stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8344223: Remove calls to SecurityManager and doPrivileged in java.net.URLClassLoader after JEP 486 integration

Browse Source 
Reviewed-by: alanb, yzheng
This commit is contained in:
Jaikiran Pai 2024-11-20 12:41:39 +00:00
parent 6f4dfa6626
commit db7ee3dad1
3 changed files with 112 additions and 397 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
src/java.base/share/classes/java/net/URLClassLoader.java
View File

@ -30,14 +30,10 @@ import java.io.File;
import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.CodeSigner;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.SecureClassLoader;
import java.util.Enumeration;
import java.util.List;
@ -76,10 +72,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
/* The search path for classes and resources */
private final URLClassPath ucp;
/* The context to be used when loading classes and resources */
@SuppressWarnings("removal")
private final AccessControlContext acc;
/**
* Constructs a new URLClassLoader for the given URLs. The URLs will be
* searched in the order specified for classes and resources after first
@ -94,18 +86,9 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls, ClassLoader parent) {
super(parent);
this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc);
}
URLClassLoader(String name, URL[] urls, ClassLoader parent,
@SuppressWarnings("removal") AccessControlContext acc) {
super(name, parent);
this.acc = acc;
this.ucp = new URLClassPath(urls, acc);
this.ucp = new URLClassPath(urls);
}
/**
@ -122,17 +105,9 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls) {
super();
this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc);
}
URLClassLoader(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
super();
this.acc = acc;
this.ucp = new URLClassPath(urls, acc);
this.ucp = new URLClassPath(urls);
}
/**
@ -149,12 +124,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls, ClassLoader parent,
URLStreamHandlerFactory factory) {
super(parent);
this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, factory, acc);
this.ucp = new URLClassPath(urls, factory);
}
@ -176,13 +149,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
*
* @since 9
*/
@SuppressWarnings("removal")
public URLClassLoader(String name,
URL[] urls,
ClassLoader parent) {
super(name, parent);
this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc);
this.ucp = new URLClassPath(urls);
}
/**
@ -203,12 +174,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
*
* @since 9
*/
@SuppressWarnings("removal")
public URLClassLoader(String name, URL[] urls, ClassLoader parent,
URLStreamHandlerFactory factory) {
super(name, parent);
this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, factory, acc);
this.ucp = new URLClassPath(urls, factory);
}
/* A map (used as a set) to keep track of closeable local resources
@ -299,11 +268,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @since 1.7
*/
public void close() throws IOException {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkPermission(new RuntimePermission("closeClassLoader"));
}
List<IOException> errors = ucp.closeLoaders();
// now close any remaining streams.
@ -369,17 +333,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* or if the loader is closed.
* @throws NullPointerException if {@code name} is {@code null}.
*/
@SuppressWarnings("removal")
protected Class<?> findClass(final String name)
throws ClassNotFoundException
{
final Class<?> result;
try {
result = AccessController.doPrivileged(
new PrivilegedExceptionAction<>() {
public Class<?> run() throws ClassNotFoundException {
String path = name.replace('.', '/').concat(".class");
Resource res = ucp.getResource(path, false);
Resource res = ucp.getResource(path);
if (res != null) {
try {
return defineClass(name, res);
@ -391,19 +349,9 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
}
throw e2;
}
} else {
return null;
}
}
}, acc);
} catch (java.security.PrivilegedActionException pae) {
throw (ClassNotFoundException) pae.getException();
}
if (result == null) {
throw new ClassNotFoundException(name);
}
return result;
}
/*
* Retrieve the package using the specified package name.
@ -575,18 +523,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* if the resource could not be found, or if the loader is closed.
*/
public URL findResource(final String name) {
/*
* The same restriction to finding classes applies to resources
*/
@SuppressWarnings("removal")
URL url = AccessController.doPrivileged(
new PrivilegedAction<>() {
public URL run() {
return ucp.findResource(name, true);
}
}, acc);
return url != null ? URLClassPath.checkURL(url) : null;
return ucp.findResource(name);
}
/**
@ -598,10 +535,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @return An {@code Enumeration} of {@code URL}s.
* If the loader is closed, the Enumeration contains no elements.
