8344223: Remove calls to SecurityManager and doPrivileged in java.net.URLClassLoader after JEP 486 integration
Reviewed-by: alanb, yzheng
This commit is contained in:
parent
6f4dfa6626
commit
db7ee3dad1
@ -30,14 +30,10 @@ import java.io.File;
|
||||
import java.io.FilePermission;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.AccessControlContext;
|
||||
import java.security.AccessController;
|
||||
import java.security.CodeSigner;
|
||||
import java.security.CodeSource;
|
||||
import java.security.Permission;
|
||||
import java.security.PermissionCollection;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.security.SecureClassLoader;
|
||||
import java.util.Enumeration;
|
||||
import java.util.List;
|
||||
@ -76,10 +72,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
/* The search path for classes and resources */
|
||||
private final URLClassPath ucp;
|
||||
|
||||
/* The context to be used when loading classes and resources */
|
||||
@SuppressWarnings("removal")
|
||||
private final AccessControlContext acc;
|
||||
|
||||
/**
|
||||
* Constructs a new URLClassLoader for the given URLs. The URLs will be
|
||||
* searched in the order specified for classes and resources after first
|
||||
@ -94,18 +86,9 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @throws NullPointerException if {@code urls} or any of its
|
||||
* elements is {@code null}.
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
public URLClassLoader(URL[] urls, ClassLoader parent) {
|
||||
super(parent);
|
||||
this.acc = AccessController.getContext();
|
||||
this.ucp = new URLClassPath(urls, acc);
|
||||
}
|
||||
|
||||
URLClassLoader(String name, URL[] urls, ClassLoader parent,
|
||||
@SuppressWarnings("removal") AccessControlContext acc) {
|
||||
super(name, parent);
|
||||
this.acc = acc;
|
||||
this.ucp = new URLClassPath(urls, acc);
|
||||
this.ucp = new URLClassPath(urls);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -122,17 +105,9 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @throws NullPointerException if {@code urls} or any of its
|
||||
* elements is {@code null}.
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
public URLClassLoader(URL[] urls) {
|
||||
super();
|
||||
this.acc = AccessController.getContext();
|
||||
this.ucp = new URLClassPath(urls, acc);
|
||||
}
|
||||
|
||||
URLClassLoader(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
|
||||
super();
|
||||
this.acc = acc;
|
||||
this.ucp = new URLClassPath(urls, acc);
|
||||
this.ucp = new URLClassPath(urls);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -149,12 +124,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @throws NullPointerException if {@code urls} or any of its
|
||||
* elements is {@code null}.
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
public URLClassLoader(URL[] urls, ClassLoader parent,
|
||||
URLStreamHandlerFactory factory) {
|
||||
super(parent);
|
||||
this.acc = AccessController.getContext();
|
||||
this.ucp = new URLClassPath(urls, factory, acc);
|
||||
this.ucp = new URLClassPath(urls, factory);
|
||||
}
|
||||
|
||||
|
||||
@ -176,13 +149,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
*
|
||||
* @since 9
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
public URLClassLoader(String name,
|
||||
URL[] urls,
|
||||
ClassLoader parent) {
|
||||
super(name, parent);
|
||||
this.acc = AccessController.getContext();
|
||||
this.ucp = new URLClassPath(urls, acc);
|
||||
this.ucp = new URLClassPath(urls);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -203,12 +174,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
*
|
||||
* @since 9
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
public URLClassLoader(String name, URL[] urls, ClassLoader parent,
|
||||
URLStreamHandlerFactory factory) {
|
||||
super(name, parent);
|
||||
this.acc = AccessController.getContext();
|
||||
this.ucp = new URLClassPath(urls, factory, acc);
|
||||
this.ucp = new URLClassPath(urls, factory);
|
||||
}
|
||||
|
||||
/* A map (used as a set) to keep track of closeable local resources
|
||||
@ -299,11 +268,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @since 1.7
|
||||
*/
|
||||
public void close() throws IOException {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
security.checkPermission(new RuntimePermission("closeClassLoader"));
|
||||
}
|
||||
List<IOException> errors = ucp.closeLoaders();
|
||||
|
||||
// now close any remaining streams.
|
||||
@ -369,40 +333,24 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* or if the loader is closed.
|
||||
* @throws NullPointerException if {@code name} is {@code null}.
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
protected Class<?> findClass(final String name)
|
||||
throws ClassNotFoundException
|
||||
{
|
||||
final Class<?> result;
|
||||
try {
|
||||
result = AccessController.doPrivileged(
|
||||
new PrivilegedExceptionAction<>() {
|
||||
public Class<?> run() throws ClassNotFoundException {
|
||||
String path = name.replace('.', '/').concat(".class");
|
||||
Resource res = ucp.getResource(path, false);
|
||||
if (res != null) {
|
||||
try {
|
||||
return defineClass(name, res);
|
||||
} catch (IOException e) {
|
||||
throw new ClassNotFoundException(name, e);
|
||||
} catch (ClassFormatError e2) {
|
||||
if (res.getDataError() != null) {
|
||||
e2.addSuppressed(res.getDataError());
|
||||
}
|
||||
throw e2;
|
||||
}
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}, acc);
|
||||
} catch (java.security.PrivilegedActionException pae) {
|
||||
throw (ClassNotFoundException) pae.getException();
|
||||
String path = name.replace('.', '/').concat(".class");
|
||||
Resource res = ucp.getResource(path);
|
||||
if (res != null) {
|
||||
try {
|
||||
return defineClass(name, res);
|
||||
} catch (IOException e) {
|
||||
throw new ClassNotFoundException(name, e);
|
||||
} catch (ClassFormatError e2) {
|
||||
if (res.getDataError() != null) {
|
||||
e2.addSuppressed(res.getDataError());
|
||||
}
|
||||
throw e2;
|
||||
}
|
||||
}
|
||||
if (result == null) {
|
||||
throw new ClassNotFoundException(name);
|
||||
}
|
||||
return result;
|
||||
throw new ClassNotFoundException(name);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -575,18 +523,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* if the resource could not be found, or if the loader is closed.
|
||||
*/
|
||||
public URL findResource(final String name) {
|
||||
/*
|
||||
* The same restriction to finding classes applies to resources
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
URL url = AccessController.doPrivileged(
|
||||
new PrivilegedAction<>() {
|
||||
public URL run() {
|
||||
return ucp.findResource(name, true);
|
||||
}
|
||||
}, acc);
|
||||
|
||||
return url != null ? URLClassPath.checkURL(url) : null;
|
||||
return ucp.findResource(name);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -598,10 +535,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @return An {@code Enumeration} of {@code URL}s.
|
||||
* If the loader is closed, the Enumeration contains no elements.
|
||||
*/
|
||||
@Override
|
||||
public Enumeration<URL> findResources(final String name)
|
||||
throws IOException
|
||||
{
|
||||
final Enumeration<URL> e = ucp.findResources(name, true);
|
||||
final Enumeration<URL> e = ucp.findResources(name);
|
||||
|
||||
return new Enumeration<>() {
|
||||
private URL url = null;
|
||||
@ -610,23 +548,14 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
if (url != null) {
|
||||
return true;
|
||||
}
|
||||
do {
|
||||
@SuppressWarnings("removal")
|
||||
URL u = AccessController.doPrivileged(
|
||||
new PrivilegedAction<>() {
|
||||
public URL run() {
|
||||
if (!e.hasMoreElements())
|
||||
return null;
|
||||
return e.nextElement();
|
||||
}
|
||||
}, acc);
|
||||
if (u == null)
|
||||
break;
|
||||
url = URLClassPath.checkURL(u);
|
||||
} while (url == null);
|
||||
if (!e.hasMoreElements()) {
|
||||
return false;
|
||||
}
|
||||
url = e.nextElement();
|
||||
return url != null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public URL nextElement() {
|
||||
if (!next()) {
|
||||
throw new NoSuchElementException();
|
||||
@ -636,6 +565,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
return u;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasMoreElements() {
|
||||
return next();
|
||||
}
|
||||
@ -666,7 +596,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @throws NullPointerException if {@code codesource} is {@code null}.
