JDK-8243376: java.net.SocketPermission.implies(Permission p) spec is mismatching with implementation #1916
Conversation
…mismatching with implementation
|
|
|
|
Webrevs
|
|
Apologies for the various (noise) commits for the Jcheck Whitespace error. The actual commits being: Thanks! |
|
Please find below minor comments. |
Hi Jay,
Looking back to my original comment, I think I suggested that the fix should account for multiple cname values (one for each IP address in the addresses array). That is still my view. In other words, cname needs to be an array, the same length as addresses (except in the case where the permission was constructed using a wildcard - in that case it can continue as a single value, ie the array would have length 1).
Your solution here drops the caching aspect, and every time getCanonName() is called it will do the DNS reverse lookup which could slow things down a lot. Assuming that DNS always returns the same values but just in a different order, then it should be possible to cache all the canonical names and do a comparison across them all, without having to go back to DNS each time.
- Michael.
|
@Michael-Mc-Mahon: Please take a look at the above patch. Thanks! |
…ed try-catch inside for loop
|
@Michael-Mc-Mahon and @dfuch: I have addressed the review comments. Please take a look. Thanks! |
|
As you change equal & hashCode method, if possible can you please add some additional tests in "jdk/java/net/SocketPermission/Equals.java" just to make sure we test every corner case. |
|
I have addressed the changes mentioned by @Michael-Mc-Mahon and now working on Vyom's suggestions, will send the new patch for review soon. Thanks! |
|
@jaysk1 This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration! |
|
@jaysk1 This pull request has been inactive for more than 8 weeks and will now be automatically closed. If you would like to continue working on this pull request in the future, feel free to reopen it! This can be done using the |
|
/open |
|
@jaysk1 This pull request is now open |
|
Hi Jay, overall changes look ok to me, please do let me know if you need any help. |
|
Hi Vyom, Thanks a lot for reaching out. |
| that.getCanonName(); | ||
| } | ||
|
|
||
| return (this.cname.equalsIgnoreCase(that.cname)); | ||
| return this.cnames[0].equalsIgnoreCase(that.cnames[0]); |
There was a problem hiding this comment.
@jaysk1 On the event of us reaching here, won't this and that have multiple canonical names each, in different orders? Do you think we need to compare the arrays here?
| if (this.cname != null) { | ||
| return this.cname.equalsIgnoreCase(that.cname); | ||
| if (this.cnames != null) { | ||
| return this.cnames[0].equalsIgnoreCase(that.cnames[0]); |
There was a problem hiding this comment.
@jaysk1 Can this comparison fail for SocketPermission objects that have multiple cname entries in different orders?
| return this.getName().hashCode(); | ||
| else | ||
| return this.cname.hashCode(); | ||
| return this.cnames[0].hashCode(); |
There was a problem hiding this comment.
@jaysk1 Can this cause "equal" SocketPermission objects with the identical, multiple cname entries, but in a different order, to have unequal hash codes?
| System.out.println("Expected true, returned false"); | ||
| break; | ||
| } | ||
| addIpToHostsFile(hostname, "1.2.3."+testPass, hostsFileName); |
There was a problem hiding this comment.
nit: Looks like these needs an indentation correction.
|
|
||
| private static void addIpToHostsFile(String host, String addr, String hostsFileName) | ||
| throws Exception { | ||
| String mapping = addr + " " + host; |
|
@jaysk1 This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration! |
|
@jaysk1 This pull request has been inactive for more than 8 weeks and will now be automatically closed. If you would like to continue working on this pull request in the future, feel free to reopen it! This can be done using the |
Issue
https://bugs.openjdk.java.net/browse/JDK-8243376
Problem
The scenario is:
In SocketPermission class(void getIP() method), it internally resolves and saves only the first IP address resolved, not all the IP addresses resolved.
Michael McMahon kindly reviewed and suggested changes: https://mail.openjdk.java.net/pipermail/net-dev/2020-May/014001.html
Progress
Issue
Download
$ git fetch https://git.openjdk.java.net/jdk pull/1916/head:pull/1916$ git checkout pull/1916