You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by km...@apache.org on 2007/07/25 19:07:56 UTC
svn commit: r559525 - in /db/derby/code/branches/10.2/java:
engine/org/apache/derby/iapi/services/loader/
engine/org/apache/derby/iapi/store/access/ engine/org/apache/derby/impl/db/
engine/org/apache/derby/impl/services/reflect/ engine/org/apache/derby...
Author: kmarsden
Date: Wed Jul 25 10:07:55 2007
New Revision: 559525
URL: http://svn.apache.org/viewvc?view=rev&rev=559525
Log:
DERBY-2040 Setting derby.database.classpath to contain installed jars causes the database to be unbootable when a Securitymanager is installed.
Port to 10.2
Modified:
db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/services/loader/JarReader.java
db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/store/access/FileResource.java
db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/db/BasicDatabase.java
db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/JarLoader.java
db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/UpdateLoader.java
db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/store/raw/data/RFResource.java
db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/BackupPathTests_app.properties
db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/OnlineBackupTest3_app.properties
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/services/loader/JarReader.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/services/loader/JarReader.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/services/loader/JarReader.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/services/loader/JarReader.java Wed Jul 25 10:07:55 2007
@@ -22,6 +22,7 @@
package org.apache.derby.iapi.services.loader;
import org.apache.derby.iapi.error.StandardException;
+import org.apache.derby.io.StorageFile;
/**
Abstract out the loading of JarFiles.
@@ -30,12 +31,9 @@
public interface JarReader {
/**
- Load the contents of a Jarfile. The return is either
- an java.io.InputStream representing the contents of the JarFile
- or a java.io.File representing the location of the file.
- If the jar does not exist an exception is thrown.
+ * Get the StorageFile for an installed jar file.
*/
- Object readJarFile(String schemaName, String sqlName)
+ StorageFile getJarFile(String schemaName, String sqlName)
throws StandardException;
}
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/store/access/FileResource.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/store/access/FileResource.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/store/access/FileResource.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/store/access/FileResource.java Wed Jul 25 10:07:55 2007
@@ -105,28 +105,14 @@
throws StandardException;
/**
- Get the File handle to a file resource. In some situations
- higher level code can make optimisations if it can access
- a file as a File, rather than an output stream. If this call
- returns null then the resouce is not accessable as a file
- (e.g. the database is in a zip file).
+ Get the StorageFile for a file resource.
@param name The name of the fileResource
@param generationId the generationId of the fileResource
- @return A File object representing the file, or null if
- the resource is not accessable as a file.
+ @return A StorageFile object representing the file.
*/
public StorageFile getAsFile(String name, long generationId);
-
- /**
- Get the file resource as a stream.
-
- @exception IOException some io error occured
- @exception FileNotFoundException file does not exist.
- */
- public InputStream getAsStream(String name, long generationId)
- throws IOException;
/**
* @return the separator character to be used in file names.
