1 files changed, 408 insertions, 0 deletions
diff --git a/libjava/classpath/java/net/SocketPermission.java b/libjava/classpath/java/net/SocketPermission.java
new file mode 100644
index 0000000..8ccd01b
--- /dev/null
+++ b/libjava/classpath/java/net/SocketPermission.java
@@ -0,0 +1,408 @@
+/* SocketPermission.java -- Class modeling permissions for socket operations
+   Copyright (C) 1998, 2000, 2001, 2002, 2004  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package java.net;
+
+import java.io.Serializable;
+import java.security.Permission;
+import java.security.PermissionCollection;
+
+
+/**
+ * This class models a specific set of permssions for connecting to a
+ * host.  There are two elements to this, the host/port combination and
+ * the permission list.
+ * <p>
+ * The host/port combination is specified as followed
+ * <p>
+ * <pre>
+ * hostname[:[-]port[-[port]]]
+ * </pre>
+ * <p>
+ * The hostname portion can be either a hostname or IP address.  If it is
+ * a hostname, a wildcard is allowed in hostnames.  This wildcard is a "*"
+ * and matches one or more characters.  Only one "*" may appear in the
+ * host and it must be the leftmost character.  For example,
+ * "*.urbanophile.com" matches all hosts in the "urbanophile.com" domain.
+ * <p>
+ * The port portion can be either a single value, or a range of values
+ * treated as inclusive.  The first or the last port value in the range
+ * can be omitted in which case either the minimum or maximum legal
+ * value for a port (respectively) is used by default.  Here are some
+ * examples:
+ * <p><ul>
+ * <li>8080 - Represents port 8080 only</li>
+ * <li>2000-3000 - Represents ports 2000 through 3000 inclusive</li>
+ * <li>-4000 - Represents ports 0 through 4000 inclusive</li>
+ * <li>1024- - Represents ports 1024 through 65535 inclusive</li>
+ * </ul><p>
+ * The permission list is a comma separated list of individual permissions.
+ * These individual permissions are:
+ * <p>
+ * <pre>
+ * accept
+ * connect
+ * listen
+ * resolve
+ * </pre>
+ * <p>
+ * The "listen" permission is only relevant if the host is localhost.  If
+ * any permission at all is specified, then resolve permission is implied to
+ * exist.
+ * <p>
+ * Here are a variety of examples of how to create SocketPermission's
+ * <p><pre>
+ * SocketPermission("www.urbanophile.com", "connect");
+ *   Can connect to any port on www.urbanophile.com
+ * SocketPermission("www.urbanophile.com:80", "connect,accept");
+ *   Can connect to or accept connections from www.urbanophile.com on port 80
+ * SocketPermission("localhost:1024-", "listen,accept,connect");
+ *   Can connect to, accept from, an listen on any local port number 1024
+ *   and up.
+ * SocketPermission("*.edu", "connect");
+ *   Can connect to any host in the edu domain
+ * SocketPermission("197.197.20.1", "accept");
+ *   Can accept connections from 197.197.20.1
+ * </pre><p>
+ *
+ * This class also supports IPv6 addresses.  These should be specified
+ * in either RFC 2732 format or in full uncompressed form.
+ *
+ * @since 1.2
+ *
+ * @author Aaron M. Renn (arenn@urbanophile.com)
+ */
+public final class SocketPermission extends Permission implements Serializable
+{
+  static final long serialVersionUID = -7204263841984476862L;
+
+// FIXME: Needs serialization work, including readObject/writeObject methods.
+
+  /**
+   * A hostname/port combination as described above
+   */
+  private transient String hostport;
+
+  /**
+   * A comma separated list of actions for which we have permission
+   */
+  private String actions;
+
+  /**
+   * Initializes a new instance of <code>SocketPermission</code> with the
+   * specified host/port combination and actions string.
