| 1 |
771 |
jeremybenn |
/* URLClassLoader.java -- ClassLoader that loads classes from one or more URLs
|
| 2 |
|
|
Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006
|
| 3 |
|
|
Free Software Foundation, Inc.
|
| 4 |
|
|
|
| 5 |
|
|
This file is part of GNU Classpath.
|
| 6 |
|
|
|
| 7 |
|
|
GNU Classpath is free software; you can redistribute it and/or modify
|
| 8 |
|
|
it under the terms of the GNU General Public License as published by
|
| 9 |
|
|
the Free Software Foundation; either version 2, or (at your option)
|
| 10 |
|
|
any later version.
|
| 11 |
|
|
|
| 12 |
|
|
GNU Classpath is distributed in the hope that it will be useful, but
|
| 13 |
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 14 |
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
| 15 |
|
|
General Public License for more details.
|
| 16 |
|
|
|
| 17 |
|
|
You should have received a copy of the GNU General Public License
|
| 18 |
|
|
along with GNU Classpath; see the file COPYING. If not, write to the
|
| 19 |
|
|
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
| 20 |
|
|
02110-1301 USA.
|
| 21 |
|
|
|
| 22 |
|
|
Linking this library statically or dynamically with other modules is
|
| 23 |
|
|
making a combined work based on this library. Thus, the terms and
|
| 24 |
|
|
conditions of the GNU General Public License cover the whole
|
| 25 |
|
|
combination.
|
| 26 |
|
|
|
| 27 |
|
|
As a special exception, the copyright holders of this library give you
|
| 28 |
|
|
permission to link this library with independent modules to produce an
|
| 29 |
|
|
executable, regardless of the license terms of these independent
|
| 30 |
|
|
modules, and to copy and distribute the resulting executable under
|
| 31 |
|
|
terms of your choice, provided that you also meet, for each linked
|
| 32 |
|
|
independent module, the terms and conditions of the license of that
|
| 33 |
|
|
module. An independent module is a module which is not derived from
|
| 34 |
|
|
or based on this library. If you modify this library, you may extend
|
| 35 |
|
|
this exception to your version of the library, but you are not
|
| 36 |
|
|
obligated to do so. If you do not wish to do so, delete this
|
| 37 |
|
|
exception statement from your version. */
|
| 38 |
|
|
|
| 39 |
|
|
|
| 40 |
|
|
package java.net;
|
| 41 |
|
|
|
| 42 |
|
|
import gnu.java.lang.CPStringBuilder;
|
| 43 |
|
|
|
| 44 |
|
|
import gnu.java.net.loader.FileURLLoader;
|
| 45 |
|
|
import gnu.java.net.loader.JarURLLoader;
|
| 46 |
|
|
import gnu.java.net.loader.RemoteURLLoader;
|
| 47 |
|
|
import gnu.java.net.loader.Resource;
|
| 48 |
|
|
import gnu.java.net.loader.URLLoader;
|
| 49 |
|
|
import gnu.java.net.loader.URLStreamHandlerCache;
|
| 50 |
|
|
|
| 51 |
|
|
import java.io.ByteArrayOutputStream;
|
| 52 |
|
|
import java.io.EOFException;
|
| 53 |
|
|
import java.io.File;
|
| 54 |
|
|
import java.io.FilePermission;
|
| 55 |
|
|
import java.io.IOException;
|
| 56 |
|
|
import java.io.InputStream;
|
| 57 |
|
|
import java.lang.reflect.Constructor;
|
| 58 |
|
|
import java.lang.reflect.InvocationTargetException;
|
| 59 |
|
|
import java.security.AccessControlContext;
|
| 60 |
|
|
import java.security.AccessController;
|
| 61 |
|
|
import java.security.CodeSource;
|
| 62 |
|
|
import java.security.PermissionCollection;
|
| 63 |
|
|
import java.security.PrivilegedAction;
|
| 64 |
|
|
import java.security.SecureClassLoader;
|
| 65 |
|
|
import java.security.cert.Certificate;
|
| 66 |
|
|
import java.util.ArrayList;
|
| 67 |
|
|
import java.util.Enumeration;
|
| 68 |
|
|
import java.util.Vector;
|
| 69 |
|
|
import java.util.jar.Attributes;
|
| 70 |
|
|
import java.util.jar.Manifest;
|
| 71 |
|
|
|
| 72 |
|
|
|
| 73 |
|
|
/**
|
| 74 |
|
|
* A secure class loader that can load classes and resources from
|
| 75 |
|
|
* multiple locations. Given an array of <code>URL</code>s this class
|
| 76 |
|
|
* loader will retrieve classes and resources by fetching them from
|
| 77 |
|
|
* possible remote locations. Each <code>URL</code> is searched in
|
| 78 |
|
|
* order in which it was added. If the file portion of the
|
| 79 |
|
|
* <code>URL</code> ends with a '/' character then it is interpreted
|
| 80 |
|
|
* as a base directory, otherwise it is interpreted as a jar file from
|
| 81 |
|
|
* which the classes/resources are resolved.
