changeset 20774:330ea6efa3fd

8007292: Add JavaFX internal packages to package.access Summary: build hooks to allow closed restricted packages to be added to java.security file Reviewed-by: erikj, dholmes, tbell
author mullan
date Fri, 11 Oct 2013 08:43:07 -0400
parents 91e823665026
children a7cd22051d8f
files jdk/make/java/security/Makefile jdk/make/tools/Makefile jdk/make/tools/addtorestrictedpkgs/Makefile jdk/make/tools/src/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java jdk/makefiles/CopyFiles.gmk jdk/makefiles/Tools.gmk jdk/test/java/lang/SecurityManager/CheckPackageAccess.java
diffstat 7 files changed, 191 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/make/java/security/Makefile	Thu Oct 03 11:26:53 2013 -0700
+++ b/jdk/make/java/security/Makefile	Fri Oct 11 08:43:07 2013 -0400
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -79,6 +79,9 @@
   BLACKLISTED_CERTS_SRC +=	$(wildcard $(CLOSED_SHARE_SRC)/lib/security/blacklisted.certs)
   TRUSTEDLIBS_SRC = $(CLOSED_SHARE_SRC)/lib/security/trusted.libraries
   TRUSTEDLIBS_BUILD = $(LIBDIR)/security/trusted.libraries
+  RESTRICTED_PKGS_SRC = $(CLOSED_SHARE_SRC)/lib/security/restricted.pkgs
+  RESTRICTED_PKGS := $(shell $(CAT) $(RESTRICTED_PKGS_SRC) | $(TR) "\n" " ")
+  ADDTORESTRICTEDPKGS_JARFILE = $(BUILDTOOLJARDIR)/addtorestrictedpkgs.jar
 endif
 
 FILES_class = $(FILES_java:%.java=$(CLASSBINDIR)/%.class)
@@ -108,8 +111,15 @@
 
 trustedlibs: classes $(TRUSTEDLIBS_BUILD)
 
+ifdef OPENJDK
 $(PROPS_BUILD): $(PROPS_SRC)
 	$(install-file)
+else
+$(PROPS_BUILD): $(PROPS_SRC)
+	$(MKDIR) -p $(@D)
+	$(BOOT_JAVA_CMD) -jar $(ADDTORESTRICTEDPKGS_JARFILE) $^ $@.tmp $(RESTRICTED_PKGS)
+	$(MV) $@.tmp $@
+endif
 
 $(POLICY_BUILD): $(POLICY_SRC)
 	$(install-file)
--- a/jdk/make/tools/Makefile	Thu Oct 03 11:26:53 2013 -0700
+++ b/jdk/make/tools/Makefile	Fri Oct 11 08:43:07 2013 -0400
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -35,6 +35,7 @@
 # Note: freetypecheck is built by Sanity.gmk if needed
 SUBDIRS =                   \
   addjsum                   \
+  addtorestrictedpkgs       \
   buildmetaindex            \
   cldrconverter             \
   commentchecker            \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/make/tools/addtorestrictedpkgs/Makefile	Fri Oct 11 08:43:07 2013 -0400
@@ -0,0 +1,43 @@
+#
+# Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+#
+# Makefile for building the addtorestrictedpkgs tool
+#
+
+BUILDDIR = ../..
+PACKAGE = build.tools.addtorestrictedpkgs
+PRODUCT = tools
+PROGRAM = addtorestrictedpkgs
+include $(BUILDDIR)/common/Defs.gmk
+
+BUILDTOOL_SOURCE_ROOT = $(BUILDDIR)/tools/src
+BUILDTOOL_MAIN        = $(PKGDIR)/AddToRestrictedPkgs.java
+
+#
+# Build tool jar rules.
+#
+include $(BUILDDIR)/common/BuildToolJar.gmk
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/make/tools/src/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java	Fri Oct 11 08:43:07 2013 -0400
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package build.tools.addtorestrictedpkgs;
+
+import java.io.*;
+
+/**
+ * Adds additional packages to the package.access and package.definition
+ * security properties.
+ */
+public class AddToRestrictedPkgs {
+
+    private static final String PKG_ACC = "package.access";
+    private static final String PKG_DEF = "package.definition";
+    private static final int PKG_ACC_INDENT = 15;
+    private static final int PKG_DEF_INDENT = 19;
+
+    public static void main(String[] args) throws Exception {
+
+        if (args.length < 3) {
+            System.err.println("Usage: java AddToRestrictedPkgs " +
+                               "[input java.security file name] " +
+                               "[output java.security file name] " +
+                               "[packages ...]");
+            System.exit(1);
+        }
+
+        try (FileReader fr = new FileReader(args[0]);
+             BufferedReader br = new BufferedReader(fr);
+             FileWriter fw = new FileWriter(args[1]);
+             BufferedWriter bw = new BufferedWriter(fw))
+        {
+            // parse the file line-by-line, looking for pkg access properties
+            String line = br.readLine();
+            while (line != null) {
+                if (line.startsWith(PKG_ACC)) {
+                    writePackages(br, bw, line, PKG_ACC_INDENT, args);
+                } else if (line.startsWith(PKG_DEF)) {
+                    writePackages(br, bw, line, PKG_DEF_INDENT, args);
+                } else {
+                    writeLine(bw, line);
+                }
+                line = br.readLine();
+            }
+            bw.flush();
+        }
+    }
+
+    private static void writePackages(BufferedReader br, BufferedWriter bw,
+                                      String line, int numSpaces,
+                                      String[] args) throws IOException {
+        // parse property until EOL, not including line breaks
+        while (line.endsWith("\\")) {
+            writeLine(bw, line);
+            line = br.readLine();
+        }
+        // append comma and line-break to last package
+        writeLine(bw, line + ",\\");
+        // add new packages, one per line
+        for (int i = 2; i < args.length - 1; i++) {
+            indent(bw, numSpaces);
+            writeLine(bw, args[i] + ",\\");
+        }
+        indent(bw, numSpaces);
+        writeLine(bw, args[args.length - 1]);
+    }
+
+    private static void writeLine(BufferedWriter bw, String line)
+        throws IOException
+    {
+        bw.write(line);
+        bw.newLine();
+    }
+
+    private static void indent(BufferedWriter bw, int numSpaces)
+        throws IOException
+    {
+        for (int i = 0; i < numSpaces; i++) {
+            bw.append(' ');
+        }
+    }
+}
--- a/jdk/makefiles/CopyFiles.gmk	Thu Oct 03 11:26:53 2013 -0700
+++ b/jdk/makefiles/CopyFiles.gmk	Fri Oct 11 08:43:07 2013 -0400
@@ -355,9 +355,23 @@
 PROPS_SRC := $(JDK_TOPDIR)/src/share/lib/security/java.security-$(OPENJDK_TARGET_OS)
 PROPS_DST := $(JDK_OUTPUTDIR)/lib/security/java.security
 
