RFR: JDK-8243376: java.net.SocketPermission.implies(Permission p) spec is mismatching with implementation [v3]
Michael McMahon
michaelm at openjdk.java.net
Mon Feb 8 14:40:53 UTC 2021
On Fri, 5 Feb 2021 11:15:56 GMT, Jayashree S Kumar <github.com+31532647+jaysk1 at openjdk.org> wrote:
>> Issue
>>
>> https://bugs.openjdk.java.net/browse/JDK-8243376
>>
>> Problem
>>
>> The scenario is:
>> - Some specified target hostname resolves to two IP addresses (always the same address pair).
>> - The DNS resolved order of the two ip addresses changes (a usual LoadBalancer type behavior).
>> - The CNAME of the two ip addresses differ.
>>
>> In SocketPermission class(void getIP() method), it internally resolves and saves only the first IP address resolved, not all the IP addresses resolved.
>> - Depending on when the implier/implied SocketPermission hostname is resolved, the resolved addresses order differs, and the internally saved IP address mismatches, resulting on SocketPermission#implies() false.
>>
>>
>> Michael McMahon kindly reviewed and suggested changes: https://mail.openjdk.java.net/pipermail/net-dev/2020-May/014001.html
>
> Jayashree S Kumar has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains ten commits:
>
> - Merge branch 'master' of https://github.com/openjdk/jdk into socketperm_implies
> - Incorporated changes suggested by Vyom in testcase
> - Fixed all Whitespace error in testcase
> - Fixed all Whitespace error in testcase
> - Fixed automerge failed conflicts
> - Correct WhiteSpace error
> - Merge branch 'master' of https://github.com/openjdk/jdk into socketperm_implies
> - Added testcase and corrected WhiteSpace tab error
> - JDK-8243376: java.net.SocketPermission.implies(Permission p) spec is mismatching with implementation
src/java.base/share/classes/java/net/SocketPermission.java line 668:
> 666: } else {
> 667: // Always calls getIP(), this will make sure that if order of IP
> 668: // addresses changed then cname also get's change.
The block above 665:667 is still needed. getIP() must be called to set the addresses field. There's a test that checks this.
src/java.base/share/classes/java/net/SocketPermission.java line 675:
> 673: } catch (UnknownHostException uhe) {
> 674: invalid = true;
> 675: throw uhe;
The indentation wasn't right here before. Maybe we could fix it now/
-------------
PR: https://git.openjdk.java.net/jdk/pull/1916
More information about the net-dev
mailing list