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/db/BasicDatabase.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/db/BasicDatabase.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/db/BasicDatabase.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/db/BasicDatabase.java Wed Jul 25 10:07:55 2007
@@ -70,6 +70,7 @@
import org.apache.derby.iapi.store.access.TransactionController;
import org.apache.derby.iapi.jdbc.AuthenticationService;
import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.io.StorageFile;
import org.apache.derby.catalog.UUID;
import java.io.InputStream;
@@ -783,7 +784,7 @@
/*
** Methods of JarReader
*/
- public Object readJarFile(String schemaName, String sqlName)
+ public StorageFile getJarFile(String schemaName, String sqlName)
throws StandardException {
DataDictionaryContext ddc =
@@ -801,15 +802,7 @@
String externalName = org.apache.derby.impl.sql.execute.JarDDL.mkExternalName(schemaName, sqlName, fr.getSeparatorChar());
- Object f = fr.getAsFile(externalName, generationId);
- if (f instanceof java.io.File)
- return f;
-
- try {
- return fr.getAsStream(externalName, generationId);
- } catch (java.io.IOException ioe) {
- throw StandardException.newException(SQLState.LANG_FILE_ERROR, ioe, ioe.toString());
- }
+ return fr.getAsFile(externalName, generationId);
}
}
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/JarLoader.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/JarLoader.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/JarLoader.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/JarLoader.java Wed Jul 25 10:07:55 2007
@@ -26,11 +26,14 @@
import java.io.ByteArrayOutputStream;
import java.io.File;
+import java.io.FileNotFoundException;
import java.io.InputStream;
import java.io.IOException;
+import java.security.AccessController;
import java.security.CodeSource;
import java.security.GeneralSecurityException;
+import java.security.PrivilegedActionException;
import java.security.SecureClassLoader;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
@@ -44,6 +47,7 @@
import org.apache.derby.iapi.reference.MessageId;
import org.apache.derby.iapi.services.i18n.MessageService;
+import org.apache.derby.io.StorageFile;
class JarLoader extends SecureClassLoader {
@@ -54,6 +58,11 @@
private final String[] name;
/**
+ * Handle to the installed jar file.
+ */
+ private StorageFile installedJar;
+
+ /**
* When the jar file can be manipulated as a java.util.JarFile
* this holds the reference to the open jar. When the jar can
* only be manipulated as an InputStream (because the jar is itself
@@ -78,45 +87,66 @@
this.vs = vs;
}
- // Initialize the class loader so it knows if it
- // is loading from a ZipFile or an InputStream
+ /**
+ * Initialize the class loader so it knows if it
+ * is loading from a ZipFile or an InputStream
+ */
void initialize() {
- Object zipData = load();
+ String schemaName = name[IdUtil.DBCP_SCHEMA_NAME];
+ String sqlName = name[IdUtil.DBCP_SQL_JAR_NAME];
+ Exception e;
try {
-
- if (zipData instanceof File) {
- jar = new JarFile((File) zipData);
+ installedJar =
+ updateLoader.getJarReader().getJarFile(
+ schemaName, sqlName);
+
+ if (installedJar instanceof File) {
+ try {
+ jar = (JarFile) AccessController.doPrivileged
+ (new java.security.PrivilegedExceptionAction(){
+
+ public Object run() throws IOException {
+ return new JarFile((File) installedJar);
+
+ }
+
+ }
+ );
+ } catch (PrivilegedActionException pae) {
+ throw (IOException) pae.getException();
+ }
return;
}
- // Jar is only accessible as an INputStream,
- // which means we need to re-open the stream for
- // each access. Thus we close the stream now as we have
- // no further use for it.
- if (zipData instanceof InputStream) {
- isStream = true;
- try {
- ((InputStream) zipData).close();
- } catch (IOException ioe) {
- }
- return;
- }
+ // Jar is only accessible as an InputStream,
+ // which means we need to re-open the stream for
+ // each access.
+
+ isStream = true;
+ return;
+
} catch (IOException ioe) {
- if (vs != null)
- vs.println(MessageService.getTextMessage(MessageId.CM_LOAD_JAR_EXCEPTION, getJarName(), ioe));
+ e = ioe;
+ } catch (StandardException se) {
+ e = se;
}
+ if (vs != null)
+ vs.println(MessageService.getTextMessage(
+ MessageId.CM_LOAD_JAR_EXCEPTION, getJarName(), e));
+
// No such zip.
- setInvalid();
+ setInvalid();
}
/**
- Handle all requests to the top-level loader.
-
- @exception ClassNotFoundException Class can not be found
- */
+ * Handle all requests to the top-level loader.
+ *
+ * @exception ClassNotFoundException
+ * Class can not be found
+ */
public Class loadClass(String className, boolean resolve)
throws ClassNotFoundException {
@@ -165,11 +195,14 @@
if (isStream) {
// have to use a new stream each time
- return loadClassData((InputStream) load(),
+ return loadClassData(installedJar.getInputStream(),
className, jvmClassName, resolve);
}
return null;
+ } catch (FileNotFoundException fnfe) {
+ // No such entry.
