Author: peter_firmstone Date: Thu Dec 3 12:07:24 2015 New Revision: 1717744
URL: http://svn.apache.org/viewvc?rev=1717744&view=rev Log: Merge code changes in trunk revision 1520131. Note that note removal of author tags from source code has only been partially merged and we also need to check build.xml file for how to build src-extra. Added: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/Component.java - copied, changed from r1717027, river/jtsk/trunk/src/com/sun/jini/config/Component.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/LocalHostLookup.java - copied unchanged from r1717028, river/jtsk/trunk/src/org/apache/river/config/LocalHostLookup.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/LocalHostLookupSpi.java - copied unchanged from r1717028, river/jtsk/trunk/src/org/apache/river/config/LocalHostLookupSpi.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/jeri/internal/runtime/LocalHost.java Removed: river/jtsk/skunk/qa-refactor-namespace/trunk/src-extra/org/apache/river/extra/README river/jtsk/skunk/qa-refactor-namespace/trunk/src-extra/org/apache/river/extra/build.xml Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src-extra/ (props changed) river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/discovery/AbstractLookupDiscovery.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/ (props changed) river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/Constraints.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpServerEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/ (props changed) river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosServerEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosTrustVerifier.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosUtil.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/AuthManager.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/CallContext.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ClientAuthManager.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConfidentialityStrength.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConnectionContext.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/FilterX509TrustManager.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsServerEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ServerAuthManager.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslConnection.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpointImpl.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpointImpl.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslTrustVerifier.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SubjectCredentials.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/Utilities.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/ (props changed) river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/Constraints.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpServerEndpoint.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ (props changed) river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ConfigurationFactory.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/Example.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/VelocityConfigurationBuilder.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/reggie/RegistrarImpl.java river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/tool/ClassServer.java Propchange: river/jtsk/skunk/qa-refactor-namespace/trunk/src-extra/ ------------------------------------------------------------------------------ svn:mergeinfo = /river/jtsk/trunk/src-extra:1379874-1407431,1415845-1717028 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/discovery/AbstractLookupDiscovery.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/discovery/AbstractLookupDiscovery.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/discovery/AbstractLookupDiscovery.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/discovery/AbstractLookupDiscovery.java Thu Dec 3 12:07:24 2015 @@ -19,6 +19,7 @@ package net.jini.discovery; import org.apache.river.config.Config; +import org.apache.river.config.LocalHostLookup; import org.apache.river.discovery.Discovery; import org.apache.river.discovery.DiscoveryConstraints; import org.apache.river.discovery.DiscoveryProtocolException; @@ -644,7 +645,7 @@ abstract class AbstractLookupDiscovery i public void interrupt() { interrupted = true; try { - (new Socket(InetAddress.getLocalHost(), getPort())).close(); + (new Socket(LocalHostLookup.getLocalHost(), getPort())).close(); } catch (IOException e) { /* ignore */ } }//end interrupt @@ -2079,14 +2080,14 @@ abstract class AbstractLookupDiscovery i return ((InetAddress) Security.doPrivileged( new PrivilegedExceptionAction() { public Object run() throws UnknownHostException { - return InetAddress.getLocalHost(); + return LocalHostLookup.getLocalHost(); } })).getHostAddress(); } catch (PrivilegedActionException e) { // Remove host information if caller does not have privileges // to see it. try { - InetAddress.getLocalHost(); + LocalHostLookup.getLocalHost(); } catch (UnknownHostException uhe) { throw uhe; } Propchange: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/ ------------------------------------------------------------------------------ --- svn:mergeinfo (added) +++ svn:mergeinfo Thu Dec 3 12:07:24 2015 @@ -0,0 +1 @@ +/river/jtsk/trunk/src/net/jini/jeri/http:1379874-1407431,1415845-1717029 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/Constraints.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/Constraints.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/Constraints.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/Constraints.java Thu Dec 3 12:07:24 2015 @@ -55,7 +55,7 @@ import net.jini.io.UnsupportedConstraint * - No combination of individual constraints supported by this * provider can contain conflicting constraints. * - * @author Sun Microsystems, Inc. + * **/ class Constraints { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpEndpoint.java Thu Dec 3 12:07:24 2015 @@ -97,7 +97,7 @@ import net.jini.security.proxytrust.Trus * specified for <code>equals</code> methods of {@link Endpoint} * instances. * - * @author Sun Microsystems, Inc. + * * @see HttpServerEndpoint * @since 2.0 **/ Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpServerEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpServerEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpServerEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/http/HttpServerEndpoint.java Thu Dec 3 12:07:24 2015 @@ -36,8 +36,6 @@ import java.net.UnknownHostException; import java.security.AccessControlContext; import java.security.AccessController; import java.security.PrivilegedAction; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import java.util.Collection; import java.util.HashSet; import java.util.Iterator; @@ -54,6 +52,7 @@ import net.jini.jeri.RequestDispatcher; import net.jini.jeri.ServerEndpoint; import net.jini.security.Security; import net.jini.security.SecurityContext; +import org.apache.river.jeri.internal.runtime.LocalHost; /** * An implementation of the {@link ServerEndpoint} abstraction that @@ -104,7 +103,7 @@ import net.jini.security.SecurityContext * are specified for <code>equals</code> methods of {@link Endpoint} * instances. * - * @author Sun Microsystems, Inc. + * * @see HttpEndpoint * @since 2.0 **/ @@ -121,11 +120,14 @@ public final class HttpServerEndpoint im private static final HttpServerManager serverManager; /** idle connection timer */ private static final ConnectionTimer connTimer; + + private static final LocalHost LOCAL_HOST; static { HttpSettings hs = HttpEndpoint.getHttpSettings(); serverManager = new HttpServerManager(hs.getResponseAckTimeout()); connTimer = new ConnectionTimer(hs.getServerConnectionTimeout()); + LOCAL_HOST = new LocalHost(null, null); } /** server transport logger */ @@ -510,39 +512,8 @@ public final class HttpServerEndpoint im throw new NullPointerException(); } - String localHost = host; - if (localHost == null) { - InetAddress localAddr; - try { - localAddr = (InetAddress) Security.doPrivileged( - new PrivilegedExceptionAction() { - public Object run() throws UnknownHostException { - return InetAddress.getLocalHost(); - } - }); - } catch (PrivilegedActionException e) { - /* - * Only expose UnknownHostException thrown directly by - * InetAddress.getLocalHost if it would also be thrown - * in the caller's security context; otherwise, throw - * a new UnknownHostException without the host name. - */ - InetAddress.getLocalHost(); - throw new UnknownHostException( - "access to resolve local host denied"); - } - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(localAddr.getHostName(), -1); - } catch (SecurityException e) { - throw new SecurityException( - "access to resolve local host denied"); - } - } - localHost = localAddr.getHostAddress(); - } - + String localHost = LOCAL_HOST.check(host, this); + LE listenEndpoint = new LE(); // REMIND: needn't be new? ListenCookie listenCookie = listenContext.addListenEndpoint(listenEndpoint); Propchange: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/ ------------------------------------------------------------------------------ --- svn:mergeinfo (added) +++ svn:mergeinfo Thu Dec 3 12:07:24 2015 @@ -0,0 +1 @@ +/river/jtsk/trunk/src/net/jini/jeri/kerberos:1379874-1407431,1415845-1717029 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosEndpoint.java Thu Dec 3 12:07:24 2015 @@ -267,7 +267,7 @@ import org.ietf.jgss.GSSName; * default is 3. * </ul> <p> * - * @author Sun Microsystems, Inc. + * * @see KerberosServerEndpoint * @see KerberosTrustVerifier * @since 2.0 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosServerEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosServerEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosServerEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosServerEndpoint.java Thu Dec 3 12:07:24 2015 @@ -65,6 +65,7 @@ import net.jini.jeri.kerberos.KerberosUt import net.jini.jeri.kerberos.KerberosUtil.ConfigIter; import