+   *
+   * @param hostport The hostname/port number combination
+   * @param actions The actions string
+   */
+  public SocketPermission(String hostport, String actions)
+  {
+    super(hostport);
+
+    this.hostport = hostport;
+    this.actions = actions;
+  }
+
+  /**
+   * Tests this object for equality against another.  This will be true if
+   * and only if the passed object is an instance of
+   * <code>SocketPermission</code> and both its hostname/port combination
+   * and permissions string are identical.
+   *
+   * @param obj The object to test against for equality
+   *
+   * @return <code>true</code> if object is equal to this object,
+   *         <code>false</code> otherwise.
+   */
+  public boolean equals(Object obj)
+  {
+    if (! (obj instanceof SocketPermission))
+      return false;
+
+    if (((SocketPermission) obj).hostport.equals(hostport))
+      if (((SocketPermission) obj).actions.equals(actions))
+	return true;
+
+    return false;
+  }
+
+  /**
+   * Returns a hash code value for this object.  Overrides the
+   * <code>Permission.hashCode()</code>.
+   *
+   * @return A hash code
+   */
+  public int hashCode()
+  {
+    int hash = 100;
+    if (hostport != null)
+      hash += hostport.hashCode();
+    if (actions != null)
+      hash += actions.hashCode();
+    return hash;
+  }
+
+  /**
+   * Returns the list of permission actions in this object in canonical
+   * order.  The canonical order is "connect,listen,accept,resolve"
+   *
+   * @return The permitted action string.
+   */
+  public String getActions()
+  {
+    boolean found = false;
+    StringBuffer sb = new StringBuffer("");
+
+    if (actions.indexOf("connect") != -1)
+      {
+	sb.append("connect");
+	found = true;
+      }
+
+    if (actions.indexOf("listen") != -1)
+      if (found)
+	sb.append(",listen");
+      else
+        {
+	  sb.append("listen");
+	  found = true;
+        }
+
+    if (actions.indexOf("accept") != -1)
+      if (found)
+	sb.append(",accept");
+      else
+        {
+	  sb.append("accept");
+	  found = true;
+        }
+
+    if (found)
+      sb.append(",resolve");
+    else if (actions.indexOf("resolve") != -1)
+      sb.append("resolve");
+
+    return sb.toString();
+  }
+
+  /**
+   * Returns a new <code>PermissionCollection</code> object that can hold
+   * <code>SocketPermission</code>'s.
+   *
+   * @return A new <code>PermissionCollection</code>.
+   */
+  public PermissionCollection newPermissionCollection()
+  {
+    // FIXME: Implement
+
+    return null;
+  }
+
+  /**
+   * Returns true if the permission object passed it is implied by the
+   * this permission.  This will be true if:
+   * 
+   * <ul>
+   * <li>The argument is of type <code>SocketPermission</code></li>
+   * <li>The actions list of the argument are in this object's actions</li>
+   * <li>The port range of the argument is within this objects port range</li>
+   * <li>The hostname is equal to or a subset of this objects hostname</li>
+   * </ul>
+   *
+   * <p>The argument's hostname will be a subset of this object's hostname if:</p>
+   * 
+   * <ul>
+   * <li>The argument's hostname or IP address is equal to this object's.</li>
+   * <li>The argument's canonical hostname is equal to this object's.</li>
+   * <li>The argument's canonical name matches this domains hostname with
+   * wildcards</li>
+   * </ul>
+   *
+   * @param perm The <code>Permission</code> to check against
+   *
+   * @return <code>true</code> if the <code>Permission</code> is implied by
+   * this object, <code>false</code> otherwise.
+   */
+  public boolean implies(Permission perm)
+  {
+    SocketPermission p;
+
+    // First make sure we are the right object type
+    if (perm instanceof SocketPermission)
+      p = (SocketPermission) perm;
+    else
+      return false;
+
+    // Next check the actions
+    String ourlist = getActions();
+    String theirlist = p.getActions();
+
+    if (! ourlist.startsWith(theirlist))
+      return false;
+
+    // Now check ports
+    int ourfirstport = 0;
+
+    // Now check ports
+    int ourlastport = 0;
+
+    // Now check ports
+    int theirfirstport = 0;
+
+    // Now check ports
+    int theirlastport = 0;
+
+    // Get ours
+    if (hostport.indexOf(":") == -1)
+      {
+	ourfirstport = 0;
+	ourlastport = 65535;
+      }
+    else
+      {
+	// FIXME:  Needs bulletproofing.
