8344221: Remove calls to SecurityManager and and doPrivileged in java.net.IDN, java.net.URL, java.net.URLConnection, sun.net.util.URLUtil, and java.net.URLStreamHandlerProvider after JEP 486 integration
Reviewed-by: alanb, rriggs
This commit is contained in:
Daniel Fuchs
parent
dfddbcaab8
commit
d52d136486
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -26,8 +26,6 @@ package java.net;
|
|||||||
|
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.security.AccessController;
|
|
||||||
import java.security.PrivilegedAction;
|
|
||||||
|
|
||||||
import jdk.internal.icu.impl.Punycode;
|
import jdk.internal.icu.impl.Punycode;
|
||||||
import jdk.internal.icu.text.StringPrep;
|
import jdk.internal.icu.text.StringPrep;
|
||||||
@ -248,14 +246,7 @@ public final class IDN {
|
|||||||
StringPrep stringPrep = null;
|
StringPrep stringPrep = null;
|
||||||
try {
|
try {
|
||||||
final String IDN_PROFILE = "/sun/net/idn/uidna.spp";
|
final String IDN_PROFILE = "/sun/net/idn/uidna.spp";
|
||||||
@SuppressWarnings("removal")
|
InputStream stream = StringPrep.class.getResourceAsStream(IDN_PROFILE);
|
||||||
InputStream stream = System.getSecurityManager() != null
|
|
||||||
? AccessController.doPrivileged(new PrivilegedAction<>() {
|
|
||||||
public InputStream run() {
|
|
||||||
return StringPrep.class.getResourceAsStream(IDN_PROFILE);
|
|
||||||
}})
|
|
||||||
: StringPrep.class.getResourceAsStream(IDN_PROFILE);
|
|
||||||
|
|
||||||
stringPrep = new StringPrep(stream);
|
stringPrep = new StringPrep(stream);
|
||||||
stream.close();
|
stream.close();
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
|
|||||||
@ -30,8 +30,6 @@ import java.io.IOException;
|
|||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.net.spi.URLStreamHandlerProvider;
|
import java.net.spi.URLStreamHandlerProvider;
|
||||||
import java.nio.file.Path;
|
import java.nio.file.Path;
|
||||||
import java.security.AccessController;
|
|
||||||
import java.security.PrivilegedAction;
|
|
||||||
import java.util.Hashtable;
|
import java.util.Hashtable;
|
||||||
import java.io.InvalidObjectException;
|
import java.io.InvalidObjectException;
|
||||||
import java.io.ObjectStreamException;
|
import java.io.ObjectStreamException;
|
||||||
@ -39,8 +37,6 @@ import java.io.ObjectStreamField;
|
|||||||
import java.io.ObjectInputStream.GetField;
|
import java.io.ObjectInputStream.GetField;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Locale;
|
import java.util.Locale;
|
||||||
import java.util.NoSuchElementException;
|
|
||||||
import java.util.ServiceConfigurationError;
|
|
||||||
import java.util.ServiceLoader;
|
import java.util.ServiceLoader;
|
||||||
|
|
||||||
import jdk.internal.access.JavaNetURLAccess;
|
import jdk.internal.access.JavaNetURLAccess;
|
||||||
@ -48,8 +44,6 @@ import jdk.internal.access.SharedSecrets;
|
|||||||
import jdk.internal.misc.ThreadTracker;
|
import jdk.internal.misc.ThreadTracker;
|
||||||
import jdk.internal.misc.VM;
|
import jdk.internal.misc.VM;
|
||||||
import sun.net.util.IPAddressUtil;
|
import sun.net.util.IPAddressUtil;
|
||||||
import sun.security.util.SecurityConstants;
|
|
||||||
import sun.security.action.GetPropertyAction;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class {@code URL} represents a Uniform Resource
|
* Class {@code URL} represents a Uniform Resource
|
||||||
@ -485,14 +479,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
@Deprecated(since = "20")
|
@Deprecated(since = "20")
|
||||||
public URL(String protocol, String host, int port, String file,
|
public URL(String protocol, String host, int port, String file,
|
||||||
URLStreamHandler handler) throws MalformedURLException {
|
URLStreamHandler handler) throws MalformedURLException {
|
||||||
if (handler != null) {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null) {
|
|
||||||
// check for permission to specify a handler
|
|
||||||
checkSpecifyHandler(sm);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
protocol = lowerCaseProtocol(protocol);
|
protocol = lowerCaseProtocol(protocol);
|
||||||
this.protocol = protocol;
|
this.protocol = protocol;
|
||||||
@ -683,15 +669,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
boolean aRef=false;
|
boolean aRef=false;
|
||||||
boolean isRelative = false;
|
boolean isRelative = false;
|
||||||
|
|
||||||
// Check for permission to specify a handler
|
|
||||||
if (handler != null) {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null) {
|
|
||||||
checkSpecifyHandler(sm);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
limit = spec.length();
|
limit = spec.length();
|
||||||
while ((limit > 0) && (spec.charAt(limit - 1) <= ' ')) {
|
while ((limit > 0) && (spec.charAt(limit - 1) <= ' ')) {
|
||||||
@ -912,13 +889,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Checks for permission to specify a stream handler.