net.jini.security.Security; import net.jini.security.SecurityContext; +import org.apache.river.jeri.internal.runtime.LocalHost; import org.ietf.jgss.GSSCredential; import org.ietf.jgss.GSSException; import org.ietf.jgss.GSSManager; @@ -242,7 +243,7 @@ import org.ietf.jgss.GSSName; * <code>Subject</code> instance, which encapsulates the principal and * delegated credential, if any, of the corresponding remote caller. * - * @author Sun Microsystems, Inc. + * * @see KerberosEndpoint * @see KerberosTrustVerifier * @since 2.0 @@ -277,6 +278,9 @@ public final class KerberosServerEndpoin /** Access control context cache, keyed by constraints */ private final KerberosUtil.SoftCache softCache; + + private static final LocalHost LOCAL_HOST + = new LocalHost(logger, KerberosServerEndpoint.class); /** The principal used for server authentication */ private KerberosPrincipal serverPrincipal; @@ -1105,54 +1109,7 @@ public final class KerberosServerEndpoin public Endpoint enumerateListenEndpoints(ListenContext listenContext) throws IOException { - if (serverHost == null) { - InetAddress localAddr; - try { - localAddr = (InetAddress) AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Object run() throws UnknownHostException { - return InetAddress.getLocalHost(); - } - }); - } catch (PrivilegedActionException e) { - UnknownHostException uhe = (UnknownHostException) e.getCause(); - if (logger.isLoggable(Levels.FAILED)) { - KerberosUtil.logThrow( - logger, Levels.FAILED, this.getClass(), - "enumerateListenEndpoints", - "InetAddress.getLocalHost() throws", null, uhe); - } - // Remove host information if caller does not have privileges - // to see it. - try { - InetAddress.getLocalHost(); - } catch (UnknownHostException te) { - throw te; - } - throw new UnknownHostException("Host name cleared due to " + - "insufficient caller " + - "permissions"); - } - - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(localAddr.getHostName(), -1); - } catch (SecurityException e) { - SecurityException se = new SecurityException( - "Access to resolve local host denied"); - if (logger.isLoggable(Levels.FAILED)) { - KerberosUtil.logThrow( - logger, Levels.FAILED, this.getClass(), - "enumerateListenEndpoints", - "caller does not have permission to resolve " + - "local host", null, se); - } - throw se; - } - } - serverHost = localAddr.getHostAddress(); - } + serverHost = LOCAL_HOST.check(serverHost, this); ListenCookieImpl cookie = checkListenCookie( listenContext.addListenEndpoint(listenEndpoint)); Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosTrustVerifier.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosTrustVerifier.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosTrustVerifier.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosTrustVerifier.java Thu Dec 3 12:07:24 2015 @@ -30,7 +30,7 @@ import net.jini.security.TrustVerifier; * of {@link net.jini.security.Security#verifyObjectTrust * Security.verifyObjectTrust}. * - * @author Sun Microsystems, Inc. + * * @see KerberosEndpoint * @since 2.0 */ Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosUtil.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosUtil.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosUtil.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/kerberos/KerberosUtil.java Thu Dec 3 12:07:24 2015 @@ -69,7 +69,7 @@ import org.ietf.jgss.Oid; /** * Utility class for the Kerberos provider. * - * @author Sun Microsystems, Inc. + * * @since 2.0 */ class KerberosUtil { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/AuthManager.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/AuthManager.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/AuthManager.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/AuthManager.java Thu Dec 3 12:07:24 2015 @@ -47,7 +47,7 @@ import javax.security.auth.x500.X500Priv * Combines both the key and trust managers to enable subclasses to use * information for both when checking permissions. * - * @author Sun Microsystems, Inc. + * */ abstract class AuthManager extends FilterX509TrustManager implements X509KeyManager Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/CallContext.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/CallContext.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/CallContext.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/CallContext.java Thu Dec 3 12:07:24 2015 @@ -31,7 +31,7 @@ import net.jini.jeri.connection.Outbound * permitted client and server principals, cipher suites, and integrity and * connection time constraints. * - * @author Sun Microsystems, Inc. + * */ class CallContext extends Utilities implements OutboundRequestHandle { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ClientAuthManager.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ClientAuthManager.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ClientAuthManager.