[kaffe] CVS kaffe (robilad): Resynced with GNU Classpath: permission fixes

Kaffe CVS cvs-commits at kaffe.org
Sat Feb 19 08:18:42 PST 2005


PatchSet 5566 
Date: 2005/02/19 16:10:18
Author: robilad
Branch: HEAD
Tag: (none) 
Log:
Resynced with GNU Classpath: permission fixes

2005-02-19  Dalibor Topic  <robilad at kaffe.org>

Resynced with GNU Classpath.

2005-02-16  Andrew Haley  <aph at redhat.com>

* javax/security/auth/Subject.java (doAsPrivileged): If acc is
null, create a new AccessControlContext.
* java/security/SecureClassLoader.java (protectionDomainCache):
new field.
(defineClass): Create a new protection domain and add it to our
cache.

* java/rmi/server/UnicastRemoteObject.java (exportObject): Call
addStub() to keep track of the stub we've exported.
(unexportObject): Call deleteStub().
* java/rmi/server/RemoteObject.java (stubs): New field.
(addStub): New method.
(deleteStub): New method.
(toStub): Rewrite.

* java/security/Permissions.java (PermissionsHash.implies):
Iterate over the collection and invoke implies() on each
element.

Members: 
	ChangeLog:1.3610->1.3611 
	libraries/javalib/java/rmi/server/RemoteObject.java:1.5->1.6 
	libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5->1.6 
	libraries/javalib/java/security/Permissions.java:1.7->1.8 
	libraries/javalib/java/security/SecureClassLoader.java:1.7->1.8 
	libraries/javalib/javax/security/auth/Subject.java:1.2->1.3 

Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.3610 kaffe/ChangeLog:1.3611
--- kaffe/ChangeLog:1.3610	Sat Feb 19 16:01:16 2005
+++ kaffe/ChangeLog	Sat Feb 19 16:10:18 2005
@@ -2,6 +2,31 @@
 
 	Resynced with GNU Classpath.
 	
+	2005-02-16  Andrew Haley  <aph at redhat.com>
+
+	* javax/security/auth/Subject.java (doAsPrivileged): If acc is
+	null, create a new AccessControlContext.
+	* java/security/SecureClassLoader.java (protectionDomainCache):
+	new field.
+	(defineClass): Create a new protection domain and add it to our
+	cache.
+
+	* java/rmi/server/UnicastRemoteObject.java (exportObject): Call
+	addStub() to keep track of the stub we've exported.
+	(unexportObject): Call deleteStub().
+	* java/rmi/server/RemoteObject.java (stubs): New field.
+	(addStub): New method.
+	(deleteStub): New method.
+	(toStub): Rewrite.
+	
+	* java/security/Permissions.java (PermissionsHash.implies):
+	Iterate over the collection and invoke implies() on each
+	element.
+	
+2005-02-19  Dalibor Topic  <robilad at kaffe.org>
+
+	Resynced with GNU Classpath.
+	
 	2005-02-16  Julian Scheid  <julian at sektor37.de>
 
 	* gnu/java/nio/charset/UTF_8.java (decodeLoop): Set inPos to
Index: kaffe/libraries/javalib/java/rmi/server/RemoteObject.java
diff -u kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.5 kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.6
--- kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.5	Tue Jan 18 15:44:38 2005
+++ kaffe/libraries/javalib/java/rmi/server/RemoteObject.java	Sat Feb 19 16:10:21 2005
@@ -45,6 +45,7 @@
 import java.rmi.NoSuchObjectException;
 import java.rmi.Remote;
 import java.rmi.UnmarshalException;
+import java.util.WeakHashMap;
 
 public abstract class RemoteObject
 	implements Remote, Serializable {
@@ -53,6 +54,8 @@
 
 protected transient RemoteRef ref;
 
+private static final WeakHashMap stubs = new WeakHashMap();
+
 protected RemoteObject() {
 	this(null);
 }
@@ -65,21 +68,24 @@
 	return (ref);
 }
 
+synchronized static void addStub(Remote obj, Remote stub)
+{
+  stubs.put(obj, stub);
+}
+
+synchronized static void deleteStub(Remote obj)
+{
+  stubs.remove(obj);
+}
+
   public static Remote toStub(Remote obj) throws NoSuchObjectException 
   {
-    Class cls = obj.getClass();
-    String classname = cls.getName();
-    ClassLoader cl = cls.getClassLoader();
-    try 
-      {
-	Class scls = cl.loadClass(classname + "_Stub");
-	// JDK 1.2 stubs
-	Class[] stubprototype = new Class[] { RemoteRef.class };
-	Constructor con = scls.getConstructor(stubprototype);
-	return (Remote)(con.newInstance(new Object[]{obj}));
-      }
-    catch (Exception e) {}
-    throw new NoSuchObjectException(obj.getClass().getName());
+    Remote stub = (Remote)stubs.get(obj);
+
+    if (stub == null)
+      throw new NoSuchObjectException(obj.getClass().getName());
+
+    return stub;
   }
 
 public int hashCode() {
Index: kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java
diff -u kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5 kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.6
--- kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5	Sat Oct 23 18:03:42 2004
+++ kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java	Sat Feb 19 16:10:21 2005
@@ -98,7 +98,9 @@
       {
 	sref = new UnicastServerRef(new ObjID (), port, ssf);
       }
-    return (sref.exportObject (obj)); 
+    Remote stub = sref.exportObject (obj); 
+    addStub(obj, stub);
+    return stub;
   }
 
