1. /*

  2.  * @(#)URLClassLoader.java	1.80 03/06/07

  3.  *

  4.  * Copyright 2003 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package java.net;

  9. 

  10. import java.lang.reflect.Method;

  11. import java.lang.reflect.Modifier;

  12. import java.io.File;

  13. import java.io.FilePermission;

  14. import java.io.InputStream;

  15. import java.io.IOException;

  16. import java.net.URL;

  17. import java.net.URLConnection;

  18. import java.net.URLStreamHandlerFactory;

  19. import java.util.Enumeration;

  20. import java.util.NoSuchElementException;

  21. import java.util.StringTokenizer;

  22. import java.util.jar.Manifest;

  23. import java.util.jar.Attributes;

  24. import java.util.jar.Attributes.Name;

  25. import java.security.PrivilegedAction;

  26. import java.security.PrivilegedExceptionAction;

  27. import java.security.AccessController;

  28. import java.security.AccessControlContext;

  29. import java.security.SecureClassLoader;

  30. import java.security.CodeSource;

  31. import java.security.Permission;

  32. import java.security.PermissionCollection;

  33. import sun.misc.Resource;

  34. import sun.misc.URLClassPath;

  35. import sun.net.www.ParseUtil;

  36. import sun.security.util.SecurityConstants;

  37. 

  38. /**

  39.  * This class loader is used to load classes and resources from a search

  40.  * path of URLs referring to both JAR files and directories. Any URL that

  41.  * ends with a '/' is assumed to refer to a directory. Otherwise, the URL

  42.  * is assumed to refer to a JAR file which will be opened as needed.

  43.  * <p>

  44.  * The AccessControlContext of the thread that created the instance of

  45.  * URLClassLoader will be used when subsequently loading classes and

  46.  * resources.

  47.  * <p>

  48.  * The classes that are loaded are by default granted permission only to

  49.  * access the URLs specified when the URLClassLoader was created.

  50.  *

  51.  * @author  David Connelly

  52.  * @version 1.80, 06/07/03

  53.  * @since   1.2

  54.  */

  55. public class URLClassLoader extends SecureClassLoader {

  56.     /* The search path for classes and resources */

  57.     private URLClassPath ucp;

  58. 

  59.     /* The context to be used when loading classes and resources */

  60.     private AccessControlContext acc;

  61. 

  62.     /**

  63.      * Constructs a new URLClassLoader for the given URLs. The URLs will be

  64.      * searched in the order specified for classes and resources after first

  65.      * searching in the specified parent class loader. Any URL that ends with

  66.      * a '/' is assumed to refer to a directory. Otherwise, the URL is assumed

  67.      * to refer to a JAR file which will be downloaded and opened as needed.

  68.      *

  69.      * <p>If there is a security manager, this method first

  70.      * calls the security manager's <code>checkCreateClassLoader</code> method

  71.      * to ensure creation of a class loader is allowed.

  72.      * 

  73.      * @param urls the URLs from which to load classes and resources

  74.      * @param parent the parent class loader for delegation

  75.      * @exception  SecurityException  if a security manager exists and its  

  76.      *             <code>checkCreateClassLoader</code> method doesn't allow 

  77.      *             creation of a class loader.

  78.      * @see SecurityManager#checkCreateClassLoader

  79.      */

  80.     public URLClassLoader(URL[] urls, ClassLoader parent) {

  81. 	super(parent);

  82. 	// this is to make the stack depth consistent with 1.1

  83. 	SecurityManager security = System.getSecurityManager();

  84. 	if (security != null) {

  85. 	    security.checkCreateClassLoader();

  86. 	}

  87. 	ucp = new URLClassPath(urls);

  88. 	acc = AccessController.getContext();

  89.     }

  90. 

  91.     /**

  92.      * Constructs a new URLClassLoader for the specified URLs using the

  93.      * default delegation parent <code>ClassLoader</code>. The URLs will

  94.      * be searched in the order specified for classes and resources after

  95.      * first searching in the parent class loader. Any URL that ends with

  96.      * a '/' is assumed to refer to a directory. Otherwise, the URL is

  97.      * assumed to refer to a JAR file which will be downloaded and opened

  98.      * as needed.

