1 /* 2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.io.File; 29 import java.io.FilePermission; 30 import java.io.IOException; 31 import java.net.URL; 32 import java.security.CodeSource; 33 import java.security.Permission; 34 import java.security.PermissionCollection; 35 import java.security.Permissions; 36 import java.util.Enumeration; 37 38 /** 39 * Delegating implementation of PermissionCollection which avoid opening and 40 * initializing the permissions for the given CodeSource until permissions are 41 * actually accessed, i.e., either elements, implies or toString is called. 42 */ 43 public final class LazyCodeSourcePermissionCollection 44 extends PermissionCollection 45 { 46 private static final long serialVersionUID = -6727011328946861783L; 47 private final PermissionCollection perms; 48 private final CodeSource cs; 49 private volatile boolean initialized; 50 51 public LazyCodeSourcePermissionCollection(PermissionCollection perms, 52 CodeSource cs) { 53 this.perms = perms; 54 this.cs = cs; 55 } 56 57 private void initialize() { 58 if (!initialized) { 59 synchronized(perms) { 60 if (initialized) 61 return; 62 63 // open connection to determine the permission needed 64 URL location = cs.getLocation(); 65 if (location != null) { 66 try { 67 Permission p = location.openConnection().getPermission(); 68 if (p != null) { 69 // for directories then need recursive access 70 if (p instanceof FilePermission) { 71 String path = p.getName(); 72 if (path.endsWith(File.separator)) { 73 path += "-"; 74 p = new FilePermission(path, "read"); 75 } 76 } 77 perms.add(p); 78 } 79 } catch (IOException ioe) { 80 } 81 } 82 if (isReadOnly()) { 83 perms.setReadOnly(); 84 } 85 initialized = true; 86 } 87 } 88 } 89 90 @Override 91 public void add(Permission permission) { 92 if (isReadOnly()) 93 throw new SecurityException( 94 "attempt to add a Permission to a readonly PermissionCollection"); 95 perms.add(permission); 96 } 97 98 @Override 99 public boolean implies(Permission permission) { 100 initialize(); 101 return perms.implies(permission); 102 } 103 104 @Override 105 public Enumeration<Permission> elements() { 106 initialize(); 107 return perms.elements(); 108 } 109 110 @Override 111 public String toString() { 112 initialize(); 113 return perms.toString(); 114 } 115 116 /** 117 * On serialization, initialize and replace with the underlying 118 * permissions. This removes the laziness on deserialization. 119 */ 120 private Object writeReplace() { 121 initialize(); 122 return perms; 123 } 124 }