[kaffe] CVS kaffe (robilad): Resynced with GNU Classpath:
policyfile and X500principal
Kaffe CVS
cvs-commits at kaffe.org
Tue Aug 9 15:56:31 PDT 2005
PatchSet 6798
Date: 2005/08/09 22:48:32
Author: robilad
Branch: HEAD
Tag: (none)
Log:
Resynced with GNU Classpath: policyfile and X500principal
Members:
ChangeLog:1.4323->1.4324
libraries/javalib/gnu/classpath/debug/Component.java:1.1->1.2
libraries/javalib/gnu/java/security/PolicyFile.java:1.7->1.8
libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7->1.8
Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.4323 kaffe/ChangeLog:1.4324
--- kaffe/ChangeLog:1.4323 Tue Aug 9 14:03:36 2005
+++ kaffe/ChangeLog Tue Aug 9 22:48:32 2005
@@ -1,3 +1,32 @@
+2005-08-10 Dalibor Topic <robilad at kaffe.org>
+
+ Resynced with GNU Classpath.
+
+ 2005-08-08 Casey Marshall <csm at gnu.org>
+
+ Fixes bug #22914
+ * gnu/classpath/debug/Component.java (POLICY): new constant.
+ * gnu/java/security/PolicyFile.java (logger): new constant.
+ (DEBUG,debug,debug): removed.
+ (DEFAULT_POLICY): use 'SystemProperties' class to bypass security
+ check.
+ (DEFAULT_USER_POLICY): new constant.
+ (getPermissions): replace 'debug' calls with logger calls.
+ (refresh): add 'DEFAULT_USER_POLICY' to the initial list;
+ interpret 'java.security.policy' and 'policy.url' properties
+ properly; replace 'debug' calls with logger calls.
+ (parse): replace 'debug' calls with logger calls.
+
+ 2005-08-07 Casey Marshall <csm at gnu.org>
+
+ * javax/security/auth/x500/X500Principal.java
+ (encodeDer): use the right iterator for the inner loop.
+ (parseString): test for end of input.
+ (readAttributeType): provide detail message for exception.
+ (readAttributeValue): return the result on end of input;
+ read the next character while looping.
+ (putComponent): accept 'o' and 'ou' short names.
+
2005-08-09 Jim Huang <jserv at kaffe.org>
* libraries/javalib/awt-implementations/kaffe/java/awt/AWTEvent.java
Index: kaffe/libraries/javalib/gnu/classpath/debug/Component.java
diff -u kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.1 kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.2
--- kaffe/libraries/javalib/gnu/classpath/debug/Component.java:1.1 Sat Jul 16 21:19:17 2005
+++ kaffe/libraries/javalib/gnu/classpath/debug/Component.java Tue Aug 9 22:48:37 2005
@@ -110,6 +110,12 @@
*/
public static final Component X509 = new Component ("X.509", 6);
+ /**
+ * Trace access control policies, including the parsing of
+ * java.policy files.
+ */
+ public static final Component POLICY = new Component ("POLICY", 7);
+
private final int startIndex;
private final int endIndex;
Index: kaffe/libraries/javalib/gnu/java/security/PolicyFile.java
diff -u kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.7 kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.8
--- kaffe/libraries/javalib/gnu/java/security/PolicyFile.java:1.7 Mon Jul 4 00:05:38 2005
+++ kaffe/libraries/javalib/gnu/java/security/PolicyFile.java Tue Aug 9 22:48:37 2005
@@ -37,6 +37,10 @@
package gnu.java.security;
+import gnu.classpath.SystemProperties;
+import gnu.classpath.debug.Component;
+import gnu.classpath.debug.SystemLogger;
+
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
@@ -66,6 +70,7 @@
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
+import java.util.logging.Logger;
/**
* An implementation of a {@link java.security.Policy} object whose
@@ -143,24 +148,16 @@
// Constants and fields.
// -------------------------------------------------------------------------
- private static final boolean DEBUG = true;
- // Package-private to avoid a trampoline.
- static void debug(String msg)
- {
- System.err.print(">> PolicyFile: ");
- System.err.println(msg);
- }
-
- private static void debug(Throwable t)
- {
- System.err.println(">> PolicyFile");
- t.printStackTrace(System.err);
- }
+ private static final Logger logger = SystemLogger.SYSTEM;
- private static final String DEFAULT_POLICY = System.getProperty("java.home")
- + System.getProperty("file.separator") + "lib"
- + System.getProperty("file.separator") + "security"
- + System.getProperty("file.separator") + "java.policy";
+ private static final String DEFAULT_POLICY =
+ SystemProperties.getProperty("java.home")
+ + SystemProperties.getProperty("file.separator") + "lib"
+ + SystemProperties.getProperty("file.separator") + "security"
+ + SystemProperties.getProperty("file.separator") + "java.policy";
+ private static final String DEFAULT_USER_POLICY =
+ SystemProperties.getProperty ("user.home") +
+ SystemProperties.getProperty ("file.separator") + ".java.policy";
private final Map cs2pc;
@@ -185,7 +182,8 @@
CodeSource cs = (CodeSource) e.getKey();
if (cs.implies(codeSource))
{
- if (DEBUG) debug(cs+" -> "+codeSource);
+ logger.log (Component.POLICY, "{0} -> {1}", new Object[]
+ { cs, codeSource });
PermissionCollection pc = (PermissionCollection) e.getValue();
for (Enumeration ee = pc.elements(); ee.hasMoreElements(); )
{
@@ -193,50 +191,69 @@
}
}
else
- if (DEBUG) debug(cs+" !-> "+codeSource);
+ logger.log (Component.POLICY, "{0} !-> {1}", new Object[]
+ { cs, codeSource });
}
- if (DEBUG) debug ("returning permissions " + perms + " for " + codeSource);
+ logger.log (Component.POLICY, "returning permissions {0} for {1}",
+ new Object[] { perms, codeSource });
return perms;
}
public void refresh()
{
cs2pc.clear();
- List policyFiles = new LinkedList();
+ final List policyFiles = new LinkedList();
try
{
- policyFiles.add(new File(DEFAULT_POLICY).toURL());
- if (DEBUG) debug ("defualt policy is " + DEFAULT_POLICY);
- policyFiles.addAll((List) AccessController.doPrivileged(
+ policyFiles.add (new File (DEFAULT_POLICY).toURL());
+ policyFiles.add (new File (DEFAULT_USER_POLICY).toURL ());
+
+ AccessController.doPrivileged(
new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
- LinkedList l = new LinkedList();
+ String allow = Security.getProperty ("policy.allowSystemProperty");
+ if (allow == null || Boolean.getBoolean (allow))
+ {
+ String s = SystemProperties.getProperty ("java.security.policy");
+ logger.log (Component.POLICY, "java.security.policy={0}", s);
+ if (s != null)
+ {
+ boolean only;
+ if (only = s.startsWith ("="))
+ s = s.substring (1);
+ policyFiles.clear ();
+ policyFiles.add (new URL (s));
+ if (only)
+ return null;
+ }
+ }
for (int i = 1; ; i++)
{
- String s = Security.getProperty("policy.file."+i);
- if (DEBUG) debug("policy.file."+i+"="+s);
+ String pname = "policy.url." + i;
+ String s = Security.getProperty (pname);
+ logger.log (Component.POLICY, "{0}={1}", new Object []
+ { pname, s });
if (s == null)
break;
- l.add(new URL(s));
+ policyFiles.add (new URL (s));
}
- String s = System.getProperty("java.security.policy");
- if (DEBUG) debug("java.security.policy="+s);
- if (s != null)
- l.add(new URL(s));
- return l;
+ return null;
}
- }));
+ });
}
catch (PrivilegedActionException pae)
{
- if (DEBUG) debug(pae);
+ logger.log (Component.POLICY, "reading policy properties", pae);
}
catch (MalformedURLException mue)
{
- if (DEBUG) debug(mue);
+ logger.log (Component.POLICY, "setting default policies", mue);
}
+
+ logger.log (Component.POLICY, "building policy from URLs {0}",
+ policyFiles);
for (Iterator it = policyFiles.iterator(); it.hasNext(); )
{
try
@@ -246,7 +263,7 @@
}
catch (IOException ioe)
{
- if (DEBUG) debug(ioe);
+ logger.log (Component.POLICY, "reading policy", ioe);
}
}
}
@@ -273,7 +290,7 @@
*/
private void parse(final URL url) throws IOException
{
- if (DEBUG) debug ("reading policy file from " + url);
+ logger.log (Component.POLICY, "reading policy file from {0}", url);
final StreamTokenizer in = new StreamTokenizer(new InputStreamReader(url.openStream()));
in.resetSyntax();
in.slashSlashComments(true);
Index: kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java
diff -u kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7 kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.8
--- kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java:1.7 Sat Jul 30 16:39:21 2005
+++ kaffe/libraries/javalib/javax/security/auth/x500/X500Principal.java Tue Aug 9 22:48:37 2005
@@ -274,7 +274,7 @@
Set rdn = new HashSet();
for (Iterator it2 = m.entrySet().iterator(); it2.hasNext(); )
{
- Map.Entry e = (Map.Entry) it.next();
+ Map.Entry e = (Map.Entry) it2.next();
ArrayList atav = new ArrayList(2);
atav.add(new DERValue(DER.OBJECT_IDENTIFIER, e.getKey()));
atav.add(new DERValue(DER.UTF8_STRING, e.getValue()));
@@ -300,6 +300,8 @@
putComponent(key, value);
if (sep == ',')
newRelativeDistinguishedName();
+ if (sep == -1)
+ break;
}
}
@@ -312,7 +314,7 @@
if (ch == -1)
{
if (buf.length() > 0)
- throw new EOFException();
+ throw new EOFException("partial name read: " + buf);
return null;
}
if (ch > 127)
@@ -416,10 +418,12 @@
case ';':
throw new IOException("illegal character: " + (char) ch);
case -1:
- throw new EOFException();
+ sep = -1;
+ return buf.toString ();
default:
buf.append((char) ch);
}
+ ch = in.read ();
}
}
}
@@ -484,6 +488,10 @@
putComponent(STREET, value);
else if (name.equals("st"))
putComponent(ST, value);
+ else if (name.equals ("o"))
+ putComponent (O, value);
+ else if (name.equals ("ou"))
+ putComponent (OU, value);
else if (name.equals("dc"))
putComponent(DC, value);
else if (name.equals("uid"))
More information about the kaffe
mailing list