  99.      *

  100.      * <p>If there is a security manager, this method first

  101.      * calls the security manager's <code>checkCreateClassLoader</code> method

  102.      * to ensure creation of a class loader is allowed.

  103.      * 

  104.      * @param urls the URLs from which to load classes and resources

  105.      *

  106.      * @exception  SecurityException  if a security manager exists and its  

  107.      *             <code>checkCreateClassLoader</code> method doesn't allow 

  108.      *             creation of a class loader.

  109.      * @see SecurityManager#checkCreateClassLoader

  110.      */

  111.     public URLClassLoader(URL[] urls) {

  112. 	super();

  113. 	// this is to make the stack depth consistent with 1.1

  114. 	SecurityManager security = System.getSecurityManager();

  115. 	if (security != null) {

  116. 	    security.checkCreateClassLoader();

  117. 	}

  118. 	ucp = new URLClassPath(urls);

  119. 	acc = AccessController.getContext();

  120.     }

  121. 

  122.     /**

  123.      * Constructs a new URLClassLoader for the specified URLs, parent

  124.      * class loader, and URLStreamHandlerFactory. The parent argument

  125.      * will be used as the parent class loader for delegation. The

  126.      * factory argument will be used as the stream handler factory to

  127.      * obtain protocol handlers when creating new URLs.

  128.      *

  129.      * <p>If there is a security manager, this method first

  130.      * calls the security manager's <code>checkCreateClassLoader</code> method

  131.      * to ensure creation of a class loader is allowed.

  132.      *

  133.      * @param urls the URLs from which to load classes and resources

  134.      * @param parent the parent class loader for delegation

  135.      * @param factory the URLStreamHandlerFactory to use when creating URLs

  136.      *

  137.      * @exception  SecurityException  if a security manager exists and its  

  138.      *             <code>checkCreateClassLoader</code> method doesn't allow 

  139.      *             creation of a class loader.

  140.      * @see SecurityManager#checkCreateClassLoader

  141.      */

  142.     public URLClassLoader(URL[] urls, ClassLoader parent,

  143. 			  URLStreamHandlerFactory factory) {

  144. 	super(parent);

  145. 	// this is to make the stack depth consistent with 1.1

  146. 	SecurityManager security = System.getSecurityManager();

  147. 	if (security != null) {

  148. 	    security.checkCreateClassLoader();

  149. 	}

  150. 	ucp = new URLClassPath(urls, factory);

  151. 	acc = AccessController.getContext();

  152.     }

  153. 

  154.     /**

  155.      * Appends the specified URL to the list of URLs to search for

  156.      * classes and resources.

  157.      *

  158.      * @param url the URL to be added to the search path of URLs

  159.      */

  160.     protected void addURL(URL url) {

  161. 	ucp.addURL(url);

  162.     }

  163. 

  164.     /**

  165.      * Returns the search path of URLs for loading classes and resources.

  166.      * This includes the original list of URLs specified to the constructor,

  167.      * along with any URLs subsequently appended by the addURL() method.

  168.      * @return the search path of URLs for loading classes and resources.

  169.      */

  170.     public URL[] getURLs() {

  171. 	return ucp.getURLs();

  172.     }

  173. 

  174.     /**

  175.      * Finds and loads the class with the specified name from the URL search

  176.      * path. Any URLs referring to JAR files are loaded and opened as needed

  177.      * until the class is found.

  178.      *

  179.      * @param name the name of the class

  180.      * @return the resulting class

  181.      * @exception ClassNotFoundException if the class could not be found

  182.      */

  183.     protected Class findClass(final String name)

  184. 	 throws ClassNotFoundException

  185.     {

  186. 	try {

  187. 	    return (Class)

  188. 		AccessController.doPrivileged(new PrivilegedExceptionAction() {

  189. 		    public Object run() throws ClassNotFoundException {

  190. 			String path = name.replace('.', '/').concat(".class");

  191. 			Resource res = ucp.getResource(path, false);

  192. 			if (res != null) {

  193. 			    try {

  194. 				return defineClass(name, res);

  195. 			    } catch (IOException e) {

  196. 				throw new ClassNotFoundException(name, e);

  197. 			    }

  198. 			} else {

  199. 			    throw new ClassNotFoundException(name);

  200. 			}

  201. 		    }

  202. 		}, acc);

  203. 	} catch (java.security.PrivilegedActionException pae) {

  204. 	    throw (ClassNotFoundException) pae.getException();

  205. 	}

  206.     }

  207. 

  208.     /*

  209.      * Defines a Class using the class bytes obtained from the specified

  210.      * Resource. The resulting Class must be resolved before it can be

  211.      * used.

  212.      */

  213.     private Class defineClass(String name, Resource res) throws IOException {

  214. 	int i = name.lastIndexOf('.');

  215. 	URL url = res.getCodeSourceURL();

  216. 	if (i != -1) {

  217. 	    String pkgname = name.substring(0, i);

  218. 	    // Check if package already loaded.

  219. 	    Package pkg = getPackage(pkgname);

  220. 	    Manifest man = res.getManifest();

  221. 	    if (pkg != null) {

  222. 		// Package found, so check package sealing.

  223. 		if (pkg.isSealed()) {

  224. 		    // Verify that code source URL is the same.

  225. 		    if (!pkg.isSealed(url)) {

  226. 			throw new SecurityException(

  227. 			    "sealing violation: package " + pkgname + " is sealed");

  228. 		    }

  229. 

  230. 		} else {

  231. 		    // Make sure we are not attempting to seal the package

  232. 		    // at this code source URL.

  233. 		    if ((man != null) && isSealed(pkgname, man)) {

  234. 			throw new SecurityException(

  235. 			    "sealing violation: can't seal package " + pkgname + 

  236. 			    ": already loaded");

  237. 		    }

  238. 		}

  239. 	    } else {

  240. 		if (man != null) {

  241. 		    definePackage(pkgname, man, url);

  242. 		} else {

  243.                     definePackage(pkgname, null, null, null, null, null, null, null);

  244.                 }

  245. 	    }

  246. 	}

  247. 	// Now read the class bytes and define the class

  248. 	byte[] b = res.getBytes();

  249. 	java.security.cert.Certificate[] certs = res.getCertificates();

  250. 	CodeSource cs = new CodeSource(url, certs);

  251. 	return defineClass(name, b, 0, b.length, cs);

  252.     }

  253. 

  254.     /**

  255.      * Defines a new package by name in this ClassLoader. The attributes

  256.      * contained in the specified Manifest will be used to obtain package

  257.      * version and sealing information. For sealed packages, the additional

  258.      * URL specifies the code source URL from which the package was loaded.

  259.      *

  260.      * @param name  the package name

  261.      * @param man   the Manifest containing package version and sealing

  262.      *              information

  263.      * @param url   the code source url for the package, or null if none

  264.      * @exception   IllegalArgumentException if the package name duplicates

  265.      *              an existing package either in this class loader or one

  266.      *              of its ancestors

  267.      * @return the newly defined Package object

  268.      */

  269.     protected Package definePackage(String name, Manifest man, URL url)

  270. 	throws IllegalArgumentException

  271.     {

  272. 	String path = name.replace('.', '/').concat("/");

  273. 	String specTitle = null, specVersion = null, specVendor = null;

  274. 	String implTitle = null, implVersion = null, implVendor = null;

  275. 	String sealed = null;

  276. 	URL sealBase = null;

  277. 

