[cp-patches] RFC: Rewritten java.net.SocketPermission

[Gary Benson]

Hi all,

I've been writing Mauve tests to try and figure out what the patch on
PR classpath/24708 is all about and I figured it made things a little
neater but didn't go nearly far enough.  I gave up trying to rescue
bits of it after a while and just wrote chunks of it from scratch.
It's my first major patch so I thought I'd pass it for review before
committing.

The changes I made are as follows:

 * The current implementation does all its parsing in the implies
   method.  This is inefficient for instances that are part of the
   security policy, and it means that any parse exceptions are thrown
   at the wrong time.  My patch solves these two problems by moving
   all parsing into methods called by the constructor.

 * The parser for the constructor's hostport argument is completely
   new.  Improvements over the current implementation are that it can
   handle IPv6 addresses and that it checks its arguments and throws
   IllegalArgumentExceptions where appropriate.  This mitigates the
   risk of misconfigurations in security policy files becoming
   exploitable.

 * The actions handling stuff is also completely new, replacing the
   current string-based one with one based on bitmasks.  It too checks
   its arguments.

The new patch does not check the host part of the hostport argument
very much, and the host checking in implies() has not been touched.
That's my next project :)

Questions I have:

  * Should I make things transient?

  * Is hashcode() ok?

  * What should I put in the ChangeLog?  There's so many changes it's
    hard to see how I'd break them down per-method.

I'll be committing the Mauve tests shortly.

Cheers,
Gary

patch
Description: Text document