Inheritance: java.lang.Object
コード例 #1
0
        /*
         * Returned cached ProtectionDomain for the specified CodeSource.
         */
        private ProtectionDomain GetProtectionDomain(CodeSource cs)
        {
            if (cs == null)
            {
                return(null);
            }

            ProtectionDomain pd = null;

            lock (Pdcache)
            {
                pd = Pdcache[cs];
                if (pd == null)
                {
                    PermissionCollection perms = GetPermissions(cs);
                    pd          = new ProtectionDomain(cs, perms, this, null);
                    Pdcache[cs] = pd;
                    if (Debug != null)
                    {
                        Debug.println(" getPermissions " + pd);
                        Debug.println("");
                    }
                }
            }
            return(pd);
        }
コード例 #2
0
ファイル: java.lang.cs プロジェクト: labsnap/ikvm-1
    public static java.security.ProtectionDomain getProtectionDomain0(java.lang.Class thisClass)
    {
#if FIRST_PASS
        return(null);
#else
        TypeWrapper wrapper = TypeWrapper.FromClass(thisClass);
        if (wrapper.IsArray)
        {
            return(null);
        }
        java.security.ProtectionDomain pd = wrapper.ClassObject.pd;
        if (pd == null)
        {
            // The protection domain for statically compiled code is created lazily (not at java.lang.Class creation time),
            // to work around boot strap issues.
            AssemblyClassLoader acl = wrapper.GetClassLoader() as AssemblyClassLoader;
            if (acl != null)
            {
                pd = acl.GetProtectionDomain();
            }
            else if (wrapper is AnonymousTypeWrapper)
            {
                // dynamically compiled intrinsified lamdba anonymous types end up here and should get their
                // protection domain from the host class
                pd = ClassLoaderWrapper.GetWrapperFromType(wrapper.TypeAsTBD.DeclaringType).ClassObject.pd;
            }
        }
        return(pd);
#endif
    }
コード例 #3
0
ファイル: java.security.cs プロジェクト: chanhohang/ikvm
    private static bool GetProtectionDomains(List <java.security.ProtectionDomain> array, [email protected] callerID, StackTrace stack)
    {
        java.security.ProtectionDomain previous_protection_domain = null;
        for (int i = 0; i < stack.FrameCount; i++)
        {
            bool is_privileged = false;
            java.security.ProtectionDomain protection_domain;
            MethodBase method = stack.GetFrame(i).GetMethod();
            if (method.DeclaringType == typeof(java.security.AccessController) &&
                method.Name == "doPrivileged")
            {
                is_privileged = true;
                java.lang.Class caller = callerID.getCallerClass();
                protection_domain = caller == null ? null : Java_java_lang_Class.getProtectionDomain0(caller);
            }
            else
            {
                protection_domain = GetProtectionDomainFromType(method.DeclaringType);
            }

            if (previous_protection_domain != protection_domain && protection_domain != null)
            {
                previous_protection_domain = protection_domain;
                array.Add(protection_domain);
            }

            if (is_privileged)
            {
                return(true);
            }
        }
        return(false);
    }
コード例 #4
0
        /// <summary>
        /// Evaluates the global policy for the permissions granted to
        /// the ProtectionDomain and tests whether the permission is
        /// granted.
        /// </summary>
        /// <param name="domain"> the ProtectionDomain to test </param>
        /// <param name="permission"> the Permission object to be tested for implication.
        /// </param>
        /// <returns> true if "permission" is a proper subset of a permission
        /// granted to this ProtectionDomain.
        /// </returns>
        /// <seealso cref= java.security.ProtectionDomain
        /// @since 1.4 </seealso>
        public virtual bool Implies(ProtectionDomain domain, Permission permission)
        {
            PermissionCollection pc;

            if (PdMapping == null)
            {
                InitPolicy(this);
            }

            lock (PdMapping)
            {
                pc = PdMapping.Get(domain.Key);
            }

            if (pc != null)
            {
                return(pc.Implies(permission));
            }

            pc = GetPermissions(domain);
            if (pc == null)
            {
                return(false);
            }

            lock (PdMapping)
            {
                // cache it
                PdMapping.Put(domain.Key, pc);
            }

            return(pc.Implies(permission));
        }
コード例 #5
0
    private static bool GetProtectionDomains(List <java.security.ProtectionDomain> array, [email protected] callerID, StackTrace stack)
    {
        // first we have to skip all AccessController related frames, because we can be called from a doPrivileged implementation (not the privileged action)
        // in which case we should ignore the doPrivileged frame
        int skip = 0;

        for (; skip < stack.FrameCount; skip++)
        {
            Type type = stack.GetFrame(skip).GetMethod().DeclaringType;
            if (type != typeof(Java_java_security_AccessController) && type != typeof(java.security.AccessController))
            {
                break;
            }
        }
        java.security.ProtectionDomain previous_protection_domain = null;
        for (int i = skip; i < stack.FrameCount; i++)
        {
            bool is_privileged = false;
            java.security.ProtectionDomain protection_domain;
            MethodBase method = stack.GetFrame(i).GetMethod();
            if (method.DeclaringType == typeof(java.security.AccessController) &&
                method.Name == "doPrivileged")
            {
                is_privileged = true;
                java.lang.Class caller = callerID.getCallerClass();
                protection_domain = caller == null ? null : Java_java_lang_Class.getProtectionDomain0(caller);
            }
            else if (Java_sun_reflect_Reflection.IsHideFromStackWalk(method))
            {
                continue;
            }
            else
            {
                protection_domain = GetProtectionDomainFromType(method.DeclaringType);
            }

            if (previous_protection_domain != protection_domain && protection_domain != null)
            {
                previous_protection_domain = protection_domain;
                array.Add(protection_domain);
            }

            if (is_privileged)
            {
                return(true);
            }
        }
        return(false);
    }
コード例 #6
0
        /// <summary>
        /// Create a wrapper to contain the limited privilege scope data.
        /// </summary>
        private static AccessControlContext CreateWrapper(DomainCombiner combiner, Class caller, AccessControlContext parent, AccessControlContext context, Permission[] perms)
        {
            ProtectionDomain callerPD = GetCallerPD(caller);

            // check if caller is authorized to create context
            if (context != null && !context.Authorized && System.SecurityManager != null && !callerPD.ImpliesCreateAccessControlContext())
            {
                ProtectionDomain nullPD = new ProtectionDomain(null, null);
                return(new AccessControlContext(new ProtectionDomain[] { nullPD }));
            }
            else
            {
                return(new AccessControlContext(callerPD, combiner, parent, context, perms));
            }
        }
コード例 #7
0
        /// <summary>
        /// Return a PermissionCollection object containing the set of
        /// permissions granted to the specified ProtectionDomain.
        ///
        /// <para> Applications are discouraged from calling this method
        /// since this operation may not be supported by all policy implementations.
        /// Applications should rely on the {@code implies} method
        /// to perform policy checks.
        ///
        /// </para>
        /// <para> The default implementation of this method first retrieves
        /// the permissions returned via {@code getPermissions(CodeSource)}
        /// (the CodeSource is taken from the specified ProtectionDomain),
        /// as well as the permissions located inside the specified ProtectionDomain.
        /// All of these permissions are then combined and returned in a new
        /// PermissionCollection object.  If {@code getPermissions(CodeSource)}
        /// returns Policy.UNSUPPORTED_EMPTY_COLLECTION, then this method
        /// returns the permissions contained inside the specified ProtectionDomain
        /// in a new PermissionCollection object.
        ///
        /// </para>
        /// <para> This method can be overridden if the policy implementation
        /// supports returning a set of permissions granted to a ProtectionDomain.
        ///
        /// </para>
        /// </summary>
        /// <param name="domain"> the ProtectionDomain to which the returned
        ///          PermissionCollection has been granted.
        /// </param>
        /// <returns> a set of permissions granted to the specified ProtectionDomain.
        ///          If this operation is supported, the returned
        ///          set of permissions must be a new mutable instance
        ///          and it must support heterogeneous Permission types.
        ///          If this operation is not supported,
        ///          Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
        ///
        /// @since 1.4 </returns>
        public virtual PermissionCollection GetPermissions(ProtectionDomain domain)
        {
            PermissionCollection pc = null;

            if (domain == null)
            {
                return(new Permissions());
            }

            if (PdMapping == null)
            {
                InitPolicy(this);
            }

            lock (PdMapping)
            {
                pc = PdMapping.Get(domain.Key);
            }

            if (pc != null)
            {
                Permissions perms = new Permissions();
                lock (pc)
                {
                    for (IEnumerator <Permission> e = pc.Elements(); e.MoveNext();)
                    {
                        perms.Add(e.Current);
                    }
                }
                return(perms);
            }

            pc = GetPermissions(domain.CodeSource);
            if (pc == null || pc == UNSUPPORTED_EMPTY_COLLECTION)
            {
                pc = new Permissions();
            }

            AddStaticPerms(pc, domain.Permissions);
            return(pc);
        }
コード例 #8
0
ファイル: java.lang.cs プロジェクト: chanhohang/ikvm
    public static java.security.ProtectionDomain getProtectionDomain0(java.lang.Class thisClass)
    {
#if FIRST_PASS
        return(null);
#else
        TypeWrapper wrapper = TypeWrapper.FromClass(thisClass);
        while (wrapper.IsArray)
        {
            wrapper = wrapper.ElementTypeWrapper;
        }
        java.security.ProtectionDomain pd = wrapper.ClassObject.pd;
        if (pd == null)
        {
            // The protection domain for statically compiled code is created lazily (not at java.lang.Class creation time),
            // to work around boot strap issues.
            AssemblyClassLoader acl = wrapper.GetClassLoader() as AssemblyClassLoader;
            if (acl != null)
            {
                pd = acl.GetProtectionDomain();
            }
        }
        return(pd);
#endif
    }
コード例 #9
0
        /// <summary>
        /// Initialize superclass state such that a legacy provider can
        /// handle queries for itself.
        ///
        /// @since 1.4
        /// </summary>
//JAVA TO C# CONVERTER WARNING: 'final' parameters are not allowed in .NET:
//ORIGINAL LINE: private static void initPolicy(final Policy p)
        private static void InitPolicy(Policy p)
        {
            /*
             * A policy provider not on the bootclasspath could trigger
             * security checks fulfilling a call to either Policy.implies
             * or Policy.getPermissions. If this does occur the provider
             * must be able to answer for it's own ProtectionDomain
             * without triggering additional security checks, otherwise
             * the policy implementation will end up in an infinite
             * recursion.
             *
             * To mitigate this, the provider can collect it's own
             * ProtectionDomain and associate a PermissionCollection while
             * it is being installed. The currently installed policy
             * provider (if there is one) will handle calls to
             * Policy.implies or Policy.getPermissions during this
             * process.
             *
             * This Policy superclass caches away the ProtectionDomain and
             * statically binds permissions so that legacy Policy
             * implementations will continue to function.
             */

            ProtectionDomain policyDomain = AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper3(p));

            /*
             * Collect the permissions granted to this protection domain
             * so that the provider can be security checked while processing
             * calls to Policy.implies or Policy.getPermissions.
             */
            PermissionCollection policyPerms = null;

            lock (p)
            {
                if (p.PdMapping == null)
                {
                    p.PdMapping = new WeakHashMap <>();
                }
            }

            if (policyDomain.CodeSource != null)
            {
                Policy pol = Policy_Renamed.Get().policy;
                if (pol != null)
                {
                    policyPerms = pol.GetPermissions(policyDomain);
                }

                if (policyPerms == null)                 // assume it has all
                {
                    policyPerms = new Permissions();
                    policyPerms.Add(SecurityConstants.ALL_PERMISSION);
                }

