Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8232385

(dc) Clarify implicit bind behavior of DatagramChannel

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P4
    • Resolution: Approved
    • Fix Version/s: 14
    • Component/s: core-libs
    • Labels:
    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Compatibility Risk Description:
      This is a doc change only to clarify in which cases a SecurityException might be thrown.
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      The DatagramChannel connect, send, and receive methods may implicitly bind the channel, if not already bound. If a security manager has been installed and its checkListen method denies the operation, a SecurityException will be thrown. This behaviour is not described in the javadoc.

      Problem

      The current spec of DatagramChannel connect, receive, and send methods do not list all the cases in which a SecurityException might be thrown. In particular, the fact that a permission check is performed in case an implicit bind occurs is not documented. In practice, an implicit bind operation is unlikely to fail as binding using port 0 is part of the permissions granted by default. However the case may arise if a custom security manager overriding the SecurityManager::checkListen method has been installed.

      Solution

      Update the spec to make it clear that SecurityException can be thrown if a security manager's checkListen call denies the operation.

      Specification

      DatagramChannel::connect

            * @throws  SecurityException
      -     *          If a security manager has been installed
      -     *          and it does not permit access to the given remote address
      +     *          If a security manager has been installed and it does not
      +     *          permit access to the given remote address, or if unbound,
      +     *          the security manager {@link SecurityManager#checkListen checkListen}
      +     *          method denies the operation
            *
            * @throws  IOException
            *          If some other I/O error occurs
            */
           public abstract DatagramChannel connect(SocketAddress remote)

      DatagramChannel::receive

      +     * @throws  SecurityException
      +     *          If unbound, and a security manager has been installed and
      +     *          its {@link SecurityManager#checkListen checkListen} method
      +     *          denies the operation
      +     *
            * @throws  IOException
            *          If some other I/O error occurs
            */
           public abstract SocketAddress receive(ByteBuffer dst) throws IOException;

      DatagramChannel::send

            * @throws  SecurityException
      -     *          If a security manager has been installed
      -     *          and it does not permit datagrams to be sent
      -     *          to the given address
      +     *          If a security manager has been installed and it does not permit
      +     *          datagrams to be sent to the given address, or if unbound, and
      +     *          the security manager's {@link SecurityManager#checkListen checkListen}
      +     *          method denies the operation
            *
            * @throws  IOException
            *          If some other I/O error occurs
            */
           public abstract int send(ByteBuffer src, SocketAddress target)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              pconcannon Patrick Concannon
              Reporter:
              chegar Chris Hegarty
              Reviewed By:
              Alan Bateman, Chris Hegarty, Daniel Fuchs
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: