8a7228ee92
2004-11-24 Michael Koch <konqueror@gmx.de> * gnu/java/security/PolicyFile.java: New file. * Makefile.am: Added gnu/java/security/PolicyFile.java. * Makefile.in: Regenerated. From-SVN: r91165
666 lines
22 KiB
Java
666 lines
22 KiB
Java
/* PolicyFile.java -- policy file reader.
|
|
Copyright (C) 2004 Free Software Foundation, Inc.
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2, or (at your option)
|
|
any later version.
|
|
|
|
This program is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; see the file COPYING. If not, write to the
|
|
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
02111-1307 USA.
|
|
|
|
Linking this library statically or dynamically with other modules is
|
|
making a combined work based on this library. Thus, the terms and
|
|
conditions of the GNU General Public License cover the whole
|
|
combination.
|
|
|
|
As a special exception, the copyright holders of this library give you
|
|
permission to link this library with independent modules to produce an
|
|
executable, regardless of the license terms of these independent
|
|
modules, and to copy and distribute the resulting executable under
|
|
terms of your choice, provided that you also meet, for each linked
|
|
independent module, the terms and conditions of the license of that
|
|
module. An independent module is a module which is not derived from
|
|
or based on this library. If you modify this library, you may extend
|
|
this exception to your version of the library, but you are not
|
|
obligated to do so. If you do not wish to do so, delete this
|
|
exception statement from your version. */
|
|
|
|
|
|
package gnu.java.security;
|
|
|
|
import java.io.File;
|
|
import java.io.IOException;
|
|
import java.io.InputStreamReader;
|
|
import java.io.StreamTokenizer;
|
|
import java.lang.reflect.Constructor;
|
|
import java.net.MalformedURLException;
|
|
import java.net.URL;
|
|
import java.security.AccessController;
|
|
import java.security.CodeSource;
|
|
import java.security.KeyStore;
|
|
import java.security.KeyStoreException;
|
|
import java.security.Permission;
|
|
import java.security.PermissionCollection;
|
|
import java.security.Permissions;
|
|
import java.security.Policy;
|
|
import java.security.Principal;
|
|
import java.security.PrivilegedActionException;
|
|
import java.security.PrivilegedExceptionAction;
|
|
import java.security.Security;
|
|
import java.security.UnresolvedPermission;
|
|
import java.security.cert.Certificate;
|
|
import java.security.cert.X509Certificate;
|
|
import java.util.Enumeration;
|
|
import java.util.HashMap;
|
|
import java.util.Iterator;
|
|
import java.util.LinkedList;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
import java.util.StringTokenizer;
|
|
|
|
/**
|
|
* An implementation of a {@link java.security.Policy} object whose
|
|
* permissions are specified by a <em>policy file</em>.
