PatchSet 6798 Date: 2005/08/09 22:48:32 Author: robilad Branch: HEAD Tag: (none) Log: Resynced with GNU Classpath: policyfile and X500principal
Members: ChangeLog:1.4323->1.4324 libraries/javalib/gnu/classpath/debug/Component.java:1.1->1.2 libraries/javalib/gnu/java/security/PolicyFile.java:1.7->1.8 libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7->1.8 Index: kaffe/ChangeLog diff -u kaffe/ChangeLog:1.4323 kaffe/ChangeLog:1.4324 --- kaffe/ChangeLog:1.4323 Tue Aug 9 14:03:36 2005 +++ kaffe/ChangeLog Tue Aug 9 22:48:32 2005 @@ -1,3 +1,32 @@ +2005-08-10 Dalibor Topic <[EMAIL PROTECTED]> + + Resynced with GNU Classpath. + + 2005-08-08 Casey Marshall <[EMAIL PROTECTED]> + + Fixes bug #22914 + * gnu/classpath/debug/Component.java (POLICY): new constant. + * gnu/java/security/PolicyFile.java (logger): new constant. + (DEBUG,debug,debug): removed. + (DEFAULT_POLICY): use 'SystemProperties' class to bypass security + check. + (DEFAULT_USER_POLICY): new constant. + (getPermissions): replace 'debug' calls with logger calls. + (refresh): add 'DEFAULT_USER_POLICY' to the initial list; + interpret 'java.security.policy' and 'policy.url' properties + properly; replace 'debug' calls with logger calls. + (parse): replace 'debug' calls with logger calls. + + 2005-08-07 Casey Marshall <[EMAIL PROTECTED]> + + * javax/security/auth/x500/X500Principal.java + (encodeDer): use the right iterator for the inner loop. + (parseString): test for end of input. + (readAttributeType): provide detail message for exception. + (readAttributeValue): return the result on end of input; + read the next character while looping. + (putComponent): accept 'o' and 'ou' short names. + 2005-08-09 Jim Huang <[EMAIL PROTECTED]> * libraries/javalib/awt-implementations/kaffe/java/awt/AWTEvent.java Index: kaffe/libraries/javalib/gnu/classpath/debug/Component.java diff -u kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.1 kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.2 --- kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.1 Sat Jul 16 21:19:17 2005 +++ kaffe/libraries/javalib/gnu/classpath/debug/Component.java Tue Aug 9 22:48:37 2005 @@ -110,6 +110,12 @@ */ public static final Component X509 = new Component ("X.509", 6); + /** + * Trace access control policies, including the parsing of + * java.policy files. + */ + public static final Component POLICY = new Component ("POLICY", 7); + private final int startIndex; private final int endIndex; Index: kaffe/libraries/javalib/gnu/java/security/PolicyFile.java diff -u kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.7 kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.8 --- kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.7 Mon Jul 4 00:05:38 2005 +++ kaffe/libraries/javalib/gnu/java/security/PolicyFile.java Tue Aug 9 22:48:37 2005 @@ -37,6 +37,10 @@ package gnu.java.security; +import gnu.classpath.SystemProperties; +import gnu.classpath.debug.Component; +import gnu.classpath.debug.SystemLogger; + import java.io.File; import java.io.IOException; import java.io.InputStreamReader; @@ -66,6 +70,7 @@ import java.util.List; import java.util.Map; import java.util.StringTokenizer; +import java.util.logging.Logger; /** * An implementation of a [EMAIL PROTECTED] java.security.Policy} object whose @@ -143,24 +148,16 @@ // Constants and fields. // ------------------------------------------------------------------------- - private static final boolean DEBUG = true; - // Package-private to avoid a trampoline. - static void debug(String msg) - { - System.err.print(">> PolicyFile: "); - System.err.println(msg); - } - - private static void debug(Throwable t) - { - System.err.println(">> PolicyFile"); - t.printStackTrace(System.err); - } + private static final Logger logger = SystemLogger.SYSTEM; - private static final String DEFAULT_POLICY = System.getProperty("java.home") - + System.getProperty("file.separator") + "lib" - + System.getProperty("file.separator") + "security" - + System.getProperty("file.separator") + "java.policy"; + private static final String DEFAULT_POLICY = + SystemProperties.getProperty("java.home") + + SystemProperties.getProperty("file.separator") + "lib" + + SystemProperties.getProperty("file.separator") + "security" + + SystemProperties.getProperty("file.separator") + "java.policy"; + private static final String DEFAULT_USER_POLICY = + SystemProperties.getProperty ("user.home") + + SystemProperties.getProperty ("file.separator") + ".java.policy"; private final Map cs2pc; @@ -185,7 +182,8 @@ CodeSource cs = (CodeSource) e.getKey(); if (cs.implies(codeSource)) { - if (DEBUG) debug(cs+" -> "+codeSource); + logger.log (Component.POLICY, "{0} -> {1}", new Object[] + { cs, codeSource }); PermissionCollection pc = (PermissionCollection) e.getValue(); for (Enumeration ee = pc.elements(); ee.hasMoreElements(); ) { @@ -193,50 +191,69 @@ } } else - if (DEBUG) debug(cs+" !-> "+codeSource); + logger.log (Component.POLICY, "{0} !-> {1}", new Object[] + { cs, codeSource }); } - if (DEBUG) debug ("returning permissions " + perms + " for " + codeSource); + logger.log (Component.POLICY, "returning permissions {0} for {1}", + new Object[] { perms, codeSource }); return perms; } public void refresh() { cs2pc.clear(); - List policyFiles = new LinkedList(); + final List policyFiles = new LinkedList(); try { - policyFiles.add(new File(DEFAULT_POLICY).toURL()); - if (DEBUG) debug ("defualt policy is " + DEFAULT_POLICY); - policyFiles.addAll((List) AccessController.doPrivileged( + policyFiles.add (new File (DEFAULT_POLICY).toURL()); + policyFiles.add (new File (DEFAULT_USER_POLICY).toURL ()); + + AccessController.doPrivileged( new PrivilegedExceptionAction() { public Object run() throws Exception { - LinkedList l = new LinkedList(); + String allow = Security.getProperty ("policy.allowSystemProperty"); + if (allow == null || Boolean.getBoolean (allow)) + { + String s = SystemProperties.getProperty ("java.security.policy"); + logger.log (Component.POLICY, "java.security.policy={0}", s); + if (s != null) + { + boolean only; + if (only = s.startsWith ("=")) + s = s.substring (1); + policyFiles.clear (); + policyFiles.add (new URL (s)); + if (only) + return null; + } + } for (int i = 1; ; i++) { - String s = Security.getProperty("policy.file."+i); - if (DEBUG) debug("policy.file."+i+"="+s); + String pname = "policy.url." + i; + String s = Security.getProperty (pname); + logger.log (Component.POLICY, "{0}={1}", new Object [] + { pname, s }); if (s == null) break; - l.add(new URL(s)); + policyFiles.add (new URL (s)); } - String s = System.getProperty("java.security.policy"); - if (DEBUG) debug("java.security.policy="+s); - if (s != null) - l.add(new URL(s)); - return l; + return null; } - })); + }); } catch (PrivilegedActionException pae) { - if (DEBUG) debug(pae); + logger.log (Component.POLICY, "reading policy properties", pae); } catch (MalformedURLException mue) { - if (DEBUG) debug(mue); + logger.log (Component.POLICY, "setting default policies", mue); } + + logger.log (Component.POLICY, "building policy from URLs {0}", + policyFiles); for (Iterator it = policyFiles.iterator(); it.hasNext(); ) { try @@ -246,7 +263,7 @@ } catch (IOException ioe) { - if (DEBUG) debug(ioe); + logger.log (Component.POLICY, "reading policy", ioe); } } } @@ -273,7 +290,7 @@ */ private void parse(final URL url) throws IOException { - if (DEBUG) debug ("reading policy file from " + url); + logger.log (Component.POLICY, "reading policy file from {0}", url); final StreamTokenizer in = new StreamTokenizer(new InputStreamReader(url.openStream())); in.resetSyntax(); in.slashSlashComments(true); Index: kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java diff -u kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7 kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.8 --- kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7 Sat Jul 30 16:39:21 2005 +++ kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java Tue Aug 9 22:48:37 2005 @@ -274,7 +274,7 @@ Set rdn = new HashSet(); for (Iterator it2 = m.entrySet().iterator(); it2.hasNext(); ) { - Map.Entry e = (Map.Entry) it.next(); + Map.Entry e = (Map.Entry) it2.next(); ArrayList atav = new ArrayList(2); atav.add(new DERValue(DER.OBJECT_IDENTIFIER, e.getKey())); atav.add(new DERValue(DER.UTF8_STRING, e.getValue())); @@ -300,6 +300,8 @@ putComponent(key, value); if (sep == ',') newRelativeDistinguishedName(); + if (sep == -1) + break; } } @@ -312,7 +314,7 @@ if (ch == -1) { if (buf.length() > 0) - throw new EOFException(); + throw new EOFException("partial name read: " + buf); return null; } if (ch > 127) @@ -416,10 +418,12 @@ case ';': throw new IOException("illegal character: " + (char) ch); case -1: - throw new EOFException(); + sep = -1; + return buf.toString (); default: buf.append((char) ch); } + ch = in.read (); } } } @@ -484,6 +488,10 @@ putComponent(STREET, value); else if (name.equals("st")) putComponent(ST, value); + else if (name.equals ("o")) + putComponent (O, value); + else if (name.equals ("ou")) + putComponent (OU, value); else if (name.equals("dc")) putComponent(DC, value); else if (name.equals("uid")) _______________________________________________ kaffe mailing list kaffe@kaffe.org http://kaffe.org/cgi-bin/mailman/listinfo/kaffe