8344185: Remove calls to SecurityManager in sun.net.ftp

Reviewed-by: alanb, michaelm, dfuchs
This commit is contained in:
Eirik Bjørsnøs 2024-11-15 09:47:43 +00:00
parent bfee766f03
commit 0c191f6629
3 changed files with 22 additions and 75 deletions
src/java.base/share/classes/sun/net/ftp

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -234,8 +234,6 @@ public abstract class FtpClient implements java.io.Closeable {
* @param dest the address of the destination server
* @return this FtpClient
* @throws IOException if connection failed.
* @throws SecurityException if there is a SecurityManager installed and it
* denied the authorization to connect to the destination.
* @throws FtpProtocolException
*/
public abstract FtpClient connect(SocketAddress dest) throws FtpProtocolException, IOException;
@ -247,8 +245,6 @@ public abstract class FtpClient implements java.io.Closeable {
* @param timeout the value, in milliseconds, to use as a connection timeout
* @return this FtpClient
* @throws IOException if connection failed.
* @throws SecurityException if there is a SecurityManager installed and it
* denied the authorization to connect to the destination.
* @throws FtpProtocolException
*/
public abstract FtpClient connect(SocketAddress dest, int timeout) throws FtpProtocolException, IOException;

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -24,8 +24,6 @@
*/
package sun.net.ftp;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ServiceConfigurationError;
//import java.util.ServiceLoader;
@ -50,16 +48,8 @@ public abstract class FtpClientProvider {
/**
* Initializes a new instance of this class.
*
* @throws SecurityException if a security manager is installed and it denies
* {@link RuntimePermission}{@code ("ftpClientProvider")}
*/
protected FtpClientProvider() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("ftpClientProvider"));
}
}
private static boolean loadProviderFromProperty() {
@ -74,8 +64,7 @@ public abstract class FtpClientProvider {
return true;
} catch (ClassNotFoundException |
IllegalAccessException |
InstantiationException |
SecurityException x) {
InstantiationException x) {
throw new ServiceConfigurationError(x.toString());
}
}
@ -135,26 +124,19 @@ public abstract class FtpClientProvider {
*
* @return The system-wide default FtpClientProvider
*/
@SuppressWarnings("removal")
public static FtpClientProvider provider() {
synchronized (lock) {
if (provider != null) {
return provider;
}
return (FtpClientProvider) AccessController.doPrivileged(
new PrivilegedAction<Object>() {
public Object run() {
if (loadProviderFromProperty()) {
return provider;
}
if (loadProviderAsService()) {
return provider;
}
provider = new sun.net.ftp.impl.DefaultFtpClientProvider();
return provider;
}
});
if (loadProviderFromProperty()) {
return provider;
}
if (loadProviderAsService()) {
return provider;
}
provider = new sun.net.ftp.impl.DefaultFtpClientProvider();
return provider;
}
}
}

@ -44,9 +44,6 @@ import java.net.Proxy;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketAddress;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.text.DateFormat;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
@ -133,31 +130,17 @@ public class FtpClient extends sun.net.ftp.FtpClient {
private DateFormat df = DateFormat.getDateInstance(DateFormat.MEDIUM, java.util.Locale.US);
private static final boolean acceptPasvAddressVal;
static {
final int vals[] = {0, 0};
final String acceptPasvAddress[] = {null};
@SuppressWarnings("removal")
final String enc = AccessController.doPrivileged(
new PrivilegedAction<String>() {
public String run() {
acceptPasvAddress[0] = System.getProperty("jdk.net.ftp.trustPasvAddress", "false");
vals[0] = Integer.getInteger("sun.net.client.defaultReadTimeout", 300_000).intValue();
vals[1] = Integer.getInteger("sun.net.client.defaultConnectTimeout", 300_000).intValue();
return System.getProperty("file.encoding", "ISO8859_1");
}
});
if (vals[0] == 0) {
defaultSoTimeout = Integer.getInteger("sun.net.client.defaultReadTimeout", 300_000).intValue();
if (defaultSoTimeout == 0) {
defaultSoTimeout = -1;
} else {
defaultSoTimeout = vals[0];
}
if (vals[1] == 0) {
defaultConnectTimeout = Integer.getInteger("sun.net.client.defaultConnectTimeout", 300_000).intValue();
if (defaultConnectTimeout == 0) {
defaultConnectTimeout = -1;
} else {
defaultConnectTimeout = vals[1];
}
encoding = enc;
encoding = System.getProperty("file.encoding", "ISO8859_1");
try {
if (!isASCIISuperset(encoding)) {
encoding = "ISO8859_1";
@ -171,7 +154,7 @@ public class FtpClient extends sun.net.ftp.FtpClient {
patterns[i] = Pattern.compile(patStrings[i]);
}
acceptPasvAddressVal = Boolean.parseBoolean(acceptPasvAddress[0]);
acceptPasvAddressVal = Boolean.getBoolean("jdk.net.ftp.trustPasvAddress");
}
/**
@ -662,10 +645,7 @@ public class FtpClient extends sun.net.ftp.FtpClient {
Socket s;
if (proxy != null) {
if (proxy.type() == Proxy.Type.SOCKS) {
PrivilegedAction<Socket> pa = () -> new Socket(proxy);
@SuppressWarnings("removal")
var tmp = AccessController.doPrivileged(pa);
s = tmp;
s = new Socket(proxy);
} else {
s = new Socket(Proxy.NO_PROXY);
}
@ -673,9 +653,7 @@ public class FtpClient extends sun.net.ftp.FtpClient {
s = new Socket();
}
PrivilegedAction<InetAddress> pa = () -> server.getLocalAddress();
@SuppressWarnings("removal")
InetAddress serverAddress = AccessController.doPrivileged(pa);
InetAddress serverAddress = server.getLocalAddress();
// Bind the socket to the same address as the control channel. This
// is needed in case of multi-homed systems.
@ -761,11 +739,8 @@ public class FtpClient extends sun.net.ftp.FtpClient {
}
private static InetAddress privilegedLocalHost() throws FtpProtocolException {
PrivilegedExceptionAction<InetAddress> action = InetAddress::getLocalHost;
try {
@SuppressWarnings("removal")
var tmp = AccessController.doPrivileged(action);
return tmp;
return InetAddress.getLocalHost();
} catch (Exception e) {
var ftpEx = new FtpProtocolException(ERROR_MSG);
ftpEx.initCause(e);
@ -774,11 +749,8 @@ public class FtpClient extends sun.net.ftp.FtpClient {
}
private static InetAddress[] privilegedGetAllByName(String hostName) throws FtpProtocolException {
PrivilegedExceptionAction<InetAddress[]> pAction = () -> InetAddress.getAllByName(hostName);
try {
@SuppressWarnings("removal")
var tmp =AccessController.doPrivileged(pAction);
return tmp;
return InetAddress.getAllByName(hostName);
} catch (Exception e) {
var ftpEx = new FtpProtocolException(ERROR_MSG);
ftpEx.initCause(e);
@ -1021,10 +993,7 @@ public class FtpClient extends sun.net.ftp.FtpClient {
Socket s;
if (proxy != null) {
if (proxy.type() == Proxy.Type.SOCKS) {
PrivilegedAction<Socket> pa = () -> new Socket(proxy);
@SuppressWarnings("removal")
var tmp = AccessController.doPrivileged(pa);
s = tmp;
s = new Socket(proxy);
} else {
s = new Socket(Proxy.NO_PROXY);
}