< prev index next >
src/java.base/share/classes/sun/security/provider/PolicyFile.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 28,45 ****
import java.io.*;
import java.lang.reflect.*;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URI;
import java.nio.file.Path;
import java.util.*;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
- import java.io.FilePermission;
import java.net.SocketPermission;
import java.net.NetPermission;
import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.access.JavaSecurityAccess;
import static jdk.internal.access.JavaSecurityAccess.ProtectionDomainCache;
--- 28,45 ----
import java.io.*;
import java.lang.reflect.*;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URI;
+ import java.nio.file.Files;
import java.nio.file.Path;
import java.util.*;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import java.net.SocketPermission;
import java.net.NetPermission;
import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.access.JavaSecurityAccess;
import static jdk.internal.access.JavaSecurityAccess.ProtectionDomainCache;
*** 271,297 ****
* subsequently ignored.
*/
private static Set<URL> badPolicyURLs =
Collections.newSetFromMap(new ConcurrentHashMap<URL,Boolean>());
- // The default.policy file
- private static final URL DEFAULT_POLICY_URL =
- AccessController.doPrivileged(new PrivilegedAction<>() {
- @Override
- public URL run() {
- String sep = File.separator;
- try {
- return Path.of(StaticProperty.javaHome(),
- "lib", "security",
- "default.policy").toUri().toURL();
- } catch (MalformedURLException mue) {
- // should not happen
- throw new Error("Malformed default.policy URL: " + mue);
- }
- }
- });
-
/**
* Initializes the Policy object and reads the default policy
* configuration file(s) into the Policy object.
*/
public PolicyFile() {
--- 271,280 ----
*** 347,363 ****
}
private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
// always load default.policy
- if (debug != null) {
- debug.println("reading " + DEFAULT_POLICY_URL);
- }
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
! init(DEFAULT_POLICY_URL, newInfo, true);
return null;
}
});
if (url != null) {
--- 330,343 ----
}
private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
// always load default.policy
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
! initDefaultPolicy(newInfo);
return null;
}
});
if (url != null) {
*** 371,381 ****
debug.println("reading " + url);
}
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
! if (init(url, newInfo, false) == false) {
// use static policy if all else fails
initStaticPolicy(newInfo);
}
return null;
}
--- 351,361 ----
debug.println("reading " + url);
}
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
! if (init(url, newInfo) == false) {
// use static policy if all else fails
initStaticPolicy(newInfo);
}
return null;
}
*** 427,437 ****
policyURL = new URL(extra_policy);
}
if (debug != null) {
debug.println("reading "+policyURL);
}
! if (init(policyURL, newInfo, false)) {
loaded_policy = true;
}
} catch (Exception e) {
// ignore.
if (debug != null) {
--- 407,417 ----
policyURL = new URL(extra_policy);
}
if (debug != null) {
debug.println("reading "+policyURL);
}
! if (init(policyURL, newInfo)) {
loaded_policy = true;
}
} catch (Exception e) {
// ignore.
if (debug != null) {
*** 470,480 ****
}
if (debug != null) {
debug.println("reading " + policy_url);
}
! if (init(policy_url, newInfo, false)) {
loaded_policy = true;
}
} catch (Exception e) {
if (debug != null) {
debug.println(
--- 450,460 ----
}
if (debug != null) {
debug.println("reading " + policy_url);
}
! if (init(policy_url, newInfo)) {
loaded_policy = true;
}
} catch (Exception e) {
if (debug != null) {
debug.println(
*** 490,504 ****
});
return loadedPolicy;
}
/**
* Reads a policy configuration into the Policy object using a
* Reader object.
*/
! private boolean init(URL policy, PolicyInfo newInfo, boolean defPolicy) {
// skip parsing policy file if it has been previously parsed and
// has syntax errors
if (badPolicyURLs.contains(policy)) {
if (debug != null) {
--- 470,507 ----
});
return loadedPolicy;
}
+ private void initDefaultPolicy(PolicyInfo newInfo) {
+ Path defaultPolicy = Path.of(StaticProperty.javaHome(),
+ "lib",
+ "security",
+ "default.policy");
+ if (debug != null) {
+ debug.println("reading " + defaultPolicy);
+ }
+ try (BufferedReader br = Files.newBufferedReader(defaultPolicy)) {
+
+ PolicyParser pp = new PolicyParser(expandProperties);
+ pp.read(br);
+
+ Enumeration<PolicyParser.GrantEntry> enum_ = pp.grantElements();
+ while (enum_.hasMoreElements()) {
+ PolicyParser.GrantEntry ge = enum_.nextElement();
+ addGrantEntry(ge, null, newInfo);
+ }
+ } catch (Exception e) {
+ throw new InternalError("Failed to load default.policy", e);
+ }
+ }
+
/**
* Reads a policy configuration into the Policy object using a
* Reader object.
*/
! private boolean init(URL policy, PolicyInfo newInfo) {
// skip parsing policy file if it has been previously parsed and
// has syntax errors
if (badPolicyURLs.contains(policy)) {
if (debug != null) {
*** 535,559 ****
PolicyParser.GrantEntry ge = enum_.nextElement();
addGrantEntry(ge, keyStore, newInfo);
}
return true;
} catch (PolicyParser.ParsingException pe) {
- if (defPolicy) {
- throw new InternalError("Failed to load default.policy", pe);
- }
// record bad policy file to avoid later reparsing it
badPolicyURLs.add(policy);
Object[] source = {policy, pe.getNonlocalizedMessage()};
System.err.println(LocalizedMessage.getNonlocalized
(POLICY + ".error.parsing.policy.message", source));
if (debug != null) {
pe.printStackTrace();
}
} catch (Exception e) {
- if (defPolicy) {
- throw new InternalError("Failed to load default.policy", e);
- }
if (debug != null) {
debug.println("error parsing "+policy);
debug.println(e.toString());
e.printStackTrace();
}
--- 538,556 ----
< prev index next >