Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/java/rmi/activation/ActivationSystem/stubClassesPermitted/StubClassesPermitted.java
38889 views
/*1* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/* @test24* @bug 417905525* @summary Some java apps need to have access to read "accessClassInPackage.sun.rmi.server"26* @author Laird Dornin27*28* @library ../../../testlibrary29* @build TestLibrary RMID ActivationLibrary30* CanCreateStubs StubClassesPermitted_Stub31* @run main/othervm/policy=security.policy/secure=java.lang.SecurityManager/timeout=240 StubClassesPermitted32*/3334import java.io.*;35import java.rmi.*;36import java.rmi.server.*;37import java.rmi.registry.Registry;38import java.rmi.activation.*;39import java.security.CodeSource;40import java.util.Properties;41import java.util.StringTokenizer;4243/**44* The RMI activation system needs to explicitly allow itself to45* create the following sun.* classes on behalf of code that runs with46* user privileges and needs to make use of RMI activation:47*48* sun.rmi.server.Activation$ActivationMonitorImpl_Stub49* sun.rmi.server.Activation$ActivationSystemImpl_Stub50* sun.rmi.registry.RegistryImpl_Stub51*52* The test causes the activation system to need to create each of53* these classes in turn. The test will fail if the activation system54* does not allow these classes to be created.55*/56public class StubClassesPermitted57extends Activatable implements Runnable, CanCreateStubs58{59public static boolean sameGroup = false;60private static int registryPort = -1;61private static CanCreateStubs canCreateStubs = null;62private static Registry registry = null;6364public static void main(String args[]) {6566sameGroup = true;6768RMID rmid = null;6970System.err.println("\nRegression test for bug/rfe 4179055\n");7172try {73TestLibrary.suggestSecurityManager("java.lang.SecurityManager");7475registry = TestLibrary.createRegistryOnUnusedPort();76registryPort = TestLibrary.getRegistryPort(registry);7778// must run with java.lang.SecurityManager or the test79// result will be nullified if running with a build where80// 4180392 has not been fixed.81String smClassName =82System.getSecurityManager().getClass().getName();83if (!smClassName.equals("java.lang.SecurityManager")) {84TestLibrary.bomb("Test must run with java.lang.SecurityManager");85}8687// start an rmid.88RMID.removeLog();89rmid = RMID.createRMID();90rmid.start();9192//rmid.addOptions(new String[] {"-C-Djava.rmi.server.logCalls=true"});9394// Ensure that activation groups run with the correct95// security manager.96//97Properties p = new Properties();98p.put("java.security.policy",99TestParams.defaultGroupPolicy);100p.put("java.security.manager",101"java.lang.SecurityManager");102103// This action causes the following classes to be created104// in this VM (RMI must permit the creation of these classes):105//106// sun.rmi.server.Activation$ActivationSystemImpl_Stub107// sun.rmi.server.Activation$ActivationMonitorImpl_Stub108//109System.err.println("Create activation group, in a new VM");110ActivationGroupDesc groupDesc =111new ActivationGroupDesc(p, null);112ActivationSystem system = ActivationGroup.getSystem();113ActivationGroupID groupID = system.registerGroup(groupDesc);114115System.err.println("register activatable");116// Fix for: 4271615: make sure activation group runs in a new VM117ActivationDesc desc = new ActivationDesc118(groupID, "StubClassesPermitted", null, null);119canCreateStubs = (CanCreateStubs) Activatable.register(desc);120121// ensure registry stub can be passed in a remote call122System.err.println("getting the registry");123registry = canCreateStubs.getRegistry();124125// make sure a client cant load just any sun.* class, just126// as a sanity check, try to create a class we are not127// allowed to access but which was passed in a remote call128try {129System.err.println("accessing forbidden class");130Object secureRandom = canCreateStubs.getForbiddenClass();131132TestLibrary.bomb("test allowed to access forbidden class," +133" sun.security.provider.SecureRandom");134} catch (java.security.AccessControlException e) {135136// Make sure we received a *local* AccessControlException137ByteArrayOutputStream bout = new ByteArrayOutputStream();138PrintStream ps = new PrintStream(bout);139e.printStackTrace(ps);140ps.flush();141String trace = new String(bout.toByteArray());142if ((trace.indexOf("exceptionReceivedFromServer") >= 0) ||143trace.equals(""))144{145throw e;146}147System.err.println("received expected local access control exception");148}149150// make sure that an ActivationGroupID can be passed in a151// remote call; this is slightly more inclusive than152// just passing a reference to the activation system153System.err.println("returning group desc");154canCreateStubs.returnGroupID();155156// Clean up object157System.err.println158("Deactivate object via method call");159canCreateStubs.shutdown();160161System.err.println162("\nsuccess: StubClassesPermitted test passed ");163164} catch (Exception e) {165TestLibrary.bomb("\nfailure: unexpected exception ", e);166} finally {167try {168Thread.sleep(4000);169} catch (InterruptedException e) {170}171172canCreateStubs = null;173ActivationLibrary.rmidCleanup(rmid);174System.err.println("rmid shut down");175}176}177178static ActivationGroupID GroupID = null;179180/**181* implementation of CanCreateStubs182*/183public StubClassesPermitted184(ActivationID id, MarshalledObject mo) throws RemoteException185{186// register/export anonymously187super(id, 0);188189// obtain reference to the test registry190registry = java.rmi.registry.LocateRegistry.191getRegistry(registryPort);192}193194/**195* Spawns a thread to deactivate the object.196*/197public void shutdown() throws Exception {198(new Thread(this,"StubClassesPermitted")).start();199}200201/**202* Thread to deactivate object. First attempts to make object203* inactive (via the inactive method). If that fails (the204* object may still have pending/executing calls), then205* unexport the object forcibly.206*/207public void run() {208ActivationLibrary.deactivate(this, getID());209}210211/**212* Return a reference to the RMI registry, to make sure that213* the stub for it can be deserialized in the test client VM.214*/215public Registry getRegistry() throws RemoteException {216if (sameGroup) {217System.out.println("in same group");218} else {219System.out.println("not in same group");220}221return registry;222}223224/**225* Remote call to create and return a random serializable sun.*226* class, the test should get a local security exception when227* trying to create the class. Ensure that not all sun.* classes228* can be resolved in a remote call.229*/230public Object getForbiddenClass() throws RemoteException {231System.err.println("creating sun class");232return new sun.security.provider.SecureRandom();233}234235/**236* Ensures that an activation group id can be passed in a remote237* call (class may contain a remote reference to the activation238* system implementation).239*/240public ActivationGroupID returnGroupID() throws RemoteException {241return ActivationGroup.currentGroupID();242}243}244245246