| blob | 919fc9de0f61a0b211777121dc404243aa200647 |
1 /* URLClassLoader.java -- ClassLoader that loads classes from one or more URLs
2 Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005
3 Free Software Foundation, Inc.
5 This file is part of GNU Classpath.
7 GNU Classpath is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2, or (at your option)
10 any later version.
12 GNU Classpath is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with GNU Classpath; see the file COPYING. If not, write to the
19 Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
20 02111-1307 USA.
22 Linking this library statically or dynamically with other modules is
23 making a combined work based on this library. Thus, the terms and
24 conditions of the GNU General Public License cover the whole
25 combination.
27 As a special exception, the copyright holders of this library give you
28 permission to link this library with independent modules to produce an
29 executable, regardless of the license terms of these independent
30 modules, and to copy and distribute the resulting executable under
31 terms of your choice, provided that you also meet, for each linked
32 independent module, the terms and conditions of the license of that
33 module. An independent module is a module which is not derived from
34 or based on this library. If you modify this library, you may extend
35 this exception to your version of the library, but you are not
36 obligated to do so. If you do not wish to do so, delete this
37 exception statement from your version. */
68 /**
69 * A secure class loader that can load classes and resources from
70 * multiple locations. Given an array of <code>URL</code>s this class
71 * loader will retrieve classes and resources by fetching them from
72 * possible remote locations. Each <code>URL</code> is searched in
73 * order in which it was added. If the file portion of the
74 * <code>URL</code> ends with a '/' character then it is interpreted
75 * as a base directory, otherwise it is interpreted as a jar file from
76 * which the classes/resources are resolved.
77 *
78 * <p>New instances can be created by two static
79 * <code>newInstance()</code> methods or by three public
80 * contructors. Both ways give the option to supply an initial array
81 * of <code>URL</code>s and (optionally) a parent classloader (that is
82 * different from the standard system class loader).</p>
83 *
84 * <p>Normally creating a <code>URLClassLoader</code> throws a
85 * <code>SecurityException</code> if a <code>SecurityManager</code> is
86 * installed and the <code>checkCreateClassLoader()</code> method does
87 * not return true. But the <code>newInstance()</code> methods may be
88 * used by any code as long as it has permission to acces the given
89 * <code>URL</code>s. <code>URLClassLoaders</code> created by the
90 * <code>newInstance()</code> methods also explicitly call the
91 * <code>checkPackageAccess()</code> method of
92 * <code>SecurityManager</code> if one is installed before trying to
93 * load a class. Note that only subclasses of
94 * <code>URLClassLoader</code> can add new URLs after the
95 * URLClassLoader had been created. But it is always possible to get
96 * an array of all URLs that the class loader uses to resolve classes
97 * and resources by way of the <code>getURLs()</code> method.</p>
98 *
99 * <p>Open issues:
100 * <ul>
101 *
102 * <li>Should the URLClassLoader actually add the locations found in
103 * the manifest or is this the responsibility of some other
104 * loader/(sub)class? (see <a
105 * href="http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html">
106 * Extension Mechanism Architecture - Bundles Extensions</a>)</li>
107 *
108 * <li>How does <code>definePackage()</code> and sealing work
109 * precisely?</li>
110 *
111 * <li>We save and use the security context (when a created by
112 * <code>newInstance()</code> but do we have to use it in more
113 * places?</li>
114 *
115 * <li>The use of <code>URLStreamHandler</code>s has not been tested.</li>
116 *
117 * </ul>
118 * </p>
119 *
120 * @since 1.2
121 *
122 * @author Mark Wielaard (mark@klomp.org)
123 * @author Wu Gansha (gansha.wu@intel.com)
124 */
126 {
127 // Class Variables
129 /**
130 * A global cache to store mappings between URLLoader and URL,
131 * so we can avoid do all the homework each time the same URL
132 * comes.
133 * XXX - Keeps these loaders forever which prevents garbage collection.
134 */
137 /**
138 * A cache to store mappings between handler factory and its
139 * private protocol handler cache (also a HashMap), so we can avoid
140 * create handlers each time the same protocol comes.
