gcc/libjava/java/security/CodeSource.java
Bryce McKinlay 28f7d9d05a decl.c (init_decl_processing): Add new class "protectionDomain" field.
gcc/java:

2001-04-25  Bryce McKinlay  <bryce@waitaki.otago.ac.nz>

	* decl.c (init_decl_processing): Add new class "protectionDomain"
	field.
	* class.c (make_class_data): Set initial value for "protectionDomain".

libjava:

2001-04-25  Bryce McKinlay  <bryce@albatross.co.nz>

	java.security merge and ClassLoader compliance fixes.

	* java/lang/Class.h (Class): Include ProtectionDomain.h.
	New protectionDomain field.
	(forName): Add initialize parameter. Fixes declaration to comply with
	JDK spec.
	* java/lang/natClass.cc (forName): Correct declaration of the three-arg
	variant. Honour	"initialize" flag.
	(getProtectionDomain0): New method.
	* java/lang/Class.java: Fix forName() declaration.
	(getPackage): New method based on Classpath implementation.
	(getProtectionDomain0): New native method decl.
	(getProtectionDomain): New method.
	* java/lang/ClassLoader.java (getParent): Now final.
	(definedPackages): New field.
	(getPackage): New.
	(defineClass): New variant with protectionDomain argument.
	(definePackage): New.
	(getPackages): New.
	(findSystemClass): Now final.
	(getSystemResourceAsStream): Remove redundant "final" modifier.
	(getSystemResource): Remove redundant "final" modifier.
	(getResources): Now final.
	(protectionDomainPermission): New static field.
	(unknownProtectionDomain): Ditto.
	(defaultProtectionDomain): Ditto.
	(getSystemClassLoader): Now non-native.
	* java/util/ResourceBundle.java (tryGetSomeBundle): Use the correct
	arguments for Class.forName().
	* java/lang/Package.java: New file.
	* gnu/gcj/runtime/VMClassLoader.java (getVMClassLoader): Removed.
	(instance): Static initialize singleton.
	(findClass): Override this, not findSystemClass.
	* java/lang/natClassLoader.cc (defineClass0): Set class's
	protectionDomain field as specified.
	(getSystemClassLoader): Removed.
	(findClass): Renamed from findSystemClass. Call the interpreter via
	URLClassLoader.findClass if loading class via dlopen fails.

	* java/security/*.java: java.security import/merge with Classpath.
	* java/security/acl/*.java: Likewise.
	* java/security/interfaces/*.java: Likewise.
	* java/security/spec/*.java: Likewise.
	* java/net/NetPermission.java: Likewise.
	* java/net/SocketPermission.java: Likewise.
	* gnu/java/security/provider/DefaultPolicy.java: Likewise.

	* Makefile.am: Add new classes.
	* Makefile.in: Rebuilt.
	* gcj/javaprims.h: CNI namespace rebuild.

