private void sendModules(List<NetData.ModuleRequest> moduleRequestList) {
    for (NetData.ModuleRequest request : moduleRequestList) {
      NetData.ModuleDataHeader.Builder result = NetData.ModuleDataHeader.newBuilder();
      result.setId(request.getModuleId());
      Module module = moduleManager.getEnvironment().get(new Name(request.getModuleId()));
      if (module.isOnClasspath()
          || module.getLocations().size() != 1
          || !Files.isReadable(module.getLocations().get(0))) {
        result.setError("Module not available for download");
      } else {
        Path location = module.getLocations().get(0);
        try {
          result.setVersion(module.getVersion().toString());
          result.setSize(Files.size(location));
          channelHandlerContext
              .getChannel()
              .write(NetData.NetMessage.newBuilder().setModuleDataHeader(result).build());
        } catch (IOException e) {
          logger.error("Error sending module data header", e);
          channelHandlerContext.getChannel().close();
          break;
        }

        try (InputStream stream = new BufferedInputStream(Files.newInputStream(location))) {

          long remainingData = Files.size(location);
          byte[] data = new byte[1024];
          while (remainingData > 0) {
            int nextBlock = (int) Math.min(remainingData, 1024);
            ByteStreams.read(stream, data, 0, nextBlock);
            channelHandlerContext
                .getChannel()
                .write(
                    NetData.NetMessage.newBuilder()
                        .setModuleData(
                            NetData.ModuleData.newBuilder()
                                .setModule(ByteString.copyFrom(data, 0, nextBlock)))
                        .build());
            remainingData -= nextBlock;
          }
        } catch (IOException e) {
          logger.error("Error sending module", e);
          channelHandlerContext.getChannel().close();
          break;
        }
      }
    }
  }
示例#2
0
 @Override
 public ModuleEnvironment loadEnvironment(Set<Module> modules, boolean asPrimary) {
   Set<Module> finalModules = Sets.newLinkedHashSet(modules);
   for (Module module : registry) {
     if (module.isOnClasspath()) {
       finalModules.add(module);
     }
   }
   ModuleEnvironment newEnvironment =
       new ModuleEnvironment(
           finalModules, moduleSecurityManager, Collections.<BytecodeInjector>emptyList());
   if (asPrimary) {
     if (environment != null) {
       environment.close();
     }
     environment = newEnvironment;
   }
   return newEnvironment;
 }
示例#3
0
  private void setupSandbox() {
    moduleSecurityManager = new ModuleSecurityManager();
    // TODO: This one org.terasology entry is a hack and needs a proper fix
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("org.terasology.world.biomes");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("org.terasology.math.geom");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.lang");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.lang.ref");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.math");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent.atomic");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.concurrent.locks");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.util.regex");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt.geom");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("java.awt.image");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.annotations");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.cache");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.collect");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.base");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.math");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.primitives");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.google.common.util.concurrent");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.decorator");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.function");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.iterator");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.iterator.hash");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list.array");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.list.linked");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map.hash");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.map.custom_hash");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.procedure");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.procedure.array");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.queue");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.set");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.set.hash");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.stack");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.stack.array");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("gnu.trove.strategy");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("javax.vecmath");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.yourkit.runtime");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("com.bulletphysics.linearmath");
    moduleSecurityManager.getBasePermissionSet().addAPIPackage("sun.reflect");
    moduleSecurityManager
        .getBasePermissionSet()
        .addAPIClass(com.esotericsoftware.reflectasm.MethodAccess.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(IOException.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(InvocationTargetException.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(LoggerFactory.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(Logger.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(Reader.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(StringReader.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(BufferedReader.class);

    APIScanner apiScanner = new APIScanner(moduleSecurityManager);
    for (Module module : registry) {
      if (module.isOnClasspath()) {
        apiScanner.scan(module);
      }
    }

    moduleSecurityManager
        .getBasePermissionSet()
        .grantPermission("com.google.gson", ReflectPermission.class);
    moduleSecurityManager
        .getBasePermissionSet()
        .grantPermission("com.google.gson.internal", ReflectPermission.class);

    moduleSecurityManager.getBasePermissionSet().addAPIClass(java.nio.ByteBuffer.class);
    moduleSecurityManager.getBasePermissionSet().addAPIClass(java.nio.IntBuffer.class);

    Policy.setPolicy(new ModuleSecurityPolicy());
    System.setSecurityManager(moduleSecurityManager);
  }