Skip to content

Commit

Permalink
8344221: Remove calls to SecurityManager and and doPrivileged in java…
Browse files Browse the repository at this point in the history 
….net.IDN, java.net.URL, java.net.URLConnection, sun.net.util.URLUtil, and java.net.URLStreamHandlerProvider after JEP 486 integration
  • Loading branch information
@dfuch
dfuch committed Nov 15, 2024
1 parent 40a055e commit 235e778
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 123 deletions.
13 changes: 2 additions & 11 deletions src/java.base/share/classes/java/net/IDN.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand All @@ -26,8 +26,6 @@

import java.io.InputStream;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;

import jdk.internal.icu.impl.Punycode;
import jdk.internal.icu.text.StringPrep;
Expand Down Expand Up @@ -248,14 +246,7 @@ public static String toUnicode(String input) {
StringPrep stringPrep = null;
try {
final String IDN_PROFILE = "/sun/net/idn/uidna.spp";
@SuppressWarnings("removal")
InputStream stream = System.getSecurityManager() != null
? AccessController.doPrivileged(new PrivilegedAction<>() {
public InputStream run() {
return StringPrep.class.getResourceAsStream(IDN_PROFILE);
}})
: StringPrep.class.getResourceAsStream(IDN_PROFILE);

InputStream stream = StringPrep.class.getResourceAsStream(IDN_PROFILE);
stringPrep = new StringPrep(stream);
stream.close();
} catch (IOException e) {
Expand Down
66 changes: 9 additions & 57 deletions src/java.base/share/classes/java/net/URL.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,6 @@
import java.io.InputStream;
import java.net.spi.URLStreamHandlerProvider;
import java.nio.file.Path;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Hashtable;
import java.io.InvalidObjectException;
import java.io.ObjectStreamException;
Expand All @@ -48,8 +46,6 @@
import jdk.internal.misc.ThreadTracker;
import jdk.internal.misc.VM;
import sun.net.util.IPAddressUtil;
import sun.security.util.SecurityConstants;
import sun.security.action.GetPropertyAction;

/**
* Class {@code URL} represents a Uniform Resource
Expand Down Expand Up @@ -485,14 +481,6 @@ public URL(String protocol, String host, String file)
@Deprecated(since = "20")
public URL(String protocol, String host, int port, String file,
URLStreamHandler handler) throws MalformedURLException {
if (handler != null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// check for permission to specify a handler
checkSpecifyHandler(sm);
}
}

protocol = lowerCaseProtocol(protocol);
this.protocol = protocol;
Expand Down Expand Up @@ -684,13 +672,6 @@ public URL(URL context, String spec, URLStreamHandler handler)
boolean isRelative = false;

// Check for permission to specify a handler
if (handler != null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkSpecifyHandler(sm);
}
}

try {
limit = spec.length();
Expand Down Expand Up @@ -912,13 +893,6 @@ private boolean isValidProtocol(String protocol) {
return true;
}

/*
* Checks for permission to specify a stream handler.
*/
private void checkSpecifyHandler(@SuppressWarnings("removal") SecurityManager sm) {
sm.checkPermission(SecurityConstants.SPECIFY_HANDLER_PERMISSION);
}

/**
* Sets the specified 8 fields of the URL. This is not a public method so
* that only URLStreamHandlers can modify URL fields. URLs are otherwise
Expand Down Expand Up @@ -1271,16 +1245,6 @@ public URLConnection openConnection(Proxy proxy)

// Create a copy of Proxy as a security measure
Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (p.type() != Proxy.Type.DIRECT && sm != null) {
InetSocketAddress epoint = (InetSocketAddress) p.address();
if (epoint.isUnresolved())
sm.checkConnect(epoint.getHostName(), epoint.getPort());
else
sm.checkConnect(epoint.getAddress().getHostAddress(),
epoint.getPort());
}
return handler.openConnection(this, p);
}

Expand Down Expand Up @@ -1358,11 +1322,6 @@ public static void setURLStreamHandlerFactory(URLStreamHandlerFactory fac) {
if (factory != null) {
throw new Error("factory already defined");
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkSetFactory();
}
handlers.clear();

// safe publication of URLStreamHandlerFactory with volatile write
Expand Down Expand Up @@ -1398,8 +1357,7 @@ public URLStreamHandler createURLStreamHandler(String protocol) {
}

private static URLStreamHandler lookupViaProperty(String protocol) {
String packagePrefixList =
GetPropertyAction.privilegedGetProperty(protocolPathProp);
String packagePrefixList = System.getProperty(protocolPathProp);
if (packagePrefixList == null || packagePrefixList.isEmpty()) {
// not set
return null;
Expand Down Expand Up @@ -1488,26 +1446,20 @@ private static void endLookup(Object key) {
ThreadTrackHolder.TRACKER.end(key);
}

@SuppressWarnings("removal")
private static URLStreamHandler lookupViaProviders(final String protocol) {
Object key = tryBeginLookup();
if (key == null) {
throw new Error("Circular loading of URL stream handler providers detected");
}
try {
return AccessController.doPrivileged(
new PrivilegedAction<>() {
public URLStreamHandler run() {
Iterator<URLStreamHandlerProvider> itr = providers();
while (itr.hasNext()) {
URLStreamHandlerProvider f = itr.next();
URLStreamHandler h = f.createURLStreamHandler(protocol);
if (h != null)
return h;
}
return null;
}
});
Iterator<URLStreamHandlerProvider> itr = providers();
while (itr.hasNext()) {
URLStreamHandlerProvider f = itr.next();
URLStreamHandler h = f.createURLStreamHandler(protocol);
if (h != null)
return h;
}
return null;
} finally {
endLookup(key);
}
Expand Down
67 changes: 25 additions & 42 deletions src/java.base/share/classes/java/net/URLConnection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivilegedAction;
import java.util.Hashtable;
import java.util.concurrent.ConcurrentHashMap;
import java.util.Date;
Expand All @@ -42,10 +41,8 @@
import java.util.Map;
import java.util.List;
import java.security.Permission;
import java.security.AccessController;
import sun.security.util.SecurityConstants;
import sun.net.www.MessageHeader;
import sun.security.action.GetPropertyAction;

/**
* The abstract class {@code URLConnection} is the superclass
Expand Down Expand Up @@ -328,9 +325,6 @@ public String getContentTypeFor(String fileName) {
* @since 1.2
*/
public static void setFileNameMap(FileNameMap map) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) sm.checkSetFactory();
fileNameMap = map;
}

Expand Down Expand Up @@ -1285,11 +1279,6 @@ public static synchronized void setContentHandlerFactory(ContentHandlerFactory f
if (factory != null) {
throw new Error("factory already defined");
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkSetFactory();
}
factory = fac;
}

Expand Down Expand Up @@ -1401,35 +1390,30 @@ private ContentHandler lookupContentHandlerClassFor(String contentType) {

@SuppressWarnings("removal")
private ContentHandler lookupContentHandlerViaProvider(String contentType) {
return AccessController.doPrivileged(
new PrivilegedAction<>() {
@Override
public ContentHandler run() {
ClassLoader cl = ClassLoader.getSystemClassLoader();
ServiceLoader<ContentHandlerFactory> sl =
ServiceLoader.load(ContentHandlerFactory.class, cl);

Iterator<ContentHandlerFactory> iterator = sl.iterator();

ContentHandler handler = null;
while (iterator.hasNext()) {
ContentHandlerFactory f;
try {
f = iterator.next();
} catch (ServiceConfigurationError e) {
if (e.getCause() instanceof SecurityException) {
continue;
}
throw e;
}
handler = f.createContentHandler(contentType);
if (handler != null) {
break;
}
}
return handler;
}
});

ClassLoader cl = ClassLoader.getSystemClassLoader();
ServiceLoader<ContentHandlerFactory> sl =
ServiceLoader.load(ContentHandlerFactory.class, cl);

Iterator<ContentHandlerFactory> iterator = sl.iterator();

ContentHandler handler = null;
while (iterator.hasNext()) {
ContentHandlerFactory f;
try {
f = iterator.next();
} catch (ServiceConfigurationError e) {
if (e.getCause() instanceof SecurityException) {
continue;
}
throw e;
}
handler = f.createContentHandler(contentType);
if (handler != null) {
break;
}
}
return handler;
}

/**
Expand Down Expand Up @@ -1465,8 +1449,7 @@ private String typeToPackageName(String contentType) {
* is always the last one on the returned package list.
*/
private String getContentHandlerPkgPrefixes() {
String packagePrefixList =
GetPropertyAction.privilegedGetProperty(contentPathProp, "");
String packagePrefixList = System.getProperty(contentPathProp, "");

if (packagePrefixList != "") {
packagePrefixList += "|";
Expand Down
10 changes: 0 additions & 10 deletions src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,19 +49,9 @@
public abstract class URLStreamHandlerProvider
implements URLStreamHandlerFactory
{
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("setFactory"));
return null;
}
private URLStreamHandlerProvider(Void ignore) { }

/**
* Initializes a new URL stream handler provider.
*/
protected URLStreamHandlerProvider() {
this(checkPermission());
}
}
6 changes: 3 additions & 3 deletions src/java.base/share/classes/sun/net/util/URLUtil.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -38,12 +38,12 @@ public class URLUtil {
/**
* Returns a string form of the url suitable for use as a key in HashMap/Sets.
*
* The string form should be behave in the same manner as the URL when
* The string form should behave in the same manner as the URL when
* compared for equality in a HashMap/Set, except that no nameservice
* lookup is done on the hostname (only string comparison), and the fragment
* is not considered.
*
* @see java.net.URLStreamHandler.sameFile(java.net.URL)
* @see java.net.URL#sameFile(java.net.URL)
*/
public static String urlNoFragString(URL url) {
StringBuilder strForm = new StringBuilder();
Expand Down

0 comments on commit 235e778

Please sign in to comment.