|
||||
* @return the permissions for the codesource
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
protected PermissionCollection getPermissions(CodeSource codesource)
|
||||
{
|
||||
PermissionCollection perms = super.getPermissions(codesource);
|
||||
@ -712,23 +641,13 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
String host = locUrl.getHost();
|
||||
if (host != null && !host.isEmpty())
|
||||
p = new SocketPermission(host,
|
||||
SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
|
||||
SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
|
||||
}
|
||||
|
||||
// make sure the person that created this class loader
|
||||
// would have this permission
|
||||
|
||||
if (p != null) {
|
||||
final SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
final Permission fp = p;
|
||||
AccessController.doPrivileged(new PrivilegedAction<>() {
|
||||
public Void run() throws SecurityException {
|
||||
sm.checkPermission(fp);
|
||||
return null;
|
||||
}
|
||||
}, acc);
|
||||
}
|
||||
perms.add(p);
|
||||
}
|
||||
return perms;
|
||||
@ -746,18 +665,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
*/
|
||||
public static URLClassLoader newInstance(final URL[] urls,
|
||||
final ClassLoader parent) {
|
||||
// Save the caller's context
|
||||
@SuppressWarnings("removal")
|
||||
final AccessControlContext acc = AccessController.getContext();
|
||||
// Need a privileged block to create the class loader
|
||||
@SuppressWarnings("removal")
|
||||
URLClassLoader ucl = AccessController.doPrivileged(
|
||||
new PrivilegedAction<>() {
|
||||
public URLClassLoader run() {
|
||||
return new FactoryURLClassLoader(null, urls, parent, acc);
|
||||
}
|
||||
});
|
||||
return ucl;
|
||||
return new URLClassLoader(null, urls, parent);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -770,53 +678,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
|
||||
* @return the resulting class loader
|
||||
*/
|
||||
public static URLClassLoader newInstance(final URL[] urls) {
|
||||
// Save the caller's context
|
||||
@SuppressWarnings("removal")
|
||||
final AccessControlContext acc = AccessController.getContext();
|
||||
// Need a privileged block to create the class loader
|
||||
@SuppressWarnings("removal")
|
||||
URLClassLoader ucl = AccessController.doPrivileged(
|
||||
new PrivilegedAction<>() {
|
||||
public URLClassLoader run() {
|
||||
return new FactoryURLClassLoader(urls, acc);
|
||||
}
|
||||
});
|
||||
return ucl;
|
||||
return new URLClassLoader(urls);
|
||||
}
|
||||
|
||||
static {
|
||||
ClassLoader.registerAsParallelCapable();
|
||||
}
|
||||
}
|
||||
|
||||
final class FactoryURLClassLoader extends URLClassLoader {
|
||||
|
||||
static {
|
||||
ClassLoader.registerAsParallelCapable();
|
||||
}
|
||||
|
||||
FactoryURLClassLoader(String name, URL[] urls, ClassLoader parent,
|
||||
@SuppressWarnings("removal") AccessControlContext acc) {
|
||||
super(name, urls, parent, acc);
|
||||
}
|
||||
|
||||
FactoryURLClassLoader(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
|
||||
super(urls, acc);
|
||||
}
|
||||
|
||||
public final Class<?> loadClass(String name, boolean resolve)
|
||||
throws ClassNotFoundException
|
||||
{
|
||||
// First check if we have permission to access the package. This
|
||||
// should go away once we've added support for exported packages.
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
int i = name.lastIndexOf('.');
|
||||
if (i != -1) {
|
||||
sm.checkPackageAccess(name.substring(0, i));
|
||||
}
|
||||
}
|
||||
return super.loadClass(name, resolve);
|
||||
}
|
||||
}
|
||||
|
@ -315,7 +315,7 @@ public class BuiltinClassLoader
|
||||
if (module.loader() == this) {
|
||||
URL url;
|
||||
try {
|
||||
url = findResource(module.name(), name); // checks URL
|
||||
url = findResource(module.name(), name);
|
||||
} catch (IOException ioe) {
|
||||
return null;
|
||||
}
|
||||
@ -355,7 +355,7 @@ public class BuiltinClassLoader
|
||||
*/
|
||||
@Override
|
||||
public Enumeration<URL> findResources(String name) throws IOException {
|
||||
List<URL> checked = new ArrayList<>(); // list of checked URLs
|
||||
List<URL> resources = new ArrayList<>(); // list of resource URLs
|
||||
|
||||
String pn = Resources.toPackageName(name);
|
||||
LoadedModule module = packageToModule.get(pn);
|
||||
@ -363,12 +363,12 @@ public class BuiltinClassLoader
|
||||
|
||||
// resource is in a package of a module defined to this loader
|
||||
if (module.loader() == this) {
|
||||
URL url = findResource(module.name(), name); // checks URL
|
||||
URL url = findResource(module.name(), name);
|
||||
if (url != null
|
||||
