As mentioned in http://sourceware.org/ml/mauve-patches/2010/msg00003.html
and checked in the referenced Mauve test, OpenJDK provides a shortcut for
ProtectionDomain instances with AllPermission set which results in
Policy.implies(Permission) not being called.  This patch implements a like
shortcut in GNU Classpath.

2010-12-24  Andrew John Hughes  <ahug...@redhat.com>

        * java/security/ProtectionDomain.java,
        (hasAllPermissions): Add new field.
        (ProtectionDomain(CodeSource,PermissionCollection,
        ClassLoader,Principal,boolean)): Check if permission
        collection includes AllPermission and, if so, set
        hasAllPermissions.
        (implies(Permission)): Immediately return true if
        hasAllPermissions is set.

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint = F8EF F1EA 401E 2E60 15FA  7927 142C 2591 94EF D9D8
Index: java/security/ProtectionDomain.java
===================================================================
RCS file: /sources/classpath/classpath/java/security/ProtectionDomain.java,v
retrieving revision 1.17
diff -u -u -r1.17 ProtectionDomain.java
--- java/security/ProtectionDomain.java 3 Jun 2010 19:13:07 -0000       1.17
+++ java/security/ProtectionDomain.java 25 Dec 2010 01:15:32 -0000
@@ -41,6 +41,8 @@
 
 import gnu.java.lang.CPStringBuilder;
 
+import java.util.Enumeration;
+
 /**
  * This class represents a group of classes, along with their granted
  * permissions. The classes are identified by a {...@link CodeSource}. Thus, 
any
@@ -71,6 +73,9 @@
   /** Post 1.4 the policy may be refreshed! use false for pre 1.4. */
   private boolean staticBinding;
 
+  /** True if this protection domain has all permissions */
+  private boolean hasAllPermissions;
+
   /**
    * Initializes a new instance of <code>ProtectionDomain</code> representing
    * the specified {...@link CodeSource} and set of permissions. No permissions
@@ -128,6 +133,13 @@
       {
         perms = permissions;
         perms.setReadOnly();
+        /* Check if this protection domain has all permissions */
+        Enumeration<Permission> e = permissions.elements();
+        while (e.hasMoreElements())
+          {
+            if (e.nextElement() instanceof AllPermission)
+              hasAllPermissions = true;
+          }
       }
 
     this.classloader = classloader;
@@ -190,6 +202,8 @@
    */
   public boolean implies(Permission permission)
   {
+    if (hasAllPermissions)
+      return true;
     if (staticBinding)
       return (perms == null ? false : perms.implies(permission));
     // Else dynamically bound.  Do we have it?

Reply via email to