Robbin, > One follow-up issue is that if you start suspended > and than connect with > an unallowed client the JVM starts and executes the program.
Fixed. see http://cr.openjdk.java.net/~dsamersoff/JDK-8061228/webrev.15 -Dmitry On 2017-03-16 15:59, Robbin Ehn wrote: > Hi Dmitry, thanks for the update. > > One follow-up issue is that if you start suspended and than connect with > an unallowed client the JVM starts and executes the program. > Simple program prints "Hello". > > [rehn@rehn-ws vanilla-hs]$ java > -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=*:9999,allow=1.2.3.0/32 > -cp . H > Listening for transport dt_socket at address: 9999 > ERROR: Peer not allowed to connect > Listening for transport dt_socket at address: 9999 > Hello > > I think it would be good if the VM stayed suspended when an unallowed > client connects. > > Thanks, Robbin > > On 03/13/2017 08:07 PM, Dmitry Samersoff wrote: >> Robbin, >> >> Please, see: >> >> http://cr.openjdk.java.net/~dsamersoff/JDK-8061228/webrev.11 >> >>> 1: >>> So connecting with an unallowed client terminates the VM. >> >> Fixed. >> >>> 2: >>> Starting with an bad allow filter terminates the VM when connecting a >>> client. >> >> Moved allowed parameter (and parser call) to StartListening. >> >> -Dmitry >> >> >> On 2017-03-10 15:56, Robbin Ehn wrote: >>> Hi Dmitry, >>> >>> I took a look at this, I have two practical issues: >>> >>> 1: >>> [rehn@rehn-ws dev]$ java >>> -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:9999,allow=6.6.6.6 >>> >>> -cp runs ForEver >>> Listening for transport dt_socket at address: 9999 >>> ERROR: transport error 202: peer not allowed to connect: Success >>> JDWP exit error JVMTI_ERROR_NONE(0): could not connect, timeout or fatal >>> error [transport.c:358] >>> >>> So connecting with an unallowed client terminates the VM. >>> >>> 2: >>> [rehn@rehn-ws dev]$ java >>> -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:9999,allow=6.BAD.6.6 >>> >>> -cp runs ForEver >>> Listening for transport dt_socket at address: 9999 >>> ERROR: transport error 202: unable to parse list of allowed peers: >>> Success >>> JDWP exit error JVMTI_ERROR_NONE(0): could not connect, timeout or fatal >>> error [transport.c:358] >>> >>> Starting with an bad allow filter terminates the VM when connecting a >>> client. >>> >>> >>> Connecting with an unallowed ip/port should not terminate the VM and we >>> should verify allow filter directly at startup. >>> >>> Thanks >>> >>> /Robbin >>> >>> On 02/28/2017 10:41 AM, Dmitry Samersoff wrote: >>>> Everybody, >>>> >>>> Please review: >>>> >>>> http://cr.openjdk.java.net/~dsamersoff/JDK-8061228/webrev.10/ >>>> >>>> These changes introduce new parameter[1] of the socket transport - >>>> allow. Users can explicitly specify a list of hosts that allowed to >>>> connect to jdwp server and it's the second part of JDWP hardening[2]. >>>> >>>> No restrictions are applied by default now but I'll file a separate CR >>>> to restrict list of allowed peers to localhost by default. >>>> >>>> Also these changes implement versioning for jdwp transport and therefor >>>> simplify feature development of jdwp. >>>> >>>> >>>> 1. Example command line: >>>> >>>> -agentlib:jdwp=transport=dt_socket,server=y,suspend=n, >>>> address=*,allow="127.0.0.0/8;192.168.0.0/24" >>>> >>>> Possible values for allow parameter: >>>> * - accept connections from everywhere. >>>> N.N.N.N - accept connections from this IP address only >>>> N.N.N.N/nn - accept connections from particular ip subnet >>>> >>>> >>>> >>>> 2. JDK-8052136 JDWP hardening >>>> >>>> -Dmitry >>>> >> >> -- Dmitry Samersoff Oracle Java development team, Saint Petersburg, Russia * I would love to change the world, but they won't give me the sources.