                lock (p.PdMapping)
                {
                    // cache of pd to permissions
                    p.PdMapping.Put(policyDomain.Key, policyPerms);
                }
            }
            return;
        }
コード例 #10
0
    public static java.lang.Class defineClass(object thisUnsafe, string name, byte[] buf, int offset, int length, java.lang.ClassLoader cl, java.security.ProtectionDomain pd)
    {
#if FIRST_PASS
        return(null);
#else
        return(cl.defineClass(name, buf, offset, length, pd));
#endif
    }
コード例 #11
0
ファイル: java.lang.cs プロジェクト: labsnap/ikvm-1
    public static java.lang.Class defineClass2(java.lang.ClassLoader thisClassLoader, string name, java.nio.ByteBuffer bb, int off, int len, java.security.ProtectionDomain pd, string source)
    {
#if FIRST_PASS
        return(null);
#else
        byte[] buf = new byte[bb.remaining()];
        bb.get(buf);
        return(defineClass1(thisClassLoader, name, buf, 0, buf.Length, pd, source));
#endif
    }
コード例 #12
0
ファイル: java.lang.cs プロジェクト: labsnap/ikvm-1
    public static java.lang.Class defineClass1(java.lang.ClassLoader thisClassLoader, string name, byte[] b, int off, int len, java.security.ProtectionDomain pd, string source)
    {
        // it appears the source argument is only used for trace messages in HotSpot. We'll just ignore it for now.
        Profiler.Enter("ClassLoader.defineClass");
        try
        {
            try
            {
                ClassLoaderWrapper classLoaderWrapper = ClassLoaderWrapper.GetClassLoaderWrapper(thisClassLoader);
                ClassFile          classFile          = new ClassFile(b, off, len, name, classLoaderWrapper.ClassFileParseOptions, null);
                if (name != null && classFile.Name != name)
                {
#if !FIRST_PASS
                    throw new java.lang.NoClassDefFoundError(name + " (wrong name: " + classFile.Name + ")");
#endif
                }
                TypeWrapper type = classLoaderWrapper.DefineClass(classFile, pd);
                return(type.ClassObject);
            }
            catch (RetargetableJavaException x)
            {
                throw x.ToJava();
            }
        }
        finally
        {
            Profiler.Leave("ClassLoader.defineClass");
        }
    }
コード例 #13
0
ファイル: java.lang.cs プロジェクト: labsnap/ikvm-1
 public static java.lang.Class defineClass0(java.lang.ClassLoader thisClassLoader, string name, byte[] b, int off, int len, java.security.ProtectionDomain pd)
 {
     return(defineClass1(thisClassLoader, name, b, off, len, pd, null));
 }
コード例 #14
0
 public override PermissionCollection GetPermissions(ProtectionDomain domain)
 {
     return(Spi.EngineGetPermissions(domain));
 }
コード例 #15
0
        /*
         * Combine the current (stack) and assigned domains.
         */
        private static ProtectionDomain[] Combine(ProtectionDomain[] current, ProtectionDomain[] assigned)
        {
            // current could be null if only system code is on the stack;
            // in that case, ignore the stack context
            bool skipStack = (current == null);

            // assigned could be null if only system code was involved;
            // in that case, ignore the assigned context
            bool skipAssigned = (assigned == null);

            int slen = (skipStack) ? 0 : current.Length;

            // optimization: if there is no assigned context and the stack length
            // is less then or equal to two; there is no reason to compress the
            // stack context, it already is
            if (skipAssigned && slen <= 2)
            {
                return(current);
            }

            int n = (skipAssigned) ? 0 : assigned.Length;

            // now we combine both of them, and create a new context
            ProtectionDomain[] pd = new ProtectionDomain[slen + n];

            // first copy in the assigned context domains, no need to compress
            if (!skipAssigned)
            {
                System.Array.Copy(assigned, 0, pd, 0, n);
            }

            // now add the stack context domains, discarding nulls and duplicates
            for (int i = 0; i < slen; i++)
            {
                ProtectionDomain sd = current[i];
                if (sd != null)
                {
                    for (int j = 0; j < n; j++)
                    {
                        if (sd == pd[j])
                        {
                            goto outerContinue;
                        }
                    }
                    pd[n++] = sd;
                }
                outerContinue :;
            }
            outerBreak :

            // if length isn't equal, we need to shorten the array
            if (n != pd.Length)
            {
                // optimization: if we didn't really combine anything
                if (!skipAssigned && n == assigned.Length)
                {
                    return(assigned);
                }
                else if (skipAssigned && n == slen)
                {
                    return(current);
                }
                ProtectionDomain[] tmp = new ProtectionDomain[n];
                System.Array.Copy(pd, 0, tmp, 0, n);
                pd = tmp;
            }

            return(pd);
        }
コード例 #16
0
        /// <summary>
        /// Determines whether the access request indicated by the
        /// specified permission should be allowed or denied, based on
        /// the security policy currently in effect, and the context in
        /// this object. The request is allowed only if every ProtectionDomain
        /// in the context implies the permission. Otherwise the request is
        /// denied.
        ///
        /// <para>
        /// This method quietly returns if the access request
        /// is permitted, or throws a suitable AccessControlException otherwise.
        ///
        /// </para>
        /// </summary>
        /// <param name="perm"> the requested permission.
        /// </param>
        /// <exception cref="AccessControlException"> if the specified permission
        /// is not permitted, based on the current security policy and the
        /// context encapsulated by this object. </exception>
        /// <exception cref="NullPointerException"> if the permission to check for is null. </exception>
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in .NET:
//ORIGINAL LINE: public void checkPermission(Permission perm) throws AccessControlException
        public void CheckPermission(Permission perm)
        {
            bool dumpDebug = false;

            if (perm == null)
            {
                throw new NullPointerException("permission can't be null");
            }
            if (Debug != null)
            {
                // If "codebase" is not specified, we dump the info by default.
                dumpDebug = !Debug.isOn("codebase=");
                if (!dumpDebug)
                {
                    // If "codebase" is specified, only dump if the specified code
                    // value is in the stack.
                    for (int i = 0; Context_Renamed != null && i < Context_Renamed.Length; i++)
                    {
                        if (Context_Renamed[i].CodeSource != null && Context_Renamed[i].CodeSource.Location != null && Debug.isOn("codebase=" + Context_Renamed[i].CodeSource.Location.ToString()))
                        {
                            dumpDebug = true;
                            break;
                        }
                    }
                }

//JAVA TO C# CONVERTER WARNING: The .NET Type.FullName property will not always yield results identical to the Java Class.getCanonicalName method:
                dumpDebug &= !Debug.isOn("permission=") || Debug.isOn("permission=" + perm.GetType().FullName);

                if (dumpDebug && Debug.isOn("stack"))
                {
                    Thread.DumpStack();
                }

                if (dumpDebug && Debug.isOn("domain"))
                {
                    if (Context_Renamed == null)
                    {
                        Debug_Renamed.println("domain (context is null)");
                    }
                    else
                    {
                        for (int i = 0; i < Context_Renamed.Length; i++)
                        {
                            Debug_Renamed.println("domain " + i + " " + Context_Renamed[i]);
                        }
                    }
                }
            }

            /*
             * iterate through the ProtectionDomains in the context.
             * Stop at the first one that doesn't allow the
             * requested permission (throwing an exception).
             *
             */

            /* if ctxt is null, all we had on the stack were system domains,
             * or the first domain was a Privileged system domain. This
             * is to make the common case for system code very fast */

            if (Context_Renamed == null)
            {
                CheckPermission2(perm);
                return;
            }

            for (int i = 0; i < Context_Renamed.Length; i++)
            {
                if (Context_Renamed[i] != null && !Context_Renamed[i].Implies(perm))
                {
                    if (dumpDebug)
                    {
                        Debug_Renamed.println("access denied " + perm);
                    }

                    if (Debug.isOn("failure") && Debug_Renamed != null)
                    {
                        // Want to make sure this is always displayed for failure,
                        // but do not want to display again if already displayed
                        // above.
                        if (!dumpDebug)
                        {
                            Debug_Renamed.println("access denied " + perm);
                        }
                        Thread.DumpStack();
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final ProtectionDomain pd = context[i];
                        ProtectionDomain pd = Context_Renamed[i];
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final sun.security.util.Debug db = debug;
                        Debug db = Debug_Renamed;
                        AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper(this, pd, db));
                    }
                    throw new AccessControlException("access denied " + perm, perm);
                }
            }

            // allow if all of them allowed access
            if (dumpDebug)
            {
                Debug_Renamed.println("access allowed " + perm);
            }

