diff options
Diffstat (limited to 'netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java')
| -rw-r--r-- | netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 167 |
1 files changed, 88 insertions, 79 deletions
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java index f279474..38cff29 100644 --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java @@ -84,8 +84,6 @@ import net.sourceforge.jnlp.security.AppVerifier; import net.sourceforge.jnlp.security.JNLPAppVerifier; import net.sourceforge.jnlp.security.PluginAppVerifier; import net.sourceforge.jnlp.security.SecurityDialogs; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; import net.sourceforge.jnlp.tools.JarCertVerifier; import net.sourceforge.jnlp.util.JarFile; @@ -123,19 +121,19 @@ public class JNLPClassLoader extends URLClassLoader { /** True if the application has a signed JNLP File */ private boolean isSignedJNLP = false; - + /** map from JNLPFile unique key to shared classloader */ private static Map<String, JNLPClassLoader> uniqueKeyToLoader = new ConcurrentHashMap<String, JNLPClassLoader>(); - /** map from JNLPFile unique key to lock, the lock is needed to enforce correct + /** map from JNLPFile unique key to lock, the lock is needed to enforce correct * initialization of applets that share a unique key*/ private static Map<String, ReentrantLock> uniqueKeyToLock = new HashMap<String, ReentrantLock>(); /** Provides a search path & temporary storage for native code */ - private NativeLibraryStorage nativeLibraryStorage; + private final NativeLibraryStorage nativeLibraryStorage; /** security context */ - private AccessControlContext acc = AccessController.getContext(); + private final AccessControlContext acc = AccessController.getContext(); /** the permissions for the cached jar files */ private List<Permission> resourcePermissions; @@ -147,31 +145,31 @@ public class JNLPClassLoader extends URLClassLoader { private JNLPClassLoader loaders[] = null; // ..[0]==this /** whether to strictly adhere to the spec or not */ - private boolean strict = true; + private final boolean strict = true; /** loads the resources */ - private ResourceTracker tracker = new ResourceTracker(true); // prefetch + private final ResourceTracker tracker = new ResourceTracker(true); // prefetch /** the update policy for resources */ - private UpdatePolicy updatePolicy; + private final UpdatePolicy updatePolicy; /** the JNLP file */ - private JNLPFile file; + private final JNLPFile file; /** the resources section */ - private ResourcesDesc resources; + private final ResourcesDesc resources; /** the security section */ private SecurityDesc security; /** Permissions granted by the user during runtime. */ - private ArrayList<Permission> runtimePermissions = new ArrayList<Permission>(); + private final ArrayList<Permission> runtimePermissions = new ArrayList<Permission>(); /** all jars not yet part of classloader or active * Synchronized since this field may become shared data between multiple classloading threads. * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String). */ - private List<JARDesc> available = Collections.synchronizedList(new ArrayList<JARDesc>()); + private final List<JARDesc> available = Collections.synchronizedList(new ArrayList<JARDesc>()); /** the jar cert verifier tool to verify our jars */ private final JarCertVerifier jcv; @@ -182,40 +180,40 @@ public class JNLPClassLoader extends URLClassLoader { * Synchronized since this field may become shared data between multiple classloading threads/ * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String). */ - private List<JarIndex> jarIndexes = Collections.synchronizedList(new ArrayList<JarIndex>()); + private final List<JarIndex> jarIndexes = Collections.synchronizedList(new ArrayList<JarIndex>()); /** Set of classpath strings declared in the manifest.mf files * Synchronized since this field may become shared data between multiple classloading threads. * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String). */ - private Set<String> classpaths = Collections.synchronizedSet(new HashSet<String>()); + private final Set<String> classpaths = Collections.synchronizedSet(new HashSet<String>()); /** File entries in the jar files available to this classloader * Synchronized sinc this field may become shared data between multiple classloading threads. * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String). */ - private Set<String> jarEntries = Collections.synchronizedSet(new TreeSet<String>()); + private final Set<String> jarEntries = Collections.synchronizedSet(new TreeSet<String>()); /** Map of specific original (remote) CodeSource Urls to securitydesc * Synchronized since this field may become shared data between multiple classloading threads. * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String). */ - private Map<URL, SecurityDesc> jarLocationSecurityMap = + private final Map<URL, SecurityDesc> jarLocationSecurityMap = Collections.synchronizedMap(new HashMap<URL, SecurityDesc>()); /*Set to prevent once tried-to-get resources to be tried again*/ - private Set<URL> alreadyTried = Collections.synchronizedSet(new HashSet<URL>()); - + private final Set<URL> alreadyTried = Collections.synchronizedSet(new HashSet<URL>()); + /** Loader for codebase (which is a path, rather than a file) */ private CodeBaseClassLoader codeBaseLoader; - + /** True if the jar with the main class has been found * */ private boolean foundMainJar= false; /** Name of the application's main class */ private String mainClass = null; - + /** * Variable to track how many times this loader is in use */ @@ -252,7 +250,7 @@ public class JNLPClassLoader extends URLClassLoader { //as it is harmless, we can set is as soon as possible. file.getManifestsAttributes().setLoader(this); - + AppVerifier verifier; if (file instanceof PluginBridge && !