  278. 	Attributes attr = man.getAttributes(path);

  279. 	if (attr != null) {

  280. 	    specTitle   = attr.getValue(Name.SPECIFICATION_TITLE);

  281. 	    specVersion = attr.getValue(Name.SPECIFICATION_VERSION);

  282. 	    specVendor  = attr.getValue(Name.SPECIFICATION_VENDOR);

  283. 	    implTitle   = attr.getValue(Name.IMPLEMENTATION_TITLE);

  284. 	    implVersion = attr.getValue(Name.IMPLEMENTATION_VERSION);

  285. 	    implVendor  = attr.getValue(Name.IMPLEMENTATION_VENDOR);

  286. 	    sealed      = attr.getValue(Name.SEALED);

  287. 	}

  288. 	attr = man.getMainAttributes();

  289. 	if (attr != null) {

  290. 	    if (specTitle == null) {

  291. 		specTitle = attr.getValue(Name.SPECIFICATION_TITLE);

  292. 	    }

  293. 	    if (specVersion == null) {

  294. 		specVersion = attr.getValue(Name.SPECIFICATION_VERSION);

  295. 	    }

  296. 	    if (specVendor == null) {

  297. 		specVendor = attr.getValue(Name.SPECIFICATION_VENDOR);

  298. 	    }

  299. 	    if (implTitle == null) {

  300. 		implTitle = attr.getValue(Name.IMPLEMENTATION_TITLE);

  301. 	    }

  302. 	    if (implVersion == null) {

  303. 		implVersion = attr.getValue(Name.IMPLEMENTATION_VERSION);

  304. 	    }

  305. 	    if (implVendor == null) {

  306. 		implVendor = attr.getValue(Name.IMPLEMENTATION_VENDOR);

  307. 	    }

  308. 	    if (sealed == null) {

  309. 		sealed = attr.getValue(Name.SEALED);

  310. 	    }

  311. 	}

  312. 	if ("true".equalsIgnoreCase(sealed)) {

  313. 	    sealBase = url;

  314. 	}

  315. 	return definePackage(name, specTitle, specVersion, specVendor,

  316. 			     implTitle, implVersion, implVendor, sealBase);

  317.     }

  318. 

  319.     /*

  320.      * Returns true if the specified package name is sealed according to the

  321.      * given manifest.

  322.      */

  323.     private boolean isSealed(String name, Manifest man) {

  324. 	String path = name.replace('.', '/').concat("/");

  325. 	Attributes attr = man.getAttributes(path);

  326. 	String sealed = null;

  327. 	if (attr != null) {

  328. 	    sealed = attr.getValue(Name.SEALED);

  329. 	}

  330. 	if (sealed == null) {

  331. 	    if ((attr = man.getMainAttributes()) != null) {

  332. 		sealed = attr.getValue(Name.SEALED);

  333. 	    }

  334. 	}

  335. 	return "true".equalsIgnoreCase(sealed);

  336.     }

  337. 

  338.     /**

  339.      * Finds the resource with the specified name on the URL search path.

  340.      *

  341.      * @param name the name of the resource

  342.      * @return a <code>URL</code> for the resource, or <code>null</code> 

  343.      * if the resource could not be found.

  344.      */

  345.     public URL findResource(final String name) {

  346. 	/*

  347. 	 * The same restriction to finding classes applies to resources

  348. 	 */

  349. 	URL url = 

  350. 	    (URL) AccessController.doPrivileged(new PrivilegedAction() {

  351.                 public Object run() {

  352.                     return ucp.findResource(name, true);

  353.                 }

  354.             }, acc);

  355. 

  356. 	return url != null ? ucp.checkURL(url) : null;

  357.     }

  358. 

  359.     /**

  360.      * Returns an Enumeration of URLs representing all of the resources

  361.      * on the URL search path having the specified name.

  362.      *

  363.      * @param name the resource name

  364.      * @exception IOException if an I/O exception occurs

  365.      * @return an <code>Enumeration</code> of <code>URL</code>s

  366.      */

  367.     public Enumeration findResources(final String name) throws IOException {

  368.         final Enumeration e = ucp.findResources(name, true);

  369. 

  370. 	return new Enumeration() {

  371. 	    private URL url = null;

  372. 

  373. 	    private boolean next() {

  374. 		if (url != null) {

  375. 		    return true;

  376. 		}

  377. 		do {

  378. 		    URL u = (URL)

  379. 			AccessController.doPrivileged(new PrivilegedAction() {

  380. 			    public Object run() {

  381. 				if (!e.hasMoreElements())

  382.                                	    return null;

  383.                             	return e.nextElement();

  384. 			    }

  385. 			}, acc);

  386. 		    if (u == null) 

  387. 			break;

  388. 		    url = ucp.checkURL(u);

  389. 		} while (url == null);

  390. 		return url != null;

  391. 	    }

  392. 

  393. 	    public Object nextElement() {

  394. 		if (!next()) {

  395. 		    throw new NoSuchElementException();

  396. 		}

  397. 		URL u = url;

  398. 		url = null;

  399. 		return u;

  400. 	    }

  401. 

  402. 	    public boolean hasMoreElements() {

  403. 		return next();

  404. 	    }

  405. 	};

  406.     }

  407. 

  408.     /**

  409.      * Returns the permissions for the given codesource object.

  410.      * The implementation of this method first calls super.getPermissions

  411.      * and then adds permissions based on the URL of the codesource.

  412.      * <p>

  413.      * If the protocol is "file"

  414.      * and the path specifies a file, then permission to read that

  415.      * file is granted. If protocol is "file" and the path is

  416.      * a directory, permission is granted to read all files

  417.      * and (recursively) all files and subdirectories contained in

  418.      * that directory.

  419.      * <p>

  420.      * If the protocol is not "file", then

  421.      * to connect to and accept connections from the URL's host is granted.

  422.      * @param codesource the codesource

  423.      * @return the permissions granted to the codesource

  424.      */

  425.     protected PermissionCollection getPermissions(CodeSource codesource)

  426.     {

  427. 	PermissionCollection perms = super.getPermissions(codesource);

  428. 

  429. 	URL url = codesource.getLocation();

  430. 

  431. 	Permission p;

  432. 	URLConnection urlConnection;

  433. 

  434. 	try {

  435. 	    urlConnection = url.openConnection();

  436. 	    p = urlConnection.getPermission();

  437. 	} catch (java.io.IOException ioe) {

  438. 	    p = null;

  439. 	    urlConnection = null;

  440. 	}

  441. 

  442. 	if (p instanceof FilePermission) {

  443. 	    // if the permission has a separator char on the end,

  444. 	    // it means the codebase is a directory, and we need

  445. 	    // to add an additional permission to read recursively

  446. 	    String path = p.getName();

  447. 	    if (path.endsWith(File.separator)) {

  448. 		path += "-";

  449. 		p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);

  450. 	    }

  451. 	} else if ((p == null) && (url.getProtocol().equals("file"))) {

  452. 	    String path = url.getFile().replace('/', File.separatorChar);

  453.             path = ParseUtil.decode(path);

  454. 	    if (path.endsWith(File.separator))

  455. 		path += "-";

  456. 	    p =  new FilePermission(path, SecurityConstants.FILE_READ_ACTION);

  457. 	} else {

  458. 	    URL locUrl = url;

  459. 	    if (urlConnection instanceof JarURLConnection) {

  460. 		locUrl = ((JarURLConnection)urlConnection).getJarFileURL();

  461. 	    }

  462. 	    String host = locUrl.getHost();

  463. 	    if (host == null)

  464. 		host = "localhost";

  465. 	    p = new SocketPermission(host,

  466. 		SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);

  467. 	}

  468. 

  469. 	// make sure the person that created this class loader

  470. 	// would have this permission

  471. 

  472. 	if (p != null) {

  473. 	    final SecurityManager sm = System.getSecurityManager();

  474. 	    if (sm != null) {

  475. 		final Permission fp = p;

  476. 		AccessController.doPrivileged(new PrivilegedAction() {

  477. 		    public Object run() throws SecurityException {

  478. 			sm.checkPermission(fp);

  479. 			return null;

  480. 		    }

  481. 		}, acc);

  482. 	    }

  483. 	    perms.add(p);

  484. 	}

  485. 	return perms;

  486.     }

  487. 

