--- old/src/java.base/share/classes/javax/security/auth/AuthPermission.java 2018-02-24 17:06:36.000000000 +0800 +++ new/src/java.base/share/classes/javax/security/auth/AuthPermission.java 2018-02-24 17:06:36.000000000 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,7 @@ * *

The target name is the name of a security configuration parameter * (see below). Currently the {@code AuthPermission} object is used to - * guard access to the {@link Policy}, {@link Subject}, + * guard access to the {@link Subject}, * {@link javax.security.auth.login.LoginContext}, and * {@link javax.security.auth.login.Configuration} objects. * @@ -121,21 +121,6 @@ * {@code LoginContext}. * * - *

{@code javax.security.auth.Policy} has been - * deprecated in favor of {@code java.security.Policy}. - * Therefore, the following target names have also been deprecated: - * - * 

- *      getPolicy -             allow the caller to retrieve the system-wide
- *                              Subject-based access control policy.
- *
- *      setPolicy -             allow the caller to set the system-wide
- *                              Subject-based access control policy.
- *
- *      refreshPolicy -         allow the caller to refresh the system-wide
- *                              Subject-based access control policy.
- *
- * * @implNote * Implementations may define additional target names, but should use naming * conventions such as reverse domain name notation to avoid name clashes. --- old/src/java.base/share/classes/javax/security/auth/SubjectDomainCombiner.java 2018-02-24 17:06:38.000000000 +0800 +++ new/src/java.base/share/classes/javax/security/auth/SubjectDomainCombiner.java 2018-02-24 17:06:38.000000000 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,13 +26,9 @@ package javax.security.auth; import java.security.AccessController; -import java.security.Permission; -import java.security.Permissions; -import java.security.PermissionCollection; import java.security.Principal; import java.security.PrivilegedAction; import java.security.ProtectionDomain; -import java.security.Security; import java.util.Set; import java.util.WeakHashMap; import java.lang.ref.WeakReference; @@ -56,15 +52,6 @@ sun.security.util.Debug.getInstance("combiner", "\t[SubjectDomainCombiner]"); - @SuppressWarnings({"deprecation", "removal"}) - // Note: check only at classloading time, not dynamically during combine() - private static final boolean useJavaxPolicy = - javax.security.auth.Policy.isCustomPolicySet(debug); - - // Relevant only when useJavaxPolicy is true - private static final boolean allowCaching = - (useJavaxPolicy && cachePolicy()); - /** * Associate the provided {@code Subject} with this * {@code SubjectDomainCombiner}. @@ -196,12 +183,6 @@ return null; } - // maintain backwards compatibility for developers who provide - // their own custom javax.security.auth.Policy implementations - if (useJavaxPolicy) { - return combineJavaxPolicy(currentDomains, assignedDomains); - } - int cLen = (currentDomains == null ? 0 : currentDomains.length); int aLen = (assignedDomains == null ? 0 : assignedDomains.length); @@ -292,151 +273,6 @@ } } - /** - * Use the javax.security.auth.Policy implementation - */ - private ProtectionDomain[] combineJavaxPolicy( - ProtectionDomain[] currentDomains, - ProtectionDomain[] assignedDomains) { - - if (!allowCaching) { - java.security.AccessController.doPrivileged - (new PrivilegedAction() { - @SuppressWarnings({"deprecation", "removal"}) - public Void run() { - // Call refresh only caching is disallowed - javax.security.auth.Policy.getPolicy().refresh(); - return null; - } - }); - } - - - int cLen = (currentDomains == null ? 0 : currentDomains.length); - int aLen = (assignedDomains == null ? 0 : assignedDomains.length); - - // the ProtectionDomains for the new AccessControlContext - // that we will return - ProtectionDomain[] newDomains = new ProtectionDomain[cLen + aLen]; - - synchronized(cachedPDs) { - if (!subject.isReadOnly() && - !subject.getPrincipals().equals(principalSet)) { - - // if the Subject was mutated, clear the PD cache - Set newSet = subject.getPrincipals(); - synchronized(newSet) { - principalSet = new java.util.HashSet(newSet); - } - principals = principalSet.toArray - (new Principal[principalSet.size()]); - cachedPDs.clear(); - - if (debug != null) { - debug.println("Subject mutated - clearing cache"); - } - } - - for (int i = 0; i < cLen; i++) { - ProtectionDomain pd = currentDomains[i]; - ProtectionDomain subjectPd = cachedPDs.getValue(pd); - - if (subjectPd == null) { - if (pd.staticPermissionsOnly()) { - // keep static ProtectionDomain objects static - subjectPd = pd; - } else { - // XXX - // we must first add the original permissions. - // that way when we later add the new JAAS permissions, - // any unresolved JAAS-related permissions will - // automatically get resolved. - - // get the original perms - Permissions perms = new Permissions(); - PermissionCollection coll = pd.getPermissions(); - java.util.Enumeration e; - if (coll != null) { - synchronized (coll) { - e = coll.elements(); - while (e.hasMoreElements()) { - Permission newPerm = - e.nextElement(); - perms.add(newPerm); - } - } - } - - // get perms from the policy - final java.security.CodeSource finalCs = pd.getCodeSource(); - final Subject finalS = subject; - PermissionCollection newPerms = - java.security.AccessController.doPrivileged - (new PrivilegedAction() { - @SuppressWarnings({"deprecation", "removal"}) - public PermissionCollection run() { - return - javax.security.auth.Policy.getPolicy().getPermissions - (finalS, finalCs); - } - }); - - // add the newly granted perms, - // avoiding duplicates - synchronized (newPerms) { - e = newPerms.elements(); - while (e.hasMoreElements()) { - Permission newPerm = e.nextElement(); - if (!perms.implies(newPerm)) { - perms.add(newPerm); - if (debug != null) - debug.println ( - "Adding perm " + newPerm + "\n"); - } - } - } - subjectPd = new ProtectionDomain - (finalCs, perms, pd.getClassLoader(), principals); - } - if (allowCaching) - cachedPDs.putValue(pd, subjectPd); - } - newDomains[i] = subjectPd; - } - } - - if (debug != null) { - debug.println("updated current: "); - for (int i = 0; i < cLen; i++) { - debug.println("\tupdated[" + i + "] = " + newDomains[i]); - } - } - - // now add on the assigned domains - if (aLen > 0) { - System.arraycopy(assignedDomains, 0, newDomains, cLen, aLen); - } - - if (debug != null) { - if (newDomains == null || newDomains.length == 0) { - debug.println("returning null"); - } else { - debug.println("combinedDomains: "); - for (int i = 0; i < newDomains.length; i++) { - debug.println("newDomain " + i + ": " + - newDomains[i].toString()); - } - } - } - - // return the new ProtectionDomains - if (newDomains == null || newDomains.length == 0) { - return null; - } else { - return newDomains; - } - } - private static ProtectionDomain[] optimize(ProtectionDomain[] domains) { if (domains == null || domains.length == 0) return null; @@ -476,21 +312,6 @@ return ((num == 0 || optimized.length == 0) ? null : optimized); } - private static boolean cachePolicy() { - String s = AccessController.doPrivileged - (new PrivilegedAction() { - public String run() { - return Security.getProperty("cache.auth.policy"); - } - }); - if (s != null) { - return Boolean.parseBoolean(s); - } - - // cache by default - return true; - } - private static void printInputDomains(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains) { if (currentDomains == null || currentDomains.length == 0) { --- old/src/java.base/share/classes/sun/security/util/Resources.java 2018-02-24 17:06:39.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources.java 2018-02-24 17:06:39.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "PKCS11 Token [{0}] Password: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "unable to instantiate Subject-based policy"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_de.java 2018-02-24 17:06:41.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_de.java 2018-02-24 17:06:41.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "Kennwort f\u00FCr PKCS11-Token [{0}]: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "Subjektbasierte Policy kann nicht instanziiert werden"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_es.java 2018-02-24 17:06:43.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_es.java 2018-02-24 17:06:42.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "Contrase\u00F1a del Token PKCS11 [{0}]: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "no se ha podido instanciar una pol\u00EDtica basada en asunto"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_fr.java 2018-02-24 17:06:44.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_fr.java 2018-02-24 17:06:44.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "Mot de passe PKCS11 Token [{0}] : "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "impossible d'instancier les r\u00E8gles bas\u00E9es sur le sujet"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_it.java 2018-02-24 17:06:46.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_it.java 2018-02-24 17:06:45.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "Password per token PKCS11 [{0}]: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "impossibile creare un'istanza dei criteri basati sull'oggetto"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_ja.java 2018-02-24 17:06:47.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_ja.java 2018-02-24 17:06:47.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "PKCS11\u30C8\u30FC\u30AF\u30F3[{0}]\u30D1\u30B9\u30EF\u30FC\u30C9: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "\u30B5\u30D6\u30B8\u30A7\u30AF\u30C8\u30FB\u30D9\u30FC\u30B9\u306E\u30DD\u30EA\u30B7\u30FC\u306E\u30A4\u30F3\u30B9\u30BF\u30F3\u30B9\u3092\u751F\u6210\u3067\u304D\u307E\u305B\u3093"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_ko.java 2018-02-24 17:06:49.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_ko.java 2018-02-24 17:06:48.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "PKCS11 \uD1A0\uD070 [{0}] \uBE44\uBC00\uBC88\uD638: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "\uC81C\uBAA9 \uAE30\uBC18 \uC815\uCC45\uC744 \uC778\uC2A4\uD134\uC2A4\uD654\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."} }; --- old/src/java.base/share/classes/sun/security/util/Resources_pt_BR.java 2018-02-24 17:06:50.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_pt_BR.java 2018-02-24 17:06:50.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "Senha PKCS11 de Token [{0}]: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "n\u00E3o \u00E9 poss\u00EDvel instanciar a pol\u00EDtica com base em Subject"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_sv.java 2018-02-24 17:06:51.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_sv.java 2018-02-24 17:06:51.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "L\u00F6senord f\u00F6r PKCS11-token [{0}]: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "kan inte instansiera subjektbaserad policy"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_zh_CN.java 2018-02-24 17:06:53.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_zh_CN.java 2018-02-24 17:06:53.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "PKCS11 \u6807\u8BB0 [{0}] \u53E3\u4EE4: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "\u65E0\u6CD5\u5B9E\u4F8B\u5316\u57FA\u4E8E\u4E3B\u9898\u7684\u7B56\u7565"} }; --- old/src/java.base/share/classes/sun/security/util/Resources_zh_TW.java 2018-02-24 17:06:54.000000000 +0800 +++ new/src/java.base/share/classes/sun/security/util/Resources_zh_TW.java 2018-02-24 17:06:54.000000000 +0800 @@ -150,11 +150,6 @@ // sun.security.pkcs11.SunPKCS11 {"PKCS11.Token.providerName.Password.", "PKCS11 \u8A18\u865F [{0}] \u5BC6\u78BC: "}, - - /* --- DEPRECATED --- */ - // javax.security.auth.Policy - {"unable.to.instantiate.Subject.based.policy", - "\u7121\u6CD5\u5EFA\u7ACB\u4E3B\u984C\u5F0F\u7684\u539F\u5247"} }; --- old/src/java.base/share/classes/javax/security/auth/Policy.java 2018-02-24 17:06:56.000000000 +0800 +++ /dev/null 2018-02-24 17:06:56.000000000 +0800 @@ -1,356 +0,0 @@ -/* - * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package javax.security.auth; - -import java.security.Security; -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.security.PrivilegedExceptionAction; -import java.util.Objects; -import sun.security.util.Debug; - -/** - *

