From 15dbb6a38064d4779a44e584ae67ba26885c8436 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Volkan=20Yaz=C4=B1c=C4=B1?= Date: Fri, 22 Nov 2024 14:39:07 +0000 Subject: [PATCH] 8344219: Remove calls to SecurityManager and doPrivileged in java.net.SocksSocketImpl after JEP 486 integration Reviewed-by: dfuchs --- .../classes/java/net/SocksSocketImpl.java | 67 +++---------------- 1 file changed, 11 insertions(+), 56 deletions(-) diff --git a/src/java.base/share/classes/java/net/SocksSocketImpl.java b/src/java.base/share/classes/java/net/SocksSocketImpl.java index e6efddae65c..54ff612be02 100644 --- a/src/java.base/share/classes/java/net/SocksSocketImpl.java +++ b/src/java.base/share/classes/java/net/SocksSocketImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.io.InputStream; import java.io.OutputStream; import java.io.BufferedOutputStream; import java.nio.charset.StandardCharsets; -import java.security.AccessController; import java.util.Iterator; import jdk.internal.util.StaticProperty; @@ -75,30 +74,10 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { return DefaultProxySelector.socksProxyVersion() == 4; } - @SuppressWarnings("removal") - private synchronized void privilegedConnect(final String host, - final int port, - final int timeout) - throws IOException - { - try { - AccessController.doPrivileged( - new java.security.PrivilegedExceptionAction<>() { - public Void run() throws IOException { - superConnectServer(host, port, timeout); - cmdIn = getInputStream(); - cmdOut = getOutputStream(); - return null; - } - }); - } catch (java.security.PrivilegedActionException pae) { - throw (IOException) pae.getException(); - } - } - - private void superConnectServer(String host, int port, - int timeout) throws IOException { + private synchronized void doConnect(final String host, final int port, final int timeout) throws IOException { delegate.connect(new InetSocketAddress(host, port), timeout); + cmdIn = getInputStream(); + cmdOut = getOutputStream(); } private static int remainingMillis(long deadlineMillis) throws IOException { @@ -151,15 +130,8 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { String userName; String password = null; final InetAddress addr = InetAddress.getByName(server); - @SuppressWarnings("removal") - PasswordAuthentication pw = - java.security.AccessController.doPrivileged( - new java.security.PrivilegedAction<>() { - public PasswordAuthentication run() { - return Authenticator.requestPasswordAuthentication( - server, addr, serverPort, "SOCKS5", "SOCKS authentication", null); - } - }); + PasswordAuthentication pw = Authenticator.requestPasswordAuthentication( + server, addr, serverPort, "SOCKS5", "SOCKS authentication", null); if (pw != null) { userName = pw.getUserName(); password = new String(pw.getPassword()); @@ -250,8 +222,6 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { * @param endpoint the {@code SocketAddress} to connect to. * @param timeout the timeout value in milliseconds * @throws IOException if the connection can't be established. - * @throws SecurityException if there is a security manager and it - * doesn't allow the connection * @throws IllegalArgumentException if endpoint is null or a * SocketAddress subclass not supported by this socket */ @@ -266,29 +236,14 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { deadlineMillis = finish < 0 ? Long.MAX_VALUE : finish; } - @SuppressWarnings("removal") - SecurityManager security = System.getSecurityManager(); if (!(endpoint instanceof InetSocketAddress epoint)) throw new IllegalArgumentException("Unsupported address type"); - if (security != null) { - if (epoint.isUnresolved()) - security.checkConnect(epoint.getHostName(), - epoint.getPort()); - else - security.checkConnect(epoint.getAddress().getHostAddress(), - epoint.getPort()); - } + if (server == null) { // This is the general case // server is not null only when the socket was created with a // specified proxy in which case it does bypass the ProxySelector - @SuppressWarnings("removal") - ProxySelector sel = java.security.AccessController.doPrivileged( - new java.security.PrivilegedAction<>() { - public ProxySelector run() { - return ProxySelector.getDefault(); - } - }); + ProxySelector sel = ProxySelector.getDefault(); if (sel == null) { /* * No default proxySelector --> direct connection @@ -337,7 +292,7 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { // Connects to the SOCKS server try { - privilegedConnect(server, serverPort, remainingMillis(deadlineMillis)); + doConnect(server, serverPort, remainingMillis(deadlineMillis)); // Worked, let's get outta here break; } catch (IOException e) { @@ -361,13 +316,13 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts { } else { // Connects to the SOCKS server try { - privilegedConnect(server, serverPort, remainingMillis(deadlineMillis)); + doConnect(server, serverPort, remainingMillis(deadlineMillis)); } catch (IOException e) { throw new SocketException(e.getMessage(), e); } } - // cmdIn & cmdOut were initialized during the privilegedConnect() call + // `cmdIn` & `cmdOut` were initialized during the `doConnect()` call BufferedOutputStream out = new BufferedOutputStream(cmdOut, 512); InputStream in = cmdIn;