|
|
*
|
|
* <p>The approximate syntax of policy files is:</p>
|
|
*
|
|
* <pre>
|
|
* policyFile ::= keystoreOrGrantEntries ;
|
|
*
|
|
* keystoreOrGrantEntries ::= keystoreOrGrantEntry |
|
|
* keystoreOrGrantEntries keystoreOrGrantEntry |
|
|
* EMPTY ;
|
|
*
|
|
* keystoreOrGrantEntry ::= keystoreEntry | grantEntry ;
|
|
*
|
|
* keystoreEntry ::= "keystore" keystoreUrl ';' |
|
|
* "keystore" keystoreUrl ',' keystoreAlgorithm ';' ;
|
|
*
|
|
* keystoreUrl ::= URL ;
|
|
* keystoreAlgorithm ::= STRING ;
|
|
*
|
|
* grantEntry ::= "grant" domainParameters '{' permissions '}' ';'
|
|
*
|
|
* domainParameters ::= domainParameter |
|
|
* domainParameter ',' domainParameters ;
|
|
*
|
|
* domainParameter ::= "signedBy" signerNames |
|
|
* "codeBase" codeBaseUrl |
|
|
* "principal" principalClassName principalName |
|
|
* "principal" principalName ;
|
|
*
|
|
* signerNames ::= quotedString ;
|
|
* codeBaseUrl ::= URL ;
|
|
* principalClassName ::= STRING ;
|
|
* principalName ::= quotedString ;
|
|
*
|
|
* quotedString ::= quoteChar STRING quoteChar ;
|
|
* quoteChar ::= '"' | '\'';
|
|
*
|
|
* permissions ::= permission | permissions permission ;
|
|
*
|
|
* permission ::= "permission" permissionClassName permissionTarget permissionAction |
|
|
* "permission" permissionClassName permissionTarget |
|
|
* "permission" permissionClassName;
|
|
* </pre>
|
|
*
|
|
* <p>Comments are either form of Java comments. Keystore entries only
|
|
* affect subsequent grant entries, so if a grant entry preceeds a
|
|
* keystore entry, that grant entry is not affected by that keystore
|
|
* entry. Certian instances of <code>${property-name}</code> will be
|
|
* replaced with <code>System.getProperty("property-name")</code> in
|
|
* quoted strings.</p>
|
|
*
|
|
* <p>This class will load the following files when created or
|
|
* refreshed, in order:</p>
|
|
*
|
|
* <ol>
|
|
* <li>The file <code>${java.home}/lib/security/java.policy</code>.</li>
|
|
* <li>All URLs specified by security properties
|
|
* <code>"policy.file.<i>n</i>"</code>, for increasing <i>n</i>
|
|
* starting from 1. The sequence stops at the first undefined
|
|
* property, so you must set <code>"policy.file.1"</code> if you also
|
|
* set <code>"policy.file.2"</code>, and so on.</li>
|
|
* <li>The URL specified by the property
|
|
* <code>"java.security.policy"</code>.</li>
|
|
* </ol>
|
|
*
|
|
* @author Casey Marshall (csm@gnu.org)
|
|
* @see java.security.Policy
|
|
*/
|
|
public final class PolicyFile extends Policy
|
|
{
|
|
|
|
// Constants and fields.
|
|
// -------------------------------------------------------------------------
|
|
|
|
private static final boolean DEBUG = true;
|
|
private static void debug(String msg)
|
|
{
|
|
System.err.print(">> PolicyFile: ");
|
|
System.err.println(msg);
|
|
}
|
|
|
|
private static void debug(Throwable t)
|
|
{
|
|
System.err.println(">> PolicyFile");
|
|
t.printStackTrace(System.err);
|
|
}
|
|
|
|
private static final String DEFAULT_POLICY = System.getProperty("java.home")
|
|
+ System.getProperty("file.separator") + "lib"
|
|
+ System.getProperty("file.separator") + "security"
|
|
+ System.getProperty("file.separator") + "java.policy";
|
|
|
|
private final Map cs2pc;
|
|
|
|
// Constructors.
|
|
// -------------------------------------------------------------------------
|
|
|
|
public PolicyFile()
|
|
{
|
|
cs2pc = new HashMap();
|
|
refresh();
|
|
}
|
|
|
|
// Instance methods.
