/*
 * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.rmi.server;

import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectStreamClass;
import java.io.StreamCorruptedException;
import java.util.*;
import java.security.AccessControlException;
import java.security.Permission;
import java.rmi.server.RMIClassLoader;
import sun.misc.ObjectStreamClassValidator;
import sun.misc.SharedSecrets;

MarshalInputStream is an extension of ObjectInputStream. When resolving a class, it reads an object from the stream written by a corresponding MarshalOutputStream. If the class to be resolved is not available locally, from the first class loader on the execution stack, or from the context class loader of the current thread, it will attempt to load the class from the location annotated by the sending MarshalOutputStream. This location object must be a string representing a path of URLs. A new MarshalInputStream should be created to deserialize remote objects or graphs containing remote objects. Objects are created from the stream using the ObjectInputStream.readObject method.
Author: Peter Jones
/** * MarshalInputStream is an extension of ObjectInputStream. When resolving * a class, it reads an object from the stream written by a corresponding * MarshalOutputStream. If the class to be resolved is not available * locally, from the first class loader on the execution stack, or from the * context class loader of the current thread, it will attempt to load the * class from the location annotated by the sending MarshalOutputStream. * This location object must be a string representing a path of URLs. * * A new MarshalInputStream should be created to deserialize remote objects or * graphs containing remote objects. Objects are created from the stream * using the ObjectInputStream.readObject method. * * @author Peter Jones */
public class MarshalInputStream extends ObjectInputStream { interface StreamChecker extends ObjectStreamClassValidator { void checkProxyInterfaceNames(String[] ifaces); } private volatile StreamChecker streamChecker = null;
Value of "java.rmi.server.useCodebaseOnly" property, as cached at class initialization time. The default value is true. That is, the value is true if the property is absent or is not equal to "false". The value is only false when the property is present and is equal to "false".
/** * Value of "java.rmi.server.useCodebaseOnly" property, * as cached at class initialization time. * * The default value is true. That is, the value is true * if the property is absent or is not equal to "false". * The value is only false when the property is present * and is equal to "false". */
private static final boolean useCodebaseOnlyProperty = ! java.security.AccessController.doPrivileged( new sun.security.action.GetPropertyAction( "java.rmi.server.useCodebaseOnly", "true")) .equalsIgnoreCase("false");
table to hold sun classes to which access is explicitly permitted
/** table to hold sun classes to which access is explicitly permitted */
protected static Map<String, Class<?>> permittedSunClasses = new HashMap<String, Class<?>>(3);
if true, don't try superclass first in resolveClass()
/** if true, don't try superclass first in resolveClass() */
private boolean skipDefaultResolveClass = false;
callbacks to make when done() called: maps Object to Runnable
/** callbacks to make when done() called: maps Object to Runnable */
private final Map<Object, Runnable> doneCallbacks = new HashMap<Object, Runnable>(3);
if true, load classes (if not available locally) only from the URL specified by the "java.rmi.server.codebase" property.
/** * if true, load classes (if not available locally) only from the * URL specified by the "java.rmi.server.codebase" property. */
private boolean useCodebaseOnly = useCodebaseOnlyProperty; /* * Fix for 4179055: The remote object services inside the * activation daemon use stubs that are in the package * sun.rmi.server. Classes for these stubs should be loaded from * the classpath by RMI system code and not by the normal * unmarshalling process as applications should not need to have * permission to access the sun implementation classes. * * Note: this fix should be redone when API changes may be * integrated * * During parameter unmarshalling RMI needs to explicitly permit * access to three sun.* stub classes */ static { try { String system = "sun.rmi.server.Activation$ActivationSystemImpl_Stub"; String registry = "sun.rmi.registry.RegistryImpl_Stub"; permittedSunClasses.put(system, Class.forName(system)); permittedSunClasses.put(registry, Class.forName(registry)); } catch (ClassNotFoundException e) { throw new NoClassDefFoundError("Missing system class: " + e.getMessage()); } }
Load the "rmi" native library.
/** * Load the "rmi" native library. */
static { java.security.AccessController.doPrivileged( new sun.security.action.LoadLibraryAction("rmi")); }
Create a new MarshalInputStream object.
/** * Create a new MarshalInputStream object. */
public MarshalInputStream(InputStream in) throws IOException, StreamCorruptedException { super(in); }
Returns a callback previously registered via the setDoneCallback method with given key, or null if no callback has yet been registered with that key.
/** * Returns a callback previously registered via the setDoneCallback * method with given key, or null if no callback has yet been registered * with that key. */
public Runnable getDoneCallback(Object key) { return doneCallbacks.get(key); // not thread-safe }
Registers a callback to make when this stream's done() method is invoked, along with a key for retrieving the same callback instance subsequently from the getDoneCallback method.
/** * Registers a callback to make when this stream's done() method is * invoked, along with a key for retrieving the same callback instance * subsequently from the getDoneCallback method. */
public void setDoneCallback(Object key, Runnable callback) { //assert(!doneCallbacks.contains(key)); doneCallbacks.put(key, callback); // not thread-safe }
Indicates that the user of this MarshalInputStream is done reading objects from it, so all callbacks registered with the setDoneCallback method should now be (synchronously) executed. When this method returns, there are no more callbacks registered. This method is implicitly invoked by close() before it delegates to the superclass's close method.