|
| 82 |
|
|
*
|
| 83 |
|
|
* <p>New instances can be created by two static
|
| 84 |
|
|
* <code>newInstance()</code> methods or by three public
|
| 85 |
|
|
* contructors. Both ways give the option to supply an initial array
|
| 86 |
|
|
* of <code>URL</code>s and (optionally) a parent classloader (that is
|
| 87 |
|
|
* different from the standard system class loader).</p>
|
| 88 |
|
|
*
|
| 89 |
|
|
* <p>Normally creating a <code>URLClassLoader</code> throws a
|
| 90 |
|
|
* <code>SecurityException</code> if a <code>SecurityManager</code> is
|
| 91 |
|
|
* installed and the <code>checkCreateClassLoader()</code> method does
|
| 92 |
|
|
* not return true. But the <code>newInstance()</code> methods may be
|
| 93 |
|
|
* used by any code as long as it has permission to acces the given
|
| 94 |
|
|
* <code>URL</code>s. <code>URLClassLoaders</code> created by the
|
| 95 |
|
|
* <code>newInstance()</code> methods also explicitly call the
|
| 96 |
|
|
* <code>checkPackageAccess()</code> method of
|
| 97 |
|
|
* <code>SecurityManager</code> if one is installed before trying to
|
| 98 |
|
|
* load a class. Note that only subclasses of
|
| 99 |
|
|
* <code>URLClassLoader</code> can add new URLs after the
|
| 100 |
|
|
* URLClassLoader had been created. But it is always possible to get
|
| 101 |
|
|
* an array of all URLs that the class loader uses to resolve classes
|
| 102 |
|
|
* and resources by way of the <code>getURLs()</code> method.</p>
|
| 103 |
|
|
*
|
| 104 |
|
|
* <p>Open issues:
|
| 105 |
|
|
* <ul>
|
| 106 |
|
|
*
|
| 107 |
|
|
* <li>Should the URLClassLoader actually add the locations found in
|
| 108 |
|
|
* the manifest or is this the responsibility of some other
|
| 109 |
|
|
* loader/(sub)class? (see <a
|
| 110 |
|
|
* href="http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html">
|
| 111 |
|
|
* Extension Mechanism Architecture - Bundles Extensions</a>)</li>
|
| 112 |
|
|
*
|
| 113 |
|
|
* <li>How does <code>definePackage()</code> and sealing work
|
| 114 |
|
|
* precisely?</li>
|
| 115 |
|
|
*
|
| 116 |
|
|
* <li>We save and use the security context (when a created by
|
| 117 |
|
|
* <code>newInstance()</code> but do we have to use it in more
|
| 118 |
|
|
* places?</li>
|
| 119 |
|
|
*
|
| 120 |
|
|
* <li>The use of <code>URLStreamHandler</code>s has not been tested.</li>
|
| 121 |
|
|
*
|
| 122 |
|
|
* </ul>
|
| 123 |
|
|
* </p>
|
| 124 |
|
|
*
|
| 125 |
|
|
* @since 1.2
|
| 126 |
|
|
*
|
| 127 |
|
|
* @author Mark Wielaard (mark@klomp.org)
|
| 128 |
|
|
* @author Wu Gansha (gansha.wu@intel.com)
|
| 129 |
|
|
*/
|
| 130 |
|
|
public class URLClassLoader extends SecureClassLoader
|
| 131 |
|
|
{
|
| 132 |
|
|
// Class Variables
|
| 133 |
|
|
|
| 134 |
|
|
/**
|
| 135 |
|
|
* A cache to store mappings between handler factory and its
|
| 136 |
|
|
* private protocol handler cache (also a HashMap), so we can avoid
|
| 137 |
|
|
* creating handlers each time the same protocol comes.
|
| 138 |
|
|
*/
|
| 139 |
|
|
private static URLStreamHandlerCache factoryCache
|
| 140 |
|
|
= new URLStreamHandlerCache();
|
| 141 |
|
|
|
| 142 |
|
|
/**
|
| 143 |
|
|
* The prefix for URL loaders.
|
| 144 |
|
|
*/
|
| 145 |
|
|
private static final String URL_LOADER_PREFIX = "gnu.java.net.loader.Load_";
|
| 146 |
|
|
|
| 147 |
|
|
// Instance variables
|
| 148 |
|
|
|
| 149 |
|
|
/** Locations to load classes from */
|
| 150 |
|
|
private final Vector<URL> urls = new Vector<URL>();
|
| 151 |
|
|
|
| 152 |
|
|
/**
|
| 153 |
|
|
* Store pre-parsed information for each url into this vector: each
|
| 154 |
|
|
* element is a URL loader. A jar file has its own class-path
|
| 155 |
|
|
* attribute which adds to the URLs that will be searched, but this
|
| 156 |
|
|
* does not add to the list of urls.
|
| 157 |
|
|
*/
|
| 158 |
|
|
private final Vector<URLLoader> urlinfos = new Vector<URLLoader>();
|
| 159 |
|
|
|
| 160 |
|
|
/** Factory used to get the protocol handlers of the URLs */
|
| 161 |
|
|
private final URLStreamHandlerFactory factory;
|
| 162 |
|
|
|
| 163 |
|
|
/**
|
| 164 |
|
|
* The security context when created from <code>newInstance()</code>
|
| 165 |
|
|
* or null when created through a normal constructor or when no
|
| 166 |
|
|
* <code>SecurityManager</code> was installed.
|
| 167 |
|
|
*/
|
| 168 |
|
|
private final AccessControlContext securityContext;
|
| 169 |
|
|
|
| 170 |
|
|
// Helper classes
|
| 171 |
|
|
|
| 172 |
|
|
/**
|
| 173 |
|
|
* Creates a URLClassLoader that gets classes from the supplied URLs.
|
| 174 |
|
|
* To determine if this classloader may be created the constructor of
|
| 175 |
|
|
* the super class (<code>SecureClassLoader</code>) is called first, which
|
| 176 |
|
|
* can throw a SecurityException. Then the supplied URLs are added
|
| 177 |
|
|
* in the order given to the URLClassLoader which uses these URLs to
|
| 178 |
|
|
* load classes and resources (after using the default parent ClassLoader).
|
| 179 |
|
|
*
|
| 180 |
|
|
* @param urls Locations that should be searched by this ClassLoader when
|
| 181 |
|
|
* resolving Classes or Resources.
|
| 182 |
|
|
* @exception SecurityException if the SecurityManager disallows the
|
| 183 |
|
|
* creation of a ClassLoader.
|
| 184 |
|
|
* @see SecureClassLoader
|
| 185 |
|
|
*/
|
| 186 |
|
|
public URLClassLoader(URL[] urls) throws SecurityException
|
| 187 |
|
|
{
|
| 188 |
|
|
super();
|
| 189 |
|
|
this.factory = null;
|
| 190 |
|
|
this.securityContext = null;
|
| 191 |
|
|
addURLs(urls);
|
| 192 |
|
|
}
|
| 193 |
|
|
|
| 194 |
|
|
/**
|
| 195 |
|
|
* Creates a <code>URLClassLoader</code> that gets classes from the supplied
|
| 196 |
|
|
* <code>URL</code>s.
