[kaffe] CVS kaffe (robilad): Replaced CodeSource by implementation from GNU Classpath

Kaffe CVS cvs-commits at kaffe.org
Sat Sep 25 15:10:24 PDT 2004


PatchSet 5219 
Date: 2004/09/25 22:06:38
Author: robilad
Branch: HEAD
Tag: (none) 
Log:
Replaced CodeSource by implementation from GNU Classpath

2004-09-25  Dalibor Topic  <robilad at kaffe.org>

        * libraries/javalib/java/security/CodeSource.java:
        Replaced by implementation from GNU Classpath.

Members: 
	ChangeLog:1.2774->1.2775 
	libraries/javalib/java/security/CodeSource.java:1.5->1.6 
	test/regression/TestScript.in:1.42->1.43 

Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.2774 kaffe/ChangeLog:1.2775
--- kaffe/ChangeLog:1.2774	Sat Sep 25 16:39:54 2004
+++ kaffe/ChangeLog	Sat Sep 25 22:06:38 2004
@@ -1,5 +1,13 @@
 2004-09-25  Dalibor Topic  <robilad at kaffe.org>
 
+	* libraries/javalib/java/security/CodeSource.java:
+	Replaced by implementation from GNU Classpath.
+
+	* test/regression/TestScript.in:
+	Removed verifyremote option for test runs.
+
+2004-09-25  Dalibor Topic  <robilad at kaffe.org>
+
 	* libraries/clib/native/System.c:
 	Added gnu.classpath.vm.shortname.
 
Index: kaffe/libraries/javalib/java/security/CodeSource.java
diff -u kaffe/libraries/javalib/java/security/CodeSource.java:1.5 kaffe/libraries/javalib/java/security/CodeSource.java:1.6
--- kaffe/libraries/javalib/java/security/CodeSource.java:1.5	Fri Mar 12 18:24:37 2004
+++ kaffe/libraries/javalib/java/security/CodeSource.java	Sat Sep 25 22:06:40 2004
@@ -1,187 +1,354 @@
+/* CodeSource.java -- Code location and certifcates
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
 
-/*
- * Java core library component.
- *
- * Copyright (c) 1999
- *	Archie L. Cobbs.  All rights reserved.
- * Copyright (c) 1999
- *	Transvirtual Technologies, Inc.	 All rights reserved.
- *
- * See the file "license.terms" for information on usage and redistribution
- * of this file.
- *
- * Author: Archie L. Cobbs <archie at whistle.com>
- */
 
 package java.security;
 
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
 import java.io.Serializable;
-import java.net.SocketPermission;
 import java.net.URL;
+import java.net.SocketPermission;
+// Note that this overrides Certificate in this package.
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
 import java.util.Arrays;
 import java.util.HashSet;
-import java.util.Set;
-
-public class CodeSource implements Serializable {
+import java.util.Iterator;
 
