PatchSet 4820
Date: 2004/06/03 22:25:59
Author: dalibor
Branch: HEAD
Tag: (none)
Log:
Resynced with GNU Classpath: access control
2004-06-03 Dalibor Topic <[EMAIL PROTECTED]>
libraries/javalib/java/security/AccessControlContext.java,
libraries/javalib/java/security/AccessController.java,
libraries/javalib/java/security/IntersectingDomainCombiner.java,
libraries/javalib/java/security/ProtectionDomain.java,
libraries/javalib/java/security/SecureClassLoader.java,
libraries/javalib/java/security/VMAccessController.java,
libraries/javalib/java/util/PropertyPermissionCollection.java:
Resynced with GNU Classpath.
2004-06-03 Michael Koch <[EMAIL PROTECTED]>
* java/security/AccessControlContext.java
(equals): Renamed protectionDomain to protectionDomains.
(hashCode): Likewise.
2004-06-03 Casey Marshall <[EMAIL PROTECTED]>
* java/security/AccessController.java
(doPrivileged(PrivilegedAction,AccessControlContext)): call
VMAccessController.pushContext and popContext.
(doPrivileged(PrivilegedExceptionAction,AccessControlContext)):
likewise.
(getContext): call VMAccessController.getContext.
* java/security/IntersectingDomainCombiner.java: new file.
* vm/reference/java/security/VMAccessController.java: new file.
2004-06-03 Michael Koch <[EMAIL PROTECTED]>
* java/security/AccessControlContext.java,
java/security/ProtectionDomain.java,
java/security/SecureClassLoader.java,
java/util/PropertyPermissionCollection.java:
Fixed javadocs all over.
2004-06-03 Casey Marshall <[EMAIL PROTECTED]>
* java/security/AccessControlContext.java
(protectionDomain): mark final.
(combiner): likewise.
(<init>(ProtectionDomain[])): use HashSet to uniquify domains.
(<init>(ProtectionDomain[],AccessControlContext,DomainCombiner)):
new constructor.
(checkPermission): only succeed if 'perm' is implied by all
protection domains.
(equal): do unordered comparison.
* java/security/ProtectionDomain.java
(<init>(CodeSource,PermissionCollection)): set 'staticBinding' to
'true'.
* java/security/SecureClassLoader.java
(defineClass): make protection domain dynamically bound.
(getPermissions): call 'getCurrentPolicy' to avoid permission
check.
* java/util/PropertyPermissionCollection.java
(implies): avoid infinite loop.
Members:
ChangeLog:1.2388->1.2389
libraries/javalib/java/security/AccessControlContext.java:1.3->1.4
libraries/javalib/java/security/AccessController.java:1.2->1.3
libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1->1.2
libraries/javalib/java/security/ProtectionDomain.java:1.3->1.4
libraries/javalib/java/security/SecureClassLoader.java:1.6->1.7
libraries/javalib/java/security/VMAccessController.java:1.1->1.2
libraries/javalib/java/util/PropertyPermissionCollection.java:1.2->1.3
Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.2388 kaffe/ChangeLog:1.2389
--- kaffe/ChangeLog:1.2388 Thu Jun 3 21:57:02 2004
+++ kaffe/ChangeLog Thu Jun 3 22:25:59 2004
@@ -1,7 +1,64 @@
2004-06-03 Dalibor Topic <[EMAIL PROTECTED]>
+ libraries/javalib/java/security/AccessControlContext.java,
+ libraries/javalib/java/security/AccessController.java,
+ libraries/javalib/java/security/IntersectingDomainCombiner.java,
+ libraries/javalib/java/security/ProtectionDomain.java,
+ libraries/javalib/java/security/SecureClassLoader.java,
+ libraries/javalib/java/security/VMAccessController.java,
+ libraries/javalib/java/util/PropertyPermissionCollection.java:
+ Resynced with GNU Classpath.
+
+ 2004-06-03 Michael Koch <[EMAIL PROTECTED]>
+
+ * java/security/AccessControlContext.java
+ (equals): Renamed protectionDomain to protectionDomains.
+ (hashCode): Likewise.
+
+ 2004-06-03 Casey Marshall <[EMAIL PROTECTED]>
+
+ * java/security/AccessController.java
+ (doPrivileged(PrivilegedAction,AccessControlContext)): call
+ VMAccessController.pushContext and popContext.
+ (doPrivileged(PrivilegedExceptionAction,AccessControlContext)):
+ likewise.
+ (getContext): call VMAccessController.getContext.
+ * java/security/IntersectingDomainCombiner.java: new file.
+ * vm/reference/java/security/VMAccessController.java: new file.
+
+ 2004-06-03 Michael Koch <[EMAIL PROTECTED]>
+
+ * java/security/AccessControlContext.java,
+ java/security/ProtectionDomain.java,
+ java/security/SecureClassLoader.java,
+ java/util/PropertyPermissionCollection.java:
+ Fixed javadocs all over.
+
+ 2004-06-03 Casey Marshall <[EMAIL PROTECTED]>
+
+ * java/security/AccessControlContext.java
+ (protectionDomain): mark final.
+ (combiner): likewise.
+ (<init>(ProtectionDomain[])): use HashSet to uniquify domains.
+ (<init>(ProtectionDomain[],AccessControlContext,DomainCombiner)):
+ new constructor.
+ (checkPermission): only succeed if `perm' is implied by all
+ protection domains.
+ (equal): do unordered comparison.
+ * java/security/ProtectionDomain.java
+ (<init>(CodeSource,PermissionCollection)): set `staticBinding' to
+ `true'.
+ * java/security/SecureClassLoader.java
+ (defineClass): make protection domain dynamically bound.
+ (getPermissions): call `getCurrentPolicy' to avoid permission
+ check.
+ * java/util/PropertyPermissionCollection.java
+ (implies): avoid infinite loop.
+
+2004-06-03 Dalibor Topic <[EMAIL PROTECTED]>
+
* libraries/javalib/java/io/ObjectInputStream.java:
- Resynced with GNU Classpath.
+ Resynced with GNU Classpath.
2004-06-03 Michael Koch <[EMAIL PROTECTED]>
Index: kaffe/libraries/javalib/java/security/AccessControlContext.java
diff -u kaffe/libraries/javalib/java/security/AccessControlContext.java:1.3
kaffe/libraries/javalib/java/security/AccessControlContext.java:1.4
--- kaffe/libraries/javalib/java/security/AccessControlContext.java:1.3 Mon May 31
21:15:32 2004
+++ kaffe/libraries/javalib/java/security/AccessControlContext.java Thu Jun 3
22:26:00 2004
@@ -40,18 +40,18 @@
import java.util.HashSet;
/**
- * <p>AccessControlContext makes system resource access decsion
- * based on permission rights.</p>
+ * AccessControlContext makes system resource access decsion
+ * based on permission rights.
*
- * <p>It is used for a specific context and has only one method
- * checkPermission. It is similar to AccessController except that it
- * makes decsions based on the current context instead of the the current
- * thread.</p>
+ * It is used for a specific context and has only one method
+ * checkPermission. It is similar to AccessController except
+ * that it makes decsions based on the current context instead
+ * of the the current thread.
*
- * <p>It is created by call AccessController.getContext method.</p>
+ * It is created by call AccessController.getContext method.
*
* @author Mark Benvenuto
- * @since JDK 1.2
+ * @since 1.2
*/
public final class AccessControlContext
{
@@ -60,12 +60,12 @@
/**
* Construct a new AccessControlContext with the specified
- * ProtectionDomains. <code>context</code> must not be null and
- * duplicates will be removed.
+ * ProtectionDomains. <code>context</code> must not be
+ * null and duplicates will be removed.
*
* @param context The ProtectionDomains to use
*/
- public AccessControlContext (ProtectionDomain[] context)
+ public AccessControlContext(ProtectionDomain[]context)
{
HashSet domains = new HashSet (context.length);
for (int i = 0; i < context.length; i++)
@@ -79,12 +79,10 @@
* Construct a new AccessControlContext with the specified
* ProtectionDomains and DomainCombiner
*
- * @param acc The ProtectionDomains to use
- * @param combiner The domain combiner.
- * @since JDK 1.3
+ * @since 1.3
*/
public AccessControlContext(AccessControlContext acc,
- DomainCombiner combiner)
+ DomainCombiner combiner)
{
// XXX check permission to call this.
AccessControlContext acc2 = AccessController.getContext();
@@ -112,9 +110,10 @@
/**
* Determines whether or not the specific permission is granted
- * depending on the context it is within.
+ * depending on the context it is within.
*
* @param perm a permission to check
+ *
* @throws AccessControlException if the permssion is not permitted
*/
public void checkPermission(Permission perm) throws AccessControlException
@@ -125,22 +124,23 @@
}
/**
- * <p>Checks if two AccessControlContexts are equal.</p>
+ * Checks if two AccessControlContexts are equal.
+ *
+ * It first checks if obj is an AccessControlContext class, and
+ * then checks if each ProtectionDomain matches.
*
- * <p>It first checks if obj is an AccessControlContext class, and then
- * checks if each ProtectionDomain matches.</p>
+ * @param obj The object to compare this class to
*
- * @param obj The object to compare this class to.
* @return true if equal, false otherwise
*/
public boolean equals(Object obj)
{
if (obj instanceof AccessControlContext)
{
- AccessControlContext acc = (AccessControlContext) obj;
+ AccessControlContext acc = (AccessControlContext) obj;
- if (acc.protectionDomains.length != protectionDomains.length)
- return false;
+ if (acc.protectionDomains.length != protectionDomains.length)
+ return false;
int i, j;
for (i = 0; i < protectionDomains.length; i++)
@@ -159,7 +159,7 @@
}
/**
- * Computes a hash code of this class.
+ * Computes a hash code of this class
*
* @return a hash code representing this class
*/
Index: kaffe/libraries/javalib/java/security/AccessController.java
diff -u kaffe/libraries/javalib/java/security/AccessController.java:1.2
kaffe/libraries/javalib/java/security/AccessController.java:1.3
--- kaffe/libraries/javalib/java/security/AccessController.java:1.2 Mon May 31
21:15:32 2004
+++ kaffe/libraries/javalib/java/security/AccessController.java Thu Jun 3 22:26:00
2004
@@ -113,7 +113,7 @@
* @return the result of the <code>action.run()</code> method.
*/
public static Object doPrivileged(PrivilegedAction action,
- AccessControlContext context)
+ AccessControlContext context)
{
VMAccessController.pushContext (context, action.getClass());
try
@@ -148,11 +148,11 @@
try
{
- return action.run();
+ return action.run();
}
catch (Exception e)
{
- throw new PrivilegedActionException(e);
+ throw new PrivilegedActionException(e);
}
}
@@ -175,18 +175,18 @@
* is thrown in the <code>run()</code> method.
*/
public static Object doPrivileged(PrivilegedExceptionAction action,
- AccessControlContext context)
+ AccessControlContext context)
throws PrivilegedActionException
{
VMAccessController.pushContext (context, action.getClass());
try
{
- return action.run();
+ return action.run();
}
catch (Exception e)
{
- throw new PrivilegedActionException(e);
+ throw new PrivilegedActionException(e);
}
finally
{
@@ -203,7 +203,10 @@
*
* <p>Additionally, if a call was made to [EMAIL PROTECTED]
* #doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)}
- * that supplied an [EMAIL PROTECTED] AccessControlContext}, then that
+ * that supplied an [EMAIL PROTECTED] AccessControlContext}, then that context
+ * will be intersected with the calculated one.
+ *
+ * @return The context.
*/
public static AccessControlContext getContext()
{
Index: kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java
diff -u kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1
kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.2
--- kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1 Mon
May 31 21:17:16 2004
+++ kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java Thu
Jun 3 22:26:00 2004
@@ -1,5 +1,5 @@
/* IntersectingDomainCombiner.java --
- Copyright (C) 2004 Casey Marshall <[EMAIL PROTECTED]>
+ Copyright (C) 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
Index: kaffe/libraries/javalib/java/security/ProtectionDomain.java
diff -u kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.3
kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.4
--- kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.3 Mon May 31
21:15:32 2004
+++ kaffe/libraries/javalib/java/security/ProtectionDomain.java Thu Jun 3 22:26:00
2004
@@ -1,5 +1,5 @@
/* ProtectionDomain.java -- A security domain
- Copyright (C) 1998, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1998, 2003, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
Index: kaffe/libraries/javalib/java/security/SecureClassLoader.java
diff -u kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.6
kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7
--- kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.6 Mon May 31
21:15:32 2004
+++ kaffe/libraries/javalib/java/security/SecureClassLoader.java Thu Jun 3
22:26:00 2004
@@ -1,5 +1,5 @@
/* SecureClassLoader.java --- A Secure Class Loader
- Copyright (C) 1999, 2004 Free Software Foundation, Inc.
+ Copyright (C) 1999, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -38,13 +38,13 @@
package java.security;
/**
- A Secure Class Loader for loading classes with additional
- support for specifying code source and permissions when
- they are retrieved by the system policy handler.
-
- @since JDK 1.2
-
- @author Mark Benvenuto
+ * A Secure Class Loader for loading classes with additional
+ * support for specifying code source and permissions when
+ * they are retrieved by the system policy handler.
+ *
+ * @since 1.2
+ *
+ * @author Mark Benvenuto
*/
public class SecureClassLoader extends ClassLoader
{
@@ -63,43 +63,42 @@
sm.checkCreateClassLoader();
}
- /**
- Creates a class using an array of bytes and a
- CodeSource.
-
- @param name the name to give the class. null if unknown.
- @param b the data representing the classfile, in classfile format.
- @param off the offset into the data where the classfile starts.
- @param len the length of the classfile data in the array.
- @param cs the CodeSource for the class or null when unknown.
-
- @return the class that was defined and optional CodeSource.
-
- @exception ClassFormatError if the byte array is not in proper classfile format.
+ /**
+ * Creates a class using an array of bytes and a
+ * CodeSource.
+ *
+ * @param name the name to give the class. null if unknown.
+ * @param b the data representing the classfile, in classfile format.
+ * @param off the offset into the data where the classfile starts.
+ * @param len the length of the classfile data in the array.
+ * @param cs the CodeSource for the class or null when unknown.
+ *
+ * @return the class that was defined and optional CodeSource.
+ *
+ * @exception ClassFormatError if the byte array is not in proper classfile format.
*/
protected final Class defineClass(String name, byte[] b, int off, int len,
- CodeSource cs)
+ CodeSource cs)
{
// FIXME: Need to cache ProtectionDomains according to 1.3 docs.
if (cs != null)
{
- ProtectionDomain protectionDomain
- = new ProtectionDomain(cs, getPermissions(cs), this, null);
- return super.defineClass(name, b, off, len, protectionDomain);
- }
+ ProtectionDomain protectionDomain
+ = new ProtectionDomain(cs, getPermissions(cs), this, null);
+ return super.defineClass(name, b, off, len, protectionDomain);
+ }
else
return super.defineClass(name, b, off, len);
}
/**
- Returns a PermissionCollection for the specified CodeSource.
- The default implementation invokes
- java.security.Policy.getPermissions.
-
- This method is called by defineClass that takes a CodeSource
- arguement to build a proper ProtectionDomain for the class
- being defined.
-
+ * Returns a PermissionCollection for the specified CodeSource.
+ * The default implementation invokes
+ * java.security.Policy.getPermissions.
+ *
+ * This method is called by defineClass that takes a CodeSource
+ * arguement to build a proper ProtectionDomain for the class
+ * being defined.
*/
protected PermissionCollection getPermissions(CodeSource cs)
{
Index: kaffe/libraries/javalib/java/security/VMAccessController.java
diff -u kaffe/libraries/javalib/java/security/VMAccessController.java:1.1
kaffe/libraries/javalib/java/security/VMAccessController.java:1.2
--- kaffe/libraries/javalib/java/security/VMAccessController.java:1.1 Mon May 31
21:17:16 2004
+++ kaffe/libraries/javalib/java/security/VMAccessController.java Thu Jun 3
22:26:00 2004
@@ -1,5 +1,5 @@
/* VMAccessController.java -- VM-specific access controller methods.
- Copyright (C) 2004 Casey Marshall <[EMAIL PROTECTED]>
+ Copyright (C) 2004 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -73,7 +73,7 @@
DEFAULT_CONTEXT = new AccessControlContext(domain);
}
- private static final boolean DEBUG = true;
+ private static final boolean DEBUG = false;
private static void debug (String msg)
{
System.err.print (">>> VMAccessController: ");
Index: kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java
diff -u kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.2
kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.3
--- kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.2 Mon
May 31 21:15:33 2004
+++ kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java Thu Jun 3
22:26:01 2004
@@ -1,5 +1,5 @@
/* PropertyPermissionCollection.java -- a collection of PropertyPermissions
- Copyright (C) 2002 Free Software Foundation, Inc.
+ Copyright (C) 2002, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -67,7 +67,7 @@
/**
* A flag to detect if "*" is in the collection.
*
- * @serial true if "*" is in the collection
+ * @serial true if "*" is in the collection
*/
private boolean all_allowed;
@@ -103,10 +103,12 @@
/**
* Returns true if this collection implies the given permission. This even
* returns true for this case:
- * <p>
-<pre>collection.add(new PropertyPermission("a.*", "read"));
-collection.add(new PropertyPermission("a.b.*", "write"));
-collection.implies(new PropertyPermission("a.b.c", "read,write"));</pre>
+ *
+ * <pre>
+ * collection.add(new PropertyPermission("a.*", "read"));
+ * collection.add(new PropertyPermission("a.b.*", "write"));
+ * collection.implies(new PropertyPermission("a.b.c", "read,write"));
+ * </pre>
*
* @param permission the permission to check
* @return true if it is implied by this
_______________________________________________
kaffe mailing list
[EMAIL PROTECTED]
http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
