felix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pa...@apache.org
Subject svn commit: r469121 - in /incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework: FakeURLStreamHandler.java Felix.java util/SecureAction.java
Date Mon, 30 Oct 2006 11:12:23 GMT
Author: pauls
Date: Mon Oct 30 03:12:20 2006
New Revision: 469121

URL: http://svn.apache.org/viewvc?view=rev&rev=469121
Log:
Create a protection domain with a valid code source when a security manager is present 
nevermind whether the bundle url protocol is unkown or not (FELIX-21).

Modified:
    incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/FakeURLStreamHandler.java
    incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/Felix.java
    incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/util/SecureAction.java

Modified: incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/FakeURLStreamHandler.java
URL: http://svn.apache.org/viewvc/incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/FakeURLStreamHandler.java?view=diff&rev=469121&r1=469120&r2=469121
==============================================================================
--- incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/FakeURLStreamHandler.java
(original)
+++ incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/FakeURLStreamHandler.java
Mon Oct 30 03:12:20 2006
@@ -36,6 +36,6 @@
 {
     protected URLConnection openConnection(URL url) throws IOException
     {
-        return null;
+        throw new IOException("FakeURLStreamHandler can not be used!");
     }
 }

Modified: incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/Felix.java
URL: http://svn.apache.org/viewvc/incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/Felix.java?view=diff&rev=469121&r1=469120&r2=469121
==============================================================================
--- incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/Felix.java (original)
+++ incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/Felix.java Mon
Oct 30 03:12:20 2006
@@ -20,6 +20,7 @@
 
 import java.io.*;
 import java.net.URL;
+import java.net.URLConnection;
 import java.net.URLStreamHandler;
 import java.security.CodeSource;
 import java.security.ProtectionDomain;
@@ -1291,9 +1292,9 @@
 
                 if (!pd.implies(perm))
                 {
-                   throw new java.security.AccessControlException(
-                       "PackagePermission.IMPORT denied for import: " +
-                       imports[i].getName(), perm);
+                    throw new java.security.AccessControlException(
+                        "PackagePermission.IMPORT denied for import: " +
+                        imports[i].getName(), perm);
                 }
             }
             // Check export permission for all exports of the current module.
@@ -2631,33 +2632,23 @@
         IModule module = m_factory.createModule(
             Long.toString(targetId) + "." + Integer.toString(revision), md);
 
-        ProtectionDomain pd = null;
-
         if (System.getSecurityManager() != null)
         {
-            String location = m_cache.getArchive(targetId).getLocation();
-
-            if (location.startsWith("reference:"))
-            {
-                location = location.substring("reference:".length());
-            }
-
-            CodeSource codesource = new CodeSource(
-                new URL(location),
+            CodeSource codesource = new CodeSource(m_secureAction.createURL(null, 
+                m_cache.getArchive(targetId).getLocation(), 
+                new FakeURLStreamHandler()), 
                 m_cache.getArchive(targetId).getCertificates());
 
-            pd = new ProtectionDomain(codesource,
-                m_secureAction.getPolicy().getPermissions(codesource));
+            m_factory.setSecurityContext(module, new ProtectionDomain(codesource,
+                m_secureAction.getPolicy().getPermissions(codesource)));
         }
 
-        m_factory.setSecurityContext(module, pd);
-
         // Create the content loader from the module archive.
         IContentLoader contentLoader = new ContentLoaderImpl(
                 m_logger,
                 m_cache.getArchive(targetId).getRevision(revision).getContent(),
                 m_cache.getArchive(targetId).getRevision(revision).getContentPath(),
-                pd);
+                (ProtectionDomain) module.getSecurityContext());
         // Set the content loader's search policy.
         contentLoader.setSearchPolicy(
                 new R4SearchPolicy(m_policyCore, module));