&& (name.endsWith(".class")
|
||||
|| url.toString().endsWith("/")
|
||||
|| isOpen(module.mref(), pn))) {
|
||||
checked.add(url);
|
||||
resources.add(url);
|
||||
}
|
||||
}
|
||||
|
||||
@ -376,17 +376,17 @@ public class BuiltinClassLoader
|
||||
// not in a package of a module defined to this loader
|
||||
for (URL url : findMiscResource(name)) {
|
||||
if (url != null) {
|
||||
checked.add(url);
|
||||
resources.add(url);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// class path (not checked)
|
||||
// class path
|
||||
Enumeration<URL> e = findResourcesOnClassPath(name);
|
||||
|
||||
// concat the checked URLs and the (not checked) class path
|
||||
// concat the URLs of the resource in the modules and the class path
|
||||
return new Enumeration<>() {
|
||||
final Iterator<URL> iterator = checked.iterator();
|
||||
final Iterator<URL> iterator = resources.iterator();
|
||||
URL next;
|
||||
private boolean hasNext() {
|
||||
if (next != null) {
|
||||
@ -395,7 +395,6 @@ public class BuiltinClassLoader
|
||||
next = iterator.next();
|
||||
return true;
|
||||
} else {
|
||||
// need to check each URL
|
||||
while (e.hasMoreElements() && next == null) {
|
||||
next = e.nextElement();
|
||||
}
|
||||
@ -485,7 +484,7 @@ public class BuiltinClassLoader
|
||||
*/
|
||||
private URL findResourceOnClassPath(String name) {
|
||||
if (hasClassPath()) {
|
||||
return ucp.findResource(name, false);
|
||||
return ucp.findResource(name);
|
||||
} else {
|
||||
// no class path
|
||||
return null;
|
||||
@ -497,7 +496,7 @@ public class BuiltinClassLoader
|
||||
*/
|
||||
private Enumeration<URL> findResourcesOnClassPath(String name) {
|
||||
if (hasClassPath()) {
|
||||
return ucp.findResources(name, false);
|
||||
return ucp.findResources(name);
|
||||
} else {
|
||||
// no class path
|
||||
return Collections.emptyEnumeration();
|
||||
@ -686,7 +685,7 @@ public class BuiltinClassLoader
|
||||
*/
|
||||
private Class<?> findClassOnClassPathOrNull(String cn) {
|
||||
String path = cn.replace('.', '/').concat(".class");
|
||||
Resource res = ucp.getResource(path, false);
|
||||
Resource res = ucp.getResource(path);
|
||||
if (res != null) {
|
||||
try {
|
||||
return defineClass(cn, res);
|
||||
|
@ -39,13 +39,7 @@ import java.net.URL;
|
||||
import java.net.URLConnection;
|
||||
import java.net.URLStreamHandler;
|
||||
import java.net.URLStreamHandlerFactory;
|
||||
import java.security.AccessControlContext;
|
||||
import java.security.AccessControlException;
|
||||
import java.security.AccessController;
|
||||
import java.security.CodeSigner;
|
||||
import java.security.Permission;
|
||||
import java.security.PrivilegedActionException;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.security.cert.Certificate;
|
||||
import java.util.ArrayDeque;
|
||||
import java.util.ArrayList;
|
||||
@ -70,7 +64,6 @@ import jdk.internal.access.JavaUtilZipFileAccess;
|
||||
import jdk.internal.access.SharedSecrets;
|
||||
import sun.net.util.URLUtil;
|
||||
import sun.net.www.ParseUtil;
|
||||
import sun.security.action.GetPropertyAction;
|
||||
|
||||
/**
|
||||
* This class is used to maintain a search path of URLs for loading classes
|
||||
@ -83,20 +76,16 @@ public class URLClassPath {
|
||||
private static final String JAVA_VERSION;
|
||||
private static final boolean DEBUG;
|
||||
private static final boolean DISABLE_JAR_CHECKING;
|
||||
private static final boolean DISABLE_ACC_CHECKING;
|
||||
private static final boolean DISABLE_CP_URL_CHECK;
|
||||
private static final boolean DEBUG_CP_URL_CHECK;
|
||||
|
||||
static {
|
||||
Properties props = GetPropertyAction.privilegedGetProperties();
|
||||
Properties props = System.getProperties();
|
||||
JAVA_VERSION = props.getProperty("java.version");
|
||||
DEBUG = (props.getProperty("sun.misc.URLClassPath.debug") != null);
|
||||
String p = props.getProperty("sun.misc.URLClassPath.disableJarChecking");
|
||||
DISABLE_JAR_CHECKING = p != null ? p.equals("true") || p.isEmpty() : false;
|
||||
|
||||
p = props.getProperty("jdk.net.URLClassPath.disableRestrictedPermissions");
|
||||
DISABLE_ACC_CHECKING = p != null ? p.equals("true") || p.isEmpty() : false;
|
||||
|
||||
// This property will be removed in a later release
|
||||
p = props.getProperty("jdk.net.URLClassPath.disableClassPathURLCheck");
|
||||
DISABLE_CP_URL_CHECK = p != null ? p.equals("true") || p.isEmpty() : false;
|
||||
@ -125,12 +114,6 @@ public class URLClassPath {
|
||||
/* Whether this URLClassLoader has been closed yet */
|
||||
private boolean closed = false;
|
||||
|
||||
/* The context to be used when loading classes and resources. If non-null
