8344185: Remove calls to SecurityManager in sun.net.ftp

Eirik Bjørsnøs · Eirik Bjørsnøs · commit 0c191f662999 · 2024-11-15T09:47:43.000Z
Reviewed-by: alanb, michaelm, dfuchs
diff --git a/src/java.base/share/classes/sun/net/ftp/FtpClient.java b/src/java.base/share/classes/sun/net/ftp/FtpClient.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -234,8 +234,6 @@ public static FtpClient create(String dest) throws FtpProtocolException, IOExcep
      * @param dest the address of the destination server
      * @return this FtpClient
      * @throws IOException if connection failed.
-     * @throws SecurityException if there is a SecurityManager installed and it
-     * denied the authorization to connect to the destination.
      * @throws FtpProtocolException
      */
     public abstract FtpClient connect(SocketAddress dest) throws FtpProtocolException, IOException;
@@ -247,8 +245,6 @@ public static FtpClient create(String dest) throws FtpProtocolException, IOExcep
      * @param timeout the value, in milliseconds, to use as a connection timeout
      * @return this FtpClient
      * @throws IOException if connection failed.
-     * @throws SecurityException if there is a SecurityManager installed and it
-     * denied the authorization to connect to the destination.
      * @throws FtpProtocolException
      */
     public abstract FtpClient connect(SocketAddress dest, int timeout) throws FtpProtocolException, IOException;
diff --git a/src/java.base/share/classes/sun/net/ftp/FtpClientProvider.java b/src/java.base/share/classes/sun/net/ftp/FtpClientProvider.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,8 +24,6 @@
  */
 package sun.net.ftp;
 
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.ServiceConfigurationError;
 //import java.util.ServiceLoader;
 
@@ -50,16 +48,8 @@ public abstract class FtpClientProvider {
 
     /**
      * Initializes a new instance of this class.
-     *
-     * @throws SecurityException if a security manager is installed and it denies
-     *         {@link RuntimePermission}{@code ("ftpClientProvider")}
      */
     protected FtpClientProvider() {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("ftpClientProvider"));
-        }
     }
 
     private static boolean loadProviderFromProperty() {
@@ -74,8 +64,7 @@ private static boolean loadProviderFromProperty() {
             return true;
         } catch (ClassNotFoundException |
                  IllegalAccessException |
-                 InstantiationException |
-                 SecurityException x) {
+                 InstantiationException x) {
             throw new ServiceConfigurationError(x.toString());
         }
     }
@@ -135,26 +124,19 @@ private static boolean loadProviderAsService() {
      *
      * @return  The system-wide default FtpClientProvider
      */
-    @SuppressWarnings("removal")
     public static FtpClientProvider provider() {
         synchronized (lock) {
             if (provider != null) {
                 return provider;
             }
-            return (FtpClientProvider) AccessController.doPrivileged(
-                    new PrivilegedAction<Object>() {
-
-                        public Object run() {
-                            if (loadProviderFromProperty()) {
-                                return provider;
-                            }
-                            if (loadProviderAsService()) {
-                                return provider;
-                            }
-                            provider = new sun.net.ftp.impl.DefaultFtpClientProvider();
-                            return provider;
-                        }
-                    });
+            if (loadProviderFromProperty()) {
+                return provider;
+            }
+            if (loadProviderAsService()) {
+                return provider;
+            }
+            provider = new sun.net.ftp.impl.DefaultFtpClientProvider();
+            return provider;
         }
     }
 }
diff --git a/src/java.base/share/classes/sun/net/ftp/impl/FtpClient.java b/src/java.base/share/classes/sun/net/ftp/impl/FtpClient.java
@@ -44,9 +44,6 @@
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.net.SocketAddress;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedExceptionAction;
 import java.text.DateFormat;
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
@@ -133,31 +130,17 @@ public class FtpClient extends sun.net.ftp.FtpClient {
     private DateFormat df = DateFormat.getDateInstance(DateFormat.MEDIUM, java.util.Locale.US);
     private static final boolean acceptPasvAddressVal;
     static {
-        final int vals[] = {0, 0};
-        final String acceptPasvAddress[] = {null};
-        @SuppressWarnings("removal")
-        final String enc = AccessController.doPrivileged(
-                new PrivilegedAction<String>() {
-                    public String run() {
-                        acceptPasvAddress[0] = System.getProperty("jdk.net.ftp.trustPasvAddress", "false");
-                        vals[0] = Integer.getInteger("sun.net.client.defaultReadTimeout", 300_000).intValue();
-                        vals[1] = Integer.getInteger("sun.net.client.defaultConnectTimeout", 300_000).intValue();
-                        return System.getProperty("file.encoding", "ISO8859_1");
-                    }
-                });
-        if (vals[0] == 0) {
+        defaultSoTimeout = Integer.getInteger("sun.net.client.defaultReadTimeout", 300_000).intValue();
+        if (defaultSoTimeout == 0) {
             defaultSoTimeout = -1;
-        } else {
-            defaultSoTimeout = vals[0];
         }
 
