From d52d13648612546ef4458579aff6daf965586a03 Mon Sep 17 00:00:00 2001 From: Daniel Fuchs Date: Mon, 18 Nov 2024 15:17:40 +0000 Subject: [PATCH] 8344221: Remove calls to SecurityManager and and doPrivileged in java.net.IDN, java.net.URL, java.net.URLConnection, sun.net.util.URLUtil, and java.net.URLStreamHandlerProvider after JEP 486 integration Reviewed-by: alanb, rriggs --- src/java.base/share/classes/java/net/IDN.java | 13 +- src/java.base/share/classes/java/net/URL.java | 121 +++--------------- .../share/classes/java/net/URLConnection.java | 55 +++----- .../net/spi/URLStreamHandlerProvider.java | 10 -- .../share/classes/sun/net/util/URLUtil.java | 6 +- 5 files changed, 35 insertions(+), 170 deletions(-) diff --git a/src/java.base/share/classes/java/net/IDN.java b/src/java.base/share/classes/java/net/IDN.java index 5e01ab6532d..6f11643264f 100644 --- a/src/java.base/share/classes/java/net/IDN.java +++ b/src/java.base/share/classes/java/net/IDN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,6 @@ package java.net; import java.io.InputStream; import java.io.IOException; -import java.security.AccessController; -import java.security.PrivilegedAction; import jdk.internal.icu.impl.Punycode; import jdk.internal.icu.text.StringPrep; @@ -248,14 +246,7 @@ public final class IDN { StringPrep stringPrep = null; try { final String IDN_PROFILE = "/sun/net/idn/uidna.spp"; - @SuppressWarnings("removal") - InputStream stream = System.getSecurityManager() != null - ? AccessController.doPrivileged(new PrivilegedAction<>() { - public InputStream run() { - return StringPrep.class.getResourceAsStream(IDN_PROFILE); - }}) - : StringPrep.class.getResourceAsStream(IDN_PROFILE); - + InputStream stream = StringPrep.class.getResourceAsStream(IDN_PROFILE); stringPrep = new StringPrep(stream); stream.close(); } catch (IOException e) { diff --git a/src/java.base/share/classes/java/net/URL.java b/src/java.base/share/classes/java/net/URL.java index 418651bc7c2..be4daa28f33 100644 --- a/src/java.base/share/classes/java/net/URL.java +++ b/src/java.base/share/classes/java/net/URL.java @@ -30,8 +30,6 @@ import java.io.IOException; import java.io.InputStream; import java.net.spi.URLStreamHandlerProvider; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Hashtable; import java.io.InvalidObjectException; import java.io.ObjectStreamException; @@ -39,8 +37,6 @@ import java.io.ObjectStreamField; import java.io.ObjectInputStream.GetField; import java.util.Iterator; import java.util.Locale; -import java.util.NoSuchElementException; -import java.util.ServiceConfigurationError; import java.util.ServiceLoader; import jdk.internal.access.JavaNetURLAccess; @@ -48,8 +44,6 @@ import jdk.internal.access.SharedSecrets; import jdk.internal.misc.ThreadTracker; import jdk.internal.misc.VM; import sun.net.util.IPAddressUtil; -import sun.security.util.SecurityConstants; -import sun.security.action.GetPropertyAction; /** * Class {@code URL} represents a Uniform Resource @@ -485,14 +479,6 @@ public final class URL implements java.io.Serializable { @Deprecated(since = "20") public URL(String protocol, String host, int port, String file, URLStreamHandler handler) throws MalformedURLException { - if (handler != null) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - // check for permission to specify a handler - checkSpecifyHandler(sm); - } - } protocol = lowerCaseProtocol(protocol); this.protocol = protocol; @@ -683,15 +669,6 @@ public final class URL implements java.io.Serializable { boolean aRef=false; boolean isRelative = false; - // Check for permission to specify a handler - if (handler != null) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - checkSpecifyHandler(sm); - } - } - try { limit = spec.length(); while ((limit > 0) && (spec.charAt(limit - 1) <= ' ')) { @@ -912,13 +889,6 @@ public final class URL implements java.io.Serializable { return true; } - /* - * Checks for permission to specify a stream handler. - */ - private void checkSpecifyHandler(@SuppressWarnings("removal") SecurityManager sm) { - sm.checkPermission(SecurityConstants.SPECIFY_HANDLER_PERMISSION); - } - /** * Sets the specified 8 fields of the URL. This is not a public method so * that only URLStreamHandlers can modify URL fields. URLs are otherwise @@ -956,9 +926,8 @@ public final class URL implements java.io.Serializable { /** * Returns the address