|
| 197 |
|
|
* To determine if this classloader may be created the constructor of
|
| 198 |
|
|
* the super class (<code>SecureClassLoader</code>) is called first, which
|
| 199 |
|
|
* can throw a SecurityException. Then the supplied URLs are added
|
| 200 |
|
|
* in the order given to the URLClassLoader which uses these URLs to
|
| 201 |
|
|
* load classes and resources (after using the supplied parent ClassLoader).
|
| 202 |
|
|
* @param urls Locations that should be searched by this ClassLoader when
|
| 203 |
|
|
* resolving Classes or Resources.
|
| 204 |
|
|
* @param parent The parent class loader used before trying this class
|
| 205 |
|
|
* loader.
|
| 206 |
|
|
* @exception SecurityException if the SecurityManager disallows the
|
| 207 |
|
|
* creation of a ClassLoader.
|
| 208 |
|
|
* @exception SecurityException
|
| 209 |
|
|
* @see SecureClassLoader
|
| 210 |
|
|
*/
|
| 211 |
|
|
public URLClassLoader(URL[] urls, ClassLoader parent)
|
| 212 |
|
|
throws SecurityException
|
| 213 |
|
|
{
|
| 214 |
|
|
super(parent);
|
| 215 |
|
|
this.factory = null;
|
| 216 |
|
|
this.securityContext = null;
|
| 217 |
|
|
addURLs(urls);
|
| 218 |
|
|
}
|
| 219 |
|
|
|
| 220 |
|
|
// Package-private to avoid a trampoline constructor.
|
| 221 |
|
|
/**
|
| 222 |
|
|
* Package-private constructor used by the static
|
| 223 |
|
|
* <code>newInstance(URL[])</code> method. Creates an
|
| 224 |
|
|
* <code>URLClassLoader</code> with the given parent but without any
|
| 225 |
|
|
* <code>URL</code>s yet. This is used to bypass the normal security
|
| 226 |
|
|
* check for creating classloaders, but remembers the security
|
| 227 |
|
|
* context which will be used when defining classes. The
|
| 228 |
|
|
* <code>URL</code>s to load from must be added by the
|
| 229 |
|
|
* <code>newInstance()</code> method in the security context of the
|
| 230 |
|
|
* caller.
|
| 231 |
|
|
*
|
| 232 |
|
|
* @param securityContext the security context of the unprivileged code.
|
| 233 |
|
|
*/
|
| 234 |
|
|
URLClassLoader(ClassLoader parent, AccessControlContext securityContext)
|
| 235 |
|
|
{
|
| 236 |
|
|
super(parent);
|
| 237 |
|
|
this.factory = null;
|
| 238 |
|
|
this.securityContext = securityContext;
|
| 239 |
|
|
}
|
| 240 |
|
|
|
| 241 |
|
|
/**
|
| 242 |
|
|
* Creates a URLClassLoader that gets classes from the supplied URLs.
|
| 243 |
|
|
* To determine if this classloader may be created the constructor of
|
| 244 |
|
|
* the super class (<CODE>SecureClassLoader</CODE>) is called first, which
|
| 245 |
|
|
* can throw a SecurityException. Then the supplied URLs are added
|
| 246 |
|
|
* in the order given to the URLClassLoader which uses these URLs to
|
| 247 |
|
|
* load classes and resources (after using the supplied parent ClassLoader).
|
| 248 |
|
|
* It will use the supplied <CODE>URLStreamHandlerFactory</CODE> to get the
|
| 249 |
|
|
* protocol handlers of the supplied URLs.
|
| 250 |
|
|
* @param urls Locations that should be searched by this ClassLoader when
|
| 251 |
|
|
* resolving Classes or Resources.
|
| 252 |
|
|
* @param parent The parent class loader used before trying this class
|
| 253 |
|
|
* loader.
|
| 254 |
|
|
* @param factory Used to get the protocol handler for the URLs.
|
| 255 |
|
|
* @exception SecurityException if the SecurityManager disallows the
|
| 256 |
|
|
* creation of a ClassLoader.
|
| 257 |
|
|
* @exception SecurityException
|
| 258 |
|
|
* @see SecureClassLoader
|
| 259 |
|
|
*/
|
| 260 |
|
|
public URLClassLoader(URL[] urls, ClassLoader parent,
|
| 261 |
|
|
URLStreamHandlerFactory factory)
|
| 262 |
|
|
throws SecurityException
|
| 263 |
|
|
{
|
| 264 |
|
|
super(parent);
|
| 265 |
|
|
this.securityContext = null;
|
| 266 |
|
|
this.factory = factory;
|
| 267 |
|
|
// If this factory is not yet in factoryCache, add it.
|
| 268 |
|
|
factoryCache.add(factory);
|
| 269 |
|
|
addURLs(urls);
|
| 270 |
|
|
}
|
| 271 |
|
|
|
| 272 |
|
|
// Methods
|
| 273 |
|
|
|
| 274 |
|
|
/**
|
| 275 |
|
|
* Adds a new location to the end of the internal URL store.
|
| 276 |
|
|
* @param newUrl the location to add
|
| 277 |
|
|
*/
|
| 278 |
|
|
protected void addURL(URL newUrl)
|
| 279 |
|
|
{
|
| 280 |
|
|
urls.add(newUrl);
|
| 281 |
|
|
addURLImpl(newUrl);
|
| 282 |
|
|
}
|
| 283 |
|
|
|
| 284 |
|
|
private void addURLImpl(URL newUrl)
|
| 285 |
|
|
{
|
| 286 |
|
|
synchronized (this)
|
| 287 |
|
|
{
|
| 288 |
|
|
if (newUrl == null)
|
| 289 |
|
|
return; // Silently ignore...
|
| 290 |
|
|
|
| 291 |
|
|
// Reset the toString() value.
|
| 292 |
|
|
thisString = null;
|
| 293 |
|
|
|
| 294 |
|
|
// Create a loader for this URL.
|
| 295 |
|
|
URLLoader loader = null;
|
| 296 |
|
|
String file = newUrl.getFile();
|
| 297 |
|
|
String protocol = newUrl.getProtocol();
|
| 298 |
|
|
|
| 299 |
|
|
// If we have a file: URL, we want to make it absolute
|
| 300 |
|
|
// here, before we decide whether it is really a jar.