((PluginBridge)file).useJNLPHref()) { @@ -267,15 +265,15 @@ public class JNLPClassLoader extends URLClassLoader { initializeExtensions(); initializeResources(); - + // initialize permissions initializePermissions(); setSecurity(); - + installShutdownHooks(); - + } @@ -357,7 +355,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Gets the lock for a given unique key, creating one if it does not yet exist. * This operation is atomic & thread-safe. - * + * * @param file the file whose unique key should be used * @return the lock */ @@ -375,9 +373,9 @@ public class JNLPClassLoader extends URLClassLoader { } /** - * Creates a fully initialized JNLP classloader for the specified JNLPFile, + * Creates a fully initialized JNLP classloader for the specified JNLPFile, * to be used as an applet/application's classloader. - * In contrast, JNLP classloaders can also be constructed simply to merge + * In contrast, JNLP classloaders can also be constructed simply to merge * its resources into another classloader. * * @param file the file to load classes for @@ -389,8 +387,8 @@ public class JNLPClassLoader extends URLClassLoader { JNLPClassLoader baseLoader = uniqueKeyToLoader.get(uniqueKey); JNLPClassLoader loader = new JNLPClassLoader(file, policy, mainName); - // If security level is 'high' or greater, we must check if the user allows unsigned applets - // when the JNLPClassLoader is created. We do so here, because doing so in the constructor + // If security level is 'high' or greater, we must check if the user allows unsigned applets + // when the JNLPClassLoader is created. We do so here, because doing so in the constructor // causes unwanted side-effects for some applets if (!loader.getSigning() && file instanceof PluginBridge) { UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file); @@ -443,10 +441,10 @@ public class JNLPClassLoader extends URLClassLoader { synchronized ( getUniqueKeyLock(uniqueKey) ) { baseLoader = uniqueKeyToLoader.get(uniqueKey); - // A null baseloader implies that no loader has been created + // A null baseloader implies that no loader has been created // for this codebase/jnlp yet. Create one. if (baseLoader == null || - (file.isApplication() && + (file.isApplication() && !baseLoader.getJNLPFile().getFileLocation().equals(file.getFileLocation()))) { loader = createInstance(file, policy, mainName); @@ -790,21 +788,21 @@ public class JNLPClassLoader extends URLClassLoader { activateJars(initialJars); } - + /*** - * Checks for the jar that contains the attribute. - * + * Checks for the jar that contains the attribute. + * * @param jars Jars that are checked to see if they contain the main class * @param name attribute to be found */ public String checkForAttributeInJars(List<JARDesc> jars, Attributes.Name name) { - + if (jars.isEmpty()) { return null; } String result = null; - + // Check main jar JARDesc mainJarDesc = ResourcesDesc.getMainJAR(jars); result = getManifestAttribute(mainJarDesc.getLocation(), name); @@ -812,11 +810,11 @@ public class JNLPClassLoader extends URLClassLoader { if (result != null) { return result; } - + // Check first jar JARDesc firstJarDesc = jars.get(0); result = getManifestAttribute(firstJarDesc.getLocation(),name); - + if (result != null) { return result; } @@ -839,7 +837,7 @@ public class JNLPClassLoader extends URLClassLoader { * Checks for the jar that contains the main class. If the main class was * found, it checks to see if the jar is signed and whether it contains a * signed JNLP file - * + * * @param jars Jars that are checked to see if they contain the main class * @throws LaunchException Thrown if the signed JNLP file, within the main jar, fails to be verified or does not match */ @@ -903,8 +901,8 @@ public class JNLPClassLoader extends URLClassLoader { String getMainClassName(URL location) { return getManifestAttribute(location, Attributes.Name.MAIN_CLASS); } - - + + /** * Gets the name of the main method if specified in the manifest * @@ -959,7 +957,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Is called by checkForMain() to check if the jar file is signed and if it * contains a signed JNLP file. - * + * * @param jarDesc JARDesc of jar * @param jarFile the jar file * @throws LaunchException thrown if the signed JNLP file, within the main jar, fails to be verified or does not match @@ -1011,11 +1009,11 @@ public class JNLPClassLoader extends URLClassLoader { if (jeName.equals(APPLICATION)) { // If signed application was found OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "APPLICATION.JNLP has been located within signed JAR. Starting verfication..."); - + matcher = new JNLPMatcher(inputReader, jnlpReader, false); } else { // Otherwise template was found OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "APPLICATION_TEMPLATE.JNLP has been located within signed JAR. Starting verfication..."); - + matcher = new JNLPMatcher(inputReader, jnlpReader, true); } @@ -1027,7 +1025,7 @@ public class JNLPClassLoader extends URLClassLoader { this.isSignedJNLP = true; OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Signed Application Verification Successful"); - break; + break; } } } @@ -1047,7 +1045,7 @@ public class JNLPClassLoader extends URLClassLoader { */ } catch (Exception e) { - + OutputController.getLogger().log(e); /* @@ -1056,7 +1054,7 @@ public class JNLPClassLoader extends URLClassLoader { * JarCertVerifier.add) it assumes the jar file is unsigned and * skip the check for a signed JNLP file */ - + } finally { //Close all streams @@ -1138,6 +1136,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Returns the permissions for the CodeSource. */ + @Override protected PermissionCollection getPermissions(CodeSource cs) { try { Permissions result = new Permissions(); @@ -1241,6 +1240,7 @@ public class JNLPClassLoader extends URLClassLoader { protected void activateJars(final List<JARDesc> jars) { PrivilegedAction<Void> activate = new PrivilegedAction<Void>() { + @Override @SuppressWarnings("deprecation") public Void run() { // transfer the Jars @@ -1388,6 +1388,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Return the absolute path to the native library. */ + @Override protected String findLibrary(String lib) { String syslib = System.mapLibraryName(lib); File libFile = nativeLibraryStorage.findLibrary(syslib); @@ -1454,8 +1455,8 @@ public class JNLPClassLoader extends URLClassLoader { if (result != null) return result; } - - // Result is still null. Return what the codebaseloader + + // Result is still null. Return what the codebaseloader // has (which returns null if it is not loaded there either) if (codeBaseLoader != null) return codeBaseLoader.findLoadedClassFromParent(name); @@ -1484,9 +1485,10 @@ public class JNLPClassLoader extends URLClassLoader { * process to hang. * More information in the mailing list archives: * http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-September/024536.html - * + * * Affected fields: available, classpaths, jarIndexes, jarEntries, jarLocationSecurityMap */ + @Override public Class<?> loadClass(String name) throws ClassNotFoundException { Class<?> result = findLoadedClassAll(name); @@ -1606,6 +1608,7 @@ public class JNLPClassLoader extends URLClassLoader { // Give read permissions to the cached jar file AccessController.doPrivileged(new PrivilegedAction<Void>() { + @Override public Void run() { Permission p = CacheUtil.getReadPermission(desc.getLocation(), desc.getVersion()); @@ -1620,7 +1623,7 @@ public class JNLPClassLoader extends URLClassLoader { final URL cachedUrl = tracker.getCacheURL(remoteURL); // blocks till download available.remove(desc); // Resource downloaded. Remove from available list. - + try { // Verify if needed @@ -1629,12 +1632,13 @@ public class JNLPClassLoader extends URLClassLoader { jars.add(desc); // Decide what level of security this jar should have - // The verification and security setting functions rely on + // The verification and security setting functions rely on // having AllPermissions as those actions normally happen - // during initialization. We therefore need to do those + // during initialization. We therefore need to do those // actions as privileged. AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() { + @Override public Void run() throws Exception { jcv.add(jars, tracker); @@ -1661,9 +1665,9 @@ public class JNLPClassLoader extends URLClassLoader { CachedJarFileCallback.getInstance().addMapping(remoteURL, cachedUrl); } catch (Exception e) { - // Do nothing. This code is called by loadClass which cannot - // throw additional exceptions. So instead, just ignore it. - // Exception => jar will not get added to classpath, which will + // Do nothing. This code is called by loadClass which cannot + // throw additional exceptions. So instead, just ignore it. + // Exception => jar will not get added to classpath, which will // result in CNFE from loadClass. OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); } @@ -1680,6 +1684,7 @@ public class JNLPClassLoader extends URLClassLoader { final String fName = name; return AccessController.doPrivileged( new PrivilegedExceptionAction<Class<?>>() { + @Override public Class<?