|
|
||||||
*/
|
|
||||||
private void checkSpecifyHandler(@SuppressWarnings("removal") SecurityManager sm) {
|
|
||||||
sm.checkPermission(SecurityConstants.SPECIFY_HANDLER_PERMISSION);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the specified 8 fields of the URL. This is not a public method so
|
* Sets the specified 8 fields of the URL. This is not a public method so
|
||||||
* that only URLStreamHandlers can modify URL fields. URLs are otherwise
|
* that only URLStreamHandlers can modify URL fields. URLs are otherwise
|
||||||
@ -956,9 +926,8 @@ public final class URL implements java.io.Serializable {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the address of the host represented by this URL.
|
* Returns the address of the host represented by this URL.
|
||||||
* A {@link SecurityException} or an {@link UnknownHostException}
|
* An {@link UnknownHostException} while getting the host address
|
||||||
* while getting the host address will result in this method returning
|
* will result in this method returning {@code null}.
|
||||||
* {@code null}
|
|
||||||
*
|
*
|
||||||
* @return an {@link InetAddress} representing the host
|
* @return an {@link InetAddress} representing the host
|
||||||
*/
|
*/
|
||||||
@ -972,7 +941,7 @@ public final class URL implements java.io.Serializable {
|
|||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
hostAddress = InetAddress.getByName(host);
|
hostAddress = InetAddress.getByName(host);
|
||||||
} catch (UnknownHostException | SecurityException ex) {
|
} catch (UnknownHostException e) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return hostAddress;
|
return hostAddress;
|
||||||
@ -1271,16 +1240,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
|
|
||||||
// Create a copy of Proxy as a security measure
|
// Create a copy of Proxy as a security measure
|
||||||
Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy);
|
Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy);
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (p.type() != Proxy.Type.DIRECT && sm != null) {
|
|
||||||
InetSocketAddress epoint = (InetSocketAddress) p.address();
|
|
||||||
if (epoint.isUnresolved())
|
|
||||||
sm.checkConnect(epoint.getHostName(), epoint.getPort());
|
|
||||||
else
|
|
||||||
sm.checkConnect(epoint.getAddress().getHostAddress(),
|
|
||||||
epoint.getPort());
|
|
||||||
}
|
|
||||||
return handler.openConnection(this, p);
|
return handler.openConnection(this, p);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1358,11 +1317,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
if (factory != null) {
|
if (factory != null) {
|
||||||
throw new Error("factory already defined");
|
throw new Error("factory already defined");
|
||||||
}
|
}
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager security = System.getSecurityManager();
|
|
||||||
if (security != null) {
|
|
||||||
security.checkSetFactory();
|
|
||||||
}
|
|
||||||
handlers.clear();
|
handlers.clear();
|
||||||
|
|
||||||
// safe publication of URLStreamHandlerFactory with volatile write
|
// safe publication of URLStreamHandlerFactory with volatile write
|
||||||
@ -1398,8 +1352,7 @@ public final class URL implements java.io.Serializable {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private static URLStreamHandler lookupViaProperty(String protocol) {
|
private static URLStreamHandler lookupViaProperty(String protocol) {
|
||||||
String packagePrefixList =
|
String packagePrefixList = System.getProperty(protocolPathProp);
|
||||||
GetPropertyAction.privilegedGetProperty(protocolPathProp);
|
|
||||||
if (packagePrefixList == null || packagePrefixList.isEmpty()) {
|
if (packagePrefixList == null || packagePrefixList.isEmpty()) {
|
||||||
// not set
|
// not set
|
||||||
return null;
|
return null;
|
||||||
@ -1435,47 +1388,6 @@ public final class URL implements java.io.Serializable {
|
|||||||
return handler;
|
return handler;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static Iterator<URLStreamHandlerProvider> providers() {
|
|
||||||
return new Iterator<>() {
|
|
||||||
|
|
||||||
final ClassLoader cl = ClassLoader.getSystemClassLoader();
|
|
||||||
final ServiceLoader<URLStreamHandlerProvider> sl =
|
|
||||||
ServiceLoader.load(URLStreamHandlerProvider.class, cl);
|
|
||||||
final Iterator<URLStreamHandlerProvider> i = sl.iterator();
|
|
||||||
|
|
||||||
URLStreamHandlerProvider next = null;
|
|
||||||
|
|
||||||
private boolean getNext() {
|
|
||||||
while (next == null) {
|
|
||||||
try {
|
|
||||||
if (!i.hasNext())
|
|
||||||
return false;
|
|
||||||
next = i.next();
|
|
||||||
} catch (ServiceConfigurationError sce) {
|
|
||||||
if (sce.getCause() instanceof SecurityException) {
|
|
||||||
// Ignore security exceptions
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
throw sce;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean hasNext() {
|
|
||||||
return getNext();
|
|
||||||
}
|
|
||||||
|
|
||||||
public URLStreamHandlerProvider next() {
|
|
||||||
if (!getNext())
|
|
||||||
throw new NoSuchElementException();
|
|
||||||
URLStreamHandlerProvider n = next;
|
|
||||||
next = null;
|
|
||||||
return n;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
private static class ThreadTrackHolder {
|
private static class ThreadTrackHolder {
|
||||||
static final ThreadTracker TRACKER = new ThreadTracker();
|
static final ThreadTracker TRACKER = new ThreadTracker();
|
||||||
}
|
}
|
||||||
@ -1488,26 +1400,23 @@ public final class URL implements java.io.Serializable {
|
|||||||
ThreadTrackHolder.TRACKER.end(key);
|
ThreadTrackHolder.TRACKER.end(key);
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
private static URLStreamHandler lookupViaProviders(final String protocol) {
|
private static URLStreamHandler lookupViaProviders(final String protocol) {
|
||||||
Object key = tryBeginLookup();
|
Object key = tryBeginLookup();
|
||||||
if (key == null) {
|
if (key == null) {
|
||||||
throw new Error("Circular loading of URL stream handler providers detected");
|
throw new Error("Circular loading of URL stream handler providers detected");
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
return AccessController.doPrivileged(
|
final ClassLoader cl = ClassLoader.getSystemClassLoader();
|
||||||
new PrivilegedAction<>() {
|
final ServiceLoader<URLStreamHandlerProvider> sl =
|
||||||
public URLStreamHandler run() {
|
ServiceLoader.load(URLStreamHandlerProvider.class, cl);
|
||||||
Iterator<URLStreamHandlerProvider> itr = providers();
|
final Iterator<URLStreamHandlerProvider> itr = sl.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
URLStreamHandlerProvider f = itr.next();
|
URLStreamHandlerProvider f = itr.next();
|
||||||
URLStreamHandler h = f.createURLStreamHandler(protocol);
|
URLStreamHandler h = f.createURLStreamHandler(protocol);
|
||||||
if (h != null)
|
if (h != null)
|
||||||
return h;
|
return h;
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
|
||||||
});
|
|
||||||
} finally {
|
} finally {
|
||||||
endLookup(key);
|
endLookup(key);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,7 +28,6 @@ package java.net;
|
|||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
import java.security.PrivilegedAction;
|
|
||||||
import java.util.Hashtable;
|
import java.util.Hashtable;
|
||||||
import java.util.concurrent.ConcurrentHashMap;
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
@ -42,10 +41,8 @@ import java.util.Locale;
|
|||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.security.Permission;
|
import java.security.Permission;
|
||||||
import java.security.AccessController;
|
|
||||||
import sun.security.util.SecurityConstants;
|
import sun.security.util.SecurityConstants;
|
||||||
import sun.net.www.MessageHeader;
|
import sun.net.www.MessageHeader;
|
||||||
import sun.security.action.GetPropertyAction;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The abstract class {@code URLConnection} is the superclass
|
* The abstract class {@code URLConnection} is the superclass
|
||||||
@ -328,9 +325,6 @@ public abstract class URLConnection {
|
|||||||
* @since 1.2
|
* @since 1.2
|
||||||
*/
|
*/
|
||||||
public static void setFileNameMap(FileNameMap map) {
|
public static void setFileNameMap(FileNameMap map) {
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null) sm.checkSetFactory();
|
|
||||||
fileNameMap = map;
|
fileNameMap = map;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1285,11 +1279,6 @@ public abstract class URLConnection {
|
|||||||
if (factory != null) {
|
if (factory != null) {
|
||||||
throw new Error("factory already defined");
|
throw new Error("factory already defined");
|
||||||
}
|
}
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager security = System.getSecurityManager();
|
|
||||||
if (security != null) {
|
|
||||||
security.checkSetFactory();
|
|
||||||
}
|
|
||||||
factory = fac;
|
