diff --git a/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java b/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java index 9f85aec7cd3..74c54105201 100644 --- a/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java +++ b/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java @@ -60,8 +60,6 @@ import java.nio.channels.NotYetConnectedException; import java.nio.channels.SelectionKey; import java.nio.channels.spi.AbstractSelectableChannel; import java.nio.channels.spi.SelectorProvider; -import java.security.AccessController; -import java.security.PrivilegedExceptionAction; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; @@ -293,8 +291,7 @@ class DatagramChannelImpl public SocketAddress getLocalAddress() throws IOException { synchronized (stateLock) { ensureOpen(); - // Perform security check before returning address - return Net.getRevealedLocalAddress(localAddress); + return localAddress; } } @@ -573,24 +570,16 @@ class DatagramChannelImpl SocketAddress remote = beginRead(blocking, false); configureSocketNonBlockingIfVirtualThread(); boolean connected = (remote != null); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (connected || (sm == null)) { - // connected or no security manager - int n = receive(dst, connected); - if (blocking) { - while (IOStatus.okayToRetry(n) && isOpen()) { - park(Net.POLLIN); - n = receive(dst, connected); - } + int n = receive(dst, connected); + if (blocking) { + while (IOStatus.okayToRetry(n) && isOpen()) { + park(Net.POLLIN); + n = receive(dst, connected); } - if (n > 0 || (n == 0 && isOpen())) { - // sender address is in socket address buffer - sender = sourceSocketAddress(); - } - } else { - // security manager and unconnected - sender = untrustedReceive(dst); + } + if (n > 0 || (n == 0 && isOpen())) { + // sender address is in socket address buffer + sender = sourceSocketAddress(); } return sender; } finally { @@ -601,49 +590,6 @@ class DatagramChannelImpl } } - /** - * Receives a datagram into an untrusted buffer. When there is a security - * manager set, and the socket is not connected, datagrams have to be received - * into a buffer that is not accessible to the user. The datagram is copied - * into the user's buffer when the sender address is accepted by the security - * manager. - */ - private SocketAddress untrustedReceive(ByteBuffer dst) throws IOException { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - assert readLock.isHeldByCurrentThread() - && sm != null && remoteAddress == null; - - boolean blocking = isBlocking(); - for (;;) { - int n; - ByteBuffer bb = Util.getTemporaryDirectBuffer(dst.remaining()); - try { - n = receive(bb, false); - if (n >= 0) { - // sender address is in socket address buffer - InetSocketAddress isa = sourceSocketAddress(); - try { - sm.checkAccept(isa.getAddress().getHostAddress(), isa.getPort()); - bb.flip(); - dst.put(bb); - return isa; - } catch (SecurityException se) { - // ignore datagram - } - } - } finally { - Util.releaseTemporaryDirectBuffer(bb); - } - - if (blocking && IOStatus.okayToRetry(n) && isOpen()) { - park(Net.POLLIN); - } else { - return null; - } - } - } - /** * Receives a datagram. * @@ -675,58 +621,30 @@ class DatagramChannelImpl bufLength = DatagramPackets.getBufLength(p); } - long startNanos = System.nanoTime(); - long remainingNanos = nanos; - SocketAddress sender = null; + boolean completed = false; try { SocketAddress remote = beginRead(true, false); boolean connected = (remote != null); - do { - ByteBuffer dst = tryBlockingReceive(connected, bufLength, remainingNanos); - + ByteBuffer dst = tryBlockingReceive(connected, bufLength, nanos); + if (dst != null) { // if datagram received then get sender and copy to DatagramPacket - if (dst != null) { - try { - // sender address is in socket address buffer - sender = sourceSocketAddress(); - - // check sender when security manager set and not connected - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null && !connected) { - InetSocketAddress isa = (InetSocketAddress) sender; - try { - sm.checkAccept(isa.getAddress().getHostAddress(), isa.getPort()); - } catch (SecurityException e) { - sender = null; - } - } - - if (sender != null) { - // copy bytes to the DatagramPacket, and set length and sender - synchronized (p) { - // re-read p.bufLength in case DatagramPacket changed - int len = Math.min(dst.limit(), DatagramPackets.getBufLength(p)); - dst.get(p.getData(), p.getOffset(), len); - DatagramPackets.setLength(p, len); - p.setSocketAddress(sender); - } - } else { - // need to retry, adjusting timeout if needed - if (nanos > 0) { - remainingNanos = nanos - (System.nanoTime() - startNanos); - if (remainingNanos <= 0) { - throw new SocketTimeoutException("Receive timed out"); - } - } - } - } finally { - Util.offerFirstTemporaryDirectBuffer(dst); + try { + SocketAddress sender = sourceSocketAddress(); + synchronized (p) { + // copy bytes to the DatagramPacket, and set length and sender. + // Need to re-read p.bufLength in case DatagramPacket changed + int len = Math.min(dst.limit(), DatagramPackets.getBufLength(p)); + dst.get(p.getData(), p.getOffset(), len); + DatagramPackets.setLength(p, len); + p.setSocketAddress(sender); } + } finally { + Util.offerFirstTemporaryDirectBuffer(dst); } - } while (sender == null && isOpen()); + completed = true; + } } finally { - endRead(true, (sender != null)); + endRead(true, completed); } } finally { readLock.unlock(); @@ -884,16 +802,7 @@ class DatagramChannelImpl completed = (n > 0); } else { // not connected - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); InetAddress ia = isa.getAddress(); - if (sm != null) { - if (ia.isMulticastAddress()) { - sm.checkMulticast(ia); - } else { - sm.checkConnect(ia.getHostAddress(), isa.getPort()); - } - } if (ia.isLinkLocalAddress()) isa = IPAddressUtil.toScopedAddress(isa); if (isa.getPort() == 0) @@ -1344,10 +1253,6 @@ class DatagramChannelImpl } else { isa = Net.checkAddress(local, family); } - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkListen(isa.getPort()); Net.bind(family, fd, isa.getAddress(), isa.getPort()); localAddress = Net.localAddress(fd); @@ -1373,17 +1278,6 @@ class DatagramChannelImpl */ DatagramChannel connect(SocketAddress sa, boolean check) throws IOException { InetSocketAddress isa = Net.checkAddress(sa, family); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - InetAddress ia = isa.getAddress(); - if (ia.isMulticastAddress()) { - sm.checkMulticast(ia); - } else { - sm.checkConnect(ia.getHostAddress(), isa.getPort()); - sm.checkAccept(ia.getHostAddress(), isa.getPort()); - } - } readLock.lock(); try { @@ -1589,17 +1483,13 @@ class DatagramChannelImpl /** * Defines static methods to access AbstractSelectableChannel non-public members. */ - @SuppressWarnings("removal") private static class AbstractSelectableChannels { private static final Method FOREACH; static { try { - PrivilegedExceptionAction pae = () -> { - Method m = AbstractSelectableChannel.class.getDeclaredMethod("forEach", Consumer.class); - m.setAccessible(true); - return m; - }; - FOREACH = AccessController.doPrivileged(pae); + Method m = AbstractSelectableChannel.class.getDeclaredMethod("forEach", Consumer.class); + m.setAccessible(true); + FOREACH = m; } catch (Exception e) { throw new InternalError(e); } @@ -1646,11 +1536,6 @@ class DatagramChannelImpl throw new IllegalArgumentException("Source address is different type to group"); } - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkMulticast(group); - synchronized (stateLock) { ensureOpen(); @@ -2051,10 +1936,7 @@ class DatagramChannelImpl private static final VarHandle BUF_LENGTH; static { try { - PrivilegedExceptionAction pa = () -> - MethodHandles.privateLookupIn(DatagramPacket.class, MethodHandles.lookup()); - @SuppressWarnings("removal") - MethodHandles.Lookup l = AccessController.doPrivileged(pa); + MethodHandles.Lookup l = MethodHandles.privateLookupIn(DatagramPacket.class, MethodHandles.lookup()); LENGTH = l.findVarHandle(DatagramPacket.class, "length", int.class); BUF_LENGTH = l.findVarHandle(DatagramPacket.class, "bufLength", int.class); } catch (Exception e) { diff --git a/src/java.base/share/classes/sun/nio/ch/DatagramSocketAdaptor.java b/src/java.base/share/classes/sun/nio/ch/DatagramSocketAdaptor.java index 324c481f8a8..6ea20ec6270 100644 --- a/src/java.base/share/classes/sun/nio/ch/DatagramSocketAdaptor.java +++ b/src/java.base/share/classes/sun/nio/ch/DatagramSocketAdaptor.java @@ -48,9 +48,6 @@ import java.nio.channels.ClosedChannelException; import java.nio.channels.ClosedByInterruptException; import java.nio.channels.DatagramChannel; import java.nio.channels.MembershipKey; -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.security.PrivilegedExceptionAction; import java.util.Objects; import java.util.Set; import java.util.concurrent.locks.ReentrantLock; @@ -167,24 +164,11 @@ public class DatagramSocketAdaptor @Override public SocketAddress getLocalSocketAddress() { - InetSocketAddress local = dc.localAddress(); - if (local == null || isClosed()) + if (isClosed()) { return null; - - InetAddress addr = local.getAddress(); - if (addr.isAnyLocalAddress()) - return local; - - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(addr.getHostAddress(), -1); - } catch (SecurityException x) { - return new InetSocketAddress(local.getPort()); - } + } else { + return dc.localAddress(); } - return local; } @Override @@ -223,17 +207,7 @@ public class DatagramSocketAdaptor InetSocketAddress local = dc.localAddress(); if (local == null) local = new InetSocketAddress(0); - InetAddress result = local.getAddress(); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - try { - sm.checkConnect(result.getHostAddress(), -1); - } catch (SecurityException x) { - return new InetSocketAddress(0).getAddress(); - } - } - return result; + return local.getAddress(); } @Override @@ -484,11 +458,6 @@ public class DatagramSocketAdaptor synchronized (this) { MembershipKey key = dc.findMembership(group, ni); if (key != null) { - // already a member but need to check permission anyway - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkMulticast(group); throw new SocketException("Already a member of group"); } dc.join(group, ni); // checks permission @@ -501,10 +470,6 @@ public class DatagramSocketAdaptor NetworkInterface ni = (netIf != null) ? netIf : defaultNetworkInterface(); if (isClosed()) throw new SocketException("Socket is closed"); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkMulticast(group); synchronized (this) { MembershipKey key = dc.findMembership(group, ni); if (key == null) @@ -541,12 +506,7 @@ public class DatagramSocketAdaptor return outgoingInetAddress; } else { // network interface has changed so update cached values - PrivilegedAction pa; - pa = () -> ni.inetAddresses().findFirst().orElse(null); - @SuppressWarnings("removal") - InetAddress ia = AccessController.doPrivileged(pa); - if (ia == null) - throw new SocketException("Network interface has no IP address"); + InetAddress ia = ni.inetAddresses().findFirst().orElse(null); outgoingNetworkInterface = ni; outgoingInetAddress = ia; return ia; @@ -660,10 +620,7 @@ public class DatagramSocketAdaptor static final MethodHandle CONSTRUCTOR; static { try { - PrivilegedExceptionAction pa = () -> - MethodHandles.privateLookupIn(NetworkInterface.class, MethodHandles.lookup()); - @SuppressWarnings("removal") - MethodHandles.Lookup l = AccessController.doPrivileged(pa); + Lookup l = MethodHandles.privateLookupIn(NetworkInterface.class, MethodHandles.lookup()); MethodType methodType = MethodType.methodType(NetworkInterface.class); GET_DEFAULT = l.findStatic(NetworkInterface.class, "getDefault", methodType); methodType = MethodType.methodType(void.class, String.class, int.class, InetAddress[].class); @@ -703,10 +660,7 @@ public class DatagramSocketAdaptor private static final SocketAddress NO_DELEGATE; static { try { - PrivilegedExceptionAction pa = () -> - MethodHandles.privateLookupIn(DatagramSocket.class, MethodHandles.lookup()); - @SuppressWarnings("removal") - MethodHandles.Lookup l = AccessController.doPrivileged(pa); + Lookup l = MethodHandles.privateLookupIn(DatagramSocket.class, MethodHandles.lookup()); var handle = l.findStaticVarHandle(DatagramSocket.class, "NO_DELEGATE", SocketAddress.class); NO_DELEGATE = (SocketAddress) handle.get(); } catch (Exception e) {