-    private final URL location;
-    private final java.security.cert.Certificate [] certificates;
-
-    public CodeSource(final URL location, final java.security.cert.Certificate[] certificates) {
-	this.location = location;
-	if (certificates != null) {
-	    this.certificates = (java.security.cert.Certificate[]) certificates.clone();
-	} else {
-	    this.certificates = null;
-	}
-    }
-
-    public boolean equals(Object obj) {
-	if (this == obj) {
-	    return true;
-	}
-	else if (obj == null || getClass() != obj.getClass()) {
-	    return false;
-	}
-
-	CodeSource that = (CodeSource) obj;
-
-	if (location == null) {
-	    if (that.location != null) {
-		return false;
-	    }
-	} else if (!location.equals(that.location)) {
-	    return false;
-	}
-	if (certificates == null) {
-	    if (that.certificates != null) {
-		return false;
-	    }
-	} else {
-	    if (!getCertSet().equals(that.getCertSet())) {
-		return false;
-	    }
-	}
-	return true;
-    }
-
-    public final java.security.cert.Certificate[] getCertificates() {
-	if (certificates == null) {
-	    return null;
-	}
-	return (java.security.cert.Certificate[]) certificates.clone();
-    }
-
-    private Set getCertSet() {
-	return new HashSet(Arrays.asList(getCertificates()));
-    }
-
-    public final URL getLocation() {
-	return location;
-    }
-
-    public int hashCode() {
-	int sum = 0;
-	if (location != null) {
-	    sum += location.hashCode();
-	}
-	if (certificates != null) {
-	    for (int i = 0; i < certificates.length; i++) {
-		sum += certificates[i].hashCode();
-	    }
-	}
-	return sum;
-    }
-
-    public boolean implies(CodeSource other) {
-	/* Check 1 */
-	if (other == null) {
-	    return false;
-	}
-
-	/* Check 2 */
-	if (getCertificates() != null) {
-	    if (other.getCertificates() == null) {
-		return false;
-	    }
-
-	    if (!other.getCertSet().contains(getCertSet())) {
-		return false;
-	    }
-	}
-
-	/* Check 3 */
-	if (getLocation() != null) {
-
-	    /* Check 3.1 */
-	    if (other.getLocation() == null) {
-		return false;
-	    }
-
-	    /* Check 3.2 */
-	    if (getLocation().equals(other.getLocation())) {
-		return true;
-	    }
-
-	    /* Check 3.3 */
-	    if (!getLocation().getProtocol().equals(other.getLocation().getProtocol())) {
-		return false;
-	    }
-
-	    /* Check 3.4 */
-	    if	(getLocation().getHost() != null && ! getLocation().getHost().equals("")) {
-		if (! new SocketPermission(getLocation().getHost(), "")
-		    .implies(new SocketPermission(other.getLocation().getHost(), ""))) {
-		    return false;
-		}
-	    }
-
-	    /* Check 3.5 */
-	    if (getLocation().getPort() != -1) {
-		if (getLocation().getPort() != other.getLocation().getPort()) {
-		    return false;
-		}
-	    }
-
-	    /* Check 3.6 */
-	    if (! getLocation().getFile().equals(other.getLocation().getFile())) {
-		String this_file = getLocation().getFile();
-		String other_file = other.getLocation().getFile();
-
-		if (this_file.endsWith("/-")) {
-		    if (! other_file.startsWith(this_file.substring(0, this_file.length() - 1))) {
-			return false;
-		    }
-		}
-		else if (this_file.endsWith("/*")) {
-		    if (! (other_file.startsWith(this_file)
-			   && other_file.lastIndexOf('/') < this_file.length())) {
-			return false;
-		    }
-		}
-		else if (! this_file.endsWith("/")) {
-		    if (! other_file.equals(this_file + '/')) {
-			return false;
-		    }
-		}
-	    }
-
-	    /* Check 3.7 */
-	    if (getLocation().getRef() != null) {
-		if ( ! getLocation().getRef().equals(other.getLocation().getRef())) {
-		    return false;
-		}
-	    }
-	}
-
-
-	return true;
-    }
-
-    public String toString() {
-	return getClass().getName()
-	    + "[location=" + getLocation()
-	    + ",certificates=" + (certificates != null ? getCertSet().toString() : "none")
-	    + ']';
-    }
-}
+/**
+ * This class represents a location from which code is loaded (as
+ * represented by a URL), and the list of certificates that are used to
+ * check the signatures of signed code loaded from this source.
+ *
+ * @author Aaron M. Renn <arenn at urbanophile.com>
+ * @author Eric Blake <ebb9 at email.byu.edu>
+ * @since 1.1
+ * @status updated to 1.4
+ */
+public class CodeSource implements Serializable
+{
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 4977541819976013951L;
+
+  /**
+   * This is the URL that represents the code base from which code will
+   * be loaded.
+   *
+   * @serial the code location
+   */
+  private final URL location;
+
+  /** The set of certificates for this code base. */
+  private transient HashSet certs;
+
+  /**
+   * This creates a new instance of <code>CodeSource</code> that loads code
+   * from the specified URL location and which uses the specified certificates
+   * for verifying signatures.
+   *
+   * @param location the location from which code will be loaded
+   * @param certs the list of certificates
