You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by mu...@apache.org on 2008/08/21 14:39:33 UTC

svn commit: r687730 - in /xml/security/trunk/src/org: apache/xml/security/signature/Reference.java apache/xml/security/utils/XMLUtils.java jcp/xml/dsig/internal/dom/DOMReference.java

Author: mullan
Date: Thu Aug 21 05:39:31 2008
New Revision: 687730

URL: http://svn.apache.org/viewvc?rev=687730&view=rev
Log:
Fixed 45664: Some calls should be wrapped in AccessController.doPrivileged

Modified:
    xml/security/trunk/src/org/apache/xml/security/signature/Reference.java
    xml/security/trunk/src/org/apache/xml/security/utils/XMLUtils.java
    xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java

Modified: xml/security/trunk/src/org/apache/xml/security/signature/Reference.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/signature/Reference.java?rev=687730&r1=687729&r2=687730&view=diff
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/signature/Reference.java (original)
+++ xml/security/trunk/src/org/apache/xml/security/signature/Reference.java Thu Aug 21 05:39:31 2008
@@ -21,6 +21,8 @@
 
 import java.io.IOException;
 import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -103,14 +105,13 @@
     * will be added if necessary when generating the signature. See section
     * 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info.
     */
-   private static boolean useC14N11 = false;
-   static {
-      try {
-         useC14N11 = Boolean.getBoolean("org.apache.xml.security.useC14N11");
-      } catch (Exception e) {
-         // ignore exceptions
-      }
-   }
+   private static boolean useC14N11 = ((Boolean)
+      AccessController.doPrivileged(new PrivilegedAction() {
+         public Object run() {
+            return new Boolean(Boolean.getBoolean
+               ("org.apache.xml.security.useC14N11"));
+         }
+      })).booleanValue();
 
    /** Field CacheSignedNodes */
    public final static boolean CacheSignedNodes = false;

Modified: xml/security/trunk/src/org/apache/xml/security/utils/XMLUtils.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/utils/XMLUtils.java?rev=687730&r1=687729&r2=687730&view=diff
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/utils/XMLUtils.java (original)
+++ xml/security/trunk/src/org/apache/xml/security/utils/XMLUtils.java Thu Aug 21 05:39:31 2008
@@ -21,6 +21,8 @@
 
 import java.io.IOException;
 import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -47,15 +49,13 @@
  */
 public class XMLUtils {
 
-   private static boolean ignoreLineBreaks = false;
-   static {
-      try {
-         ignoreLineBreaks = Boolean.getBoolean
-	    ("org.apache.xml.security.ignoreLineBreaks");
-      } catch (Exception e) {
-         // ignore exceptions
-      }
-   }
+   private static boolean ignoreLineBreaks = ((Boolean)
+      AccessController.doPrivileged(new PrivilegedAction() {
+         public Object run() {
+            return new Boolean(Boolean.getBoolean
+	       ("org.apache.xml.security.ignoreLineBreaks"));
+         }
+      })).booleanValue();
 	
    /**
     * Constructor XMLUtils

Modified: xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java?rev=687730&r1=687729&r2=687730&view=diff
==============================================================================
--- xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java (original)
+++ xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java Thu Aug 21 05:39:31 2008
@@ -68,14 +68,13 @@
     *
     * If true, overrides the same property if set in the XMLSignContext.
     */
-    private static boolean useC14N11 = false;
-    static {
-	try {
-            useC14N11 = Boolean.getBoolean("org.apache.xml.security.useC14N11");
-        } catch (Exception e) {
-            // ignore exceptions
-       }
-    }
+    private static boolean useC14N11 = ((Boolean)
+        AccessController.doPrivileged(new PrivilegedAction() {
+            public Object run() {
+                return new Boolean(Boolean.getBoolean
+                    ("com.sun.org.apache.xml.internal.security.useC14N11"));
+            }
+        })).booleanValue();
 
     private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom");