| blob | 0da6a0356b2dd2a113759a470dfaf29f38fe0422 |
1 /* URLClassLoader.java -- ClassLoader that loads classes from one or more URLs
2 Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005
3 Free Software Foundation, Inc.
5 This file is part of GNU Classpath.
7 GNU Classpath is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2, or (at your option)
10 any later version.
12 GNU Classpath is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with GNU Classpath; see the file COPYING. If not, write to the
19 Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
20 02111-1307 USA.
22 Linking this library statically or dynamically with other modules is
23 making a combined work based on this library. Thus, the terms and
24 conditions of the GNU General Public License cover the whole
25 combination.
27 As a special exception, the copyright holders of this library give you
28 permission to link this library with independent modules to produce an
29 executable, regardless of the license terms of these independent
30 modules, and to copy and distribute the resulting executable under
31 terms of your choice, provided that you also meet, for each linked
32 independent module, the terms and conditions of the license of that
33 module. An independent module is a module which is not derived from
34 or based on this library. If you modify this library, you may extend
35 this exception to your version of the library, but you are not
36 obligated to do so. If you do not wish to do so, delete this
37 exception statement from your version. */
68 /**
69 * A secure class loader that can load classes and resources from
70 * multiple locations. Given an array of <code>URL</code>s this class
71 * loader will retrieve classes and resources by fetching them from
72 * possible remote locations. Each <code>URL</code> is searched in
73 * order in which it was added. If the file portion of the
74 * <code>URL</code> ends with a '/' character then it is interpreted
75 * as a base directory, otherwise it is interpreted as a jar file from
76 * which the classes/resources are resolved.
77 *
78 * <p>New instances can be created by two static
79 * <code>newInstance()</code> methods or by three public
80 * contructors. Both ways give the option to supply an initial array
81 * of <code>URL</code>s and (optionally) a parent classloader (that is
82 * different from the standard system class loader).</p>
83 *
84 * <p>Normally creating a <code>URLClassLoader</code> throws a
85 * <code>SecurityException</code> if a <code>SecurityManager</code> is
86 * installed and the <code>checkCreateClassLoader()</code> method does
87 * not return true. But the <code>newInstance()</code> methods may be
88 * used by any code as long as it has permission to acces the given
89 * <code>URL</code>s. <code>URLClassLoaders</code> created by the
90 * <code>newInstance()</code> methods also explicitly call the
91 * <code>checkPackageAccess()</code> method of
92 * <code>SecurityManager</code> if one is installed before trying to
93 * load a class. Note that only subclasses of
94 * <code>URLClassLoader</code> can add new URLs after the
95 * URLClassLoader had been created. But it is always possible to get
96 * an array of all URLs that the class loader uses to resolve classes
97 * and resources by way of the <code>getURLs()</code> method.</p>
98 *
99 * <p>Open issues:
100 * <ul>
101 *
102 * <li>Should the URLClassLoader actually add the locations found in
103 * the manifest or is this the responsibility of some other
104 * loader/(sub)class? (see <a
105 * href="http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html">
106 * Extension Mechanism Architecture - Bundles Extensions</a>)</li>
107 *
108 * <li>How does <code>definePackage()</code> and sealing work
109 * precisely?</li>
110 *
111 * <li>We save and use the security context (when a created by
112 * <code>newInstance()</code> but do we have to use it in more
113 * places?</li>
114 *
115 * <li>The use of <code>URLStreamHandler</code>s has not been tested.</li>
116 *
117 * </ul>
118 * </p>
119 *
120 * @since 1.2
121 *
122 * @author Mark Wielaard (mark@klomp.org)
123 * @author Wu Gansha (gansha.wu@intel.com)
124 */
126 {
127 // Class Variables
129 /**
130 * A global cache to store mappings between URLLoader and URL,
131 * so we can avoid do all the homework each time the same URL
132 * comes.
133 * XXX - Keeps these loaders forever which prevents garbage collection.
134 */
137 /**
138 * A cache to store mappings between handler factory and its
139 * private protocol handler cache (also a HashMap), so we can avoid
140 * create handlers each time the same protocol comes.