141 */
144 // Instance variables
146 /** Locations to load classes from */
149 /**
150 * Store pre-parsed information for each url into this vector: each
151 * element is a URL loader. A jar file has its own class-path
152 * attribute which adds to the URLs that will be searched, but this
153 * does not add to the list of urls.
154 */
157 /** Factory used to get the protocol handlers of the URLs */
160 /**
161 * The security context when created from <code>newInstance()</code>
162 * or null when created through a normal constructor or when no
163 * <code>SecurityManager</code> was installed.
164 */
167 // Helper classes
169 /**
170 * A <code>URLLoader</code> contains all logic to load resources from a
171 * given base <code>URL</code>.
172 */
173 abstract static class URLLoader
174 {
175 /**
176 * Our classloader to get info from if needed.
177 */
180 /**
181 * The base URL from which all resources are loaded.
182 */
185 /**
186 * A <code>CodeSource</code> without any associated certificates.
187 * It is common for classes to not have certificates associated
188 * with them. If they come from the same <code>URLLoader</code>
189 * then it is safe to share the associated <code>CodeSource</code>
190 * between them since <code>CodeSource</code> is immutable.
191 */
195 {
197 }
200 {
204 }
206 /**
207 * Returns a <code>Class</code> loaded by this
208 * <code>URLLoader</code>, or <code>null</code> when this loader
209 * either can't load the class or doesn't know how to load classes
210 * at all.
211 */
213 {
215 }
217 /**
218 * Returns a <code>Resource</code> loaded by this
219 * <code>URLLoader</code>, or <code>null</code> when no
220 * <code>Resource</code> with the given name exists.
221 */
224 /**
225 * Returns the <code>Manifest</code> associated with the
226 * <code>Resource</code>s loaded by this <code>URLLoader</code> or
227 * <code>null</code> there is no such <code>Manifest</code>.
228 */
230 {
232 }
235 {
237 }
238 }
240 /**
241 * A <code>Resource</code> represents a resource in some
242 * <code>URLLoader</code>. It also contains all information (e.g.,
243 * <code>URL</code>, <code>CodeSource</code>, <code>Manifest</code> and
244 * <code>InputStream</code>) that is necessary for loading resources
245 * and creating classes from a <code>URL</code>.
246 */
247 abstract static class Resource
248 {
253 {
256 }
258 /**
259 * Returns the non-null <code>CodeSource</code> associated with
260 * this resource.
261 */
263 {
267 else
269 }
271 /**
272 * Returns <code>Certificates</code> associated with this
273 * resource, or null when there are none.
274 */
276 {
278 }
280 /**
281 * Return a <code>URL</code> that can be used to access this resource.
282 */
285 /**
286 * Returns the size of this <code>Resource</code> in bytes or
287 * <code>-1</code> when unknown.
288 */
291 /**
292 * Returns the non-null <code>InputStream</code> through which
293 * this resource can be loaded.
294 */
296 }
298 /**
299 * A <code>JarURLLoader</code> is a type of <code>URLLoader</code>
300 * only loading from jar url.
301 */
303 {
310 {
313 // Cache url prefix for all resources in this jar url.
324 try
325 {
326 baseJarURL =
329 jarfile =
332 Manifest manifest;
333 Attributes attributes;
334 String classPathString;
338 && ((classPathString
341 {
346 {
348 try
349 {
352 }
354 {
355 // Give up
356 }
357 }
358 }
359 }
361 {
362 /* ignored */
363 }
367 }
369 /** get resource with the name "name" in the jar url */
371 {
381 else
383 }
386 {
387 try
388 {
390 }
392 {
394 }
395 }
398 {
400 }
401 }
404 {
408 {
411 }
414 {
416 }
419 {
421 }
424 {
425 // We have to get the entry from the jar file again, because the
426 // certificates will not be available until the entire entry has
427 // been read.
430 }
433 {
434 try
435 {
438 }
440 {
444 }
445 }
446 }
448 /**
449 * Loader for remote directories.
450 */
452 {
456 {
459 }
461 /**
462 * Get a remote resource.
463 * Returns null if no such resource exists.
464 */
466 {
467 try
468 {
469 URL url =
473 // Open the connection and check the stream
474 // just to be sure it exists.
