diff --git a/jdk/src/share/classes/com/sun/naming/internal/ResourceManager.java b/jdk/src/share/classes/com/sun/naming/internal/ResourceManager.java
index d02faa63cba..ec46bfdf2c0 100644
--- a/jdk/src/share/classes/com/sun/naming/internal/ResourceManager.java
+++ b/jdk/src/share/classes/com/sun/naming/internal/ResourceManager.java
@@ -25,11 +25,12 @@
package com.sun.naming.internal;
-import java.applet.Applet;
import java.io.InputStream;
import java.io.IOException;
import java.net.URL;
import java.lang.ref.WeakReference;
+import java.lang.reflect.Method;
+import java.lang.reflect.InvocationTargetException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
@@ -112,6 +113,52 @@ public final class ResourceManager {
private static final WeakHashMap urlFactoryCache = new WeakHashMap(11);
private static final WeakReference NO_FACTORY = new WeakReference(null);
+ /**
+ * A class to allow JNDI properties be specified as applet parameters
+ * without creating a static dependency on java.applet.
+ */
+ private static class AppletParameter {
+ private static final Class clazz = getClass("java.applet.Applet");
+ private static final Method getMethod =
+ getMethod(clazz, "getParameter", String.class);
+ private static Class getClass(String name) {
+ try {
+ return Class.forName(name, true, null);
+ } catch (ClassNotFoundException e) {
+ return null;
+ }
+ }
+ private static Method getMethod(Class clazz,
+ String name,
+ Class... paramTypes)
+ {
+ if (clazz != null) {
+ try {
+ return clazz.getMethod(name, paramTypes);
+ } catch (NoSuchMethodException e) {
+ throw new AssertionError(e);
+ }
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Returns the value of the applet's named parameter.
+ */
+ static Object get(Object applet, String name) {
+ // if clazz is null then applet cannot be an Applet.
+ if (clazz == null || !clazz.isInstance(applet))
+ throw new ClassCastException(applet.getClass().getName());
+ try {
+ return getMethod.invoke(applet, name);
+ } catch (InvocationTargetException e) {
+ throw new AssertionError(e);
+ } catch (IllegalAccessException iae) {
+ throw new AssertionError(iae);
+ }
+ }
+ }
// There should be no instances of this class.
private ResourceManager() {
@@ -143,7 +190,7 @@ public final class ResourceManager {
if (env == null) {
env = new Hashtable(11);
}
- Applet applet = (Applet)env.get(Context.APPLET);
+ Object applet = env.get(Context.APPLET);
// Merge property values from env param, applet params, and system
// properties. The first value wins: there's no concatenation of
@@ -157,7 +204,7 @@ public final class ResourceManager {
Object val = env.get(props[i]);
if (val == null) {
if (applet != null) {
- val = applet.getParameter(props[i]);
+ val = AppletParameter.get(applet, props[i]);
}
if (val == null) {
// Read system property.
diff --git a/jdk/src/share/classes/java/lang/Enum.java b/jdk/src/share/classes/java/lang/Enum.java
index 5df8146c1d4..30ae3d8697b 100644
--- a/jdk/src/share/classes/java/lang/Enum.java
+++ b/jdk/src/share/classes/java/lang/Enum.java
@@ -40,10 +40,17 @@ import java.io.ObjectStreamException;
* Edition, §8.9.
*
+ * Note that when using an enumeration type as the type of a set
+ * or as the type of the keys in a map, specialized and efficient
+ * {@linkplain java.util.EnumSet set} and {@linkplain
+ * java.util.EnumMap map} implementations are available.
+ *
* @param The enum type subclass
* @author Josh Bloch
* @author Neal Gafter
* @see Class#getEnumConstants()
+ * @see java.util.EnumSet
+ * @see java.util.EnumMap
* @since 1.5
*/
public abstract class Enum>
diff --git a/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java b/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java
index 1f94a4c5a15..a48f6b19867 100644
--- a/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java
+++ b/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java
@@ -44,6 +44,8 @@ import java.lang.annotation.Annotation;
* as Java Object Serialization or other persistence mechanisms, to
* manipulate objects in a manner that would normally be prohibited.
*
+ * By default, a reflected object is not accessible.
+ *
* @see Field
* @see Method
* @see Constructor
diff --git a/jdk/src/share/classes/sun/security/provider/SunEntries.java b/jdk/src/share/classes/sun/security/provider/SunEntries.java
index 829ded160d1..817afb8329c 100644
--- a/jdk/src/share/classes/sun/security/provider/SunEntries.java
+++ b/jdk/src/share/classes/sun/security/provider/SunEntries.java
@@ -210,7 +210,7 @@ final class SunEntries {
* CertStores
*/
map.put("CertStore.LDAP",
- "sun.security.provider.certpath.LDAPCertStore");
+ "sun.security.provider.certpath.ldap.LDAPCertStore");
map.put("CertStore.LDAP LDAPSchema", "RFC2587");
map.put("CertStore.Collection",
"sun.security.provider.certpath.CollectionCertStore");
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/CertStoreHelper.java b/jdk/src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
new file mode 100644
index 00000000000..a8f234226dc
--- /dev/null
+++ b/jdk/src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.security.provider.certpath;
+
+import java.net.URI;
+import java.util.Collection;
+import java.security.NoSuchAlgorithmException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.cert.CertStore;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509CRLSelector;
+import javax.security.auth.x500.X500Principal;
+import java.io.IOException;
+
+/**
+ * Helper used by URICertStore when delegating to another CertStore to
+ * fetch certs and CRLs.
+ */
+
+public interface CertStoreHelper {
+
+ /**
+ * Returns a CertStore using the given URI as parameters.
+ */
+ CertStore getCertStore(URI uri)
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;
+
+ /**
+ * Wraps an existing X509CertSelector when needing to avoid DN matching
+ * issues.
+ */
+ X509CertSelector wrap(X509CertSelector selector,
+ X500Principal certSubject,
+ String dn)
+ throws IOException;
+
+ /**
+ * Wraps an existing X509CRLSelector when needing to avoid DN matching
+ * issues.
+ */
+ X509CRLSelector wrap(X509CRLSelector selector,
+ Collection certIssuers,
+ String dn)
+ throws IOException;
+}
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java b/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java
index 2665de6d680..dfdd846c5b8 100644
--- a/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java
@@ -64,6 +64,8 @@ public final class OCSP {
private static final Debug debug = Debug.getInstance("certpath");
+ private static final int CONNECT_TIMEOUT = 15000; // 15 seconds
+
private OCSP() {}
/**
@@ -176,6 +178,8 @@ public final class OCSP {
debug.println("connecting to OCSP service at: " + url);
}
HttpURLConnection con = (HttpURLConnection)url.openConnection();
+ con.setConnectTimeout(CONNECT_TIMEOUT);
+ con.setReadTimeout(CONNECT_TIMEOUT);
con.setDoOutput(true);
con.setDoInput(true);
con.setRequestMethod("POST");
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java
index 6f72c7ec185..499a5912aca 100644
--- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java
@@ -25,7 +25,6 @@
package sun.security.provider.certpath;
-import java.io.IOException;
import java.math.BigInteger;
import java.util.*;
import java.security.AccessController;
@@ -335,10 +334,11 @@ class OCSPChecker extends PKIXCertPathChecker {
(issuerCert, currCertImpl.getSerialNumberObject());
response = OCSP.check(Collections.singletonList(certId), uri,
responderCert, pkixParams.getDate());
- } catch (IOException ioe) {
- // should allow this to pass if network failures are acceptable
+ } catch (Exception e) {
+ // Wrap all exceptions in CertPathValidatorException so that
+ // we can fallback to CRLs, if enabled.
throw new CertPathValidatorException
- ("Unable to send OCSP request", ioe);
+ ("Unable to send OCSP request", e);
}
RevocationStatus rs = (RevocationStatus) response.getSingleResponse(certId);
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java b/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java
index 3c0220bbcf9..b042dd78a9b 100644
--- a/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java
@@ -30,6 +30,8 @@ import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URLConnection;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
@@ -120,6 +122,32 @@ class URICertStore extends CertStoreSpi {
private CertStore ldapCertStore;
private String ldapPath;
+ /**
+ * Holder class to lazily load LDAPCertStoreHelper if present.
+ */
+ private static class LDAP {
+ private static final String CERT_STORE_HELPER =
+ "sun.security.provider.certpath.ldap.LDAPCertStoreHelper";
+ private static final CertStoreHelper helper =
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public CertStoreHelper run() {
+ try {
+ Class c = Class.forName(CERT_STORE_HELPER, true, null);
+ return (CertStoreHelper)c.newInstance();
+ } catch (ClassNotFoundException cnf) {
+ return null;
+ } catch (InstantiationException e) {
+ throw new AssertionError(e);
+ } catch (IllegalAccessException e) {
+ throw new AssertionError(e);
+ }
+ }});
+ static CertStoreHelper helper() {
+ return helper;
+ }
+ }
+
/**
* Creates a URICertStore.
*
@@ -135,9 +163,10 @@ class URICertStore extends CertStoreSpi {
this.uri = ((URICertStoreParameters) params).uri;
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase().equals("ldap")) {
+ if (LDAP.helper() == null)
+ throw new NoSuchAlgorithmException("LDAP not present");
ldap = true;
- ldapCertStore =
- LDAPCertStore.getInstance(LDAPCertStore.getParameters(uri));
+ ldapCertStore = LDAP.helper().getCertStore(uri);
ldapPath = uri.getPath();
// strip off leading '/'
if (ldapPath.charAt(0) == '/') {
@@ -219,8 +248,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CertSelector xsel = (X509CertSelector) selector;
try {
- xsel = new LDAPCertStore.LDAPCertSelector
- (xsel, xsel.getSubject(), ldapPath);
+ xsel = LDAP.helper().wrap(xsel, xsel.getSubject(), ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
@@ -340,7 +368,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CRLSelector xsel = (X509CRLSelector) selector;
try {
- xsel = new LDAPCertStore.LDAPCRLSelector(xsel, null, ldapPath);
+ xsel = LDAP.helper().wrap(xsel, null, ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/LDAPCertStore.java b/jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
similarity index 99%
rename from jdk/src/share/classes/sun/security/provider/certpath/LDAPCertStore.java
rename to jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
index f7b567bef39..3517245e550 100644
--- a/jdk/src/share/classes/sun/security/provider/certpath/LDAPCertStore.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
@@ -23,7 +23,7 @@
* have any questions.
*/
-package sun.security.provider.certpath;
+package sun.security.provider.certpath.ldap;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@@ -46,6 +46,7 @@ import java.security.cert.*;
import javax.security.auth.x500.X500Principal;
import sun.misc.HexDumpEncoder;
+import sun.security.provider.certpath.X509CertificatePair;
import sun.security.util.Cache;
import sun.security.util.Debug;
import sun.security.x509.X500Name;
diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java b/jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
new file mode 100644
index 00000000000..3667022d04d
--- /dev/null
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.security.provider.certpath.ldap;
+
+import java.net.URI;
+import java.util.Collection;
+import java.security.NoSuchAlgorithmException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.cert.CertStore;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509CRLSelector;
+import javax.security.auth.x500.X500Principal;
+import java.io.IOException;
+
+import sun.security.provider.certpath.CertStoreHelper;
+
+/**
+ * LDAP implementation of CertStoreHelper.
+ */
+
+public class LDAPCertStoreHelper
+ implements CertStoreHelper
+{
+ public LDAPCertStoreHelper() { }
+
+ @Override
+ public CertStore getCertStore(URI uri)
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException
+ {
+ return LDAPCertStore.getInstance(LDAPCertStore.getParameters(uri));
+ }
+
+ @Override
+ public X509CertSelector wrap(X509CertSelector selector,
+ X500Principal certSubject,
+ String ldapDN)
+ throws IOException
+ {
+ return new LDAPCertStore.LDAPCertSelector(selector, certSubject, ldapDN);
+ }
+
+ @Override
+ public X509CRLSelector wrap(X509CRLSelector selector,
+ Collection certIssuers,
+ String ldapDN)
+ throws IOException
+ {
+ return new LDAPCertStore.LDAPCRLSelector(selector, certIssuers, ldapDN);
+ }
+}
diff --git a/jdk/test/java/lang/management/RuntimeMXBean/GetSystemProperties.java b/jdk/test/java/lang/management/RuntimeMXBean/GetSystemProperties.java
index 6a324bfcd53..5a655378462 100644
--- a/jdk/test/java/lang/management/RuntimeMXBean/GetSystemProperties.java
+++ b/jdk/test/java/lang/management/RuntimeMXBean/GetSystemProperties.java
@@ -49,6 +49,21 @@ public class GetSystemProperties {
private static final String VALUE4 = "test.property.value4";
public static void main(String[] argv) throws Exception {
+ // Save a copy of the original system properties
+ Properties props = System.getProperties();
+
+ try {
+ // replace the system Properties object for any modification
+ // in case jtreg caches a copy
+ System.setProperties(new Properties(props));
+ runTest();
+ } finally {
+ // restore original system properties
+ System.setProperties(props);
+ }
+ }
+
+ private static void runTest() throws Exception {
RuntimeMXBean mbean = ManagementFactory.getRuntimeMXBean();
// Print all system properties
@@ -88,7 +103,10 @@ public class GetSystemProperties {
Map props2 = mbean.getSystemProperties();
// expect the system properties returned should be
// same as the one before adding KEY3 and KEY4
- props1.equals(props2);
+ if (!props1.equals(props2)) {
+ throw new RuntimeException("Two copies of system properties " +
+ "are expected to be equal");
+ }
System.out.println("Test passed.");
}
diff --git a/jdk/test/java/lang/management/RuntimeMXBean/PropertiesTest.java b/jdk/test/java/lang/management/RuntimeMXBean/PropertiesTest.java
index 2900b3c3dfb..047f291dfbd 100644
--- a/jdk/test/java/lang/management/RuntimeMXBean/PropertiesTest.java
+++ b/jdk/test/java/lang/management/RuntimeMXBean/PropertiesTest.java
@@ -40,8 +40,21 @@ import java.lang.management.RuntimeMXBean;
public class PropertiesTest {
private static int NUM_MYPROPS = 3;
public static void main(String[] argv) throws Exception {
- Properties sysProps = System.getProperties();
+ // Save a copy of the original system properties
+ Properties props = System.getProperties();
+ try {
+ // replace the system Properties object for any modification
+ // in case jtreg caches a copy
+ System.setProperties(new Properties(props));
+ runTest(props.size());
+ } finally {
+ // restore original system properties
+ System.setProperties(props);
+ }
+ }
+
+ private static void runTest(int sysPropsCount) throws Exception {
// Create a new system properties using the old one
// as the defaults
Properties myProps = new Properties( System.getProperties() );
@@ -65,10 +78,10 @@ public class PropertiesTest {
System.out.println(i++ + ": " + key + " : " + value);
}
- if (props.size() != NUM_MYPROPS + sysProps.size()) {
+ if (props.size() != NUM_MYPROPS + sysPropsCount) {
throw new RuntimeException("Test Failed: " +
"Expected number of properties = " +
- NUM_MYPROPS + sysProps.size() +
+ NUM_MYPROPS + sysPropsCount +
" but found = " + props.size());
}
}
diff --git a/jdk/test/java/lang/reflect/DefaultAccessibility.java b/jdk/test/java/lang/reflect/DefaultAccessibility.java
new file mode 100644
index 00000000000..0f74d044ef6
--- /dev/null
+++ b/jdk/test/java/lang/reflect/DefaultAccessibility.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6648344
+ * @summary Test that default accessibility is false
+ * @author Joseph D. Darcy
+ */
+
+import java.lang.reflect.*;
+
+public class DefaultAccessibility {
+ private DefaultAccessibility() {
+ super();
+ }
+
+ private static int f = 42;
+
+ public static void main(String... args) throws Exception {
+ Class daClass = (new DefaultAccessibility()).getClass();
+
+ int elementCount = 0;
+ for(Constructor ctor : daClass.getDeclaredConstructors()) {
+ elementCount++;
+ if (ctor.isAccessible())
+ throw new RuntimeException("Unexpected accessibility for constructor " +
+ ctor);
+ }
+
+ for(Method method : daClass.getDeclaredMethods()) {
+ elementCount++;
+ if (method.isAccessible())
+ throw new RuntimeException("Unexpected accessibility for method " +
+ method);
+ }
+
+ for(Field field : daClass.getDeclaredFields()) {
+ elementCount++;
+ if (field.isAccessible())
+ throw new RuntimeException("Unexpected accessibility for field " +
+ field);
+ }
+
+ if (elementCount < 3)
+ throw new RuntimeException("Expected at least three members; only found " +
+ elementCount);
+ }
+}