Merge

commit: 87aa86decb67d4d4a760f92fa518ab52e7afad93 [log] [tgz]
author: J. Duke <duke@openjdk.org> Fri Feb 05 12:01:16 2021 -0800
committer: J. Duke <duke@openjdk.org> Fri Feb 05 12:01:16 2021 -0800
tree: fedb0bac9dc7d94105acc7b621dfc69b1926161b
parent: 8184a34d6393526e0916e89bc0741b834454c0bf [diff]
parent: fe62d397d3d5c0f5feb2e65d4dacb288c59cee1a [diff]
diff --git a/.hgtags-top-repo b/.hgtags-top-repo
index 2da0b7c..8b3697f 100644
--- a/.hgtags-top-repo
+++ b/.hgtags-top-repo

@@ -443,3 +443,4 @@
 e6edc89f5b2dc6dacd6041305e942a3f04a25ce5 jdk-9.0.1+11
 3a64fdb24a8c26e2d7d32864dad4425a9496b90d jdk-9.0.4+00
 726bf8524f7d3780518ada8648488ad4a7bfe6a2 jdk-9.0.4+1
+8055b6778ac8fc6bb165082230951cc8f146f8fd jdk-9.0.4+2

diff --git a/corba/.hgtags b/corba/.hgtags
index e7f0c63..e7e1afc 100644
--- a/corba/.hgtags
+++ b/corba/.hgtags

@@ -439,3 +439,4 @@
 f67e7e2c01929cfe7a1a3cb2f4b279c1d4fee120 jdk-9.0.1+11
 0876f7e30c48b7cc0b3c15fcd3860522b1f4ae38 jdk-9.0.4+00
 03683a1b2e25231ea6305c91cae4cf83d01738f0 jdk-9.0.4+1
+bcb2300e20962172f7b94ba422d3e634d4f2c62c jdk-9.0.4+2

diff --git a/hotspot/.hgtags b/hotspot/.hgtags
index 3e6b487..603b6d7 100644
--- a/hotspot/.hgtags
+++ b/hotspot/.hgtags

@@ -599,3 +599,4 @@
 3546eb2ee2693043eb107d980ce5b72fe7f8f47a jdk-9.0.1+11
 5be37d3ef648d06850aa164d8b22ac7539559e80 jdk-9.0.4+00
 46290b7298be50f9a70d27465d50d1675732f0af jdk-9.0.4+1
+dab4c60adabfb8ea35cfcd96a7218994a84d652f jdk-9.0.4+2

diff --git a/jaxp/.hgtags b/jaxp/.hgtags
index eb53c65..37e1cd7 100644
--- a/jaxp/.hgtags
+++ b/jaxp/.hgtags

@@ -439,3 +439,4 @@
 067a3eada8b593daa7c27c9d68e201822a530344 jdk-9.0.1+11
 04e8b60cb228668ebcc456c0c810bf783ab62e6f jdk-9.0.4+00
 67b943123ad883e5a59734ee20b9ab899dae823c jdk-9.0.4+1
+2cb55df963aed0adc48361012bbb7b78253d8017 jdk-9.0.4+2

diff --git a/jaxws/.hgtags b/jaxws/.hgtags
index 6795d11..7167396 100644
--- a/jaxws/.hgtags
+++ b/jaxws/.hgtags

@@ -442,3 +442,4 @@
 b8e948250ebbb8ceb0deb2ff5d102bbe62cc0122 jdk-9.0.1+11
 dd3fd1a7a076df906dfe76b74fd3385f6e4b7df3 jdk-9.0.4+00
 211ec44cd237417fd72eaf36194e1afad7efc934 jdk-9.0.4+1
+db65cbca946753f9818f063f94b66c6c932d08a9 jdk-9.0.4+2

diff --git a/jdk/.hgtags b/jdk/.hgtags
index 2d983e2..c83e551 100644
--- a/jdk/.hgtags
+++ b/jdk/.hgtags

@@ -439,3 +439,4 @@
 2bd4dd6cc82060b6d705de5f47077633ae7b7c82 jdk-9.0.1+11
 fa3b1c07db0508e2bb1a6ab5e8b3a2be97544243 jdk-9.0.4+00
 c66ff2442ffa563c48bd641d1f4273e00833014c jdk-9.0.4+1
+c03f6dda488064a24e53e372e5ad00b1d7505f6b jdk-9.0.4+2

diff --git a/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectorServer.java b/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectorServer.java
index 0cda570..a71bef5 100644
--- a/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectorServer.java
+++ b/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectorServer.java

@@ -32,7 +32,6 @@
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.ObjectInputFilter;
 import java.io.ObjectOutputStream;
 import java.net.MalformedURLException;
 import java.rmi.server.RMIClientSocketFactory;
@@ -102,59 +101,19 @@
         "jmx.remote.rmi.server.socket.factory";
 
