org.eclipse.osgi_3.8.2.v20130124-134944

olContext;
import java.security.AccessController;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.osgi.service.condpermadmin.Condition;

public class EquinoxSecurityManager
  extends SecurityManager
{
  static
  {
    Class<?> c = CheckPermissionAction.class;
    c = CheckContext.class;
    c.getName();
  }
  
  static class CheckContext
  {
    List<List<SecurityRow.Decision[]>> depthCondSets = new ArrayList(2);
    List<AccessControlContext> accs = new ArrayList(2);
    List<Class<?>> CondClassSet;
    
    public int getDepth()
    {
      return depthCondSets.size() - 1;
    }
  }
  
  static class CheckPermissionAction
    implements PrivilegedAction<Object>
  {
    Permission perm;
    Object context;
    EquinoxSecurityManager fsm;
    
    CheckPermissionAction(EquinoxSecurityManager fsm, Permission perm, Object context)
    {
      this.fsm = fsm;
      this.perm = perm;
      this.context = context;
    }
    
    public Object run()
    {
      fsm.internalCheckPermission(perm, context);
      return null;
    }
  }
  
  private final ThreadLocal<CheckContext> localCheckContext = new ThreadLocal();
  
  boolean addConditionsForDomain(SecurityRow.Decision[] results)
  {
    CheckContext cc = (CheckContext)localCheckContext.get();
    if (cc == null) {
      return false;
    }
    List<SecurityRow.Decision[]> condSets = (List)depthCondSets.get(cc.getDepth());
    if (condSets == null)
    {
      condSets = new ArrayList(1);
      depthCondSets.set(cc.getDepth(), condSets);
    }
    condSets.add(results);
    return true;
  }
  
  boolean inCheckPermission()
  {
    return localCheckContext.get() != null;
  }
  
  public void checkPermission(Permission perm, Object context)
  {
    AccessController.doPrivileged(new CheckPermissionAction(this, perm, context));
  }
  
  public AccessControlContext getContextToBeChecked()
  {
    CheckContext cc = (CheckContext)localCheckContext.get();
    if ((cc != null) && (accs != null) && (!accs.isEmpty())) {
      return (AccessControlContext)accs.get(accs.size() - 1);
    }
    return null;
  }
  
  void internalCheckPermission(Permission perm, Object context)
  {
    AccessControlContext acc = (AccessControlContext)context;
    CheckContext cc = (CheckContext)localCheckContext.get();
    if (cc == null)
    {
      cc = new CheckContext();
      localCheckContext.set(cc);
    }
    depthCondSets.add(null);
    accs.add(acc);
    try
    {
      acc.checkPermission(perm);
      
      List<SecurityRow.Decision[]> conditionSets = (List)depthCondSets.get(cc.getDepth());
      if (conditionSets == null) {
        return;
      }
      Map<Class<? extends Condition>, Dictionary<Object, Object>> conditionDictionaries = new HashMap();
      for (Iterator localIterator = conditionSets.iterator(); localIterator.hasNext();)
      {
        SecurityRow.Decision[] domainDecisions = (SecurityRow.Decision[])localIterator.next();
        boolean grant = false;
        for (int i = 0; i < domainDecisions.length; i++)
        {
          if (domainDecisions[i] == null) {
            break;
          }
          if ((decision & 0x4) == 0)
          {
            if ((decision & 0x8) == 0)
            {
              if ((decision & 0x1) == 0) {
                break;
              }
              grant = true;
              break;
            }
            int decision = getPostponedDecision(domainDecisions[i], conditionDictionaries, cc);
            if ((decision & 0x4) == 0)
            {
              if ((decision & 0x1) == 0) {
                break;
              }
              grant = true;
              break;
            }
          }
        }
        if (!grant) {
          throw new SecurityException("Conditions not satisfied");
        }
      }
    }
    finally
    {
      depthCondSets.remove(cc.getDepth());
      accs.remove(accs.size() - 1);
    }
    depthCondSets.remove(cc.getDepth());
    accs.remove(accs.size() - 1);
  }
  