|
||||
* this is the context that was captured during the creation of the
|
||||
* URLClassLoader. null implies no additional security restrictions. */
|
||||
@SuppressWarnings("removal")
|
||||
private final AccessControlContext acc;
|
||||
|
||||
/**
|
||||
* Creates a new URLClassPath for the given URLs. The URLs will be
|
||||
* searched in the order specified for classes and resources. A URL
|
||||
@ -140,12 +123,9 @@ public class URLClassPath {
|
||||
* @param urls the directory and JAR file URLs to search for classes
|
||||
* and resources
|
||||
* @param factory the URLStreamHandlerFactory to use when creating new URLs
|
||||
* @param acc the context to be used when loading classes and resources, may
|
||||
* be null
|
||||
*/
|
||||
public URLClassPath(URL[] urls,
|
||||
URLStreamHandlerFactory factory,
|
||||
@SuppressWarnings("removal") AccessControlContext acc) {
|
||||
URLStreamHandlerFactory factory) {
|
||||
ArrayList<URL> path = new ArrayList<>(urls.length);
|
||||
ArrayDeque<URL> unopenedUrls = new ArrayDeque<>(urls.length);
|
||||
for (URL url : urls) {
|
||||
@ -160,14 +140,10 @@ public class URLClassPath {
|
||||
} else {
|
||||
jarHandler = null;
|
||||
}
|
||||
if (DISABLE_ACC_CHECKING)
|
||||
this.acc = null;
|
||||
else
|
||||
this.acc = acc;
|
||||
}
|
||||
|
||||
public URLClassPath(URL[] urls, @SuppressWarnings("removal") AccessControlContext acc) {
|
||||
this(urls, null, acc);
|
||||
public URLClassPath(URL[] urls) {
|
||||
this(urls, null);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -209,7 +185,6 @@ public class URLClassPath {
|
||||
// the application class loader uses the built-in protocol handler to avoid protocol
|
||||
// handler lookup when opening JAR files on the class path.
|
||||
this.jarHandler = new sun.net.www.protocol.jar.Handler();
|
||||
this.acc = null;
|
||||
}
|
||||
|
||||
public synchronized List<IOException> closeLoaders() {
|
||||
@ -279,17 +254,16 @@ public class URLClassPath {
|
||||
|
||||
/**
|
||||
* Finds the resource with the specified name on the URL search path
|
||||
* or null if not found or security check fails.
|
||||
* or null if not found.
|
||||
*
|
||||
* @param name the name of the resource
|
||||
* @param check whether to perform a security check
|
||||
* @return a {@code URL} for the resource, or {@code null}
|
||||
* if the resource could not be found.
|
||||
*/
|
||||
public URL findResource(String name, boolean check) {
|
||||
public URL findResource(String name) {
|
||||
Loader loader;
|
||||
for (int i = 0; (loader = getLoader(i)) != null; i++) {
|
||||
URL url = loader.findResource(name, check);
|
||||
URL url = loader.findResource(name);
|
||||
if (url != null) {
|
||||
return url;
|
||||
}
|
||||
@ -297,29 +271,6 @@ public class URLClassPath {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds the first Resource on the URL search path which has the specified
|
||||
* name. Returns null if no Resource could be found.
|
||||
*
|
||||
* @param name the name of the Resource
|
||||
* @param check whether to perform a security check
|
||||
* @return the Resource, or null if not found
|
||||
*/
|
||||
public Resource getResource(String name, boolean check) {
|
||||
if (DEBUG) {
|
||||
System.err.println("URLClassPath.getResource(\"" + name + "\")");
|
||||
}
|
||||
|
||||
Loader loader;
|
||||
for (int i = 0; (loader = getLoader(i)) != null; i++) {
|
||||
Resource res = loader.getResource(name, check);
|
||||
if (res != null) {
|
||||
return res;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds all resources on the URL search path with the given name.
|
||||
* Returns an enumeration of the URL objects.
|
||||
@ -327,8 +278,7 @@ public class URLClassPath {
|
||||
* @param name the resource name
|
||||
* @return an Enumeration of all the urls having the specified name
|
||||
*/
|
||||
public Enumeration<URL> findResources(final String name,
|
||||
final boolean check) {
|
||||
public Enumeration<URL> findResources(final String name) {
|
||||
return new Enumeration<>() {
|
||||
private int index = 0;
|
||||
private URL url = null;
|
||||
@ -339,7 +289,7 @@ public class URLClassPath {
|
||||
} else {
|
||||
Loader loader;
|
||||
while ((loader = getLoader(index++)) != null) {
|
||||
url = loader.findResource(name, check);
|
||||
url = loader.findResource(name);
|
||||
if (url != null) {
|
||||
return true;
|
||||
}
|
||||
@ -363,8 +313,26 @@ public class URLClassPath {
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds the first Resource on the URL search path which has the specified
|
||||
* name. Returns null if no Resource could be found.