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ClientAuthManager.java Thu Dec 3 12:07:24 2015 @@ -43,7 +43,7 @@ import net.jini.security.AuthenticationP * share SSLContexts after a single client and server principal have been * chosen. * - * @author Sun Microsystems, Inc. + * */ class ClientAuthManager extends AuthManager { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConfidentialityStrength.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConfidentialityStrength.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConfidentialityStrength.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConfidentialityStrength.java Thu Dec 3 12:07:24 2015 @@ -38,7 +38,7 @@ import java.io.Serializable; * The {@link SslTrustVerifier} trust verifier may be used for establishing * trust in remote proxies that use instances of this class. * - * @author Sun Microsystems, Inc. + * * @see SslEndpoint * @see SslServerEndpoint * @see HttpsEndpoint Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConnectionContext.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConnectionContext.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConnectionContext.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ConnectionContext.java Thu Dec 3 12:07:24 2015 @@ -49,7 +49,7 @@ import net.jini.core.constraint.ServerMi * Integrity.YES is independent of the suites, insuring that those items can be * picked before negotiating the cipher suite. * - * @author Sun Microsystems, Inc. + * */ final class ConnectionContext extends Utilities { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/FilterX509TrustManager.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/FilterX509TrustManager.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/FilterX509TrustManager.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/FilterX509TrustManager.java Thu Dec 3 12:07:24 2015 @@ -36,7 +36,7 @@ import net.jini.security.Security; * Implements an X509TrustManager that only trusts certificate chains whose * first certificate identifies one of a set of principals. * - * @author Sun Microsystems, Inc. + * */ class FilterX509TrustManager extends Utilities implements X509TrustManager { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsEndpoint.java Thu Dec 3 12:07:24 2015 @@ -194,7 +194,7 @@ import net.jini.security.proxytrust.Trus * if one is specified. * </ul> * - * @author Sun Microsystems, Inc. + * * @see HttpsServerEndpoint * @see ConfidentialityStrength * @see SslTrustVerifier Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsServerEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsServerEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsServerEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/HttpsServerEndpoint.java Thu Dec 3 12:07:24 2015 @@ -199,7 +199,7 @@ import net.jini.security.SecurityContext * guidelines that are specified for <code>equals</code> methods of {@link * net.jini.jeri.ServerEndpoint.ListenEndpoint ListenEndpoint} instances. * - * @author Sun Microsystems, Inc. + * * @see HttpsEndpoint * @see ConfidentialityStrength * @since 2.0 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ServerAuthManager.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ServerAuthManager.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ServerAuthManager.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/ServerAuthManager.java Thu Dec 3 12:07:24 2015 @@ -46,7 +46,7 @@ import net.jini.security.AuthenticationP * An AuthManager for servers. Invalidates sessions when a new key is returned * of a particular key type. * - * @author Sun Microsystems, Inc. + * */ class ServerAuthManager extends AuthManager { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslConnection.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslConnection.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslConnection.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslConnection.java Thu Dec 3 12:07:24 2015 @@ -52,7 +52,7 @@ import net.jini.security.Security; /** * Implementation of Connection used by SslEndpoint. * - * @author Sun Microsystems, Inc. + * */ class SslConnection extends Utilities implements Connection { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpoint.java Thu Dec 3 12:07:24 2015 @@ -164,7 +164,7 @@ import net.jini.security.proxytrust.Trus * extensible remote invocation (Jini ERI) multiplexing protocol</a> to map * outgoing requests to socket connections. * - * @author Sun Microsystems, Inc. + * * @see SslServerEndpoint * @see ConfidentialityStrength * @see SslTrustVerifier Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpointImpl.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpointImpl.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpointImpl.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslEndpointImpl.java Thu Dec 3 12:07:24 2015 @@ -66,7 +66,7 @@ import net.jini.security.AuthenticationP * inherited by HttpsEndpoint without revealing the inheritance in the public * API. * - * @author Sun Microsystems, Inc. + * */ class SslEndpointImpl extends Utilities implements ConnectionEndpoint { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpoint.java Thu Dec 3 12:07:24 2015 @@ -191,7 +191,7 @@ import net.jini.security.SecurityContext * extensible remote invocation (Jini ERI) multiplexing protocol</a> to map * outgoing requests to socket connections. * - * @author Sun Microsystems, Inc. + * * @see SslEndpoint * @see ConfidentialityStrength * @since 2.0 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpointImpl.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpointImpl.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpointImpl.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslServerEndpointImpl.java Thu Dec 3 12:07:24 2015 @@ -28,11 +28,9 @@ import org.apache.river.thread.GetThread import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.net.InetAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.SocketException; -import java.net.UnknownHostException; import java.nio.channels.SocketChannel; import java.security.AccessControlContext; import java.security.AccessController; @@ -40,8 +38,6 @@ import java.security.GeneralSecurityExce import java.security.Permission; import java.security.Principal; import java.security.PrivilegedAction; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import java.security.cert.CertPath; import java.security.cert.Certificate; import java.security.cert.CertificateException; @@ -81,13 +77,14 @@ import net.jini.jeri.connection.ServerCo import net.jini.security.AuthenticationPermission; import net.jini.security.Security; import net.jini.security.SecurityContext; +import org.apache.river.jeri.internal.runtime.LocalHost; /** * Provides the implementation of SslServerEndpoint so that the implementation * can be inherited by HttpsServerEndpoint without revealing the inheritance in * the public API. * - * @author Sun Microsystems, Inc. + * */ class SslServerEndpointImpl extends Utilities { @@ -116,6 +113,8 @@ class SslServerEndpointImpl extends Util /** The default server connection manager. */ private static final ServerConnManager defaultServerConnectionManager = new BasicServerConnManager(); + + private static final LocalHost LOCAL_HOST = new LocalHost(logger, SslServerEndpointImpl.class); /** The associated server endpoint. */ private final ServerEndpoint serverEndpoint; @@ -522,70 +521,17 @@ class SslServerEndpointImpl extends Util final Endpoint enumerateListenEndpoints(ListenContext listenContext) throws IOException { - Exception exception = null; - try { - String resolvedHost = this.serverHost; - if (resolvedHost == null) { - InetAddress localAddr; - try { - localAddr = AccessController.doPrivileged( - new PrivilegedExceptionAction<InetAddress>() { - public InetAddress run() throws UnknownHostException { - return InetAddress.getLocalHost(); - } - }); - } catch (PrivilegedActionException e) { - UnknownHostException uhe = - (UnknownHostException) e.getCause(); - if (logger.isLoggable(Levels.FAILED)) { - logThrow(logger, Levels.FAILED, this.getClass(), - "enumerateListenEndpoints", - "InetAddress.getLocalHost() throws", - null, uhe); - } - // Remove host information if caller does not have - // privileges to see it. - try { - InetAddress.getLocalHost(); - } catch (UnknownHostException te) { - throw te; - } - throw new UnknownHostException("Host name cleared due to " + - "insufficient caller " + - "permissions"); - } - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(localAddr.getHostName(), -1); - } catch (SecurityException e) { - exception = e; - /* Throw new exception to not reveal host name */ - throw new SecurityException( - "Access to resolve local host denied"); - } - } - resolvedHost = localAddr.getHostAddress(); - } - Endpoint result = createEndpoint( - resolvedHost, - checkCookie(listenContext.addListenEndpoint(listenEndpoint))); - if (logger.isLoggable(Level.FINE)) { - logger.log(Level.FINE, - "enumerate listen endpoints for {0}\nreturns {1}", - new Object[] { this, result }); - } - return result; - } finally { - if (exception != null && logger.isLoggable(Levels.FAILED)) { - logThrow( - logger, Levels.FAILED, - SslServerEndpointImpl.class, "enumerateListenEndpoints", - "enumerate listen endpoints for {0}\nthrows", - new Object[] { this }, - exception); - } - } + String resolvedHost = LOCAL_HOST.check(this.serverHost, this); + + Endpoint result = createEndpoint( + resolvedHost, + checkCookie(listenContext.addListenEndpoint(listenEndpoint))); + if (logger.isLoggable(Level.FINE)) { + logger.log(Level.FINE, + "enumerate listen endpoints for {0}\nreturns {1}", + new Object[] { this, result }); + } + return result; } /** Creates a listen endpoint for this server endpoint. */ Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslTrustVerifier.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslTrustVerifier.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslTrustVerifier.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SslTrustVerifier.java Thu Dec 3 12:07:24 2015 @@ -31,7 +31,7 @@ import net.jini.security.TrustVerifier; * to configure the operation of {@link Security#verifyObjectTrust * Security.verifyObjectTrust}. * - * @author Sun Microsystems, Inc. + * * @since 2.0 * @see SslEndpoint * @see HttpsEndpoint Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SubjectCredentials.