*/
@Override
public Enumeration<URL> findResources(final String name)
throws IOException
{
final Enumeration<URL> e = ucp.findResources(name, true);
final Enumeration<URL> e = ucp.findResources(name);
return new Enumeration<>() {
private URL url = null;
@ -610,23 +548,14 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
if (url != null) {
return true;
}
do {
@SuppressWarnings("removal")
URL u = AccessController.doPrivileged(
new PrivilegedAction<>() {
public URL run() {
if (!e.hasMoreElements())
return null;
return e.nextElement();
if (!e.hasMoreElements()) {
return false;
}
}, acc);
if (u == null)
break;
url = URLClassPath.checkURL(u);
} while (url == null);
url = e.nextElement();
return url != null;
}
@Override
public URL nextElement() {
if (!next()) {
throw new NoSuchElementException();
@ -636,6 +565,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
return u;
}
@Override
public boolean hasMoreElements() {
return next();
}
@ -666,7 +596,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code codesource} is {@code null}.
* @return the permissions for the codesource
*/
@SuppressWarnings("removal")
protected PermissionCollection getPermissions(CodeSource codesource)
{
PermissionCollection perms = super.getPermissions(codesource);
@ -719,16 +648,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
// would have this permission
if (p != null) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
final Permission fp = p;
AccessController.doPrivileged(new PrivilegedAction<>() {
public Void run() throws SecurityException {
sm.checkPermission(fp);
return null;
}
}, acc);
}
perms.add(p);
}
return perms;
@ -746,18 +665,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
*/
public static URLClassLoader newInstance(final URL[] urls,
final ClassLoader parent) {
// Save the caller's context
@SuppressWarnings("removal")
final AccessControlContext acc = AccessController.getContext();
// Need a privileged block to create the class loader
@SuppressWarnings("removal")
URLClassLoader ucl = AccessController.doPrivileged(
new PrivilegedAction<>() {
public URLClassLoader run() {
return new FactoryURLClassLoader(null, urls, parent, acc);
}
});
return ucl;
return new URLClassLoader(null, urls, parent);
}
/**
@ -770,53 +678,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @return the resulting class loader
*/
public static URLClassLoader newInstance(final URL[] urls) {
// Save the caller's context
@SuppressWarnings("removal")
final AccessControlContext acc = AccessController.getContext();
// Need a privileged block to create the class loader
@SuppressWarnings("removal")
URLClassLoader ucl = AccessController.doPrivileged(
new PrivilegedAction<>() {
public URLClassLoader run() {
return new FactoryURLClassLoader(urls, acc);
}
});
return ucl;
return new URLClassLoader(urls);
}
static {
ClassLoader.registerAsParallelCapable();
}
}
final class FactoryURLClassLoader extends URLClassLoader {
static {
ClassLoader.registerAsParallelCapable();
}
FactoryURLClassLoader(String name, URL[] urls, ClassLoader parent,
@SuppressWarnings("removal") AccessControlContext acc) {
super(name, urls, parent, acc);
}
FactoryURLClassLoader(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
super(urls, acc);
}
public final Class<?> loadClass(String name, boolean resolve)
throws ClassNotFoundException
{
// First check if we have permission to access the package. This
// should go away once we've added support for exported packages.