141 */
144 // Instance variables
146 /** Locations to load classes from */
149 /**
150 * Store pre-parsed information for each url into this vector: each
151 * element is a URL loader. A jar file has its own class-path
152 * attribute which adds to the URLs that will be searched, but this
153 * does not add to the list of urls.
154 */
157 /** Factory used to get the protocol handlers of the URLs */
160 /**
161 * The security context when created from <code>newInstance()</code>
162 * or null when created through a normal constructor or when no
163 * <code>SecurityManager</code> was installed.
164 */
167 // Helper classes
169 /**
170 * A <code>URLLoader</code> contains all logic to load resources from a
171 * given base <code>URL</code>.
172 */
173 abstract static class URLLoader
174 {
175 /**
176 * Our classloader to get info from if needed.
177 */
180 /**
181 * The base URL from which all resources are loaded.
182 */
185 /**
186 * A <code>CodeSource</code> without any associated certificates.
187 * It is common for classes to not have certificates associated
188 * with them. If they come from the same <code>URLLoader</code>
189 * then it is safe to share the associated <code>CodeSource</code>
190 * between them since <code>CodeSource</code> is immutable.
191 */
195 {
197 }
200 {
204 }
206 /**
207 * Returns a <code>Class</code> loaded by this
208 * <code>URLLoader</code>, or <code>null</code> when this loader
209 * either can't load the class or doesn't know how to load classes
210 * at all.
211 */
213 {
215 }
217 /**
218 * Returns a <code>Resource</code> loaded by this
219 * <code>URLLoader</code>, or <code>null</code> when no
220 * <code>Resource</code> with the given name exists.
221 */
224 /**
225 * Returns the <code>Manifest</code> associated with the
226 * <code>Resource</code>s loaded by this <code>URLLoader</code> or
227 * <code>null</code> there is no such <code>Manifest</code>.
228 */
230 {
232 }
235 {
237 }
238 }
240 /**
241 * A <code>Resource</code> represents a resource in some
242 * <code>URLLoader</code>. It also contains all information (e.g.,
243 * <code>URL</code>, <code>CodeSource</code>, <code>Manifest</code> and
244 * <code>InputStream</code>) that is necessary for loading resources
245 * and creating classes from a <code>URL</code>.
246 */
247 abstract static class Resource
248 {
253 {
256 }
258 /**
259 * Returns the non-null <code>CodeSource</code> associated with
260 * this resource.
261 */
263 {
267 else
269 }
271 /**
272 * Returns <code>Certificates</code> associated with this
273 * resource, or null when there are none.
274 */
276 {
278 }
280 /**
281 * Return a <code>URL</code> that can be used to access this resource.
282 */
285 /**
286 * Returns the size of this <code>Resource</code> in bytes or
287 * <code>-1</code> when unknown.
288 */
291 /**
292 * Returns the non-null <code>InputStream</code> through which
293 * this resource can be loaded.
294 */
296 }
298 /**
299 * A <code>JarURLLoader</code> is a type of <code>URLLoader</code>
300 * only loading from jar url.
301 */
303 {
309 SoURLLoader soURLLoader;
312 {
315 // Cache url prefix for all resources in this jar url.
327 try
328 {
329 baseJarURL
331 jarfile
335 {
338 {
344 {
351 baseURL);
352 }
353 }
355 Manifest manifest;
356 Attributes attributes;
357 String classPathString;
361 && ((classPathString
364 {
367 StringTokenizer st
373 {
375 try
376 {
379 }
381 {
382 // Give up
383 }
384 }
385 }
386 }
387 }
389 {
390 /* ignored */
391 }
395 }
398 {
402 }
404 /** get resource with the name "name" in the jar url */
406 {
416 else
418 }
421 {
423 }
426 {
427 try
428 {
430 }
432 {
434 }
435 }
438 {
440 }
441 }
444 {
448 {
451 }
454 {
456 }
459 {
461 }
464 {
466 }
469 {
470 try
471 {
474 }
476 {
480 }
481 }
482 }
484 /**
485 * Loader for remote directories.
486 */
488 {
492 {
495 }
497 /**
498 * Get a remote resource.
499 * Returns null if no such resource exists.
500 */
502 {
503 try
504 {
505 URL url =
509 // Open the connection and check the stream
510 // just to be sure it exists.
514 // We can do some extra checking if it is a http request
516 {
521 }
525 else
527 }
529 {
531 }
532 }
533 }
535 /**
536 * A resource from some remote location.
537 */
539 {
546 {
551 }
554 {
556 }
559 {
561 }
564 {
566 }
567 }
569 /**
570 * A <code>SoURLLoader</code> is a type of <code>URLLoader</code>
571 * that loads classes and resources from a shared library.
572 */
574 {
575 SharedLibHelper helper;
578 {
580 }
583 {
586 noCertCodeSource);
587 }
590 {
592 }
595 {
600 }
601 }
604 {
606 {
609 }
612 {
615 }
618 {
619 // FIXME we could find this by asking the core object.
621 }
624 {
626 }
629 }
631 /**
632 * A <code>FileURLLoader</code> is a type of <code>URLLoader</code>
633 * only loading from file url.
634 */
636 {
640 {
643 }
645 /** get resource with the name "name" in the file url */
647 {
652 }
653 }
656 {
660 {
663 }
666 {
668 }
671 {
673 }
676 {
678 }
681 {
682 try
683 {
686 }
688 {
692 }
693 }
694 }
696 // Constructors
698 /**
699 * Creates a URLClassLoader that gets classes from the supplied URLs.
700 * To determine if this classloader may be created the constructor of
701 * the super class (<code>SecureClassLoader</code>) is called first, which
702 * can throw a SecurityException. Then the supplied URLs are added
703 * in the order given to the URLClassLoader which uses these URLs to
704 * load classes and resources (after using the default parent ClassLoader).
705 *
706 * @exception SecurityException if the SecurityManager disallows the
707 * creation of a ClassLoader.
708 * @param urls Locations that should be searched by this ClassLoader when
709 * resolving Classes or Resources.
710 * @see SecureClassLoader
711 */
713 {
718 }
720 /**
721 * Private constructor used by the static
722 * <code>newInstance(URL[])</code> method. Creates an
723 * <code>URLClassLoader</code> without any <code>URL</code>s
724 * yet. This is used to bypass the normal security check for
725 * creating classloaders, but remembers the security context which
726 * will be used when defining classes. The <code>URL</code>s to
727 * load from must be added by the <code>newInstance()</code> method
728 * in the security context of the caller.
729 *
730 * @param securityContext the security context of the unprivileged code.
731 */
733 {
737 }
739 /**
740 * Creates a <code>URLClassLoader</code> that gets classes from the supplied
741 * <code>URL</code>s.
742 * To determine if this classloader may be created the constructor of
743 * the super class (<code>SecureClassLoader</code>) is called first, which
744 * can throw a SecurityException. Then the supplied URLs are added
745 * in the order given to the URLClassLoader which uses these URLs to
746 * load classes and resources (after using the supplied parent ClassLoader).
747 * @exception SecurityException if the SecurityManager disallows the
748 * creation of a ClassLoader.
749 * @exception SecurityException
750 * @param urls Locations that should be searched by this ClassLoader when
751 * resolving Classes or Resources.
752 * @param parent The parent class loader used before trying this class
753 * loader.
754 * @see SecureClassLoader
755 */
757 throws SecurityException
758 {
763 }
765 // Package-private to avoid a trampoline constructor.
766 /**
767 * Package-private constructor used by the static
768 * <code>newInstance(URL[])</code> method. Creates an
769 * <code>URLClassLoader</code> with the given parent but without any
770 * <code>URL</code>s yet. This is used to bypass the normal security
771 * check for creating classloaders, but remembers the security
772 * context which will be used when defining classes. The
773 * <code>URL</code>s to load from must be added by the
774 * <code>newInstance()</code> method in the security context of the
775 * caller.
776 *
777 * @param securityContext the security context of the unprivileged code.
778 */
780 {
784 }
786 /**
787 * Creates a URLClassLoader that gets classes from the supplied URLs.
788 * To determine if this classloader may be created the constructor of
789 * the super class (<CODE>SecureClassLoader</CODE>) is called first, which
790 * can throw a SecurityException. Then the supplied URLs are added
791 * in the order given to the URLClassLoader which uses these URLs to
792 * load classes and resources (after using the supplied parent ClassLoader).
