CheckRestrictedPackage.java revision 1551:f3b883bec2d0 
1109998Smarkm/*
268651Skris * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
368651Skris * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
468651Skris *
568651Skris * This code is free software; you can redistribute it and/or modify it
668651Skris * under the terms of the GNU General Public License version 2 only, as
768651Skris * published by the Free Software Foundation.  Oracle designates this
8296465Sdelphij * particular file as subject to the "Classpath" exception as provided
968651Skris * by Oracle in the LICENSE file that accompanied this code.
1068651Skris *
1168651Skris * This code is distributed in the hope that it will be useful, but WITHOUT
1268651Skris * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1368651Skris * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1468651Skris * version 2 for more details (a copy is included in the LICENSE file that
15296465Sdelphij * accompanied this code).
1668651Skris *
1768651Skris * You should have received a copy of the GNU General Public License version
1868651Skris * 2 along with this work; if not, write to the Free Software Foundation,
1968651Skris * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
2068651Skris *
2168651Skris * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22296465Sdelphij * or visit www.oracle.com if you need additional information or have any
2368651Skris * questions.
2468651Skris */
2568651Skris
2668651Skris/*
2768651Skris * This file is available under and governed by the GNU General Public
2868651Skris * License version 2 only, as published by the Free Software Foundation.
2968651Skris * However, the following notice accompanied the original version of this
3068651Skris * file, and Oracle licenses the original version of this file under the BSD
3168651Skris * license:
3268651Skris */
3368651Skris/*
3468651Skris   Copyright 2009-2013 Attila Szegedi
3568651Skris
3668651Skris   Licensed under both the Apache License, Version 2.0 (the "Apache License")
37296465Sdelphij   and the BSD License (the "BSD License"), with licensee being free to
3868651Skris   choose either of the two at their discretion.
3968651Skris
40296465Sdelphij   You may not use this file except in compliance with either the Apache
4168651Skris   License or the BSD License.
4268651Skris
4368651Skris   If you choose to use this file in compliance with the Apache License, the
4468651Skris   following notice applies to you:
4568651Skris
4668651Skris       You may obtain a copy of the Apache License at
4768651Skris
4868651Skris           http://www.apache.org/licenses/LICENSE-2.0
4968651Skris
5068651Skris       Unless required by applicable law or agreed to in writing, software
5168651Skris       distributed under the License is distributed on an "AS IS" BASIS,
52296465Sdelphij       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
5368651Skris       implied. See the License for the specific language governing
5468651Skris       permissions and limitations under the License.
5568651Skris
5668651Skris   If you choose to use this file in compliance with the BSD License, the
5768651Skris   following notice applies to you:
5868651Skris
5968651Skris       Redistribution and use in source and binary forms, with or without
6068651Skris       modification, are permitted provided that the following conditions are
6168651Skris       met:
6268651Skris       * Redistributions of source code must retain the above copyright
6368651Skris         notice, this list of conditions and the following disclaimer.
6468651Skris       * Redistributions in binary form must reproduce the above copyright
6568651Skris         notice, this list of conditions and the following disclaimer in the
66296465Sdelphij         documentation and/or other materials provided with the distribution.
6768651Skris       * Neither the name of the copyright holder nor the names of
6868651Skris         contributors may be used to endorse or promote products derived from
6968651Skris         this software without specific prior written permission.
7068651Skris
7168651Skris       THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
7268651Skris       IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
7368651Skris       TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
7468651Skris       PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER
7568651Skris       BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
7668651Skris       CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
7768651Skris       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
7868651Skris       BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
7968651Skris       WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
8068651Skris       OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
8168651Skris       ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
8268651Skris*/
8368651Skris
8468651Skrispackage jdk.dynalink.beans;
8568651Skris
8668651Skrisimport java.lang.reflect.Modifier;
8768651Skrisimport java.security.AccessControlContext;
8868651Skrisimport java.security.AccessController;
8968651Skrisimport java.security.PrivilegedAction;
9068651Skrisimport jdk.dynalink.internal.AccessControlContextFactory;
9168651Skris
9268651Skris/**
9368651Skris * A utility class to check whether a given class is in a package with restricted access e.g. "sun.*" etc.
9468651Skris */
9568651Skrisclass CheckRestrictedPackage {
9668651Skris    private static final AccessControlContext NO_PERMISSIONS_CONTEXT =
9768651Skris            AccessControlContextFactory.createAccessControlContext();
9868651Skris
9968651Skris    /**
10068651Skris     * Returns true if the class is either not public, or it resides in a package with restricted access.
10168651Skris     * @param clazz the class to test
10268651Skris     * @return true if the class is either not public, or it resides in a package with restricted access.
10368651Skris     */
10468651Skris    static boolean isRestrictedClass(final Class<?> clazz) {
10568651Skris        if(!Modifier.isPublic(clazz.getModifiers())) {
10668651Skris            // Non-public classes are always restricted
10768651Skris            return true;
10868651Skris        }
10968651Skris        final SecurityManager sm = System.getSecurityManager();
11068651Skris        if(sm == null) {
11168651Skris            // No further restrictions if we don't have a security manager
11268651Skris            return false;
113296465Sdelphij        }
11468651Skris        final String name = clazz.getName();
115296465Sdelphij        final int i = name.lastIndexOf('.');
11668651Skris        if (i == -1) {
117296465Sdelphij            // Classes in default package are never restricted
118296465Sdelphij            return false;
119296465Sdelphij        }
120296465Sdelphij        // Do a package access check from within an access control context with no permissions
121296465Sdelphij        try {
122296465Sdelphij            AccessController.doPrivileged(new PrivilegedAction<Void>() {
123296465Sdelphij                @Override
124296465Sdelphij                public Void run() {
125296465Sdelphij                    sm.checkPackageAccess(name.substring(0, i));
126296465Sdelphij                    return null;
127296465Sdelphij                }
128296465Sdelphij            }, NO_PERMISSIONS_CONTEXT);
129296465Sdelphij        } catch(final SecurityException e) {
13068651Skris            return true;
131296465Sdelphij        }
132296465Sdelphij        return false;
133296465Sdelphij    }
134296465Sdelphij}
135296465Sdelphij