factory = fac;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1401,35 +1390,22 @@ public abstract class URLConnection {
|
|||||||
|
|
||||||
@SuppressWarnings("removal")
|
@SuppressWarnings("removal")
|
||||||
private ContentHandler lookupContentHandlerViaProvider(String contentType) {
|
private ContentHandler lookupContentHandlerViaProvider(String contentType) {
|
||||||
return AccessController.doPrivileged(
|
|
||||||
new PrivilegedAction<>() {
|
|
||||||
@Override
|
|
||||||
public ContentHandler run() {
|
|
||||||
ClassLoader cl = ClassLoader.getSystemClassLoader();
|
|
||||||
ServiceLoader<ContentHandlerFactory> sl =
|
|
||||||
ServiceLoader.load(ContentHandlerFactory.class, cl);
|
|
||||||
|
|
||||||
Iterator<ContentHandlerFactory> iterator = sl.iterator();
|
ClassLoader cl = ClassLoader.getSystemClassLoader();
|
||||||
|
ServiceLoader<ContentHandlerFactory> sl =
|
||||||
|
ServiceLoader.load(ContentHandlerFactory.class, cl);
|
||||||
|
|
||||||
ContentHandler handler = null;
|
Iterator<ContentHandlerFactory> iterator = sl.iterator();
|
||||||
while (iterator.hasNext()) {
|
|
||||||
ContentHandlerFactory f;
|
ContentHandler handler = null;
|
||||||
try {
|
while (iterator.hasNext()) {
|
||||||
f = iterator.next();
|
ContentHandlerFactory f = iterator.next();
|
||||||
} catch (ServiceConfigurationError e) {
|
handler = f.createContentHandler(contentType);
|
||||||
if (e.getCause() instanceof SecurityException) {
|
if (handler != null) {
|
||||||
continue;
|
break;
|
||||||
}
|
}
|
||||||
throw e;
|
}
|
||||||
}
|
return handler;
|
||||||
handler = f.createContentHandler(contentType);
|
|
||||||
if (handler != null) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return handler;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -1465,8 +1441,7 @@ public abstract class URLConnection {
|
|||||||
* is always the last one on the returned package list.
|
* is always the last one on the returned package list.
|
||||||
*/
|
*/
|
||||||
private String getContentHandlerPkgPrefixes() {
|
private String getContentHandlerPkgPrefixes() {
|
||||||
String packagePrefixList =
|
String packagePrefixList = System.getProperty(contentPathProp, "");
|
||||||
GetPropertyAction.privilegedGetProperty(contentPathProp, "");
|
|
||||||
|
|
||||||
if (packagePrefixList != "") {
|
if (packagePrefixList != "") {
|
||||||
packagePrefixList += "|";
|
packagePrefixList += "|";
|
||||||
|
|||||||
@ -49,19 +49,9 @@ import java.net.URLStreamHandlerFactory;
|
|||||||
public abstract class URLStreamHandlerProvider
|
public abstract class URLStreamHandlerProvider
|
||||||
implements URLStreamHandlerFactory
|
implements URLStreamHandlerFactory
|
||||||
{
|
{
|
||||||
private static Void checkPermission() {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null)
|
|
||||||
sm.checkPermission(new RuntimePermission("setFactory"));
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
private URLStreamHandlerProvider(Void ignore) { }
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initializes a new URL stream handler provider.
|
* Initializes a new URL stream handler provider.
|
||||||
*/
|
*/
|
||||||
protected URLStreamHandlerProvider() {
|
protected URLStreamHandlerProvider() {
|
||||||
this(checkPermission());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2009, 2023, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -38,12 +38,12 @@ public class URLUtil {
|
|||||||
/**
|
/**
|
||||||
* Returns a string form of the url suitable for use as a key in HashMap/Sets.
|
* Returns a string form of the url suitable for use as a key in HashMap/Sets.
|
||||||
*
|
*
|
||||||
* The string form should be behave in the same manner as the URL when
|
* The string form should behave in the same manner as the URL when
|
||||||
* compared for equality in a HashMap/Set, except that no nameservice
|
* compared for equality in a HashMap/Set, except that no nameservice
|
||||||
* lookup is done on the hostname (only string comparison), and the fragment
|
* lookup is done on the hostname (only string comparison), and the fragment
|
||||||
* is not considered.
|
* is not considered.
|
||||||
*
|
*
|
||||||
* @see java.net.URLStreamHandler.sameFile(java.net.URL)
|
* @see java.net.URL#sameFile(java.net.URL)
|
||||||
*/
|
*/
|
||||||
public static String urlNoFragString(URL url) {
|
public static String urlNoFragString(URL url) {
|
||||||
StringBuilder strForm = new StringBuilder();
|
StringBuilder strForm = new StringBuilder();
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user