db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r326727 - in /db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor: BaseMonitor.java FileMonitor.java
Date Wed, 19 Oct 2005 22:13:04 GMT
Author: djd
Date: Wed Oct 19 15:13:00 2005
New Revision: 326727

URL: http://svn.apache.org/viewcvs?rev=326727&view=rev
Log:
DERBY-626 Re-work code to ensure that obtaining the enumeration of modules.properties
files as well as opening them is in a priviledge block. Removes the requirement for
read permission on derby.jar to be granted all the way up the stack when running with the
security manager.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/BaseMonitor.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/FileMonitor.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/BaseMonitor.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/BaseMonitor.java?rev=326727&r1=326726&r2=326727&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/BaseMonitor.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/BaseMonitor.java
Wed Oct 19 15:13:00 2005
@@ -1056,7 +1056,7 @@
 		If no implementations are listed in the properties object
 		then null is returned.
 	*/
-	protected Vector getImplementations(Properties moduleList, boolean actualModuleList) {
+	private Vector getImplementations(Properties moduleList, boolean actualModuleList) {
 
 		if (moduleList == null)
 			return null;
@@ -1251,19 +1251,36 @@
         return true;
     } // end of getPersistentServiceImplementation
         
-	protected Vector getDefaultImplementations() {
+	private Vector getDefaultImplementations() {
 
+		Properties moduleList = getDefaultModuleProperties();
+
+		return getImplementations(moduleList, true);
+	} // end of getDefaultImplementations
+	
+	/**
+	 * Get the complete set of module properties by
+	 * loading in contents of all the org/apache/derby/modules.properties
+	 * files. This must be executed in a privileged block otherwise
+	 * when running in a security manager environment no properties will
+	 * be returned.
+	 * @return
+	 */
+	Properties getDefaultModuleProperties()
+	{
+		// SECURITY PERMISSION - IP1 for modules in this jar
+		// or other jars shipped with the Derby release.
 		Properties moduleList = new Properties();
         boolean firstList = true;
-        ClassLoader cl = getClass().getClassLoader();
 
+        ClassLoader cl = getClass().getClassLoader();
         try {
-            for( Enumeration e = cl.getResources( "org/apache/derby/modules.properties");
+            for( Enumeration e = cl.getResources("org/apache/derby/modules.properties");
                  e.hasMoreElements() ;) {
                 URL modulesPropertiesURL = (URL) e.nextElement();
                 InputStream is = null;
                 try {
-                    is = loadModuleDefinitions( modulesPropertiesURL);
+                    is = modulesPropertiesURL.openStream();
                     if( firstList) {
                         moduleList.load( is);
                         firstList = false;
@@ -1297,18 +1314,13 @@
             if (SanityManager.DEBUG)
                 report("Can't load implementation list: " + ioe.toString());
         }
-        if( firstList) {
-			if (SanityManager.DEBUG)
+        if (SanityManager.DEBUG)
+        {
+			if (firstList)
 				report("Default implementation list not found");
-			return null;
 		}
-
-		return getImplementations(moduleList, true);
-	} // end of getDefaultImplementations
-
-	InputStream loadModuleDefinitions( URL propertyFileURL) throws IOException {
-		// SECURITY PERMISSION - IP1
-		return propertyFileURL.openStream();
+ 
+        return moduleList;
 	}
 
 	/*

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/FileMonitor.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/FileMonitor.java?rev=326727&r1=326726&r2=326727&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/FileMonitor.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/services/monitor/FileMonitor.java
Wed Oct 19 15:13:00 2005
@@ -33,6 +33,8 @@
 import java.io.InputStream;
 
 import java.net.URL;
+import java.util.Enumeration;
+import java.util.Properties;
 
 /**
 	Implementation of the monitor that uses the class loader
@@ -165,7 +167,6 @@
 	private String key3;
 	private Runnable task;
 	private int intValue;
-    private URL propertyFileURL;
 
 	/**
 		Initialize the system in a privileged block.
@@ -182,18 +183,12 @@
 		}
 	}
 
-	synchronized final InputStream loadModuleDefinitions(URL propertyFileURL) throws IOException
{
+	synchronized final Properties getDefaultModuleProperties() {
 		action = 2;
-        this.propertyFileURL = propertyFileURL;
-		try {
-			return (InputStream) java.security.AccessController.doPrivileged(this);
+ 		try {
+			return (Properties) java.security.AccessController.doPrivileged(this);
         } catch (java.security.PrivilegedActionException pae) {
-            Exception e = pae.getException();
-            if( e instanceof IOException)
-                throw (IOException) e;
-            throw (RuntimeException) e;
-        } finally {
-            this.propertyFileURL = null;
+           throw (RuntimeException) pae.getException();
         }
     }
 
@@ -257,7 +252,7 @@
 	}
 
 
-	public final Object run() throws IOException {
+	public synchronized final Object run() throws IOException {
 		switch (action) {
 		case 0:
 		case 1:
@@ -265,7 +260,7 @@
 			return new Boolean(PBinitialize(action == 0));
 		case 2: 
 			// SECURITY PERMISSION - IP1
-			return super.loadModuleDefinitions( propertyFileURL);
+			return super.getDefaultModuleProperties();
 		case 3:
 			// SECURITY PERMISSION - OP1
 			return PBgetJVMProperty(key3);



Mime
View raw message