This is an abstract class for representing the system policy for - * Subject-based authorization. A subclass implementation - * of this class provides a means to specify a Subject-based - * access control {@code Policy}. - * - *

A {@code Policy} object can be queried for the set of - * Permissions granted to code running as a - * {@code Principal} in the following manner: - * - * 

- *      policy = Policy.getPolicy();
- *      PermissionCollection perms = policy.getPermissions(subject,
- *                                                      codeSource);
- *
- * - * The {@code Policy} object consults the local policy and returns - * and appropriate {@code Permissions} object with the - * Permissions granted to the Principals associated with the - * provided {@code subject}, and granted to the code specified - * by the provided {@code codeSource}. - * - *

A {@code Policy} contains the following information. - * Note that this example only represents the syntax for the default - * {@code Policy} implementation. Subclass implementations of this class - * may implement alternative syntaxes and may retrieve the - * {@code Policy} from any source such as files, databases, - * or servers. - * - *

Each entry in the {@code Policy} is represented as - * a grant entry. Each grant entry - * specifies a codebase, code signers, and Principals triplet, - * as well as the Permissions granted to that triplet. - * - * 

- *      grant CodeBase ["URL"], Signedby ["signers"],
- *            Principal [Principal_Class] "Principal_Name" {
- *          Permission Permission_Class ["Target_Name"]
- *                                      [, "Permission_Actions"]
- *                                      [, signedBy "SignerName"];
- *      };
- *
- * - * The CodeBase and Signedby components of the triplet name/value pairs - * are optional. If they are not present, then any codebase will match, - * and any signer (including unsigned code) will match. - * For Example, - * - * 
- *      grant CodeBase "foo.com", Signedby "foo",
- *            Principal com.sun.security.auth.UnixPrincipal "duke" {
- *          permission java.io.FilePermission "/home/duke", "read, write";
- *      };
- *
- * - * This grant entry specifies that code from "foo.com", - * signed by "foo', and running as a {@code UnixPrincipal} with the - * name, duke, has one {@code Permission}. This {@code Permission} - * permits the executing code to read and write files in the directory, - * "/home/duke". - * - *

To "run" as a particular {@code Principal}, - * code invokes the {@code Subject.doAs(subject, ...)} method. - * After invoking that method, the code runs as all the Principals - * associated with the specified {@code Subject}. - * Note that this {@code Policy} (and the Permissions - * granted in this {@code Policy}) only become effective - * after the call to {@code Subject.doAs} has occurred. - * - *

Multiple Principals may be listed within one grant entry. - * All the Principals in the grant entry must be associated with - * the {@code Subject} provided to {@code Subject.doAs} - * for that {@code Subject} to be granted the specified Permissions. - * - * 

- *      grant Principal com.sun.security.auth.UnixPrincipal "duke",
- *            Principal com.sun.security.auth.UnixNumericUserPrincipal "0" {
- *          permission java.io.FilePermission "/home/duke", "read, write";
- *          permission java.net.SocketPermission "duke.com", "connect";
- *      };
- *
- * - * This entry grants any code running as both "duke" and "0" - * permission to read and write files in duke's home directory, - * as well as permission to make socket connections to "duke.com". - * - *

Note that non Principal-based grant entries are not permitted - * in this {@code Policy}. Therefore, grant entries such as: - * - * 

- *      grant CodeBase "foo.com", Signedby "foo" {
- *          permission java.io.FilePermission "/tmp/scratch", "read, write";
- *      };
- *
- * - * are rejected. Such permission must be listed in the - * {@code java.security.Policy}. - * - *

The default {@code Policy} implementation can be changed by - * setting the value of the {@code auth.policy.provider} security property to - * the fully qualified name of the desired {@code Policy} implementation class. - * - * @deprecated Replaced by java.security.Policy. - * java.security.Policy has a method: - * 

- *      public PermissionCollection getPermissions
- *          (java.security.ProtectionDomain pd)
- *
- *
- * and ProtectionDomain has a constructor: - * 
- *      public ProtectionDomain
- *          (CodeSource cs,
- *           PermissionCollection permissions,
- *           ClassLoader loader,
- *           Principal[] principals)
- *
- * - * These two APIs provide callers the means to query the - * Policy for Principal-based Permission entries. - * This class is subject to removal in a future version of Java SE. - * - * @since 1.4 - * @see java.security.Security security properties - */ -@Deprecated(since="1.4", forRemoval=true) -public abstract class Policy { - - private static Policy policy; - private static final String AUTH_POLICY = - "sun.security.provider.AuthPolicyFile"; - - private final java.security.AccessControlContext acc = - java.security.AccessController.getContext(); - - // true if a custom (not AUTH_POLICY) system-wide policy object is set - private static boolean isCustomPolicy; - - /** - * Sole constructor. (For invocation by subclass constructors, typically - * implicit.) - */ - protected Policy() { } - - /** - * Returns the installed Policy object. - * This method first calls - * {@code SecurityManager.checkPermission} with the - * {@code AuthPermission("getPolicy")} permission - * to ensure the caller has permission to get the Policy object. - * - * @return the installed Policy. The return value cannot be - * {@code null}. - * - * @exception java.lang.SecurityException if the current thread does not - * have permission to get the Policy object. - * - * @see #setPolicy - */ - public static Policy getPolicy() { - java.lang.SecurityManager sm = System.getSecurityManager(); - if (sm != null) sm.checkPermission(new AuthPermission("getPolicy")); - return getPolicyNoCheck(); - } - - /** - * Returns the installed Policy object, skipping the security check. - * - * @return the installed Policy. - * - */ - static Policy getPolicyNoCheck() { - if (policy == null) { - - synchronized(Policy.class) { - - if (policy == null) { - String policy_class = null; - policy_class = AccessController.doPrivileged - (new PrivilegedAction() { - public String run() { - return java.security.Security.getProperty - ("auth.policy.provider"); - } - }); - if (policy_class == null) { - policy_class = AUTH_POLICY; - } - - try { - final String finalClass = policy_class; - - Policy untrustedImpl = AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Policy run() throws ClassNotFoundException, - InstantiationException, - IllegalAccessException { - Class implClass = Class.forName( - finalClass, false, - Thread.currentThread().getContextClassLoader() - ).asSubclass(Policy.class); - return implClass.newInstance(); - } - }); - AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Void run() { - setPolicy(untrustedImpl); - isCustomPolicy = !finalClass.equals(AUTH_POLICY); - return null; - } - }, Objects.requireNonNull(untrustedImpl.acc) - ); - } catch (Exception e) { - throw new SecurityException - (sun.security.util.ResourcesMgr.getString - ("unable.to.instantiate.Subject.based.policy")); - } - } - } - } - return policy; - } - - - /** - * Sets the system-wide Policy object. This method first calls - * {@code SecurityManager.checkPermission} with the - * {@code AuthPermission("setPolicy")} - * permission to ensure the caller has permission to set the Policy. - * - * @param policy the new system Policy object. - * - * @exception java.lang.SecurityException if the current thread does not - * have permission to set the Policy. - * - * @see #getPolicy - */ - public static void setPolicy(Policy policy) { - java.lang.SecurityManager sm = System.getSecurityManager(); - if (sm != null) sm.checkPermission(new AuthPermission("setPolicy")); - Policy.policy = policy; - // all non-null policy objects are assumed to be custom - isCustomPolicy = policy != null ? true : false; - } - - /** - * Returns true if a custom (not AUTH_POLICY) system-wide policy object - * has been set or installed. This method is called by - * SubjectDomainCombiner to provide backwards compatibility for - * developers that provide their own javax.security.auth.Policy - * implementations. - * - * @return true if a custom (not AUTH_POLICY) system-wide policy object - * has been set; false otherwise - */ - static boolean isCustomPolicySet(Debug debug) { - if (policy != null) { - if (debug != null && isCustomPolicy) { - debug.println("Providing backwards compatibility for " + - "javax.security.auth.policy implementation: " + - policy.toString()); - } - return isCustomPolicy; - } - // check if custom policy has been set using auth.policy.provider prop - String policyClass = java.security.AccessController.doPrivileged - (new java.security.PrivilegedAction() { - public String run() { - return Security.getProperty("auth.policy.provider"); - } - }); - if (policyClass != null && !policyClass.equals(AUTH_POLICY)) { - if (debug != null) { - debug.println("Providing backwards compatibility for " + - "javax.security.auth.policy implementation: " + - policyClass); - } - return true; - } - return false; - } - - /** - * Retrieve the Permissions granted to the Principals associated with - * the specified {@code CodeSource}. - * - * @param subject the {@code Subject} - * whose associated Principals, - * in conjunction with the provided - * {@code CodeSource}, determines the Permissions - * returned by this method. This parameter - * may be {@code null}. - * - * @param cs the code specified by its {@code CodeSource} - * that determines, in conjunction with the provided - * {@code Subject}, the Permissions - * returned by this method. This parameter may be - * {@code null}. - * - * @return the Collection of Permissions granted to all the - * {@code Subject} and code specified in - * the provided subject and cs - * parameters. - */ - public abstract java.security.PermissionCollection getPermissions - (Subject subject, - java.security.CodeSource cs); - - /** - * Refresh and reload the Policy. - * - *

