mirror of
https://github.com/openjdk/jdk.git
synced 2025-08-28 15:24:43 +02:00
8209416: Refactoring GetPropertyAction calls in security libs
Reviewed-by: xuelei, rriggs
This commit is contained in:
Weijun Wang
parent
815cdefb43
commit
33a96c6df9
29 changed files with 146 additions and 196 deletions
|
|
@ -45,6 +45,7 @@ import java.util.regex.Matcher;
|
|||
import java.util.regex.Pattern;
|
||||
|
||||
import sun.net.dns.ResolverConfiguration;
|
||||
import sun.security.action.GetPropertyAction;
|
||||
import sun.security.krb5.internal.crypto.EType;
|
||||
import sun.security.krb5.internal.Krb5;
|
||||
|
||||
|
|
@ -122,12 +123,12 @@ public class Config {
|
|||
|
||||
private static boolean isMacosLionOrBetter() {
|
||||
// split the "10.x.y" version number
|
||||
String osname = getProperty("os.name");
|
||||
String osname = GetPropertyAction.privilegedGetProperty("os.name");
|
||||
if (!osname.contains("OS X")) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String osVersion = getProperty("os.version");
|
||||
String osVersion = GetPropertyAction.privilegedGetProperty("os.version");
|
||||
String[] fragments = osVersion.split("\\.");
|
||||
|
||||
// sanity check the "10." part of the version
|
||||
|
|
@ -152,14 +153,16 @@ public class Config {
|
|||
/*
|
||||
* If either one system property is specified, we throw exception.
|
||||
*/
|
||||
String tmp = getProperty("java.security.krb5.kdc");
|
||||
String tmp = GetPropertyAction
|
||||
.privilegedGetProperty("java.security.krb5.kdc");
|
||||
if (tmp != null) {
|
||||
// The user can specify a list of kdc hosts separated by ":"
|
||||
defaultKDC = tmp.replace(':', ' ');
|
||||
} else {
|
||||
defaultKDC = null;
|
||||
}
|
||||
defaultRealm = getProperty("java.security.krb5.realm");
|
||||
defaultRealm = GetPropertyAction
|
||||
.privilegedGetProperty("java.security.krb5.realm");
|
||||
if ((defaultKDC == null && defaultRealm != null) ||
|
||||
(defaultRealm == null && defaultKDC != null)) {
|
||||
throw new KrbException
|
||||
|
|
@ -818,11 +821,12 @@ public class Config {
|
|||
* The method returns null if it cannot find a Java config file.
|
||||
*/
|
||||
private String getJavaFileName() {
|
||||
String name = getProperty("java.security.krb5.conf");
|
||||
String name = GetPropertyAction
|
||||
.privilegedGetProperty("java.security.krb5.conf");
|
||||
if (name == null) {
|
||||
name = getProperty("java.home") + File.separator +
|
||||
"conf" + File.separator + "security" +
|
||||
File.separator + "krb5.conf";
|
||||
name = GetPropertyAction.privilegedGetProperty("java.home")
|
||||
+ File.separator + "conf" + File.separator + "security"
|
||||
+ File.separator + "krb5.conf";
|
||||
if (!fileExists(name)) {
|
||||
name = null;
|
||||
}
|
||||
|
|
@ -852,7 +856,7 @@ public class Config {
|
|||
*/
|
||||
private String getNativeFileName() {
|
||||
String name = null;
|
||||
String osname = getProperty("os.name");
|
||||
String osname = GetPropertyAction.privilegedGetProperty("os.name");
|
||||
if (osname.startsWith("Windows")) {
|
||||
try {
|
||||
Credentials.ensureLoaded();
|
||||
|
|
@ -899,13 +903,8 @@ public class Config {
|
|||
return name;
|
||||
}
|
||||
|
||||
private static String getProperty(String property) {
|
||||
return java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction(property));
|
||||
}
|
||||
|
||||
private String findMacosConfigFile() {
|
||||
String userHome = getProperty("user.home");
|
||||
String userHome = GetPropertyAction.privilegedGetProperty("user.home");
|
||||
final String PREF_FILE = "/Library/Preferences/edu.mit.Kerberos";
|
||||
String userPrefs = userHome + PREF_FILE;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -31,6 +31,7 @@
|
|||
|
||||
package sun.security.krb5;
|
||||
|
||||
import sun.security.action.GetPropertyAction;
|
||||
import sun.security.krb5.internal.*;
|
||||
import sun.security.krb5.internal.ccache.CredentialsCache;
|
||||
import sun.security.krb5.internal.crypto.EType;
|
||||
|
|
@ -288,8 +289,7 @@ public class Credentials {
|
|||
|
||||
if (ticketCache == null) {
|
||||
// The default ticket cache on Windows and Mac is not a file.