|
| 301 |
|
|
URL absoluteURL;
|
| 302 |
|
|
if ("file".equals (protocol))
|
| 303 |
|
|
{
|
| 304 |
|
|
File dir = new File(file);
|
| 305 |
|
|
try
|
| 306 |
|
|
{
|
| 307 |
|
|
absoluteURL = dir.getCanonicalFile().toURL();
|
| 308 |
|
|
}
|
| 309 |
|
|
catch (IOException ignore)
|
| 310 |
|
|
{
|
| 311 |
|
|
try
|
| 312 |
|
|
{
|
| 313 |
|
|
absoluteURL = dir.getAbsoluteFile().toURL();
|
| 314 |
|
|
}
|
| 315 |
|
|
catch (MalformedURLException _)
|
| 316 |
|
|
{
|
| 317 |
|
|
// This really should not happen.
|
| 318 |
|
|
absoluteURL = newUrl;
|
| 319 |
|
|
}
|
| 320 |
|
|
}
|
| 321 |
|
|
}
|
| 322 |
|
|
else
|
| 323 |
|
|
{
|
| 324 |
|
|
// This doesn't hurt, and it simplifies the logic a
|
| 325 |
|
|
// little.
|
| 326 |
|
|
absoluteURL = newUrl;
|
| 327 |
|
|
}
|
| 328 |
|
|
|
| 329 |
|
|
// First see if we can find a handler with the correct name.
|
| 330 |
|
|
try
|
| 331 |
|
|
{
|
| 332 |
|
|
Class<?> handler = Class.forName(URL_LOADER_PREFIX + protocol);
|
| 333 |
|
|
Class<?>[] argTypes = new Class<?>[] { URLClassLoader.class,
|
| 334 |
|
|
URLStreamHandlerCache.class,
|
| 335 |
|
|
URLStreamHandlerFactory.class,
|
| 336 |
|
|
URL.class,
|
| 337 |
|
|
URL.class };
|
| 338 |
|
|
Constructor k = handler.getDeclaredConstructor(argTypes);
|
| 339 |
|
|
loader
|
| 340 |
|
|
= (URLLoader) k.newInstance(new Object[] { this,
|
| 341 |
|
|
factoryCache,
|
| 342 |
|
|
factory,
|
| 343 |
|
|
newUrl,
|
| 344 |
|
|
absoluteURL });
|
| 345 |
|
|
}
|
| 346 |
|
|
catch (ClassNotFoundException ignore)
|
| 347 |
|
|
{
|
| 348 |
|
|
// Fall through.
|
| 349 |
|
|
}
|
| 350 |
|
|
catch (NoSuchMethodException nsme)
|
| 351 |
|
|
{
|
| 352 |
|
|
// Programming error in the class library.
|
| 353 |
|
|
InternalError vme
|
| 354 |
|
|
= new InternalError("couldn't find URLLoader constructor");
|
| 355 |
|
|
vme.initCause(nsme);
|
| 356 |
|
|
throw vme;
|
| 357 |
|
|
}
|
| 358 |
|
|
catch (InstantiationException inste)
|
| 359 |
|
|
{
|
| 360 |
|
|
// Programming error in the class library.
|
| 361 |
|
|
InternalError vme
|
| 362 |
|
|
= new InternalError("couldn't instantiate URLLoader");
|
| 363 |
|
|
vme.initCause(inste);
|
| 364 |
|
|
throw vme;
|
| 365 |
|
|
}
|
| 366 |
|
|
catch (InvocationTargetException ite)
|
| 367 |
|
|
{
|
| 368 |
|
|
// Programming error in the class library.
|
| 369 |
|
|
InternalError vme
|
| 370 |
|
|
= new InternalError("error instantiating URLLoader");
|
| 371 |
|
|
vme.initCause(ite);
|
| 372 |
|
|
throw vme;
|
| 373 |
|
|
}
|
| 374 |
|
|
catch (IllegalAccessException illae)
|
| 375 |
|
|
{
|
| 376 |
|
|
// Programming error in the class library.
|
| 377 |
|
|
InternalError vme
|
| 378 |
|
|
= new InternalError("invalid access to URLLoader");
|
| 379 |
|
|
vme.initCause(illae);
|
| 380 |
|
|
throw vme;
|
| 381 |
|
|
}
|
| 382 |
|
|
|
| 383 |
|
|
if (loader == null)
|
| 384 |
|
|
{
|
| 385 |
|
|
// If it is not a directory, use the jar loader.
|
| 386 |
|
|
if (! (file.endsWith("/") || file.endsWith(File.separator)))
|
| 387 |
|
|
loader = new JarURLLoader(this, factoryCache, factory,
|
| 388 |
|
|
newUrl, absoluteURL);
|
| 389 |
|
|
else if ("file".equals(protocol))
|
| 390 |
|
|
loader = new FileURLLoader(this, factoryCache, factory,
|
| 391 |
|
|
newUrl, absoluteURL);
|
| 392 |
|
|
else
|
| 393 |
|
|
loader = new RemoteURLLoader(this, factoryCache, factory,
|
| 394 |
|
|
newUrl);
|
| 395 |
|
|
}
|
| 396 |
|
|
|
| 397 |
|
|
urlinfos.add(loader);
|
| 398 |
|
|
ArrayList<URLLoader> extra = loader.getClassPath();
|
| 399 |
|
|
if (extra != null)
|
| 400 |
|
|
urlinfos.addAll(extra);
|
| 401 |
|
|
}
|
| 402 |
|
|
}
|
| 403 |
|
|
|
| 404 |
|
|
/**
|
| 405 |
|
|
* Adds an array of new locations to the end of the internal URL
|
| 406 |
|
|
* store. Called from the the constructors. Should not call to the
|
| 407 |
|
|
* protected addURL() method since that can be overridden and
|
| 408 |
|
|
* subclasses are not yet in a good state at this point.
|
| 409 |
|
|
* jboss 4.0.3 for example depends on this.