+   */
+  public CodeSource(URL location, Certificate[] certs)
+  {
+    this.location = location;
+    if (certs != null)
+      this.certs = new HashSet(Arrays.asList(certs));
+  }
+
+  /**
+   * This method returns a hash value for this object.
+   *
+   * @return a hash value for this object
+   */
+  public int hashCode()
+  {
+    return (location == null ? 0 : location.hashCode())
+      ^ (certs == null ? 0 : certs.hashCode());
+  }
+
+  /**
+   * This method tests the specified <code>Object</code> for equality with
+   * this object.  This will be true if and only if the locations are equal
+   * and the certificate sets are identical (ignoring order).
+   *
+   * @param obj the <code>Object</code> to test against
+   * @return true if the specified object is equal to this one
+   */
+  public boolean equals(Object obj)
+  {
+    if (! (obj instanceof CodeSource))
+      return false;
+    CodeSource cs = (CodeSource) obj;
+    return (certs == null ? cs.certs == null : certs.equals(cs.certs))
+      && (location == null ? cs.location == null
+          : location.equals(cs.location));
+  }
+
+  /**
+   * This method returns the URL specifying the location from which code
+   * will be loaded under this <code>CodeSource</code>.
+   *
+   * @return the code location for this <code>CodeSource</code>
+   */
+  public final URL getLocation()
+  {
+    return location;
+  }
+
+  /**
+   * This method returns the list of digital certificates that can be used
+   * to verify the signatures of code loaded under this
+   * <code>CodeSource</code>.
+   *
+   * @return the certifcate list for this <code>CodeSource</code>
+   */
+  public final Certificate[] getCertificates()
+  {
+    if (certs == null)
+      return null;
+    Certificate[] c = new Certificate[certs.size()];
+    certs.toArray(c);
+    return c;
+  }
+
+  /**
+   * This method tests to see if a specified <code>CodeSource</code> is
+   * implied by this object.  Effectively, to meet this test, the specified
+   * object must have all the certifcates this object has (but may have more),
+   * and must have a location that is a subset of this object's.  In order
+   * for this object to imply the specified object, the following must be
+   * true:
+   *
+   * <ol>
+   * <li><em>codesource</em> must not be <code>null</code>.</li>
+   * <li>If <em>codesource</em> has a certificate list, all of it's
+   *     certificates must be present in the certificate list of this
+   *     code source.</li>
+   * <li>If this object does not have a <code>null</code> location, then
+   *     the following addtional tests must be passed.
+   *
+   *     <ol>
+   *     <li><em>codesource</em> must not have a <code>null</code>
+   *         location.</li>
+   *     <li><em>codesource</em>'s location must be equal to this object's
+   *         location, or
+   *         <ul>
+   *         <li><em>codesource</em>'s location protocol, port, and ref (aka,
+   *             anchor) must equal this objects</li>
+   *         <li><em>codesource</em>'s location host must imply this object's
+   *             location host, as determined by contructing
+   *             <code>SocketPermission</code> objects from each with no
+   *             action list and using that classes's <code>implies</code>
+   *             method</li>
+   *         <li>If this object's location file ends with a '/', then the
+   *             specified object's location file must start with this
+   *             object's location file. Otherwise, the specified object's
+   *             location file must start with this object's location file
+   *             with the '/' character appended to it.</li>
+   *         </ul></li>
+   *     </ol></li>
+   * </ol>
+   *
+   * <p>For example, each of these locations imply the location
+   * "http://java.sun.com/classes/foo.jar":</p>
+   * 
+   * <pre>
+   * http:
+   * http://*.sun.com/classes/*
+   * http://java.sun.com/classes/-
+   * http://java.sun.com/classes/foo.jar
+   * </pre>
+   * 
+   * <p>Note that the code source with null location and null certificates implies
+   * all other code sources.</p>
+   *
+   * @param cs the <code>CodeSource</code> to test against this object
+   * @return true if this specified <code>CodeSource</code> is implied
+   */
+  public boolean implies(CodeSource cs)
+  {
+    if (cs == null)
+      return false;
+    // First check the certificate list.
+    if (certs != null && (cs.certs == null || ! certs.containsAll(cs.certs)))
+      return false;
+    // Next check the location.
+    if (location == null)
+      return true;
+    if (cs.location == null
+        || ! location.getProtocol().equals(cs.location.getProtocol())
+        || (location.getPort() != -1
+            && location.getPort() != cs.location.getPort())
+        || (location.getRef() != null