  private int getPostponedDecision(SecurityRow.Decision decision, Map<Class<? extends Condition>, Dictionary<Object, Object>> conditionDictionaries, CheckContext cc)
  {
    Condition[] postponed = postponed;
    for (int i = 0; i < postponed.length; i++)
    {
      Dictionary<Object, Object> condContext = (Dictionary)conditionDictionaries.get(postponed[i].getClass());
      if (condContext == null)
      {
        condContext = new Hashtable();
        conditionDictionaries.put(postponed[i].getClass(), condContext);
      }
      if (CondClassSet == null) {
        CondClassSet = new ArrayList(2);
      }
      if (CondClassSet.contains(postponed[i].getClass())) {
        return 4;
      }
      CondClassSet.add(postponed[i].getClass());
      try
      {
        boolean mutable = postponed[i].isMutable();
        boolean isSatisfied = postponed[i].isSatisfied(new Condition[] { postponed[i] }, condContext);
        decision.handleImmutable(postponed[i], isSatisfied, mutable);
        if (!isSatisfied) {
          return 4;
        }
      }
      finally
      {
        CondClassSet.remove(postponed[i].getClass());
      }
      CondClassSet.remove(postponed[i].getClass());
    }
    return decision;
  }
  
  public void checkPermission(Permission perm)
  {
    checkPermission(perm, getSecurityContext());
  }
  
  public Object getSecurityContext()
  {
    return AccessController.getContext();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.osgi.service.permissionadmin.PermissionInfo;

public class PermissionAdminTable
{
  private final Map<String, PermissionInfoCollection> locations = new HashMap();
  
  String[] getLocations()
  {
    return (String[])locations.keySet().toArray(new String[locations.size()]);
  }
  
  PermissionInfo[] getPermissions(String location)
  {
    PermissionInfoCollection collection = (PermissionInfoCollection)locations.get(location);
    if (collection != null) {
      return collection.getPermissionInfos();
    }
    return null;
  }
  
  void setPermissions(String location, PermissionInfo[] permissions)
  {
    if (permissions == null)
    {
      locations.remove(location);
      return;
    }
    locations.put(location, new PermissionInfoCollection(permissions));
  }
  
  PermissionInfoCollection getCollection(String location)
  {
    return (PermissionInfoCollection)locations.get(location);
  }
  
  PermissionInfoCollection[] getCollections()
  {
    String[] currentLocations = getLocations();
    PermissionInfoCollection[] results = new PermissionInfoCollection[currentLocations.length];
    for (int i = 0; i < results.length; i++) {
      results[i] = getCollection(currentLocations[i]);
    }
    return results;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.PermissionAdminTable
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.io.File;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.security.AllPermission;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.osgi.service.permissionadmin.PermissionInfo;

public final class PermissionInfoCollection
  extends PermissionCollection
{
  private static final long serialVersionUID = 3140511562980923957L;
  private static final Class<?>[] twoStringClassArray = { String.class, String.class };
  private static final Class<?>[] oneStringClassArray = { String.class };
  private static final Class<?>[] noArgClassArray = new Class[0];
  private static final Class<?>[][] permClassArrayArgs = { noArgClassArray, oneStringClassArray, twoStringClassArray };
  private final Map<Class<? extends Permission>, PermissionCollection> cachedPermissionCollections = new HashMap();
  private final boolean hasAllPermission;
  private final PermissionInfo[] permInfos;
  
  public PermissionInfoCollection(PermissionInfo[] permInfos)
  {
    this.permInfos = permInfos;
    boolean tempAllPermissions = false;
    for (int i = 0; (i < permInfos.length) && (!tempAllPermissions); i++) {
      if (permInfos[i].getType().equals(AllPermission.class.getName())) {
        tempAllPermissions = true;
      }
    }
    hasAllPermission = tempAllPermissions;
    setReadOnly();
  }
  
  public void add(Permission arg0)
  {
    throw new SecurityException();
  }
  
  public Enumeration<Permission> elements()
  {
    return BundlePermissions.EMPTY_ENUMERATION;
  }
  
  public boolean implies(Permission perm)
  {
    if (hasAllPermission) {
      return true;
    }
    Class<? extends Permission> permClass = perm.getClass();
    PermissionCollection collection;
    synchronized (cachedPermissionCollections)
    {
      collection = (PermissionCollection)cachedPermissionCollections.get(permClass);
    }
    PermissionCollection collection;
    if (collection == null)
    {
      collection = perm.newPermissionCollection();
      if (collection == null) {
        collection = new PermissionsHash();
      }
      try
      {
        addPermissions(collection, permClass);
      }
      catch (Exception e)
      {
        throw ((SecurityException)new SecurityException("Exception creating permissions: " + permClass + ": " + e.getMessage()).initCause(e));
      }
      synchronized (cachedPermissionCollections)
      {
        PermissionCollection exists = (PermissionCollection)cachedPermissionCollections.get(permClass);
        if (exists != null) {
          collection = exists;
        } else {
          cachedPermissionCollections.put(permClass, collection);
        }
      }
    }
    return collection.implies(perm);
  }
  
  PermissionInfo[] getPermissionInfos()
  {
    return permInfos;
  }
  
  private void addPermissions(PermissionCollection collection, Class<? extends Permission> permClass)
    throws NoSuchMethodException, IllegalAccessException, InstantiationException, InvocationTargetException
  {
    String permClassName = permClass.getName();
    Constructor<? extends Permission> constructor = null;
    int numArgs = -1;
    for (int i = permClassArrayArgs.length - 1; i >= 0; i--) {
      try
      {
        constructor = permClass.getConstructor(permClassArrayArgs[i]);
        numArgs = i;
      }
      catch (NoSuchMethodException localNoSuchMethodException) {}
    }
    if (constructor == null) {
      throw new NoSuchMethodException(permClass.getName() + ".<init>()");
    }
    for (int i = 0; i < permInfos.length; i++) {
      if (permInfos[i].getType().equals(permClassName))
      {
        String[] args = new String[numArgs];
        if (numArgs > 0) {
          args[0] = permInfos[i].getName();
        }
        if (numArgs > 1) {
          args[1] = permInfos[i].getActions();
        }
        if (permInfos[i].getType().equals("java.io.FilePermission")) {
          if (!args[0].equals("<<ALL FILES>>"))
          {
            File file = new File(args[0]);
            if (!file.isAbsolute()) {
              continue;
            }
          }
        }
        collection.add((Permission)constructor.newInstance(args));
      }
    }
  }
  
  void clearPermissionCache()
  {
    synchronized (cachedPermissionCollections)
    {
      cachedPermissionCollections.clear();
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.PermissionInfoCollection
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Enumeration;
import java.util.Hashtable;

class PermissionsHash
  extends PermissionCollection
{
  private static final long serialVersionUID = 3258408426341284153L;
  Hashtable<Permission, Permission> perms = new Hashtable(8);
  
  public void add(Permission perm)
  {
    if (isReadOnly()) {
      throw new SecurityException();
    }
    perms.put(perm, perm);
  }
  
  public Enumeration<Permission> elements()
  {
    return perms.keys();
  }
  
  public boolean implies(Permission perm)
  {
    Permission p = (Permission)perms.get(perm);
    if ((p != null) && (p.implies(perm))) {
      return true;
    }
    Enumeration<Permission> permsEnum = elements();
    while (permsEnum.hasMoreElements()) {
      if (((Permission)permsEnum.nextElement()).implies(perm)) {
        return true;
      }
    }
    return false;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.PermissionsHash
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import org.eclipse.osgi.framework.adaptor.PermissionStorage;

public class SecurePermissionStorage
  implements PermissionStorage, PrivilegedExceptionAction<String[]>
{
  private final PermissionStorage storage;
  private String location;
  private String[] data;
  private String[] infos;
  private int action;
  private static final int GET = 1;
  private static final int SET = 2;
  private static final int LOCATION = 3;
  private static final int GET_INFOS = 4;
  private static final int SAVE_INFOS = 5;
  
  public SecurePermissionStorage(PermissionStorage storage)
  {
    this.storage = storage;
  }
  
  public String[] run()
    throws IOException
  {
    switch (action)
    {
    case 1: 
      return storage.getPermissionData(location);
    case 2: 
      storage.setPermissionData(location, data);
      return null;
    case 3: 
      return storage.getLocations();
    case 5: 
      storage.saveConditionalPermissionInfos(infos);
      return null;
    case 4: 
      return storage.getConditionalPermissionInfos();
    }
    throw new UnsupportedOperationException();
  }
  
  public String[] getPermissionData(String loc)
    throws IOException
  {
    location = loc;
    action = 1;
    try
    {
      return (String[])AccessController.doPrivileged(this);
    }
    catch (PrivilegedActionException e)
    {
      throw ((IOException)e.getException());
    }
  }
  
