stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8160104: CORBA communication improvements

Browse Source 
Reviewed-by: rriggs, dfuchs
This commit is contained in:
Mark Sheppard 2017-09-03 16:08:13 +01:00
parent a316ab9ef3
commit 979cec24f8
8 changed files with 341 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/java.base/share/conf/security/java.security
View File

@ -985,3 +985,24 @@ jdk.xml.dsig.secureValidationPolicy=\
# java.rmi.dgc.VMID;\
# java.rmi.dgc.Lease;\
# maxdepth=5;maxarray=10000
# CORBA ORBIorTypeCheckRegistryFilter
# Type check enhancement for ORB::string_to_object processing
#
# An IOR type check filter, if configured, is used by an ORB during
# an ORB::string_to_object invocation to check the veracity of the type encoded
# in the ior string.
#
# The filter pattern consists of a semi-colon separated list of class names.
# The configured list contains the binary class names of the IDL interface types
# corresponding to the IDL stub class to be instantiated.
# As such, a filter specifies a list of IDL stub classes that will be
# allowed by an ORB when an ORB::string_to_object is invoked.
# It is used to specify a white list configuration of acceptable
# IDL stub types which may be contained in a stringified IOR
# parameter passed as input to an ORB::string_to_object method.
#
# Note: This property is currently used by the JDK Reference implementation.
# It is not guaranteed to be examined and used by other implementations.
#
#com.sun.CORBA.ORBIorTypeCheckRegistryFilter=binary_class_name;binary_class_name

24
src/java.corba/share/classes/com/sun/corba/se/impl/encoding/BufferManagerWriteGrow.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,11 +26,13 @@
package com.sun.corba.se.impl.encoding;
import com.sun.corba.se.impl.orbutil.ORBConstants;
import com.sun.corba.se.impl.orbutil.ORBUtility;
import com.sun.corba.se.impl.encoding.ByteBufferWithInfo;
import com.sun.corba.se.impl.encoding.BufferManagerWrite;
import com.sun.corba.se.pept.encoding.OutputObject;
import com.sun.corba.se.pept.transport.Connection;
import com.sun.corba.se.spi.orb.ORB;
import com.sun.corba.se.spi.orb.ORBData;
public class BufferManagerWriteGrow extends BufferManagerWrite
{
@ -48,7 +50,20 @@ public class BufferManagerWriteGrow extends BufferManagerWrite
* buffer manager as set in the ORB.
*/
public int getBufferSize() {
return orb.getORBData().getGIOPBufferSize();
ORBData orbData = null;
int bufferSize = ORBConstants.GIOP_DEFAULT_BUFFER_SIZE;
if (orb != null) {
orbData = orb.getORBData();
if (orbData != null) {
bufferSize = orbData.getGIOPBufferSize();
dprint("BufferManagerWriteGrow.getBufferSize: bufferSize == " + bufferSize);
} else {
dprint("BufferManagerWriteGrow.getBufferSize: orbData reference is NULL");
}
} else {
dprint("BufferManagerWriteGrow.getBufferSize: orb reference is NULL");
}
return bufferSize;
}
public void overflow (ByteBufferWithInfo bbwi)
@ -89,4 +104,9 @@ public class BufferManagerWriteGrow extends BufferManagerWrite
*/
public void close() {}
private void dprint(String msg) {
if (orb.transportDebugFlag) {
ORBUtility.dprint(this, msg);
}
}
}

9
src/java.corba/share/classes/com/sun/corba/se/impl/encoding/CDRInputStream_1_0.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -725,12 +725,14 @@ public class CDRInputStream_1_0 extends CDRInputStreamBase
// IDLEntity.class.isAssignableFrom( clz ).
// 3. If clz is an interface, use it to create the appropriate
// stub factory.
public org.omg.CORBA.Object read_Object(Class clz)
{
// In any case, we must first read the IOR.
IOR ior = IORFactories.makeIOR(parent) ;
if (ior.isNil())
if (ior.isNil()) {
return null ;
}
PresentationManager.StubFactoryFactory sff = ORB.getStubFactoryFactory() ;
String codeBase = ior.getProfile().getCodebase() ;
@ -739,6 +741,7 @@ public class CDRInputStream_1_0 extends CDRInputStreamBase
if (clz == null) {
RepositoryId rid = RepositoryId.cache.getId( ior.getTypeId() ) ;
String className = rid.getClassName() ;
orb.validateIORClass(className);
boolean isIDLInterface = rid.isIDLType() ;
if (className == null || className.equals( "" ))
@ -761,11 +764,9 @@ public class CDRInputStream_1_0 extends CDRInputStreamBase
} else {
// clz is an interface class
boolean isIDL = IDLEntity.class.isAssignableFrom( clz ) ;
stubFactory = sff.createStubFactory( clz.getName(),
isIDL, codeBase, clz, clz.getClassLoader() ) ;
}
return internalIORToObject( ior, stubFactory, orb ) ;
}

179
src/java.corba/share/classes/com/sun/corba/se/impl/ior/IORTypeCheckRegistryImpl.java Normal file
View File

@ -0,0 +1,179 @@
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.corba.se.impl.ior;
import java.util.Set;
import com.sun.corba.se.impl.orbutil.ORBUtility;
import com.sun.corba.se.spi.ior.IORTypeCheckRegistry;
import com.sun.corba.se.spi.orb.ORB;
public class IORTypeCheckRegistryImpl implements IORTypeCheckRegistry {
private final Set<String> iorTypeNames;
private static final Set<String> builtinIorTypeNames;
private ORB theOrb;
static {
builtinIorTypeNames = initBuiltinIorTypeNames();
}
public IORTypeCheckRegistryImpl( String filterProperties, ORB orb) {
theOrb = orb;
iorTypeNames = parseIorClassNameList(filterProperties);
}
/*
*
* A note on the validation flow:
* 1. against the filter class name list
* 2. against the builtin class name list
*/
@Override
public boolean isValidIORType(String iorClassName) {
dprintTransport(".isValidIORType : iorClassName == " + iorClassName);
return validateIorTypeByName(iorClassName);
}
private boolean validateIorTypeByName(String iorClassName) {
dprintTransport(".validateIorTypeByName : iorClassName == " + iorClassName);
boolean isValidType;
isValidType = checkIorTypeNames(iorClassName);
if (!isValidType) {
isValidType = checkBuiltinClassNames(iorClassName);
}
dprintTransport(".validateIorTypeByName : isValidType == " + isValidType);
return isValidType;
}
/*
* check if the class name corresponding to an IOR Type name
* is in the ior class name list as generated from the filter property.
* So if the IOR type is recorded in the registry then allow the creation of the
* stub factory and let it resolve and load the class. That is if current
* type check deliberation permits.
* IOR Type names are configured by the filter property
*/
private boolean checkIorTypeNames(
String theIorClassName) {
return (iorTypeNames != null) && (iorTypeNames.contains(theIorClassName));
}
/*
* Check the IOR interface class name against the set of
* class names that correspond to the builtin JDK IDL stub classes.
*/
private boolean checkBuiltinClassNames(
String theIorClassName) {
return builtinIorTypeNames.contains(theIorClassName);
}
private Set<String> parseIorClassNameList(String filterProperty) {
Set<String> _iorTypeNames = null;
if (filterProperty != null) {
String[] tempIorClassNames = filterProperty.split(";");
_iorTypeNames = Set.<String>of(tempIorClassNames);
if (theOrb.orbInitDebugFlag) {
dprintConfiguredIorTypeNames();
}
}
return _iorTypeNames;
}
private static Set<String> initBuiltinIorTypeNames() {
Set<Class<?>> builtInCorbaStubTypes = initBuiltInCorbaStubTypes();
String [] tempBuiltinIorTypeNames = new String[builtInCorbaStubTypes.size()];
int i = 0;
for (Class<?> _stubClass: builtInCorbaStubTypes) {
tempBuiltinIorTypeNames[i++] = _stubClass.getName();
}
return Set.<String>of(tempBuiltinIorTypeNames);
}
private static Set<Class<?>> initBuiltInCorbaStubTypes() {
Class<?> tempBuiltinCorbaStubTypes[] = {
com.sun.corba.se.spi.activation.Activator.class,
com.sun.corba.se.spi.activation._ActivatorStub.class,
com.sun.corba.se.spi.activation._InitialNameServiceStub.class,
com.sun.corba.se.spi.activation._LocatorStub.class,
com.sun.corba.se.spi.activation._RepositoryStub.class,
com.sun.corba.se.spi.activation._ServerManagerStub.class,
com.sun.corba.se.spi.activation._ServerStub.class,
org.omg.CosNaming.BindingIterator.class,
org.omg.CosNaming._BindingIteratorStub.class,
org.omg.CosNaming.NamingContextExt.class,
org.omg.CosNaming._NamingContextExtStub.class,
org.omg.CosNaming.NamingContext.class,
org.omg.CosNaming._NamingContextStub.class,
org.omg.DynamicAny.DynAnyFactory.class,
org.omg.DynamicAny._DynAnyFactoryStub.class,
org.omg.DynamicAny.DynAny.class,
org.omg.DynamicAny._DynAnyStub.class,
org.omg.DynamicAny.DynArray.class,
org.omg.DynamicAny._DynArrayStub.class,
org.omg.DynamicAny.DynEnum.class,
org.omg.DynamicAny._DynEnumStub.class,
org.omg.DynamicAny.DynFixed.class,
org.omg.DynamicAny._DynFixedStub.class,
org.omg.DynamicAny.DynSequence.class,
org.omg.DynamicAny._DynSequenceStub.class,
org.omg.DynamicAny.DynStruct.class,
org.omg.DynamicAny._DynStructStub.class,
org.omg.DynamicAny.DynUnion.class,
org.omg.DynamicAny._DynUnionStub.class,
org.omg.DynamicAny._DynValueStub.class,
org.omg.DynamicAny.DynValue.class,
org.omg.PortableServer.ServantActivator.class,
org.omg.PortableServer._ServantActivatorStub.class,
org.omg.PortableServer.ServantLocator.class,
org.omg.PortableServer._ServantLocatorStub.class };
return Set.<Class<?>>of(tempBuiltinCorbaStubTypes);
}
private void dprintConfiguredIorTypeNames() {
if (iorTypeNames != null) {
for (String iorTypeName : iorTypeNames) {
ORBUtility.dprint(this, ".dprintConfiguredIorTypeNames: " + iorTypeName);
}
}
}
private void dprintTransport(String msg) {
if (theOrb.transportDebugFlag) {
ORBUtility.dprint(this, msg);
}
}
}

56
src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -54,6 +54,7 @@ import java.net.InetAddress;
import java.security.PrivilegedAction;
import java.security.AccessController;
import java.security.Security;
import javax.rmi.CORBA.Util;
import javax.rmi.CORBA.ValueHandler;
@ -90,6 +91,7 @@ import com.sun.corba.se.pept.transport.ConnectionCache;
import com.sun.corba.se.pept.transport.TransportManager;
import com.sun.corba.se.spi.ior.IOR;
import com.sun.corba.se.spi.ior.IORTypeCheckRegistry;
import com.sun.corba.se.spi.ior.IdentifiableFactoryFinder;
import com.sun.corba.se.spi.ior.TaggedComponentFactoryFinder;
import com.sun.corba.se.spi.ior.IORFactories;
@ -124,6 +126,7 @@ import com.sun.corba.se.spi.orb.StringPair;
import com.sun.corba.se.spi.transport.CorbaContactInfoListFactory;
import com.sun.corba.se.spi.transport.CorbaTransportManager;
import com.sun.corba.se.spi.legacy.connection.LegacyServerSocketManager;
import com.sun.corba.se.spi.logging.CORBALogDomains;
import com.sun.corba.se.spi.copyobject.CopierManager;
import com.sun.corba.se.spi.presentation.rmi.PresentationDefaults;
import com.sun.corba.se.spi.presentation.rmi.PresentationManager;
@ -145,6 +148,7 @@ import com.sun.corba.se.impl.encoding.EncapsOutputStream;
import com.sun.corba.se.impl.encoding.CachedCodeBase;
import com.sun.corba.se.impl.interceptors.PIHandlerImpl;
import com.sun.corba.se.impl.interceptors.PINoOpHandlerImpl;
import com.sun.corba.se.impl.ior.IORTypeCheckRegistryImpl;
import com.sun.corba.se.impl.ior.TaggedComponentFactoryFinderImpl;
import com.sun.corba.se.impl.ior.TaggedProfileFactoryFinderImpl;
import com.sun.corba.se.impl.ior.TaggedProfileTemplateFactoryFinderImpl;
@ -226,6 +230,8 @@ public class ORBImpl extends com.sun.corba.se.spi.orb.ORB
private ServiceContextRegistry serviceContextRegistry ;
private IORTypeCheckRegistry iorTypeCheckRegistry;
// Needed here to implement connect/disconnect
private TOAFactory toaFactory ;
@ -274,6 +280,8 @@ public class ORBImpl extends com.sun.corba.se.spi.orb.ORB
// insNamingDelegate.
private final Object resolverLock = new Object() ;
private static final String IORTYPECHECKREGISTRY_FILTER_PROPNAME = "com.sun.CORBA.ORBIorTypeCheckRegistryFilter";
private TaggedComponentFactoryFinder taggedComponentFactoryFinder ;
private IdentifiableFactoryFinder taggedProfileFactoryFinder ;
@ -411,6 +419,39 @@ public class ORBImpl extends com.sun.corba.se.spi.orb.ORB
};
serviceContextRegistry = new ServiceContextRegistry( this ) ;
}
private void initIORTypeCheckRegistry() {
String filterProps = AccessController
.doPrivileged(new PrivilegedAction<String>() {
public String run() {
String props = System
.getProperty(IORTYPECHECKREGISTRY_FILTER_PROPNAME);
if (props == null) {
props = Security
.getProperty(IORTYPECHECKREGISTRY_FILTER_PROPNAME);
}
return props;
}
});
if (filterProps != null) {
try {
iorTypeCheckRegistry = new IORTypeCheckRegistryImpl(filterProps, this);
} catch (Exception ex) {
throw wrapper.bootstrapException(ex);
}
if (this.orbInitDebugFlag) {
dprint(".initIORTypeCheckRegistry, IORTypeCheckRegistryImpl created for properties == "
+ filterProps);
}
} else {
if (this.orbInitDebugFlag) {
dprint(".initIORTypeCheckRegistry, IORTypeCheckRegistryImpl NOT created for properties == ");
}
}
}
protected void setDebugFlags( String[] args )
@ -494,6 +535,8 @@ public class ORBImpl extends com.sun.corba.se.spi.orb.ORB
getThreadPoolManager();
super.getByteBufferPool();
initIORTypeCheckRegistry();
}
private synchronized POAFactory getPOAFactory()
@ -2089,6 +2132,17 @@ public class ORBImpl extends com.sun.corba.se.spi.orb.ORB
}
return copierManager ;
}
@Override
public void validateIORClass(String iorClassName) {
if (iorTypeCheckRegistry != null) {
if (!iorTypeCheckRegistry.isValidIORType(iorClassName)) {
throw ORBUtilSystemException.get( this,
CORBALogDomains.OA_IOR ).badStringifiedIor();
}
}
}
} // Class ORBImpl
////////////////////////////////////////////////////////////////////////

