[kaffe] CVS kaffe (dalibor): Resynced with GNU Classpath: access control

Kaffe CVS cvs-commits at kaffe.org
Thu Jun 3 15:49:02 PDT 2004


PatchSet 4820 
Date: 2004/06/03 22:25:59
Author: dalibor
Branch: HEAD
Tag: (none) 
Log:
Resynced with GNU Classpath: access control

2004-06-03  Dalibor Topic  <robilad at kaffe.org>

        libraries/javalib/java/security/AccessControlContext.java,
        libraries/javalib/java/security/AccessController.java,
        libraries/javalib/java/security/IntersectingDomainCombiner.java,
        libraries/javalib/java/security/ProtectionDomain.java,
        libraries/javalib/java/security/SecureClassLoader.java,
        libraries/javalib/java/security/VMAccessController.java,
        libraries/javalib/java/util/PropertyPermissionCollection.java:
        Resynced with GNU Classpath.

        2004-06-03  Michael Koch  <konqueror at gmx.de>

        * java/security/AccessControlContext.java
        (equals): Renamed protectionDomain to protectionDomains.
        (hashCode): Likewise.

        2004-06-03  Casey Marshall  <csm at gnu.org>

        * java/security/AccessController.java
        (doPrivileged(PrivilegedAction,AccessControlContext)): call
        VMAccessController.pushContext and popContext.
        (doPrivileged(PrivilegedExceptionAction,AccessControlContext)):
        likewise.
        (getContext): call VMAccessController.getContext.
        * java/security/IntersectingDomainCombiner.java: new file.
        * vm/reference/java/security/VMAccessController.java: new file.

        2004-06-03  Michael Koch  <konqueror at gmx.de>

        * java/security/AccessControlContext.java,
        java/security/ProtectionDomain.java,
        java/security/SecureClassLoader.java,
        java/util/PropertyPermissionCollection.java:
        Fixed javadocs all over.

        2004-06-03  Casey Marshall <csm at gnu.org>

        * java/security/AccessControlContext.java
        (protectionDomain): mark final.
        (combiner): likewise.
        (<init>(ProtectionDomain[])): use HashSet to uniquify domains.
        (<init>(ProtectionDomain[],AccessControlContext,DomainCombiner)):
        new constructor.
        (checkPermission): only succeed if 'perm' is implied by all
        protection domains.
        (equal): do unordered comparison.
        * java/security/ProtectionDomain.java
        (<init>(CodeSource,PermissionCollection)): set 'staticBinding' to
        'true'.
        * java/security/SecureClassLoader.java
        (defineClass): make protection domain dynamically bound.
        (getPermissions): call 'getCurrentPolicy' to avoid permission
        check.
        * java/util/PropertyPermissionCollection.java
        (implies): avoid infinite loop.

Members: 
	ChangeLog:1.2388->1.2389 
	libraries/javalib/java/security/AccessControlContext.java:1.3->1.4 
	libraries/javalib/java/security/AccessController.java:1.2->1.3 
	libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1->1.2 
	libraries/javalib/java/security/ProtectionDomain.java:1.3->1.4 
	libraries/javalib/java/security/SecureClassLoader.java:1.6->1.7 
	libraries/javalib/java/security/VMAccessController.java:1.1->1.2 
	libraries/javalib/java/util/PropertyPermissionCollection.java:1.2->1.3 

Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.2388 kaffe/ChangeLog:1.2389
--- kaffe/ChangeLog:1.2388	Thu Jun  3 21:57:02 2004
+++ kaffe/ChangeLog	Thu Jun  3 22:25:59 2004
@@ -1,7 +1,64 @@
 2004-06-03  Dalibor Topic  <robilad at kaffe.org>
 