|
||||
String os = java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("os.name"));
|
||||
String os = GetPropertyAction.privilegedGetProperty("os.name");
|
||||
if (os.toUpperCase(Locale.ENGLISH).startsWith("WINDOWS") ||
|
||||
os.toUpperCase(Locale.ENGLISH).contains("OS X")) {
|
||||
Credentials creds = acquireDefaultCreds();
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -74,8 +74,6 @@ public final class KdcComm {
|
|||
|
||||
private static final boolean DEBUG = Krb5.DEBUG;
|
||||
|
||||
private static final String BAD_POLICY_KEY = "krb5.kdc.bad.policy";
|
||||
|
||||
/**
|
||||
* What to do when a KDC is unavailable, specified in the
|
||||
* java.security file with key krb5.kdc.bad.policy.
|
||||
|
|
@ -100,7 +98,7 @@ public final class KdcComm {
|
|||
String value = AccessController.doPrivileged(
|
||||
new PrivilegedAction<String>() {
|
||||
public String run() {
|
||||
return Security.getProperty(BAD_POLICY_KEY);
|
||||
return Security.getProperty("krb5.kdc.bad.policy");
|
||||
}
|
||||
});
|
||||
if (value != null) {
|
||||
|
|
@ -120,7 +118,7 @@ public final class KdcComm {
|
|||
// Ignored. Please note that tryLess is recognized and
|
||||
// used, parameters using default values
|
||||
if (DEBUG) {
|
||||
System.out.println("Invalid " + BAD_POLICY_KEY +
|
||||
System.out.println("Invalid krb5.kdc.bad.policy" +
|
||||
" parameter for tryLess: " +
|
||||
value + ", use default");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -31,6 +31,7 @@
|
|||
|
||||
package sun.security.krb5;
|
||||
|
||||
import sun.security.action.GetBooleanAction;
|
||||
import sun.security.krb5.internal.Krb5;
|
||||
import sun.security.util.*;
|
||||
import java.io.IOException;
|
||||
|
|
@ -47,10 +48,8 @@ import sun.security.krb5.internal.util.KerberosString;
|
|||
*/
|
||||
public class Realm implements Cloneable {
|
||||
|
||||
public static final boolean AUTODEDUCEREALM =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetBooleanAction(
|
||||
"sun.security.krb5.autodeducerealm"));
|
||||
public static final boolean AUTODEDUCEREALM = GetBooleanAction
|
||||
.privilegedGetProperty("sun.security.krb5.autodeducerealm");
|
||||
|
||||
private final String realm; // not null nor empty
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -31,6 +31,8 @@
|
|||
|
||||
package sun.security.krb5.internal;
|
||||
|
||||
import sun.security.action.GetBooleanAction;
|
||||
|
||||
import java.util.Hashtable;
|
||||
|
||||
// Constants and other defined values from RFC 4120
|
||||
|
|
@ -303,9 +305,9 @@ public class Krb5 {
|
|||
}
|
||||
|
||||
|
||||
public static final boolean DEBUG =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetBooleanAction("sun.security.krb5.debug"));
|
||||
public static final boolean DEBUG = GetBooleanAction
|
||||
.privilegedGetProperty("sun.security.krb5.debug");
|
||||
|
||||
public static final sun.security.util.HexDumpEncoder hexDumper =
|
||||
new sun.security.util.HexDumpEncoder();
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -30,8 +30,6 @@ import sun.security.krb5.internal.rcache.AuthTimeWithHash;
|
|||
import sun.security.krb5.internal.rcache.MemoryCache;
|
||||
import sun.security.krb5.internal.rcache.DflCache;
|
||||
|
||||
import java.security.AccessController;
|
||||
|
||||
/**
|
||||
* Models the replay cache of an acceptor as described in
|
||||
* RFC 4120 3.2.3.
|
||||
|
|
@ -56,8 +54,8 @@ public abstract class ReplayCache {
|
|||
}
|
||||
}
|
||||
public static ReplayCache getInstance() {
|
||||
String type = AccessController.doPrivileged(
|
||||
new GetPropertyAction("sun.security.krb5.rcache"));
|
||||
String type = GetPropertyAction
|
||||
.privilegedGetProperty("sun.security.krb5.rcache");
|
||||
return getInstance(type);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -33,6 +33,7 @@
|
|||
*/
|
||||
package sun.security.krb5.internal.ccache;
|
||||
|
||||
import sun.security.action.GetPropertyAction;
|
||||
import sun.security.krb5.*;
|
||||
import sun.security.krb5.internal.*;
|
||||
import java.util.StringTokenizer;
|
||||
|
|
@ -381,9 +382,7 @@ public class FileCredentialsCache extends CredentialsCache
|
|||
}
|
||||
|
||||
// get cache name from system.property
|
||||
String osname =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("os.name"));
|
||||
String osname = GetPropertyAction.privilegedGetProperty("os.name");
|
||||
|
||||
/*
|
||||
* For Unix platforms we use the default cache name to be
|
||||
|
|
@ -417,18 +416,12 @@ public class FileCredentialsCache extends CredentialsCache
|
|||
|
||||
// we did not get the uid;
|
||||
|
||||
String user_name =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("user.name"));
|
||||
String user_name = GetPropertyAction.privilegedGetProperty("user.name");
|
||||
|
||||
String user_home =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("user.home"));
|
||||
String user_home = GetPropertyAction.privilegedGetProperty("user.home");
|
||||
|
||||
if (user_home == null) {
|
||||
user_home =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("user.dir"));
|
||||
user_home = GetPropertyAction.privilegedGetProperty("user.dir");
|
||||
}
|
||||
|
||||
if (user_name != null) {
|
||||
|
|
|
|||
|
|
@ -53,9 +53,8 @@ public final class Des {
|
|||
// string-to-key encoding. When set, the specified charset
|
||||
// name is used. Otherwise, the system default charset.