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
int i = name.lastIndexOf('.');
if (i != -1) {
sm.checkPackageAccess(name.substring(0, i));
}
}
return super.loadClass(name, resolve);
}
}

23
src/java.base/share/classes/jdk/internal/loader/BuiltinClassLoader.java
View File

@ -315,7 +315,7 @@ public class BuiltinClassLoader
if (module.loader() == this) {
URL url;
try {
url = findResource(module.name(), name); // checks URL
url = findResource(module.name(), name);
} catch (IOException ioe) {
return null;
}
@ -355,7 +355,7 @@ public class BuiltinClassLoader
*/
@Override
public Enumeration<URL> findResources(String name) throws IOException {
List<URL> checked = new ArrayList<>(); // list of checked URLs
List<URL> resources = new ArrayList<>(); // list of resource URLs
String pn = Resources.toPackageName(name);
LoadedModule module = packageToModule.get(pn);
@ -363,12 +363,12 @@ public class BuiltinClassLoader
// resource is in a package of a module defined to this loader
if (module.loader() == this) {
URL url = findResource(module.name(), name); // checks URL
URL url = findResource(module.name(), name);
if (url != null
&& (name.endsWith(".class")
|| url.toString().endsWith("/")
|| isOpen(module.mref(), pn))) {
checked.add(url);
resources.add(url);
}
}
@ -376,17 +376,17 @@ public class BuiltinClassLoader
// not in a package of a module defined to this loader
for (URL url : findMiscResource(name)) {
if (url != null) {
checked.add(url);
resources.add(url);
}
}
}
// class path (not checked)
// class path
Enumeration<URL> e = findResourcesOnClassPath(name);
// concat the checked URLs and the (not checked) class path
// concat the URLs of the resource in the modules and the class path
return new Enumeration<>() {
final Iterator<URL> iterator = checked.iterator();
final Iterator<URL> iterator = resources.iterator();
URL next;
private boolean hasNext() {
if (next != null) {
@ -395,7 +395,6 @@ public class BuiltinClassLoader
next = iterator.next();
return true;
} else {
// need to check each URL
while (e.hasMoreElements() && next == null) {
next = e.nextElement();
}
@ -485,7 +484,7 @@ public class BuiltinClassLoader
*/
private URL findResourceOnClassPath(String name) {
if (hasClassPath()) {
return ucp.findResource(name, false);
return ucp.findResource(name);
} else {
// no class path
return null;
@ -497,7 +496,7 @@ public class BuiltinClassLoader
*/
private Enumeration<URL> findResourcesOnClassPath(String name) {
if (hasClassPath()) {
return ucp.findResources(name, false);
return ucp.findResources(name);
} else {
// no class path
return Collections.emptyEnumeration();
@ -686,7 +685,7 @@ public class BuiltinClassLoader
*/
private Class<?> findClassOnClassPathOrNull(String cn) {
String path = cn.replace('.', '/').concat(".class");
Resource res = ucp.getResource(path, false);
Resource res = ucp.getResource(path);
if (res != null) {
try {
return defineClass(cn, res);

251
src/java.base/share/classes/jdk/internal/loader/URLClassPath.java
View File

@ -39,13 +39,7 @@ import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
import java.net.URLStreamHandlerFactory;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.CodeSigner;
import java.security.Permission;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.util.ArrayDeque;
import java.util.ArrayList;
@ -70,7 +64,6 @@ import jdk.internal.access.JavaUtilZipFileAccess;
import jdk.internal.access.SharedSecrets;
import sun.net.util.URLUtil;
import sun.net.www.ParseUtil;
import sun.security.action.GetPropertyAction;
/**
* This class is used to maintain a search path of URLs for loading classes
@ -83,20 +76,16 @@ public class URLClassPath {
private static final String JAVA_VERSION;
private static final boolean DEBUG;
private static final boolean DISABLE_JAR_CHECKING;
private static final boolean DISABLE_ACC_CHECKING;
private static final boolean DISABLE_CP_URL_CHECK;
private static final boolean DEBUG_CP_URL_CHECK;
static {
Properties props = GetPropertyAction.privilegedGetProperties();
Properties props = System.getProperties();
JAVA_VERSION = props.getProperty("java.version");
DEBUG = (props.getProperty("sun.misc.URLClassPath.debug") != null);
String p = props.getProperty("sun.misc.URLClassPath.disableJarChecking");
DISABLE_JAR_CHECKING = p != null ? p.equals("true") || p.isEmpty() : false;
