Merge
diff --git a/.hgtags b/.hgtags
index 3f22aaa..1fa70cd 100644
--- a/.hgtags
+++ b/.hgtags
@@ -389,6 +389,7 @@
d4453d784fb6c52e4ed998b167588551e2fd43c5 jdk8u40-b27
5a45234e0fc14ff943e13dc1f8966818acaeb4de jdk8u40-b31
d8ac13c5eafe422d3425dc1aebebfcdf8ca67e2d jdk8u40-b32
+c7fbbf6133c339fb56f03241de28666774023d5d jdk8u40-b33
1ecc234bd38950a2bc047aa253a5e803f0836a4e jdk8u45-b00
e0c7864bbca3f76cde680722f2ae58dff2bff61d jdk8u45-b01
9505c0392cddbfb905401e9fccc23262edc3254f jdk8u45-b02
@@ -563,3 +564,4 @@
0022766a3b8e40ab4df6a9b3732facd24ad3beb0 jdk8u76-b07
74aa3fb974fcb80a0981c1e91eae9b25174135c6 jdk8u76-b08
cbafa4c725f9d80fd369dd7979dd97682ae284e6 jdk8u76-b09
+f6cc9dbb5db5883385c91bb71ca02081220aaf3d jdk8u81-b00
diff --git a/src/share/classes/com/sun/jmx/remote/security/JMXSubjectDomainCombiner.java b/src/share/classes/com/sun/jmx/remote/security/JMXSubjectDomainCombiner.java
index 4961ac6..141a332 100644
--- a/src/share/classes/com/sun/jmx/remote/security/JMXSubjectDomainCombiner.java
+++ b/src/share/classes/com/sun/jmx/remote/security/JMXSubjectDomainCombiner.java
@@ -81,7 +81,7 @@
* A ProtectionDomain with a null CodeSource and an empty permission set.
*/
private static final ProtectionDomain pdNoPerms =
- new ProtectionDomain(nullCodeSource, new Permissions());
+ new ProtectionDomain(nullCodeSource, new Permissions(), null, null);
/**
* Get the current AccessControlContext combined with the supplied subject.
diff --git a/src/windows/classes/sun/nio/ch/PipeImpl.java b/src/windows/classes/sun/nio/ch/PipeImpl.java
index b86580d..d1052cf 100644
--- a/src/windows/classes/sun/nio/ch/PipeImpl.java
+++ b/src/windows/classes/sun/nio/ch/PipeImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,6 +37,7 @@
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.security.PrivilegedActionException;
+import java.security.SecureRandom;
import java.util.Random;
@@ -47,24 +48,16 @@
class PipeImpl
extends Pipe
{
+ // Number of bytes in the secret handshake.
+ private static final int NUM_SECRET_BYTES = 16;
+
+ // Random object for handshake values
+ private static final Random RANDOM_NUMBER_GENERATOR = new SecureRandom();
// Source and sink channels
private SourceChannel source;
private SinkChannel sink;
- // Random object for handshake values
- private static final Random rnd;
-
- static {
- byte[] someBytes = new byte[8];
- boolean resultOK = IOUtil.randomBytes(someBytes);
- if (resultOK) {
- rnd = new Random(ByteBuffer.wrap(someBytes).getLong());
- } else {
- rnd = new Random();
- }
- }
-
private class Initializer
implements PrivilegedExceptionAction<Void>
{
@@ -112,6 +105,10 @@
SocketChannel sc2 = null;
try {
+ // Create secret with a backing array.
+ ByteBuffer secret = ByteBuffer.allocate(NUM_SECRET_BYTES);
+ ByteBuffer bb = ByteBuffer.allocate(NUM_SECRET_BYTES);
+
// Loopback address
InetAddress lb = InetAddress.getByName("127.0.0.1");
assert(lb.isLoopbackAddress());
@@ -128,18 +125,22 @@
// Establish connection (assume connections are eagerly
// accepted)
sc1 = SocketChannel.open(sa);
- ByteBuffer bb = ByteBuffer.allocate(8);
- long secret = rnd.nextLong();
- bb.putLong(secret).flip();
- sc1.write(bb);
+ RANDOM_NUMBER_GENERATOR.nextBytes(secret.array());
+ do {
+ sc1.write(secret);
+ } while (secret.hasRemaining());
+ secret.rewind();
// Get a connection and verify it is legitimate
sc2 = ssc.accept();
- bb.clear();
- sc2.read(bb);
+ do {
+ sc2.read(bb);
+ } while (bb.hasRemaining());
bb.rewind();
- if (bb.getLong() == secret)
+
+ if (bb.equals(secret))
break;
+
sc2.close();
sc1.close();
}