From-SVN: r41543
2001-04-25 16:45:15 +01:00

317 lines
9.4 KiB
Java

/* CodeSource.java -- Code location and certifcates
Copyright (C) 1998 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.
As a special exception, if you link this library with other files to
produce an executable, this library does not by itself cause the
resulting executable to be covered by the GNU General Public License.
This exception does not however invalidate any other reasons why the
executable file might be covered by the GNU General Public License. */
package java.security;
import java.io.Serializable;
import java.net.URL;
import java.net.SocketPermission;
/**
* This class represents a location from which code is loaded (as
* represented by a URL) and the list of certificates that are used to
* check the signatures of signed code loaded from this source.
*
* @version 0.0
*
* @author Aaron M. Renn (arenn@urbanophile.com)
*/
public class CodeSource implements Serializable
{
private static final String linesep = System.getProperty("line.separator");
/**
* This is the URL that represents the code base from which code will
* be loaded.
*/
private URL location;
/**
* This is the list of certificates for this code base
*/
// What is the serialized form of this?
private java.security.cert.Certificate[] certs;
/**
* This method initializes a new instance of <code>CodeSource</code> that
* loads code from the specified URL location and which uses the
* specified certificates for verifying signatures.
*
* @param location The location from which code will be loaded
* @param certs The list of certificates used for verifying signatures on code from this source
*/
public CodeSource(URL location, java.security.cert.Certificate[] certs)
{
this.location = location;
this.certs = certs;
}
/**
* This method returns the URL specifying the location from which code
* will be loaded under this <code>CodeSource</code>.
*
* @return The code location for this <code>CodeSource</code>.
*/
public final URL getLocation()
{
return location;
}
/**
* This method returns the list of digital certificates that can be used
* to verify the signatures of code loaded under this <code>CodeSource</code>.
*
* @return The certifcate list for this <code>CodeSource</code>.
*/
public final java.security.cert.Certificate[] getCertificates()
{
return certs;
}
/**
* This method tests to see if a specified <code>CodeSource</code> is
* implied by this object. Effectively, to meet this test, the specified
* object must have all the certifcates this object has (but may have
* more) and must have a location that is a subset of this object's. In order
* for this object to imply the specified object, the following must be
* true:
* <p>
* <ol>
* <li>The specified <code>CodeSource</code> must not be <code>null</code>.
* <li>If the specified <code>CodeSource</code> has a certificate list,
* all of that object's certificates must be present in the certificate
* list of this object.
* <li>If this object does not have a <code>null</code> location, then
* the following addtional tests must be passed.
* <ol>
* <li>The specified <code>CodeSource</code> must not have a <code>null</code> location.
* <li>The specified <code>CodeSource</code>'s location must be equal to
* this object's location, or<br>
* <ul>
* <li>The specifiec <code>CodeSource</code>'s location protocol, port,
* and ref (aka, anchor) must equal this objects, and
* <li>The specified <code>CodeSource</code>'s location host must imply this
* object's location host, as determined by contructing
* <code>SocketPermission</code> objects from each with no action list and
* using that classes's <code>implies</code> method. And,
* <li>If this object's location file ends with a '/', then the specified
* object's location file must start with this object's location file.
* Otherwise, the specified object's location file must start with this
* object's location file with the '/' character appended to it.
* </ul>
* </ol>
* </ol>
*
* @param cs The <code>CodeSource</code> to test against this object
*
* @return <code>true</code> if this specified <code>CodeSource</code> is specified by this object, <code>false</code> otherwise.
*/
public boolean implies(CodeSource cs)
{
if (cs == null)
return false;
// First check the certificate list
java.security.cert.Certificate[] their_certs = cs.getCertificates();
java.security.cert.Certificate[] our_certs = getCertificates();
if (our_certs != null)
{
if (their_certs == null)
return false;
for (int i = 0; i < our_certs.length; i++)
{
int j;
for (j = 0; j < their_certs.length; j++)
if (our_certs[i].equals(their_certs[j]))
break;
if (j == their_certs.length)
return false;
}
}
// Next check the location
URL their_loc = getLocation();
URL our_loc = getLocation();
if (our_loc == null)
return true;
else if (their_loc == null)
return false;
if (!our_loc.getProtocol().equals(their_loc.getProtocol()))
return false;
if (our_loc.getPort() != -1)
if (our_loc.getPort() != their_loc.getPort())
return false;
if (our_loc.getRef() != null)
if (!our_loc.getRef().equals(their_loc.getRef()))
return false;
// See javadoc comments for what we are doing here.
if (our_loc.getHost() != null)
{
String their_host = their_loc.getHost();
if (their_host == null)
return false;
SocketPermission our_sockperm =
new SocketPermission(our_loc.getHost(), "accept");
SocketPermission their_sockperm =
new SocketPermission(their_host, "accept");
if (!our_sockperm.implies(their_sockperm))
return false;
}
String our_file = our_loc.getFile();
if (our_file != null)
{
if (!our_file.endsWith("/"))
our_file = our_file + "/";
String their_file = their_loc.getFile();
if (their_file == null)
return false;
if (!their_file.startsWith(our_file))
return false;
}
return true;
}
/**
* This method tests the specified <code>Object</code> for equality with
* this object. This will be true if and only if:
* <p>
* <ul>
* <li>The specified object is not <code>null</code>.
* <li>The specified object is an instance of <code>CodeSource</code>.
* <li>The specified object's location is the same as this object's.
* <li>The specified object's certificate list contains the exact same
* entries as the object's. Note that the order of the certificate lists
* is not significant.
* </ul>
*
* @param obj The <code>Object</code> to test against.
*
* @return <code>true</code> if the specified object is equal to this one, <code>false</code> otherwise.
*/
public boolean equals(Object obj)
{
if (obj == null)
return false;
if (!(obj instanceof CodeSource))
return false;
CodeSource cs = (CodeSource) obj;
// First check the certificate list
java.security.cert.Certificate[] their_certs = cs.getCertificates();
java.security.cert.Certificate[] our_certs = getCertificates();
if ((our_certs == null) && (their_certs != null))
return false;
else if ((our_certs != null) && (their_certs == null))
return false;
if (our_certs != null)
{
if (our_certs.length != their_certs.length)
return false;
for (int i = 0; i < our_certs.length; i++)
{
int j;
for (j = 0; j < their_certs.length; j++)
if (our_certs[i].equals(their_certs[j]))
break;
if (j == their_certs.length)
return false;
}
}
// Now the location
URL their_loc = cs.getLocation();
URL our_loc = getLocation();
if ((our_loc == null) && (their_loc != null))
return false;
if (!our_loc.equals(their_loc))
return false;
return true;
}
/**
* This method returns a hash value for this object.
*
* @return A hash value for this object.
*/
public int hashCode()
{
URL location = getLocation();
if (location == null)
return System.identityHashCode(this);
return location.hashCode();
}
/**
* This method returns a <code>String</code> that represents this object.
* This <code>String</code> will contain the object's hash code, location,
* and certificate list.
*
* @return A <code>String</code> for this object
*/
public String toString()
{
StringBuffer sb = new StringBuffer("");
sb.append(super.toString() + " (" + linesep);
sb.append("Location: " + getLocation() + linesep);
java.security.cert.Certificate[] certs = getCertificates();
if (certs == null)
sb.append("<none>" + linesep);
else
for (int i = 0; i < certs.length; i++)
sb.append(certs[i] + linesep);
sb.append(")" + linesep);
return sb.toString();
}
}