+ifndef OPENJDK
+
+RESTRICTED_PKGS_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/restricted.pkgs
+RESTRICTED_PKGS := $(shell $(CAT) $(RESTRICTED_PKGS_SRC) | $(TR) "\n" " ")
+
+$(PROPS_DST): $(PROPS_SRC)
+	$(MKDIR) -p $(@D)
+	$(TOOL_ADDTORESTRICTEDPKGS) $^ $@.tmp $(RESTRICTED_PKGS)
+	$(MV) $@.tmp $@
+
+else
+
 $(PROPS_DST): $(PROPS_SRC)
 	$(call install-file)
 
+endif
+
 COPY_FILES += $(PROPS_DST)
 
 ##########################################################################################
--- a/jdk/makefiles/Tools.gmk	Thu Oct 03 11:26:53 2013 -0700
+++ b/jdk/makefiles/Tools.gmk	Fri Oct 11 08:43:07 2013 -0400
@@ -151,6 +151,9 @@
     -cp $(JDK_OUTPUTDIR)/btclasses:$(JDK_OUTPUTDIR) \
         build.tools.deps.CheckDeps
 
+TOOL_ADDTORESTRICTEDPKGS=$(JAVA) -cp $(JDK_OUTPUTDIR)/btclasses \
+ 	build.tools.addtorestrictedpkgs.AddToRestrictedPkgs
+
 ##########################################################################################
 
 # Tools needed on solaris because OBJCOPY is broken.
--- a/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java	Thu Oct 03 11:26:53 2013 -0700
+++ b/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java	Fri Oct 11 08:43:07 2013 -0400
@@ -29,6 +29,9 @@
  *  @run main/othervm CheckPackageAccess
  */
 
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
 import java.security.Security;
 import java.util.Collections;
 import java.util.Arrays;
@@ -96,6 +99,16 @@
         List<String> jspkgs =
             getPackages(Security.getProperty("package.access"));
 
+        // get closed restricted packages
+        File f = new File(System.getProperty("test.src"),
+            "../../../../src/closed/share/lib/security/restricted.pkgs");
+        if (f.exists()) {
+            List<String> ipkgs = Files.readAllLines(f.toPath(),
+                                                    StandardCharsets.UTF_8);
+            // Remove any closed packages from list before comparing
+            jspkgs.removeAll(ipkgs);
+        }
+
         // Sort to ensure lists are comparable
         Collections.sort(pkgs);
         Collections.sort(jspkgs);