From 235e77840d8ad5696f733578b1ee85dcd1e5f69c Mon Sep 17 00:00:00 2001 From: Daniel Fuchs Date: Fri, 15 Nov 2024 16:47:31 +0000 Subject: [PATCH] 8344221: Remove calls to SecurityManager and and doPrivileged in java.net.IDN, java.net.URL, java.net.URLConnection, sun.net.util.URLUtil, and java.net.URLStreamHandlerProvider after JEP 486 integration --- src/java.base/share/classes/java/net/IDN.java | 13 +--- src/java.base/share/classes/java/net/URL.java | 66 +++--------------- .../share/classes/java/net/URLConnection.java | 67 +++++++------------ .../net/spi/URLStreamHandlerProvider.java | 10 --- .../share/classes/sun/net/util/URLUtil.java | 6 +- 5 files changed, 39 insertions(+), 123 deletions(-) diff --git a/src/java.base/share/classes/java/net/IDN.java b/src/java.base/share/classes/java/net/IDN.java index 5e01ab6532d2a..6f11643264f8c 100644 --- a/src/java.base/share/classes/java/net/IDN.java +++ b/src/java.base/share/classes/java/net/IDN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,6 @@ import java.io.InputStream; import java.io.IOException; -import java.security.AccessController; -import java.security.PrivilegedAction; import jdk.internal.icu.impl.Punycode; import jdk.internal.icu.text.StringPrep; @@ -248,14 +246,7 @@ public static String toUnicode(String input) { StringPrep stringPrep = null; try { final String IDN_PROFILE = "/sun/net/idn/uidna.spp"; - @SuppressWarnings("removal") - InputStream stream = System.getSecurityManager() != null - ? AccessController.doPrivileged(new PrivilegedAction<>() { - public InputStream run() { - return StringPrep.class.getResourceAsStream(IDN_PROFILE); - }}) - : StringPrep.class.getResourceAsStream(IDN_PROFILE); - + InputStream stream = StringPrep.class.getResourceAsStream(IDN_PROFILE); stringPrep = new StringPrep(stream); stream.close(); } catch (IOException e) { diff --git a/src/java.base/share/classes/java/net/URL.java b/src/java.base/share/classes/java/net/URL.java index 418651bc7c2bb..2405e74f6f216 100644 --- a/src/java.base/share/classes/java/net/URL.java +++ b/src/java.base/share/classes/java/net/URL.java @@ -30,8 +30,6 @@ import java.io.InputStream; import java.net.spi.URLStreamHandlerProvider; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Hashtable; import java.io.InvalidObjectException; import java.io.ObjectStreamException; @@ -48,8 +46,6 @@ import jdk.internal.misc.ThreadTracker; import jdk.internal.misc.VM; import sun.net.util.IPAddressUtil; -import sun.security.util.SecurityConstants; -import sun.security.action.GetPropertyAction; /** * Class {@code URL} represents a Uniform Resource @@ -485,14 +481,6 @@ public URL(String protocol, String host, String file) @Deprecated(since = "20") public URL(String protocol, String host, int port, String file, URLStreamHandler handler) throws MalformedURLException { - if (handler != null) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - // check for permission to specify a handler - checkSpecifyHandler(sm); - } - } protocol = lowerCaseProtocol(protocol); this.protocol = protocol; @@ -684,13 +672,6 @@ public URL(URL context, String spec, URLStreamHandler handler) boolean isRelative = false; // Check for permission to specify a handler - if (handler != null) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - checkSpecifyHandler(sm); - } - } try { limit = spec.length(); @@ -912,13 +893,6 @@ private boolean isValidProtocol(String protocol) { return true; } - /* - * Checks for permission to specify a stream handler. - */ - private void checkSpecifyHandler(@SuppressWarnings("removal") SecurityManager sm) { - sm.checkPermission(SecurityConstants.SPECIFY_HANDLER_PERMISSION); - } - /** * Sets the specified 8 fields of the URL. This is not a public method so * that only URLStreamHandlers can modify URL fields. URLs are otherwise @@ -1271,16 +1245,6 @@ public URLConnection openConnection(Proxy proxy) // Create a copy of Proxy as a security measure Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (p.type() != Proxy.Type.DIRECT && sm != null) { - InetSocketAddress epoint = (InetSocketAddress) p.address(); - if (epoint.isUnresolved()) - sm.checkConnect(epoint.getHostName(), epoint.getPort()); - else - sm.checkConnect(epoint.getAddress().getHostAddress(), - epoint.getPort()); - } return handler.openConnection(this, p); } @@ -1358,11 +1322,6 @@ public static void setURLStreamHandlerFactory(URLStreamHandlerFactory fac) { if (factory != null) { throw new Error("factory already defined"); } - @SuppressWarnings("removal") - SecurityManager security = System.getSecurityManager(); - if (security != null) { - security.checkSetFactory(); - } handlers.clear(); // safe publication of URLStreamHandlerFactory with volatile write @@ -1398,8 +1357,7 @@ public URLStreamHandler createURLStreamHandler(String protocol) { } private static URLStreamHandler lookupViaProperty(String protocol) { - String packagePrefixList = - GetPropertyAction.privilegedGetProperty(protocolPathProp); + String packagePrefixList = System.getProperty(protocolPathProp); if (packagePrefixList == null || packagePrefixList.isEmpty()) { // not set return null; @@ -1488,26 +1446,20 @@ private static void endLookup(Object key) { ThreadTrackHolder.TRACKER.end(key); } - @SuppressWarnings("removal") private static URLStreamHandler lookupViaProviders(final String protocol) { Object key = tryBeginLookup(); if (key == null) { throw new Error("Circular loading of URL stream handler providers detected"); } try { - return AccessController.doPrivileged( - new PrivilegedAction<>() { - public URLStreamHandler run() { - Iterator itr = providers(); - while (itr.hasNext()) { - URLStreamHandlerProvider f = itr.next(); - URLStreamHandler h = f.createURLStreamHandler(protocol); - if (h != null) - return h; - } - return null; - } - }); + Iterator itr = providers(); + while (itr.hasNext()) { + URLStreamHandlerProvider f = itr.next(); + URLStreamHandler h = f.createURLStreamHandler(protocol); + if (h != null) + return h; + } + return null; } finally { endLookup(key); } diff --git a/src/java.base/share/classes/java/net/URLConnection.java b/src/java.base/share/classes/java/net/URLConnection.java index 168e4df29dfb7..33033bb0073f4 100644 --- a/src/java.base/share/classes/java/net/URLConnection.java +++ b/src/java.base/share/classes/java/net/URLConnection.java @@ -28,7 +28,6 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.security.PrivilegedAction; import java.util.Hashtable; import java.util.concurrent.ConcurrentHashMap; import java.util.Date; @@ -42,10 +41,8 @@ import java.util.Map; import java.util.List; import java.security.Permission; -import java.security.AccessController; import sun.security.util.SecurityConstants; import sun.net.www.MessageHeader; -import sun.security.action.GetPropertyAction; /** * The abstract class {@code URLConnection} is the superclass @@ -328,9 +325,6 @@ public String getContentTypeFor(String fileName) { * @since 1.2 */ public static void setFileNameMap(FileNameMap map) { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) sm.checkSetFactory(); fileNameMap = map; } @@ -1285,11 +1279,6 @@ public static synchronized void setContentHandlerFactory(ContentHandlerFactory f if (factory != null) { throw new Error("factory already defined"); } - @SuppressWarnings("removal") - SecurityManager security = System.getSecurityManager(); - if (security != null) { - security.checkSetFactory(); - } factory = fac; } @@ -1401,35 +1390,30 @@ private ContentHandler lookupContentHandlerClassFor(String contentType) { @SuppressWarnings("removal") private ContentHandler lookupContentHandlerViaProvider(String contentType) { - return AccessController.doPrivileged( - new PrivilegedAction<>() { - @Override - public ContentHandler run() { - ClassLoader cl = ClassLoader.getSystemClassLoader(); - ServiceLoader sl = - ServiceLoader.load(ContentHandlerFactory.class, cl); - - Iterator iterator = sl.iterator(); - - ContentHandler handler = null; - while (iterator.hasNext()) { - ContentHandlerFactory f; - try { - f = iterator.next(); - } catch (ServiceConfigurationError e) { - if (e.getCause() instanceof SecurityException) { - continue; - } - throw e; - } - handler = f.createContentHandler(contentType); - if (handler != null) { - break; - } - } - return handler; - } - }); + + ClassLoader cl = ClassLoader.getSystemClassLoader(); + ServiceLoader sl = + ServiceLoader.load(ContentHandlerFactory.class, cl); + + Iterator iterator = sl.iterator(); + + ContentHandler handler = null; + while (iterator.hasNext()) { + ContentHandlerFactory f; + try { + f = iterator.next(); + } catch (ServiceConfigurationError e) { + if (e.getCause() instanceof SecurityException) { + continue; + } + throw e; + } + handler = f.createContentHandler(contentType); + if (handler != null) { + break; + } + } + return handler; } /** @@ -1465,8 +1449,7 @@ private String typeToPackageName(String contentType) { * is always the last one on the returned package list. */ private String getContentHandlerPkgPrefixes() { - String packagePrefixList = - GetPropertyAction.privilegedGetProperty(contentPathProp, ""); + String packagePrefixList = System.getProperty(contentPathProp, ""); if (packagePrefixList != "") { packagePrefixList += "|"; diff --git a/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java b/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java index 202f3e654faeb..05733f7287d82 100644 --- a/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java +++ b/src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java @@ -49,19 +49,9 @@ public abstract class URLStreamHandlerProvider implements URLStreamHandlerFactory { - private static Void checkPermission() { - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkPermission(new RuntimePermission("setFactory")); - return null; - } - private URLStreamHandlerProvider(Void ignore) { } - /** * Initializes a new URL stream handler provider. */ protected URLStreamHandlerProvider() { - this(checkPermission()); } } diff --git a/src/java.base/share/classes/sun/net/util/URLUtil.java b/src/java.base/share/classes/sun/net/util/URLUtil.java index 9eb04ce4151b5..055742baf2f22 100644 --- a/src/java.base/share/classes/sun/net/util/URLUtil.java +++ b/src/java.base/share/classes/sun/net/util/URLUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,12 +38,12 @@ public class URLUtil { /** * Returns a string form of the url suitable for use as a key in HashMap/Sets. * - * The string form should be behave in the same manner as the URL when + * The string form should behave in the same manner as the URL when * compared for equality in a HashMap/Set, except that no nameservice * lookup is done on the hostname (only string comparison), and the fragment * is not considered. * - * @see java.net.URLStreamHandler.sameFile(java.net.URL) + * @see java.net.URL#sameFile(java.net.URL) */ public static String urlNoFragString(URL url) { StringBuilder strForm = new StringBuilder();