--- /home/cpdev/src/classpath/java/lang/SecurityManager.java	2005-07-02 21:03:34.000000000 +0000
+++ java/lang/SecurityManager.java	2005-06-30 05:34:38.000000000 +0000
@@ -38,8 +38,6 @@
 
 package java.lang;
 
-import gnu.classpath.VMStackWalker;
-
 import java.awt.AWTPermission;
 import java.io.File;
 import java.io.FileDescriptor;
@@ -47,15 +45,11 @@
 import java.lang.reflect.Member;
 import java.net.InetAddress;
 import java.net.SocketPermission;
-import java.security.AccessControlContext;
-import java.security.AccessController;
 import java.security.AllPermission;
 import java.security.Permission;
-import java.security.PrivilegedAction;
 import java.security.Security;
 import java.security.SecurityPermission;
 import java.util.PropertyPermission;
-import java.util.StringTokenizer;
 
 /**
  * SecurityManager is a class you can extend to create your own Java
@@ -181,10 +175,7 @@
    */
   protected Class[] getClassContext()
   {
-    Class[] stack1 = VMStackWalker.getClassContext();
-    Class[] stack2 = new Class[stack1.length - 1];
-    System.arraycopy(stack1, 1, stack2, 0, stack1.length - 1);
-    return stack2;
+    return VMSecurityManager.getClassContext(SecurityManager.class);
   }
 
   /**
@@ -206,8 +197,7 @@
    */
   protected ClassLoader currentClassLoader()
   {
-    Class cl = currentLoadedClass();
-    return cl != null ? cl.getClassLoader() : null;
+    return VMSecurityManager.currentClassLoader(SecurityManager.class);
   }
 
   /**
@@ -325,7 +315,8 @@
    */
   public Object getSecurityContext()
   {
-    return AccessController.getContext();
+    // XXX Should be: return AccessController.getContext();
+    return new SecurityContext(getClassContext());
   }
 
   /**
@@ -340,7 +331,8 @@
    */
   public void checkPermission(Permission perm)
   {
-    AccessController.checkPermission(perm);
+    // XXX Should be: AccessController.checkPermission(perm);
+    //.throw new SecurityException("Operation not allowed");
   }
 
   /**
@@ -361,9 +353,11 @@
    */
   public void checkPermission(Permission perm, Object context)
   {
-    if (! (context instanceof AccessControlContext))
-      throw new SecurityException("Missing context");
-    ((AccessControlContext) context).checkPermission(perm);
+    // XXX Should be:
+    // if (! (context instanceof AccessControlContext))
+    //   throw new SecurityException("Missing context");
+    // ((AccessControlContext) context).checkPermission(perm);
+    throw new SecurityException("Operation not allowed");
   }
 
   /**
@@ -562,10 +556,12 @@
    */
   public void checkRead(String filename, Object context)
   {
-    if (! (context instanceof AccessControlContext))
-      throw new SecurityException("Missing context");
-    AccessControlContext ac = (AccessControlContext) context;
-    ac.checkPermission(new FilePermission(filename, "read"));
+    // XXX Should be:
+    // if (! (context instanceof AccessControlContext))
+    //   throw new SecurityException("Missing context");
+    // AccessControlContext ac = (AccessControlContext) context;
+    // ac.checkPermission(new FilePermission(filename, "read"));
+    // throw new SecurityException("Cannot read files via file names.");
   }
 
   /**
@@ -679,15 +675,17 @@
    */
   public void checkConnect(String host, int port, Object context)
   {
-    if (! (context instanceof AccessControlContext))
-      throw new SecurityException("Missing context");
-    AccessControlContext ac = (AccessControlContext) context;
-    if (port == -1)
-      ac.checkPermission(new SocketPermission(host, "resolve"));
-    else
-      // Use the toString() hack to do the null check.
-      ac.checkPermission(new SocketPermission(host.toString() + ":" + port,
-                                              "connect"));
+    // XXX Should be:
+    // if (! (context instanceof AccessControlContext))
+    //   throw new SecurityException("Missing context");
+    // AccessControlContext ac = (AccessControlContext) context;
+    // if (port == -1)
+    //   ac.checkPermission(new SocketPermission(host, "resolve"));
+    // else
+    //   // Use the toString() hack to do the null check.
+    //   ac.checkPermission(new SocketPermission(host.toString + ":" +port,
+    //                                           "connect"));
+    // throw new SecurityException("Cannot make network connections.");
   }
 
   /**
@@ -904,7 +902,7 @@
    */
   public void checkPackageAccess(String packageName)
   {
-    checkPackageList(packageName, "package.access", "accessClassInPackage.");
+    checkPackageList(packageName, "access", "accessClassInPackage.");
   }
 
   /**
@@ -926,7 +924,7 @@
    */
   public void checkPackageDefinition(String packageName)
   {
-    checkPackageList(packageName, "package.definition", "defineClassInPackage.");
+    checkPackageList(packageName, "definition", "defineClassInPackage.");
   }
 
   /**
@@ -1022,41 +1020,45 @@
    * <code>RuntimePermission(permission + packageName)</code>.
    *
    * @param packageName the package name to check access to
-   * @param restriction "package.access" or "package.definition"
+   * @param restriction the list of restrictions, after "package."
    * @param permission the base permission, including the '.'
    * @throws SecurityException if permission is denied
    * @throws NullPointerException if packageName is null
    * @see #checkPackageAccess(String)
    * @see #checkPackageDefinition(String)
    */
-  void checkPackageList(String packageName, final String restriction,
+  void checkPackageList(String packageName, String restriction,
                         String permission)
   {
-    if (packageName == null)
-      throw new NullPointerException();
-
-    String list = (String)AccessController.doPrivileged(new PrivilegedAction()
-      {
-	public Object run()
-        {
-	  return Security.getProperty(restriction);
-	}
-      });
-
-    if (list == null || list.equals(""))
+    // Use the toString() hack to do the null check.
+    Permission p = new RuntimePermission(permission + packageName.toString());
+    String list = Security.getProperty("package." + restriction);
+    if (list == null)
       return;
-
-    String packageNamePlusDot = packageName + ".";
-
-    StringTokenizer st = new StringTokenizer(list, ",");
-    while (st.hasMoreTokens())
+    while (! "".equals(packageName))
       {
-	if (packageNamePlusDot.startsWith(st.nextToken()))
-	  {
-	    Permission p = new RuntimePermission(permission + packageName);
-	    checkPermission(p);
-	    return;
-	  }
+        for (int index = list.indexOf(packageName);
+             index != -1; index = list.indexOf(packageName, index + 1))
+          {
+            // Exploit package visibility for speed.
+	    int packageNameCount = packageName.length();
+            if (index + packageNameCount == list.length()
+                || list.charAt(index + packageNameCount) == ',')
+              {
+                checkPermission(p);
+                return;
+              }
+          }
+        int index = packageName.lastIndexOf('.');
+        packageName = index < 0 ? "" : packageName.substring(0, index);
       }
   }
+} // class SecurityManager
+
+// XXX This class is unnecessary.
+class SecurityContext {
+	Class[] classes;
+	SecurityContext(Class[] classes) {
+		this.classes = classes;
+	}
 }