|
||||
|
||||
private final static String CHARSET =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new GetPropertyAction("sun.security.krb5.msinterop.des.s2kcharset"));
|
||||
private final static String CHARSET = GetPropertyAction
|
||||
.privilegedGetProperty("sun.security.krb5.msinterop.des.s2kcharset");
|
||||
|
||||
private static final long[] bad_keys = {
|
||||
0x0101010101010101L, 0xfefefefefefefefeL,
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -31,6 +31,7 @@
|
|||
|
||||
package sun.security.krb5.internal.ktab;
|
||||
|
||||
import sun.security.action.GetPropertyAction;
|
||||
import sun.security.krb5.*;
|
||||
import sun.security.krb5.internal.*;
|
||||
import sun.security.krb5.internal.crypto.*;
|
||||
|
|
@ -203,14 +204,12 @@ public class KeyTab implements KeyTabConstants {
|
|||
}
|
||||
|
||||
if (kname == null) {
|
||||
String user_home =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("user.home"));
|
||||
String user_home = GetPropertyAction
|
||||
.privilegedGetProperty("user.home");
|
||||
|
||||
if (user_home == null) {
|
||||
user_home =
|
||||
java.security.AccessController.doPrivileged(
|
||||
new sun.security.action.GetPropertyAction("user.dir"));
|
||||
user_home = GetPropertyAction
|
||||
.privilegedGetProperty("user.dir");
|
||||
}
|
||||
|
||||
kname = user_home + File.separator + "krb5.keytab";
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -25,7 +25,7 @@
|
|||
|
||||
package sun.security.krb5.internal.rcache;
|
||||
|
||||
import sun.security.action.GetPropertyAction;
|
||||
import sun.security.action.GetBooleanAction;
|
||||
|
||||
import java.util.Objects;
|
||||
|
||||
|
|
@ -40,8 +40,7 @@ public class AuthTimeWithHash extends AuthTime
|
|||
public static final String DEFAULT_HASH_ALG;
|
||||
|
||||
static {
|
||||
if (GetPropertyAction.privilegedGetProperty(
|
||||
"jdk.krb5.rcache.useMD5", "false").equals("true")) {
|
||||
if (GetBooleanAction.privilegedGetProperty("jdk.krb5.rcache.useMD5")) {
|
||||
DEFAULT_HASH_ALG = "HASH";
|
||||
} else {
|
||||
DEFAULT_HASH_ALG = "SHA256";
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
|
|
@ -36,7 +36,6 @@ import java.nio.file.Path;
|
|||
import java.nio.file.StandardCopyOption;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
import java.nio.file.attribute.PosixFilePermission;
|
||||
import java.security.AccessController;
|
||||
import java.util.*;
|
||||
|
||||
import sun.security.action.GetPropertyAction;
|
||||
|
|
@ -117,8 +116,7 @@ public class DflCache extends ReplayCache {
|
|||
}
|
||||
|
||||
private static String defaultPath() {
|
||||
return AccessController.doPrivileged(
|
||||
new GetPropertyAction("java.io.tmpdir"));
|
||||
return GetPropertyAction.privilegedGetProperty("java.io.tmpdir");
|
||||
}
|
||||
|
||||
private static String defaultFile(String server) {
|
||||
|
|
|
|||
|
|
@ -55,8 +55,8 @@ public final class KerberosString {
|
|||
public static final boolean MSNAME;
|
||||
|
||||
static {
|
||||
String prop = GetPropertyAction.privilegedGetProperty(
|
||||
"sun.security.krb5.msinterop.kstring", "true");
|
||||
String prop = GetPropertyAction
|
||||
.privilegedGetProperty("sun.security.krb5.msinterop.kstring", "true");
|
||||
MSNAME = Boolean.parseBoolean(prop);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue