You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@felix.apache.org by cz...@apache.org on 2018/09/12 10:14:56 UTC
svn commit: r1840649 - in /felix/trunk/configadmin: ./
src/main/java/org/apache/felix/cm/impl/
src/main/java/org/apache/felix/cm/impl/helper/
Author: cziegeler
Date: Wed Sep 12 10:14:55 2018
New Revision: 1840649
URL: http://svn.apache.org/viewvc?rev=1840649&view=rev
Log:
[FELIX-5918] : AccessControlExceptions in ConfigurationAdmin methods
[FELIX-5910] : Set correct AccessControlContext when firing events
Modified:
felix/trunk/configadmin/changelog.txt
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Activator.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/DynamicBindings.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Log.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/BaseTracker.java
felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/TargetedPID.java
Modified: felix/trunk/configadmin/changelog.txt
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/changelog.txt?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/changelog.txt (original)
+++ felix/trunk/configadmin/changelog.txt Wed Sep 12 10:14:55 2018
@@ -2,8 +2,10 @@ Changes in 1.9.6
----------------
** Bug
* [FELIX-5908] : NoClassDefFoundError for the CM Security Domain combiner
+ * [FELIX-5918] : AccessControlExceptions in ConfigurationAdmin methods
+ * [FELIX-5910] : Set correct AccessControlContext when firing events
+
-
Changes in 1.9.4
----------------
** Bug
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Activator.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Activator.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Activator.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Activator.java Wed Sep 12 10:14:55 2018
@@ -18,12 +18,15 @@
*/
package org.apache.felix.cm.impl;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.Dictionary;
import java.util.Hashtable;
import org.apache.felix.cm.PersistenceManager;
import org.apache.felix.cm.file.FilePersistenceManager;
import org.apache.felix.cm.impl.persistence.PersistenceManagerTracker;
+import org.osgi.framework.Bundle;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
@@ -151,5 +154,24 @@ public class Activator implements Bundle
this.filepmRegistration = null;
}
}
+
+ public static String getLocation(final Bundle bundle)
+ {
+ if (System.getSecurityManager() != null)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ @Override
+ public String run()
+ {
+ return bundle.getLocation();
+ }
+ });
+ }
+ else
+ {
+ return bundle.getLocation();
+ }
+ }
}
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java Wed Sep 12 10:14:55 2018
@@ -80,7 +80,7 @@ public class ConfigurationAdminImpl impl
// FELIX-3360: new factory configuration with implicit binding is dynamic
ConfigurationImpl config = configurationManager.createFactoryConfiguration( factoryPid, null );
- config.setDynamicBundleLocation( this.getBundle().getLocation(), false );
+ config.setDynamicBundleLocation( Activator.getLocation(this.getBundle()), false );
return this.wrap( config );
}
@@ -122,7 +122,7 @@ public class ConfigurationAdminImpl impl
config = configurationManager.createConfiguration( pid, null );
// FELIX-3360: configuration creation with implicit binding is dynamic
- config.setDynamicBundleLocation( getBundle().getLocation(), false );
+ config.setDynamicBundleLocation( Activator.getLocation(getBundle()), false );
}
else
{
@@ -131,10 +131,10 @@ public class ConfigurationAdminImpl impl
Log.logger.log( LogService.LOG_DEBUG, "Binding configuration {0} (isNew: {1}) to bundle {2}",
new Object[]
{ config.getPid(), config.isNew() ? Boolean.TRUE : Boolean.FALSE,
- this.getBundle().getLocation() } );
+ Activator.getLocation(this.getBundle()) } );
// FELIX-3360: first implicit binding is dynamic
- config.setDynamicBundleLocation( getBundle().getLocation(), true );
+ config.setDynamicBundleLocation( Activator.getLocation(getBundle()), true );
}
else
{
@@ -268,7 +268,7 @@ public class ConfigurationAdminImpl impl
if ( sm != null )
{
// CM 1.4 / 104.11.1 Implicit permission
- if ( name != null && ( checkOwn || !name.equals( getBundle().getLocation() ) ) )
+ if ( name != null && ( checkOwn || !name.equals( Activator.getLocation(getBundle()) ) ) )
{
try
{
@@ -277,7 +277,7 @@ public class ConfigurationAdminImpl impl
Log.logger.log( LogService.LOG_DEBUG,
"Explicit Permission; grant {0} permission on configuration bound to {1} to bundle {2}",
new Object[]
- { action, name, getBundle().getLocation() } );
+ { action, name, Activator.getLocation(getBundle()) } );
}
catch ( SecurityException se )
{
@@ -286,7 +286,7 @@ public class ConfigurationAdminImpl impl
LogService.LOG_DEBUG,
"No Permission; denied {0} permission on configuration bound to {1} to bundle {2}; reason: {3}",
new Object[]
- { action, name, getBundle().getLocation(), se.getMessage() } );
+ { action, name, Activator.getLocation(getBundle()), se.getMessage() } );
throw se;
}
}
@@ -295,7 +295,7 @@ public class ConfigurationAdminImpl impl
Log.logger.log( LogService.LOG_DEBUG,
"Implicit Permission; grant {0} permission on configuration bound to {1} to bundle {2}",
new Object[]
- { action, name, getBundle().getLocation() } );
+ { action, name, Activator.getLocation(getBundle()) } );
}
}
@@ -304,7 +304,7 @@ public class ConfigurationAdminImpl impl
Log.logger.log( LogService.LOG_DEBUG,
"No SecurityManager installed; grant {0} permission on configuration bound to {1} to bundle {2}",
new Object[]
- { action, name, getBundle().getLocation() } );
+ { action, name, Activator.getLocation(getBundle()) } );
}
}
@@ -378,7 +378,7 @@ public class ConfigurationAdminImpl impl
config = configurationManager.createFactoryConfiguration( pid, factoryPid, null );
// FELIX-3360: configuration creation with implicit binding is dynamic
- config.setDynamicBundleLocation( getBundle().getLocation(), false );
+ config.setDynamicBundleLocation( Activator.getLocation(getBundle()), false );
}
else
{
@@ -387,10 +387,10 @@ public class ConfigurationAdminImpl impl
Log.logger.log( LogService.LOG_DEBUG, "Binding configuration {0} (isNew: {1}) to bundle {2}",
new Object[]
{ config.getPid(), config.isNew() ? Boolean.TRUE : Boolean.FALSE,
- this.getBundle().getLocation() } );
+ Activator.getLocation(this.getBundle()) } );
// FELIX-3360: first implicit binding is dynamic
- config.setDynamicBundleLocation( getBundle().getLocation(), true );
+ config.setDynamicBundleLocation( Activator.getLocation(getBundle()), true );
}
else
{
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java Wed Sep 12 10:14:55 2018
@@ -20,6 +20,8 @@ package org.apache.felix.cm.impl;
import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
@@ -383,7 +385,7 @@ public class ConfigurationManager implem
names[i--] = targetedPid.toString();
targetedPid.append( '|' ).append( serviceBundle.getVersion().toString() );
names[i--] = targetedPid.toString();
- targetedPid.append( '|' ).append( serviceBundle.getLocation() );
+ targetedPid.append( '|' ).append( Activator.getLocation(serviceBundle) );
names[i--] = targetedPid.toString();
for ( String candidate : names )
@@ -394,7 +396,7 @@ public class ConfigurationManager implem
// check visibility to use and dynamically bind
if ( canReceive( serviceBundle, config.getBundleLocation() ) )
{
- config.tryBindLocation( serviceBundle.getLocation() );
+ config.tryBindLocation( Activator.getLocation(serviceBundle) );
return config;
}
@@ -522,7 +524,7 @@ public class ConfigurationManager implem
LogService.LOG_DEBUG,
"Omitting configuration {0}: No permission for bundle {1} on configuration bound to {2}",
new Object[]
- { pid, configurationAdmin.getBundle().getLocation(),
+ { pid, Activator.getLocation(configurationAdmin.getBundle()),
config.get( ConfigurationAdmin.SERVICE_BUNDLELOCATION ) } );
continue;
}
@@ -659,7 +661,7 @@ public class ConfigurationManager implem
{
if ( event.getType() == BundleEvent.UNINSTALLED && handleBundleEvents )
{
- final String location = event.getBundle().getLocation();
+ final String location = Activator.getLocation(event.getBundle());
// we only reset dynamic bindings, which are only present in
// cached configurations, hence only consider cached configs here
@@ -825,7 +827,7 @@ public class ConfigurationManager implem
targetedPid.append( '|' ).append( serviceBundle.getVersion().toString() );
factories.add( 0, targetedPid.toString() );
- targetedPid.append( '|' ).append( serviceBundle.getLocation() );
+ targetedPid.append( '|' ).append( Activator.getLocation(serviceBundle) );
factories.add( 0, targetedPid.toString() );
}
@@ -990,7 +992,7 @@ public class ConfigurationManager implem
if ( location == null )
{
Log.logger.log( LogService.LOG_DEBUG, "canReceive=true; bundle={0}; configuration=(unbound)", new Object[]
- { bundle.getLocation() } );
+ { Activator.getLocation(bundle) } );
return true;
}
else if ( location.startsWith( "?" ) )
@@ -1002,21 +1004,21 @@ public class ConfigurationManager implem
ConfigurationPermission.TARGET ) );
Log.logger.log( LogService.LOG_DEBUG, "canReceive={0}: bundle={1}; configuration={2} (SecurityManager check)",
new Object[]
- { new Boolean( hasPermission ), bundle.getLocation(), location } );
+ { new Boolean( hasPermission ), Activator.getLocation(bundle), location } );
return hasPermission;
}
Log.logger.log( LogService.LOG_DEBUG, "canReceive=true; bundle={0}; configuration={1} (no SecurityManager)",
new Object[]
- { bundle.getLocation(), location } );
+ { Activator.getLocation(bundle), location } );
return true;
}
else
{
// single location, must match
- final boolean hasPermission = location.equals( bundle.getLocation() );
+ final boolean hasPermission = location.equals( Activator.getLocation(bundle) );
Log.logger.log( LogService.LOG_DEBUG, "canReceive={0}: bundle={1}; configuration={2}", new Object[]
- { new Boolean( hasPermission ), bundle.getLocation(), location } );
+ { new Boolean( hasPermission ), Activator.getLocation(bundle), location } );
return hasPermission;
}
}
@@ -1227,7 +1229,7 @@ public class ConfigurationManager implem
}
// 104.4.2 Dynamic Binding
- config.tryBindLocation( serviceBundle.getLocation() );
+ config.tryBindLocation( Activator.getLocation(serviceBundle) );
// update the service with the configuration (if non-null)
if ( rawProperties != null )
@@ -1368,7 +1370,7 @@ public class ConfigurationManager implem
{ srList.get(0) } );
return;
}
- config.tryBindLocation( bundle.getLocation() );
+ config.tryBindLocation( Activator.getLocation(bundle) );
final String configBundleLocation = config.getBundleLocation();
@@ -1520,7 +1522,7 @@ public class ConfigurationManager implem
// service if the config has been unbound causing this update
if ( isVisible )
{
- config.tryBindLocation( srBundle.getLocation() );
+ config.tryBindLocation( Activator.getLocation(srBundle) );
}
if ( wasVisible && !isVisible )
@@ -1664,7 +1666,24 @@ public class ConfigurationManager implem
try
{
- listeners[serviceIndex].configurationEvent( getConfigurationEvent() );
+ if ( System.getSecurityManager() != null )
+ {
+ AccessController.doPrivileged(
+ new PrivilegedAction<Object>()
+ {
+ @Override
+ public Void run()
+ {
+ listeners[serviceIndex].configurationEvent(getConfigurationEvent());
+ return null;
+ }
+ }, BaseTracker.getAccessControlContext(listenerProvider[serviceIndex])
+ );
+ }
+ else
+ {
+ listeners[serviceIndex].configurationEvent(getConfigurationEvent());
+ }
}
catch ( Throwable t )
{
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/DynamicBindings.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/DynamicBindings.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/DynamicBindings.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/DynamicBindings.java Wed Sep 12 10:14:55 2018
@@ -54,7 +54,7 @@ class DynamicBindings
final Bundle[] bundles = bundleContext.getBundles();
for ( int i = 0; i < bundles.length; i++ )
{
- locations.add( bundles[i].getLocation() );
+ locations.add( Activator.getLocation(bundles[i]) );
}
// collect pids whose location is not installed any more
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Log.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Log.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Log.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/Log.java Wed Sep 12 10:14:55 2018
@@ -240,7 +240,7 @@ public class Log
if ( provider != null )
{
buf.append( ", bundle=" ).append( provider.getBundleId() );
- buf.append( '/' ).append( provider.getLocation() );
+ buf.append( '/' ).append( Activator.getLocation(provider) );
}
else
{
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/BaseTracker.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/BaseTracker.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/BaseTracker.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/BaseTracker.java Wed Sep 12 10:14:55 2018
@@ -292,7 +292,7 @@ public abstract class BaseTracker<S> ext
}
- AccessControlContext getAccessControlContext( final Bundle bundle )
+ public static AccessControlContext getAccessControlContext( final Bundle bundle )
{
return new AccessControlContext(AccessController.getContext(), new CMDomainCombiner(bundle));
}
Modified: felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/TargetedPID.java
URL: http://svn.apache.org/viewvc/felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/TargetedPID.java?rev=1840649&r1=1840648&r2=1840649&view=diff
==============================================================================
--- felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/TargetedPID.java (original)
+++ felix/trunk/configadmin/src/main/java/org/apache/felix/cm/impl/helper/TargetedPID.java Wed Sep 12 10:14:55 2018
@@ -19,6 +19,7 @@
package org.apache.felix.cm.impl.helper;
+import org.apache.felix.cm.impl.Activator;
import org.osgi.framework.Bundle;
import org.osgi.framework.ServiceReference;
@@ -156,7 +157,7 @@ public class TargetedPID
}
// assert bundle location match
- return this.location == null || this.location.equals( serviceBundle.getLocation() );
+ return this.location == null || this.location.equals( Activator.getLocation(serviceBundle) );
}