+ return null;
} catch (IOException ioe) {
if (vs != null)
vs.println(MessageService.getTextMessage(MessageId.CM_CLASS_LOAD_EXCEPTION, className, getJarName(), ioe));
@@ -189,7 +222,11 @@
return getRawStream(name);
if (isStream) {
- return getRawStream((InputStream) load(), name);
+ try {
+ return getRawStream(installedJar.getInputStream(), name);
+ } catch (FileNotFoundException e) {
+ // no such entry
+ }
}
return null;
}
@@ -286,24 +323,6 @@
if ((c != null) && resolve)
resolveClass(c);
return c;
- }
-
- private Object load() {
-
- String[] dbJarName = name;
-
- String schemaName = dbJarName[IdUtil.DBCP_SCHEMA_NAME];
- String sqlName = dbJarName[IdUtil.DBCP_SQL_JAR_NAME];
-
- // don't need a connection, just call the code directly
- try {
- return updateLoader.getJarReader().readJarFile(schemaName, sqlName);
- } catch (StandardException se) {
- if (vs != null)
- vs.println(MessageService.getTextMessage(MessageId.CM_LOAD_JAR_EXCEPTION, getJarName(), se));
- return null;
- }
-
}
/**
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/UpdateLoader.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/UpdateLoader.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/UpdateLoader.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/services/reflect/UpdateLoader.java Wed Jul 25 10:07:55 2007
@@ -40,12 +40,13 @@
import org.apache.derby.iapi.reference.Property;
import java.io.InputStream;
+import java.security.AccessController;
import org.apache.derby.iapi.reference.MessageId;
import org.apache.derby.iapi.reference.Module;
import org.apache.derby.iapi.services.i18n.MessageService;
-public class UpdateLoader {
+class UpdateLoader {
/**
* List of packages that Derby will not support being loaded
@@ -77,7 +78,7 @@
private boolean needReload;
private JarReader jarReader;
- public UpdateLoader(String classpath, DatabaseClasses parent, boolean verbose, boolean normalizeToUpper)
+ UpdateLoader(String classpath, DatabaseClasses parent, boolean verbose, boolean normalizeToUpper)
throws StandardException {
this.normalizeToUpper = normalizeToUpper;
@@ -97,15 +98,25 @@
private void initializeFromClassPath(String classpath) throws StandardException {
- String[][] elements = IdUtil.parseDbClassPath(classpath, normalizeToUpper);
+ final String[][] elements = IdUtil.parseDbClassPath(classpath, normalizeToUpper);
- int jarCount = elements.length;
+ final int jarCount = elements.length;
jarList = new JarLoader[jarCount];
- for (int i = 0; i < jarCount; i++) {
- jarList[i] = new JarLoader(this, elements[i], vs);
- }
-
+ if (jarCount != 0) {
+ // Creating class loaders is a restricted operation
+ // so we need to use a privileged block.
+ AccessController.doPrivileged
+ (new java.security.PrivilegedAction(){
+
+ public Object run(){
+ for (int i = 0; i < jarCount; i++) {
+ jarList[i] = new JarLoader(UpdateLoader.this, elements[i], vs);
+ }
+ return null;
+ }
+ });
+ }
if (vs != null) {
vs.println(MessageService.getTextMessage(MessageId.CM_CLASS_LOADER_START, classpath));
}
@@ -119,7 +130,7 @@
@exception ClassNotFoundException Class can not be found
*/
- public Class loadClass(String className, boolean resolve)
+ Class loadClass(String className, boolean resolve)
throws ClassNotFoundException {
@@ -177,7 +188,7 @@
}
}
- public InputStream getResourceAsStream(String name) {
+ InputStream getResourceAsStream(String name) {
InputStream is = (myLoader == null) ?
ClassLoader.getSystemResourceAsStream(name) :
@@ -224,7 +235,7 @@
}
}
- public synchronized void modifyClasspath(String classpath)
+ synchronized void modifyClasspath(String classpath)
throws StandardException {
// lock transaction classloader exclusively
@@ -237,7 +248,7 @@
}
- public synchronized void modifyJar(boolean reload) throws StandardException {
+ synchronized void modifyJar(boolean reload) throws StandardException {
// lock transaction classloader exclusively
lockClassLoader(ShExQual.EX);
@@ -289,7 +300,7 @@
return null;
}
- public void close() {
+ void close() {
for (int i = 0; i < jarList.length; i++) {
jarList[i].setInvalid();
@@ -308,7 +319,7 @@
initDone = true;
}
- public int getClassLoaderVersion() {
+ int getClassLoaderVersion() {
return version;
}
Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/store/raw/data/RFResource.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/store/raw/data/RFResource.java?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/store/raw/data/RFResource.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/impl/store/raw/data/RFResource.java Wed Jul 25 10:07:55 2007
@@ -21,32 +21,22 @@
package org.apache.derby.impl.store.raw.data;
-import org.apache.derby.iapi.reference.SQLState;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
-import org.apache.derby.iapi.services.context.ContextService;
+import org.apache.derby.iapi.error.StandardException;
+import org.apache.derby.iapi.reference.SQLState;
import org.apache.derby.iapi.services.context.ContextManager;
+import org.apache.derby.iapi.services.context.ContextService;
import org.apache.derby.iapi.services.daemon.Serviceable;
-import org.apache.derby.iapi.services.sanity.SanityManager;
-import org.apache.derby.iapi.error.StandardException;
-import org.apache.derby.iapi.store.access.FileResource;
-import org.apache.derby.iapi.store.raw.Transaction;
import org.apache.derby.iapi.store.access.AccessFactoryGlobals;
-import org.apache.derby.iapi.store.access.DatabaseInstant;
+import org.apache.derby.iapi.store.access.FileResource;
import org.apache.derby.iapi.store.raw.xact.RawTransaction;
-
-import org.apache.derby.io.StorageFactory;
-import org.apache.derby.io.WritableStorageFactory;
import org.apache.derby.io.StorageFile;
-import org.apache.derby.io.StorageRandomAccessFile;
-
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
class RFResource implements FileResource {
@@ -208,16 +198,6 @@
String versionedFileName = factory.getVersionedName(name, generationId);
return factory.storageFactory.newStorageFile( versionedFileName);
- }
-
- /**
- @see FileResource#getAsStream
- @exception IOException trouble accessing file.
- */
- public InputStream getAsStream(String name, long generationId)
- throws IOException
- {
- return getAsFile(name, generationId).getInputStream();
}
public char getSeparatorChar()
Modified: db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/BackupPathTests_app.properties
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/BackupPathTests_app.properties?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/BackupPathTests_app.properties (original)
+++ db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/BackupPathTests_app.properties Wed Jul 25 10:07:55 2007
@@ -18,6 +18,3 @@
#Exclude for J2ME/Foundation - test uses procedure with server-side JDBC
runwithfoundation=false
-# Test fails with security manager due to bug DEBRY-537
-noSecurityManager=true
-
Modified: db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/OnlineBackupTest3_app.properties
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/OnlineBackupTest3_app.properties?view=diff&rev=559525&r1=559524&r2=559525
==============================================================================
--- db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/OnlineBackupTest3_app.properties (original)
+++ db/derby/code/branches/10.2/java/testing/org/apache/derbyTesting/functionTests/tests/store/OnlineBackupTest3_app.properties Wed Jul 25 10:07:55 2007
@@ -17,6 +17,3 @@
#Exclude for J2ME/Foundation - test uses procedure with server-side JDBC
runwithfoundation=false
-
-# Test fails with security manager due to bug DEBRY-537
-noSecurityManager=true