-        if (vals[1] == 0) {
+        defaultConnectTimeout = Integer.getInteger("sun.net.client.defaultConnectTimeout", 300_000).intValue();
+        if (defaultConnectTimeout == 0) {
             defaultConnectTimeout = -1;
-        } else {
-            defaultConnectTimeout = vals[1];
         }
 
-        encoding = enc;
+        encoding = System.getProperty("file.encoding", "ISO8859_1");
         try {
             if (!isASCIISuperset(encoding)) {
                 encoding = "ISO8859_1";
@@ -171,7 +154,7 @@ public String run() {
             patterns[i] = Pattern.compile(patStrings[i]);
         }
 
-        acceptPasvAddressVal = Boolean.parseBoolean(acceptPasvAddress[0]);
+        acceptPasvAddressVal = Boolean.getBoolean("jdk.net.ftp.trustPasvAddress");
     }
 
     /**
@@ -662,20 +645,15 @@ private Socket openPassiveDataConnection(String cmd) throws sun.net.ftp.FtpProto
         Socket s;
         if (proxy != null) {
             if (proxy.type() == Proxy.Type.SOCKS) {
-                PrivilegedAction<Socket> pa = () -> new Socket(proxy);
-                @SuppressWarnings("removal")
-                var tmp = AccessController.doPrivileged(pa);
-                s = tmp;
+                s = new Socket(proxy);
             } else {
                 s = new Socket(Proxy.NO_PROXY);
             }
         } else {
             s = new Socket();
         }
 
-        PrivilegedAction<InetAddress> pa = () -> server.getLocalAddress();
-        @SuppressWarnings("removal")
-        InetAddress serverAddress = AccessController.doPrivileged(pa);
+        InetAddress serverAddress = server.getLocalAddress();
 
         // Bind the socket to the same address as the control channel. This
         // is needed in case of multi-homed systems.
@@ -761,11 +739,8 @@ private InetSocketAddress validatePasvAddress(int port, String s, InetAddress ad
     }
 
     private static InetAddress privilegedLocalHost() throws FtpProtocolException {
-        PrivilegedExceptionAction<InetAddress> action = InetAddress::getLocalHost;
         try {
-            @SuppressWarnings("removal")
-            var tmp = AccessController.doPrivileged(action);
-            return tmp;
+            return InetAddress.getLocalHost();
         } catch (Exception e) {
             var ftpEx = new FtpProtocolException(ERROR_MSG);
             ftpEx.initCause(e);
@@ -774,11 +749,8 @@ private static InetAddress privilegedLocalHost() throws FtpProtocolException {
     }
 
     private static InetAddress[] privilegedGetAllByName(String hostName) throws FtpProtocolException {
-        PrivilegedExceptionAction<InetAddress[]> pAction = () -> InetAddress.getAllByName(hostName);
         try {
-            @SuppressWarnings("removal")
-            var tmp =AccessController.doPrivileged(pAction);
-            return tmp;
+            return InetAddress.getAllByName(hostName);
         } catch (Exception e) {
             var ftpEx = new FtpProtocolException(ERROR_MSG);
             ftpEx.initCause(e);
@@ -1021,10 +993,7 @@ private Socket doConnect(InetSocketAddress dest, int timeout) throws IOException
         Socket s;
         if (proxy != null) {
             if (proxy.type() == Proxy.Type.SOCKS) {
-                PrivilegedAction<Socket> pa = () -> new Socket(proxy);
-                @SuppressWarnings("removal")
-                var tmp = AccessController.doPrivileged(pa);
-                s = tmp;
+                s = new Socket(proxy);
             } else {
                 s = new Socket(Proxy.NO_PROXY);
             }