|
| 410 |
|
|
*
|
| 411 |
|
|
* @param newUrls the locations to add
|
| 412 |
|
|
*/
|
| 413 |
|
|
private void addURLs(URL[] newUrls)
|
| 414 |
|
|
{
|
| 415 |
|
|
for (int i = 0; i < newUrls.length; i++)
|
| 416 |
|
|
{
|
| 417 |
|
|
urls.add(newUrls[i]);
|
| 418 |
|
|
addURLImpl(newUrls[i]);
|
| 419 |
|
|
}
|
| 420 |
|
|
}
|
| 421 |
|
|
|
| 422 |
|
|
/**
|
| 423 |
|
|
* Look in both Attributes for a given value. The first Attributes
|
| 424 |
|
|
* object, if not null, has precedence.
|
| 425 |
|
|
*/
|
| 426 |
|
|
private String getAttributeValue(Attributes.Name name, Attributes first,
|
| 427 |
|
|
Attributes second)
|
| 428 |
|
|
{
|
| 429 |
|
|
String result = null;
|
| 430 |
|
|
if (first != null)
|
| 431 |
|
|
result = first.getValue(name);
|
| 432 |
|
|
if (result == null)
|
| 433 |
|
|
result = second.getValue(name);
|
| 434 |
|
|
return result;
|
| 435 |
|
|
}
|
| 436 |
|
|
|
| 437 |
|
|
/**
|
| 438 |
|
|
* Defines a Package based on the given name and the supplied manifest
|
| 439 |
|
|
* information. The manifest indicates the title, version and
|
| 440 |
|
|
* vendor information of the specification and implementation and whether the
|
| 441 |
|
|
* package is sealed. If the Manifest indicates that the package is sealed
|
| 442 |
|
|
* then the Package will be sealed with respect to the supplied URL.
|
| 443 |
|
|
*
|
| 444 |
|
|
* @param name The name of the package
|
| 445 |
|
|
* @param manifest The manifest describing the specification,
|
| 446 |
|
|
* implementation and sealing details of the package
|
| 447 |
|
|
* @param url the code source url to seal the package
|
| 448 |
|
|
* @return the defined Package
|
| 449 |
|
|
* @throws IllegalArgumentException If this package name already exists
|
| 450 |
|
|
* in this class loader
|
| 451 |
|
|
*/
|
| 452 |
|
|
protected Package definePackage(String name, Manifest manifest, URL url)
|
| 453 |
|
|
throws IllegalArgumentException
|
| 454 |
|
|
{
|
| 455 |
|
|
// Compute the name of the package as it may appear in the
|
| 456 |
|
|
// Manifest.
|
| 457 |
|
|
CPStringBuilder xform = new CPStringBuilder(name);
|
| 458 |
|
|
for (int i = xform.length () - 1; i >= 0; --i)
|
| 459 |
|
|
if (xform.charAt(i) == '.')
|
| 460 |
|
|
xform.setCharAt(i, '/');
|
| 461 |
|
|
xform.append('/');
|
| 462 |
|
|
String xformName = xform.toString();
|
| 463 |
|
|
|
| 464 |
|
|
Attributes entryAttr = manifest.getAttributes(xformName);
|
| 465 |
|
|
Attributes attr = manifest.getMainAttributes();
|
| 466 |
|
|
|
| 467 |
|
|
String specTitle
|
| 468 |
|
|
= getAttributeValue(Attributes.Name.SPECIFICATION_TITLE,
|
| 469 |
|
|
entryAttr, attr);
|
| 470 |
|
|
String specVersion
|
| 471 |
|
|
= getAttributeValue(Attributes.Name.SPECIFICATION_VERSION,
|
| 472 |
|
|
entryAttr, attr);
|
| 473 |
|
|
String specVendor
|
| 474 |
|
|
= getAttributeValue(Attributes.Name.SPECIFICATION_VENDOR,
|
| 475 |
|
|
entryAttr, attr);
|
| 476 |
|
|
String implTitle
|
| 477 |
|
|
= getAttributeValue(Attributes.Name.IMPLEMENTATION_TITLE,
|
| 478 |
|
|
entryAttr, attr);
|
| 479 |
|
|
String implVersion
|
| 480 |
|
|
= getAttributeValue(Attributes.Name.IMPLEMENTATION_VERSION,
|
| 481 |
|
|
entryAttr, attr);
|
| 482 |
|
|
String implVendor
|
| 483 |
|
|
= getAttributeValue(Attributes.Name.IMPLEMENTATION_VENDOR,
|
| 484 |
|
|
entryAttr, attr);
|
| 485 |
|
|
|
| 486 |
|
|
// Look if the Manifest indicates that this package is sealed
|
| 487 |
|
|
// XXX - most likely not completely correct!
|
| 488 |
|
|
// Shouldn't we also check the sealed attribute of the complete jar?
|
| 489 |
|
|
// http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html#bundled
|
| 490 |
|
|
// But how do we get that jar manifest here?
|
| 491 |
|
|
String sealed = attr.getValue(Attributes.Name.SEALED);
|
| 492 |
|
|
if ("false".equals(sealed))
|
| 493 |
|
|
// make sure that the URL is null so the package is not sealed
|
| 494 |
|
|
url = null;
|
| 495 |
|
|
|
| 496 |
|
|
return definePackage(name,
|
| 497 |
|
|
specTitle, specVendor, specVersion,
|
| 498 |
|
|
implTitle, implVendor, implVersion,
|
| 499 |
|
|
url);
|
| 500 |
|
|
}
|
| 501 |
|
|
|
| 502 |
|
|
/**
|
| 503 |
|
|
* Finds (the first) class by name from one of the locations. The locations
|
| 504 |
|
|
* are searched in the order they were added to the URLClassLoader.