This method causes this object to refresh/reload its current - * Policy. This is implementation-dependent. - * For example, if the Policy object is stored in - * a file, calling {@code refresh} will cause the file to be re-read. - * - * @exception SecurityException if the caller does not have permission - * to refresh the Policy. - */ - public abstract void refresh(); -} --- old/src/java.base/share/classes/sun/security/provider/AuthPolicyFile.java 2018-02-24 17:06:57.000000000 +0800 +++ /dev/null 2018-02-24 17:06:57.000000000 +0800 @@ -1,1197 +0,0 @@ -/* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package sun.security.provider; - -import java.io.*; -import java.lang.reflect.*; -import java.net.URL; -import java.util.*; - -import java.security.AccessController; -import java.security.CodeSource; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.Permission; -import java.security.Permissions; -import java.security.PermissionCollection; -import java.security.Principal; -import java.security.PrivilegedAction; -import java.security.UnresolvedPermission; -import java.security.Security; -import java.security.cert.Certificate; -import java.security.cert.X509Certificate; - -import javax.security.auth.Subject; -import javax.security.auth.PrivateCredentialPermission; - -import sun.security.provider.PolicyParser.GrantEntry; -import sun.security.provider.PolicyParser.PermissionEntry; -import sun.security.provider.PolicyParser.PrincipalEntry; -import sun.security.util.Debug; -import sun.security.util.PolicyUtil; -import sun.security.util.PropertyExpander; - -/** - * See {@code com.sun.security.auth.PolicyFile} for the class description. - * This class is necessary in order to support a default - * {@code javax.security.auth.Policy} implementation on the compact1 and - * compact2 profiles. - * - * @deprecated As of JDK 1.4, replaced by - * {@code sun.security.provider.PolicyFile}. - * This class is entirely deprecated. - */ -@Deprecated -@SuppressWarnings("removal") -public class AuthPolicyFile extends javax.security.auth.Policy { - - static final ResourceBundle rb = - AccessController.doPrivileged(new PrivilegedAction() { - @Override public ResourceBundle run() { - return (ResourceBundle.getBundle - ("sun.security.util.AuthResources")); - } - }); - - private static final Debug debug = Debug.getInstance("policy", - "\t[Auth Policy]"); - - private static final String AUTH_POLICY = "java.security.auth.policy"; - private static final String SECURITY_MANAGER = "java.security.manager"; - private static final String AUTH_POLICY_URL = "auth.policy.url."; - - private Vector policyEntries; - private Hashtable aliasMapping; - - private boolean initialized = false; - - private boolean expandProperties = true; - private boolean ignoreIdentityScope = true; - - // for use with the reflection API - private static final Class[] PARAMS = { String.class, String.class}; - - /** - * Initializes the Policy object and reads the default policy - * configuration file(s) into the Policy object. - */ - public AuthPolicyFile() { - // initialize Policy if either the AUTH_POLICY or - // SECURITY_MANAGER properties are set - String prop = System.getProperty(AUTH_POLICY); - - if (prop == null) { - prop = System.getProperty(SECURITY_MANAGER); - } - if (prop != null) { - init(); - } - } - - private synchronized void init() { - if (initialized) { - return; - } - - policyEntries = new Vector(); - aliasMapping = new Hashtable(11); - - initPolicyFile(); - initialized = true; - } - - @Override - public synchronized void refresh() { - - java.lang.SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - sm.checkPermission(new javax.security.auth.AuthPermission - ("refreshPolicy")); - } - - // XXX - // - // 1) if code instantiates PolicyFile directly, then it will need - // all the permissions required for the PolicyFile initialization - // 2) if code calls Policy.getPolicy, then it simply needs - // AuthPermission(getPolicy), and the javax.security.auth.Policy - // implementation instantiates PolicyFile in a doPrivileged block - // 3) if after instantiating a Policy (either via #1 or #2), - // code calls refresh, it simply needs - // AuthPermission(refreshPolicy). then PolicyFile wraps - // the refresh in a doPrivileged block. - initialized = false; - AccessController.doPrivileged(new PrivilegedAction() { - @Override public Void run() { - init(); - return null; - } - }); - } - - private KeyStore initKeyStore(URL policyUrl, String keyStoreName, - String keyStoreType) { - if (keyStoreName != null) { - try { - /* - * location of keystore is specified as absolute URL in policy - * file, or is relative to URL of policy file - */ - URL keyStoreUrl = null; - try { - keyStoreUrl = new URL(keyStoreName); - // absolute URL - } catch (java.net.MalformedURLException e) { - // relative URL - keyStoreUrl = new URL(policyUrl, keyStoreName); - } - - if (debug != null) { - debug.println("reading keystore"+keyStoreUrl); - } - - InputStream inStream = new BufferedInputStream( - PolicyUtil.getInputStream(keyStoreUrl)); - - KeyStore ks; - if (keyStoreType != null) - ks = KeyStore.getInstance(keyStoreType); - else - ks = KeyStore.getInstance(KeyStore.getDefaultType()); - ks.load(inStream, null); - inStream.close(); - return ks; - } catch (Exception e) { - // ignore, treat it like we have no keystore - if (debug != null) { - debug.println("Debug info only. No keystore."); - e.printStackTrace(); - } - return null; - } - } - return null; - } - - private void initPolicyFile() { - - String prop = Security.getProperty("policy.expandProperties"); - if (prop != null) { - expandProperties = prop.equalsIgnoreCase("true"); - } - - String iscp = Security.getProperty("policy.ignoreIdentityScope"); - if (iscp != null) { - ignoreIdentityScope = iscp.equalsIgnoreCase("true"); - } - - String allowSys = Security.getProperty("policy.allowSystemProperty"); - if (allowSys != null && allowSys.equalsIgnoreCase("true")) { - String extra_policy = System.getProperty(AUTH_POLICY); - if (extra_policy != null) { - boolean overrideAll = false; - if (extra_policy.startsWith("=")) { - overrideAll = true; - extra_policy = extra_policy.substring(1); - } - try { - extra_policy = PropertyExpander.expand(extra_policy); - URL policyURL; - File