478 // We can do some extra checking if it is a http request
480 {
485 }
489 else
491 }
493 {
495 }
496 }
497 }
499 /**
500 * A resource from some remote location.
501 */
503 {
510 {
515 }
518 {
520 }
523 {
525 }
528 {
530 }
531 }
533 /**
534 * A <code>SoURLLoader</code> is a type of <code>URLLoader</code>
535 * that loads classes and resources from a shared library.
536 */
538 {
539 SharedLibHelper helper;
542 {
544 }
547 {
551 }
554 {
556 }
559 {
564 }
565 }
568 {
570 {
573 }
576 {
579 }
582 {
583 // FIXME we could find this by asking the core object.
585 }
588 {
590 }
593 }
595 /**
596 * A <code>FileURLLoader</code> is a type of <code>URLLoader</code>
597 * only loading from file url.
598 */
600 {
604 {
607 }
609 /** get resource with the name "name" in the file url */
611 {
616 }
617 }
620 {
624 {
627 }
630 {
632 }
635 {
637 }
640 {
641 try
642 {
645 }
647 {
651 }
652 }
653 }
655 // Constructors
657 /**
658 * Creates a URLClassLoader that gets classes from the supplied URLs.
659 * To determine if this classloader may be created the constructor of
660 * the super class (<code>SecureClassLoader</code>) is called first, which
661 * can throw a SecurityException. Then the supplied URLs are added
662 * in the order given to the URLClassLoader which uses these URLs to
663 * load classes and resources (after using the default parent ClassLoader).
664 *
665 * @exception SecurityException if the SecurityManager disallows the
666 * creation of a ClassLoader.
667 * @param urls Locations that should be searched by this ClassLoader when
668 * resolving Classes or Resources.
669 * @see SecureClassLoader
670 */
672 {
677 }
679 /**
680 * Private constructor used by the static
681 * <code>newInstance(URL[])</code> method. Creates an
682 * <code>URLClassLoader</code> without any <code>URL</code>s
683 * yet. This is used to bypass the normal security check for
684 * creating classloaders, but remembers the security context which
685 * will be used when defining classes. The <code>URL</code>s to
686 * load from must be added by the <code>newInstance()</code> method
687 * in the security context of the caller.
688 *
689 * @param securityContext the security context of the unprivileged code.
690 */
692 {
696 }
698 /**
699 * Creates a <code>URLClassLoader</code> that gets classes from the supplied
700 * <code>URL</code>s.
701 * To determine if this classloader may be created the constructor of
702 * the super class (<code>SecureClassLoader</code>) is called first, which
703 * can throw a SecurityException. Then the supplied URLs are added
704 * in the order given to the URLClassLoader which uses these URLs to
705 * load classes and resources (after using the supplied parent ClassLoader).
706 * @exception SecurityException if the SecurityManager disallows the
707 * creation of a ClassLoader.
708 * @exception SecurityException
709 * @param urls Locations that should be searched by this ClassLoader when
710 * resolving Classes or Resources.
711 * @param parent The parent class loader used before trying this class
712 * loader.
713 * @see SecureClassLoader
714 */
716 throws SecurityException
717 {
722 }
724 // Package-private to avoid a trampoline constructor.
725 /**
726 * Package-private constructor used by the static
727 * <code>newInstance(URL[])</code> method. Creates an
728 * <code>URLClassLoader</code> with the given parent but without any
729 * <code>URL</code>s yet. This is used to bypass the normal security
730 * check for creating classloaders, but remembers the security
731 * context which will be used when defining classes. The
732 * <code>URL</code>s to load from must be added by the
733 * <code>newInstance()</code> method in the security context of the
734 * caller.
735 *
736 * @param securityContext the security context of the unprivileged code.
737 */
739 {
743 }
745 /**
746 * Creates a URLClassLoader that gets classes from the supplied URLs.
747 * To determine if this classloader may be created the constructor of
748 * the super class (<CODE>SecureClassLoader</CODE>) is called first, which
749 * can throw a SecurityException. Then the supplied URLs are added
750 * in the order given to the URLClassLoader which uses these URLs to
751 * load classes and resources (after using the supplied parent ClassLoader).