+            && ! location.getRef().equals(cs.location.getRef())))
+      return false;
+    if (location.getHost() != null)
+      {
+        String their_host = cs.location.getHost();
+        if (their_host == null)
+          return false;
+        SocketPermission our_sockperm =
+          new SocketPermission(location.getHost(), "accept");
+        SocketPermission their_sockperm =
+          new SocketPermission(their_host, "accept");
+        if (! our_sockperm.implies(their_sockperm))
+          return false;
+      }
+    String our_file = location.getFile();
+    if (our_file != null)
+      {
+        if (! our_file.endsWith("/"))
+          our_file += "/";
+        String their_file = cs.location.getFile();
+        if (their_file == null
+            || ! their_file.startsWith(our_file))
+          return false;
+      }
+    return true;
+  }
+
+  /**
+   * This method returns a <code>String</code> that represents this object.
+   * The result is in the format <code>"(" + getLocation()</code> followed
+   * by a space separated list of certificates (or "&lt;no certificates&gt;"),
+   * followed by <code>")"</code>.
+   *
+   * @return a <code>String</code> for this object
+   */
+  public String toString()
+  {
+    StringBuffer sb = new StringBuffer("(").append(location);
+    if (certs == null || certs.isEmpty())
+      sb.append(" <no certificates>");
+    else
+      {
+        Iterator iter = certs.iterator();
+        for (int i = certs.size(); --i >= 0; )
+          sb.append(' ').append(iter.next());
+      }
+    return sb.append(")").toString();
+  }
+
+  /**
+   * Reads this object from a serialization stream.
+   *
+   * @param s the input stream
+   * @throws IOException if reading fails
+   * @throws ClassNotFoundException if deserialization fails
+   * @serialData this reads the location, then expects an int indicating the
+   *             number of certificates. Each certificate is a String type
+   *             followed by an int encoding length, then a byte[] encoding
+   */
+  private void readObject(ObjectInputStream s)
+    throws IOException, ClassNotFoundException
+  {
+    s.defaultReadObject();
+    int count = s.readInt();
+    certs = new HashSet();
+    while (--count >= 0)
+      {
+        String type = (String) s.readObject();
+        int bytes = s.readInt();
+        byte[] encoded = new byte[bytes];
+        for (int i = 0; i < bytes; i++)
+          encoded[i] = s.readByte();
+        ByteArrayInputStream stream = new ByteArrayInputStream(encoded);
+        try
+          {
+            CertificateFactory factory = CertificateFactory.getInstance(type);
+            certs.add(factory.generateCertificate(stream));
+          }
+        catch (CertificateException e)
+          {
+            // XXX Should we ignore this certificate?
+          }
+      }
+  }
+
+  /**
+   * Writes this object to a serialization stream.
+   *
+   * @param s the output stream
+   * @throws IOException if writing fails
+   * @serialData this writes the location, then writes an int indicating the
+   *             number of certificates. Each certificate is a String type
+   *             followed by an int encoding length, then a byte[] encoding
+   */
+  private void writeObject(ObjectOutputStream s) throws IOException
+  {
+    s.defaultWriteObject();
+    if (certs == null)
+      s.writeInt(0);
+    else
+      {
+        int count = certs.size();
+        s.writeInt(count);
+        Iterator iter = certs.iterator();
+        while (--count >= 0)
+          {
+            Certificate c = (Certificate) iter.next();
+            s.writeObject(c.getType());
+            byte[] encoded;
+            try
+              {
+                encoded = c.getEncoded();
+              }
+            catch (CertificateEncodingException e)
+              {
+                // XXX Should we ignore this certificate?
+                encoded = null;
+              }
+            if (encoded == null)
+              s.writeInt(0);
+            else
+              {
+                s.writeInt(encoded.length);
+                for (int i = 0; i < encoded.length; i++)
+                  s.writeByte(encoded[i]);
+              }
+          }
+      }
+  }
+} // class CodeSource
Index: kaffe/test/regression/TestScript.in
diff -u kaffe/test/regression/TestScript.in:1.42 kaffe/test/regression/TestScript.in:1.43
--- kaffe/test/regression/TestScript.in:1.42	Sun Apr 11 11:42:06 2004
+++ kaffe/test/regression/TestScript.in	Sat Sep 25 22:06:40 2004
@@ -69,7 +69,7 @@
 	RESULT="$1.fail"
 	TMPRESULT="$1.tmp"
 	$VERBOSE $JAVA $*
-	env CLASSPATH=${CLASSPATH}${PATHSEP}run_time $JAVA -verifyremote $* <&0 >$TMPRESULT 2>&1 &
+	env CLASSPATH=${CLASSPATH}${PATHSEP}run_time $JAVA $* <&0 >$TMPRESULT 2>&1 &
 	error=$?
 	pid=$!
 	$VERBOSE "Background pid: $pid"




More information about the kaffe mailing list