throwable); + + static oop cause(oop throwable); + static void print_stack_element(outputStream *st, Method* method, int bci); static void compute_offsets(); diff --git a/src/hotspot/share/classfile/resolutionErrors.cpp b/src/hotspot/share/classfile/resolutionErrors.cpp index 24a5bcab3a8..4e647871d2a 100644 --- a/src/hotspot/share/classfile/resolutionErrors.cpp +++ b/src/hotspot/share/classfile/resolutionErrors.cpp @@ -36,8 +36,8 @@ // create new error entry void ResolutionErrorTable::add_entry(int index, unsigned int hash, const constantPoolHandle& pool, int cp_index, - Symbol* error, Symbol* message, - Symbol* cause, Symbol* cause_msg) + Symbol* error, const char* message, + Symbol* cause, const char* cause_msg) { assert_locked_or_safepoint(SystemDictionary_lock); assert(!pool.is_null() && error != NULL, "adding NULL obj"); @@ -95,11 +95,8 @@ void ResolutionErrorEntry::set_error(Symbol* e) { } } -void ResolutionErrorEntry::set_message(Symbol* c) { - _message = c; - if (_message != NULL) { - _message->increment_refcount(); - } +void ResolutionErrorEntry::set_message(const char* c) { + _message = c != nullptr ? os::strdup(c) : nullptr; } void ResolutionErrorEntry::set_cause(Symbol* c) { @@ -109,13 +106,11 @@ void ResolutionErrorEntry::set_cause(Symbol* c) { } } -void ResolutionErrorEntry::set_cause_msg(Symbol* c) { - _cause_msg = c; - if (_cause_msg != NULL) { - _cause_msg->increment_refcount(); - } +void ResolutionErrorEntry::set_cause_msg(const char* c) { + _cause_msg = c != nullptr ? os::strdup(c) : nullptr; } +// The incoming nest host error message is already in the C-Heap. void ResolutionErrorEntry::set_nest_host_error(const char* message) { _nest_host_error = message; } @@ -126,13 +121,13 @@ void ResolutionErrorTable::free_entry(ResolutionErrorEntry *entry) { entry->error()->decrement_refcount(); } if (entry->message() != NULL) { - entry->message()->decrement_refcount(); + FREE_C_HEAP_ARRAY(char, entry->message()); } if (entry->cause() != NULL) { entry->cause()->decrement_refcount(); } if (entry->cause_msg() != NULL) { - entry->cause_msg()->decrement_refcount(); + FREE_C_HEAP_ARRAY(char, entry->cause_msg()); } if (entry->nest_host_error() != NULL) { FREE_C_HEAP_ARRAY(char, entry->nest_host_error()); diff --git a/src/hotspot/share/classfile/resolutionErrors.hpp b/src/hotspot/share/classfile/resolutionErrors.hpp index 8a9c9951ba1..31a56385860 100644 --- a/src/hotspot/share/classfile/resolutionErrors.hpp +++ b/src/hotspot/share/classfile/resolutionErrors.hpp @@ -61,11 +61,11 @@ class ResolutionErrorTable : public Hashtable { } void add_entry(int index, unsigned int hash, - const constantPoolHandle& pool, int which, Symbol* error, Symbol* message, - Symbol* cause, Symbol* cause_msg); + const constantPoolHandle& pool, int cp_index, Symbol* error, const char* error_msg, + Symbol* cause, const char* cause_msg); void add_entry(int index, unsigned int hash, - const constantPoolHandle& pool, int which, const char* message); + const constantPoolHandle& pool, int cp_index, const char* message); // find error given the constant pool and constant pool index ResolutionErrorEntry* find_entry(int index, unsigned int hash, @@ -96,9 +96,9 @@ class ResolutionErrorEntry : public HashtableEntry { private: int _cp_index; Symbol* _error; - Symbol* _message; + const char* _message; Symbol* _cause; - Symbol* _cause_msg; + const char* _cause_msg; const char* _nest_host_error; public: @@ -110,16 +110,19 @@ class ResolutionErrorEntry : public HashtableEntry { Symbol* error() const { return _error; } void set_error(Symbol* e); - Symbol* message() const { return _message; } - void set_message(Symbol* c); + const char* message() const { return _message; } + // The incoming message is copied to the C-Heap. + void set_message(const char* c); Symbol* cause() const { return _cause; } void set_cause(Symbol* c); - Symbol* cause_msg() const { return _cause_msg; } - void set_cause_msg(Symbol* c); + const char* cause_msg() const { return _cause_msg; } + // The incoming cause_msg is copied to the C-Heap. + void set_cause_msg(const char* c); const char* nest_host_error() const { return _nest_host_error; } + // The incoming nest host error message is already in the C-Heap. void set_nest_host_error(const char* message); ResolutionErrorEntry* next() const { diff --git a/src/hotspot/share/classfile/systemDictionary.cpp b/src/hotspot/share/classfile/systemDictionary.cpp index 3d476eba09b..96fbf375bca 100644 --- a/src/hotspot/share/classfile/systemDictionary.cpp +++ b/src/hotspot/share/classfile/systemDictionary.cpp @@ -1846,8 +1846,8 @@ bool SystemDictionary::add_loader_constraint(Symbol* class_name, // Add entry to resolution error table to record the error when the first // attempt to resolve a reference to a class has failed. void SystemDictionary::add_resolution_error(const constantPoolHandle& pool, int which, - Symbol* error, Symbol* message, - Symbol* cause, Symbol* cause_msg) { + Symbol* error, const char* message, + Symbol* cause, const char* cause_msg) { unsigned int hash = resolution_errors()->compute_hash(pool, which); int index = resolution_errors()->hash_to_index(hash); { @@ -1866,7 +1866,7 @@ void SystemDictionary::delete_resolution_error(ConstantPool* pool) { // Lookup resolution error table. Returns error if found, otherwise NULL. Symbol* SystemDictionary::find_resolution_error(const constantPoolHandle& pool, int which, - Symbol** message, Symbol** cause, Symbol** cause_msg) { + const char** message, Symbol** cause, const char** cause_msg) { unsigned int hash = resolution_errors()->compute_hash(pool, which); int index = resolution_errors()->hash_to_index(hash); { diff --git a/src/hotspot/share/classfile/systemDictionary.hpp b/src/hotspot/share/classfile/systemDictionary.hpp index f4d40685ddc..a075e4de38b 100644 --- a/src/hotspot/share/classfile/systemDictionary.hpp +++ b/src/hotspot/share/classfile/systemDictionary.hpp @@ -281,10 +281,10 @@ class SystemDictionary : AllStatic { // Record the error when the first attempt to resolve a reference from a constant // pool entry to a class fails. static void add_resolution_error(const constantPoolHandle& pool, int which, Symbol* error, - Symbol* message, Symbol* cause = NULL, Symbol* cause_msg = NULL); + const char* message, Symbol* cause = NULL, const char* cause_msg = NULL); static void delete_resolution_error(ConstantPool* pool); static Symbol* find_resolution_error(const constantPoolHandle& pool, int which, - Symbol** message, Symbol** cause, Symbol** cause_msg); + const char** message, Symbol** cause, const char** cause_msg); // Record a nest host resolution/validation error diff --git a/src/hotspot/share/oops/constantPool.cpp b/src/hotspot/share/oops/constantPool.cpp index a97f2fe8d02..53e166c0c69 100644 --- a/src/hotspot/share/oops/constantPool.cpp +++ b/src/hotspot/share/oops/constantPool.cpp @@ -767,13 +767,16 @@ void ConstantPool::resolve_string_constants_impl(const constantPoolHandle& this_ } } -static Symbol* exception_message(const constantPoolHandle& this_cp, int which, constantTag tag, oop pending_exception) { +static const char* exception_message(const constantPoolHandle& this_cp, int which, constantTag tag, oop pending_exception) { + // Note: caller needs ResourceMark + // Dig out the detailed message to reuse if possible - Symbol* message = java_lang_Throwable::detail_message(pending_exception); - if (message != NULL) { - return message; + const char* msg = java_lang_Throwable::message_as_utf8(pending_exception); + if (msg != nullptr) { + return msg; } + Symbol* message = nullptr; // Return specific message for the tag switch (tag.value()) { case JVM_CONSTANT_UnresolvedClass: @@ -796,49 +799,48 @@ static Symbol* exception_message(const constantPoolHandle& this_cp, int which, c ShouldNotReachHere(); } - return message; + return message != nullptr ? message->as_C_string() : nullptr; } -static void add_resolution_error(const constantPoolHandle& this_cp, int which, +static void add_resolution_error(JavaThread* current, const constantPoolHandle& this_cp, int which, constantTag tag, oop pending_exception) { + ResourceMark rm(current); Symbol* error = pending_exception->klass()->name(); oop cause = java_lang_Throwable::cause(pending_exception); // Also dig out the exception cause, if present. Symbol* cause_sym = NULL; - Symbol* cause_msg = NULL; + const char* cause_msg = nullptr; if (cause != NULL && cause != pending_exception) { cause_sym = cause->klass()->name(); - cause_msg = java_lang_Throwable::detail_message(cause); + cause_msg = java_lang_Throwable::message_as_utf8(cause); } - Symbol* message = exception_message(this_cp, which, tag, pending_exception); + const char* message = exception_message(this_cp, which, tag, pending_exception); SystemDictionary::add_resolution_error(this_cp, which, error, message, cause_sym, cause_msg); } void ConstantPool::throw_resolution_error(const constantPoolHandle& this_cp, int which, TRAPS) { ResourceMark rm(THREAD); - Symbol* message = NULL; + const char* message = NULL; Symbol* cause = NULL; - Symbol* cause_msg = NULL; + const char* cause_msg = NULL; Symbol* error = SystemDictionary::find_resolution_error(this_cp, which, &message, &cause, &cause_msg); assert(error != NULL, "checking"); - const char* cause_str = cause_msg != NULL ? cause_msg->as_C_string() : NULL; CLEAR_PENDING_EXCEPTION; if (message != NULL) { - char* msg = message->as_C_string(); if (cause != NULL) { - Handle h_cause = Exceptions::new_exception(THREAD, cause, cause_str); - THROW_MSG_CAUSE(error, msg, h_cause); + Handle h_cause = Exceptions::new_exception(THREAD, cause, cause_msg); + THROW_MSG_CAUSE(error, message, h_cause); } else { - THROW_MSG(error, msg); + THROW_MSG(error, message); } } else { if (cause != NULL) { - Handle h_cause = Exceptions::new_exception(THREAD, cause, cause_str); + Handle h_cause = Exceptions::new_exception(THREAD, cause, cause_msg); THROW_CAUSE(error, h_cause); } else { THROW(error); @@ -860,7 +862,7 @@ void ConstantPool::save_and_throw_exception(const constantPoolHandle& this_cp, i // and OutOfMemoryError, etc, or if the thread was hit by stop() // Needs clarification to section 5.4.3 of the VM spec (see 6308271) } else if (this_cp->tag_at(which).value() != error_tag) { - add_resolution_error(this_cp, which, tag, PENDING_EXCEPTION); + add_resolution_error(THREAD, this_cp, which, tag, PENDING_EXCEPTION); // CAS in the tag. If a thread beat us to registering this error that's fine. // If another thread resolved the reference, this is a race condition. This // thread may have had a security manager or something temporary. diff --git a/src/hotspot/share/oops/cpCache.cpp b/src/hotspot/share/oops/cpCache.cpp index 40ca7d7efc6..9fdf69e057d 100644 --- a/src/hotspot/share/oops/cpCache.cpp +++ b/src/hotspot/share/oops/cpCache.cpp @@ -497,9 +497,9 @@ bool ConstantPoolCacheEntry::save_and_throw_indy_exc( CLEAR_PENDING_EXCEPTION; return false; } - + ResourceMark rm(THREAD); Symbol* error = PENDING_EXCEPTION->klass()->name(); - Symbol* message = java_lang_Throwable::detail_message(PENDING_EXCEPTION); + const char* message = java_lang_Throwable::message_as_utf8(PENDING_EXCEPTION); SystemDictionary::add_resolution_error(cpool, index, error, message); set_indy_resolution_failed(); diff --git a/src/hotspot/share/utilities/exceptions.cpp b/src/hotspot/share/utilities/exceptions.cpp index bd95b8306be..d65f5bcfafd 100644 --- a/src/hotspot/share/utilities/exceptions.cpp +++ b/src/hotspot/share/utilities/exceptions.cpp @@ -563,11 +563,11 @@ void Exceptions::debug_check_abort_helper(Handle exception, const char* message) // for logging exceptions void Exceptions::log_exception(Handle exception, const char* message) { ResourceMark rm; - Symbol* detail_message = java_lang_Throwable::detail_message(exception()); - if (detail_message != NULL) { + const char* detail_message = java_lang_Throwable::message_as_utf8(exception()); + if (detail_message != nullptr) { log_info(exceptions)("Exception <%s: %s>\n thrown in %s", exception->print_value_string(), - detail_message->as_C_string(), + detail_message, message); } else { log_info(exceptions)("Exception <%s>\n thrown in %s", From 1c40f899c9c736998ba38e805d88361e53511c64 Mon Sep 17 00:00:00 2001 From: Christoph Langer Date: Mon, 8 Apr 2024 08:17:34 +0200 Subject: [PATCH 9/9] 8329836: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.11 Reviewed-by: goetz --- make/conf/version-numbers.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make/conf/version-numbers.conf b/make/conf/version-numbers.conf index d3d1bc750e5..d71569c16e6 100644 --- a/make/conf/version-numbers.conf +++ b/make/conf/version-numbers.conf @@ -39,4 +39,4 @@ DEFAULT_VERSION_CLASSFILE_MINOR=0 DEFAULT_VERSION_DOCS_API_SINCE=11 DEFAULT_ACCEPTABLE_BOOT_VERSIONS="16 17" DEFAULT_JDK_SOURCE_TARGET_VERSION=17 -DEFAULT_PROMOTED_VERSION_PRE=ea +DEFAULT_PROMOTED_VERSION_PRE=