            CheckPermission2(perm);
        }
コード例 #17
0
        /// <summary>
        /// package private for AccessController
        ///
        /// This "argument wrapper" context will be passed as the actual context
        /// parameter on an internal doPrivileged() call used in the implementation.
        /// </summary>
        internal AccessControlContext(ProtectionDomain caller, DomainCombiner combiner, AccessControlContext parent, AccessControlContext context, Permission[] perms)
        {
            /*
             * Combine the domains from the doPrivileged() context into our
             * wrapper context, if necessary.
             */
            ProtectionDomain[] callerPDs = null;
            if (caller != null)
            {
                callerPDs = new ProtectionDomain[] { caller };
            }
            if (context != null)
            {
                if (combiner != null)
                {
                    this.Context_Renamed = combiner.Combine(callerPDs, context.Context_Renamed);
                }
                else
                {
                    this.Context_Renamed = Combine(callerPDs, context.Context_Renamed);
                }
            }
            else
            {
                /*
                 * Call combiner even if there is seemingly nothing to combine.
                 */
                if (combiner != null)
                {
                    this.Context_Renamed = combiner.Combine(callerPDs, null);
                }
                else
                {
                    this.Context_Renamed = Combine(callerPDs, null);
                }
            }
            this.Combiner_Renamed = combiner;

            Permission[] tmp = null;
            if (perms != null)
            {
                tmp = new Permission[perms.Length];
                for (int i = 0; i < perms.Length; i++)
                {
                    if (perms[i] == null)
                    {
                        throw new NullPointerException("permission can't be null");
                    }

                    /*
                     * An AllPermission argument is equivalent to calling
                     * doPrivileged() without any limit permissions.
                     */
                    if (perms[i].GetType() == typeof(AllPermission))
                    {
                        parent = null;
                    }
                    tmp[i] = perms[i];
                }
            }

            /*
             * For a doPrivileged() with limited privilege scope, initialize
             * the relevant fields.
             *
             * The limitedContext field contains the union of all domains which
             * are enclosed by this limited privilege scope. In other words,
             * it contains all of the domains which could potentially be checked
             * if none of the limiting permissions implied a requested permission.
             */
            if (parent != null)
            {
                this.LimitedContext    = Combine(parent.Context_Renamed, parent.LimitedContext);
                this.IsLimited         = true;
                this.IsWrapped         = true;
                this.Permissions       = tmp;
                this.Parent            = parent;
                this.PrivilegedContext = context;                 // used in checkPermission2()
            }
            this.IsAuthorized = true;
        }
コード例 #18
0
//JAVA TO C# CONVERTER WARNING: 'final' parameters are not allowed in .NET:
//ORIGINAL LINE: private static ProtectionDomain getCallerPD(final Class  caller)
        private static ProtectionDomain GetCallerPD(Class caller)
        {
            ProtectionDomain callerPd = doPrivileged(new PrivilegedActionAnonymousInnerClassHelper(caller));

            return(callerPd);
        }
コード例 #19
0
 public static java.lang.Class defineClass(object thisUnsafe, string name, byte[] buf, int offset, int length, java.lang.ClassLoader cl, java.security.ProtectionDomain pd)
 {
     return(Java_java_lang_ClassLoader.defineClass1(cl, name.Replace('/', '.'), buf, offset, length, pd, null));
 }
コード例 #20
0
 public override bool Implies(ProtectionDomain domain, Permission perm)
 {
     return(Spi.EngineImplies(domain, perm));
 }
コード例 #21
0
ファイル: java.lang.cs プロジェクト: chanhohang/ikvm
    public static void setProtectionDomain0(java.lang.Class thisClass, java.security.ProtectionDomain pd)
    {
#if !FIRST_PASS
        thisClass.pd = pd;
#endif
    }
コード例 #22
0
 /// <summary>
 /// Converts an array of bytes into an instance of class <tt>Class</tt>, with an optional <tt>ProtectionDomain</tt>.
 /// </summary>
 protected Class defineClass(string name, sbyte[] b, int off, int len, ProtectionDomain protectionDomain)
 {
     return default(Class);
 }