|
|
// -------------------------------------------------------------------------
|
|
|
|
public PermissionCollection getPermissions(CodeSource codeSource)
|
|
{
|
|
Permissions perms = new Permissions();
|
|
for (Iterator it = cs2pc.entrySet().iterator(); it.hasNext(); )
|
|
{
|
|
Map.Entry e = (Map.Entry) it.next();
|
|
CodeSource cs = (CodeSource) e.getKey();
|
|
if (cs.implies(codeSource))
|
|
{
|
|
if (DEBUG) debug(cs+" -> "+codeSource);
|
|
PermissionCollection pc = (PermissionCollection) e.getValue();
|
|
for (Enumeration ee = pc.elements(); ee.hasMoreElements(); )
|
|
{
|
|
perms.add((Permission) ee.nextElement());
|
|
}
|
|
}
|
|
else
|
|
if (DEBUG) debug(cs+" !-> "+codeSource);
|
|
}
|
|
if (DEBUG) debug ("returning permissions " + perms + " for " + codeSource);
|
|
return perms;
|
|
}
|
|
|
|
public void refresh()
|
|
{
|
|
cs2pc.clear();
|
|
List policyFiles = new LinkedList();
|
|
try
|
|
{
|
|
policyFiles.add(new File(DEFAULT_POLICY).toURL());
|
|
if (DEBUG) debug ("defualt policy is " + DEFAULT_POLICY);
|
|
policyFiles.addAll((List) AccessController.doPrivileged(
|
|
new PrivilegedExceptionAction()
|
|
{
|
|
public Object run() throws Exception
|
|
{
|
|
LinkedList l = new LinkedList();
|
|
for (int i = 1; ; i++)
|
|
{
|
|
String s = Security.getProperty("policy.file."+i);
|
|
if (DEBUG) debug("policy.file."+i+"="+s);
|
|
if (s == null)
|
|
break;
|
|
l.add(new URL(s));
|
|
}
|
|
String s = System.getProperty("java.security.policy");
|
|
if (DEBUG) debug("java.security.policy="+s);
|
|
if (s != null)
|
|
l.add(new URL(s));
|
|
return l;
|
|
}
|
|
}));
|
|
}
|
|
catch (PrivilegedActionException pae)
|
|
{
|
|
if (DEBUG) debug(pae);
|
|
}
|
|
catch (MalformedURLException mue)
|
|
{
|
|
if (DEBUG) debug(mue);
|
|
}
|
|
for (Iterator it = policyFiles.iterator(); it.hasNext(); )
|
|
{
|
|
try
|
|
{
|
|
URL url = (URL) it.next();
|
|
parse(url);
|
|
}
|
|
catch (IOException ioe)
|
|
{
|
|
if (DEBUG) debug(ioe);
|
|
}
|
|
}
|
|
}
|
|
|
|
public String toString()
|
|
{
|
|
return super.toString() + " [ " + cs2pc.toString() + " ]";
|
|
}
|
|
|
|
// Own methods.
|
|
// -------------------------------------------------------------------------
|
|
|
|
private static final int STATE_BEGIN = 0;
|
|
private static final int STATE_GRANT = 1;
|
|
private static final int STATE_PERMS = 2;
|
|
|
|
/**
|
|
* Parse a policy file, incorporating the permission definitions
|
|
* described therein.
|
|
*
|
|
* @param url The URL of the policy file to read.
|
|
* @throws IOException if an I/O error occurs, or if the policy file
|
|
* cannot be parsed.
|
|
*/
|
|
private void parse(final URL url) throws IOException
|
|
{
|
|
if (DEBUG) debug ("reading policy file from " + url);
|
|
final StreamTokenizer in = new StreamTokenizer(new InputStreamReader(url.openStream()));
|
|
in.resetSyntax();
|
|
in.slashSlashComments(true);
|
|
in.slashStarComments(true);
|
|
in.wordChars('A', 'Z');
|
|
in.wordChars('a', 'z');
|
|
in.wordChars('0', '9');
|
|
in.wordChars('.', '.');
|
|
in.wordChars('_', '_');
|
|
in.wordChars('$', '$');
|
|
in.whitespaceChars(' ', ' ');
|
|
