-
Notifications
You must be signed in to change notification settings - Fork 5.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
8290367: Update default value and extend the scope of com.sun.jndi.ld…
…ap.object.trustSerialData system property Reviewed-by: dfuchs, jpai
- Loading branch information
1 parent
11e7d53
commit 7765942
Showing
13 changed files
with
262 additions
and
52 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
124 changes: 124 additions & 0 deletions
124
test/jdk/com/sun/jndi/ldap/objects/RemoteLocationAttributeTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,124 @@ | ||
/* | ||
* Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. | ||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | ||
* | ||
* This code is free software; you can redistribute it and/or modify it | ||
* under the terms of the GNU General Public License version 2 only, as | ||
* published by the Free Software Foundation. | ||
* | ||
* This code is distributed in the hope that it will be useful, but WITHOUT | ||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | ||
* version 2 for more details (a copy is included in the LICENSE file that | ||
* accompanied this code). | ||
* | ||
* You should have received a copy of the GNU General Public License version | ||
* 2 along with this work; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | ||
* | ||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA | ||
* or visit www.oracle.com if you need additional information or have any | ||
* questions. | ||
*/ | ||
|
||
import java.net.InetAddress; | ||
import java.net.InetSocketAddress; | ||
import java.net.ServerSocket; | ||
import java.net.SocketAddress; | ||
import java.util.Hashtable; | ||
import javax.naming.CommunicationException; | ||
import javax.naming.NamingException; | ||
import javax.naming.ServiceUnavailableException; | ||
import javax.naming.directory.DirContext; | ||
import javax.naming.directory.InitialDirContext; | ||
|
||
import jdk.test.lib.net.URIBuilder; | ||
|
||
/** | ||
* @test | ||
* @bug 8290367 | ||
* @summary Check if com.sun.jndi.ldap.object.trustSerialData covers the creation | ||
* of RMI remote objects from the 'javaRemoteLocation' LDAP attribute. | ||
* @modules java.naming/com.sun.jndi.ldap | ||
* @library /test/lib ../lib /javax/naming/module/src/test/test/ | ||
* @build LDAPServer LDAPTestUtils | ||
* | ||
* @run main/othervm RemoteLocationAttributeTest | ||
* @run main/othervm -Dcom.sun.jndi.ldap.object.trustSerialData | ||
* RemoteLocationAttributeTest | ||
* @run main/othervm -Dcom.sun.jndi.ldap.object.trustSerialData=false | ||
* RemoteLocationAttributeTest | ||
* @run main/othervm -Dcom.sun.jndi.ldap.object.trustSerialData=true | ||
* RemoteLocationAttributeTest | ||
* @run main/othervm -Dcom.sun.jndi.ldap.object.trustSerialData=TrUe | ||
* RemoteLocationAttributeTest | ||
*/ | ||
|
||
public class RemoteLocationAttributeTest { | ||
|
||
public static void main(String[] args) throws Exception { | ||
// Create unbound server socket | ||
ServerSocket serverSocket = new ServerSocket(); | ||
|
||
// Bind it to the loopback address | ||
SocketAddress sockAddr = new InetSocketAddress( | ||
InetAddress.getLoopbackAddress(), 0); | ||
serverSocket.bind(sockAddr); | ||
|
||
// Construct the provider URL for LDAPTestUtils | ||
String providerURL = URIBuilder.newBuilder() | ||
.scheme("ldap") | ||
.loopback() | ||
.port(serverSocket.getLocalPort()) | ||
.buildUnchecked().toString(); | ||
|
||
Hashtable<Object, Object> env; | ||
|
||
// Initialize test environment variables | ||
env = LDAPTestUtils.initEnv(serverSocket, providerURL, | ||
RemoteLocationAttributeTest.class.getName(), args, false); | ||
|
||
DirContext ctx = null; | ||
try (serverSocket) { | ||
System.err.println(env); | ||
// connect to server | ||
ctx = new InitialDirContext(env); | ||
Object lookupResult = ctx.lookup("Test"); | ||
System.err.println("Lookup result:" + lookupResult); | ||
// Test doesn't provide RMI registry running at 127.0.0.1:1097, but if | ||
// there is one running on test host successful result is valid for | ||
// cases when reconstruction allowed. | ||
if (!RECONSTRUCTION_ALLOWED) { | ||
throw new AssertionError("Unexpected successful lookup"); | ||
} | ||
} catch (ServiceUnavailableException | CommunicationException connectionException) { | ||
// The remote location was properly reconstructed but connection to | ||
// RMI endpoint failed: | ||
// ServiceUnavailableException - no open socket on 127.0.0.1:1097 | ||