     /**
-    * Name of the attribute that specifies an
-    * {@link ObjectInputFilter} pattern string to filter classes acceptable
-    * for {@link RMIServer#newClient(java.lang.Object) RMIServer.newClient()}
+    * Name of the attribute that specifies a list of class names acceptable
+    * as parameters to the {@link RMIServer#newClient(java.lang.Object) RMIServer.newClient()}
     * remote method call.
     * <p>
-    * The filter pattern must be in same format as used in
-    * {@link java.io.ObjectInputFilter.Config#createFilter}
+    * This list of classes should correspond to the transitive closure of the
+    * credentials class (or classes) used by the installed {@linkplain JMXAuthenticator}
+    * associated with the {@linkplain RMIServer} implementation.
     * <p>
-    * This list of classes allowed by filter should correspond to the
-    * transitive closure of the credentials class (or classes) used by the
-    * installed {@linkplain JMXAuthenticator} associated with the
-    * {@linkplain RMIServer} implementation.
-    * If the attribute is not set then any class is deemed acceptable.
-    * @see ObjectInputFilter
+    * If the attribute is not set, or is null, then any class is
+    * deemed acceptable.
     */
-    public static final String CREDENTIALS_FILTER_PATTERN =
-        "jmx.remote.rmi.server.credentials.filter.pattern";
-
-    /**
-     * This attribute defines a pattern from which to create a
-     * {@link java.io.ObjectInputFilter} that will be used when deserializing
-     * objects sent to the {@code JMXConnectorServer} by any client.
-     * <p>
-     * The filter will be called for any class found in the serialized
-     * stream sent to server by client, including all JMX defined classes
-     * (such as {@link javax.management.ObjectName}), all method parameters,
-     * and, if present in the stream, all classes transitively referred by
-     * the serial form of any deserialized object.
-     * The pattern must be in same format as used in
-     * {@link java.io.ObjectInputFilter.Config#createFilter}.
-     * It may define a white list of permitted classes, a black list of
-     * rejected classes, a maximum depth for the deserialized objects,
-     * etc.
-     * <p>
-     * To be functional, the filter should allow at least all the
-     * concrete types in the transitive closure of all objects that
-     * might get serialized when serializing all JMX classes referred
-     * as parameters in the {@link
-     * javax.management.remote.rmi.RMIConnection} interface,
-     * plus all classes that a {@link javax.management.remote.rmi.RMIConnector client}
-     * might need to transmit wrapped in {@linkplain java.rmi.MarshalledObject
-     * marshalled objects} in order to interoperate with the MBeans registered
-     * in the {@code MBeanServer}. That would potentially include all the
-     * concrete {@linkplain javax.management.openmbean  JMX OpenTypes} and the
-     * classes they use in their serial form.
-     * <p>
-     * Care must be taken when defining such a filter, as defining
-     * a white list too restrictive or a too wide a black list may
-     * prevent legitimate clients from interoperating with the
-     * {@code JMXConnectorServer}.
-     */
-    public static final String SERIAL_FILTER_PATTERN =
-       "jmx.remote.rmi.server.serial.filter.pattern";
+    public static final String CREDENTIAL_TYPES =
+            "jmx.remote.rmi.server.credential.types";
 
     /**
      * <p>Makes an <code>RMIConnectorServer</code>.

diff --git a/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java b/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
index e678769..c4af775 100644
--- a/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
+++ b/jdk/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java

@@ -97,22 +97,18 @@
         this.ssf = ssf;
         this.env = (env == null) ? Collections.<String, Object>emptyMap() : env;
 
-        // This attribute was represented by RMIConnectorServer.CREDENTIALS_TYPES.
-        // This attribute is superceded by
-        // RMIConnectorServer.CREDENTIALS_FILTER_PATTERN.
-        // Retaining this for backward compatibility.
         String[] credentialsTypes
-                = (String[]) this.env.get("jmx.remote.rmi.server.credential.types");
+                = (String[]) this.env.get(RMIConnectorServer.CREDENTIAL_TYPES);
 
         String credentialsFilter
-                = (String) this.env.get(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN);
+                = (String) this.env.get(EnvHelp.CREDENTIALS_FILTER_PATTERN);
 
         // It is impossible for both attributes to be specified
-        if(credentialsTypes != null && credentialsFilter != null)
+        if(credentialsTypes != null && credentialsFilter != null) {
             throw new IllegalArgumentException("Cannot specify both \""
-                    + "jmx.remote.rmi.server.credential.types" + "\" and \""
-           + RMIConnectorServer.CREDENTIALS_FILTER_PATTERN + "\"");
-        else if(credentialsFilter != null){
+                    + RMIConnectorServer.CREDENTIAL_TYPES + "\" and \""
+                    + EnvHelp.CREDENTIALS_FILTER_PATTERN + "\"");
+        } else if(credentialsFilter != null){
             cFilter = ObjectInputFilter.Config.createFilter(credentialsFilter);
             allowedTypes = null;
         }
@@ -127,7 +123,7 @@
         }
 