in.whitespaceChars('\t', '\t');
|
|
in.whitespaceChars('\f', '\f');
|
|
in.whitespaceChars('\n', '\n');
|
|
in.whitespaceChars('\r', '\r');
|
|
in.quoteChar('\'');
|
|
in.quoteChar('"');
|
|
|
|
int tok;
|
|
int state = STATE_BEGIN;
|
|
List keystores = new LinkedList();
|
|
URL currentBase = null;
|
|
List currentCerts = new LinkedList();
|
|
Permissions currentPerms = new Permissions();
|
|
while ((tok = in.nextToken()) != StreamTokenizer.TT_EOF)
|
|
{
|
|
switch (tok)
|
|
{
|
|
case '{':
|
|
if (state != STATE_GRANT)
|
|
error(url, in, "spurious '{'");
|
|
state = STATE_PERMS;
|
|
tok = in.nextToken();
|
|
break;
|
|
case '}':
|
|
if (state != STATE_PERMS)
|
|
error(url, in, "spurious '}'");
|
|
state = STATE_BEGIN;
|
|
currentPerms.setReadOnly();
|
|
Certificate[] c = null;
|
|
if (!currentCerts.isEmpty())
|
|
c = (Certificate[]) currentCerts.toArray(new Certificate[currentCerts.size()]);
|
|
cs2pc.put(new CodeSource(currentBase, c), currentPerms);
|
|
currentCerts.clear();
|
|
currentPerms = new Permissions();
|
|
currentBase = null;
|
|
tok = in.nextToken();
|
|
if (tok != ';')
|
|
in.pushBack();
|
|
continue;
|
|
}
|
|
if (tok != StreamTokenizer.TT_WORD)
|
|
{
|
|
error(url, in, "expecting word token");
|
|
}
|
|
|
|
// keystore "<keystore-path>" [',' "<keystore-type>"] ';'
|
|
if (in.sval.equalsIgnoreCase("keystore"))
|
|
{
|
|
String alg = KeyStore.getDefaultType();
|
|
tok = in.nextToken();
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting key store URL");
|
|
String store = in.sval;
|
|
tok = in.nextToken();
|
|
if (tok == ',')
|
|
{
|
|
tok = in.nextToken();
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting key store type");
|
|
alg = in.sval;
|
|
tok = in.nextToken();
|
|
}
|
|
if (tok != ';')
|
|
error(url, in, "expecting semicolon");
|
|
try
|
|
{
|
|
KeyStore keystore = KeyStore.getInstance(alg);
|
|
keystore.load(new URL(url, store).openStream(), null);
|
|
keystores.add(keystore);
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
}
|
|
else if (in.sval.equalsIgnoreCase("grant"))
|
|
{
|
|
if (state != STATE_BEGIN)
|
|
error(url, in, "extraneous grant keyword");
|
|
state = STATE_GRANT;
|
|
}
|
|
else if (in.sval.equalsIgnoreCase("signedBy"))
|
|
{
|
|
if (state != STATE_GRANT && state != STATE_PERMS)
|
|
error(url, in, "spurious 'signedBy'");
|
|
if (keystores.isEmpty())
|
|
error(url, in, "'signedBy' with no keystores");
|
|
tok = in.nextToken();
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting signedBy name");
|
|
StringTokenizer st = new StringTokenizer(in.sval, ",");
|
|
while (st.hasMoreTokens())
|
|
{
|
|
String alias = st.nextToken();
|
|
for (Iterator it = keystores.iterator(); it.hasNext(); )
|
|
{
|
|
KeyStore keystore = (KeyStore) it.next();
|
|
try
|
|
{
|
|
if (keystore.isCertificateEntry(alias))
|
|
currentCerts.add(keystore.getCertificate(alias));
|
|
}
|
|
catch (KeyStoreException kse)
|
|
{
|
|
error(url, in, kse.toString());
|
|
}
|
|
}
|
|
}
|
|
tok = in.nextToken();
|
|
if (tok != ',')
|
|
{
|
|
if (state != STATE_GRANT)
|
|
error(url, in, "spurious ','");
|
|
in.pushBack();
|