793 * It will use the supplied <CODE>URLStreamHandlerFactory</CODE> to get the
794 * protocol handlers of the supplied URLs.
795 * @exception SecurityException if the SecurityManager disallows the
796 * creation of a ClassLoader.
797 * @exception SecurityException
798 * @param urls Locations that should be searched by this ClassLoader when
799 * resolving Classes or Resources.
800 * @param parent The parent class loader used before trying this class
801 * loader.
802 * @param factory Used to get the protocol handler for the URLs.
803 * @see SecureClassLoader
804 */
806 URLStreamHandlerFactory factory)
807 throws SecurityException
808 {
814 // If this factory is still not in factoryCache, add it,
815 // since we only support three protocols so far, 5 is enough
816 // for cache initial size
818 {
821 }
822 }
824 // Methods
826 /**
827 * Adds a new location to the end of the internal URL store.
828 * @param newUrl the location to add
829 */
831 {
834 }
837 {
839 {
843 // Check global cache to see if there're already url loader
844 // for this url.
847 {
851 // Check that it is not a directory
858 else
861 // Cache it.
863 }
869 {
872 {
877 }
878 }
880 }
881 }
883 /**
884 * Adds an array of new locations to the end of the internal URL store.
885 * @param newUrls the locations to add
886 */
888 {
891 }
893 /**
894 * Defines a Package based on the given name and the supplied manifest
895 * information. The manifest indicates the tile, version and
896 * vendor information of the specification and implementation and wheter the
897 * package is sealed. If the Manifest indicates that the package is sealed
898 * then the Package will be sealed with respect to the supplied URL.
899 *
900 * @exception IllegalArgumentException If this package name already exists
901 * in this class loader
902 * @param name The name of the package
903 * @param manifest The manifest describing the specification,
904 * implementation and sealing details of the package
905 * @param url the code source url to seal the package
906 * @return the defined Package
907 */
909 throws IllegalArgumentException
910 {
919 // Look if the Manifest indicates that this package is sealed
920 // XXX - most likely not completely correct!
921 // Shouldn't we also check the sealed attribute of the complete jar?
922 // http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html#bundled
923 // But how do we get that jar manifest here?
926 // make sure that the URL is null so the package is not sealed
931 }
933 /**
934 * Finds (the first) class by name from one of the locations. The locations
935 * are searched in the order they were added to the URLClassLoader.
936 *
937 * @param className the classname to find
938 * @exception ClassNotFoundException when the class could not be found or
939 * loaded
940 * @return a Class object representing the found class
941 */
943 throws ClassNotFoundException
944 {
945 // Just try to find the resource by the (almost) same name
950 {
960 }
964 // Try to read the class data, create the CodeSource, Package and
965 // construct the class (and watch out for those nasty IOExceptions)
966 try
967 {
972 {
973 // We know the length of the data.
974 // Just try to read it in all at once
978 {
984 }
985 }
986 else
987 {
988 // We don't know the data length.
989 // Have to read it in chunks.
994 {
998 }
1000 }
1003 // Now get the CodeSource
1006 // Find out package name
1013 {
1014 // define the package
1019 else
1021 }
1023 // And finally construct the class!
1026 {
1029 {
1031 {
1034 source);
1035 }
1037 }
1038 else
1040 }
1042 {
1043 ClassNotFoundException cnfe;
1047 }
1048 }
1050 // Cached String representation of this URLClassLoader
1053 /**
1054 * Returns a String representation of this URLClassLoader giving the
1055 * actual Class name, the URLs that are searched and the parent
1056 * ClassLoader.
1057 */
1059 {
1061 {
1067 {
1071 }
1077 }
1079 }
1081 /**
1082 * Finds the first occurrence of a resource that can be found. The locations
1083 * are searched in the order they were added to the URLClassLoader.
1084 *
1085 * @param resourceName the resource name to look for
1086 * @return the URLResource for the resource if found, null otherwise
1087 */
1089 {
1092 {
1100 }
1102 }
1104 /**
1105 * Finds the first occurrence of a resource that can be found.