9
src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBSingleton.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -768,6 +768,13 @@ public class ORBSingleton extends ORB
public CopierManager getCopierManager() {
return null ;
}
@Override
public void validateIORClass(String iorClassName) {
getFullORB().validateIORClass(iorClassName);
}
}
// End of file.

31
src/java.corba/share/classes/com/sun/corba/se/spi/ior/IORTypeCheckRegistry.java Normal file
View File

@ -0,0 +1,31 @@
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.corba.se.spi.ior;
public interface IORTypeCheckRegistry {
public boolean isValidIORType(String iorClassName);
}

21
src/java.corba/share/classes/com/sun/corba/se/spi/orb/ORB.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -121,6 +121,7 @@ public abstract class ORB extends com.sun.corba.se.org.omg.CORBA.ORB
public boolean shutdownDebugFlag = false;
public boolean giopDebugFlag = false;
public boolean invocationTimingDebugFlag = false ;
public boolean orbInitDebugFlag = false ;
// SystemException log wrappers. Protected so that they can be used in
// subclasses.
@ -487,6 +488,24 @@ public abstract class ORB extends com.sun.corba.se.org.omg.CORBA.ORB
public abstract ThreadPoolManager getThreadPoolManager();
public abstract CopierManager getCopierManager() ;
/*
* This method is called to verify that a stringified IOR passed to
* an org.omg.CORBA.ORB::string_to_object method contains a valid and acceptable IOR type.
* If an ORB is configured with IOR type checking enabled,
* the ORB executes a IOR type registry lookup to
* validate that the class name extract from a type id in
* a stringified IOR is a known and accepted type.
* A CORBA {@code org.omg.CORBA.DATA_CONVERSION} exception will be thrown should the type check fail.
*
* @param iorClassName
* a string representing the class name corresponding to the type id of an IOR
* @throws org.omg.CORBA.DATA_CONVERSION
* exception with an indication that it is a "Bad stringified IOR", which is thrown
* when the type check fails.
*/
public abstract void validateIORClass(String iorClassName);
}
// End of file.