8344219: Remove calls to SecurityManager and doPrivileged in java.net.SocksSocketImpl after JEP 486 integration
Reviewed-by: dfuchs
This commit is contained in:
Volkan Yazıcı
Daniel Fuchs
parent
9769ee8697
commit
15dbb6a380
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -29,7 +29,6 @@ import java.io.InputStream;
|
|||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
import java.io.BufferedOutputStream;
|
import java.io.BufferedOutputStream;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.security.AccessController;
|
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
|
|
||||||
import jdk.internal.util.StaticProperty;
|
import jdk.internal.util.StaticProperty;
|
||||||
@ -75,30 +74,10 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
return DefaultProxySelector.socksProxyVersion() == 4;
|
return DefaultProxySelector.socksProxyVersion() == 4;
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("removal")
|
private synchronized void doConnect(final String host, final int port, final int timeout) throws IOException {
|
||||||
private synchronized void privilegedConnect(final String host,
|
delegate.connect(new InetSocketAddress(host, port), timeout);
|
||||||
final int port,
|
|
||||||
final int timeout)
|
|
||||||
throws IOException
|
|
||||||
{
|
|
||||||
try {
|
|
||||||
AccessController.doPrivileged(
|
|
||||||
new java.security.PrivilegedExceptionAction<>() {
|
|
||||||
public Void run() throws IOException {
|
|
||||||
superConnectServer(host, port, timeout);
|
|
||||||
cmdIn = getInputStream();
|
cmdIn = getInputStream();
|
||||||
cmdOut = getOutputStream();
|
cmdOut = getOutputStream();
|
||||||
return null;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
} catch (java.security.PrivilegedActionException pae) {
|
|
||||||
throw (IOException) pae.getException();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void superConnectServer(String host, int port,
|
|
||||||
int timeout) throws IOException {
|
|
||||||
delegate.connect(new InetSocketAddress(host, port), timeout);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static int remainingMillis(long deadlineMillis) throws IOException {
|
private static int remainingMillis(long deadlineMillis) throws IOException {
|
||||||
@ -151,15 +130,8 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
String userName;
|
String userName;
|
||||||
String password = null;
|
String password = null;
|
||||||
final InetAddress addr = InetAddress.getByName(server);
|
final InetAddress addr = InetAddress.getByName(server);
|
||||||
@SuppressWarnings("removal")
|
PasswordAuthentication pw = Authenticator.requestPasswordAuthentication(
|
||||||
PasswordAuthentication pw =
|
|
||||||
java.security.AccessController.doPrivileged(
|
|
||||||
new java.security.PrivilegedAction<>() {
|
|
||||||
public PasswordAuthentication run() {
|
|
||||||
return Authenticator.requestPasswordAuthentication(
|
|
||||||
server, addr, serverPort, "SOCKS5", "SOCKS authentication", null);
|
server, addr, serverPort, "SOCKS5", "SOCKS authentication", null);
|
||||||
}
|
|
||||||
});
|
|
||||||
if (pw != null) {
|
if (pw != null) {
|
||||||
userName = pw.getUserName();
|
userName = pw.getUserName();
|
||||||
password = new String(pw.getPassword());
|
password = new String(pw.getPassword());
|
||||||
@ -250,8 +222,6 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
* @param endpoint the {@code SocketAddress} to connect to.
|
* @param endpoint the {@code SocketAddress} to connect to.
|
||||||
* @param timeout the timeout value in milliseconds
|
* @param timeout the timeout value in milliseconds
|
||||||
* @throws IOException if the connection can't be established.
|
* @throws IOException if the connection can't be established.
|
||||||
* @throws SecurityException if there is a security manager and it
|
|
||||||
* doesn't allow the connection
|
|
||||||
* @throws IllegalArgumentException if endpoint is null or a
|
* @throws IllegalArgumentException if endpoint is null or a
|
||||||
* SocketAddress subclass not supported by this socket
|
* SocketAddress subclass not supported by this socket
|
||||||
*/
|
*/
|
||||||
@ -266,29 +236,14 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
deadlineMillis = finish < 0 ? Long.MAX_VALUE : finish;
|
deadlineMillis = finish < 0 ? Long.MAX_VALUE : finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager security = System.getSecurityManager();
|
|
||||||
if (!(endpoint instanceof InetSocketAddress epoint))
|
if (!(endpoint instanceof InetSocketAddress epoint))
|
||||||
throw new IllegalArgumentException("Unsupported address type");
|
throw new IllegalArgumentException("Unsupported address type");
|
||||||
if (security != null) {
|
|
||||||
if (epoint.isUnresolved())
|
|
||||||
security.checkConnect(epoint.getHostName(),
|
|
||||||
epoint.getPort());
|
|
||||||
else
|
|
||||||
security.checkConnect(epoint.getAddress().getHostAddress(),
|
|
||||||
epoint.getPort());
|
|
||||||
}
|
|
||||||
if (server == null) {
|
if (server == null) {
|
||||||
// This is the general case
|
// This is the general case
|
||||||
// server is not null only when the socket was created with a
|
// server is not null only when the socket was created with a
|
||||||
// specified proxy in which case it does bypass the ProxySelector
|
// specified proxy in which case it does bypass the ProxySelector
|
||||||
@SuppressWarnings("removal")
|
ProxySelector sel = ProxySelector.getDefault();
|
||||||
ProxySelector sel = java.security.AccessController.doPrivileged(
|
|
||||||
new java.security.PrivilegedAction<>() {
|
|
||||||
public ProxySelector run() {
|
|
||||||
return ProxySelector.getDefault();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
if (sel == null) {
|
if (sel == null) {
|
||||||
/*
|
/*
|
||||||
* No default proxySelector --> direct connection
|
* No default proxySelector --> direct connection
|
||||||
@ -337,7 +292,7 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
|
|
||||||
// Connects to the SOCKS server
|
// Connects to the SOCKS server
|
||||||
try {
|
try {
|
||||||
privilegedConnect(server, serverPort, remainingMillis(deadlineMillis));
|
doConnect(server, serverPort, remainingMillis(deadlineMillis));
|
||||||
// Worked, let's get outta here
|
// Worked, let's get outta here
|
||||||
break;
|
break;
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
@ -361,13 +316,13 @@ class SocksSocketImpl extends DelegatingSocketImpl implements SocksConsts {
|
|||||||
} else {
|
} else {
|
||||||
// Connects to the SOCKS server
|
// Connects to the SOCKS server
|
||||||
try {
|
try {
|
||||||
privilegedConnect(server, serverPort, remainingMillis(deadlineMillis));
|
doConnect(server, serverPort, remainingMillis(deadlineMillis));
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
throw new SocketException(e.getMessage(), e);
|
throw new SocketException(e.getMessage(), e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// cmdIn & cmdOut were initialized during the privilegedConnect() call
|
// `cmdIn` & `cmdOut` were initialized during the `doConnect()` call
|
||||||
BufferedOutputStream out = new BufferedOutputStream(cmdOut, 512);
|
BufferedOutputStream out = new BufferedOutputStream(cmdOut, 512);
|
||||||
InputStream in = cmdIn;
|
InputStream in = cmdIn;
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user