  public String[] getLocations()
    throws IOException
  {
    action = 3;
    try
    {
      return (String[])AccessController.doPrivileged(this);
    }
    catch (PrivilegedActionException e)
    {
      throw ((IOException)e.getException());
    }
  }
  
  public void setPermissionData(String location, String[] data)
    throws IOException
  {
    this.location = location;
    this.data = data;
    action = 2;
    try
    {
      AccessController.doPrivileged(this);
    }
    catch (PrivilegedActionException e)
    {
      throw ((IOException)e.getException());
    }
  }
  
  public void saveConditionalPermissionInfos(String[] updatedInfos)
    throws IOException
  {
    action = 5;
    infos = updatedInfos;
    try
    {
      AccessController.doPrivileged(this);
    }
    catch (PrivilegedActionException e)
    {
      throw ((IOException)e.getException());
    }
  }
  
  public String[] getConditionalPermissionInfos()
    throws IOException
  {
    action = 4;
    try
    {
      return (String[])AccessController.doPrivileged(this);
    }
    catch (PrivilegedActionException e)
    {
      throw ((IOException)e.getException());
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.SecurePermissionStorage
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.Version;

class SecurityAdmin$MockBundle
  implements Bundle
{
  private final Map<X509Certificate, List<X509Certificate>> signers;
  
  SecurityAdmin$MockBundle(Map<X509Certificate, List<X509Certificate>> signers)
  {
    this.signers = signers;
  }
  
  public Enumeration<URL> findEntries(String path, String filePattern, boolean recurse)
  {
    return null;
  }
  
  public BundleContext getBundleContext()
  {
    return null;
  }
  
  public long getBundleId()
  {
    return -1L;
  }
  
  public URL getEntry(String path)
  {
    return null;
  }
  
  public Enumeration<String> getEntryPaths(String path)
  {
    return null;
  }
  
  public Dictionary<String, String> getHeaders()
  {
    return new Hashtable();
  }
  
  public Dictionary<String, String> getHeaders(String locale)
  {
    return getHeaders();
  }
  
  public long getLastModified()
  {
    return 0L;
  }
  
  public String getLocation()
  {
    return "";
  }
  
  public ServiceReference<?>[] getRegisteredServices()
  {
    return null;
  }
  
  public URL getResource(String name)
  {
    return null;
  }
  
  public Enumeration<URL> getResources(String name)
    throws IOException
  {
    return null;
  }
  
  public ServiceReference<?>[] getServicesInUse()
  {
    return null;
  }
  
  public Map<X509Certificate, List<X509Certificate>> getSignerCertificates(int signersType)
  {
    return new HashMap(signers);
  }
  
  public int getState()
  {
    return 1;
  }
  
  public String getSymbolicName()
  {
    return null;
  }
  
  public Version getVersion()
  {
    return Version.emptyVersion;
  }
  
  public boolean hasPermission(Object permission)
  {
    return false;
  }
  
  public Class<?> loadClass(String name)
    throws ClassNotFoundException
  {
    throw new IllegalStateException();
  }
  
  public void start(int options)
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void start()
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void stop(int options)
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void stop()
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void uninstall()
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void update()
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public void update(InputStream in)
    throws BundleException
  {
    throw new IllegalStateException();
  }
  
  public int compareTo(Bundle o)
  {
    return 0;
  }
  
  public <A> A adapt(Class<A> type)
  {
    throw new IllegalStateException();
  }
  
  public File getDataFile(String filename)
  {
    return null;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.SecurityAdmin.MockBundle
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.security.Principal;

class SecurityAdmin$MockPrincipal
  implements Principal
{
  private final String name;
  
  SecurityAdmin$MockPrincipal(String name)
  {
    this.name = name;
  }
  
  public String getName()
  {
    return name;
  }
  
  public boolean equals(Object obj)
  {
    if (this == obj) {
      return true;
    }
    if ((obj instanceof MockPrincipal)) {
      return name.equals(name);
    }
    return false;
  }
  
  public int hashCode()
  {
    return name.hashCode();
  }
  
  public String toString()
  {
    return getName();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.SecurityAdmin.MockPrincipal
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Set;

class SecurityAdmin$MockX509Certificate
  extends X509Certificate
{
  private final Principal subject;
  private final Principal issuer;
  
  SecurityAdmin$MockX509Certificate(Principal subject, Principal issuer)
  {
    this.subject = subject;
    this.issuer = issuer;
  }
  
  public Principal getSubjectDN()
  {
    return subject;
  }
  
  public boolean equals(Object obj)
  {
    if (this == obj) {
      return true;
    }
    if ((obj instanceof MockX509Certificate)) {
      return (subject.equals(subject)) && (issuer.equals(issuer));
    }
    return false;
  }
  
  public int hashCode()
  {
    return subject.hashCode() + issuer.hashCode();
  }
  
  public String toString()
  {
    return subject.toString();
  }
  
  public void checkValidity()
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    throw new UnsupportedOperationException();
  }
  
  public void checkValidity(Date var0)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    throw new UnsupportedOperationException();
  }
  
  public int getBasicConstraints()
  {
    throw new UnsupportedOperationException();
  }
  
  public Principal getIssuerDN()
  {
    return issuer;
  }
  
  public boolean[] getIssuerUniqueID()
  {
    throw new UnsupportedOperationException();
  }
  
  public boolean[] getKeyUsage()
  {
    throw new UnsupportedOperationException();
  }
  
  public Date getNotAfter()
  {
    throw new UnsupportedOperationException();
  }
  
  public Date getNotBefore()
  {
    throw new UnsupportedOperationException();
  }
  
  public BigInteger getSerialNumber()
  {
    throw new UnsupportedOperationException();
  }
  
  public String getSigAlgName()
  {
    throw new UnsupportedOperationException();
  }
  
  public String getSigAlgOID()
  {
    throw new UnsupportedOperationException();
  }
  
  public byte[] getSigAlgParams()
  {
    throw new UnsupportedOperationException();
  }
  
  public byte[] getSignature()
  {
    throw new UnsupportedOperationException();
  }
  
  public boolean[] getSubjectUniqueID()
  {
    throw new UnsupportedOperationException();
  }
  
  public byte[] getTBSCertificate()
    throws CertificateEncodingException
  {
    throw new UnsupportedOperationException();
  }
  
  public int getVersion()
  {
    throw new UnsupportedOperationException();
  }
  
  public byte[] getEncoded()
    throws CertificateEncodingException
  {
    throw new UnsupportedOperationException();
  }
  
  public PublicKey getPublicKey()
  {
    throw new UnsupportedOperationException();
  }
  
  public void verify(PublicKey var0)
    throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, CertificateException
  {
    throw new UnsupportedOperationException();
  }
  
  public void verify(PublicKey var0, String var1)
    throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, CertificateException
  {
    throw new UnsupportedOperationException();
  }
  
  public Set<String> getCriticalExtensionOIDs()
  {
    throw new UnsupportedOperationException();
  }
  
  public byte[] getExtensionValue(String var0)
  {
    throw new UnsupportedOperationException();
  }
  
  public Set<String> getNonCriticalExtensionOIDs()
  {
    throw new UnsupportedOperationException();
  }
  
  public boolean hasUnsupportedCriticalExtension()
  {
    throw new UnsupportedOperationException();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.permadmin.SecurityAdmin.MockX509Certificate
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.permadmin;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.AccessControlContext;
import java.security.AllPermission;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.eclipse.osgi.framework.adaptor.BundleData;
import org.eclipse.osgi.framework.adaptor.BundleProtectionDomain;
import org.eclipse.osgi.framework.adaptor.PermissionStorage;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.Framework;
import org.osgi.framework.AdminPermission;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.Version;
import org.osgi.service.condpermadmin.ConditionInfo;
import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
import org.osgi.service.condpermadmin.ConditionalPermissionInfo;
import org.osgi.service.condpermadmin.ConditionalPermissionUpdate;
import org.osgi.service.permissionadmin.PermissionAdmin;
import org.osgi.service.permissionadmin.PermissionInfo;

public final class SecurityAdmin
  implements PermissionAdmin, ConditionalPermissionAdmin
{
  private static final PermissionCollection DEFAULT_DEFAULT;
  private static final String ADMIN_IMPLIED_ACTIONS = "resource,metadata,class,context";
  
  static
  {
    AllPermission allPerm = new AllPermission();
    DEFAULT_DEFAULT = allPerm.newPermissionCollection();
    if (DEFAULT_DEFAULT != null) {
      DEFAULT_DEFAULT.add(allPerm);
    }
  }
  
  private static final PermissionInfo[] EMPTY_PERM_INFO = new PermissionInfo[0];
  private final PermissionAdminTable permAdminTable = new PermissionAdminTable();
  private SecurityTable condAdminTable;
  private PermissionInfoCollection permAdminDefaults;
  private long timeStamp = 0L;
  private long nextID = System.currentTimeMillis();
  private final PermissionStorage permissionStorage;
  private final Object lock = new Object();
  private final Framework framework;
  private final PermissionInfo[] impliedPermissionInfos;
  private final EquinoxSecurityManager supportedSecurityManager;
  
  private SecurityAdmin(EquinoxSecurityManager supportedSecurityManager, Framework framework, PermissionInfo[] impliedPermissionInfos, PermissionInfoCollection permAdminDefaults)
  {
    this.supportedSecurityManager = supportedSecurityManager;
    this.framework = framework;
    this.impliedPermissionInfos = impliedPermissionInfos;
    this.permAdminDefaults = permAdminDefaults;
    permissionStorage = null;
  }
  
  public SecurityAdmin(EquinoxSecurityManager supportedSecurityManager, Framework framework, PermissionStorage permissionStorage)
    throws IOException
  {
    this.supportedSecurityManager = supportedSecurityManager;
    this.framework = framework;
    this.permissionStorage = new SecurePermissionStorage(permissionStorage);
    impliedPermissionInfos = getPermissionInfos(getClass().getResource("implied.permissions"), framework);
    String[] encodedDefaultInfos = permissionStorage.getPermissionData(null);
    PermissionInfo[] defaultInfos = getPermissionInfos(encodedDefaultInfos);
    if (defaultInfos != null) {
      permAdminDefaults = new PermissionInfoCollection(defaultInfos);
    }
    String[] locations = permissionStorage.getLocations();
    if (locations != null) {
      for (int i = 0; i < locations.length; i++)
      {
        String[] encodedLocationInfos = permissionStorage.getPermissionData(locations[i]);
        if (encodedLocationInfos != null)
        {
          PermissionInfo[] locationInfos = getPermissionInfos(encodedLocationInfos);
          permAdminTable.setPermissions(locations[i], locationInfos);
        }
      }
    }
    String[] encodedCondPermInfos = permissionStorage.getConditionalPermissionInfos();
    if (encodedCondPermInfos == null)
    {
      condAdminTable = new SecurityTable(this, new SecurityRow[0]);
    }
    else
    {
      SecurityRow[] rows = new SecurityRow[encodedCondPermInfos.length];
      try
      {
        for (int i = 0; i < rows.length; i++) {
          rows[i] = SecurityRow.createSecurityRow(this, encodedCondPermInfos[i]);
        }
      }
      catch (IllegalArgumentException localIllegalArgumentException)
      {
        rows = new SecurityRow[0];
      }
      condAdminTable = new SecurityTable(this, rows);
    }
  }
  
  private static PermissionInfo[] getPermissionInfos(String[] encodedInfos)
  {
    if (encodedInfos == null) {
      return null;
    }
    PermissionInfo[] results = new PermissionInfo[encodedInfos.length];
    for (int i = 0; i < results.length; i++) {
      results[i] = new PermissionInfo(encodedInfos[i]);
    }
    return results;
  }
  
  boolean checkPermission(Permission permission, BundlePermissions bundlePermissions)
  {
    PermissionInfoCollection curPermAdminDefaults;
    synchronized (lock)
    {
      Bundle bundle = bundlePermissions.getBundle();
      PermissionInfoCollection locationCollection = (bundle instanceof AbstractBundle) ? permAdminTable.getCollection(((AbstractBundle)bundle).getBundleData().getLocation()) : null;
      SecurityTable curCondAdminTable = condAdminTable;
      curPermAdminDefaults = permAdminDefaults;
    }
    PermissionInfoCollection curPermAdminDefaults;
    SecurityTable curCondAdminTable;
    PermissionInfoCollection locationCollection;
    if (locationCollection != null) {
      return locationCollection.implies(permission);
    }
    if (curCondAdminTable.isEmpty()) {
      return curPermAdminDefaults != null ? curPermAdminDefaults.implies(permission) : DEFAULT_DEFAULT.implies(permission);
    }
    int result = curCondAdminTable.evaluate(bundlePermissions, permission);
    if ((result & 0x1) != 0) {
      return true;
    }
    if ((result & 0x2) != 0) {
      return false;
    }
    if ((result & 0x8) != 0) {
      return true;
    }
    return false;
  }
  
  public PermissionInfo[] getDefaultPermissions()
  {
    synchronized (lock)
    {
      if (permAdminDefaults == null) {
        return null;
      }
      return permAdminDefaults.getPermissionInfos();
    }
  }
  
  public String[] getLocations()
  {
    synchronized (lock)
    {
      String[] results = permAdminTable.getLocations();
      return results.length == 0 ? null : results;
    }
  }
  
  /* Error */
  public PermissionInfo[] getPermissions(String location)
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 608	org/eclipse/osgi/internal/permadmin/SecurityAdmin:lock	Ljava/lang/Object;
    //   4: dup
    //   5: astore_2
    //   6: monitorenter
    //   7: aload_0
    //   8: getfield 613	org/eclipse/osgi/internal/permadmin/SecurityAdmin:permAdminTable	Lorg/eclipse/osgi/internal/permadmin/PermissionAdminTable;
    //   11: aload_1
    //   12: invokevirtual 674	org/eclipse/osgi/internal/permadmin/PermissionAdminTable:getPermissions	(Ljava/lang/String;)[Lorg/osgi/service/permissionadmin/PermissionInfo;
    //   15: aload_2
    //   16: monitorexit
    //   17: areturn
    //   18: aload_2
    //   19: monitorexit
    //   20: athrow
    // Line number table:
    //   Java source line #154	-> byte code offset #0
    //   Java source line #155	-> byte code offset #7
    //   Java source line #154	-> byte code offset #18
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	21	0	this	SecurityAdmin
    //   0	21	1	location	String
    //   5	14	2	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	17	18	finally
    //   18	20	18	finally
  }
  
  public void setDefaultPermissions(PermissionInfo[] permissions)
  {
    
    synchronized (lock)
    {
      if (permissions == null) {
        permAdminDefaults = null;
      } else {
        permAdminDefaults = new PermissionInfoCollection(permissions);
      }
      try
      {
        permissionStorage.setPermissionData(null, getEncodedPermissionInfos(permissions));
      }
      catch (IOException e)
      {
        e.printStackTrace();
      }
    }
  }
  
  private static void checkAllPermission()
  {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
      sm.checkPermission(new AllPermission());
    }
  }
  
  private static String[] getEncodedPermissionInfos(PermissionInfo[] permissions)
  {
    if (permissions == null) {
      return null;
    }
    String[] encoded = new String[permissions.length];
    for (int i = 0; i < encoded.length; i++) {
      encoded[i] = permissions[i].getEncoded();
    }
    return encoded;
  }
  
  public void setPermissions(String location, PermissionInfo[] permissions)
  {
    
    synchronized (lock)
    {
      permAdminTable.setPermissions(location, permissions);
      try
      {
        permissionStorage.setPermissionData(location, getEncodedPermissionInfos(permissions));
      }
      catch (IOException e)
      {
        e.printStackTrace();
      }
    }
  }
  
  void delete(SecurityRow securityRow, boolean firstTry)
  {
    ConditionalPermissionUpdate update = newConditionalPermissionUpdate();
    
    List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos();
    for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();)
    {
      ConditionalPermissionInfo info = (ConditionalPermissionInfo)iRows.next();
      if (securityRow.getName().equals(info.getName()))
      {
        iRows.remove();
        synchronized (lock)
        {
          if ((!update.commit()) && 
            (firstTry)) {
            delete(securityRow, false);
          }
        }
      }
    }
  }
  
  /**
   * @deprecated
   */
  public ConditionalPermissionInfo addConditionalPermissionInfo(ConditionInfo[] conds, PermissionInfo[] perms)
  {
    return setConditionalPermissionInfo(null, conds, perms, true);
  }
  
  public ConditionalPermissionInfo newConditionalPermissionInfo(String name, ConditionInfo[] conditions, PermissionInfo[] permissions, String decision)
  {
    return new SecurityRowSnapShot(name, conditions, permissions, decision);
  }
  
  public ConditionalPermissionInfo newConditionalPermissionInfo(String encoded)
  {
    return SecurityRow.createSecurityRowSnapShot(encoded);
  }
  
