michael/lwjgl
michael
/
lwjgl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

changed default behavior to not use SecureClassLoader, as it was causing issues since the latest security update

This commit is contained in:
Brian Matzon 2013-12-02 20:50:04 +01:00
parent 408ac906bb
commit e7f46b99e2
2 changed files with 7 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
libs/lzma.jar
View File

Binary file not shown.

24
src/java/org/lwjgl/util/applet/AppletLoader.java
View File

@ -56,7 +56,6 @@ import java.io.StringWriter;
import java.io.Writer; import java.io.Writer;
import java.lang.reflect.Constructor; import java.lang.reflect.Constructor;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.JarURLConnection; import java.net.JarURLConnection;
import java.net.SocketPermission; import java.net.SocketPermission;
@ -70,7 +69,6 @@ import java.security.CodeSource;
import java.security.PermissionCollection; import java.security.PermissionCollection;
import java.security.Permissions; import java.security.Permissions;
import java.security.PrivilegedExceptionAction; import java.security.PrivilegedExceptionAction;
import java.security.SecureClassLoader;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.HashMap; import java.util.HashMap;
@ -1189,24 +1187,16 @@ public class AppletLoader extends Applet implements Runnable, AppletStub {
PermissionCollection perms = null; PermissionCollection perms = null;
try { try {
// no permissions
// if mac, apply workaround for the multiple security dialog issue perms = new Permissions();
if (isMacOS) {
// if certificates match the AppletLoader certificates then don't use SecureClassLoader to get further permissions
if (certificatesMatch(certs, codesource.getCertificates())) {
perms = new Permissions();
perms.add(new AllPermission());
return perms;
}
}
// getPermissions from original classloader is important as it checks for signed jars and shows any security dialogs needed // if certificates match the AppletLoader certificates then we should be all set
Method method = SecureClassLoader.class.getDeclaredMethod("getPermissions", new Class[] { CodeSource.class }); if (certificatesMatch(certs, codesource.getCertificates())) {
method.setAccessible(true); perms.add(new AllPermission());
perms = (PermissionCollection)method.invoke(getClass().getClassLoader(), new Object[] {codesource}); return perms;
}
String host = getCodeBase().getHost(); String host = getCodeBase().getHost();
if (host != null && (host.length() > 0)) { if (host != null && (host.length() > 0)) {
// add permission for downloaded jars to access host they were from // add permission for downloaded jars to access host they were from
perms.add(new SocketPermission(host, "connect,accept")); perms.add(new SocketPermission(host, "connect,accept"));