752 * It will use the supplied <CODE>URLStreamHandlerFactory</CODE> to get the
753 * protocol handlers of the supplied URLs.
754 * @exception SecurityException if the SecurityManager disallows the
755 * creation of a ClassLoader.
756 * @exception SecurityException
757 * @param urls Locations that should be searched by this ClassLoader when
758 * resolving Classes or Resources.
759 * @param parent The parent class loader used before trying this class
760 * loader.
761 * @param factory Used to get the protocol handler for the URLs.
762 * @see SecureClassLoader
763 */
765 URLStreamHandlerFactory factory)
766 throws SecurityException
767 {
773 // If this factory is still not in factoryCache, add it,
774 // since we only support three protocols so far, 5 is enough
775 // for cache initial size
777 {
780 }
781 }
783 // Methods
785 /**
786 * Adds a new location to the end of the internal URL store.
787 * @param newUrl the location to add
788 */
790 {
793 }
796 {
798 {
802 // Check global cache to see if there're already url loader
803 // for this url.
806 {
810 // Check that it is not a directory
817 else
820 // Cache it.
822 }
828 {
831 {
836 }
837 }
839 }
840 }
842 /**
843 * Adds an array of new locations to the end of the internal URL store.
844 * @param newUrls the locations to add
845 */
847 {
850 }
852 /**
853 * Defines a Package based on the given name and the supplied manifest
854 * information. The manifest indicates the tile, version and
855 * vendor information of the specification and implementation and wheter the
856 * package is sealed. If the Manifest indicates that the package is sealed
857 * then the Package will be sealed with respect to the supplied URL.
858 *
859 * @exception IllegalArgumentException If this package name already exists
860 * in this class loader
861 * @param name The name of the package
862 * @param manifest The manifest describing the specification,
863 * implementation and sealing details of the package
864 * @param url the code source url to seal the package
865 * @return the defined Package
866 */
868 throws IllegalArgumentException
869 {
878 // Look if the Manifest indicates that this package is sealed
879 // XXX - most likely not completely correct!
880 // Shouldn't we also check the sealed attribute of the complete jar?
881 // http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html#bundled
882 // But how do we get that jar manifest here?
885 // make sure that the URL is null so the package is not sealed
890 }
892 /**
893 * Finds (the first) class by name from one of the locations. The locations
894 * are searched in the order they were added to the URLClassLoader.
895 *
896 * @param className the classname to find
897 * @exception ClassNotFoundException when the class could not be found or
898 * loaded
899 * @return a Class object representing the found class
900 */
902 throws ClassNotFoundException
903 {
904 // Just try to find the resource by the (almost) same name
909 {
919 }
923 // Try to read the class data, create the CodeSource, Package and
924 // construct the class (and watch out for those nasty IOExceptions)
925 try
926 {
931 {
932 // We know the length of the data.
933 // Just try to read it in all at once
937 {
943 }
944 }
945 else
946 {
947 // We don't know the data length.
948 // Have to read it in chunks.
953 {
957 }
959 }
962 // Now get the CodeSource
965 // Find out package name
972 {
973 // define the package
978 else
980 }
982 // And finally construct the class!
986 {
989 {
991 {
994 source);
995 }
997 }
998 else
1003 }
1005 {
1006 ClassNotFoundException cnfe;
1010 }
1011 }
1013 // Cached String representation of this URLClassLoader
1016 /**
1017 * Returns a String representation of this URLClassLoader giving the
1018 * actual Class name, the URLs that are searched and the parent
1019 * ClassLoader.
1020 */
1022 {
1024 {
1030 {
1034 }
1040 }
1042 }
1044 /**
1045 * Finds the first occurrence of a resource that can be found. The locations
1046 * are searched in the order they were added to the URLClassLoader.
1047 *
1048 * @param resourceName the resource name to look for
1049 * @return the URLResource for the resource if found, null otherwise
1050 */
1052 {
1055 {
1063 }
1065 }
1067 /**
1068 * Finds the first occurrence of a resource that can be found.