Modified: incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/util/SecureAction.java
URL: http://svn.apache.org/viewvc/incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/util/SecureAction.java?view=diff&rev=469121&r1=469120&r2=469121
==============================================================================
--- incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/util/SecureAction.java
(original)
+++ incubator/felix/trunk/framework/src/main/java/org/apache/felix/framework/util/SecureAction.java
Mon Oct 30 03:12:20 2006
@@ -133,6 +133,33 @@
             return new URL(protocol, host, port, path, handler);
         }
     }
+    
+    public URL createURL(URL context, String spec, URLStreamHandler handler)
+        throws MalformedURLException
+    {
+        if (System.getSecurityManager() != null)
+        {
+            try
+            {
+                Actions actions = (Actions) m_actions.get();
+                actions.set(Actions.CREATE_URL_WITH_CONTEXT_ACTION, context, 
+                    spec, handler);
+                return (URL) AccessController.doPrivileged(actions, m_acc);
+            }
+            catch (PrivilegedActionException ex)
+            {
+                if (ex.getException() instanceof MalformedURLException)
+                {
+                    throw (MalformedURLException) ex.getException();
+                }
+                throw (RuntimeException) ex.getException();
+            }
+        }
+        else
+        {
+            return new URL(context, spec, handler);
+        }
+    }
 
     public String getAbsolutePath(File file)
     {
@@ -553,25 +580,26 @@
         public static final int GET_PROPERTY_ACTION = 0;
         public static final int FOR_NAME_ACTION = 1;
         public static final int CREATE_URL_ACTION = 2;
-        public static final int GET_ABSOLUTE_PATH_ACTION = 3;
-        public static final int FILE_EXISTS_ACTION = 4;
-        public static final int FILE_IS_DIRECTORY_ACTION = 5;
-        public static final int MAKE_DIRECTORY_ACTION = 6;
-        public static final int MAKE_DIRECTORIES_ACTION = 7;
-        public static final int LIST_DIRECTORY_ACTION = 8;
-        public static final int RENAME_FILE_ACTION = 9;
-        public static final int GET_FILE_INPUT_ACTION = 10;
-        public static final int GET_FILE_OUTPUT_ACTION = 11;
-        public static final int DELETE_FILE_ACTION = 12;
-        public static final int OPEN_JARX_ACTION = 13;
-        public static final int GET_URL_INPUT_ACTION = 14;
-        public static final int CREATE_CONTENTCLASSLOADER_ACTION = 15;
-        public static final int START_ACTIVATOR_ACTION = 16;
-        public static final int STOP_ACTIVATOR_ACTION = 17;
-        public static final int SYSTEM_EXIT_ACTION = 18;
-        public static final int OPEN_JAR_ACTION=19;
-        public static final int GET_POLICY_ACTION = 20;
-
+        public static final int CREATE_URL_WITH_CONTEXT_ACTION = 3;
+        public static final int GET_ABSOLUTE_PATH_ACTION = 4;
+        public static final int FILE_EXISTS_ACTION = 5;
+        public static final int FILE_IS_DIRECTORY_ACTION = 6;
+        public static final int MAKE_DIRECTORY_ACTION = 7;
+        public static final int MAKE_DIRECTORIES_ACTION = 8;
+        public static final int LIST_DIRECTORY_ACTION = 9;
+        public static final int RENAME_FILE_ACTION = 10;
+        public static final int GET_FILE_INPUT_ACTION = 11;
+        public static final int GET_FILE_OUTPUT_ACTION = 12;
+        public static final int DELETE_FILE_ACTION = 13;
+        public static final int OPEN_JARX_ACTION = 14;
+        public static final int GET_URL_INPUT_ACTION = 15;
+        public static final int CREATE_CONTENTCLASSLOADER_ACTION = 16;
+        public static final int START_ACTIVATOR_ACTION = 17;
+        public static final int STOP_ACTIVATOR_ACTION = 18;
+        public static final int SYSTEM_EXIT_ACTION = 19;
+        public static final int OPEN_JAR_ACTION= 20;
+        public static final int GET_POLICY_ACTION = 21;
+        
         private int m_action = -1;
         private Object m_arg1 = null;
         private Object m_arg2 = null;
@@ -622,6 +650,14 @@
             m_arg2 = null;
         }
 
+        public void set(int action, URL context, String spec, URLStreamHandler handler)
+        {
+            m_action = action;
+            m_arg1 = context;
+            m_arg2 = spec;
+            m_handler = handler;
+        }
+        
         private void unset()
         {
             m_action = -1;
@@ -649,6 +685,10 @@
                 else if (m_action == CREATE_URL_ACTION)
                 {
                     return new URL(m_protocol, m_host, m_port, m_path, m_handler);
+                }
+                else if (m_action == CREATE_URL_WITH_CONTEXT_ACTION)
+                {
+                    return new URL((URL) m_arg1, (String) m_arg2, m_handler);
                 }
                 else if (m_action == GET_ABSOLUTE_PATH_ACTION)
                 {



Mime
View raw message