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SubjectCredentials.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SubjectCredentials.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/SubjectCredentials.java Thu Dec 3 12:07:24 2015 @@ -39,7 +39,7 @@ import net.jini.security.Security; /** * Provides methods for retrieving credentials from a Subject. * - * @author Sun Microsystems, Inc. + * */ class SubjectCredentials extends Utilities { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/Utilities.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/Utilities.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/Utilities.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/ssl/Utilities.java Thu Dec 3 12:07:24 2015 @@ -59,7 +59,7 @@ import net.jini.security.Security; /** * Provides miscellaneous utilities for the classes in this package. * - * @author Sun Microsystems, Inc. + * */ abstract class Utilities { Propchange: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/ ------------------------------------------------------------------------------ --- svn:mergeinfo (added) +++ svn:mergeinfo Thu Dec 3 12:07:24 2015 @@ -0,0 +1 @@ +/river/jtsk/trunk/src/net/jini/jeri/tcp:1379874-1407431,1415845-1717029 Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/Constraints.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/Constraints.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/Constraints.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/Constraints.java Thu Dec 3 12:07:24 2015 @@ -55,7 +55,7 @@ import net.jini.io.UnsupportedConstraint * - No combination of individual constraints supported by this * provider can contain conflicting constraints. * - * @author Sun Microsystems, Inc. + * **/ class Constraints { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpEndpoint.java Thu Dec 3 12:07:24 2015 @@ -80,7 +80,7 @@ import net.jini.security.proxytrust.Trus * specified for <code>equals</code> methods of {@link Endpoint} * instances. * - * @author Sun Microsystems, Inc. + * * @see TcpServerEndpoint * @since 2.0 **/ Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpServerEndpoint.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpServerEndpoint.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpServerEndpoint.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/net/jini/jeri/tcp/TcpServerEndpoint.java Thu Dec 3 12:07:24 2015 @@ -62,6 +62,7 @@ import net.jini.jeri.connection.ServerCo import net.jini.jeri.connection.ServerConnectionManager; import net.jini.security.Security; import net.jini.security.SecurityContext; +import org.apache.river.jeri.internal.runtime.LocalHost; /** * An implementation of the {@link ServerEndpoint} abstraction that @@ -106,7 +107,7 @@ import net.jini.security.SecurityContext * are specified for <code>equals</code> methods of {@link Endpoint} * instances. * - * @author Sun Microsystems, Inc. + * * @see TcpEndpoint * @since 2.0 **/ @@ -132,40 +133,7 @@ public final class TcpServerEndpoint imp ((Boolean) AccessController.doPrivileged(new GetBooleanAction( "org.apache.river.jeri.tcp.useNIO"))).booleanValue(); - private static final InetAddress localAdd; - private static final UnknownHostException exception; - private static final Guard exposeLocalAdd; - - static { - /* The following was originally in - * enumerateListenEndpoints(ListenContext listenContext) - * however, InetAddress.getLocalHost() proved to be a hotspot in - * mahalo RandomStressTests for test code, which was attempting to - * stress Mahalo, but this was futile, given the test CPU usage - * for the test itself was 10x Mahalo, which wasn't raising a sweat. - * - Peter Firmstone 28th April 2014 - */ - InetAddress localAddr = null; - UnknownHostException exc = null; - try { - localAddr = (InetAddress) AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Object run() throws UnknownHostException { - return InetAddress.getLocalHost(); - } - }); - } catch (PrivilegedActionException e) { - Exception uhe = e.getException(); - if (uhe instanceof UnknownHostException){ - exc = (UnknownHostException) uhe; - } - } - - localAdd = localAddr; - exception = exc; - // If exception occurs the localAdd will be null. - exposeLocalAdd = new SocketPermission("localhost", "resolve"); - } + private static final LocalHost LOCAL_HOST = new LocalHost(null, null); /** name for local host to fill in to corresponding TcpEndpoints */ private final String host; @@ -554,33 +522,7 @@ public final class TcpServerEndpoint imp throw new NullPointerException(); } - String localHost = host; - if (localHost == null) { - /* - * Only expose UnknownHostException thrown directly by - * InetAddress.getLocalHost if it would also be thrown - * in the caller's security context; otherwise, throw - * a new UnknownHostException without the host name. - */ - if (exception != null){ - try { - exposeLocalAdd.checkGuard(null); - } catch (SecurityException e){ - throw new UnknownHostException("access to resolve local host denied"); - } - throw exception; - } - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(localAdd.getHostName(), -1); - } catch (SecurityException e) { - throw new SecurityException( - "access to resolve local host denied"); - } - } - localHost = localAdd.getHostAddress(); - } + String localHost = LOCAL_HOST.check(host, this); LE listenEndpoint = new LE(); // REMIND: needn't be new? ListenCookie listenCookie = Propchange: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ ------------------------------------------------------------------------------ --- svn:mergeinfo (added) +++ svn:mergeinfo Thu Dec 3 12:07:24 2015 @@ -0,0 +1 @@ +/river/jtsk/trunk/src/org/apache/river/config:1379874-1407431,1415845-1717028 Copied: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/Component.java (from r1717027, river/jtsk/trunk/src/com/sun/jini/config/Component.java) URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/Component.java?p2=river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/Component.java&p1=river/jtsk/trunk/src/com/sun/jini/config/Component.java&r1=1717027&r2=1717744&rev=1717744&view=diff ============================================================================== --- river/jtsk/trunk/src/com/sun/jini/config/Component.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/Component.java Thu Dec 3 12:07:24 2015 @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package com.sun.jini.config; +package org.apache.river.config; import java.lang.annotation.Documented; import java.lang.annotation.ElementType; Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ConfigurationFactory.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ConfigurationFactory.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ConfigurationFactory.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/ConfigurationFactory.java Thu Dec 3 12:07:24 2015 @@ -21,8 +21,6 @@ package org.apache.river.config; import net.jini.config.Configuration; /** - * - * @author sim */ public interface ConfigurationFactory { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/Example.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/Example.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/Example.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/Example.java Thu Dec 3 12:07:24 2015 @@ -23,8 +23,6 @@ import java.security.Permission; import net.jini.config.ConfigurationException; /** - * - * @author sim */ public class Example { Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/VelocityConfigurationBuilder.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/VelocityConfigurationBuilder.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/VelocityConfigurationBuilder.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/config/builder/VelocityConfigurationBuilder.java Thu Dec 3 12:07:24 2015 @@ -35,8 +35,6 @@ import org.apache.velocity.VelocityConte import org.apache.velocity.app.VelocityEngine; /** - * - * @author sim */ public class VelocityConfigurationBuilder implements ConfigurationFactory Added: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/jeri/internal/runtime/LocalHost.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/jeri/internal/runtime/LocalHost.java?rev=1717744&view=auto ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/jeri/internal/runtime/LocalHost.java (added) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/jeri/internal/runtime/LocalHost.java Thu Dec 3 12:07:24 2015 @@ -0,0 +1,145 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.apache.river.jeri.internal.runtime; + +import java.net.InetAddress; +import java.net.SocketPermission; +import java.net.UnknownHostException; +import java.security.AccessController; +import java.security.Guard; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; +import java.util.logging.Level; +import java.util.logging.LogRecord; +import java.util.logging.Logger; +import org.apache.river.config.LocalHostLookup; +import org.apache.river.logging.Levels; + +/** + * This was common security code in all ServerEndpoint.enumerateListenEndpoints + * calls, rather than duplicate this code, due to it's performance and + * security sensitivity, it has been separated here to avoid duplication. + */ +public class LocalHost { + + private final InetAddress localAdd; + private final UnknownHostException exception; + private final Guard exposeLocalAdd; + private final Logger logger; + private final Class clazz; + + public LocalHost(Logger logger, Class clazz) { + /* The following was originally in + * enumerateListenEndpoints(ListenContext listenContext) + * however, InetAddress.getLocalHost() proved to be a hotspot in + * mahalo RandomStressTests for test code, which was attempting to + * stress Mahalo, but this was futile, given the test CPU usage + * for the test itself was 10x Mahalo, which wasn't raising a sweat. + * - Peter Firmstone 28th April 2014 + */ + this.logger = logger; + this.clazz = clazz; + InetAddress localAddr = null; + UnknownHostException exc = null; + try { + localAddr = (InetAddress) AccessController.doPrivileged( + new PrivilegedExceptionAction() { + public Object run() throws UnknownHostException { + return LocalHostLookup.getLocalHost(); + } + }); + } catch (PrivilegedActionException e) { + Exception uhe = e.getException(); + if (uhe instanceof UnknownHostException){ + exc = (UnknownHostException) uhe; + if (logger != null && logger.isLoggable(Levels.FAILED)){ + logThrow( + logger, Levels.FAILED, clazz, + "enumerateListenEndpoints", + "LocalHostLookup.getLocalHost() throws", null, uhe); + } + } + } + + localAdd = localAddr; + exception = exc; + // If exception occurs the localAdd will be null. + exposeLocalAdd = new SocketPermission("localhost", "resolve"); + } + + public String check(String localHost, Object caller) throws UnknownHostException { + if (localHost == null) { + /* + * Only expose UnknownHostException thrown directly by + * InetAddress.getLocalHost if it would also be thrown + * in the caller's security context; otherwise, throw + * a new UnknownHostException without the host name. + */ + if (exception != null){ + try { + exposeLocalAdd.checkGuard(null); + } catch (SecurityException e){ + throw new UnknownHostException("access to resolve local host denied"); + } + throw exception; + } + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + try { + sm.checkConnect(localAdd.getHostName(), -1); + } catch (SecurityException e) { + if (logger != null && logger.isLoggable(Levels.FAILED)) { + logThrow( + logger, Levels.FAILED, clazz, + "enumerateListenEndpoints", + "enumerate listen endpoints for {0}\nthrows", + new Object[] {caller}, + e + ); + } + throw new SecurityException( + "access to resolve local host denied"); + } + } + localHost = localAdd.getHostAddress(); + } + return localHost; + } + + + + /* -- Logging -- */ + + /** + * Logs a throw. Use this method to log a throw when the log message needs + * parameters. + * + * @param logger logger to log to + * @param level the log level + * @param sourceClass class where throw occurred + * @param sourceMethod name of the method where throw occurred + * @param msg log message + * @param params log message parameters + * @param e exception thrown + */ + static void logThrow(Logger logger, + Level level, + Class sourceClass, + String sourceMethod, + String msg, + Object[] params, + Throwable e) + { + LogRecord r = new LogRecord(level, msg); + r.setLoggerName(logger.getName()); + r.setSourceClassName(sourceClass.getName()); + r.setSourceMethodName(sourceMethod); + r.setParameters(params); + r.setThrown(e); + logger.log(r); + } + +} Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/reggie/RegistrarImpl.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/reggie/RegistrarImpl.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/reggie/RegistrarImpl.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/reggie/RegistrarImpl.java Thu Dec 3 12:07:24 2015 @@ -18,6 +18,7 @@ package org.apache.river.reggie; import org.apache.river.config.Config; +import org.apache.river.config.LocalHostLookup; import org.apache.river.constants.ThrowableConstants; import org.apache.river.constants.VersionConstants; import org.apache.river.discovery.ClientSubjectChecker; @@ -2839,7 +2840,7 @@ class RegistrarImpl implements Registrar AccessController.doPrivileged( new PrivilegedAction(){ public Object run(){ try { - Socket s = reggie.socketFactory.createSocket(InetAddress.getLocalHost(), port); + Socket s = reggie.socketFactory.createSocket(LocalHostLookup.getLocalHost(), port); s.close(); } catch (IOException e) { } finally { @@ -5001,7 +5002,7 @@ class RegistrarImpl implements Registrar } catch (NoSuchEntryException e) { // fix for 4906732: only invoke getCanonicalHostName if needed unicastDiscoveryHost = - InetAddress.getLocalHost().getCanonicalHostName(); + LocalHostLookup.getLocalHost().getCanonicalHostName(); } try { this.unicastDiscoverySubjectChecker = Modified: river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/tool/ClassServer.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/tool/ClassServer.java?rev=1717744&r1=1717743&r2=1717744&view=diff ============================================================================== --- river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/tool/ClassServer.java (original) +++ river/jtsk/skunk/qa-refactor-namespace/trunk/src/org/apache/river/tool/ClassServer.java Thu Dec 3 12:07:24 2015 @@ -17,6 +17,7 @@ */ package org.apache.river.tool; +import org.apache.river.config.LocalHostLookup; import org.apache.river.logging.Levels; import org.apache.river.start.LifeCycle; import java.io.BufferedInputStream; @@ -868,7 +869,7 @@ public class ClassServer extends Thread } try { if (stop) { - Socket sock = new Socket(InetAddress.getLocalHost(), port); + Socket sock = new Socket(LocalHostLookup.getLocalHost(), port); try { DataOutputStream out = new DataOutputStream(sock.getOutputStream());