+	// This will dump if hostport if all sorts of bad data was passed to
+	// the constructor
+	String range = hostport.substring(hostport.indexOf(":") + 1);
+	if (range.startsWith("-"))
+	  ourfirstport = 0;
+	else if (range.indexOf("-") == -1)
+	  ourfirstport = Integer.parseInt(range);
+	else
+	  ourfirstport =
+	    Integer.parseInt(range.substring(0, range.indexOf("-")));
+
+	if (range.endsWith("-"))
+	  ourlastport = 65535;
+	else if (range.indexOf("-") == -1)
+	  ourlastport = Integer.parseInt(range);
+	else
+	  ourlastport =
+	    Integer.parseInt(range.substring(range.indexOf("-") + 1,
+	                                     range.length()));
+      }
+
+    // Get theirs
+    if (p.hostport.indexOf(":") == -1)
+      {
+	theirfirstport = 0;
+	ourlastport = 65535;
+      }
+    else
+      {
+	// This will dump if hostport if all sorts of bad data was passed to
+	// the constructor
+	String range = p.hostport.substring(hostport.indexOf(":") + 1);
+	if (range.startsWith("-"))
+	  theirfirstport = 0;
+	else if (range.indexOf("-") == -1)
+	  theirfirstport = Integer.parseInt(range);
+	else
+	  theirfirstport =
+	    Integer.parseInt(range.substring(0, range.indexOf("-")));
+
+	if (range.endsWith("-"))
+	  theirlastport = 65535;
+	else if (range.indexOf("-") == -1)
+	  theirlastport = Integer.parseInt(range);
+	else
+	  theirlastport =
+	    Integer.parseInt(range.substring(range.indexOf("-") + 1,
+	                                     range.length()));
+      }
+
+    // Now check them
+    if ((theirfirstport < ourfirstport) || (theirlastport > ourlastport))
+      return false;
+
+    // Finally we can check the hosts
+    String ourhost;
+
+    // Finally we can check the hosts
+    String theirhost;
+
+    // Get ours
+    if (hostport.indexOf(":") == -1)
+      ourhost = hostport;
+    else
+      ourhost = hostport.substring(0, hostport.indexOf(":"));
+
+    // Get theirs
+    if (p.hostport.indexOf(":") == -1)
+      theirhost = p.hostport;
+    else
+      theirhost = p.hostport.substring(0, p.hostport.indexOf(":"));
+
+    // Are they equal?
+    if (ourhost.equals(theirhost))
+      return true;
+
+    // Try the canonical names
+    String ourcanonical = null;
+
+    // Try the canonical names
+    String theircanonical = null;
+    try
+      {
+	ourcanonical = InetAddress.getByName(ourhost).getHostName();
+	theircanonical = InetAddress.getByName(theirhost).getHostName();
+      }
+    catch (UnknownHostException e)
+      {
+	// Who didn't resolve?  Just assume current address is canonical enough
+	// Is this ok to do?
+	if (ourcanonical == null)
+	  ourcanonical = ourhost;
+	if (theircanonical == null)
+	  theircanonical = theirhost;
+      }
+
+    if (ourcanonical.equals(theircanonical))
+      return true;
+
+    // Well, last chance.  Try for a wildcard
+    if (ourhost.indexOf("*.") != -1)
+      {
+	String wild_domain = ourhost.substring(ourhost.indexOf("*" + 1));
+	if (theircanonical.endsWith(wild_domain))
+	  return true;
+      }
+
+    // Didn't make it
+    return false;
+  }
+}