/** * Indicates that the user of this MarshalInputStream is done reading * objects from it, so all callbacks registered with the setDoneCallback * method should now be (synchronously) executed. When this method * returns, there are no more callbacks registered. * * This method is implicitly invoked by close() before it delegates to * the superclass's close method. */
public void done() { Iterator<Runnable> iter = doneCallbacks.values().iterator(); while (iter.hasNext()) { // not thread-safe Runnable callback = iter.next(); callback.run(); } doneCallbacks.clear(); }
Closes this stream, implicitly invoking done() first.
/** * Closes this stream, implicitly invoking done() first. */
public void close() throws IOException { done(); super.close(); }
resolveClass is extended to acquire (if present) the location from which to load the specified class. It will find, load, and return the class.
/** * resolveClass is extended to acquire (if present) the location * from which to load the specified class. * It will find, load, and return the class. */
protected Class resolveClass(ObjectStreamClass classDesc) throws IOException, ClassNotFoundException { /* * Always read annotation written by MarshalOutputStream * describing where to load class from. */ Object annotation = readLocation(); String className = classDesc.getName(); /* * Unless we were told to skip this consideration, choose the * "default loader" to simulate the default ObjectInputStream * resolveClass mechanism (that is, choose the first non-null * loader on the execution stack) to maximize the likelihood of * type compatibility with calling code. (This consideration * is skipped during server parameter unmarshalling using the 1.2 * stub protocol, because there would never be a non-null class * loader on the stack in that situation anyway.) */ ClassLoader defaultLoader = skipDefaultResolveClass ? null : latestUserDefinedLoader(); /* * If the "java.rmi.server.useCodebaseOnly" property was true or * useCodebaseOnly() was called or the annotation is not a String, * load from the local loader using the "java.rmi.server.codebase" * URL. Otherwise, load from a loader using the codebase URL in * the annotation. */ String codebase = null; if (!useCodebaseOnly && annotation instanceof String) { codebase = (String) annotation; } try { return RMIClassLoader.loadClass(codebase, className, defaultLoader); } catch (AccessControlException e) { return checkSunClass(className, e); } catch (ClassNotFoundException e) { /* * Fix for 4442373: delegate to ObjectInputStream.resolveClass() * to resolve primitive classes. */ try { if (Character.isLowerCase(className.charAt(0)) && className.indexOf('.') == -1) { return super.resolveClass(classDesc); } } catch (ClassNotFoundException e2) { } throw e; } }
resolveProxyClass is extended to acquire (if present) the location to determine the class loader to define the proxy class in.
/** * resolveProxyClass is extended to acquire (if present) the location * to determine the class loader to define the proxy class in. */
protected Class resolveProxyClass(String[] interfaces) throws IOException, ClassNotFoundException { StreamChecker checker = streamChecker; if (checker != null) { checker.checkProxyInterfaceNames(interfaces); } /* * Always read annotation written by MarshalOutputStream. */ Object annotation = readLocation(); ClassLoader defaultLoader = skipDefaultResolveClass ? null : latestUserDefinedLoader(); String codebase = null; if (!useCodebaseOnly && annotation instanceof String) { codebase = (String) annotation; } return RMIClassLoader.loadProxyClass(codebase, interfaces, defaultLoader); } /* * Returns first non-privileged class loader on the stack (excluding * reflection generated frames) or the extension class loader if only * class loaded by the boot class loader and extension class loader are * found on the stack. */ private static ClassLoader latestUserDefinedLoader() { return sun.misc.VM.latestUserDefinedLoader(); }
Fix for 4179055: Need to assist resolving sun stubs; resolve class locally if it is a "permitted" sun class
/** * Fix for 4179055: Need to assist resolving sun stubs; resolve * class locally if it is a "permitted" sun class */
private Class checkSunClass(String className, AccessControlException e) throws AccessControlException { // ensure that we are giving out a stub for the correct reason Permission perm = e.getPermission(); String name = null; if (perm != null) { name = perm.getName(); } Class<?> resolvedClass = permittedSunClasses.get(className); // if class not permitted, throw the SecurityException if ((name == null) || (resolvedClass == null) || ((!name.equals("accessClassInPackage.sun.rmi.server")) && (!name.equals("accessClassInPackage.sun.rmi.registry")))) { throw e; } return resolvedClass; }
Return the location for the class in the stream. This method can be overridden by subclasses that store this annotation somewhere else than as the next object in the stream, as is done by this class.
/** * Return the location for the class in the stream. This method can * be overridden by subclasses that store this annotation somewhere * else than as the next object in the stream, as is done by this class. */
protected Object readLocation() throws IOException, ClassNotFoundException { return readObject(); }
Set a flag to indicate that the superclass's default resolveClass() implementation should not be invoked by our resolveClass().
/** * Set a flag to indicate that the superclass's default resolveClass() * implementation should not be invoked by our resolveClass(). */
void skipDefaultResolveClass() { skipDefaultResolveClass = true; }
Disable code downloading except from the URL specified by the "java.rmi.server.codebase" property.
/** * Disable code downloading except from the URL specified by the * "java.rmi.server.codebase" property. */
void useCodebaseOnly() { useCodebaseOnly = true; } synchronized void setStreamChecker(StreamChecker checker) { streamChecker = checker; SharedSecrets.getJavaObjectInputStreamAccess().setValidator(this, checker); } @Override protected ObjectStreamClass readClassDescriptor() throws IOException, ClassNotFoundException { ObjectStreamClass descriptor = super.readClassDescriptor(); validateDesc(descriptor); return descriptor; } private void validateDesc(ObjectStreamClass descriptor) { StreamChecker checker; synchronized (this) { checker = streamChecker; } if (checker != null) { checker.validateDescriptor(descriptor); } } }