|
||||
*
|
||||
* @param name the name of the Resource
|
||||
* @return the Resource, or null if not found
|
||||
*/
|
||||
public Resource getResource(String name) {
|
||||
return getResource(name, true);
|
||||
if (DEBUG) {
|
||||
System.err.println("URLClassPath.getResource(\"" + name + "\")");
|
||||
}
|
||||
|
||||
Loader loader;
|
||||
for (int i = 0; (loader = getLoader(i)) != null; i++) {
|
||||
Resource res = loader.getResource(name);
|
||||
if (res != null) {
|
||||
return res;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -374,8 +342,7 @@ public class URLClassPath {
|
||||
* @param name the resource name
|
||||
* @return an Enumeration of all the resources having the specified name
|
||||
*/
|
||||
public Enumeration<Resource> getResources(final String name,
|
||||
final boolean check) {
|
||||
public Enumeration<Resource> getResources(final String name) {
|
||||
return new Enumeration<>() {
|
||||
private int index = 0;
|
||||
private Resource res = null;
|
||||
@ -386,7 +353,7 @@ public class URLClassPath {
|
||||
} else {
|
||||
Loader loader;
|
||||
while ((loader = getLoader(index++)) != null) {
|
||||
res = loader.getResource(name, check);
|
||||
res = loader.getResource(name);
|
||||
if (res != null) {
|
||||
return true;
|
||||
}
|
||||
@ -410,10 +377,6 @@ public class URLClassPath {
|
||||
};
|
||||
}
|
||||
|
||||
public Enumeration<Resource> getResources(final String name) {
|
||||
return getResources(name, true);
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the Loader at the specified position in the URL search
|
||||
* path. The URLs are opened and expanded as needed. Returns null
|
||||
@ -455,17 +418,6 @@ public class URLClassPath {
|
||||
closeQuietly(loader);
|
||||
}
|
||||
continue;
|
||||
} catch (SecurityException se) {
|
||||
// log the error and close the unusable loader (if any).
|
||||
// The context, if there is one, that this URLClassPath was
|
||||
// given during construction will never have permission to access the URL.
|
||||
if (DEBUG) {
|
||||
System.err.println("Failed to access " + url + ", " + se );
|
||||
}
|
||||
if (loader != null) {
|
||||
closeQuietly(loader);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
if (loaderClassPathURLs != null) {
|
||||
push(loaderClassPathURLs);
|
||||
@ -491,34 +443,24 @@ public class URLClassPath {
|
||||
/*
|
||||
* Returns the Loader for the specified base URL.
|
||||
*/
|
||||
@SuppressWarnings("removal")
|
||||
private Loader getLoader(final URL url) throws IOException {
|
||||
try {
|
||||
return AccessController.doPrivileged(
|
||||
new PrivilegedExceptionAction<>() {
|
||||
public Loader run() throws IOException {
|
||||
String protocol = url.getProtocol(); // lower cased in URL
|
||||
String file = url.getFile();
|
||||
if (file != null && file.endsWith("/")) {
|
||||
if ("file".equals(protocol)) {
|
||||
return new FileLoader(url);
|
||||
} else if ("jar".equals(protocol) &&
|
||||
isDefaultJarHandler(url) &&
|
||||
file.endsWith("!/")) {
|
||||
// extract the nested URL
|
||||
@SuppressWarnings("deprecation")
|
||||
URL nestedUrl = new URL(file.substring(0, file.length() - 2));
|
||||
return new JarLoader(nestedUrl, jarHandler, acc);
|
||||
} else {
|
||||
return new Loader(url);
|
||||
}
|
||||
} else {
|
||||
return new JarLoader(url, jarHandler, acc);
|
||||
}
|
||||
}
|
||||
}, acc);
|
||||
} catch (PrivilegedActionException pae) {
|
||||
throw (IOException)pae.getException();
|
||||
String protocol = url.getProtocol(); // lower cased in URL
|
||||
String file = url.getFile();
|
||||
if (file != null && file.endsWith("/")) {
|
||||
if ("file".equals(protocol)) {
|
||||
return new FileLoader(url);
|
||||
} else if ("jar".equals(protocol) &&
|
||||
isDefaultJarHandler(url) &&
|
||||
file.endsWith("!/")) {
|
||||
// extract the nested URL
|
||||
@SuppressWarnings("deprecation")
|
||||
URL nestedUrl = new URL(file.substring(0, file.length() - 2));
|
||||
return new JarLoader(nestedUrl, jarHandler);
|
||||
} else {
|
||||
return new Loader(url);
|
||||
}
|
||||
} else {
|
||||
return new JarLoader(url, jarHandler);
|
||||
}
|
||||
}
|
||||
|
||||
@ -541,59 +483,6 @@ public class URLClassPath {
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Checks whether the resource URL should be returned.
|
||||
* Returns null on security check failure.
|
||||
* Called by java.net.URLClassLoader.
|
||||
*/
|
||||
public static URL checkURL(URL url) {
|
||||
if (url != null) {
|
||||
try {
|
||||
check(url);
|
||||
} catch (Exception e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
return url;
|
||||
}
|
||||
|
||||
/*
|
||||
* Checks whether the resource URL should be returned.
|
||||
* Throws exception on failure.
|
||||
* Called internally within this file.
|
||||
*/
|
||||
public static void check(URL url) throws IOException {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
URLConnection urlConnection = url.openConnection();
|
||||
Permission perm = urlConnection.getPermission();
|
||||
if (perm != null) {
|
||||
try {
|
||||
security.checkPermission(perm);
|
||||
} catch (SecurityException se) {
|
||||
// fallback to checkRead/checkConnect for pre 1.2
|
||||
// security managers
|
||||
if ((perm instanceof java.io.FilePermission) &&
|
||||
perm.getActions().contains("read")) {
|
||||
security.checkRead(perm.getName());
|
||||
} else if ((perm instanceof
|
||||
java.net.SocketPermission) &&
|
||||
perm.getActions().contains("connect")) {
|
||||
URL locUrl = url;
|
||||
if (urlConnection instanceof JarURLConnection) {
|
||||
locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
|
||||
}
|
||||
security.checkConnect(locUrl.getHost(),
|
||||
locUrl.getPort());
|
||||
} else {
|
||||
throw se;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Nested class used to represent a loader of resources and classes
|
||||
* from a base URL.
|
||||
@ -616,7 +505,7 @@ public class URLClassPath {
|
||||
return base;
|
||||
}
|
||||
|
||||
URL findResource(final String name, boolean check) {
|
||||
URL findResource(final String name) {
|
||||
URL url;
|
||||
try {
|
||||
@SuppressWarnings("deprecation")
|
||||
@ -626,10 +515,6 @@ public class URLClassPath {
|
||||
}
|
||||
|
||||
try {
|
||||
if (check) {
|
||||
URLClassPath.check(url);
|
||||
}
|
||||
|
||||
/*
|
||||
* For a HTTP connection we use the HEAD method to
|
||||
* check if the resource exists.
|
||||
@ -653,7 +538,11 @@ public class URLClassPath {
|
||||
}
|
||||
}
|
||||
|
||||
Resource getResource(final String name, boolean check) {
|
||||
/*
|
||||
* Returns the Resource for the specified name, or null if not
|
||||
* found.
|
||||
*/
|
||||
Resource getResource(final String name) {
|
||||
final URL url;
|
||||
try {
|
||||
@SuppressWarnings("deprecation")
|
||||
@ -663,9 +552,6 @@ public class URLClassPath {
|
||||
}
|
||||
final URLConnection uc;
|
||||
try {
|
||||
if (check) {
|
||||
URLClassPath.check(url);
|
||||
}
|
||||
uc = url.openConnection();
|
||||
|
||||
if (uc instanceof JarURLConnection) {
|
||||
@ -693,15 +579,6 @@ public class URLClassPath {
|
||||
};
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the Resource for the specified name, or null if not
|
||||
* found or the caller does not have the permission to get the
|
||||
* resource.
|
||||
*/
|
||||
Resource getResource(final String name) {
|
||||
return getResource(name, true);
|
||||
}
|
||||
|
||||
/*
|
||||
* Closes this loader and release all resources.
|
||||
* Method overridden in sub-classes.
|
||||
@ -727,8 +604,6 @@ public class URLClassPath {
|
||||
private static class JarLoader extends Loader {
|
||||
private JarFile jar;
|
||||
private final URL csu;
|
||||
@SuppressWarnings("removal")
|
||||
private final AccessControlContext acc;
|
||||
private boolean closed = false;
|
||||
private static final JavaUtilZipFileAccess zipAccess =
|
||||
SharedSecrets.getJavaUtilZipFileAccess();
|
||||
@ -737,14 +612,11 @@ public class URLClassPath {
|
||||
* Creates a new JarLoader for the specified URL referring to
|
||||
* a JAR file.