   /**
@@ -116,12 +118,15 @@
   {
     if (obj instanceof RemoteObject)
       {
+	deleteStub(obj);
 	UnicastServerRef sref = (UnicastServerRef)((RemoteObject)obj).getRef();
 	return sref.unexportObject(obj, force);
       }
     else
-      //FIX ME
-      ;
+      {
+	//FIX ME
+	;
+      }
     return true;
   }
 
Index: kaffe/libraries/javalib/java/security/Permissions.java
diff -u kaffe/libraries/javalib/java/security/Permissions.java:1.7 kaffe/libraries/javalib/java/security/Permissions.java:1.8
--- kaffe/libraries/javalib/java/security/Permissions.java:1.7	Sat Feb 19 15:04:20 2005
+++ kaffe/libraries/javalib/java/security/Permissions.java	Sat Feb 19 16:10:21 2005
@@ -227,9 +227,18 @@
      * @param perm the permission to check
      * @return true if it is implied
      */
+    // FIXME: Should this method be synchronized?
     public boolean implies(Permission perm)
     {
-      return perms.get(perm) != null;
+      Enumeration elements = elements();
+      
+      while (elements.hasMoreElements())
+	{
+	  Permission p = (Permission)elements.nextElement();
+	  if (p.implies(perm))
+	    return true;
+	}
+      return false;
     }
 
     /**
Index: kaffe/libraries/javalib/java/security/SecureClassLoader.java
diff -u kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7 kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.8
--- kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7	Thu Jun  3 22:26:00 2004
+++ kaffe/libraries/javalib/java/security/SecureClassLoader.java	Sat Feb 19 16:10:21 2005
@@ -48,6 +48,8 @@
  */
 public class SecureClassLoader extends ClassLoader
 {
+  java.util.WeakHashMap protectionDomainCache = new java.util.WeakHashMap();
+
   protected SecureClassLoader(ClassLoader parent)
   {
     super(parent);
@@ -80,11 +82,29 @@
   protected final Class defineClass(String name, byte[] b, int off, int len,
 				    CodeSource cs)
   {
-    // FIXME: Need to cache ProtectionDomains according to 1.3 docs.
     if (cs != null)
       {
-	ProtectionDomain protectionDomain
-          = new ProtectionDomain(cs, getPermissions(cs), this, null);
+	ProtectionDomain protectionDomain;
+	  
+	synchronized (protectionDomainCache)
+	  {
+	    protectionDomain = (ProtectionDomain)protectionDomainCache.get(cs);
+	  }
+
+	if (protectionDomain == null)
+	  {
+	    protectionDomain 
+	      = new ProtectionDomain(cs, getPermissions(cs), this, null);
+	    synchronized (protectionDomainCache)
+	      {
+		ProtectionDomain domain 
+		  = (ProtectionDomain)protectionDomainCache.get(cs);
+		if (domain == null)
+		  protectionDomainCache.put(cs, protectionDomain);
+		else
+		  protectionDomain = domain;
+	      }
+	  }
 	return super.defineClass(name, b, off, len, protectionDomain);
       } 
     else
Index: kaffe/libraries/javalib/javax/security/auth/Subject.java
diff -u kaffe/libraries/javalib/javax/security/auth/Subject.java:1.2 kaffe/libraries/javalib/javax/security/auth/Subject.java:1.3
--- kaffe/libraries/javalib/javax/security/auth/Subject.java:1.2	Sun Oct 24 17:20:13 2004
+++ kaffe/libraries/javalib/javax/security/auth/Subject.java	Sat Feb 19 16:10:22 2005
@@ -235,7 +235,7 @@
    */
   public static Object doAsPrivileged (final Subject subject,
                                        final PrivilegedExceptionAction action,
-                                       final AccessControlContext acc)
+				       AccessControlContext acc)
     throws PrivilegedActionException
   {
     final SecurityManager sm = System.getSecurityManager();
@@ -243,6 +243,8 @@
       {
         sm.checkPermission (new AuthPermission ("doAsPrivileged"));
       }
+    if (acc == null)
+      acc = new AccessControlContext (new java.security.ProtectionDomain[0]);
     AccessControlContext context =
       new AccessControlContext (acc, new SubjectDomainCombiner (subject));
     return AccessController.doPrivileged (action, context);



More information about the kaffe mailing list