         String userJmxFilter =
-                (String) this.env.get(RMIConnectorServer.SERIAL_FILTER_PATTERN);
+                (String) this.env.get(EnvHelp.SERIAL_FILTER_PATTERN);
         if(userJmxFilter != null && !userJmxFilter.isEmpty())
             jmxRmiFilter = ObjectInputFilter.Config.createFilter(userJmxFilter);
         else

diff --git a/jdk/src/java.management/share/classes/com/sun/jmx/remote/util/EnvHelp.java b/jdk/src/java.management/share/classes/com/sun/jmx/remote/util/EnvHelp.java
index 47ab569..c8ead8e 100644
--- a/jdk/src/java.management/share/classes/com/sun/jmx/remote/util/EnvHelp.java
+++ b/jdk/src/java.management/share/classes/com/sun/jmx/remote/util/EnvHelp.java

@@ -53,6 +53,61 @@
 
 public class EnvHelp {
 
+   /**
+    * Name of the attribute that specifies an
+    * {@link ObjectInputFilter} pattern string to filter classes acceptable
+    * for {@link RMIServer#newClient(java.lang.Object) RMIServer.newClient()}
+    * remote method call.
+    * <p>
+    * The filter pattern must be in same format as used in
+    * {@link java.io.ObjectInputFilter.Config.createFilter}
+    * <p>
+    * This list of classes allowed by filter should correspond to the
+    * transitive closure of the credentials class (or classes) used by the
+    * installed {@linkplain JMXAuthenticator} associated with the
+    * {@linkplain RMIServer} implementation.
+    * If the attribute is not set then any class is deemed acceptable.
+    * @see ObjectInputFilter
+    */
+    public static final String CREDENTIALS_FILTER_PATTERN =
+        "jmx.remote.rmi.server.credentials.filter.pattern";
+
+    /**
+     * This attribute defines a pattern from which to create a
+     * {@link java.io.ObjectInputFilter} that will be used when deserializing
+     * objects sent to the {@code JMXConnectorServer} by any client.
+     * <p>
+     * The filter will be called for any class found in the serialized
+     * stream sent to server by client, including all JMX defined classes
+     * (such as {@link javax.management.ObjectName}), all method parameters,
+     * and, if present in the stream, all classes transitively referred by
+     * the serial form of any deserialized object.
+     * The pattern must be in same format as used in
+     * {@link java.io.ObjectInputFilter.Config.createFilter}.
+     * It may define a white list of permitted classes, a black list of
+     * rejected classes, a maximum depth for the deserialized objects,
+     * etc.
+     * <p>
+     * To be functional, the filter should allow at least all the
+     * concrete types in the transitive closure of all objects that
+     * might get serialized when serializing all JMX classes referred
+     * as parameters in the {@link
+     * javax.management.remote.rmi.RMIConnection} interface,
+     * plus all classes that a {@link javax.management.remote.rmi.RMIConnectorClient}
+     * might need to transmit wrapped in {@linkplain java.rmi.MarshalledObject
+     * marshalled objects} in order to interoperate with the MBeans registered
+     * in the {@code MBeanServer}. That would potentially include all the
+     * concrete {@linkplain javax.management.openmbean  JMX OpenTypes} and the
+     * classes they use in their serial form.
+     * <p>
+     * Care must be taken when defining such a filter, as defining
+     * a white list too restrictive or a too wide a black list may
+     * prevent legitimate clients from interoperating with the
+     * {@code JMXConnectorServer}.
+     */
+    public static final String SERIAL_FILTER_PATTERN =
+       "jmx.remote.rmi.server.serial.filter.pattern";
+
     /**
      * Name of the attribute that specifies a default class loader
      * object.

diff --git a/jdk/src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java b/jdk/src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java
index dae6b95..d161593 100644
--- a/jdk/src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java
+++ b/jdk/src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java

@@ -514,7 +514,8 @@
         // This RMI server should not keep the VM alive
         Map<String, Object> env = new HashMap<>();
         env.put(RMIExporter.EXPORTER_ATTRIBUTE, new PermanentExporter());
-        env.put(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN, String.class.getName() + ";!*");
+        env.put("jmx.remote.rmi.server.credentials.filter.pattern",
+                String.class.getName() + ";!*");
 
         // The local connector server need only be available via the
         // loopback connection.
@@ -540,6 +541,10 @@
             if (props ==  null) {
                 props = new Properties();
             }
+            String jmxRmiFilter = props.getProperty(PropertyNames.SERIAL_FILTER_PATTERN);
+            if (jmxRmiFilter != null && !jmxRmiFilter.isEmpty()) {
+                env.put("jmx.remote.rmi.server.serial.filter.pattern", jmxRmiFilter);
+            }
             String useLocalOnlyStr = props.getProperty(
                     PropertyNames.USE_LOCAL_ONLY, DefaultValues.USE_LOCAL_ONLY);
             boolean useLocalOnly = Boolean.valueOf(useLocalOnlyStr).booleanValue();
@@ -746,10 +751,11 @@
         PermanentExporter exporter = new PermanentExporter();
 
         env.put(RMIExporter.EXPORTER_ATTRIBUTE, exporter);
-        env.put(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN, String.class.getName() + ";!*");
+        env.put("jmx.remote.rmi.server.credentials.filter.pattern",
+                String.class.getName() + ";!*");
 
         if(jmxRmiFilter != null && !jmxRmiFilter.isEmpty()) {
-            env.put(RMIConnectorServer.SERIAL_FILTER_PATTERN, jmxRmiFilter);
+            env.put("jmx.remote.rmi.server.serial.filter.pattern", jmxRmiFilter);
         }
 
         boolean useSocketFactory = bindAddress != null && !useSsl;

diff --git a/jdk/test/javax/management/remote/mandatory/connection/NewRMIClientFilterTest.java b/jdk/test/javax/management/remote/mandatory/connection/NewRMIClientFilterTest.java
index 78ae27b..51ff463 100644
--- a/jdk/test/javax/management/remote/mandatory/connection/NewRMIClientFilterTest.java
+++ b/jdk/test/javax/management/remote/mandatory/connection/NewRMIClientFilterTest.java

@@ -45,6 +45,15 @@
 
 public class NewRMIClientFilterTest {
 
+   /**
+    * Name of the attribute that specifies an
+    * {@link ObjectInputFilter} pattern string to filter classes acceptable
+    * for {@link RMIServer#newClient(java.lang.Object) RMIServer.newClient()}
+    * remote method call.
+    */
+    static final String CREDENTIALS_FILTER_PATTERN =
+        "jmx.remote.rmi.server.credentials.filter.pattern";
+
     public static void main(String[] args) throws Exception {
         System.out.println("---NewRMIClientFilterTest-main: starting ...");
         String filter1 = java.lang.String.class.getName() + ";!*";
@@ -64,8 +73,7 @@
         server.stop();
 
         System.out.println("\n---NewRMIClientFilterTest-main: testing types = String[]");
-        env.put(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN,
-                filter1);
+        env.put(CREDENTIALS_FILTER_PATTERN, filter1);
         server = newServer(url, env);
         serverUrl = server.getAddress();
         doTest(serverUrl, null);
@@ -80,8 +88,7 @@
         }
 
         System.out.println("\n---NewRMIClientFilterTest-main: testing user specific types = String, MyCredentials");
-        env.put(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN,
-                filter2);
+        env.put(CREDENTIALS_FILTER_PATTERN, filter2);
         server = newServer(url, env);
         serverUrl = server.getAddress();
         doTest(serverUrl, null);

diff --git a/langtools/.hgtags b/langtools/.hgtags
index c4a7e4a..f7f0b73 100644
--- a/langtools/.hgtags
+++ b/langtools/.hgtags

@@ -439,3 +439,4 @@
 a70b2427c9a73309b3a828a5c69ac5fd717eb08e jdk-9.0.1+11
 886cca9014ae318f270176e69b0b5bb6abb791c9 jdk-9.0.4+00
 3252095f8f062edb3de403b612e1d322988e077c jdk-9.0.4+1
+e624954b65c37b334367a23216fe4e9a3437d629 jdk-9.0.4+2

diff --git a/nashorn/.hgtags b/nashorn/.hgtags
index d3c9f53..1b887c1 100644
--- a/nashorn/.hgtags
+++ b/nashorn/.hgtags

@@ -430,3 +430,4 @@
 850264cdb6863f9dab53e5d707d49529fb45c575 jdk-9.0.1+11
 8793d38f6b7a4864cea92cee11ac0cc15f6a997e jdk-9.0.4+00
 9622aae5026e892f758373fa304e83ce309718fc jdk-9.0.4+1
+22fd41c5738df157bc17574701aa8c125c17229a jdk-9.0.4+2
commit	87aa86decb67d4d4a760f92fa518ab52e7afad93	[log] [tgz]
author	J. Duke <duke@openjdk.org>	Fri Feb 05 12:01:16 2021 -0800
committer	J. Duke <duke@openjdk.org>	Fri Feb 05 12:01:16 2021 -0800
tree	fedb0bac9dc7d94105acc7b621dfc69b1926161b
parent	8184a34d6393526e0916e89bc0741b834454c0bf [diff]
parent	fe62d397d3d5c0f5feb2e65d4dacb288c59cee1a [diff]