policyFile = new File(extra_policy); - if (policyFile.exists()) { - policyURL = - new URL("file:" + policyFile.getCanonicalPath()); - } else { - policyURL = new URL(extra_policy); - } - if (debug != null) { - debug.println("reading " + policyURL); - } - init(policyURL); - } catch (Exception e) { - // ignore. - if (debug != null) { - debug.println("caught exception: " + e); - } - - } - if (overrideAll) { - if (debug != null) { - debug.println("overriding other policies!"); - } - return; - } - } - } - - int n = 1; - boolean loaded_one = false; - String policy_url; - - while ((policy_url = Security.getProperty(AUTH_POLICY_URL+n)) != null) { - try { - policy_url = PropertyExpander.expand(policy_url).replace - (File.separatorChar, '/'); - if (debug != null) { - debug.println("reading " + policy_url); - } - init(new URL(policy_url)); - loaded_one = true; - } catch (Exception e) { - if (debug != null) { - debug.println("Debug info only. Error reading policy " + e); - e.printStackTrace(); - } - // ignore that policy - } - n++; - } - - if (loaded_one == false) { - // do not load a static policy - } - } - - /** - * Checks public key. If it is marked as trusted in - * the identity database, add it to the policy - * with the AllPermission. - */ - private boolean checkForTrustedIdentity(final Certificate cert) { - return false; - } - - /** - * Reads a policy configuration into the Policy object using a - * Reader object. - * - * @param policyFile the policy Reader object. - */ - private void init(URL policy) { - PolicyParser pp = new PolicyParser(expandProperties); - try (InputStreamReader isr - = new InputStreamReader(PolicyUtil.getInputStream(policy))) { - pp.read(isr); - KeyStore keyStore = initKeyStore(policy, pp.getKeyStoreUrl(), - pp.getKeyStoreType()); - Enumeration enum_ = pp.grantElements(); - while (enum_.hasMoreElements()) { - GrantEntry ge = enum_.nextElement(); - addGrantEntry(ge, keyStore); - } - } catch (PolicyParser.ParsingException pe) { - System.err.println(AUTH_POLICY + - rb.getString(".error.parsing.") + policy); - System.err.println(AUTH_POLICY + rb.getString("COLON") + - pe.getMessage()); - if (debug != null) { - pe.printStackTrace(); - } - } catch (Exception e) { - if (debug != null) { - debug.println("error parsing " + policy); - debug.println(e.toString()); - e.printStackTrace(); - } - } - } - - /** - * Given a PermissionEntry, create a codeSource. - * - * @return null if signedBy alias is not recognized - */ - CodeSource getCodeSource(GrantEntry ge, KeyStore keyStore) - throws java.net.MalformedURLException - { - Certificate[] certs = null; - if (ge.signedBy != null) { - certs = getCertificates(keyStore, ge.signedBy); - if (certs == null) { - // we don't have a key for this alias, - // just return - if (debug != null) { - debug.println(" no certs for alias " + - ge.signedBy + ", ignoring."); - } - return null; - } - } - - URL location; - if (ge.codeBase != null) { - location = new URL(ge.codeBase); - } else { - location = null; - } - - if (ge.principals == null || ge.principals.size() == 0) { - return (canonicalizeCodebase - (new CodeSource(location, certs), - false)); - } else { - return (canonicalizeCodebase - (new SubjectCodeSource(null, ge.principals, location, certs), - false)); - } - } - - /** - * Add one policy entry to the vector. - */ - private void addGrantEntry(GrantEntry ge, KeyStore keyStore) { - - if (debug != null) { - debug.println("Adding policy entry: "); - debug.println(" signedBy " + ge.signedBy); - debug.println(" codeBase " + ge.codeBase); - if (ge.principals != null) { - for (PrincipalEntry pppe : ge.principals) { - debug.println(" " + pppe.getPrincipalClass() + - " " + pppe.getPrincipalName()); - } - } - debug.println(); - } - - try { - CodeSource codesource = getCodeSource(ge, keyStore); - // skip if signedBy alias was unknown... - if (codesource == null) return; - - PolicyEntry entry = new PolicyEntry(codesource); - Enumeration enum_ = ge.permissionElements(); - while (enum_.hasMoreElements()) { - PermissionEntry pe = enum_.nextElement(); - try { - // XXX special case PrivateCredentialPermission-SELF - Permission perm; - if (pe.permission.equals - ("javax.security.auth.PrivateCredentialPermission") && - pe.name.endsWith(" self")) { - perm = getInstance(pe.permission, - pe.name + " \"self\"", - pe.action); - } else { - perm = getInstance(pe.permission, - pe.name, - pe.action); - } - entry.add(perm); - if (debug != null) { - debug.println(" "+perm); - } - } catch (ClassNotFoundException cnfe) { - Certificate[] certs; - if (pe.signedBy != null) { - certs = getCertificates(keyStore, pe.signedBy); - } else { - certs = null; - } - - // only add if we had no signer or we had - // a signer and found the keys for it. - if (certs != null || pe.signedBy == null) { - Permission perm = new UnresolvedPermission( - pe.permission, - pe.name, - pe.action, - certs); - entry.add(perm); - if (debug != null) { - debug.println(" "+perm); - } - } - } catch (java.lang.reflect.InvocationTargetException ite) { - System.err.println - (AUTH_POLICY + - rb.getString(".error.adding.Permission.") + - pe.permission + - rb.getString("SPACE") + - ite.getTargetException()); - } catch (Exception e) { - System.err.println - (AUTH_POLICY + - rb.getString(".error.adding.Permission.") + - pe.permission + - rb.getString("SPACE") + - e); - } - } - policyEntries.addElement(entry); - } catch (Exception e) { - System.err.println - (AUTH_POLICY + - rb.getString(".error.adding.Entry.") + - ge + - rb.getString("SPACE") + - e); - } - - if (debug != null) { - debug.println(); - } - } - - /** - * Returns a new Permission object of the given Type. The Permission is - * created by getting the - * Class object using the Class.forName method, and using - * the reflection API to invoke the (String name, String actions) - * constructor on the - * object. - * - * @param type the type of Permission being created. - * @param name the name of the Permission being created. - * @param actions the actions of the Permission being created. - * - * @exception ClassNotFoundException if the particular Permission - * class could not be found. - * - * @exception IllegalAccessException if the class or initializer is - * not accessible. - * - * @exception InstantiationException