This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push: new 7fe4f498e7 Remove SecurityManager references 7fe4f498e7 is described below commit 7fe4f498e7424ae75aef345ec9d247a0ef2a35c8 Author: Mark Thomas <ma...@apache.org> AuthorDate: Thu Jan 12 17:29:39 2023 +0000 Remove SecurityManager references --- java/org/apache/coyote/AsyncStateMachine.java | 31 ++---------------- java/org/apache/coyote/Constants.java | 6 ---- java/org/apache/coyote/http2/Stream.java | 46 +-------------------------- 3 files changed, 4 insertions(+), 79 deletions(-) diff --git a/java/org/apache/coyote/AsyncStateMachine.java b/java/org/apache/coyote/AsyncStateMachine.java index 472a48b18e..b400788831 100644 --- a/java/org/apache/coyote/AsyncStateMachine.java +++ b/java/org/apache/coyote/AsyncStateMachine.java @@ -16,16 +16,12 @@ */ package org.apache.coyote; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.concurrent.atomic.AtomicLong; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState; import org.apache.tomcat.util.res.StringManager; -import org.apache.tomcat.util.security.PrivilegedGetTccl; -import org.apache.tomcat.util.security.PrivilegedSetTccl; /** * Manages the state transitions for async requests. @@ -449,39 +445,18 @@ class AsyncStateMachine { state == AsyncState.READ_WRITE_OP) { // Execute the runnable using a container thread from the // Connector's thread pool. Use a wrapper to prevent a memory leak - ClassLoader oldCL; - if (Constants.IS_SECURITY_ENABLED) { - PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl(); - oldCL = AccessController.doPrivileged(pa); - } else { - oldCL = Thread.currentThread().getContextClassLoader(); - } + ClassLoader oldCL = Thread.currentThread().getContextClassLoader(); try { - if (Constants.IS_SECURITY_ENABLED) { - PrivilegedAction<Void> pa = new PrivilegedSetTccl( - this.getClass().getClassLoader()); - AccessController.doPrivileged(pa); - } else { - Thread.currentThread().setContextClassLoader( - this.getClass().getClassLoader()); - } - + Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader()); processor.execute(runnable); } finally { - if (Constants.IS_SECURITY_ENABLED) { - PrivilegedAction<Void> pa = new PrivilegedSetTccl( - oldCL); - AccessController.doPrivileged(pa); - } else { - Thread.currentThread().setContextClassLoader(oldCL); - } + Thread.currentThread().setContextClassLoader(oldCL); } } else { throw new IllegalStateException( sm.getString("asyncStateMachine.invalidAsyncState", "asyncRun()", state)); } - } diff --git a/java/org/apache/coyote/Constants.java b/java/org/apache/coyote/Constants.java index a431968064..ac5dede33e 100644 --- a/java/org/apache/coyote/Constants.java +++ b/java/org/apache/coyote/Constants.java @@ -46,12 +46,6 @@ public final class Constants { public static final int DEFAULT_CONNECTION_LINGER = -1; public static final boolean DEFAULT_TCP_NO_DELAY = true; - /** - * Has security been turned on? - */ - public static final boolean IS_SECURITY_ENABLED = (System.getSecurityManager() != null); - - /** * The request attribute that is set to the value of {@code Boolean.TRUE} * if connector processing this request supports use of sendfile. diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java index 9037d7d849..53850fc384 100644 --- a/java/org/apache/coyote/http2/Stream.java +++ b/java/org/apache/coyote/http2/Stream.java @@ -19,9 +19,6 @@ package org.apache.coyote.http2; import java.io.IOException; import java.nio.ByteBuffer; import java.nio.charset.StandardCharsets; -import java.security.AccessController; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import java.util.Collections; import java.util.HashSet; import java.util.Locale; @@ -795,7 +792,7 @@ class Stream extends AbstractNonZeroStream implements HeaderEmitter { request.getMimeHeaders().addValue(":authority").duplicate(request.serverName()); } - push(handler, request, this); + handler.push(request, this); } @@ -836,47 +833,6 @@ class Stream extends AbstractNonZeroStream implements HeaderEmitter { } - private static void push(final Http2UpgradeHandler handler, final Request request, - final Stream stream) throws IOException { - if (org.apache.coyote.Constants.IS_SECURITY_ENABLED) { - try { - AccessController.doPrivileged(new PrivilegedPush(handler, request, stream)); - } catch (PrivilegedActionException ex) { - Exception e = ex.getException(); - if (e instanceof IOException) { - throw (IOException) e; - } else { - throw new IOException(ex); - } - } - - } else { - handler.push(request, stream); - } - } - - - private static class PrivilegedPush implements PrivilegedExceptionAction<Void> { - - private final Http2UpgradeHandler handler; - private final Request request; - private final Stream stream; - - public PrivilegedPush(Http2UpgradeHandler handler, Request request, - Stream stream) { - this.handler = handler; - this.request = request; - this.stream = stream; - } - - @Override - public Void run() throws IOException { - handler.push(request, stream); - return null; - } - } - - class StreamOutputBuffer implements HttpOutputBuffer, WriteBuffer.Sink { private final ByteBuffer buffer = ByteBuffer.allocate(8 * 1024); --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org