// CommunicationException - 127.0.0.1:1097 is open, but it is not RMI registry | ||
System.err.println("Got one of connection exceptions:" + connectionException); | ||
if (!RECONSTRUCTION_ALLOWED) { | ||
throw new AssertionError("Reconstruction not blocked, as expected"); | ||
} | ||
} catch (NamingException ne) { | ||
String message = ne.getMessage(); | ||
System.err.printf("Got NamingException with message: '%s'%n", message); | ||
if (RECONSTRUCTION_ALLOWED && EXPECTED_NAMING_EXCEPTION_MESSAGE.equals(message)) { | ||
throw new AssertionError("Reconstruction unexpectedly blocked"); | ||
} | ||
if (!RECONSTRUCTION_ALLOWED && !EXPECTED_NAMING_EXCEPTION_MESSAGE.equals(message)) { | ||
throw new AssertionError("Reconstruction not blocked"); | ||
} | ||
} finally { | ||
LDAPTestUtils.cleanup(ctx); | ||
} | ||
} | ||
|
||
// Reconstruction of RMI remote objects is allowed if 'com.sun.jndi.ldap.object.trustSerialData' | ||
// is set to "true". If the system property is not specified it implies default "false" value | ||
private static final boolean RECONSTRUCTION_ALLOWED = | ||
Boolean.getBoolean("com.sun.jndi.ldap.object.trustSerialData"); | ||
|
||
// NamingException message when reconstruction is not allowed | ||
private static final String EXPECTED_NAMING_EXCEPTION_MESSAGE = "Object deserialization is not allowed"; | ||
} |
61 changes: 61 additions & 0 deletions
61
test/jdk/com/sun/jndi/ldap/objects/RemoteLocationAttributeTest.ldap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
# | ||
# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. | ||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | ||
# | ||
# This code is free software; you can redistribute it and/or modify it | ||
# under the terms of the GNU General Public License version 2 only, as | ||
# published by the Free Software Foundation. | ||
# | ||
# This code is distributed in the hope that it will be useful, but WITHOUT | ||
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | ||
# version 2 for more details (a copy is included in the LICENSE file that | ||
# accompanied this code). | ||
# | ||
# You should have received a copy of the GNU General Public License version | ||
# 2 along with this work; if not, write to the Free Software Foundation, | ||
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | ||
# | ||
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA | ||
# or visit www.oracle.com if you need additional information or have any | ||
# questions. | ||
# | ||
|
||
################################################################################ | ||
# Capture file for RemoteLocationAttributeTest.java | ||
# | ||
# NOTE: This hexadecimal dump of LDAP protocol messages was generated by | ||
# running the RemoteLocationAttributeTest application program against | ||
# a real LDAP server and setting the JNDI/LDAP environment property: | ||
# com.sun.jndi.ldap.trace.ber to activate LDAP message tracing. | ||
# | ||
################################################################################ | ||
|
||
# LDAP BindRequest | ||
0000: 30 0C 02 01 01 60 07 02 01 03 04 00 80 00 0....`........ | ||
|
||
# LDAP BindResponse | ||
0000: 30 0C 02 01 01 61 07 0A 01 00 04 00 04 00 0....a........ | ||
|
||
# LDAP SearchRequest | ||
0000: 30 46 02 01 02 63 24 04 04 54 65 73 74 0A 01 00 0F...c$..Test... | ||
0010: 0A 01 03 02 01 00 02 01 00 01 01 00 87 0B 6F 62 ..............ob | ||
0020: 6A 65 63 74 43 6C 61 73 73 30 00 A0 1B 30 19 04 jectClass0...0.. | ||
0030: 17 32 2E 31 36 2E 38 34 30 2E 31 2E 31 31 33 37 .2.16.840.1.1137 | ||
0040: 33 30 2E 33 2E 34 2E 32 30.3.4.2 | ||
|
||
# LDAP SearchResultEntry | ||
0000: 30 5E 02 01 02 64 59 04 04 54 65 73 74 30 51 30 0^...dY..Test0Q0 | ||
0010: 16 04 0D 6A 61 76 61 43 6C 61 73 73 4E 61 6D 65 ...javaClassName | ||
0020: 31 05 04 03 66 6F 6F 30 37 04 12 6A 61 76 61 52 1...foo07..javaR | ||
0030: 65 6D 6F 74 65 4C 6F 63 61 74 69 6F 6E 31 21 04 emoteLocation1!. | ||
0040: 1F 72 6D 69 3A 2F 2F 31 32 37 2E 30 2E 30 2E 31 .rmi://127.0.0.1 | ||
0050: 3A 31 30 39 37 2F 54 65 73 74 52 65 6D 6F 74 65 :1097/TestRemote | ||
|
||
# LDAP SearchResultDone | ||
0000: 30 0C 02 01 02 65 07 0A 01 00 04 00 04 00 0....e........ | ||
|
||
# LDAP UnbindRequest | ||
0000: 30 22 02 01 03 42 00 A0 1B 30 19 04 17 32 2E 31 0"...B...0...2.1 | ||
0010: 36 2E 38 34 30 2E 31 2E 31 31 33 37 33 30 2E 33 6.840.1.113730.3 | ||
0020: 2E 34 2E 32 .4.2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
7765942
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review
Issues