private void sendModules(List<NetData.ModuleRequest> moduleRequestList) {
for (NetData.ModuleRequest request : moduleRequestList) {
NetData.ModuleDataHeader.Builder result = NetData.ModuleDataHeader.newBuilder();
result.setId(request.getModuleId());
Module module = moduleManager.getEnvironment().get(new Name(request.getModuleId()));
if (module.isOnClasspath()
|| module.getLocations().size() != 1
|| !Files.isReadable(module.getLocations().get(0))) {
result.setError("Module not available for download");
} else {
Path location = module.getLocations().get(0);
try {
result.setVersion(module.getVersion().toString());
result.setSize(Files.size(location));
channelHandlerContext
.getChannel()
.write(NetData.NetMessage.newBuilder().setModuleDataHeader(result).build());
} catch (IOException e) {
logger.error("Error sending module data header", e);
channelHandlerContext.getChannel().close();
break;
}
try (InputStream stream = new BufferedInputStream(Files.newInputStream(location))) {
long remainingData = Files.size(location);
byte[] data = new byte[1024];
while (remainingData > 0) {
int nextBlock = (int) Math.min(remainingData, 1024);
ByteStreams.read(stream, data, 0, nextBlock);
channelHandlerContext
.getChannel()
.write(
NetData.NetMessage.newBuilder()
.setModuleData(
NetData.ModuleData.newBuilder()
.setModule(ByteString.copyFrom(data, 0, nextBlock)))
.build());
remainingData -= nextBlock;
}
} catch (IOException e) {
logger.error("Error sending module", e);
channelHandlerContext.getChannel().close();
break;
}
}
}
}
@Override
public ModuleEnvironment loadEnvironment(Set<Module> modules, boolean asPrimary) {
Set<Module> finalModules = Sets.newLinkedHashSet(modules);
for (Module module : registry) {
if (module.isOnClasspath()) {
finalModules.add(module);
}
}
ModuleEnvironment newEnvironment =
new ModuleEnvironment(
finalModules, moduleSecurityManager, Collections.<BytecodeInjector>emptyList());
if (asPrimary) {
if (environment != null) {
environment.close();
}
environment = newEnvironment;
}
return newEnvironment;
}
private void setupSandbox() {
moduleSecurityManager = new ModuleSecurityManager();
// TODO: This one org.terasology entry is a hack and needs a proper fix
moduleSecurityManager.getBasePermissionSet().addAPIPackage("org.terasology.world.biomes");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("org.terasology.math.geom");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.lang");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.lang.ref");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.math");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent.atomic");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent.locks");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.regex");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt.geom");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt.image");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.annotations");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.cache");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.collect");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.base");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.math");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.primitives");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.util.concurrent");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.decorator");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.function");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.iterator");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.iterator.hash");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list.array");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list.linked");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map.hash");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map.custom_hash");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.procedure");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.procedure.array");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.queue");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.set");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.set.hash");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.stack");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.stack.array");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.strategy");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("javax.vecmath");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.yourkit.runtime");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.bulletphysics.linearmath");
moduleSecurityManager.getBasePermissionSet().addAPIPackage("sun.reflect");
moduleSecurityManager
.getBasePermissionSet()
.addAPIClass(com.esotericsoftware.reflectasm.MethodAccess.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(IOException.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(InvocationTargetException.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(LoggerFactory.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(Logger.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(Reader.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(StringReader.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(BufferedReader.class);
APIScanner apiScanner = new APIScanner(moduleSecurityManager);
for (Module module : registry) {
if (module.isOnClasspath()) {
apiScanner.scan(module);
}
}
moduleSecurityManager
.getBasePermissionSet()
.grantPermission("com.google.gson", ReflectPermission.class);
moduleSecurityManager
.getBasePermissionSet()
.grantPermission("com.google.gson.internal", ReflectPermission.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(java.nio.ByteBuffer.class);
moduleSecurityManager.getBasePermissionSet().addAPIClass(java.nio.IntBuffer.class);
Policy.setPolicy(new ModuleSecurityPolicy());
System.setSecurityManager(moduleSecurityManager);
}