1069 *
1070 * @param resourceName the resource name to look for
1071 * @return the URL if found, null otherwise
1072 */
1074 {
1079 // Resource not found
1081 }
1083 /**
1084 * If the URLStreamHandlerFactory has been set this return the appropriate
1085 * URLStreamHandler for the given protocol, if not set returns null.
1086 *
1087 * @param protocol the protocol for which we need a URLStreamHandler
1088 * @return the appropriate URLStreamHandler or null
1089 */
1091 {
1095 URLStreamHandler handler;
1097 {
1098 // Check if there're handler for the same protocol in cache.
1102 {
1103 // Add it to cache.
1106 }
1107 }
1109 }
1111 /**
1112 * Finds all the resources with a particular name from all the locations.
1113 *
1114 * @exception IOException when an error occurs accessing one of the
1115 * locations
1116 * @param resourceName the name of the resource to lookup
1117 * @return a (possible empty) enumeration of URLs where the resource can be
1118 * found
1119 */
1121 throws IOException
1122 {
1126 {
1131 }
1133 }
1135 /**
1136 * Returns the permissions needed to access a particular code
1137 * source. These permissions includes those returned by
1138 * <code>SecureClassLoader.getPermissions()</code> and the actual
1139 * permissions to access the objects referenced by the URL of the
1140 * code source. The extra permissions added depend on the protocol
1141 * and file portion of the URL in the code source. If the URL has
1142 * the "file" protocol ends with a '/' character then it must be a
1143 * directory and a file Permission to read everything in that
1144 * directory and all subdirectories is added. If the URL had the
1145 * "file" protocol and doesn't end with a '/' character then it must
1146 * be a normal file and a file permission to read that file is
1147 * added. If the <code>URL</code> has any other protocol then a
1148 * socket permission to connect and accept connections from the host
1149 * portion of the URL is added.
1150 *
1151 * @param source The codesource that needs the permissions to be accessed
1152 * @return the collection of permissions needed to access the code resource
1153 * @see java.security.SecureClassLoader#getPermissions()
1154 */
1156 {
1157 // XXX - This implementation does exactly as the Javadoc describes.
1158 // But maybe we should/could use URLConnection.getPermissions()?
1159 // First get the permissions that would normally be granted
1162 // Now add any extra permissions depending on the URL location.
1166 {
1169 // If the file end in / it must be an directory.
1171 {
1172 // Grant permission to read everything in that directory and
1173 // all subdirectories.
1175 }
1176 else
1177 {
1178 // It is a 'normal' file.
1179 // Grant permission to access that file.
1181 }
1182 }
1183 else
1184 {
1185 // Grant permission to connect to and accept connections from host
1189 }
1192 }
1194 /**
1195 * Returns all the locations that this class loader currently uses the
1196 * resolve classes and resource. This includes both the initially supplied
1197 * URLs as any URLs added later by the loader.
1198 * @return All the currently used URLs
1199 */
1201 {
1203 }
1205 /**
1206 * Creates a new instance of a <code>URLClassLoader</code> that gets
1207 * classes from the supplied <code>URL</code>s. This class loader
1208 * will have as parent the standard system class loader.
1209 *
1210 * @param urls the initial URLs used to resolve classes and
1211 * resources
1212 *
1213 * @return the class loader
1214 *
1215 * @exception SecurityException when the calling code does not have
1216 * permission to access the given <code>URL</code>s
1217 */
1219 throws SecurityException
1220 {
1222 }
1224 /**
1225 * Creates a new instance of a <code>URLClassLoader</code> that gets
1226 * classes from the supplied <code>URL</code>s and with the supplied
1227 * loader as parent class loader.
1228 *
1229 * @param urls the initial URLs used to resolve classes and
1230 * resources
1231 * @param parent the parent class loader
1232 *
1233 * @return the class loader
1234 *
1235 * @exception SecurityException when the calling code does not have
1236 * permission to access the given <code>URL</code>s
1237 */
1239 throws SecurityException
1240 {
1244 else
1245 {
1248 // XXX - What to do with anything else then an AccessControlContext?
1253 URLClassLoader loader =
1255 {
1257 {
1260 }
1261 });
1264 }
1265 }
1266 }