|
||||
*/
|
||||
private JarLoader(URL url, URLStreamHandler jarHandler,
|
||||
@SuppressWarnings("removal") AccessControlContext acc)
|
||||
private JarLoader(URL url, URLStreamHandler jarHandler)
|
||||
throws IOException
|
||||
{
|
||||
super(newURL("jar", "", -1, url + "!/", jarHandler));
|
||||
csu = url;
|
||||
this.acc = acc;
|
||||
|
||||
ensureOpen();
|
||||
}
|
||||
|
||||
@ -770,24 +642,13 @@ public class URLClassPath {
|
||||
return "file".equals(url.getProtocol());
|
||||
}
|
||||
|
||||
@SuppressWarnings("removal")
|
||||
private void ensureOpen() throws IOException {
|
||||
if (jar == null) {
|
||||
try {
|
||||
AccessController.doPrivileged(
|
||||
new PrivilegedExceptionAction<>() {
|
||||
public Void run() throws IOException {
|
||||
if (DEBUG) {
|
||||
System.err.println("Opening " + csu);
|
||||
Thread.dumpStack();
|
||||
}
|
||||
jar = getJarFile(csu);
|
||||
return null;
|
||||
}
|
||||
}, acc);
|
||||
} catch (PrivilegedActionException pae) {
|
||||
throw (IOException)pae.getException();
|
||||
if (DEBUG) {
|
||||
System.err.println("Opening " + csu);
|
||||
Thread.dumpStack();
|
||||
}
|
||||
jar = getJarFile(csu);
|
||||
}
|
||||
}
|
||||
|
||||
@ -826,11 +687,9 @@ public class URLClassPath {
|
||||
}
|
||||
|
||||
/*
|
||||
* Creates the resource and if the check flag is set to true, checks if
|
||||
* is its okay to return the resource.
|
||||
* Creates and returns the Resource. Returns null if the Resource couldn't be created.
|
||||
*/
|
||||
Resource checkResource(final String name, boolean check,
|
||||
final JarEntry entry) {
|
||||
Resource createResource(final String name, final JarEntry entry) {
|
||||
|
||||
final URL url;
|
||||
try {
|
||||
@ -842,10 +701,7 @@ public class URLClassPath {
|
||||
}
|
||||
@SuppressWarnings("deprecation")
|
||||
var _unused = url = new URL(getBaseURL(), ParseUtil.encodePath(nm, false));
|
||||
if (check) {
|
||||
URLClassPath.check(url);
|
||||
}
|
||||
} catch (@SuppressWarnings("removal") AccessControlException | IOException e) {
|
||||
} catch (IOException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -885,8 +741,8 @@ public class URLClassPath {
|
||||
* Returns the URL for a resource with the specified name
|
||||
*/
|
||||
@Override
|
||||
URL findResource(final String name, boolean check) {
|
||||
Resource rsc = getResource(name, check);
|
||||
URL findResource(final String name) {
|
||||
Resource rsc = getResource(name);
|
||||
if (rsc != null) {
|
||||
return rsc.getURL();
|
||||
}
|
||||
@ -897,17 +753,16 @@ public class URLClassPath {
|
||||
* Returns the JAR Resource for the specified name.
|
||||
*/
|
||||
@Override
|
||||
Resource getResource(final String name, boolean check) {
|
||||
Resource getResource(final String name) {
|
||||
try {
|
||||
ensureOpen();
|
||||
} catch (IOException e) {
|
||||
throw new InternalError(e);
|
||||
}
|
||||
final JarEntry entry = jar.getJarEntry(name);
|
||||
if (entry != null)
|
||||
return checkResource(name, check, entry);
|
||||
|
||||
|
||||
if (entry != null) {
|
||||
return createResource(name, entry);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -1058,8 +913,8 @@ public class URLClassPath {
|
||||
* Returns the URL for a resource with the specified name
|
||||
*/
|
||||
@Override
|
||||
URL findResource(final String name, boolean check) {
|
||||
Resource rsc = getResource(name, check);
|
||||
URL findResource(final String name) {
|
||||
Resource rsc = getResource(name);
|
||||
if (rsc != null) {
|
||||
return rsc.getURL();
|
||||
}
|
||||
@ -1067,7 +922,7 @@ public class URLClassPath {
|
||||
}
|
||||
|
||||
@Override
|
||||
Resource getResource(final String name, boolean check) {
|
||||
Resource getResource(final String name) {
|
||||
final URL url;
|
||||
try {
|
||||
@SuppressWarnings("deprecation")
|
||||
@ -1077,10 +932,6 @@ public class URLClassPath {
|
||||
// requested resource had ../..'s in path
|
||||
return null;
|
||||
}
|
||||
|
||||
if (check)
|
||||
URLClassPath.check(url);
|
||||
|
||||
final File file;
|
||||
if (name.contains("..")) {
|
||||
file = (new File(dir, name.replace('/', File.separatorChar)))
|
||||
|
Loading…
Reference in New Issue
Block a user