if getInstance tries to - * instantiate an abstract class or an interface, or if the - * instantiation fails for some other reason. - * - * @exception NoSuchMethodException if the (String, String) constructor - * is not found. - * - * @exception InvocationTargetException if the underlying Permission - * constructor throws an exception. - * - */ - private static final Permission getInstance(String type, - String name, - String actions) - throws ClassNotFoundException, - InstantiationException, - IllegalAccessException, - NoSuchMethodException, - InvocationTargetException - { - //XXX we might want to keep a hash of created factories... - Class pc = Class.forName(type); - Constructor c = pc.getConstructor(PARAMS); - return (Permission) c.newInstance(new Object[] { name, actions }); - } - - /** - * Fetch all certs associated with this alias. - */ - Certificate[] getCertificates(KeyStore keyStore, String aliases) { - - Vector vcerts = null; - - StringTokenizer st = new StringTokenizer(aliases, ","); - int n = 0; - - while (st.hasMoreTokens()) { - String alias = st.nextToken().trim(); - n++; - Certificate cert = null; - // See if this alias's cert has already been cached - cert = (Certificate) aliasMapping.get(alias); - if (cert == null && keyStore != null) { - - try { - cert = keyStore.getCertificate(alias); - } catch (KeyStoreException kse) { - // never happens, because keystore has already been loaded - // when we call this - } - if (cert != null) { - aliasMapping.put(alias, cert); - aliasMapping.put(cert, alias); - } - } - - if (cert != null) { - if (vcerts == null) { - vcerts = new Vector(); - } - vcerts.addElement(cert); - } - } - - // make sure n == vcerts.size, since we are doing a logical *and* - if (vcerts != null && n == vcerts.size()) { - Certificate[] certs = new Certificate[vcerts.size()]; - vcerts.copyInto(certs); - return certs; - } else { - return null; - } - } - - /** - * Enumerate all the entries in the global policy object. - * This method is used by policy admin tools. The tools - * should use the Enumeration methods on the returned object - * to fetch the elements sequentially. - */ - private final synchronized Enumeration elements() { - return policyEntries.elements(); - } - - @Override - public PermissionCollection getPermissions(final Subject subject, - final CodeSource codesource) { - - // 1) if code instantiates PolicyFile directly, then it will need - // all the permissions required for the PolicyFile initialization - // 2) if code calls Policy.getPolicy, then it simply needs - // AuthPermission(getPolicy), and the javax.security.auth.Policy - // implementation instantiates PolicyFile in a doPrivileged block - // 3) if after instantiating a Policy (either via #1 or #2), - // code calls getPermissions, PolicyFile wraps the call - // in a doPrivileged block. - return AccessController.doPrivileged - (new PrivilegedAction() { - @Override public PermissionCollection run() { - SubjectCodeSource scs = new SubjectCodeSource( - subject, null, - codesource == null ? null : codesource.getLocation(), - codesource == null ? null : codesource.getCertificates()); - if (initialized) { - return getPermissions(new Permissions(), scs); - } else { - return new PolicyPermissions(AuthPolicyFile.this, scs); - } - } - }); - } - - /** - * Examines the global policy for the specified CodeSource, and - * creates a PermissionCollection object with - * the set of permissions for that principal's protection domain. - * - * @param CodeSource the codesource associated with the caller. - * This encapsulates the original location of the code (where the code - * came from) and the public key(s) of its signer. - * - * @return the set of permissions according to the policy. - */ - PermissionCollection getPermissions(CodeSource codesource) { - - if (initialized) { - return getPermissions(new Permissions(), codesource); - } else { - return new PolicyPermissions(this, codesource); - } - } - - /** - * Examines the global policy for the specified CodeSource, and - * creates a PermissionCollection object with - * the set of permissions for that principal's protection domain. - * - * @param permissions the permissions to populate - * @param codesource the codesource associated with the caller. - * This encapsulates the original location of the code (where the code - * came from) and the public key(s) of its signer. - * - * @return the set of permissions according to the policy. - */ - Permissions getPermissions(final Permissions perms, - final CodeSource cs) - { - if (!initialized) { - init(); - } - - final CodeSource[] codesource = {null}; - - codesource[0] = canonicalizeCodebase(cs, true); - - if (debug != null) { - debug.println("evaluate(" + codesource[0] + ")\n"); - } - - // needs to be in a begin/endPrivileged block because - // codesource.implies calls URL.equals which does an - // InetAddress lookup - - for (int i = 0; i < policyEntries.size(); i++) { - - PolicyEntry entry = policyEntries.elementAt(i); - - if (debug != null) { - debug.println("PolicyFile CodeSource implies: " + - entry.codesource.toString() + "\n\n" + - "\t" + codesource[0].toString() + "\n\n"); - } - - if (entry.codesource.implies(codesource[0])) { - for (int j = 0; j < entry.permissions.size(); j++) { - Permission p = entry.permissions.elementAt(j); - if (debug != null) { - debug.println(" granting " + p); - } - if (!addSelfPermissions(p, entry.codesource, - codesource[0], perms)) { - // we could check for duplicates - // before adding new permissions, - // but the SubjectDomainCombiner - // already checks for duplicates later - perms.add(p); - } - } - } - } - - // now see if any of the keys are trusted ids. - - if (!ignoreIdentityScope) { - Certificate[] certs = codesource[0].getCertificates(); - if (certs != null) { - for (int k=0; k < certs.length; k++) { - if (aliasMapping.get(certs[k]) == null && - checkForTrustedIdentity(certs[k])) { - // checkForTrustedIdentity added it - // to the policy for us. next time - // around we'll find it. This time - // around we need to add it. - perms.add(new java.security.AllPermission()); - } - } - } - } - return perms; - } - - /** - * Returns true if 'Self' permissions were added to the provided - * 'perms', and false otherwise. - * - *

