You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/01/12 17:29:45 UTC
[tomcat] branch main updated: Remove SecurityManager references
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7fe4f498e7 Remove SecurityManager references
7fe4f498e7 is described below
commit 7fe4f498e7424ae75aef345ec9d247a0ef2a35c8
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 12 17:29:39 2023 +0000
Remove SecurityManager references
---
java/org/apache/coyote/AsyncStateMachine.java | 31 ++----------------
java/org/apache/coyote/Constants.java | 6 ----
java/org/apache/coyote/http2/Stream.java | 46 +--------------------------
3 files changed, 4 insertions(+), 79 deletions(-)
diff --git a/java/org/apache/coyote/AsyncStateMachine.java b/java/org/apache/coyote/AsyncStateMachine.java
index 472a48b18e..b400788831 100644
--- a/java/org/apache/coyote/AsyncStateMachine.java
+++ b/java/org/apache/coyote/AsyncStateMachine.java
@@ -16,16 +16,12 @@
*/
package org.apache.coyote;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.concurrent.atomic.AtomicLong;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState;
import org.apache.tomcat.util.res.StringManager;
-import org.apache.tomcat.util.security.PrivilegedGetTccl;
-import org.apache.tomcat.util.security.PrivilegedSetTccl;
/**
* Manages the state transitions for async requests.
@@ -449,39 +445,18 @@ class AsyncStateMachine {
state == AsyncState.READ_WRITE_OP) {
// Execute the runnable using a container thread from the
// Connector's thread pool. Use a wrapper to prevent a memory leak
- ClassLoader oldCL;
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
- oldCL = AccessController.doPrivileged(pa);
- } else {
- oldCL = Thread.currentThread().getContextClassLoader();
- }
+ ClassLoader oldCL = Thread.currentThread().getContextClassLoader();
try {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedAction<Void> pa = new PrivilegedSetTccl(
- this.getClass().getClassLoader());
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(
- this.getClass().getClassLoader());
- }
-
+ Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
processor.execute(runnable);
} finally {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedAction<Void> pa = new PrivilegedSetTccl(
- oldCL);
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(oldCL);
- }
+ Thread.currentThread().setContextClassLoader(oldCL);
}
} else {
throw new IllegalStateException(
sm.getString("asyncStateMachine.invalidAsyncState",
"asyncRun()", state));
}
-
}
diff --git a/java/org/apache/coyote/Constants.java b/java/org/apache/coyote/Constants.java
index a431968064..ac5dede33e 100644
--- a/java/org/apache/coyote/Constants.java
+++ b/java/org/apache/coyote/Constants.java
@@ -46,12 +46,6 @@ public final class Constants {
public static final int DEFAULT_CONNECTION_LINGER = -1;
public static final boolean DEFAULT_TCP_NO_DELAY = true;
- /**
- * Has security been turned on?
- */
- public static final boolean IS_SECURITY_ENABLED = (System.getSecurityManager() != null);
-
-
/**
* The request attribute that is set to the value of {@code Boolean.TRUE}
* if connector processing this request supports use of sendfile.
diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java
index 9037d7d849..53850fc384 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -19,9 +19,6 @@ package org.apache.coyote.http2;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
import java.util.Collections;
import java.util.HashSet;
import java.util.Locale;
@@ -795,7 +792,7 @@ class Stream extends AbstractNonZeroStream implements HeaderEmitter {
request.getMimeHeaders().addValue(":authority").duplicate(request.serverName());
}
- push(handler, request, this);
+ handler.push(request, this);
}
@@ -836,47 +833,6 @@ class Stream extends AbstractNonZeroStream implements HeaderEmitter {
}
- private static void push(final Http2UpgradeHandler handler, final Request request,
- final Stream stream) throws IOException {
- if (org.apache.coyote.Constants.IS_SECURITY_ENABLED) {
- try {
- AccessController.doPrivileged(new PrivilegedPush(handler, request, stream));
- } catch (PrivilegedActionException ex) {
- Exception e = ex.getException();
- if (e instanceof IOException) {
- throw (IOException) e;
- } else {
- throw new IOException(ex);
- }
- }
-
- } else {
- handler.push(request, stream);
- }
- }
-
-
- private static class PrivilegedPush implements PrivilegedExceptionAction<Void> {
-
- private final Http2UpgradeHandler handler;
- private final Request request;
- private final Stream stream;
-
- public PrivilegedPush(Http2UpgradeHandler handler, Request request,
- Stream stream) {
- this.handler = handler;
- this.request = request;
- this.stream = stream;
- }
-
- @Override
- public Void run() throws IOException {
- handler.push(request, stream);
- return null;
- }
- }
-
-
class StreamOutputBuffer implements HttpOutputBuffer, WriteBuffer.Sink {
private final ByteBuffer buffer = ByteBuffer.allocate(8 * 1024);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org