CoCalc -- NonLocalJMXRemoteTest.java

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/management/remote/nonLocalAccess/NonLocalJMXRemoteTest.java
³⁸⁸⁵⁵ views
1
/*
2
 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import java.net.InetAddress;
25
import java.rmi.AccessException;
26
import java.rmi.NotBoundException;
27
import java.rmi.registry.LocateRegistry;
28
import java.rmi.registry.Registry;
29
import java.util.Set;
30
import java.util.HashSet;
31

32
/* @test
33
 * @bug 8174770
34
 * @summary Verify that JMX Registry rejects non-local access for bind, unbind, rebind.
35
 *    The test is manual because the (non-local) host and port running JMX must be supplied as properties.
36
 * @run main/othervm/manual -Djmx-registry.host=jmx-registry-host -Djmx-registry.port=jmx-registry-port NonLocalJMXRemoteTest
37
 */
38

39
/**
40
 * Verify that access checks for the Registry exported by JMX Registry.bind(),
41
 * .rebind(), and .unbind() are prevented on remote access to the registry.
42
 * The test verifies that the access check is performed *before* the object to be
43
 * bound or rebound is deserialized.
44
 * This tests the SingleEntryRegistry implemented by JMX.
45
 * This test is a manual test and uses JMX running on a *different* host.
46
 * JMX can be enabled in any Java runtime; for example:
47
 *
48
 * Note: Use remote host with latest JDK update release for invoking rmiregistry.
49
 *
50
 * Note: Test should be ran twice once using arg1 and once using arg2.
51
 *
52
 * login or ssh to the remote host and invoke rmiregistry with arg1.
53
 * It will not show any output.
54
 * Execute the test, after test completes execution, stop the server.
55
 *
56
 * repeat above step using arg2 and execute the test.
57
 *
58
 *
59
 * arg1: {@code $JDK_HOME/bin/rmiregistry \
60
 *         -J-Dcom.sun.management.jmxremote.port=8888 \
61
 *         -J-Dcom.sun.management.jmxremote.local.only=false \
62
 *         -J-Dcom.sun.management.jmxremote.ssl=false \
63
 *         -J-Dcom.sun.management.jmxremote.authenticate=false
64
 * }
65
 *
66
 *
67
 * replace "jmx-registry-host" with the hostname or IP address of the remote host
68
 * for property "-J-Dcom.sun.management.jmxremote.host" below.
69
 *
70
 * arg2: {@code $JDK_HOME/bin/rmiregistry \
71
 *         -J-Dcom.sun.management.jmxremote.port=8888 \
72
 *         -J-Dcom.sun.management.jmxremote.local.only=false \
73
 *         -J-Dcom.sun.management.jmxremote.ssl=false \
74
 *         -J-Dcom.sun.management.jmxremote.authenticate=false \
75
 *         -J-Dcom.sun.management.jmxremote.host="jmx-registry-host"
76
 * }
77
 *
78
 * On the first host modify the @run command above to replace "jmx-registry-host"
79
 * with the hostname or IP address of the different host and run the test with jtreg.
80
 */
81
public class NonLocalJMXRemoteTest {
82

83
    public static void main(String[] args) throws Exception {
84

85
        String host = System.getProperty("jmx-registry.host");
86
        if (host == null || host.isEmpty()) {
87
            throw new RuntimeException("Specify host with system property: -Djmx-registry.host=<host>");
88
        }
89
        int port = Integer.getInteger("jmx-registry.port", -1);
90
        if (port <= 0) {
91
            throw new RuntimeException("Specify port with system property: -Djmx-registry.port=<port>");
92
        }
93

94
        // Check if running the test on a local system; it only applies to remote
95
        String myHostName = InetAddress.getLocalHost().getHostName();
96
        Set<InetAddress> myAddrs = new HashSet<>();
97
        InetAddress[] myAddrsArr = InetAddress.getAllByName(myHostName);
98
        for (InetAddress a : myAddrsArr) {
99
            myAddrs.add(a);
100
        }
101
        Set<InetAddress> hostAddrs = new HashSet<>();
102
        InetAddress[] hostAddrsArr = InetAddress.getAllByName(host);
103
        for (InetAddress a : hostAddrsArr) {
104
            hostAddrs.add(a);
105
        }
106
        if (hostAddrs.stream().anyMatch(i -> myAddrs.contains(i))
107
                || hostAddrs.stream().anyMatch(h -> h.isLoopbackAddress())) {
108
            throw new RuntimeException("Error: property 'jmx-registry.host' must not be the local host%n");
109
        }
110

111
        Registry registry = LocateRegistry.getRegistry(host, port);
112
        try {
113
            // Verify it is a JMX Registry
114
            registry.lookup("jmxrmi");
115
        } catch (NotBoundException nf) {
116
            throw new RuntimeException("Not a JMX registry, jmxrmi is not bound", nf);
117
        }
118

119
        try {
120
            registry.bind("foo", null);
121
            throw new RuntimeException("Remote access should not succeed for method: bind");
122
        } catch (Exception e) {
123
            assertIsAccessException(e);
124
        }
125

126
        try {
127
            registry.rebind("foo", null);
128
            throw new RuntimeException("Remote access should not succeed for method: rebind");
129
        } catch (Exception e) {
130
            assertIsAccessException(e);
131
        }
132

133
        try {
134
            registry.unbind("foo");
135
            throw new RuntimeException("Remote access should not succeed for method: unbind");
136
        } catch (Exception e) {
137
            assertIsAccessException(e);
138
        }
139
    }
140

141
    /**
142
     * Check the exception chain for the expected AccessException and message.
143
     * @param ex the exception from the remote invocation.
144
     */
145
    private static void assertIsAccessException(Throwable ex) {
146
        Throwable t = ex;
147
        while (!(t instanceof AccessException) && t.getCause() != null) {
148
            t = t.getCause();
149
        }
150
        if (t instanceof AccessException) {
151
            String msg = t.getMessage();
152
            int asIndex = msg.indexOf("Registry");
153
            int disallowIndex = msg.indexOf("disallowed");
154
            int nonLocalHostIndex = msg.indexOf("non-local host");
155
            if (asIndex < 0 ||
156
                    disallowIndex < 0 ||
157
                    nonLocalHostIndex < 0 ) {
158
                System.out.println("Exception message is " + msg);
159
                throw new RuntimeException("exception message is malformed", t);
160
            }
161
            System.out.printf("Found expected AccessException: %s%n%n", t);
162
        } else {
163
            throw new RuntimeException("AccessException did not occur when expected", ex);
164
        }
165
    }
166
}
167

168
Product

Resources

Company