|
| 505 |
|
|
*
|
| 506 |
|
|
* @param className the classname to find
|
| 507 |
|
|
* @exception ClassNotFoundException when the class could not be found or
|
| 508 |
|
|
* loaded
|
| 509 |
|
|
* @return a Class object representing the found class
|
| 510 |
|
|
*/
|
| 511 |
|
|
protected Class<?> findClass(final String className)
|
| 512 |
|
|
throws ClassNotFoundException
|
| 513 |
|
|
{
|
| 514 |
|
|
// Just try to find the resource by the (almost) same name
|
| 515 |
|
|
String resourceName = className.replace('.', '/') + ".class";
|
| 516 |
|
|
int max = urlinfos.size();
|
| 517 |
|
|
Resource resource = null;
|
| 518 |
|
|
for (int i = 0; i < max && resource == null; i++)
|
| 519 |
|
|
{
|
| 520 |
|
|
URLLoader loader = (URLLoader)urlinfos.elementAt(i);
|
| 521 |
|
|
if (loader == null)
|
| 522 |
|
|
continue;
|
| 523 |
|
|
|
| 524 |
|
|
Class k = loader.getClass(className);
|
| 525 |
|
|
if (k != null)
|
| 526 |
|
|
return k;
|
| 527 |
|
|
|
| 528 |
|
|
resource = loader.getResource(resourceName);
|
| 529 |
|
|
}
|
| 530 |
|
|
if (resource == null)
|
| 531 |
|
|
throw new ClassNotFoundException(className + " not found in " + this);
|
| 532 |
|
|
|
| 533 |
|
|
// Try to read the class data, create the CodeSource, Package and
|
| 534 |
|
|
// construct the class (and watch out for those nasty IOExceptions)
|
| 535 |
|
|
try
|
| 536 |
|
|
{
|
| 537 |
|
|
byte[] data;
|
| 538 |
|
|
InputStream in = resource.getInputStream();
|
| 539 |
|
|
try
|
| 540 |
|
|
{
|
| 541 |
|
|
int length = resource.getLength();
|
| 542 |
|
|
if (length != -1)
|
| 543 |
|
|
{
|
| 544 |
|
|
// We know the length of the data.
|
| 545 |
|
|
// Just try to read it in all at once
|
| 546 |
|
|
data = new byte[length];
|
| 547 |
|
|
int pos = 0;
|
| 548 |
|
|
while (length - pos > 0)
|
| 549 |
|
|
{
|
| 550 |
|
|
int len = in.read(data, pos, length - pos);
|
| 551 |
|
|
if (len == -1)
|
| 552 |
|
|
throw new EOFException("Not enough data reading from: "
|
| 553 |
|
|
+ in);
|
| 554 |
|
|
pos += len;
|
| 555 |
|
|
}
|
| 556 |
|
|
}
|
| 557 |
|
|
else
|
| 558 |
|
|
{
|
| 559 |
|
|
// We don't know the data length.
|
| 560 |
|
|
// Have to read it in chunks.
|
| 561 |
|
|
ByteArrayOutputStream out = new ByteArrayOutputStream(4096);
|
| 562 |
|
|
byte[] b = new byte[4096];
|
| 563 |
|
|
int l = 0;
|
| 564 |
|
|
while (l != -1)
|
| 565 |
|
|
{
|
| 566 |
|
|
l = in.read(b);
|
| 567 |
|
|
if (l != -1)
|
| 568 |
|
|
out.write(b, 0, l);
|
| 569 |
|
|
}
|
| 570 |
|
|
data = out.toByteArray();
|
| 571 |
|
|
}
|
| 572 |
|
|
}
|
| 573 |
|
|
finally
|
| 574 |
|
|
{
|
| 575 |
|
|
in.close();
|
| 576 |
|
|
}
|
| 577 |
|
|
final byte[] classData = data;
|
| 578 |
|
|
|
| 579 |
|
|
// Now get the CodeSource
|
| 580 |
|
|
final CodeSource source = resource.getCodeSource();
|
| 581 |
|
|
|
| 582 |
|
|
// Find out package name
|
| 583 |
|
|
String packageName = null;
|
| 584 |
|
|
int lastDot = className.lastIndexOf('.');
|
| 585 |
|
|
if (lastDot != -1)
|
| 586 |
|
|
packageName = className.substring(0, lastDot);
|
| 587 |
|
|
|
| 588 |
|
|
if (packageName != null && getPackage(packageName) == null)
|
| 589 |
|
|
{
|
| 590 |
|
|
// define the package
|
| 591 |
|
|
Manifest manifest = resource.getLoader().getManifest();
|
| 592 |
|
|
if (manifest == null)
|
| 593 |
|
|
definePackage(packageName, null, null, null, null, null, null,
|
| 594 |
|
|
null);
|
| 595 |
|
|
else
|
| 596 |
|
|
definePackage(packageName, manifest,
|
| 597 |
|
|
resource.getLoader().getBaseURL());
|
| 598 |
|
|
}
|
| 599 |
|
|
|
| 600 |
|
|
// And finally construct the class!
|
| 601 |
|
|
SecurityManager sm = System.getSecurityManager();
|
| 602 |
|
|
Class result = null;
|
| 603 |
|
|
if (sm != null && securityContext != null)
|
| 604 |
|
|
{
|
| 605 |
|
|
result = AccessController.doPrivileged
|
| 606 |
|
|
(new PrivilegedAction<Class>()
|
| 607 |
|
|
{
|
| 608 |
|
|
public Class run()
|
| 609 |
|
|
{
|
| 610 |
|
|
return defineClass(className, classData,
|
| 611 |
|
|
0, classData.length,
|
| 612 |
|
|
source);
|
| 613 |
|
|
}
|
| 614 |
|
|
}, securityContext);
|
| 615 |
|
|
}
|
| 616 |
|
|
else
|
| 617 |
|
|
result = defineClass(className, classData, 0, classData.length, source);
|
| 618 |
|
|
|
| 619 |
|
|
// Avoid NullPointerExceptions.
|
| 620 |
|
|
Certificate[] resourceCertificates = resource.getCertificates();
|
| 621 |
|
|
if(resourceCertificates != null)
|
| 622 |
|
|
super.setSigners(result, resourceCertificates);
|
| 623 |
|
|
|
| 624 |
|
|
return result;
|
| 625 |
|
|
}
|
| 626 |
|
|
catch (IOException ioe)
|
| 627 |
|
|
{
|
| 628 |
|
|
throw new ClassNotFoundException(className + " not found in " + this, ioe);
|
| 629 |
|
|
}
|
| 630 |
|
|
}
|
| 631 |
|
|
|
| 632 |
|
|
// Cached String representation of this URLClassLoader
|
| 633 |
|
|
private String thisString;
|
| 634 |
|
|
|
| 635 |
|
|
/**
|
| 636 |
|
|
* Returns a String representation of this URLClassLoader giving the
|
| 637 |
|
|
* actual Class name, the URLs that are searched and the parent
|
| 638 |
|
|
* ClassLoader.
|
| 639 |
|
|
*/
|
| 640 |
|
|
public String toString()
|
| 641 |
|
|
{
|
| 642 |
|
|
synchronized (this)
|
| 643 |
|
|
{
|
| 644 |
|
|
if (thisString == null)
|
| 645 |
|
|
{
|
| 646 |
|
|
CPStringBuilder sb = new CPStringBuilder();
|
| 647 |
|
|
sb.append(this.getClass().getName());
|
| 648 |
|
|
sb.append("{urls=[" );
|
| 649 |
|
|
URL[] thisURLs = getURLs();
|
| 650 |
|
|
for (int i = 0; i < thisURLs.length; i++)
|
| 651 |
|
|
{
|
| 652 |
|
|
sb.append(thisURLs[i]);
|
| 653 |
|
|
if (i < thisURLs.length - 1)
|
| 654 |
|
|
sb.append(',');
|
| 655 |
|
|
}
|
| 656 |
|
|
sb.append(']');
|
| 657 |
|
|
sb.append(", parent=");
|
| 658 |
|
|
sb.append(getParent());
|
| 659 |
|
|
sb.append('}');
|
| 660 |
|
|
thisString = sb.toString();
|
| 661 |
|
|
}
|
| 662 |
|
|
return thisString;
|
| 663 |
|
|
}
|
| 664 |
|
|
}
|
| 665 |
|
|
|
| 666 |
|
|
/**
|
| 667 |
|
|
* Finds the first occurrence of a resource that can be found. The locations
|
| 668 |
|
|
* are searched in the order they were added to the URLClassLoader.
|
| 669 |
|
|
*
|
| 670 |
|
|
* @param resourceName the resource name to look for
|
| 671 |
|
|
* @return the URLResource for the resource if found, null otherwise
|
| 672 |
|
|
*/
|
| 673 |
|
|
private Resource findURLResource(String resourceName)
|
| 674 |
|
|
{
|
| 675 |
|
|
int max = urlinfos.size();
|
| 676 |
|
|
for (int i = 0; i < max; i++)
|
| 677 |
|
|
{
|
| 678 |
|
|
URLLoader loader = (URLLoader) urlinfos.elementAt(i);
|
| 679 |
|
|
if (loader == null)
|
| 680 |
|
|
continue;
|
| 681 |
|
|
|
| 682 |
|
|
Resource resource = loader.getResource(resourceName);
|
| 683 |
|
|
if (resource != null)
|
| 684 |
|
|
return resource;
|
| 685 |
|
|
}
|
| 686 |
|
|
return null;
|
| 687 |
|
|
}
|
| 688 |
|
|
|
| 689 |
|
|
/**
|
| 690 |
|
|
* Finds the first occurrence of a resource that can be found.
|
| 691 |
|
|
*
|
| 692 |
|
|
* @param resourceName the resource name to look for
|
| 693 |
|
|
* @return the URL if found, null otherwise
|
| 694 |
|
|
*/
|
| 695 |
|
|
public URL findResource(String resourceName)
|
| 696 |
|
|
{
|
| 697 |
|
|
Resource resource = findURLResource(resourceName);
|
| 698 |
|
|
if (resource != null)
|
| 699 |
|
|
return resource.getURL();
|
| 700 |
|
|
|
| 701 |
|
|
// Resource not found
|
| 702 |
|
|
return null;
|
| 703 |
|
|
}
|
| 704 |
|
|
|
| 705 |
|
|
/**
|
| 706 |
|
|
* Finds all the resources with a particular name from all the locations.
|
| 707 |
|
|
*
|
| 708 |
|
|
* @param resourceName the name of the resource to lookup
|
| 709 |
|
|
* @return a (possible empty) enumeration of URLs where the resource can be
|
| 710 |
|
|
* found
|
| 711 |
|
|
* @exception IOException when an error occurs accessing one of the
|
| 712 |
|
|
* locations
|
| 713 |
|
|
*/
|
| 714 |
|
|
public Enumeration<URL> findResources(String resourceName)
|
| 715 |
|
|
throws IOException
|
| 716 |
|
|
{
|
| 717 |
|
|
Vector<URL> resources = new Vector<URL>();
|
| 718 |
|
|
int max = urlinfos.size();
|
| 719 |
|
|
for (int i = 0; i < max; i++)
|
| 720 |
|
|
{
|
| 721 |
|
|
URLLoader loader = (URLLoader) urlinfos.elementAt(i);
|
| 722 |
|
|
Resource resource = loader.getResource(resourceName);
|
| 723 |
|
|
if (resource != null)
|
| 724 |
|
|
resources.add(resource.getURL());
|
| 725 |
|
|
}
|
| 726 |
|
|
return resources.elements();
|
| 727 |
|
|
}
|
| 728 |
|
|
|
| 729 |
|
|
/**
|
| 730 |
|
|
* Returns the permissions needed to access a particular code
|
| 731 |
|
|
* source. These permissions includes those returned by
|
| 732 |
|
|
* <code>SecureClassLoader.getPermissions()</code> and the actual
|
| 733 |
|
|
* permissions to access the objects referenced by the URL of the
|
| 734 |
|
|
* code source. The extra permissions added depend on the protocol
|
| 735 |
|
|
* and file portion of the URL in the code source. If the URL has
|
| 736 |
|
|
* the "file" protocol ends with a '/' character then it must be a
|
| 737 |
|
|
* directory and a file Permission to read everything in that
|
| 738 |
|
|
* directory and all subdirectories is added. If the URL had the
|
| 739 |
|
|
* "file" protocol and doesn't end with a '/' character then it must
|
| 740 |
|
|
* be a normal file and a file permission to read that file is
|
| 741 |
|
|
* added. If the <code>URL</code> has any other protocol then a
|
| 742 |
|
|
* socket permission to connect and accept connections from the host
|
| 743 |
|
|
* portion of the URL is added.
|
| 744 |
|
|
*
|
| 745 |
|
|
* @param source The codesource that needs the permissions to be accessed
|
| 746 |
|
|
* @return the collection of permissions needed to access the code resource
|
| 747 |
|
|
* @see java.security.SecureClassLoader#getPermissions(CodeSource)
|
| 748 |
|
|
*/
|
| 749 |
|
|
protected PermissionCollection getPermissions(CodeSource source)
|
| 750 |
|
|
{
|
| 751 |
|
|
// XXX - This implementation does exactly as the Javadoc describes.
