diff --git a/jdk/src/share/classes/java/security/CodeSource.java b/jdk/src/share/classes/java/security/CodeSource.java index b821a4ec9c1..94cdcef59e4 100644 --- a/jdk/src/share/classes/java/security/CodeSource.java +++ b/jdk/src/share/classes/java/security/CodeSource.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -114,7 +114,7 @@ public class CodeSource implements java.io.Serializable { * * @return a hash code value for this object. */ - + @Override public int hashCode() { if (location != null) return location.hashCode(); @@ -133,6 +133,7 @@ public class CodeSource implements java.io.Serializable { * * @return true if the objects are considered equal, false otherwise. */ + @Override public boolean equals(Object obj) { if (obj == this) return true; @@ -231,10 +232,10 @@ public class CodeSource implements java.io.Serializable { /** * Returns true if this CodeSource object "implies" the specified CodeSource. - *

- * More specifically, this method makes the following checks, in order. + *

+ * More specifically, this method makes the following checks. * If any fail, it returns false. If they all succeed, it returns true.

- *

    + *
+ * + * *

* For example, the codesource objects with the following locations * and null certificates all imply @@ -369,92 +371,96 @@ public class CodeSource implements java.io.Serializable { * * @param that CodeSource to compare against */ - private boolean matchLocation(CodeSource that) - { - if (location == null) { - return true; - } + private boolean matchLocation(CodeSource that) { + if (location == null) + return true; - if ((that == null) || (that.location == null)) + if ((that == null) || (that.location == null)) + return false; + + if (location.equals(that.location)) + return true; + + if (!location.getProtocol().equalsIgnoreCase(that.location.getProtocol())) + return false; + + int thisPort = location.getPort(); + if (thisPort != -1) { + int thatPort = that.location.getPort(); + int port = thatPort != -1 ? thatPort + : that.location.getDefaultPort(); + if (thisPort != port) return false; - - if (location.equals(that.location)) - return true; - - if (!location.getProtocol().equals(that.location.getProtocol())) - return false; - - String thisHost = location.getHost(); - String thatHost = that.location.getHost(); - - if (thisHost != null) { - if (("".equals(thisHost) || "localhost".equals(thisHost)) && - ("".equals(thatHost) || "localhost".equals(thatHost))) { - // ok - } else if (!thisHost.equals(thatHost)) { - if (thatHost == null) { - return false; - } - if (this.sp == null) { - this.sp = new SocketPermission(thisHost, "resolve"); - } - if (that.sp == null) { - that.sp = new SocketPermission(thatHost, "resolve"); - } - if (!this.sp.implies(that.sp)) { - return false; - } - } - } - - if (location.getPort() != -1) { - if (location.getPort() != that.location.getPort()) - return false; - } - - if (location.getFile().endsWith("/-")) { - // Matches the directory and (recursively) all files - // and subdirectories contained in that directory. - // For example, "/a/b/-" implies anything that starts with - // "/a/b/" - String thisPath = location.getFile().substring(0, - location.getFile().length()-1); - if (!that.location.getFile().startsWith(thisPath)) - return false; - } else if (location.getFile().endsWith("/*")) { - // Matches the directory and all the files contained in that - // directory. - // For example, "/a/b/*" implies anything that starts with - // "/a/b/" but has no further slashes - int last = that.location.getFile().lastIndexOf('/'); - if (last == -1) - return false; - String thisPath = location.getFile().substring(0, - location.getFile().length()-1); - String thatPath = that.location.getFile().substring(0, last+1); - if (!thatPath.equals(thisPath)) - return false; - } else { - // Exact matches only. - // For example, "/a/b" and "/a/b/" both imply "/a/b/" - if ((!that.location.getFile().equals(location.getFile())) - && (!that.location.getFile().equals(location.getFile()+"/"))) { - return false; - } - } - - if (location.getRef() == null) - return true; - else - return location.getRef().equals(that.location.getRef()); } + if (location.getFile().endsWith("/-")) { + // Matches the directory and (recursively) all files + // and subdirectories contained in that directory. + // For example, "/a/b/-" implies anything that starts with + // "/a/b/" + String thisPath = location.getFile().substring(0, + location.getFile().length()-1); + if (!that.location.getFile().startsWith(thisPath)) + return false; + } else if (location.getFile().endsWith("/*")) { + // Matches the directory and all the files contained in that + // directory. + // For example, "/a/b/*" implies anything that starts with + // "/a/b/" but has no further slashes + int last = that.location.getFile().lastIndexOf('/'); + if (last == -1) + return false; + String thisPath = location.getFile().substring(0, + location.getFile().length()-1); + String thatPath = that.location.getFile().substring(0, last+1); + if (!thatPath.equals(thisPath)) + return false; + } else { + // Exact matches only. + // For example, "/a/b" and "/a/b/" both imply "/a/b/" + if ((!that.location.getFile().equals(location.getFile())) + && (!that.location.getFile().equals(location.getFile()+"/"))) { + return false; + } + } + + if (location.getRef() != null + && !location.getRef().equals(that.location.getRef())) { + return false; + } + + String thisHost = location.getHost(); + String thatHost = that.location.getHost(); + if (thisHost != null) { + if (("".equals(thisHost) || "localhost".equals(thisHost)) && + ("".equals(thatHost) || "localhost".equals(thatHost))) { + // ok + } else if (!thisHost.equals(thatHost)) { + if (thatHost == null) { + return false; + } + if (this.sp == null) { + this.sp = new SocketPermission(thisHost, "resolve"); + } + if (that.sp == null) { + that.sp = new SocketPermission(thatHost, "resolve"); + } + if (!this.sp.implies(that.sp)) { + return false; + } + } + } + // everything matches + return true; + } + /** * Returns a string describing this CodeSource, telling its * URL and certificates. * * @return information about this CodeSource. */ + @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("("); diff --git a/jdk/test/java/security/CodeSource/Implies.java b/jdk/test/java/security/CodeSource/Implies.java index bc37dcbed8d..9e4c26bf725 100644 --- a/jdk/test/java/security/CodeSource/Implies.java +++ b/jdk/test/java/security/CodeSource/Implies.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,25 +23,42 @@ /* * @test - * @bug 4866847 - * @summary NullPointerException from CodeSource.matchLocation + * @bug 4866847 7152564 7155693 + * @summary various CodeSource.implies tests */ import java.security.CodeSource; -import java.net.*; +import java.net.URL; public class Implies { public static void main(String[] args) throws Exception { URL thisURL = new URL("http", "localhost", "file"); URL thatURL = new URL("http", null, "file"); + // should not throw NullPointerException + testImplies(thisURL, thatURL, false); + + thisURL = new URL("http", "localhost", "dir/-"); + thatURL = new URL("HTTP", "localhost", "dir/file"); + // protocol check should ignore case + testImplies(thisURL, thatURL, true); + + thisURL = new URL("http", "localhost", 80, "dir/-"); + thatURL = new URL("HTTP", "localhost", "dir/file"); + // port check should match default port of thatURL + testImplies(thisURL, thatURL, true); + + System.out.println("test passed"); + } + + private static void testImplies(URL thisURL, URL thatURL, boolean result) + throws SecurityException + { CodeSource thisCs = new CodeSource(thisURL, (java.security.cert.Certificate[]) null); CodeSource thatCs = new CodeSource(thatURL, (java.security.cert.Certificate[]) null); - - if (thisCs.implies(thatCs)) { + if (thisCs.implies(thatCs) != result) { throw new SecurityException("test failed"); } - System.out.println("test passed"); } }