- * - * @param p check to see if this Permission is a "SELF" - * PrivateCredentialPermission.

- * - * @param entryCs the codesource for the Policy entry. - * - * @param accCs the codesource for from the current AccessControlContext. - * - * @param perms the PermissionCollection where the individual - * PrivateCredentialPermissions will be added. - */ - private boolean addSelfPermissions(final Permission p, - CodeSource entryCs, - CodeSource accCs, - Permissions perms) { - - if (!(p instanceof PrivateCredentialPermission)) { - return false; - } - - if (!(entryCs instanceof SubjectCodeSource)) { - return false; - } - - PrivateCredentialPermission pcp = (PrivateCredentialPermission)p; - SubjectCodeSource scs = (SubjectCodeSource)entryCs; - - // see if it is a SELF permission - String[][] pPrincipals = pcp.getPrincipals(); - if (pPrincipals.length <= 0 || - !pPrincipals[0][0].equalsIgnoreCase("self") || - !pPrincipals[0][1].equalsIgnoreCase("self")) { - - // regular PrivateCredentialPermission - return false; - } else { - - // granted a SELF permission - create a - // PrivateCredentialPermission for each - // of the Policy entry's CodeSource Principals - - if (scs.getPrincipals() == null) { - // XXX SubjectCodeSource has no Subject??? - return true; - } - - for (PrincipalEntry principal : scs.getPrincipals()) { - - // if the Policy entry's Principal does not contain a - // WILDCARD for the Principal name, then a - // new PrivateCredentialPermission is created - // for the Principal listed in the Policy entry. - // if the Policy entry's Principal contains a WILDCARD - // for the Principal name, then a new - // PrivateCredentialPermission is created - // for each Principal associated with the Subject - // in the current ACC. - - String[][] principalInfo = getPrincipalInfo(principal, accCs); - - for (int i = 0; i < principalInfo.length; i++) { - - // here's the new PrivateCredentialPermission - - PrivateCredentialPermission newPcp = - new PrivateCredentialPermission - (pcp.getCredentialClass() + - " " + - principalInfo[i][0] + - " " + - "\"" + principalInfo[i][1] + "\"", - "read"); - - if (debug != null) { - debug.println("adding SELF permission: " + - newPcp.toString()); - } - - perms.add(newPcp); - } - } - } - return true; - } - - /** - * return the principal class/name pair in the 2D array. - * array[x][y]: x corresponds to the array length. - * if (y == 0), it's the principal class. - * if (y == 1), it's the principal name. - */ - private String[][] getPrincipalInfo(PrincipalEntry principal, - final CodeSource accCs) { - - // there are 3 possibilities: - // 1) the entry's Principal class and name are not wildcarded - // 2) the entry's Principal name is wildcarded only - // 3) the entry's Principal class and name are wildcarded - - if (!principal.getPrincipalClass().equals - (PrincipalEntry.WILDCARD_CLASS) && - !principal.getPrincipalName().equals - (PrincipalEntry.WILDCARD_NAME)) { - - // build a PrivateCredentialPermission for the principal - // from the Policy entry - String[][] info = new String[1][2]; - info[0][0] = principal.getPrincipalClass(); - info[0][1] = principal.getPrincipalName(); - return info; - - } else if (!principal.getPrincipalClass().equals - (PrincipalEntry.WILDCARD_CLASS) && - principal.getPrincipalName().equals - (PrincipalEntry.WILDCARD_NAME)) { - - // build a PrivateCredentialPermission for all - // the Subject's principals that are instances of principalClass - - // the accCs is guaranteed to be a SubjectCodeSource - // because the earlier CodeSource.implies succeeded - SubjectCodeSource scs = (SubjectCodeSource)accCs; - - Set principalSet = null; - try { - // principal.principalClass should extend Principal - // If it doesn't, we should stop here with a ClassCastException. - @SuppressWarnings("unchecked") - Class pClass = (Class) - Class.forName(principal.getPrincipalClass(), false, - ClassLoader.getSystemClassLoader()); - principalSet = scs.getSubject().getPrincipals(pClass); - } catch (Exception e) { - if (debug != null) { - debug.println("problem finding Principal Class " + - "when expanding SELF permission: " + - e.toString()); - } - } - - if (principalSet == null) { - // error - return new String[0][0]; - } - - String[][] info = new String[principalSet.size()][2]; - - int i = 0; - for (Principal p : principalSet) { - info[i][0] = p.getClass().getName(); - info[i][1] = p.getName(); - i++; - } - return info; - - } else { - - // build a PrivateCredentialPermission for every - // one of the current Subject's principals - - // the accCs is guaranteed to be a SubjectCodeSource - // because the earlier CodeSource.implies succeeded - SubjectCodeSource scs = (SubjectCodeSource)accCs; - Set principalSet = scs.getSubject().getPrincipals(); - - String[][] info = new String[principalSet.size()][2]; - - int i = 0; - for (Principal p : principalSet) { - info[i][0] = p.getClass().getName(); - info[i][1] = p.getName(); - i++; - } - return info; - } - } - - /* - * Returns the signer certificates from the list of certificates associated - * with the given code source. - * - * The signer certificates are those certificates that were used to verify - * signed code originating from the codesource location. - * - * This method assumes that in the given code source, each signer - * certificate is followed by its supporting certificate chain - * (which may be empty), and that the signer certificate and its - * supporting certificate chain are ordered bottom-to-top (i.e., with the - * signer certificate first and the (root) certificate authority last). - */ - Certificate[] getSignerCertificates(CodeSource cs) { - Certificate[] certs = null; - if ((certs = cs.getCertificates()) == null) { - return null; - } - for (int i = 0; i < certs.length; i++) { - if (!(certs[i] instanceof X509Certificate)) - return cs.getCertificates(); - } - - // Do we have to do anything? - int i = 0; - int count = 0; - while (i < certs.length) { - count++; - while (((i+1) < certs.length) - && ((X509Certificate)certs[i]).getIssuerDN().equals( - ((X509Certificate)certs[i+1]).getSubjectDN())) { - i++; - } - i++; - } - if (count == certs.length) { - // Done - return certs; - } - - ArrayList userCertList = new ArrayList<>(); - i = 0; - while (i < certs.length) { - userCertList.add(certs[i]); - while (((i+1) < certs.length) - && ((X509Certificate)certs[i]).getIssuerDN().equals( - ((X509Certificate)certs[i+1]).getSubjectDN())) { - i++; - } - i++; - } - Certificate[] userCerts = new Certificate[userCertList.size()]; - userCertList.toArray(userCerts); - return userCerts; - } - - private CodeSource canonicalizeCodebase(CodeSource cs, - boolean extractSignerCerts) { - CodeSource canonCs = cs; - if (cs.getLocation() != null && - cs.getLocation().getProtocol().equalsIgnoreCase("file")) { - try { - String path = cs.getLocation().getFile().replace - ('/', - File.separatorChar); - URL csUrl = null; - if (path.endsWith("*")) { - // remove trailing '*' because it causes canonicalization - // to fail on win32 - path = path.substring(0, path.length()-1); - boolean appendFileSep = false; - if (path.endsWith(File.separator)) { - appendFileSep = true; - } - if (path.equals("")) { - path = System.getProperty("user.dir"); - } - File f = new File(path); - path = f.getCanonicalPath(); - StringBuilder sb = new StringBuilder(path); - // reappend '*' to canonicalized filename (note that - // canonicalization may have removed trailing file - // separator, so we have to check for that, too) - if (!path.endsWith(File.separator) && - (appendFileSep || f.isDirectory())) { - sb.append(File.separatorChar); - } - sb.append('*'); - path = sb.toString(); - } else { - path = new File(path).getCanonicalPath(); - } - csUrl = new File(path).toURL(); - - if (cs instanceof SubjectCodeSource) { - SubjectCodeSource scs = (SubjectCodeSource)cs; - if (extractSignerCerts) { - canonCs = new SubjectCodeSource(scs.getSubject(), - scs.getPrincipals(), - csUrl, - getSignerCertificates(scs)); - } else { - canonCs = new SubjectCodeSource(scs.getSubject(), - scs.getPrincipals(), - csUrl, - scs.getCertificates()); - } - } else { - if (extractSignerCerts) { - canonCs = new CodeSource(csUrl, - getSignerCertificates(cs)); - } else { - canonCs = new CodeSource(csUrl, - cs.getCertificates()); - } - } - } catch (IOException ioe) { - // leave codesource as it is, unless we have to extract its - // signer certificates - if (extractSignerCerts) { - if (!(cs instanceof SubjectCodeSource)) { - canonCs = new CodeSource(cs.getLocation(), - getSignerCertificates(cs)); - } else { - SubjectCodeSource scs = (SubjectCodeSource)cs; - canonCs = new SubjectCodeSource(scs.getSubject(), - scs.getPrincipals(), - scs.getLocation(), - getSignerCertificates(scs)); - } - } - } - } else { - if (extractSignerCerts) { - if (!(cs instanceof SubjectCodeSource)) { - canonCs = new CodeSource(cs.getLocation(), - getSignerCertificates(cs)); - } else { - SubjectCodeSource scs = (SubjectCodeSource)cs; - canonCs = new SubjectCodeSource(scs.getSubject(), - scs.getPrincipals(), - scs.getLocation(), - getSignerCertificates(scs)); - } - } - } - return canonCs; - } - - /** - * Each entry in the policy configuration file is represented by a - * PolicyEntry object.

