stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Tim Bell 2008-12-19 22:07:37 -08:00
commit 3505c577b7
4 changed files with 125 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
jdk/src/share/classes/sun/security/ssl/CipherBox.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1996-2007 Sun Microsystems, Inc. All Rights Reserved. * Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -486,4 +486,21 @@ final class CipherBox {
return newlen; return newlen;
} }
/*
* Dispose of any intermediate state in the underlying cipher.
* For PKCS11 ciphers, this will release any attached sessions, and
* thus make finalization faster.
*/
void dispose() {
try {
if (cipher != null) {
// ignore return value.
cipher.doFinal();
}
} catch (GeneralSecurityException e) {
// swallow for now.
}
}
} }

30
jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved. * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -547,6 +547,8 @@ final public class SSLEngineImpl extends SSLEngine {
// ... create decompressor // ... create decompressor
CipherBox oldCipher = readCipher;
try { try {
readCipher = handshaker.newReadCipher(); readCipher = handshaker.newReadCipher();
readMAC = handshaker.newReadMAC(); readMAC = handshaker.newReadMAC();
@ -555,6 +557,16 @@ final public class SSLEngineImpl extends SSLEngine {
throw (SSLException)new SSLException throw (SSLException)new SSLException
("Algorithm missing: ").initCause(e); ("Algorithm missing: ").initCause(e);
} }
/*
* Dispose of any intermediate state in the underlying cipher.
* For PKCS11 ciphers, this will release any attached sessions,
* and thus make finalization faster.
*
* Since MAC's doFinal() is called for every SSL/TLS packet, it's
* not necessary to do the same with MAC's.
*/
oldCipher.dispose();
} }
/* /*
@ -572,6 +584,8 @@ final public class SSLEngineImpl extends SSLEngine {
// ... create compressor // ... create compressor
CipherBox oldCipher = writeCipher;
try { try {
writeCipher = handshaker.newWriteCipher(); writeCipher = handshaker.newWriteCipher();
writeMAC = handshaker.newWriteMAC(); writeMAC = handshaker.newWriteMAC();
@ -580,6 +594,9 @@ final public class SSLEngineImpl extends SSLEngine {
throw (SSLException)new SSLException throw (SSLException)new SSLException
("Algorithm missing: ").initCause(e); ("Algorithm missing: ").initCause(e);
} }
// See comment above.
oldCipher.dispose();
} }
/* /*
@ -1231,6 +1248,9 @@ final public class SSLEngineImpl extends SSLEngine {
break; break;
} }
// See comment in changeReadCiphers()
writeCipher.dispose();
connectionState = cs_CLOSED; connectionState = cs_CLOSED;
} }
@ -1271,6 +1291,10 @@ final public class SSLEngineImpl extends SSLEngine {
closeOutboundInternal(); closeOutboundInternal();
inboundDone = true; inboundDone = true;
// See comment in changeReadCiphers()
readCipher.dispose();
connectionState = cs_CLOSED; connectionState = cs_CLOSED;
} }
@ -1457,6 +1481,10 @@ final public class SSLEngineImpl extends SSLEngine {
connectionState = cs_CLOSED; connectionState = cs_CLOSED;
// See comment in changeReadCiphers()
readCipher.dispose();
writeCipher.dispose();
if (cause instanceof RuntimeException) { if (cause instanceof RuntimeException) {
throw (RuntimeException)cause; throw (RuntimeException)cause;
} else { } else {

26
jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java
View File

@ -1427,6 +1427,10 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
waitForClose(false); waitForClose(false);
} }
// See comment in changeReadCiphers()
readCipher.dispose();
writeCipher.dispose();
// state will be set to cs_CLOSED in the finally block below // state will be set to cs_CLOSED in the finally block below
break; break;
@ -1633,6 +1637,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* Clean up our side. * Clean up our side.
*/ */
closeSocket(); closeSocket();
// See comment in changeReadCiphers()
readCipher.dispose();
writeCipher.dispose();
connectionState = (oldState == cs_APP_CLOSED) ? cs_APP_CLOSED connectionState = (oldState == cs_APP_CLOSED) ? cs_APP_CLOSED
: cs_CLOSED; : cs_CLOSED;
throw closeReason; throw closeReason;
@ -1763,6 +1772,8 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// ... create decompressor // ... create decompressor
CipherBox oldCipher = readCipher;
try { try {
readCipher = handshaker.newReadCipher(); readCipher = handshaker.newReadCipher();
readMAC = handshaker.newReadMAC(); readMAC = handshaker.newReadMAC();
@ -1771,6 +1782,16 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
throw (SSLException)new SSLException throw (SSLException)new SSLException
("Algorithm missing: ").initCause(e); ("Algorithm missing: ").initCause(e);
} }
/*
* Dispose of any intermediate state in the underlying cipher.
