From f4ac27e177f6deb444280d3b375e7d343e38bd08 Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Tue, 13 Mar 2012 19:56:54 +0100 Subject: SecurityUtil: Generalize cert validation and AccessControlContext query; PropertyAccess: Fix security code, grant access to common 'trusted' properties - SecurityUtil - Generalize cert validation for JAR and property access - Grant access to common AccessControlContext for 'same' cert - PropertyAccess: - Fix security code: Passing the current AccessControlContext from the caller didn't include priviledges. - Grant access to common 'trusted' properties, which removes the need of passing the AccessControlContext for general properties like 'jnlp.', 'jogamp.' .. - Enable registering 'trusted' properties, when caller's cert is 'same' --- src/java/jogamp/common/Debug.java | 32 +++---- src/java/jogamp/common/PropertyAccess.java | 147 ----------------------------- 2 files changed, 14 insertions(+), 165 deletions(-) delete mode 100644 src/java/jogamp/common/PropertyAccess.java (limited to 'src/java/jogamp/common') diff --git a/src/java/jogamp/common/Debug.java b/src/java/jogamp/common/Debug.java index b8ed098..f75b37b 100644 --- a/src/java/jogamp/common/Debug.java +++ b/src/java/jogamp/common/Debug.java @@ -39,38 +39,34 @@ package jogamp.common; -import java.security.*; +import com.jogamp.common.util.PropertyAccess; /** Helper routines for logging and debugging. */ public class Debug extends PropertyAccess { // Some common properties - private static boolean verbose; - private static boolean debugAll; - private static AccessControlContext localACC; + private static final boolean verbose; + private static final boolean debugAll; static { - localACC=AccessController.getContext(); + PropertyAccess.addTrustedPrefix("jogamp.", Debug.class); + verbose = isPropertyDefined("jogamp.verbose", true); debugAll = isPropertyDefined("jogamp.debug", true); } - static int getIntProperty(final String property, final boolean jnlpAlias) { - return getIntProperty(property, jnlpAlias, localACC, 0); - } - - static boolean getBooleanProperty(final String property, final boolean jnlpAlias) { - return getBooleanProperty(property, jnlpAlias, localACC); + public static final boolean getBooleanProperty(final String property, final boolean jnlpAlias) { + return PropertyAccess.getBooleanProperty(property, jnlpAlias, null); } - - static boolean isPropertyDefined(final String property, final boolean jnlpAlias) { - return isPropertyDefined(property, jnlpAlias, localACC); + + public static final boolean getBooleanProperty(final String property, final boolean jnlpAlias, boolean defaultValue) { + return PropertyAccess.getBooleanProperty(property, jnlpAlias, null, defaultValue); } - - static String getProperty(final String property, final boolean jnlpAlias) { - return getProperty(property, jnlpAlias, localACC); + + public static final long getLongProperty(final String property, final boolean jnlpAlias, long defaultValue) { + return PropertyAccess.getLongProperty(property, jnlpAlias, null, defaultValue); } - + public static boolean verbose() { return verbose; } diff --git a/src/java/jogamp/common/PropertyAccess.java b/src/java/jogamp/common/PropertyAccess.java deleted file mode 100644 index 88d6dec..0000000 --- a/src/java/jogamp/common/PropertyAccess.java +++ /dev/null @@ -1,147 +0,0 @@ -/** - * Copyright 2012 JogAmp Community. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without modification, are - * permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this list of - * conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, this list - * of conditions and the following disclaimer in the documentation and/or other materials - * provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY JogAmp Community ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JogAmp Community OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * The views and conclusions contained in the software and documentation are those of the - * authors and should not be interpreted as representing official policies, either expressed - * or implied, of JogAmp Community. - */ - -package jogamp.common; - -import java.security.