source: trunk/gcc/libjava/java/net/SocketPermission.java

Last change on this file was 1392, checked in by bird, 21 years ago

This commit was generated by cvs2svn to compensate for changes in r1391,
which included commits to RCS files with non-trunk default branches.
  • Property cvs2svn:cvs-rev set to 1.1.1.2
  • Property svn:eol-style set to native
  • Property svn:executable set to *
File size: 11.9 KB
Line 
1/* SocketPermission.java -- Class modeling permissions for socket operations
2 Copyright (C) 1998, 2000, 2001, 2002 Free Software Foundation, Inc.
3
4This file is part of GNU Classpath.
5
6GNU Classpath is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published by
8the Free Software Foundation; either version 2, or (at your option)
9any later version.
10
11GNU Classpath is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Classpath; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
1902111-1307 USA.
20
21Linking this library statically or dynamically with other modules is
22making a combined work based on this library. Thus, the terms and
23conditions of the GNU General Public License cover the whole
24combination.
25
26As a special exception, the copyright holders of this library give you
27permission to link this library with independent modules to produce an
28executable, regardless of the license terms of these independent
29modules, and to copy and distribute the resulting executable under
30terms of your choice, provided that you also meet, for each linked
31independent module, the terms and conditions of the license of that
32module. An independent module is a module which is not derived from
33or based on this library. If you modify this library, you may extend
34this exception to your version of the library, but you are not
35obligated to do so. If you do not wish to do so, delete this
36exception statement from your version. */
37
38package java.net;
39
40import java.io.Serializable;
41import java.security.Permission;
42import java.security.PermissionCollection;
43
44/**
45 * This class models a specific set of permssions for connecting to a
46 * host. There are two elements to this, the host/port combination and
47 * the permission list.
48 * <p>
49 * The host/port combination is specified as followed
50 * <p>
51 * <pre>
52 * hostname[:[-]port[-[port]]]
53 * </pre>
54 * <p>
55 * The hostname portion can be either a hostname or IP address. If it is
56 * a hostname, a wildcard is allowed in hostnames. This wildcard is a "*"
57 * and matches one or more characters. Only one "*" may appear in the
58 * host and it must be the leftmost character. For example,
59 * "*.urbanophile.com" matches all hosts in the "urbanophile.com" domain.
60 * <p>
61 * The port portion can be either a single value, or a range of values
62 * treated as inclusive. The first or the last port value in the range
63 * can be omitted in which case either the minimum or maximum legal
64 * value for a port (respectively) is used by default. Here are some
65 * examples:
66 * <p><ul>
67 * <li>8080 - Represents port 8080 only
68 * <li>2000-3000 - Represents ports 2000 through 3000 inclusive
69 * <li>-4000 - Represents ports 0 through 4000 inclusive
70 * <li>1024- - Represents ports 1024 through 65535 inclusive
71 * </ul><p>
72 * The permission list is a comma separated list of individual permissions.
73 * These individual permissions are:
74 * <p>
75 * accept<br>
76 * connect<br>
77 * listen<br>
78 * resolve<br>
79 * <p>
80 * The "listen" permission is only relevant if the host is localhost. If
81 * any permission at all is specified, then resolve permission is implied to
82 * exist.
83 * <p>
84 * Here are a variety of examples of how to create SocketPermission's
85 * <p><pre>
86 * SocketPermission("www.urbanophile.com", "connect");
87 * Can connect to any port on www.urbanophile.com
88 * SocketPermission("www.urbanophile.com:80", "connect,accept");
89 * Can connect to or accept connections from www.urbanophile.com on port 80
90 * SocketPermission("localhost:1024-", "listen,accept,connect");
91 * Can connect to, accept from, an listen on any local port number 1024
92 * and up.
93 * SocketPermission("*.edu", "connect");
94 * Can connect to any host in the edu domain
95 * SocketPermission("197.197.20.1", "accept");
96 * Can accept connections from 197.197.20.1
97 * </pre><p>
98 *
99 * @since 1.2
100 *
101 * @author Aaron M. Renn (arenn@urbanophile.com)
102 */
103public final class SocketPermission extends Permission
104 implements Serializable
105{
106 static final long serialVersionUID = -7204263841984476862L;
107
108// FIXME: Needs serialization work, including readObject/writeObject methods.
109 /**
110 * A hostname/port combination as described above
111 */
112 private transient String hostport;
113
114 /**
115 * A comma separated list of actions for which we have permission
116 */
117 private String actions;
118
119 /**
120 * Initializes a new instance of <code>SocketPermission</code> with the
121 * specified host/port combination and actions string.
122 *
123 * @param hostport The hostname/port number combination
124 * @param actions The actions string
125 */
126 public SocketPermission(String hostport, String actions)
127 {
128 super(hostport);
129
130 this.hostport = hostport;
131 this.actions = actions;
132 }
133
134 /**
135 * Tests this object for equality against another. This will be true if
136 * and only if the passed object is an instance of
137 * <code>SocketPermission</code> and both its hostname/port combination
138 * and permissions string are identical.
139 *
140 * @param obj The object to test against for equality
141 *
142 * @return <code>true</code> if object is equal to this object,
143 * <code>false</code> otherwise.
144 */
145 public boolean equals(Object obj)
146 {
147 if (obj == null)
148 return (false);
149
150 if (!(obj instanceof SocketPermission))
151 return (false);
152
153 if (((SocketPermission) obj).hostport.equals(hostport))
154 if (((SocketPermission) obj).actions.equals(actions))
155 return (true);
156
157 return (false);
158 }
159
160 /**
161 * Returns a hash code value for this object. Overrides the
162 * Permission.hashCode()
163 *
164 * @return A hash code
165 */
166 public int hashCode()
167 {
168 int hash = 100;
169 if (hostport != null)
170 hash += hostport.hashCode();
171 if (actions != null)
172 hash += actions.hashCode();
173 return hash;
174 }
175
176 /**
177 * Returns the list of permission actions in this object in canonical
178 * order. The canonical order is "connect,listen,accept,resolve"
179 *
180 * @return The permitted action string.
181 */
182 public String getActions()
183 {
184 boolean found = false;
185 StringBuffer sb = new StringBuffer("");
186
187 if (actions.indexOf("connect") != -1)
188 {
189 sb.append("connect");
190 found = true;
191 }
192
193 if (actions.indexOf("listen") != -1)
194 if (found)
195 sb.append(",listen");
196 else
197 {
198 sb.append("listen");
199 found = true;
200 }
201
202 if (actions.indexOf("accept") != -1)
203 if (found)
204 sb.append(",accept");
205 else
206 {
207 sb.append("accept");
208 found = true;
209 }
210
211 if (found)
212 sb.append(",resolve");
213 else if (actions.indexOf("resolve") != -1)
214 sb.append("resolve");
215
216 return (sb.toString());
217 }
218
219 /**
220 * Returns a new <code>PermissionCollection</code> object that can hold
221 * <code>SocketPermission</code>'s.
222 *
223 * @return A new <code>PermissionCollection</code>.
224 */
225 public PermissionCollection newPermissionCollection()
226 {
227 // FIXME: Implement
228
229 return (null);
230 }
231
232 /**
233 * Returns true if the permission object passed it is implied by the
234 * this permission. This will be true if
235 * <p><ul>
236 * <li>The argument is of type SocketPermission
237 * <li>The actions list of the argument are in this object's actions
238 * <li>The port range of the argument is within this objects port range
239 * <li>The hostname is equal to or a subset of this objects hostname
240 * </ul>
241 * <p>
242 * The argument's hostname will be a subset of this object's hostname if:
243 * <p><ul>
244 * <li>The argument's hostname or IP address is equal to this object's.
245 * <li>The argument's canonical hostname is equal to this object's.
246 * <li>The argument's canonical name matches this domains hostname with
247 * wildcards
248 * </ul>
249 *
250 * @param perm The Permission to check against
251 *
252 * @return <code>true</code> if the <code>Permission</code> is implied by
253 * this object, <code>false</code> otherwise.
