felix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pa...@apache.org
Subject svn commit: r883923 - in /felix/trunk/framework.security: ./ src/main/java/org/apache/felix/framework/ src/main/java/org/apache/felix/framework/security/condpermadmin/ src/main/java/org/apache/felix/framework/security/util/ src/main/java/org/apache/fel...
Date Tue, 24 Nov 2009 23:23:26 GMT
Author: pauls
Date: Tue Nov 24 23:23:26 2009
New Revision: 883923

URL: http://svn.apache.org/viewvc?rev=883923&view=rev
Log:
Migrate the security provider the latest felix version (FELIX-1101,FELIX-1577)

Modified:
    felix/trunk/framework.security/   (props changed)
    felix/trunk/framework.security/pom.xml
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/util/LocalPermissions.java
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
    felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/SignerMatcher.java
    felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleLocationCondition.java
    felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleSignerCondition.java

Propchange: felix/trunk/framework.security/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Tue Nov 24 23:23:26 2009
@@ -0,0 +1,5 @@
+.classpath
+.project
+target
+.externalToolBuilders
+.settings

Modified: felix/trunk/framework.security/pom.xml
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/pom.xml?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/pom.xml (original)
+++ felix/trunk/framework.security/pom.xml Tue Nov 24 23:23:26 2009
@@ -32,14 +32,14 @@
   </description>
   <dependencies>
      <dependency>
-      <groupId>${pom.groupId}</groupId>
+      <groupId>org.osgi</groupId>
       <artifactId>org.osgi.core</artifactId>
-      <version>1.2.0</version>
+      <version>4.1.0</version>
     </dependency>
     <dependency>
       <groupId>${pom.groupId}</groupId>
       <artifactId>org.apache.felix.framework</artifactId>
-      <version>1.4.1</version>
+      <version>2.0.2</version>
       <scope>provided</scope>
     </dependency>
   </dependencies>

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
Tue Nov 24 23:23:26 2009
@@ -284,7 +284,7 @@
             Bundle bundle = context.getBundle(Long.parseLong(id));
             long timeLong = Long.parseLong(time);
             if ((bundle == null) || 
-                ((FelixBundle) bundle).getInfo().getLastModified() > timeLong)
+                (bundle.getLastModified() > timeLong))
             {
                 continue;
             }

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
Tue Nov 24 23:23:26 2009
@@ -65,11 +65,9 @@
      */
     public void checkBundle(Bundle bundle) throws Exception
     {
-        BundleInfo info = ((FelixBundle) bundle).getInfo();
-
         m_parser.checkDNChains(
-            (Long.toString(bundle.getBundleId()) + "-" + info.getLastModified()), 
-            info.getCurrentModule().getContentLoader());
+            (Long.toString(bundle.getBundleId()) + "-" + bundle.getLastModified()), 
+            ((BundleImpl) bundle).getCurrentModule().getContent());
     }
 
     /**
@@ -78,11 +76,13 @@
     public Object getSignerMatcher(final Bundle bundle)
     {
         return new SignerMatcher(Long.toString(bundle.getBundleId()), 
-            ((FelixBundle) bundle).getInfo().getLastModified(),
-            ((FelixBundle) bundle).getInfo().getCurrentModule().getContentLoader(), 
+            bundle.getLastModified(),
+            ((BundleImpl) bundle).getCurrentModule().getContent(), 
             m_parser);
     }
 
+    ThreadLocal loopCheck = new ThreadLocal();
+    
     /**
      * If we have a permissionadmin then ask that one first and have it
      * decide in case there is a location bound. If not then either use its 
@@ -92,12 +92,21 @@
     public boolean hasBundlePermission(ProtectionDomain bundleProtectionDomain,
         Permission permission, boolean direct)
     {
+    	if (loopCheck.get() != null)
+    	{
+    		return true;
+    	}
+    	else
+    	{
+    	    loopCheck.set(this);
+    	}
+    	try
+    	{
         BundleProtectionDomain pd =
             (BundleProtectionDomain) bundleProtectionDomain;
-        FelixBundle bundle = pd.getBundle();
-        BundleInfo info = bundle.getInfo();
+        BundleImpl bundle = pd.getBundle();
 
-        if (info.getBundleId() == 0)
+        if (bundle.getBundleId() == 0)
         {
             return true;
         }
@@ -108,7 +117,7 @@
         if (m_pai != null)
         {
             result =
-                m_pai.hasPermission(info.getLocation(), pd.getBundle(),
+                m_pai.hasPermission(bundle.getLocation(), pd.getBundle(),
                     permission, m_cpai, pd);
         }
 
@@ -122,9 +131,9 @@
             try
             {
                 return m_cpai.hasPermission(bundle, 
-                    info.getCurrentModule().getContentLoader(), 
+                    bundle.getCurrentModule().getContent(), 
                     bundle.getBundleId() + "-" + 
-                    info.getLastModified(),null, pd,
+                    bundle.getLastModified(),null, pd,
                     permission, direct, m_pai);
             }
             catch (Exception e)
@@ -135,5 +144,8 @@
         }
 
         return false;
+    	} finally {
+    		loopCheck.set(null);
+    	}
     }
 }
\ No newline at end of file

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
Tue Nov 24 23:23:26 2009
@@ -37,7 +37,7 @@
 import org.apache.felix.framework.security.util.Permissions;
 import org.apache.felix.framework.security.util.PropertiesCache;
 import org.apache.felix.framework.util.IteratorToEnumeration;
-import org.apache.felix.moduleloader.IContentLoader;
+import org.apache.felix.moduleloader.IContent;
 import org.osgi.framework.Bundle;
 import org.osgi.service.condpermadmin.ConditionInfo;
 import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
@@ -303,7 +303,7 @@
      * @return true in case the permission is granted or there are postponed tuples
      *     false if not. Again, see the spec for more explanations.
      */
-    public boolean hasPermission(Bundle felixBundle, IContentLoader loader, String root,

+    public boolean hasPermission(Bundle felixBundle, IContent content, String root, 
         String[] signers, ProtectionDomain pd, Permission permission,
         boolean direct, Object admin)
     {
@@ -352,7 +352,7 @@
 
         // check the local permissions. they need to all the permission if there
         // are any
-        if (!m_localPermissions.implies(root, loader, felixBundle, permission))
+        if (!m_localPermissions.implies(root, content, felixBundle, permission))
         {
             return false;
         }

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/util/LocalPermissions.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/util/LocalPermissions.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/util/LocalPermissions.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/util/LocalPermissions.java
Tue Nov 24 23:23:26 2009
@@ -33,7 +33,6 @@
 import org.apache.felix.framework.security.util.Permissions;
 import org.apache.felix.framework.security.util.PropertiesCache;
 import org.apache.felix.moduleloader.IContent;
-import org.apache.felix.moduleloader.IContentLoader;
 import org.osgi.framework.Bundle;
 import org.osgi.service.permissionadmin.PermissionInfo;
 
@@ -82,7 +81,7 @@
      * @param permission the permission to check
      * @return true if implied by local permissions.
      */
-    public boolean implies(String root, IContentLoader loader, Bundle bundle,
+    public boolean implies(String root, IContent content, Bundle bundle,
         Permission permission)
     {
         PermissionInfo[] permissions = null;
@@ -92,11 +91,8 @@
             if (!m_cache.containsKey(root))
             {
                 InputStream in = null;
-                IContent content = null;
                 try
                 {
-                    content = loader.getContent();
-
                     in = content.getEntryAsStream("OSGI-INF/permissions.perm");
                     if (in != null)
                     {

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
Tue Nov 24 23:23:26 2009
@@ -37,7 +37,6 @@
 import org.apache.felix.framework.security.util.BundleInputStream;
 import org.apache.felix.framework.security.util.TrustManager;
 import org.apache.felix.moduleloader.IContent;
-import org.apache.felix.moduleloader.IContentLoader;
 
 public final class BundleDNParser
 {
@@ -98,7 +97,7 @@
         }
     }
 
-    public void checkDNChains(String root, IContentLoader contentLoader) throws Exception
+    public void checkDNChains(String root, IContent content) throws Exception
     {
         synchronized (m_cache)
         {
@@ -117,7 +116,7 @@
         Exception org = null;
         try
         {
-            result = _getDNChains(root, contentLoader.getContent());
+            result = _getDNChains(root, content);
         }
         catch (Exception ex)
         {
@@ -135,7 +134,7 @@
         }
     }
 
-    public String[] getDNChains(String root, IContentLoader bundleRevision)
+    public String[] getDNChains(String root, IContent bundleRevision)
     {
         synchronized (m_cache)
         {
@@ -151,28 +150,15 @@
         }
 
         String[] result = new String[0];
-
-        IContent content = null;
+        
         try
         {
-            content = bundleRevision.getContent();
-            result = _getDNChains(root, content);
+            result = _getDNChains(root, bundleRevision);
         }
         catch (Exception ex)
         {
             // Ignore
         }
-        if (content != null)
-        {
-            try 
-            {
-                content.close();
-            }
-            catch (Exception ex)
-            {
-                // Ignore
-            }
-        }
 
         synchronized (m_cache)
         {

Modified: felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/SignerMatcher.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/SignerMatcher.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/SignerMatcher.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/apache/felix/framework/security/verifier/SignerMatcher.java
Tue Nov 24 23:23:26 2009
@@ -22,14 +22,14 @@
 import java.util.Locale;
 import java.util.Map;
 
-import org.apache.felix.moduleloader.IContentLoader;
+import org.apache.felix.moduleloader.IContent;
 import org.apache.felix.moduleloader.IModule;
 
 public final class SignerMatcher
 {
     private final String m_filter;
     private final String m_root;
-    private final IContentLoader m_archive;
+    private final IContent m_archive;
     private final BundleDNParser m_parser;
     private final long m_lastModified;
     
@@ -42,7 +42,7 @@
         m_lastModified = 0;
     }
     
-    public SignerMatcher(String root, long lastModified, IContentLoader archive, BundleDNParser
parser)
+    public SignerMatcher(String root, long lastModified, IContent archive, BundleDNParser
parser)
     {
         m_filter = null;
         m_root = root;

Modified: felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleLocationCondition.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleLocationCondition.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleLocationCondition.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleLocationCondition.java
Tue Nov 24 23:23:26 2009
@@ -22,7 +22,6 @@
 import java.security.PrivilegedAction;
 import java.util.Hashtable;
 
-import org.apache.felix.framework.FilterImpl;
 import org.osgi.framework.*;
 
 /**
@@ -73,7 +72,7 @@
         try
         {
             filter =
-                new FilterImpl("(location=" + escapeLocation(args[0]) + ")");
+                FrameworkUtil.createFilter("(location=" + escapeLocation(args[0]) + ")");
         }
         catch (InvalidSyntaxException e)
         {

Modified: felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleSignerCondition.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleSignerCondition.java?rev=883923&r1=883922&r2=883923&view=diff
==============================================================================
--- felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleSignerCondition.java
(original)
+++ felix/trunk/framework.security/src/main/java/org/osgi/service/condpermadmin/BundleSignerCondition.java
Tue Nov 24 23:23:26 2009
@@ -26,9 +26,9 @@
 import java.util.Dictionary;
 import java.util.Hashtable;
 
-import org.apache.felix.framework.FilterImpl;
 import org.osgi.framework.Bundle;
 import org.osgi.framework.Filter;
+import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.InvalidSyntaxException;
 
 /**
@@ -179,7 +179,7 @@
         m_bundle = bundle;
         try
         {
-            m_filter = new FilterImpl(filter);
+            m_filter = FrameworkUtil.createFilter(filter);
         }
         catch (InvalidSyntaxException e)
         {



Mime
View raw message