/hg/icedtea-web: Runtime policies refresh and per-codebase polic...
aazores at icedtea.classpath.org
aazores at icedtea.classpath.org
Thu Mar 13 17:48:08 UTC 2014
changeset dfc27d4d55d5 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dfc27d4d55d5
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 13 13:48:00 2014 -0400
Runtime policies refresh and per-codebase policy entries
Added ability to reload user level policy file contents without restarting
the JVM. Also allow per-codebase policy entries.
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
(SecurityDelegate#setRunInSandbox) call JNLPRuntime.reloadPolicy
* netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java: (refresh) refresh
user policy file. (getPermissions) check for per-codebase entries in user
policy file
* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: (reloadPolicy) new
method.
diffstat:
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 1 +
netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java | 19 ++++++++++++++---
netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 4 +++
3 files changed, 20 insertions(+), 4 deletions(-)
diffs (73 lines):
diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 13:48:00 2014 -0400
@@ -2432,6 +2432,7 @@
throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCInit"), R("LRunInSandboxError"), R("LRunInSandboxErrorInfo"));
}
+ JNLPRuntime.reloadPolicy(); // ensure that we have the most up-to-date custom policy loaded
this.promptedForSandbox = true;
this.runInSandbox = true;
}
diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java Thu Mar 13 13:48:00 2014 -0400
@@ -91,21 +91,30 @@
// systempolicy permissions need to be accounted for as well
e = systemPolicy.getPermissions(appletCS).elements();
- while (e.hasMoreElements())
+ while (e.hasMoreElements()) {
clPermissions.add(e.nextElement());
+ }
// and so do permissions from the jnlp-specific system policy
if (systemJnlpPolicy != null) {
e = systemJnlpPolicy.getPermissions(appletCS).elements();
- while (e.hasMoreElements())
+ while (e.hasMoreElements()) {
clPermissions.add(e.nextElement());
+ }
}
// and permissiosn from jnlp-specific user policy too
if (userJnlpPolicy != null) {
e = userJnlpPolicy.getPermissions(appletCS).elements();
- while (e.hasMoreElements())
+ while (e.hasMoreElements()) {
clPermissions.add(e.nextElement());
+ }
+
+ CodeSource appletCodebaseSource = new CodeSource(JNLPRuntime.getApplication().getJNLPFile().getCodeBase(), (java.security.cert.Certificate[]) null);
+ e = userJnlpPolicy.getPermissions(appletCodebaseSource).elements();
+ while (e.hasMoreElements()) {
+ clPermissions.add(e.nextElement());
+ }
}
return clPermissions;
@@ -120,7 +129,9 @@
* Refresh.
*/
public void refresh() {
- // no op
+ if (userJnlpPolicy != null) {
+ userJnlpPolicy.refresh();
+ }
}
/**
diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Mar 13 13:48:00 2014 -0400
@@ -292,6 +292,10 @@
}
+ public static void reloadPolicy() {
+ policy.refresh();
+ }
+
/**
* Returns a TrustManager ideal for the running VM.
*
More information about the distro-pkg-dev
mailing list