  488.     /**

  489.      * Creates a new instance of URLClassLoader for the specified

  490.      * URLs and parent class loader. If a security manager is

  491.      * installed, the <code>loadClass</code> method of the URLClassLoader

  492.      * returned by this method will invoke the

  493.      * <code>SecurityManager.checkPackageAccess</code> method before

  494.      * loading the class.

  495.      *

  496.      * @param urls the URLs to search for classes and resources

  497.      * @param parent the parent class loader for delegation

  498.      * @return the resulting class loader

  499.      */

  500.     public static URLClassLoader newInstance(final URL[] urls,

  501. 					     final ClassLoader parent) {

  502. 	// Save the caller's context

  503. 	AccessControlContext acc = AccessController.getContext();

  504. 	// Need a privileged block to create the class loader

  505. 	URLClassLoader ucl =

  506. 	    (URLClassLoader) AccessController.doPrivileged(new PrivilegedAction() {

  507. 		public Object run() {

  508. 		    return new FactoryURLClassLoader(urls, parent);

  509. 		}

  510. 	    });

  511. 	// Now set the context on the loader using the one we saved,

  512. 	// not the one inside the privileged block...

  513. 	ucl.acc = acc;

  514. 	return ucl;

  515.     }

  516. 

  517.     /**

  518.      * Creates a new instance of URLClassLoader for the specified

  519.      * URLs and default parent class loader. If a security manager is

  520.      * installed, the <code>loadClass</code> method of the URLClassLoader

  521.      * returned by this method will invoke the

  522.      * <code>SecurityManager.checkPackageAccess</code> before

  523.      * loading the class.

  524.      *

  525.      * @param urls the URLs to search for classes and resources

  526.      * @return the resulting class loader

  527.      */

  528.     public static URLClassLoader newInstance(final URL[] urls) {

  529. 	// Save the caller's context

  530. 	AccessControlContext acc = AccessController.getContext();

  531. 	// Need a privileged block to create the class loader

  532. 	URLClassLoader ucl = (URLClassLoader)

  533. 	    AccessController.doPrivileged(new PrivilegedAction() {

  534. 		public Object run() {

  535. 		    return new FactoryURLClassLoader(urls);

  536. 		}

  537. 	    });

  538. 

  539. 	// Now set the context on the loader using the one we saved,

  540. 	// not the one inside the privileged block...

  541. 	ucl.acc = acc;

  542. 	return ucl;

  543.     }

  544. }

  545. 

  546. final class FactoryURLClassLoader extends URLClassLoader {

  547. 

  548.     FactoryURLClassLoader(URL[] urls, ClassLoader parent) {

  549. 	super(urls, parent);

  550.     }

  551. 

  552.     FactoryURLClassLoader(URL[] urls) {

  553. 	super(urls);

  554.     }

  555. 

  556.     public final synchronized Class loadClass(String name, boolean resolve)

  557. 	throws ClassNotFoundException

  558.     {

  559. 	// First check if we have permission to access the package. This

  560. 	// should go away once we've added support for exported packages.

  561. 	SecurityManager sm = System.getSecurityManager();

  562. 	if (sm != null) {

  563.             String cname = name.replace('/', '.');

  564.             if (cname.startsWith("[")) {

  565.                 int b = cname.lastIndexOf('[') + 2;

  566.                 if (b > 1 && b < cname.length()) {

  567.                     cname = cname.substring(b);

  568.                 }

  569.             }

  570. 	    int i = cname.lastIndexOf('.');

  571. 	    if (i != -1) {

  572. 		sm.checkPackageAccess(cname.substring(0, i));

  573. 	    }

  574. 	}

  575. 	return super.loadClass(name, resolve);

  576.     }

  577. }