- * - * A PolicyEntry is a (CodeSource,Permission) pair. The - * CodeSource contains the (URL, PublicKey) that together identify - * where the Java bytecodes come from and who (if anyone) signed - * them. The URL could refer to localhost. The URL could also be - * null, meaning that this policy entry is given to all comers, as - * long as they match the signer field. The signer could be null, - * meaning the code is not signed.

- * - * The Permission contains the (Type, Name, Action) triplet.

- * - * For now, the Policy object retrieves the public key from the - * X.509 certificate on disk that corresponds to the signedBy - * alias specified in the Policy config file. For reasons of - * efficiency, the Policy object keeps a hashtable of certs already - * read in. This could be replaced by a secure internal key - * store. - * - *

- * For example, the entry - * 

-     *          permission java.io.File "/tmp", "read,write",
-     *          signedBy "Duke";
-     *
- * is represented internally - * 
-     *
-     * FilePermission f = new FilePermission("/tmp", "read,write");
-     * PublicKey p = publickeys.get("Duke");
-     * URL u = InetAddress.getLocalHost();
-     * CodeBase c = new CodeBase( p, u );
-     * pe = new PolicyEntry(f, c);
-     *
- * - * @author Marianne Mueller - * @author Roland Schemers - * @see java.security.CodeSource - * @see java.security.Policy - * @see java.security.Permissions - * @see java.security.ProtectionDomain - */ - private static class PolicyEntry { - - CodeSource codesource; - Vector permissions; - - /** - * Given a Permission and a CodeSource, create a policy entry. - * - * XXX Decide if/how to add validity fields and "purpose" fields to - * XXX policy entries - * - * @param cs the CodeSource, which encapsulates the URL and the public - * key attributes from the policy config file. Validity checks - * are performed on the public key before PolicyEntry is called. - * - */ - PolicyEntry(CodeSource cs) { - this.codesource = cs; - this.permissions = new Vector(); - } - - /** - * add a Permission object to this entry. - */ - void add(Permission p) { - permissions.addElement(p); - } - - /** - * Return the CodeSource for this policy entry - */ - CodeSource getCodeSource() { - return this.codesource; - } - - @Override - public String toString(){ - StringBuilder sb = new StringBuilder(); - sb.append(rb.getString("LPARAM")); - sb.append(getCodeSource()); - sb.append("\n"); - for (int j = 0; j < permissions.size(); j++) { - Permission p = permissions.elementAt(j); - sb.append(rb.getString("SPACE")); - sb.append(rb.getString("SPACE")); - sb.append(p); - sb.append(rb.getString("NEWLINE")); - } - sb.append(rb.getString("RPARAM")); - sb.append(rb.getString("NEWLINE")); - return sb.toString(); - } - - } -} - -@SuppressWarnings("deprecation") -class PolicyPermissions extends PermissionCollection { - - private static final long serialVersionUID = -1954188373270545523L; - - private CodeSource codesource; - private Permissions perms; - private AuthPolicyFile policy; - private boolean notInit; // have we pulled in the policy permissions yet? - private Vector additionalPerms; - - PolicyPermissions(AuthPolicyFile policy, - CodeSource codesource) - { - this.codesource = codesource; - this.policy = policy; - this.perms = null; - this.notInit = true; - this.additionalPerms = null; - } - - @Override - public void add(Permission permission) { - if (isReadOnly()) - throw new SecurityException - (AuthPolicyFile.rb.getString - ("attempt.to.add.a.Permission.to.a.readonly.PermissionCollection")); - - if (perms == null) { - if (additionalPerms == null) { - additionalPerms = new Vector(); - } - additionalPerms.add(permission); - } else { - perms.add(permission); - } - } - - private synchronized void init() { - if (notInit) { - if (perms == null) { - perms = new Permissions(); - } - if (additionalPerms != null) { - Enumeration e = additionalPerms.elements(); - while (e.hasMoreElements()) { - perms.add(e.nextElement()); - } - additionalPerms = null; - } - policy.getPermissions(perms, codesource); - notInit = false; - } - } - - @Override - public boolean implies(Permission permission) { - if (notInit) { - init(); - } - return perms.implies(permission); - } - - @Override - public Enumeration elements() { - if (notInit) { - init(); - } - return perms.elements(); - } - - @Override - public String toString() { - if (notInit) { - init(); - } - return perms.toString(); - } -}