  /* Error */
  public ConditionalPermissionUpdate newConditionalPermissionUpdate()
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 608	org/eclipse/osgi/internal/permadmin/SecurityAdmin:lock	Ljava/lang/Object;
    //   4: dup
    //   5: astore_1
    //   6: monitorenter
    //   7: new 338	org/eclipse/osgi/internal/permadmin/SecurityTableUpdate
    //   10: dup
    //   11: aload_0
    //   12: aload_0
    //   13: getfield 615	org/eclipse/osgi/internal/permadmin/SecurityAdmin:condAdminTable	Lorg/eclipse/osgi/internal/permadmin/SecurityTable;
    //   16: invokevirtual 713	org/eclipse/osgi/internal/permadmin/SecurityTable:getRows	()[Lorg/eclipse/osgi/internal/permadmin/SecurityRow;
    //   19: aload_0
    //   20: getfield 606	org/eclipse/osgi/internal/permadmin/SecurityAdmin:timeStamp	J
    //   23: invokespecial 718	org/eclipse/osgi/internal/permadmin/SecurityTableUpdate:<init>	(Lorg/eclipse/osgi/internal/permadmin/SecurityAdmin;[Lorg/eclipse/osgi/internal/permadmin/SecurityRow;J)V
    //   26: aload_1
    //   27: monitorexit
    //   28: areturn
    //   29: aload_1
    //   30: monitorexit
    //   31: athrow
    // Line number table:
    //   Java source line #239	-> byte code offset #0
    //   Java source line #240	-> byte code offset #7
    //   Java source line #239	-> byte code offset #29
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	32	0	this	SecurityAdmin
    //   5	25	1	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	28	29	finally
    //   29	31	29	finally
  }
  
  public AccessControlContext getAccessControlContext(String[] signers)
  {
    SecurityAdmin snapShot = getSnapShot();
    return new AccessControlContext(new ProtectionDomain[] { createProtectionDomain(createMockBundle(signers), snapShot) });
  }
  
  /* Error */
  /**
   * @deprecated
   */
  public ConditionalPermissionInfo getConditionalPermissionInfo(String name)
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 608	org/eclipse/osgi/internal/permadmin/SecurityAdmin:lock	Ljava/lang/Object;
    //   4: dup
    //   5: astore_2
    //   6: monitorenter
    //   7: aload_0
    //   8: getfield 615	org/eclipse/osgi/internal/permadmin/SecurityAdmin:condAdminTable	Lorg/eclipse/osgi/internal/permadmin/SecurityTable;
    //   11: aload_1
    //   12: invokevirtual 716	org/eclipse/osgi/internal/permadmin/SecurityTable:getRow	(Ljava/lang/String;)Lorg/eclipse/osgi/internal/permadmin/SecurityRow;
    //   15: aload_2
    //   16: monitorexit
    //   17: areturn
    //   18: aload_2
    //   19: monitorexit
    //   20: athrow
    // Line number table:
    //   Java source line #253	-> byte code offset #0
    //   Java source line #254	-> byte code offset #7
    //   Java source line #253	-> byte code offset #18
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	21	0	this	SecurityAdmin
    //   0	21	1	name	String
    //   5	14	2	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	17	18	finally
    //   18	20	18	finally
  }
  
  /**
   * @deprecated
   */
  public Enumeration<ConditionalPermissionInfo> getConditionalPermissionInfos()
  {
    synchronized (lock)
    {
      SecurityRow[] rows = condAdminTable.getRows();
      List<ConditionalPermissionInfo> vRows = new ArrayList(rows.length);
      for (int i = 0; i < rows.length; i++) {
        vRows.add(rows[i]);
      }
      return Collections.enumeration(vRows);
    }
  }
  
  /**
   * @deprecated
   */
  public ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms)
  {
    return setConditionalPermissionInfo(name, conds, perms, true);
  }
  
  private SecurityAdmin getSnapShot()
  {
    synchronized (lock)
    {
      SecurityAdmin sa = new SecurityAdmin(supportedSecurityManager, framework, impliedPermissionInfos, permAdminDefaults);
      SecurityRow[] rows = condAdminTable.getRows();
      SecurityRow[] rowsSnapShot = new SecurityRow[rows.length];
      for (int i = 0; i < rows.length; i++) {
        rowsSnapShot[i] = new SecurityRow(sa, rows[i].getName(), rows[i].getConditionInfos(), rows[i].getPermissionInfos(), rows[i].getAccessDecision());
      }
      condAdminTable = new SecurityTable(sa, rowsSnapShot);
 
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2019. Infinite Loop Ltd