p = props.getProperty("jdk.net.URLClassPath.disableRestrictedPermissions");
DISABLE_ACC_CHECKING = p != null ? p.equals("true") || p.isEmpty() : false;
// This property will be removed in a later release
p = props.getProperty("jdk.net.URLClassPath.disableClassPathURLCheck");
DISABLE_CP_URL_CHECK = p != null ? p.equals("true") || p.isEmpty() : false;
@ -125,12 +114,6 @@ public class URLClassPath {
/* Whether this URLClassLoader has been closed yet */
private boolean closed = false;
/* The context to be used when loading classes and resources. If non-null
* this is the context that was captured during the creation of the
* URLClassLoader. null implies no additional security restrictions. */
@SuppressWarnings("removal")
private final AccessControlContext acc;
/**
* Creates a new URLClassPath for the given URLs. The URLs will be
* searched in the order specified for classes and resources. A URL
@ -140,12 +123,9 @@ public class URLClassPath {
* @param urls the directory and JAR file URLs to search for classes
* and resources
* @param factory the URLStreamHandlerFactory to use when creating new URLs
* @param acc the context to be used when loading classes and resources, may
* be null
*/
public URLClassPath(URL[] urls,
URLStreamHandlerFactory factory,
@SuppressWarnings("removal") AccessControlContext acc) {
URLStreamHandlerFactory factory) {
ArrayList<URL> path = new ArrayList<>(urls.length);
ArrayDeque<URL> unopenedUrls = new ArrayDeque<>(urls.length);
for (URL url : urls) {
@ -160,14 +140,10 @@ public class URLClassPath {
} else {
jarHandler = null;
}
if (DISABLE_ACC_CHECKING)
this.acc = null;
else
this.acc = acc;
}
public URLClassPath(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
this(urls, null, acc);
public URLClassPath(URL[] urls) {
this(urls, null);
}
/**
@ -209,7 +185,6 @@ public class URLClassPath {
// the application class loader uses the built-in protocol handler to avoid protocol
// handler lookup when opening JAR files on the class path.
this.jarHandler = new sun.net.www.protocol.jar.Handler();
this.acc = null;
}
public synchronized List<IOException> closeLoaders() {
@ -279,17 +254,16 @@ public class URLClassPath {
/**
* Finds the resource with the specified name on the URL search path
* or null if not found or security check fails.
* or null if not found.
*
* @param name the name of the resource
* @param check whether to perform a security check
* @return a {@code URL} for the resource, or {@code null}
* if the resource could not be found.
*/
public URL findResource(String name, boolean check) {
public URL findResource(String name) {
Loader loader;
for (int i = 0; (loader = getLoader(i)) != null; i++) {
URL url = loader.findResource(name, check);
URL url = loader.findResource(name);
if (url != null) {
return url;
}
@ -297,29 +271,6 @@ public class URLClassPath {
return null;
}
/**
* Finds the first Resource on the URL search path which has the specified
* name. Returns null if no Resource could be found.
*
* @param name the name of the Resource
* @param check whether to perform a security check
* @return the Resource, or null if not found
*/
public Resource getResource(String name, boolean check) {
if (DEBUG) {
System.err.println("URLClassPath.getResource(\"" + name + "\")");
}
Loader loader;
for (int i = 0; (loader = getLoader(i)) != null; i++) {
Resource res = loader.getResource(name, check);
if (res != null) {
return res;
}
}
return null;
}
/**
* Finds all resources on the URL search path with the given name.
* Returns an enumeration of the URL objects.
@ -327,8 +278,7 @@ public class URLClassPath {
* @param name the resource name
* @return an Enumeration of all the urls having the specified name
*/
public Enumeration<URL> findResources(final String name,
final boolean check) {
public Enumeration<URL> findResources(final String name) {
return new Enumeration<>() {
private int index = 0;
private URL url = null;
@ -339,7 +289,7 @@ public class URLClassPath {
} else {
Loader loader;
while ((loader = getLoader(index++)) != null) {
url = loader.findResource(name, check);
url = loader.findResource(name);
if (url != null) {
return true;
}
@ -363,8 +313,26 @@ public class URLClassPath {
};
}
/**
* Finds the first Resource on the URL search path which has the specified
* name. Returns null if no Resource could be found.
