Path: blob/master/src/java.base/share/classes/sun/net/InetAddressCachePolicy.java
41152 views
/*1* Copyright (c) 1998, 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.net;2627import java.security.PrivilegedAction;28import java.security.Security;2930@SuppressWarnings("removal")31public final class InetAddressCachePolicy {3233// Controls the cache policy for successful lookups only34private static final String cachePolicyProp = "networkaddress.cache.ttl";35private static final String cachePolicyPropFallback =36"sun.net.inetaddr.ttl";3738// Controls the cache policy for negative lookups only39private static final String negativeCachePolicyProp =40"networkaddress.cache.negative.ttl";41private static final String negativeCachePolicyPropFallback =42"sun.net.inetaddr.negative.ttl";4344public static final int FOREVER = -1;45public static final int NEVER = 0;4647/* default value for positive lookups */48public static final int DEFAULT_POSITIVE = 30;4950/* The Java-level namelookup cache policy for successful lookups:51*52* -1: caching forever53* any positive value: the number of seconds to cache an address for54*55* default value is forever (FOREVER), as we let the platform do the56* caching. For security reasons, this caching is made forever when57* a security manager is set.58*/59private static volatile int cachePolicy = FOREVER;6061/* The Java-level namelookup cache policy for negative lookups:62*63* -1: caching forever64* any positive value: the number of seconds to cache an address for65*66* default value is 0. It can be set to some other value for67* performance reasons.68*/69private static volatile int negativeCachePolicy = NEVER;7071/*72* Whether or not the cache policy for successful lookups was set73* using a property (cmd line).74*/75private static boolean propertySet;7677/*78* Whether or not the cache policy for negative lookups was set79* using a property (cmd line).80*/81private static boolean propertyNegativeSet;8283/*84* Initialize85*/86static {8788Integer tmp = java.security.AccessController.doPrivileged(89new PrivilegedAction<Integer>() {90public Integer run() {91try {92String tmpString = Security.getProperty(cachePolicyProp);93if (tmpString != null) {94return Integer.valueOf(tmpString);95}96} catch (NumberFormatException ignored) {97// Ignore98}99100try {101String tmpString = System.getProperty(cachePolicyPropFallback);102if (tmpString != null) {103return Integer.decode(tmpString);104}105} catch (NumberFormatException ignored) {106// Ignore107}108return null;109}110});111112if (tmp != null) {113cachePolicy = tmp < 0 ? FOREVER : tmp;114propertySet = true;115} else {116/* No properties defined for positive caching. If there is no117* security manager then use the default positive cache value.118*/119if (System.getSecurityManager() == null) {120cachePolicy = DEFAULT_POSITIVE;121}122}123tmp = java.security.AccessController.doPrivileged (124new PrivilegedAction<Integer>() {125public Integer run() {126try {127String tmpString = Security.getProperty(negativeCachePolicyProp);128if (tmpString != null) {129return Integer.valueOf(tmpString);130}131} catch (NumberFormatException ignored) {132// Ignore133}134135try {136String tmpString = System.getProperty(negativeCachePolicyPropFallback);137if (tmpString != null) {138return Integer.decode(tmpString);139}140} catch (NumberFormatException ignored) {141// Ignore142}143return null;144}145});146147if (tmp != null) {148negativeCachePolicy = tmp < 0 ? FOREVER : tmp;149propertyNegativeSet = true;150}151}152153public static int get() {154return cachePolicy;155}156157public static int getNegative() {158return negativeCachePolicy;159}160161/**162* Sets the cache policy for successful lookups if the user has not163* already specified a cache policy for it using a164* command-property.165* @param newPolicy the value in seconds for how long the lookup166* should be cached167*/168public static synchronized void setIfNotSet(int newPolicy) {169/*170* When setting the new value we may want to signal that the171* cache should be flushed, though this doesn't seem strictly172* necessary.173*/174if (!propertySet) {175checkValue(newPolicy, cachePolicy);176cachePolicy = newPolicy;177}178}179180/**181* Sets the cache policy for negative lookups if the user has not182* already specified a cache policy for it using a183* command-property.184* @param newPolicy the value in seconds for how long the lookup185* should be cached186*/187public static void setNegativeIfNotSet(int newPolicy) {188/*189* When setting the new value we may want to signal that the190* cache should be flushed, though this doesn't seem strictly191* necessary.192*/193if (!propertyNegativeSet) {194// Negative caching does not seem to have any security195// implications.196// checkValue(newPolicy, negativeCachePolicy);197// but we should normalize negative policy198negativeCachePolicy = newPolicy < 0 ? FOREVER : newPolicy;199}200}201202private static void checkValue(int newPolicy, int oldPolicy) {203/*204* If malicious code gets a hold of this method, prevent205* setting the cache policy to something laxer or some206* invalid negative value.207*/208if (newPolicy == FOREVER)209return;210211if ((oldPolicy == FOREVER) ||212(newPolicy < oldPolicy) ||213(newPolicy < FOREVER)) {214215throw new216SecurityException("can't make InetAddress cache more lax");217}218}219}220221222