1 /*
2 * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.jndi.ldap;
27
28 import java.net.MalformedURLException;
29 import java.net.URL;
30 import sun.misc.SharedSecrets;
31 import java.net.URLClassLoader;
32 import java.security.AccessControlContext;
33 import java.security.AccessController;
34 import java.security.PrivilegedAction;
35
36 public class VersionHelper {
37
38 private static final VersionHelper helper = new VersionHelper();
39
40 VersionHelper() {} // Disallow anyone from creating one of these.
41
42 static VersionHelper getVersionHelper() {
43 return helper;
44 }
45
46 ClassLoader getURLClassLoader(String[] url)
47 throws MalformedURLException {
48 ClassLoader parent = getContextClassLoader();
49 /*
50 * Classes may only be loaded from an arbitrary URL code base when
51 * the system property com.sun.jndi.ldap.object.trustURLCodebase
52 * has been set to "true".
53 */
54 if (url != null && trustURLCodebase) {
55 return URLClassLoader.newInstance(getUrlArray(url), parent);
56 } else {
57 return parent;
58 }
59 }
60
61
62 static protected URL[] getUrlArray(String[] url) throws MalformedURLException {
63 URL[] urlArray = new URL[url.length];
64 for (int i = 0; i < urlArray.length; i++) {
65 urlArray[i] = new URL(url[i]);
66 }
67 return urlArray;
68 }
69
70 Class<?> loadClass(String className) throws ClassNotFoundException {
71 return Class.forName(className, true, getContextClassLoader());
72 }
73
74 Thread createThread(Runnable r) {
75 AccessControlContext acc = AccessController.getContext();
76 // 4290486: doPrivileged is needed to create a thread in
77 // an environment that restricts "modifyThreadGroup".
78 PrivilegedAction<Thread> act =
79 () -> SharedSecrets.getJavaLangAccess().newThreadWithAcc(r, acc);
80 return AccessController.doPrivileged(act);
81 }
82
83 private ClassLoader getContextClassLoader() {
84 PrivilegedAction<ClassLoader> act =
85 Thread.currentThread()::getContextClassLoader;
86 return AccessController.doPrivileged(act);
87 }
88
89 /**
90 * Determines whether classes may be loaded from an arbitrary URL code base.
91 */
92 private static final boolean trustURLCodebase;
93
94 static {
95 // System property to control whether classes may be loaded from an
96 // arbitrary URL code base
97 PrivilegedAction<String> act =
98 () -> System.getProperty("com.sun.jndi.ldap.object.trustURLCodebase", "false");
99 String trust = AccessController.doPrivileged(act);
100 trustURLCodebase = "true".equalsIgnoreCase(trust);
101 }
102 }