+        libraries/javalib/java/security/AccessControlContext.java,
+        libraries/javalib/java/security/AccessController.java,
+        libraries/javalib/java/security/IntersectingDomainCombiner.java,
+        libraries/javalib/java/security/ProtectionDomain.java,
+        libraries/javalib/java/security/SecureClassLoader.java,
+        libraries/javalib/java/security/VMAccessController.java,
+        libraries/javalib/java/util/PropertyPermissionCollection.java:
+	Resynced with GNU Classpath.
+
+	2004-06-03  Michael Koch  <konqueror at gmx.de>
+
+        * java/security/AccessControlContext.java
+        (equals): Renamed protectionDomain to protectionDomains.
+        (hashCode): Likewise.
+
+	2004-06-03  Casey Marshall  <csm at gnu.org>
+
+        * java/security/AccessController.java
+        (doPrivileged(PrivilegedAction,AccessControlContext)): call
+        VMAccessController.pushContext and popContext.
+        (doPrivileged(PrivilegedExceptionAction,AccessControlContext)):
+        likewise.
+        (getContext): call VMAccessController.getContext.
+        * java/security/IntersectingDomainCombiner.java: new file.
+        * vm/reference/java/security/VMAccessController.java: new file.
+
+	2004-06-03  Michael Koch  <konqueror at gmx.de>
+
+        * java/security/AccessControlContext.java,
+        java/security/ProtectionDomain.java,
+        java/security/SecureClassLoader.java,
+        java/util/PropertyPermissionCollection.java:
+        Fixed javadocs all over.
+
+	2004-06-03  Casey Marshall <csm at gnu.org>
+
+        * java/security/AccessControlContext.java
+        (protectionDomain): mark final.
+        (combiner): likewise.
+        (<init>(ProtectionDomain[])): use HashSet to uniquify domains.
+        (<init>(ProtectionDomain[],AccessControlContext,DomainCombiner)):
+        new constructor.
+        (checkPermission): only succeed if `perm' is implied by all
+        protection domains.
+        (equal): do unordered comparison.
+        * java/security/ProtectionDomain.java
+        (<init>(CodeSource,PermissionCollection)): set `staticBinding' to
+        `true'.
+        * java/security/SecureClassLoader.java
+        (defineClass): make protection domain dynamically bound.
+        (getPermissions): call `getCurrentPolicy' to avoid permission
+        check.
+        * java/util/PropertyPermissionCollection.java
+        (implies): avoid infinite loop.
+
+2004-06-03  Dalibor Topic  <robilad at kaffe.org>
+
 	* libraries/javalib/java/io/ObjectInputStream.java:
-	 Resynced with GNU Classpath.
+	Resynced with GNU Classpath.
 
 	2004-06-03  Michael Koch  <konqueror at gmx.de>
 
Index: kaffe/libraries/javalib/java/security/AccessControlContext.java
diff -u kaffe/libraries/javalib/java/security/AccessControlContext.java:1.3 kaffe/libraries/javalib/java/security/AccessControlContext.java:1.4
--- kaffe/libraries/javalib/java/security/AccessControlContext.java:1.3	Mon May 31 21:15:32 2004
+++ kaffe/libraries/javalib/java/security/AccessControlContext.java	Thu Jun  3 22:26:00 2004
@@ -40,18 +40,18 @@
 import java.util.HashSet;
 
 /**
- * <p>AccessControlContext makes system resource access decsion
- * based on permission rights.</p>
+ * AccessControlContext makes system resource access decsion 
+ * based on permission rights.  
  *
- * <p>It is used for a specific context and has only one method
- * checkPermission. It is similar to AccessController except that it
- * makes decsions based on the current context instead of the the current
- * thread.</p>
+ * It is used for a specific context and has only one method
+ * checkPermission. It is similar to AccessController except
+ * that it makes decsions based on the current context instead
+ * of the the current thread.
  *
- * <p>It is created by call AccessController.getContext method.</p>
+ * It is created by call AccessController.getContext method.
  *
  * @author Mark Benvenuto
- * @since JDK 1.2
+ * @since 1.2
  */
 public final class AccessControlContext
 {
@@ -60,12 +60,12 @@
 
   /**
    * Construct a new AccessControlContext with the specified
-   * ProtectionDomains. <code>context</code> must not be null and
-   * duplicates will be removed.
+   * ProtectionDomains. <code>context</code> must not be 
+   * null and duplicates will be removed.
    *
    * @param context The ProtectionDomains to use
    */
-  public AccessControlContext (ProtectionDomain[] context)
+  public AccessControlContext(ProtectionDomain[]context)
   {
     HashSet domains = new HashSet (context.length);
     for (int i = 0; i < context.length; i++)
@@ -79,12 +79,10 @@
    * Construct a new AccessControlContext with the specified
    * ProtectionDomains and DomainCombiner
    *
-   * @param acc The ProtectionDomains to use
-   * @param combiner The domain combiner.
-   * @since JDK 1.3
+   * @since 1.3
    */
   public AccessControlContext(AccessControlContext acc,
-                              DomainCombiner combiner)
+			      DomainCombiner combiner)
   {
     // XXX check permission to call this.
     AccessControlContext acc2 = AccessController.getContext();
@@ -112,9 +110,10 @@
 
   /**
    * Determines whether or not the specific permission is granted
-   * depending on the context it is within.
+   * depending on the context it is within. 
    *
    * @param perm a permission to check
+   *
    * @throws AccessControlException if the permssion is not permitted
    */
   public void checkPermission(Permission perm) throws AccessControlException
@@ -125,22 +124,23 @@
   }
 