1106 *
1107 * @param resourceName the resource name to look for
1108 * @return the URL if found, null otherwise
1109 */
1111 {
1116 // Resource not found
1118 }
1120 /**
1121 * If the URLStreamHandlerFactory has been set this return the appropriate
1122 * URLStreamHandler for the given protocol, if not set returns null.
1123 *
1124 * @param protocol the protocol for which we need a URLStreamHandler
1125 * @return the appropriate URLStreamHandler or null
1126 */
1128 {
1132 URLStreamHandler handler;
1134 {
1135 // Check if there're handler for the same protocol in cache.
1139 {
1140 // Add it to cache.
1143 }
1144 }
1146 }
1148 /**
1149 * Finds all the resources with a particular name from all the locations.
1150 *
1151 * @exception IOException when an error occurs accessing one of the
1152 * locations
1153 * @param resourceName the name of the resource to lookup
1154 * @return a (possible empty) enumeration of URLs where the resource can be
1155 * found
1156 */
1158 throws IOException
1159 {
1163 {
1168 }
1170 }
1172 /**
1173 * Returns the permissions needed to access a particular code
1174 * source. These permissions includes those returned by
1175 * <code>SecureClassLoader.getPermissions()</code> and the actual
1176 * permissions to access the objects referenced by the URL of the
1177 * code source. The extra permissions added depend on the protocol
1178 * and file portion of the URL in the code source. If the URL has
1179 * the "file" protocol ends with a '/' character then it must be a
1180 * directory and a file Permission to read everything in that
1181 * directory and all subdirectories is added. If the URL had the
1182 * "file" protocol and doesn't end with a '/' character then it must
1183 * be a normal file and a file permission to read that file is
1184 * added. If the <code>URL</code> has any other protocol then a
1185 * socket permission to connect and accept connections from the host
1186 * portion of the URL is added.
1187 *
1188 * @param source The codesource that needs the permissions to be accessed
1189 * @return the collection of permissions needed to access the code resource
1190 * @see java.security.SecureClassLoader#getPermissions()
1191 */
1193 {
1194 // XXX - This implementation does exactly as the Javadoc describes.
1195 // But maybe we should/could use URLConnection.getPermissions()?
1196 // First get the permissions that would normally be granted
1199 // Now add any extra permissions depending on the URL location.
1203 {
1206 // If the file end in / it must be an directory.
1208 {
1209 // Grant permission to read everything in that directory and
1210 // all subdirectories.
1212 }
1213 else
1214 {
1215 // It is a 'normal' file.
1216 // Grant permission to access that file.
1218 }
1219 }
1220 else
1221 {
1222 // Grant permission to connect to and accept connections from host
1226 }
1229 }
1231 /**
1232 * Returns all the locations that this class loader currently uses the
1233 * resolve classes and resource. This includes both the initially supplied
1234 * URLs as any URLs added later by the loader.
1235 * @return All the currently used URLs
1236 */
1238 {
1240 }
1242 /**
1243 * Creates a new instance of a <code>URLClassLoader</code> that gets
1244 * classes from the supplied <code>URL</code>s. This class loader
1245 * will have as parent the standard system class loader.
1246 *
1247 * @param urls the initial URLs used to resolve classes and
1248 * resources
1249 *
1250 * @return the class loader
1251 *
1252 * @exception SecurityException when the calling code does not have
1253 * permission to access the given <code>URL</code>s
1254 */
1256 throws SecurityException
1257 {
1259 }
1261 /**
1262 * Creates a new instance of a <code>URLClassLoader</code> that gets
1263 * classes from the supplied <code>URL</code>s and with the supplied
1264 * loader as parent class loader.
1265 *
1266 * @param urls the initial URLs used to resolve classes and
1267 * resources
1268 * @param parent the parent class loader
1269 *
1270 * @return the class loader
1271 *
1272 * @exception SecurityException when the calling code does not have
1273 * permission to access the given <code>URL</code>s
1274 */
1276 throws SecurityException
1277 {
1281 else
1282 {
1285 // XXX - What to do with anything else then an AccessControlContext?
1290 URLClassLoader loader =
1292 {
1294 {
1297 }
1298 });
1301 }
1302 }
1303 }