OpenJDK / amber / amber
changeset 56350:a573f58bc798
8224256: test/jdk/java/security/SecureClassLoader/DefineClass.java hardcodes 127.0.0.1
Reviewed-by: chegar, dfuchs, mullan
Contributed-by: aeubanks@google.com
| author | aeubanks |
|---|---|
| date | Mon, 20 May 2019 16:47:08 -0700 |
| parents | 3081932e7efd |
| children | dc343eb0fcf0 |
| files | test/jdk/java/security/SecureClassLoader/DefineClass.java test/jdk/java/security/SecureClassLoader/DefineClass.policy |
| diffstat | 2 files changed, 37 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/test/jdk/java/security/SecureClassLoader/DefineClass.java Wed May 22 21:38:16 2019 +0000 +++ b/test/jdk/java/security/SecureClassLoader/DefineClass.java Mon May 20 16:47:08 2019 -0700 @@ -51,10 +51,13 @@ import java.util.Enumeration; import java.util.List; import java.util.PropertyPermission; +import jdk.test.lib.net.IPSupport; /* * @test * @bug 6826789 8131486 8130181 + * @library /test/lib + * @build jdk.test.lib.net.IPSupport * @summary Make sure equivalent ProtectionDomains are granted the same * permissions when the CodeSource URLs are different but resolve * to the same ip address after name service resolution. @@ -85,6 +88,15 @@ "AAUAAQAGAAAAHQABAAEAAAAFKrcAAbEAAAABAAcAAAAGAAEAAAABAAEACAAA" + "AAIACQ=="; + // Base64 encoded bytes of simple class: "package bar2; public class Bar2 {}" + private final static String BAR2_CLASS = + "yv66vgAAADQADwoAAwAMBwANBwAOAQAGPGluaXQ+AQADKClWAQAEQ29kZQEA" + + "D0xpbmVOdW1iZXJUYWJsZQEABG1haW4BABYoW0xqYXZhL2xhbmcvU3RyaW5n" + + "OylWAQAKU291cmNlRmlsZQEACUJhcjIuamF2YQwABAAFAQAJYmFyMi9CYXIy" + + "AQAQamF2YS9sYW5nL09iamVjdAAhAAIAAwAAAAAAAgABAAQABQABAAYAAAAd" + + "AAEAAQAAAAUqtwABsQAAAAEABwAAAAYAAQAAAAEACQAIAAkAAQAGAAAAGQAA" + + "AAEAAAABsQAAAAEABwAAAAYAAQAAAAEAAQAKAAAAAgAL"; + // Base64 encoded bytes of simple class: "package baz; public class Baz {}" private final static String BAZ_CLASS = "yv66vgAAADQADQoAAwAKBwALBwAMAQAGPGluaXQ+AQADKClWAQAEQ29kZQEA" + @@ -137,12 +149,23 @@ "foo.Foo", FOO_CLASS, null); checkPerms(perms1, GRANTED_PERMS); - ArrayList<Permission> perms2 = getPermissions(scl, p, - "http://127.0.0.1/", - "bar.Bar", BAR_CLASS, - null); - checkPerms(perms2, GRANTED_PERMS); - assert(perms1.equals(perms2)); + + if (IPSupport.hasIPv4()) { + ArrayList<Permission> perms2 = getPermissions(scl, p, + "http://127.0.0.1/", + "bar.Bar", BAR_CLASS, + null); + checkPerms(perms2, GRANTED_PERMS); + assert(perms1.equals(perms2)); + } + if (IPSupport.hasIPv6()) { + ArrayList<Permission> perms2 = getPermissions(scl, p, + "http://[::1]/", + "bar2.Bar2", BAR2_CLASS, + null); + checkPerms(perms2, GRANTED_PERMS); + assert(perms1.equals(perms2)); + } // check that class signed by baz is granted an additional permission Certificate[] chain = new Certificate[] {getCert(BAZ_CERT)};
--- a/test/jdk/java/security/SecureClassLoader/DefineClass.policy Wed May 22 21:38:16 2019 +0000 +++ b/test/jdk/java/security/SecureClassLoader/DefineClass.policy Mon May 20 16:47:08 2019 -0700 @@ -9,6 +9,14 @@ grant codebase "http://127.0.0.1/" { permission java.util.PropertyPermission "user.name", "read"; }; +grant codebase "http://[::1]/" { + permission java.util.PropertyPermission "user.name", "read"; +}; grant codebase "http://localhost/", signedby "baz" { permission java.util.PropertyPermission "user.dir", "read"; }; +// For IPSupport +grant codebase "file:${test.classes}/../../../../test/lib/-" { + permission java.net.SocketPermission "localhost:0", "listen,resolve"; + permission java.util.PropertyPermission "java.net.preferIPv4Stack", "read"; +};