> run() throws ClassNotFoundException { return JNLPClassLoader.super.findClass(fName); } @@ -1722,7 +1727,7 @@ public class JNLPClassLoader extends URLClassLoader { // add resources until found while (true) { JNLPClassLoader addedTo = null; - + try { addedTo = addNextResource(); } catch (LaunchException e) { @@ -1765,7 +1770,7 @@ public class JNLPClassLoader extends URLClassLoader { } catch (IOException e) { OutputController.getLogger().log(e); } - + // If result is still null, look in the codebase loader if (result == null && codeBaseLoader != null) result = codeBaseLoader.findResource(name); @@ -1811,6 +1816,7 @@ public class JNLPClassLoader extends URLClassLoader { try { e = AccessController.doPrivileged( new PrivilegedExceptionAction<Enumeration<URL>>() { + @Override public Enumeration<URL> run() throws IOException { return JNLPClassLoader.super.findResources(fName); } @@ -1825,6 +1831,7 @@ public class JNLPClassLoader extends URLClassLoader { try { resources.addAll(AccessController.doPrivileged( new PrivilegedExceptionAction<Collection<URL>>() { + @Override public Collection<URL> run() { List<URL> resources = new ArrayList<URL>(); while (fURLEnum != null && fURLEnum.hasMoreElements()) { @@ -1837,8 +1844,8 @@ public class JNLPClassLoader extends URLClassLoader { } } - // Add resources from codebase (only if nothing was found above, - // otherwise the server will get hammered) + // Add resources from codebase (only if nothing was found above, + // otherwise the server will get hammered) if (resources.isEmpty() && codeBaseLoader != null) { e = codeBaseLoader.findResources(name); while (e.hasMoreElements()) @@ -1983,7 +1990,7 @@ public class JNLPClassLoader extends URLClassLoader { // jars for (URL u : extLoader.getURLs()) addURL(u); - + // Codebase addToCodeBaseLoader(extLoader.file.getCodeBase()); @@ -2002,7 +2009,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Adds the given path to the path loader - * + * * @param URL the path to add * @throws IllegalArgumentException If the given url is not a path */ @@ -2016,7 +2023,7 @@ public class JNLPClassLoader extends URLClassLoader { throw new IllegalArgumentException("addToPathLoader only accepts path based URLs"); } - // If there is no loader yet, create one, else add it to the + // If there is no loader yet, create one, else add it to the // existing one (happens when called from merge()) if (codeBaseLoader == null) { codeBaseLoader = new CodeBaseClassLoader(new URL[] { u }, this); @@ -2062,10 +2069,10 @@ public class JNLPClassLoader extends URLClassLoader { } return result; } - + /** * Increments loader use count by 1 - * + * * @throws SecurityException if caller is not trusted */ private void incrementLoaderUseCount() { @@ -2178,9 +2185,9 @@ public class JNLPClassLoader extends URLClassLoader { /** * Decrements loader use count by 1 - * + * * If count reaches 0, loader is removed from list of available loaders - * + * * @throws SecurityException if caller is not trusted */ public void decrementLoaderUseCount() { @@ -2254,7 +2261,7 @@ public class JNLPClassLoader extends URLClassLoader { return new AccessControlContext(new ProtectionDomain[] { pd }); } - + public String getMainClass() { return mainClass; } @@ -2266,7 +2273,7 @@ public class JNLPClassLoader extends URLClassLoader { public static class CodeBaseClassLoader extends URLClassLoader { JNLPClassLoader parentJNLPClassLoader; - + /** * Classes that are not found, so that findClass can skip them next time */ @@ -2278,8 +2285,8 @@ public class JNLPClassLoader extends URLClassLoader { } @Override - public void addURL(URL url) { - super.addURL(url); + public void addURL(URL url) { + super.addURL(url); } Class<?> findClassNonRecursive(String name) throws ClassNotFoundException { @@ -2291,6 +2298,7 @@ public class JNLPClassLoader extends URLClassLoader { final String fName = name; return AccessController.doPrivileged( new PrivilegedExceptionAction<Class<?>>() { + @Override public Class<?> run() throws ClassNotFoundException { return CodeBaseClassLoader.super.findClass(fName); } @@ -2312,11 +2320,11 @@ public class JNLPClassLoader extends URLClassLoader { /** * Returns the output of super.findLoadedClass(). - * + * * The method is renamed because ClassLoader.findLoadedClass() is final - * + * * @param name The name of the class to find - * @return Output of ClassLoader.findLoadedClass() which is the class if found, null otherwise + * @return Output of ClassLoader.findLoadedClass() which is the class if found, null otherwise * @see java.lang.ClassLoader#findLoadedClass(String) */ public Class<?> findLoadedClassFromParent(String name) { @@ -2325,7 +2333,7 @@ public class JNLPClassLoader extends URLClassLoader { /** * Returns JNLPClassLoader that encompasses this loader - * + * * @return parent JNLPClassLoader */ public JNLPClassLoader getParentJNLPClassLoader() { @@ -2365,12 +2373,13 @@ public class JNLPClassLoader extends URLClassLoader { final String fName = name; url = AccessController.doPrivileged( new PrivilegedExceptionAction<URL>() { + @Override public URL run() { return CodeBaseClassLoader.super.findResource(fName); } }, parentJNLPClassLoader.getAccessControlContextForClassLoading()); } catch (PrivilegedActionException pae) { - } + } if (url == null) { notFoundResources.put(name, super.getURLs()); @@ -2382,6 +2391,6 @@ public class JNLPClassLoader extends URLClassLoader { return null; } } - - + + } |