* For PKCS11 ciphers, this will release any attached sessions,
* and thus make finalization faster.
*
* Since MAC's doFinal() is called for every SSL/TLS packet, it's
* not necessary to do the same with MAC's.
*/
oldCipher.dispose();
} }
// used by Handshaker // used by Handshaker
@ -1783,6 +1804,8 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// ... create compressor // ... create compressor
CipherBox oldCipher = writeCipher;
try { try {
writeCipher = handshaker.newWriteCipher(); writeCipher = handshaker.newWriteCipher();
writeMAC = handshaker.newWriteMAC(); writeMAC = handshaker.newWriteMAC();
@ -1791,6 +1814,9 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
throw (SSLException)new SSLException throw (SSLException)new SSLException
("Algorithm missing: ").initCause(e); ("Algorithm missing: ").initCause(e);
} }
// See comment above.
oldCipher.dispose();
} }
/* /*

111
jdk/src/share/classes/sun/tools/jar/Main.java
View File

@ -46,9 +46,18 @@ class Main {
String zname = ""; String zname = "";
String[] files; String[] files;
String rootjar = null; String rootjar = null;
Hashtable filesTable = new Hashtable();
Vector paths = new Vector(); // An entryName(path)->File map generated during "expand", it helps to
Vector v; // decide whether or not an existing entry in a jar file needs to be
// replaced, during the "update" operation.
Map<String, File> entryMap = new HashMap<String, File>();
// All files need to be added/updated.
Set<File> entries = new LinkedHashSet<File>();
// Directories specified by "-C" operation.
List<String> paths = new ArrayList<String>();
CRC32 crc32 = new CRC32(); CRC32 crc32 = new CRC32();
/* /*
* cflag: create * cflag: create
@ -175,7 +184,8 @@ class Main {
vflag = false; vflag = false;
} }
} }
create(new BufferedOutputStream(out), expand(files), manifest); expand(null, files, false);
create(new BufferedOutputStream(out, 4096), manifest);
if (in != null) { if (in != null) {
in.close(); in.close();
} }
@ -198,8 +208,8 @@ class Main {
} }
InputStream manifest = (!Mflag && (mname != null)) ? InputStream manifest = (!Mflag && (mname != null)) ?
(new FileInputStream(mname)) : null; (new FileInputStream(mname)) : null;
expand(files); expand(null, files, true);
boolean updateOk = update(in, new BufferedOutputStream(out), manifest); boolean updateOk = update(in, new BufferedOutputStream(out), manifest, null);
if (ok) { if (ok) {
ok = updateOk; ok = updateOk;
} }
@ -354,7 +364,7 @@ class Main {
while (dir.indexOf("//") > -1) { while (dir.indexOf("//") > -1) {
dir = dir.replace("//", "/"); dir = dir.replace("//", "/");
} }
paths.addElement(dir.replace(File.separatorChar, '/')); paths.add(dir.replace(File.separatorChar, '/'));
nameBuf[k++] = dir + args[++i]; nameBuf[k++] = dir + args[++i];
} else { } else {
nameBuf[k++] = args[i]; nameBuf[k++] = args[i];
@ -387,17 +397,7 @@ class Main {
* Expands list of files to process into full list of all files that * Expands list of files to process into full list of all files that
* can be found by recursively descending directories. * can be found by recursively descending directories.
*/ */
String[] expand(String[] files) { void expand(File dir, String[] files, boolean isUpdate) {
v = new Vector();
expand(null, files, v, filesTable);
files = new String[v.size()];
for (int i = 0; i < files.length; i++) {
files[i] = ((File)v.elementAt(i)).getPath();
}
return files;
}
void expand(File dir, String[] files, Vector v, Hashtable t) {
if (files == null) { if (files == null) {
return; return;
} }
@ -409,17 +409,20 @@ class Main {
f = new File(dir, files[i]); f = new File(dir, files[i]);
} }
if (f.isFile()) { if (f.isFile()) {
if (!t.contains(f)) { if (entries.add(f)) {
t.put(entryName(f.getPath()), f); if (isUpdate)
v.addElement(f); entryMap.put(entryName(f.getPath()), f);
} }
} else if (f.isDirectory()) { } else if (f.isDirectory()) {
String dirPath = f.getPath(); if (entries.add(f)) {
dirPath = (dirPath.endsWith(File.separator)) ? dirPath : if (isUpdate) {
(dirPath + File.separator); String dirPath = f.getPath();
t.put(entryName(dirPath), f); dirPath = (dirPath.endsWith(File.separator)) ? dirPath :
v.addElement(f); (dirPath + File.separator);
expand(f, f.list(), v, t); entryMap.put(entryName(dirPath), f);
}
expand(f, f.list(), isUpdate);
}
} else { } else {
error(formatMsg("error.nosuch.fileordir", String.valueOf(f))); error(formatMsg("error.nosuch.fileordir", String.valueOf(f)));
ok = false; ok = false;
@ -430,7 +433,7 @@ class Main {
/* /*
* Creates a new JAR file. * Creates a new JAR file.
*/ */
void create(OutputStream out, String[] files, Manifest manifest) void create(OutputStream out, Manifest manifest)
throws IOException throws IOException
{ {
ZipOutputStream zos = new JarOutputStream(out); ZipOutputStream zos = new JarOutputStream(out);
@ -455,8 +458,8 @@ class Main {
manifest.write(zos); manifest.write(zos);
zos.closeEntry(); zos.closeEntry();
} }
for (int i = 0; i < files.length; i++) { for (File file: entries) {
addFile(zos, new File(files[i])); addFile(zos, file);
} }
zos.close(); zos.close();
} }
@ -465,10 +468,9 @@ class Main {
* update an existing jar file. * update an existing jar file.
*/ */
boolean update(InputStream in, OutputStream out, boolean update(InputStream in, OutputStream out,
InputStream newManifest) throws IOException InputStream newManifest,
JarIndex jarIndex) throws IOException
{ {
Hashtable t = filesTable;
Vector v = this.v;
ZipInputStream zis = new ZipInputStream(in); ZipInputStream zis = new ZipInputStream(in);
ZipOutputStream zos = new JarOutputStream(out); ZipOutputStream zos = new JarOutputStream(out);
ZipEntry e = null; ZipEntry e = null;
@ -477,8 +479,8 @@ class Main {
int n = 0; int n = 0;
boolean updateOk = true; boolean updateOk = true;
if (t.containsKey(INDEX)) { if (jarIndex != null) {
addIndex((JarIndex)t.get(INDEX), zos); addIndex(jarIndex, zos);
} }
// put the old entries first, replace if necessary // put the old entries first, replace if necessary
@ -488,9 +490,8 @@ class Main {
boolean isManifestEntry = name.toUpperCase( boolean isManifestEntry = name.toUpperCase(
java.util.Locale.ENGLISH). java.util.Locale.ENGLISH).
equals(MANIFEST); equals(MANIFEST);
if ((name.toUpperCase().equals(INDEX) if ((name.toUpperCase().equals(INDEX) && jarIndex != null)
&& t.containsKey(INDEX)) || (Mflag && isManifestEntry)) {
|| (Mflag && isManifestEntry)) {
continue; continue;
} else if (isManifestEntry && ((newManifest != null) || } else if (isManifestEntry && ((newManifest != null) ||
(ename != null))) { (ename != null))) {
@ -514,8 +515,7 @@ class Main {
} }
updateManifest(old, zos); updateManifest(old, zos);
} else { } else {
if (!t.containsKey(name)) { // copy the old stuff if (!entryMap.containsKey(name)) { // copy the old stuff
// do our own compression // do our own compression
ZipEntry e2 = new ZipEntry(name); ZipEntry e2 = new ZipEntry(name);
e2.setMethod(e.getMethod()); e2.setMethod(e.getMethod());
@ -531,21 +531,17 @@ class Main {
zos.write(buf, 0, n); zos.write(buf, 0, n);
} }
} else { // replace with the new files } else { // replace with the new files
addFile(zos, (File)(t.get(name))); File f = entryMap.get(name);
t.remove(name); addFile(zos, f);
entryMap.remove(name);
entries.remove(f);
} }
} }
} }
t.remove(INDEX);
// add the remaining new files // add the remaining new files
if (!t.isEmpty()) { for (File f: entries) {
for (int i = 0; i < v.size(); i++) { addFile(zos, f);
File f = (File)v.elementAt(i);
if (t.containsValue(f)) {
addFile(zos, f);
}
}
} }
if (!foundManifest) { if (!foundManifest) {
if (newManifest != null) { if (newManifest != null) {
@ -611,8 +607,7 @@ class Main {
private String entryName(String name) { private String entryName(String name) {
name = name.replace(File.separatorChar, '/'); name = name.replace(File.separatorChar, '/');
String matchPath = ""; String matchPath = "";
for (int i = 0; i < paths.size(); i++) { for (String path : paths) {
String path = (String)paths.elementAt(i);
if (name.startsWith(path) && (path.length() > matchPath.length())) { if (name.startsWith(path) && (path.length() > matchPath.length())) {
matchPath = path; matchPath = path;
} }
@ -669,7 +664,6 @@ class Main {
void addFile(ZipOutputStream zos, File file) throws IOException { void addFile(ZipOutputStream zos, File file) throws IOException {
String name = file.getPath(); String name = file.getPath();
boolean isDir = file.isDirectory(); boolean isDir = file.isDirectory();
if (isDir) { if (isDir) {
name = name.endsWith(File.separator) ? name : name = name.endsWith(File.separator) ? name :
(name + File.separator); (name + File.separator);
@ -704,7 +698,7 @@ class Main {
} }
zos.putNextEntry(e); zos.putNextEntry(e);
if (!isDir) { if (!isDir) {
byte[] buf = new byte[1024]; byte[] buf = new byte[8192];
int len; int len;
InputStream is = new BufferedInputStream(new FileInputStream(file)); InputStream is = new BufferedInputStream(new FileInputStream(file));
while ((len = is.read(buf, 0, buf.length)) != -1) { while ((len = is.read(buf, 0, buf.length)) != -1) {
@ -749,7 +743,7 @@ class Main {
*/ */
private void crc32File(ZipEntry e, File f) throws IOException { private void crc32File(ZipEntry e, File f) throws IOException {
InputStream is = new BufferedInputStream(new FileInputStream(f)); InputStream is = new BufferedInputStream(new FileInputStream(f));
byte[] buf = new byte[1024]; byte[] buf = new byte[8192];
crc32.reset(); crc32.reset();
int r = 0; int r = 0;
int nread = 0; int nread = 0;
@ -772,7 +766,7 @@ class Main {
void extract(InputStream in, String files[]) throws IOException { void extract(InputStream in, String files[]) throws IOException {
ZipInputStream zis = new ZipInputStream(in); ZipInputStream zis = new ZipInputStream(in);
ZipEntry e; ZipEntry e;
// Set of all directory entries specified in archive. Dissallows // Set of all directory entries specified in archive. Disallows
// null entries. Disallows all entries if using pre-6.0 behavior. // null entries. Disallows all entries if using pre-6.0 behavior.
Set<ZipEntry> dirs = new HashSet<ZipEntry>() { Set<ZipEntry> dirs = new HashSet<ZipEntry>() {
public boolean add(ZipEntry e) { public boolean add(ZipEntry e) {
@ -897,17 +891,16 @@ class Main {
} }
} }
/** /**
* Output the class index table to the INDEX.LIST file of the * Output the class index table to the INDEX.LIST file of the
* root jar file. * root jar file.
*/ */
void dumpIndex(String rootjar, JarIndex index) throws IOException { void dumpIndex(String rootjar, JarIndex index) throws IOException {
filesTable.put(INDEX, index);
File scratchFile = File.createTempFile("scratch", null, new File(".")); File scratchFile = File.createTempFile("scratch", null, new File("."));
File jarFile = new File(rootjar); File jarFile = new File(rootjar);
boolean updateOk = update(new FileInputStream(jarFile), boolean updateOk = update(new FileInputStream(jarFile),
new FileOutputStream(scratchFile), null); new FileOutputStream(scratchFile),
null, index);
jarFile.delete(); jarFile.delete();
if (!scratchFile.renameTo(jarFile)) { if (!scratchFile.renameTo(jarFile)) {
scratchFile.delete(); scratchFile.delete();