|
}
|
|
}
|
|
else if (in.sval.equalsIgnoreCase("codeBase"))
|
|
{
|
|
if (state != STATE_GRANT)
|
|
error(url, in, "spurious 'codeBase'");
|
|
tok = in.nextToken();
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting code base URL");
|
|
String base = expand(in.sval);
|
|
if (File.separatorChar != '/')
|
|
base = base.replace(File.separatorChar, '/');
|
|
try
|
|
{
|
|
currentBase = new URL(base);
|
|
}
|
|
catch (MalformedURLException mue)
|
|
{
|
|
error(url, in, mue.toString());
|
|
}
|
|
tok = in.nextToken();
|
|
if (tok != ',')
|
|
in.pushBack();
|
|
}
|
|
else if (in.sval.equalsIgnoreCase("principal"))
|
|
{
|
|
if (state != STATE_GRANT)
|
|
error(url, in, "spurious 'principal'");
|
|
tok = in.nextToken();
|
|
if (tok == StreamTokenizer.TT_WORD)
|
|
{
|
|
tok = in.nextToken();
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting principal name");
|
|
String name = in.sval;
|
|
Principal p = null;
|
|
try
|
|
{
|
|
Class pclass = Class.forName(in.sval);
|
|
Constructor c =
|
|
pclass.getConstructor(new Class[] { String.class });
|
|
p = (Principal) c.newInstance(new Object[] { name });
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
for (Iterator it = keystores.iterator(); it.hasNext(); )
|
|
{
|
|
KeyStore ks = (KeyStore) it.next();
|
|
try
|
|
{
|
|
for (Enumeration e = ks.aliases(); e.hasMoreElements(); )
|
|
{
|
|
String alias = (String) e.nextElement();
|
|
if (ks.isCertificateEntry(alias))
|
|
{
|
|
Certificate cert = ks.getCertificate(alias);
|
|
if (!(cert instanceof X509Certificate))
|
|
continue;
|
|
if (p.equals(((X509Certificate) cert).getSubjectDN()) ||
|
|
p.equals(((X509Certificate) cert).getSubjectX500Principal()))
|
|
currentCerts.add(cert);
|
|
}
|
|
}
|
|
}
|
|
catch (KeyStoreException kse)
|
|
{
|
|
error(url, in, kse.toString());
|
|
}
|
|
}
|
|
}
|
|
else if (tok == '"' || tok == '\'')
|
|
{
|
|
String alias = in.sval;
|
|
for (Iterator it = keystores.iterator(); it.hasNext(); )
|
|
{
|
|
KeyStore ks = (KeyStore) it.next();
|
|
try
|
|
{
|
|
if (ks.isCertificateEntry(alias))
|
|
currentCerts.add(ks.getCertificate(alias));
|
|
}
|
|
catch (KeyStoreException kse)
|
|
{
|
|
error(url, in, kse.toString());
|
|
}
|
|
}
|
|
}
|
|
else
|
|
error(url, in, "expecting principal");
|
|
tok = in.nextToken();
|
|
if (tok != ',')
|
|
in.pushBack();
|
|
}
|
|
else if (in.sval.equalsIgnoreCase("permission"))
|
|
{
|
|
if (state != STATE_PERMS)
|
|
error(url, in, "spurious 'permission'");
|
|
tok = in.nextToken();
|
|
if (tok != StreamTokenizer.TT_WORD)
|
|
error(url, in, "expecting permission class name");
|
|
String className = in.sval;
|
|
Class clazz = null;
|
|
try
|
|
{
|
|
clazz = Class.forName(className);
|
|
}
|
|
catch (ClassNotFoundException cnfe)
|
|
{
|
|
}
|
|
tok = in.nextToken();
|
|
if (tok == ';')
|
|
{
|
|
if (clazz == null)
|
|
{
|
|
currentPerms.add(new UnresolvedPermission(className,
|
|
null, null, (Certificate[]) currentCerts.toArray(new Certificate[0])));
|
|
continue;
|
|
}
|
|
try
|
|
{
|
|
currentPerms.add((Permission) clazz.newInstance());
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
continue;
|
|
}
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting permission target");
|
|
String target = expand(in.sval);
|
|
tok = in.nextToken();
|
|
if (tok == ';')
|
|
{
|
|
if (clazz == null)
|
|
{
|
|
currentPerms.add(new UnresolvedPermission(className,
|
|
target, null, (Certificate[]) currentCerts.toArray(new Certificate[0])));
|
|
continue;
|
|
}
|
|
try
|
|
{
|
|
Constructor c =
|
|
clazz.getConstructor(new Class[] { String.class });
|
|
currentPerms.add((Permission) c.newInstance(
|
|
new Object[] { target }));
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
continue;
|
|
}
|
|
if (tok != ',')
|
|
error(url, in, "expecting ','");
|
|
tok = in.nextToken();
|
|
if (tok == StreamTokenizer.TT_WORD)
|
|
{
|
|
if (!in.sval.equalsIgnoreCase("signedBy"))
|
|
error(url, in, "expecting 'signedBy'");
|
|
try
|
|
{
|
|
Constructor c =
|
|
clazz.getConstructor(new Class[] { String.class });
|
|
currentPerms.add((Permission) c.newInstance(
|
|
new Object[] { target }));
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
in.pushBack();
|
|
continue;
|
|
}
|
|
if (tok != '"' && tok != '\'')
|
|
error(url, in, "expecting permission action");
|
|
String action = in.sval;
|
|
if (clazz == null)
|
|
{
|
|
currentPerms.add(new UnresolvedPermission(className,
|
|
target, action, (Certificate[]) currentCerts.toArray(new Certificate[0])));
|
|
continue;
|
|
}
|
|
else
|
|
{
|
|
try
|
|
{
|
|
Constructor c = clazz.getConstructor(
|
|
new Class[] { String.class, String.class });
|
|
currentPerms.add((Permission) c.newInstance(
|
|
new Object[] { target, action }));
|
|
}
|
|
catch (Exception x)
|
|
{
|
|
error(url, in, x.toString());
|
|
}
|
|
}
|
|
tok = in.nextToken();
|
|
if (tok != ';' && tok != ',')
|
|
error(url, in, "expecting ';' or ','");
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Expand all instances of <code>"${property-name}"</code> into
|
|
* <code>System.getProperty("property-name")</code>.
|
|
*/
|
|
private static String expand(final String s)
|
|
{
|
|
final StringBuffer result = new StringBuffer();
|
|
final StringBuffer prop = new StringBuffer();
|
|
int state = 0;
|
|
for (int i = 0; i < s.length(); i++)
|
|
{
|
|
switch (state)
|
|
{
|
|
case 0:
|
|
if (s.charAt(i) == '$')
|
|
state = 1;
|
|
else
|
|
result.append(s.charAt(i));
|
|
break;
|
|
case 1:
|
|
if (s.charAt(i) == '{')
|
|
state = 2;
|
|
else
|
|
{
|
|
state = 0;
|
|
result.append('$').append(s.charAt(i));
|
|
}
|
|
break;
|
|
case 2:
|
|
if (s.charAt(i) == '}')
|
|
{
|
|
String p = prop.toString();
|
|
if (p.equals("/"))
|
|
p = "file.separator";
|
|
p = System.getProperty(p);
|
|
if (p == null)
|
|
p = "";
|
|
result.append(p);
|
|
prop.setLength(0);
|
|
state = 0;
|
|
}
|
|
else
|
|
prop.append(s.charAt(i));
|
|
break;
|
|
}
|
|
}
|
|
if (state != 0)
|
|
result.append('$').append('{').append(prop);
|
|
return result.toString();
|
|
}
|
|
|
|
/**
|
|
* I miss macros.
|
|
*/
|
|
private static void error(URL base, StreamTokenizer in, String msg)
|
|
throws IOException
|
|
{
|
|
throw new IOException(base+":"+in.lineno()+": "+msg);
|
|
}
|
|
}
|