From 34e103f04b6e3983dc6178d4e0cf8c8954748534 Mon Sep 17 00:00:00 2001
From: Weijun Wang <weijun@openjdk.org>
Date: Tue, 26 Aug 2014 16:42:31 +0800
Subject: [PATCH] 8055901: Update policytool for jdk.net.NetworkPermission

Reviewed-by: michaelm
---
 .../share/classes/java/net/NetPermission.java | 32 +++++++++----------
 .../security/tools/policytool/PolicyTool.java | 15 +++++++++
 2 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/jdk/src/java.base/share/classes/java/net/NetPermission.java b/jdk/src/java.base/share/classes/java/net/NetPermission.java
index 9178f348723..dad3fb99f32 100644
--- a/jdk/src/java.base/share/classes/java/net/NetPermission.java
+++ b/jdk/src/java.base/share/classes/java/net/NetPermission.java
@@ -72,10 +72,10 @@ import java.util.StringTokenizer;
  *   </tr>
  *
  * <tr>
- *  <td>getNetworkInformation</td>
- *  <td>The ability to retrieve all information about local network interfaces.</td>
- *  <td>Malicious code can read information about network hardware such as
- *  MAC addresses, which could be used to construct local IPv6 addresses.</td>
+ *   <td>getNetworkInformation</td>
+ *   <td>The ability to retrieve all information about local network interfaces.</td>
+ *   <td>Malicious code can read information about network hardware such as
+ *   MAC addresses, which could be used to construct local IPv6 addresses.</td>
  * </tr>
  *
  * <tr>
@@ -98,8 +98,8 @@ import java.util.StringTokenizer;
  * <tr>
  *   <td>requestPasswordAuthentication</td>
  *   <td>The ability
- * to ask the authenticator registered with the system for
- * a password</td>
+ *   to ask the authenticator registered with the system for
+ *   a password</td>
  *   <td>Malicious code may steal this password.</td>
  * </tr>
  *
@@ -116,11 +116,11 @@ import java.util.StringTokenizer;
  * <tr>
  *   <td>setDefaultAuthenticator</td>
  *   <td>The ability to set the
- * way authentication information is retrieved when
- * a proxy or HTTP server asks for authentication</td>
+ *   way authentication information is retrieved when
+ *   a proxy or HTTP server asks for authentication</td>
  *   <td>Malicious
- * code can set an authenticator that monitors and steals user
- * authentication input as it retrieves the input from the user.</td>
+ *   code can set an authenticator that monitors and steals user
+ *   authentication input as it retrieves the input from the user.</td>
  * </tr>
  *
  * <tr>
@@ -143,13 +143,13 @@ import java.util.StringTokenizer;
  * <tr>
  *   <td>specifyStreamHandler</td>
  *   <td>The ability
- * to specify a stream handler when constructing a URL</td>
+ *   to specify a stream handler when constructing a URL</td>
  *   <td>Malicious code may create a URL with resources that it would
-normally not have access to (like file:/foo/fum/), specifying a
-stream handler that gets the actual bytes from someplace it does
-have access to. Thus it might be able to trick the system into
-creating a ProtectionDomain/CodeSource for a class even though
-that class really didn't come from that location.</td>
+ *   normally not have access to (like file:/foo/fum/), specifying a
+ *   stream handler that gets the actual bytes from someplace it does
+ *   have access to. Thus it might be able to trick the system into
+ *   creating a ProtectionDomain/CodeSource for a class even though
+ *   that class really didn't come from that location.</td>
  * </tr>
  * </table>
  *
diff --git a/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java b/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java
index fa667841b28..7e2e8beea86 100644
--- a/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java
+++ b/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java
@@ -1695,6 +1695,7 @@ class ToolDialog extends JDialog {
         PERM_ARRAY.add(new MBeanSvrPerm());
         PERM_ARRAY.add(new MBeanTrustPerm());
         PERM_ARRAY.add(new NetPerm());
+        PERM_ARRAY.add(new NetworkPerm());
         PERM_ARRAY.add(new PrivCredPerm());
         PERM_ARRAY.add(new PropPerm());
         PERM_ARRAY.add(new ReflectPerm());
@@ -4321,9 +4322,11 @@ class NetPerm extends Perm {
     super("NetPermission",
         "java.net.NetPermission",
         new String[]    {
+                "allowHttpTrace",
                 "setDefaultAuthenticator",
                 "requestPasswordAuthentication",
                 "specifyStreamHandler",
+                "getNetworkInformation",
                 "setProxySelector",
                 "getProxySelector",
                 "setCookieHandler",
@@ -4335,6 +4338,18 @@ class NetPerm extends Perm {
     }
 }
 
+class NetworkPerm extends Perm {
+    public NetworkPerm() {
+    super("NetworkPermission",
+        "jdk.net.NetworkPermission",
+        new String[]    {
+                "setOption.SO_FLOW_SLA",
+                "getOption.SO_FLOW_SLA"
+                },
+        null);
+    }
+}
+
 class PrivCredPerm extends Perm {
     public PrivCredPerm() {
     super("PrivateCredentialPermission",