*
* @param name the name of the Resource
* @return the Resource, or null if not found
*/
public Resource getResource(String name) {
return getResource(name, true);
if (DEBUG) {
System.err.println("URLClassPath.getResource(\"" + name + "\")");
}
Loader loader;
for (int i = 0; (loader = getLoader(i)) != null; i++) {
Resource res = loader.getResource(name);
if (res != null) {
return res;
}
}
return null;
}
/**
@ -374,8 +342,7 @@ public class URLClassPath {
* @param name the resource name
* @return an Enumeration of all the resources having the specified name
*/
public Enumeration<Resource> getResources(final String name,
final boolean check) {
public Enumeration<Resource> getResources(final String name) {
return new Enumeration<>() {
private int index = 0;
private Resource res = null;
@ -386,7 +353,7 @@ public class URLClassPath {
} else {
Loader loader;
while ((loader = getLoader(index++)) != null) {
res = loader.getResource(name, check);
res = loader.getResource(name);
if (res != null) {
return true;
}
@ -410,10 +377,6 @@ public class URLClassPath {
};
}
public Enumeration<Resource> getResources(final String name) {
return getResources(name, true);
}
/*
* Returns the Loader at the specified position in the URL search
* path. The URLs are opened and expanded as needed. Returns null
@ -455,17 +418,6 @@ public class URLClassPath {
closeQuietly(loader);
}
continue;
} catch (SecurityException se) {
// log the error and close the unusable loader (if any).
// The context, if there is one, that this URLClassPath was
// given during construction will never have permission to access the URL.
if (DEBUG) {
System.err.println("Failed to access " + url + ", " + se );
}
if (loader != null) {
closeQuietly(loader);
}
continue;
}
if (loaderClassPathURLs != null) {
push(loaderClassPathURLs);
@ -491,12 +443,7 @@ public class URLClassPath {
/*
* Returns the Loader for the specified base URL.
*/
@SuppressWarnings("removal")
private Loader getLoader(final URL url) throws IOException {
try {
return AccessController.doPrivileged(
new PrivilegedExceptionAction<>() {
public Loader run() throws IOException {
String protocol = url.getProtocol(); // lower cased in URL
String file = url.getFile();
if (file != null && file.endsWith("/")) {
@ -508,17 +455,12 @@ public class URLClassPath {
// extract the nested URL
@SuppressWarnings("deprecation")
URL nestedUrl = new URL(file.substring(0, file.length() - 2));
return new JarLoader(nestedUrl, jarHandler, acc);
return new JarLoader(nestedUrl, jarHandler);
} else {
return new Loader(url);
}
} else {
return new JarLoader(url, jarHandler, acc);
}
}
}, acc);
} catch (PrivilegedActionException pae) {
throw (IOException)pae.getException();
return new JarLoader(url, jarHandler);
}
}
@ -541,59 +483,6 @@ public class URLClassPath {
}
}
/*
* Checks whether the resource URL should be returned.
* Returns null on security check failure.
* Called by java.net.URLClassLoader.
*/
public static URL checkURL(URL url) {
if (url != null) {
try {
check(url);
} catch (Exception e) {
return null;
}
}
return url;
}
/*
* Checks whether the resource URL should be returned.
* Throws exception on failure.
* Called internally within this file.
*/
public static void check(URL url) throws IOException {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
URLConnection urlConnection = url.openConnection();
Permission perm = urlConnection.getPermission();
if (perm != null) {
try {
security.checkPermission(perm);
} catch (SecurityException se) {
// fallback to checkRead/checkConnect for pre 1.2
// security managers
if ((perm instanceof java.io.FilePermission) &&
perm.getActions().contains("read")) {
security.checkRead(perm.getName());
} else if ((perm instanceof
java.net.SocketPermission) &&
perm.getActions().contains("connect")) {
URL locUrl = url;
if (urlConnection instanceof JarURLConnection) {
locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
}
security.checkConnect(locUrl.getHost(),
locUrl.getPort());
} else {
throw se;
}
}
}
}
}
/**
* Nested class used to represent a loader of resources and classes
* from a base URL.
@ -616,7 +505,7 @@ public class URLClassPath {
return base;
}
URL findResource(final String name, boolean check) {
URL findResource(final String name) {
URL url;
try {
@SuppressWarnings("deprecation")
@ -626,10 +515,6 @@ public class URLClassPath {
}
try {
if (check) {
URLClassPath.check(url);
}
/*
* For a HTTP connection we use the HEAD method to
* check if the resource exists.
@ -653,7 +538,11 @@ public class URLClassPath {
}
}
Resource getResource(final String name, boolean check) {
/*
* Returns the Resource for the specified name, or null if not
* found.