of the host represented by this URL. - * A {@link SecurityException} or an {@link UnknownHostException} - * while getting the host address will result in this method returning - * {@code null} + * An {@link UnknownHostException} while getting the host address + * will result in this method returning {@code null}. * * @return an {@link InetAddress} representing the host */ @@ -972,7 +941,7 @@ public final class URL implements java.io.Serializable { } try { hostAddress = InetAddress.getByName(host); - } catch (UnknownHostException | SecurityException ex) { + } catch (UnknownHostException e) { return null; } return hostAddress; @@ -1271,16 +1240,6 @@ public final class URL implements java.io.Serializable { // Create a copy of Proxy as a security measure Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (p.type() != Proxy.Type.DIRECT && sm != null) { - InetSocketAddress epoint = (InetSocketAddress) p.address(); - if (epoint.isUnresolved()) - sm.checkConnect(epoint.getHostName(), epoint.getPort()); - else - sm.checkConnect(epoint.getAddress().getHostAddress(), - epoint.getPort()); - } return handler.openConnection(this, p); } @@ -1358,11 +1317,6 @@ public final class URL implements java.io.Serializable { if (factory != null) { throw new Error("factory already defined"); } - @SuppressWarnings("removal") - SecurityManager security = System.getSecurityManager(); - if (security != null) { - security.checkSetFactory(); - } handlers.clear(); // safe publication of URLStreamHandlerFactory with volatile write @@ -1398,8 +1352,7 @@ public final class URL implements java.io.Serializable { } private static URLStreamHandler lookupViaProperty(String protocol) { - String packagePrefixList = - GetPropertyAction.privilegedGetProperty(protocolPathProp); + String packagePrefixList = System.getProperty(protocolPathProp); if (packagePrefixList == null || packagePrefixList.isEmpty()) { // not set return null; @@ -1435,47 +1388,6 @@ public final class URL implements java.io.Serializable { return handler; } - private static Iterator providers() { - return new Iterator<>() { - - final ClassLoader cl = ClassLoader.getSystemClassLoader(); - final ServiceLoader sl = - ServiceLoader.load(URLStreamHandlerProvider.class, cl); - final Iterator i = sl.iterator(); - - URLStreamHandlerProvider next = null; - - private boolean getNext() { - while (next == null) { - try { - if (!i.hasNext()) - return false; - next = i.next(); - } catch (ServiceConfigurationError sce) { - if (sce.getCause() instanceof SecurityException) { - // Ignore security exceptions - continue; - } - throw sce; - } - } - return true; - } - - public boolean hasNext() { - return getNext(); - } - - public URLStreamHandlerProvider next() { - if (!getNext()) - throw new NoSuchElementException(); - URLStreamHandlerProvider n = next; - next = null; - return n; - } - }; - } - private static class ThreadTrackHolder { static final ThreadTracker TRACKER = new ThreadTracker(); } @@ -1488,26 +1400,23 @@ public final class URL implements java.io.Serializable { ThreadTrackHolder.TRACKER.end(key); } - @SuppressWarnings("removal") private static URLStreamHandler lookupViaProviders(final String protocol) { Object key = tryBeginLookup(); if (key == null) { throw new Error("Circular loading of URL stream handler providers detected"); } try { - return AccessController.doPrivileged( - new PrivilegedAction<>() { - public URLStreamHandler run() { - Iterator itr = providers(); - while (itr.hasNext()) { - URLStreamHandlerProvider f = itr.next(); - URLStreamHandler h = f.createURLStreamHandler(protocol); - if (h != null) - return h; - } - return null; - } - }); + final ClassLoader cl = ClassLoader.getSystemClassLoader(); + final ServiceLoader sl = + ServiceLoader.load(URLStreamHandlerProvider.class, cl); + final Iterator itr = sl.iterator(); + while (itr.hasNext()) { + URLStreamHandlerProvider f = itr.next(); + URLStreamHandler h = f.createURLStreamHandler(protocol); + if (h != null) + return h; + } + return null; } finally { endLookup(key); } diff --git a/src/java.base/share/classes/java/net/URLConnection.java b/src/java.base/share/classes/java/net/URLConnection.java index 168e4df29df..209b84de200 100644 --- a/src/java.base/share/classes/java/net/URLConnection.java +++ b/src/java.base/share/classes/java/net/URLConnection.java @@ -28,7 +28,6 @@ package