|
| 752 |
|
|
// But maybe we should/could use URLConnection.getPermissions()?
|
| 753 |
|
|
// First get the permissions that would normally be granted
|
| 754 |
|
|
PermissionCollection permissions = super.getPermissions(source);
|
| 755 |
|
|
|
| 756 |
|
|
// Now add any extra permissions depending on the URL location.
|
| 757 |
|
|
URL url = source.getLocation();
|
| 758 |
|
|
String protocol = url.getProtocol();
|
| 759 |
|
|
if (protocol.equals("file"))
|
| 760 |
|
|
{
|
| 761 |
|
|
String file = url.getFile();
|
| 762 |
|
|
|
| 763 |
|
|
// If the file end in / it must be an directory.
|
| 764 |
|
|
if (file.endsWith("/") || file.endsWith(File.separator))
|
| 765 |
|
|
{
|
| 766 |
|
|
// Grant permission to read everything in that directory and
|
| 767 |
|
|
// all subdirectories.
|
| 768 |
|
|
permissions.add(new FilePermission(file + "-", "read"));
|
| 769 |
|
|
}
|
| 770 |
|
|
else
|
| 771 |
|
|
{
|
| 772 |
|
|
// It is a 'normal' file.
|
| 773 |
|
|
// Grant permission to access that file.
|
| 774 |
|
|
permissions.add(new FilePermission(file, "read"));
|
| 775 |
|
|
}
|
| 776 |
|
|
}
|
| 777 |
|
|
else
|
| 778 |
|
|
{
|
| 779 |
|
|
// Grant permission to connect to and accept connections from host
|
| 780 |
|
|
String host = url.getHost();
|
| 781 |
|
|
if (host != null)
|
| 782 |
|
|
permissions.add(new SocketPermission(host, "connect,accept"));
|
| 783 |
|
|
}
|
| 784 |
|
|
|
| 785 |
|
|
return permissions;
|
| 786 |
|
|
}
|
| 787 |
|
|
|
| 788 |
|
|
/**
|
| 789 |
|
|
* Returns all the locations that this class loader currently uses the
|
| 790 |
|
|
* resolve classes and resource. This includes both the initially supplied
|
| 791 |
|
|
* URLs as any URLs added later by the loader.
|
| 792 |
|
|
* @return All the currently used URLs
|
| 793 |
|
|
*/
|
| 794 |
|
|
public URL[] getURLs()
|
| 795 |
|
|
{
|
| 796 |
|
|
return (URL[]) urls.toArray(new URL[urls.size()]);
|
| 797 |
|
|
}
|
| 798 |
|
|
|
| 799 |
|
|
/**
|
| 800 |
|
|
* Creates a new instance of a <code>URLClassLoader</code> that gets
|
| 801 |
|
|
* classes from the supplied <code>URL</code>s. This class loader
|
| 802 |
|
|
* will have as parent the standard system class loader.
|
| 803 |
|
|
*
|
| 804 |
|
|
* @param urls the initial URLs used to resolve classes and
|
| 805 |
|
|
* resources
|
| 806 |
|
|
*
|
| 807 |
|
|
* @return the class loader
|
| 808 |
|
|
*
|
| 809 |
|
|
* @exception SecurityException when the calling code does not have
|
| 810 |
|
|
* permission to access the given <code>URL</code>s
|
| 811 |
|
|
*/
|
| 812 |
|
|
public static URLClassLoader newInstance(URL[] urls)
|
| 813 |
|
|
throws SecurityException
|
| 814 |
|
|
{
|
| 815 |
|
|
return newInstance(urls, null);
|
| 816 |
|
|
}
|
| 817 |
|
|
|
| 818 |
|
|
/**
|
| 819 |
|
|
* Creates a new instance of a <code>URLClassLoader</code> that gets
|
| 820 |
|
|
* classes from the supplied <code>URL</code>s and with the supplied
|
| 821 |
|
|
* loader as parent class loader.
|
| 822 |
|
|
*
|
| 823 |
|
|
* @param urls the initial URLs used to resolve classes and
|
| 824 |
|
|
* resources
|
| 825 |
|
|
* @param parent the parent class loader
|
| 826 |
|
|
*
|
| 827 |
|
|
* @return the class loader
|
| 828 |
|
|
*
|
| 829 |
|
|
* @exception SecurityException when the calling code does not have
|
| 830 |
|
|
* permission to access the given <code>URL</code>s
|
| 831 |
|
|
*/
|
| 832 |
|
|
public static URLClassLoader newInstance(URL[] urls, final ClassLoader parent)
|
| 833 |
|
|
throws SecurityException
|
| 834 |
|
|
{
|
| 835 |
|
|
SecurityManager sm = System.getSecurityManager();
|
| 836 |
|
|
if (sm == null)
|
| 837 |
|
|
return new URLClassLoader(urls, parent);
|
| 838 |
|
|
else
|
| 839 |
|
|
{
|
| 840 |
|
|
final Object securityContext = sm.getSecurityContext();
|
| 841 |
|
|
|
| 842 |
|
|
// XXX - What to do with anything else then an AccessControlContext?
|
| 843 |
|
|
if (! (securityContext instanceof AccessControlContext))
|
| 844 |
|
|
throw new SecurityException("securityContext must be AccessControlContext: "
|
| 845 |
|
|
+ securityContext);
|
| 846 |
|
|
|
| 847 |
|
|
URLClassLoader loader =
|
| 848 |
|
|
AccessController.doPrivileged(new PrivilegedAction<URLClassLoader>()
|
| 849 |
|
|
{
|
| 850 |
|
|
public URLClassLoader run()
|
| 851 |
|
|
{
|
| 852 |
|
|
return new URLClassLoader(parent,
|
| 853 |
|
|
(AccessControlContext) securityContext);
|
| 854 |
|
|
}
|
| 855 |
|
|
});
|
| 856 |
|
|
loader.addURLs(urls);
|
| 857 |
|
|
return loader;
|
| 858 |
|
|
}
|
| 859 |
|
|
}
|
| 860 |
|
|
}
|
