[Jython-checkins] jython: Treat illegal reflective access in test_java_visibility.
jeff.allen
jython-checkins at python.org
Tue Oct 23 03:05:16 EDT 2018
https://hg.python.org/jython/rev/677009e86ce2
changeset: 8188:677009e86ce2
user: Jeff Allen <ja.py at farowl.co.uk>
date: Sun Oct 21 14:04:07 2018 +0100
summary:
Treat illegal reflective access in test_java_visibility.
The test is testing python.security.respectJavaAccessibility=false, but from
Java 9 the JVM produces ugly warnings about the access that follows. These are
suppressed in the test by appropriate --add-opens options.
Since --add-opens is only valid from Java 9, this change also requires
test.test_support.get_java_version to support JEP-223 version numbers.
files:
Lib/test/test_java_visibility.py | 32 ++++++++++++++++++-
Lib/test/test_ssl.py | 4 +-
Lib/test/test_support.py | 24 ++++++++++-----
3 files changed, 47 insertions(+), 13 deletions(-)
diff --git a/Lib/test/test_java_visibility.py b/Lib/test/test_java_visibility.py
--- a/Lib/test/test_java_visibility.py
+++ b/Lib/test/test_java_visibility.py
@@ -239,12 +239,38 @@
class RespectJavaAccessibilityTest(unittest.TestCase):
+ def setUp(self):
+ self.command = [sys.executable]
+
+ # NOTE: from Java 9 onwards, the JVM will complain about (but by default still allow)
+ # reflective access that does not respect Java accessibility rules. In order to avoid:
+ # WARNING: Illegal reflective access by org.python.core.PyJavaType ...
+ # and a threat that "illegal access operations will be denied in a future release",
+ # we add --add-opens specifications for all the packages needed in this test.
+
+ def add_opens(self, module, package):
+ self.command.append("-J--add-opens")
+ self.command.append("-J{}/{}=ALL-UNNAMED".format(module, package))
+
def run_accessibility_script(self, script, error=AttributeError):
fn = test_support.findfile(script)
+ # Check expected error in current environment
self.assertRaises(error, execfile, fn)
- self.assertEquals(subprocess.call([sys.executable, "-J-Dpython.cachedir.skip=true",
- "-J-Dpython.security.respectJavaAccessibility=false", fn]),
- 0)
+
+ # Prepare to break the rules
+ self.command.append("-J-Dpython.cachedir.skip=true")
+ self.command.append("-J-Dpython.security.respectJavaAccessibility=false")
+ if test_support.get_java_version() >= (9,):
+ # See all the cases for which we have forgotten --add-opens
+ self.command.append("-J--illegal-access=warn")
+ # Open the packages used in the scripts
+ self.add_opens("java.desktop", "java.awt.geom")
+ for package in ("lang", "util", "nio", "nio.charset"):
+ self.add_opens("java.base", "java." + package)
+
+ self.command.append(fn)
+ self.assertEquals(subprocess.call(self.command), 0)
+
def test_method_access(self):
self.run_accessibility_script("call_protected_method.py")
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -337,7 +337,7 @@
self.assertRaisesRegexp(ValueError,
"certfile must be specified for server-side operations",
ssl.wrap_socket, sock, server_side=True, certfile="")
- if support.get_java_version() < (1, 9):
+ if support.get_java_version() < (9,):
# Possible FIXME similar issue as seen in
# test_load_cert_chain - apparently this RSA 1024 cert is too weak and gets a
# java.security.KeyStoreException: Key protection algorithm not found before the
@@ -786,7 +786,7 @@
ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
# Combined key and cert in a single file
ctx.load_cert_chain(CERTFILE, keyfile=None)
- if support.get_java_version() < (1, 9):
+ if support.get_java_version() < (9,):
# Possible FIXME we may be skipping this test on Java 9 unnecessarily.
# CERTFILE as generated uses RSA 1024, which is considered too weak.
# This may be why this raises an error on Java 9:
diff --git a/Lib/test/test_support.py b/Lib/test/test_support.py
--- a/Lib/test/test_support.py
+++ b/Lib/test/test_support.py
@@ -56,16 +56,24 @@
if is_jython:
def get_java_version(version=None):
- # returns (1, 8, 0, 121) for version = "1.8.0_121", meaning
- # Java 8 update 121, etc.. Conforms to:
- # http://www.oracle.com/technetwork/java/javase/versioning-naming-139433.html
- # and not yet http://openjdk.java.net/jeps/223 .
+ """return a tuple of int encoding the Java version (as in java.version).
+
+ "1.8.0_121" -> (1, 8, 0, 121)
+ "9.0.4" -> (9, 0, 4)
+ "11" -> (11,)
+ "12-ea" -> (12,)
+ This parses strings (java.version properties) that conform to:
+ http://www.oracle.com/technetwork/java/javase/versioning-naming-139433.html
+ and http://openjdk.java.net/jeps/223 (but doesn't validate them).
+ """
if version is None:
version = platform.java_ver()[0]
- parse = re.match("(\d+)\.(\d+)\.(\d+)_(\d+)", version)
- if parse:
- return tuple((int(x) for x in parse.groups()))
- else:
+ version = version.split('-')[0] # discard optional pre-release indicator
+ parts = version.split('_') # pre-JEP-223 format like 1.8.0_121
+ parts[0:1] = parts[0].split('.')
+ try:
+ return tuple(int(x) for x in parts)
+ except:
return ()
--
Repository URL: https://hg.python.org/jython
More information about the Jython-checkins
mailing list