java.net; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.security.PrivilegedAction; import java.util.Hashtable; import java.util.concurrent.ConcurrentHashMap; import java.util.Date; @@ -42,10 +41,8 @@ import java.util.Locale; import java.util.Map; import java.util.List; import java.security.Permission; -import java.security.AccessController; import sun.security.util.SecurityConstants; import sun.net.www.MessageHeader; -import sun.security.action.GetPropertyAction; /** * The abstract class {@code URLConnection} is the superclass @@ -328,9 +325,6 @@ public abstract class URLConnection { * @since 1.2 */ public static void setFileNameMap(FileNameMap map) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) sm.checkSetFactory(); fileNameMap = map; } @@ -1285,11 +1279,6 @@ public abstract class URLConnection { if (factory != null) { throw new Error("factory already defined"); } - @SuppressWarnings("removal") - SecurityManager security = System.getSecurityManager(); - if (security != null) { - security.checkSetFactory(); - } factory = fac; } @@ -1401,35 +1390,22 @@ public abstract class URLConnection { @SuppressWarnings("removal") private ContentHandler lookupContentHandlerViaProvider(String contentType) { - return AccessController.doPrivileged( - new PrivilegedAction<>() { - @Override - public ContentHandler run() { - ClassLoader cl = ClassLoader.getSystemClassLoader(); - ServiceLoader sl = - ServiceLoader.load(ContentHandlerFactory.class, cl); - Iterator iterator = sl.iterator(); + ClassLoader cl = ClassLoader.getSystemClassLoader(); + ServiceLoader sl = + ServiceLoader.load(ContentHandlerFactory.class, cl); - ContentHandler handler = null; - while (iterator.hasNext()) { - ContentHandlerFactory f; - try { - f = iterator.next(); - } catch (ServiceConfigurationError e) { - if (e.getCause() instanceof SecurityException) { - continue; - } - throw e; - } - handler = f.createContentHandler(contentType); - if (handler != null) { - break; - } - } - return handler; - } - }); + Iterator iterator = sl.iterator(); + + ContentHandler handler = null; + while (iterator.hasNext()) { + ContentHandlerFactory f = iterator.next(); + handler = f.createContentHandler(contentType); + if (handler != null) { + break; + } + } + return handler; } /** @@ -1465,8 +1441,7 @@ public abstract class URLConnection { * is always the last one on the returned package list. */ private String getContentHandlerPkgPrefixes() { - String packagePrefixList = - GetPropertyAction.privilegedGetProperty(contentPathProp, ""); + String packagePrefixList = System.getProperty(contentPathProp, ""); if (packagePrefixList != "") { packagePrefixList += "|"; diff --git a/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java b/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java index 202f3e654fa..05733f7287d 100644 --- a/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java +++ b/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java @@ -49,19 +49,9 @@ import java.net.URLStreamHandlerFactory; public abstract class URLStreamHandlerProvider implements URLStreamHandlerFactory { - private static Void checkPermission() { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkPermission(new RuntimePermission("setFactory")); - return null; - } - private URLStreamHandlerProvider(Void ignore) { } - /** * Initializes a new URL stream handler provider. */ protected URLStreamHandlerProvider() { - this(checkPermission()); } } diff --git a/src/java.base/share/classes/sun/net/util/URLUtil.java b/src/java.base/share/classes/sun/net/util/URLUtil.java index 9eb04ce4151..055742baf2f 100644 --- a/src/java.base/share/classes/sun/net/util/URLUtil.java +++ b/src/java.base/share/classes/sun/net/util/URLUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,12 +38,12 @@ public class URLUtil { /** * Returns a string form of the url suitable for use as a key in HashMap/Sets. * - * The string form should be behave in the same manner as the URL when + * The string form should behave in the same manner as the URL when * compared for equality in a HashMap/Set, except that no nameservice * lookup is done on the hostname (only string comparison), and the fragment * is not considered. * - * @see java.net.URLStreamHandler.sameFile(java.net.URL) + * @see java.net.URL#sameFile(java.net.URL) */ public static String urlNoFragString(URL url) { StringBuilder strForm = new StringBuilder();