254 */
255 public boolean implies(Permission perm)
256 {
257 SocketPermission p;
258
259 // First make sure we are the right object type
260 if (perm instanceof SocketPermission)
261 p = (SocketPermission) perm;
262 else
263 return (false);
264
265 // Next check the actions
266 String ourlist = getActions();
267 String theirlist = p.getActions();
268
269 if (!ourlist.startsWith(theirlist))
270 return (false);
271
272 // Now check ports
273 int ourfirstport = 0, ourlastport = 0, theirfirstport = 0, theirlastport =
274 0;
275
276 // Get ours
277 if (hostport.indexOf(":") == -1)
278 {
279 ourfirstport = 0;
280 ourlastport = 65535;
281 }
282 else
283 {
284 // FIXME: Needs bulletproofing.
285 // This will dump if hostport if all sorts of bad data was passed to
286 // the constructor
287 String range = hostport.substring(hostport.indexOf(":") + 1);
288 if (range.startsWith("-"))
289 ourfirstport = 0;
290 else if (range.indexOf("-") == -1)
291 ourfirstport = Integer.parseInt(range);
292 else
293 ourfirstport =
294 Integer.parseInt(range.substring(0, range.indexOf("-")));
295
296 if (range.endsWith("-"))
297 ourlastport = 65535;
298 else if (range.indexOf("-") == -1)
299 ourlastport = Integer.parseInt(range);
300 else
301 ourlastport =
302 Integer.parseInt(range.
303 substring(range.indexOf("-") + 1,
304 range.length()));
305 }
306
307 // Get theirs
308 if (p.hostport.indexOf(":") == -1)
309 {
310 theirfirstport = 0;
311 ourlastport = 65535;
312 }
313 else
314 {
315 // This will dump if hostport if all sorts of bad data was passed to
316 // the constructor
317 String range = p.hostport.substring(hostport.indexOf(":") + 1);
318 if (range.startsWith("-"))
319 theirfirstport = 0;
320 else if (range.indexOf("-") == -1)
321 theirfirstport = Integer.parseInt(range);
322 else
323 theirfirstport =
324 Integer.parseInt(range.substring(0, range.indexOf("-")));
325
326 if (range.endsWith("-"))
327 theirlastport = 65535;
328 else if (range.indexOf("-") == -1)
329 theirlastport = Integer.parseInt(range);
330 else
331 theirlastport =
332 Integer.parseInt(range.
333 substring(range.indexOf("-") + 1,
334 range.length()));
335 }
336
337 // Now check them
338 if ((theirfirstport < ourfirstport) || (theirlastport > ourlastport))
339 return (false);
340
341 // Finally we can check the hosts
342 String ourhost, theirhost;
343
344 // Get ours
345 if (hostport.indexOf(":") == -1)
346 ourhost = hostport;
347 else
348 ourhost = hostport.substring(0, hostport.indexOf(":"));
349
350 // Get theirs
351 if (p.hostport.indexOf(":") == -1)
352 theirhost = p.hostport;
353 else
354 theirhost = p.hostport.substring(0, p.hostport.indexOf(":"));
355
356 // Are they equal?
357 if (ourhost.equals(theirhost))
358 return (true);
359
360 // Try the canonical names
361 String ourcanonical = null, theircanonical = null;
362 try
363 {
364 ourcanonical = InetAddress.getByName(ourhost).getHostName();
365 theircanonical = InetAddress.getByName(theirhost).getHostName();
366 }
367 catch (UnknownHostException e)
368 {
369 // Who didn't resolve? Just assume current address is canonical enough
370 // Is this ok to do?
371 if (ourcanonical == null)
372 ourcanonical = ourhost;
373 if (theircanonical == null)
374 theircanonical = theirhost;
375 }
376
377 if (ourcanonical.equals(theircanonical))
378 return (true);
379
380 // Well, last chance. Try for a wildcard
381 if (ourhost.indexOf("*.") != -1)
382 {
383 String wild_domain = ourhost.substring(ourhost.indexOf("*" + 1));
384 if (theircanonical.endsWith(wild_domain))
385 return (true);
386 }
387
388 // Didn't make it
389 return (false);
390 }
391}
Note: See TracBrowser for help on using the repository browser.