*/
Resource getResource(final String name) {
final URL url;
try {
@SuppressWarnings("deprecation")
@ -663,9 +552,6 @@ public class URLClassPath {
}
final URLConnection uc;
try {
if (check) {
URLClassPath.check(url);
}
uc = url.openConnection();
if (uc instanceof JarURLConnection) {
@ -693,15 +579,6 @@ public class URLClassPath {
};
}
/*
* Returns the Resource for the specified name, or null if not
* found or the caller does not have the permission to get the
* resource.
*/
Resource getResource(final String name) {
return getResource(name, true);
}
/*
* Closes this loader and release all resources.
* Method overridden in sub-classes.
@ -727,8 +604,6 @@ public class URLClassPath {
private static class JarLoader extends Loader {
private JarFile jar;
private final URL csu;
@SuppressWarnings("removal")
private final AccessControlContext acc;
private boolean closed = false;
private static final JavaUtilZipFileAccess zipAccess =
SharedSecrets.getJavaUtilZipFileAccess();
@ -737,14 +612,11 @@ public class URLClassPath {
* Creates a new JarLoader for the specified URL referring to
* a JAR file.
*/
private JarLoader(URL url, URLStreamHandler jarHandler,
@SuppressWarnings("removal") AccessControlContext acc)
private JarLoader(URL url, URLStreamHandler jarHandler)
throws IOException
{
super(newURL("jar", "", -1, url + "!/", jarHandler));
csu = url;
this.acc = acc;
ensureOpen();
}
@ -770,24 +642,13 @@ public class URLClassPath {
return "file".equals(url.getProtocol());
}
@SuppressWarnings("removal")
private void ensureOpen() throws IOException {
if (jar == null) {
try {
AccessController.doPrivileged(
new PrivilegedExceptionAction<>() {
public Void run() throws IOException {
if (DEBUG) {
System.err.println("Opening " + csu);
Thread.dumpStack();
}
jar = getJarFile(csu);
return null;
}
}, acc);
} catch (PrivilegedActionException pae) {
throw (IOException)pae.getException();
}
}
}
@ -826,11 +687,9 @@ public class URLClassPath {
}
/*
* Creates the resource and if the check flag is set to true, checks if
* is its okay to return the resource.
* Creates and returns the Resource. Returns null if the Resource couldn't be created.
*/
Resource checkResource(final String name, boolean check,
final JarEntry entry) {
Resource createResource(final String name, final JarEntry entry) {
final URL url;
try {
@ -842,10 +701,7 @@ public class URLClassPath {
}
@SuppressWarnings("deprecation")
var _unused = url = new URL(getBaseURL(), ParseUtil.encodePath(nm, false));
if (check) {
URLClassPath.check(url);
}
} catch (@SuppressWarnings("removal") AccessControlException | IOException e) {
} catch (IOException e) {
return null;
}
@ -885,8 +741,8 @@ public class URLClassPath {
* Returns the URL for a resource with the specified name
*/
@Override
URL findResource(final String name, boolean check) {
Resource rsc = getResource(name, check);
URL findResource(final String name) {
Resource rsc = getResource(name);
if (rsc != null) {
return rsc.getURL();
}
@ -897,17 +753,16 @@ public class URLClassPath {
* Returns the JAR Resource for the specified name.
*/
@Override
Resource getResource(final String name, boolean check) {
Resource getResource(final String name) {
try {
ensureOpen();
} catch (IOException e) {
throw new InternalError(e);
}
final JarEntry entry = jar.getJarEntry(name);
if (entry != null)
return checkResource(name, check, entry);
if (entry != null) {
return createResource(name, entry);
}
return null;
}
@ -1058,8 +913,8 @@ public class URLClassPath {
* Returns the URL for a resource with the specified name
*/
@Override
URL findResource(final String name, boolean check) {
Resource rsc = getResource(name, check);
URL findResource(final String name) {
Resource rsc = getResource(name);
if (rsc != null) {
return rsc.getURL();
}
@ -1067,7 +922,7 @@ public class URLClassPath {
}
@Override
Resource getResource(final String name, boolean check) {
Resource getResource(final String name) {
final URL url;
try {
@SuppressWarnings("deprecation")
@ -1077,10 +932,6 @@ public class URLClassPath {
// requested resource had ../..'s in path
return null;
}
if (check)
URLClassPath.check(url);
final File file;
if (name.contains("..")) {
file = (new File(dir, name.replace('/', File.separatorChar)))