   /**
-   * <p>Checks if two AccessControlContexts are equal.</p>
+   * Checks if two AccessControlContexts are equal.
+   *
+   * It first checks if obj is an AccessControlContext class, and
+   * then checks if each ProtectionDomain matches.
    *
-   * <p>It first checks if obj is an AccessControlContext class, and then
-   * checks if each ProtectionDomain matches.</p>
+   * @param obj The object to compare this class to
    *
-   * @param obj The object to compare this class to.
    * @return true if equal, false otherwise
    */
   public boolean equals(Object obj)
   {
     if (obj instanceof AccessControlContext)
       {
-        AccessControlContext acc = (AccessControlContext) obj;
+	AccessControlContext acc = (AccessControlContext) obj;
 
-        if (acc.protectionDomains.length != protectionDomains.length)
-          return false;
+	if (acc.protectionDomains.length != protectionDomains.length)
+	  return false;
 
         int i, j;
         for (i = 0; i < protectionDomains.length; i++)
@@ -159,7 +159,7 @@
   }
 
   /**
-   * Computes a hash code of this class.
+   * Computes a hash code of this class
    *
    * @return a hash code representing this class
    */
Index: kaffe/libraries/javalib/java/security/AccessController.java
diff -u kaffe/libraries/javalib/java/security/AccessController.java:1.2 kaffe/libraries/javalib/java/security/AccessController.java:1.3
--- kaffe/libraries/javalib/java/security/AccessController.java:1.2	Mon May 31 21:15:32 2004
+++ kaffe/libraries/javalib/java/security/AccessController.java	Thu Jun  3 22:26:00 2004
@@ -113,7 +113,7 @@
    * @return the result of the <code>action.run()</code> method.
    */
   public static Object doPrivileged(PrivilegedAction action,
-                                    AccessControlContext context)
+				    AccessControlContext context)
   {
     VMAccessController.pushContext (context, action.getClass());
     try
@@ -148,11 +148,11 @@
 
     try
       {
-        return action.run();
+	return action.run();
       }
     catch (Exception e)
       {
-        throw new PrivilegedActionException(e);
+	throw new PrivilegedActionException(e);
       }
   }
 
@@ -175,18 +175,18 @@
    * is thrown in the <code>run()</code> method.
    */
   public static Object doPrivileged(PrivilegedExceptionAction action,
-                                    AccessControlContext context)
+				    AccessControlContext context)
     throws PrivilegedActionException
   {
     VMAccessController.pushContext (context, action.getClass());
 
     try
       {
-        return action.run();
+	return action.run();
       }
     catch (Exception e)
       {
-        throw new PrivilegedActionException(e);
+	throw new PrivilegedActionException(e);
       }
     finally
       {
@@ -203,7 +203,10 @@
    *
    * <p>Additionally, if a call was made to {@link
    * #doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)}
-   * that supplied an {@link AccessControlContext}, then that
+   * that supplied an {@link AccessControlContext}, then that context
+   * will be intersected with the calculated one.
+   *
+   * @return The context.
    */
   public static AccessControlContext getContext()
   {
Index: kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java
diff -u kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1 kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.2
--- kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java:1.1	Mon May 31 21:17:16 2004
+++ kaffe/libraries/javalib/java/security/IntersectingDomainCombiner.java	Thu Jun  3 22:26:00 2004
@@ -1,5 +1,5 @@
 /* IntersectingDomainCombiner.java --
-   Copyright (C) 2004  Casey Marshall <csm at gnu.org>
+   Copyright (C) 2004  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
Index: kaffe/libraries/javalib/java/security/ProtectionDomain.java
diff -u kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.3 kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.4
--- kaffe/libraries/javalib/java/security/ProtectionDomain.java:1.3	Mon May 31 21:15:32 2004
+++ kaffe/libraries/javalib/java/security/ProtectionDomain.java	Thu Jun  3 22:26:00 2004
@@ -1,5 +1,5 @@
 /* ProtectionDomain.java -- A security domain
-   Copyright (C) 1998, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1998, 2003, 2004  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
Index: kaffe/libraries/javalib/java/security/SecureClassLoader.java
diff -u kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.6 kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7
--- kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.6	Mon May 31 21:15:32 2004
+++ kaffe/libraries/javalib/java/security/SecureClassLoader.java	Thu Jun  3 22:26:00 2004
@@ -1,5 +1,5 @@
 /* SecureClassLoader.java --- A Secure Class Loader
-   Copyright (C) 1999, 2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,13 +38,13 @@
 package java.security;
 
 /**
-   A Secure Class Loader for loading classes with additional
-   support for specifying code source and permissions when
-   they are retrieved by the system policy handler.
-
-   @since JDK 1.2
-
-   @author Mark Benvenuto
+ * A Secure Class Loader for loading classes with additional 
+ * support for specifying code source and permissions when
+ * they are retrieved by the system policy handler.
+ *
+ * @since 1.2
+ *
+ * @author Mark Benvenuto
  */
 public class SecureClassLoader extends ClassLoader
 {
@@ -63,43 +63,42 @@
       sm.checkCreateClassLoader();
   }
 
-  /**
-     Creates a class using an array of bytes and a
-     CodeSource.
-
-     @param name the name to give the class.  null if unknown.
-     @param b the data representing the classfile, in classfile format.
-     @param off the offset into the data where the classfile starts.
-     @param len the length of the classfile data in the array.
-     @param cs the CodeSource for the class or null when unknown.
-
-     @return the class that was defined and optional CodeSource.
-
-     @exception ClassFormatError if the byte array is not in proper classfile format.
+  /** 
+   * Creates a class using an array of bytes and a 
+   * CodeSource.
+   *
+   * @param name the name to give the class.  null if unknown.
+   * @param b the data representing the classfile, in classfile format.
+   * @param off the offset into the data where the classfile starts.
+   * @param len the length of the classfile data in the array.
+   * @param cs the CodeSource for the class or null when unknown.
+   *
+   * @return the class that was defined and optional CodeSource.
+   *
+   * @exception ClassFormatError if the byte array is not in proper classfile format.
    */
   protected final Class defineClass(String name, byte[] b, int off, int len,
-                                    CodeSource cs)
+				    CodeSource cs)
   {
     // FIXME: Need to cache ProtectionDomains according to 1.3 docs.
     if (cs != null)
       {
-        ProtectionDomain protectionDomain
-                = new ProtectionDomain(cs, getPermissions(cs), this, null);
-        return super.defineClass(name, b, off, len, protectionDomain);
-      }
+	ProtectionDomain protectionDomain
+          = new ProtectionDomain(cs, getPermissions(cs), this, null);
+	return super.defineClass(name, b, off, len, protectionDomain);
+      } 
     else
       return super.defineClass(name, b, off, len);
   }
 
   /**
-     Returns a PermissionCollection for the specified CodeSource.
-     The default implementation invokes
-     java.security.Policy.getPermissions.
-
-     This method is called by defineClass that takes a CodeSource
-     arguement to build a proper ProtectionDomain for the class
-     being defined.
-
+   * Returns a PermissionCollection for the specified CodeSource.
+   * The default implementation invokes 
+   * java.security.Policy.getPermissions.
+   *
+   * This method is called by defineClass that takes a CodeSource
+   * arguement to build a proper ProtectionDomain for the class
+   * being defined.
    */
   protected PermissionCollection getPermissions(CodeSource cs)
   {
Index: kaffe/libraries/javalib/java/security/VMAccessController.java
diff -u kaffe/libraries/javalib/java/security/VMAccessController.java:1.1 kaffe/libraries/javalib/java/security/VMAccessController.java:1.2
--- kaffe/libraries/javalib/java/security/VMAccessController.java:1.1	Mon May 31 21:17:16 2004
+++ kaffe/libraries/javalib/java/security/VMAccessController.java	Thu Jun  3 22:26:00 2004
@@ -1,5 +1,5 @@
 /* VMAccessController.java -- VM-specific access controller methods.
-   Copyright (C) 2004  Casey Marshall <csm at gnu.org>
+   Copyright (C) 2004  Free Software Foundation, Inc.
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -73,7 +73,7 @@
     DEFAULT_CONTEXT = new AccessControlContext(domain);
   }
 
-  private static final boolean DEBUG = true;
+  private static final boolean DEBUG = false;
   private static void debug (String msg)
   {
     System.err.print (">>> VMAccessController: ");
Index: kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java
diff -u kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.2 kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.3
--- kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java:1.2	Mon May 31 21:15:33 2004
+++ kaffe/libraries/javalib/java/util/PropertyPermissionCollection.java	Thu Jun  3 22:26:01 2004
@@ -1,5 +1,5 @@
 /* PropertyPermissionCollection.java -- a collection of PropertyPermissions
-   Copyright (C) 2002 Free Software Foundation, Inc.
+   Copyright (C) 2002, 2004  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -67,7 +67,7 @@
   /**
    * A flag to detect if "*" is in the collection.
    *
-   * @serial true if "*" is in the collection
+   * @serial true if "*" is in the collection 
    */
   private boolean all_allowed;
 
@@ -103,10 +103,12 @@
   /**
    * Returns true if this collection implies the given permission. This even
    * returns true for this case:
-   * <p>
-<pre>collection.add(new PropertyPermission("a.*", "read"));
-collection.add(new PropertyPermission("a.b.*", "write"));
-collection.implies(new PropertyPermission("a.b.c", "read,write"));</pre>
+   *
+   * <pre>
+   * collection.add(new PropertyPermission("a.*", "read"));
+   * collection.add(new PropertyPermission("a.b.*", "write"));
+   * collection.implies(new PropertyPermission("a.b.c", "read,write"));
+   * </pre>
    *
    * @param permission the permission to check
    * @return true if it is implied by this




More information about the kaffe mailing list