*; - -/** Helper routines for accessing properties. */ -public class PropertyAccess { - public static final String jnlp_prefix = "jnlp." ; - - /** @see #getProperty(String, boolean, AccessControlContext) */ - public static final int getIntProperty(final String property, final boolean jnlpAlias, final AccessControlContext acc, int defaultValue) { - int i=defaultValue; - try { - final String sv = PropertyAccess.getProperty(property, jnlpAlias, acc); - if(null!=sv) { - i = Integer.valueOf(sv).intValue(); - } - } catch (NumberFormatException nfe) {} - return i; - } - - /** @see #getProperty(String, boolean, AccessControlContext) */ - public static final long getLongProperty(final String property, final boolean jnlpAlias, final AccessControlContext acc, long defaultValue) { - long l=defaultValue; - try { - final String sv = PropertyAccess.getProperty(property, jnlpAlias, acc); - if(null!=sv) { - l = Long.valueOf(sv).longValue(); - } - } catch (NumberFormatException nfe) {} - return l; - } - - /** @see #getProperty(String, boolean, AccessControlContext) */ - public static final boolean getBooleanProperty(final String property, final boolean jnlpAlias, final AccessControlContext acc) { - return Boolean.valueOf(PropertyAccess.getProperty(property, jnlpAlias, acc)).booleanValue(); - } - - /** @see #getProperty(String, boolean, AccessControlContext) */ - public static final boolean getBooleanProperty(final String property, final boolean jnlpAlias, final AccessControlContext acc, boolean defaultValue) { - final String valueS = PropertyAccess.getProperty(property, jnlpAlias, acc); - if(null != valueS) { - return Boolean.valueOf(valueS).booleanValue(); - } - return defaultValue; - } - - /** @see #getProperty(String, boolean, AccessControlContext) */ - public static final boolean isPropertyDefined(final String property, final boolean jnlpAlias, final AccessControlContext acc) { - return (PropertyAccess.getProperty(property, jnlpAlias, acc) != null) ? true : false; - } - - /** - * Query the property with the name propertyKey. - *

- * If jnlpAlias is true and the plain propertyKey - * could not be resolved, an attempt to resolve the JNLP aliased trusted property is made.
- * Example: For the propertyName OneTwo, the jnlp alias name is jnlp.OneTwo, which is considered trusted.
- *

- * - * @param propertyKey the property name to query. - * @param jnlpAlias true if a fallback attempt to query the JNLP aliased trusted property shall be made, - * otherwise false. - * @param acc the AccessControlerContext to be used for privileged access to the system property, or null. - * - * @return the property value if exists, or null - * - * @throws NullPointerException if the property name is null - * @throws IllegalArgumentException if the property name is of length 0 - * @throws SecurityException if no access to the JNLP aliased trusted property is allowed. - * This is actually a bug in the JRE implementation, since the JNLP aliased trusted properties - * shall be allowed without extended priviledges. - * - * @see System#getProperty(String) - */ - public static final String getProperty(final String propertyKey, final boolean jnlpAlias, final AccessControlContext acc) - throws SecurityException, NullPointerException, IllegalArgumentException { - if(null == propertyKey) { - throw new NullPointerException("propertyKey is NULL"); - } - if(0 == propertyKey.length()) { - throw new IllegalArgumentException("propertyKey is empty"); - } - String s=null; - if( null!=acc ) { - s = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - String val=null; - try { - val = System.getProperty(propertyKey); - } catch (SecurityException se) {} - return val; - } - }, acc); - } else { - try { - s = System.getProperty(propertyKey); - } catch (SecurityException se) {} - } - if(null==s && jnlpAlias && !propertyKey.startsWith(jnlp_prefix)) { - // Properties within the namespace "jnlp." or "javaws." should be considered trusted, - // i.e. always granted w/o special priviledges. - // FIXME: Nevertheless we use this class AccessControlContext to ensure access - // on all supported implementations. - s = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - final String propertyKeyAliased = jnlp_prefix + propertyKey; - String val = null; - try { - val = System.getProperty(propertyKeyAliased); - } catch (SecurityException se) { - throw new SecurityException("Could not access trusted property 'propertyKeyAliased'", se); - } - return val; - } - }); - } - return s; - } -} -- cgit v1.2.3