changeset in /hg/icedtea6: Merge.
Andrew John Hughes
gnu_andrew at member.fsf.org
Tue Feb 3 04:13:59 PST 2009
changeset 721c79ccc804 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=721c79ccc804
description:
Merge.
diffstat:
18 files changed, 678 insertions(+), 95 deletions(-)
ChangeLog | 33 +
IcedTeaPlugin.cc | 2
plugin/icedtea/sun/applet/PluginAppletViewer.java | 12
plugin/icedtea/sun/applet/PluginMain.java | 22
rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 34 +
rt/net/sourceforge/jnlp/security/AccessWarningPane.java | 34 +
rt/net/sourceforge/jnlp/security/AppletWarningPane.java | 6
rt/net/sourceforge/jnlp/security/CertWarningPane.java | 27 -
rt/net/sourceforge/jnlp/security/CertsInfoPane.java | 4
rt/net/sourceforge/jnlp/security/HttpsCertVerifier.java | 119 +++++
rt/net/sourceforge/jnlp/security/MoreInfoPane.java | 30 -
rt/net/sourceforge/jnlp/security/SecurityDialogUI.java | 32 -
rt/net/sourceforge/jnlp/security/SecurityWarningDialog.java | 50 +-
rt/net/sourceforge/jnlp/security/SingleCertInfoPane.java | 6
rt/net/sourceforge/jnlp/security/VariableX509TrustManager.java | 222 ++++++++++
rt/net/sourceforge/jnlp/security/viewer/CertificatePane.java | 18
rt/net/sourceforge/jnlp/tools/CertVerifier.java | 92 ++++
rt/net/sourceforge/jnlp/tools/JarSigner.java | 30 +
diffs (truncated from 1216 to 500 lines):
diff -r 913512a256bd -r 721c79ccc804 ChangeLog
--- a/ChangeLog Tue Jan 20 00:06:18 2009 +0000
+++ b/ChangeLog Tue Jan 20 09:44:16 2009 +0000
@@ -74,6 +74,39 @@ 2009-01-19 Andrew John Hughes <gnu_and
(FileDispatcher.lock0(FileDescriptor, boolean, long, long, boolean)): Likewise.
(FileDispatcher.release0(FileDescriptor, long, long)): Likewise.
+2009-01-19 Deepak Bhole <dbhole at redhat.com>
+ * IcedTeaPlugin.cc: Add "Java" in the plugin description string.
+ * plugin/icedtea/sun/applet/PluginAppletViewer.java: Change the way the
+ image was searched locally.
+ * plugin/icedtea/sun/applet/PluginMain.java: Install a custom SSL trust
+ manager.
+ * rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Cache file names
+ from jars.
+ * rt/net/sourceforge/jnlp/security/AccessWarningPane.java: Accept
+ CertVerifier as an additional argument.
+ * rt/net/sourceforge/jnlp/security/AppletWarningPane.java: Same.
+ * rt/net/sourceforge/jnlp/security/CertWarningPane.java: Same.
+ * rt/net/sourceforge/jnlp/security/CertsInfoPane.java: Same.
+ * rt/net/sourceforge/jnlp/security/HttpsCertVerifier.java: New file.
+ Implements information gathering functions used by various prompt dialogs.
+ * rt/net/sourceforge/jnlp/security/MoreInfoPane.java: Accept CertVerifier
+ as an additional argument.
+ * rt/net/sourceforge/jnlp/security/SecurityDialogUI.java: Same.
+ * rt/net/sourceforge/jnlp/security/SecurityWarningDialog.java: Use the new
+ common CertVerifier interface to gather information.
+ * rt/net/sourceforge/jnlp/security/SingleCertInfoPane.java: Accept
+ CertVerifier as an additional argument.
+ * rt/net/sourceforge/jnlp/security/VariableX509TrustManager.java:
+ Customized trustmanager that can temporarily trust certificates on the
+ fly.
+ * rt/net/sourceforge/jnlp/security/viewer/CertificatePane.java: Accept
+ CertVerifier as an additional argument.
+ * rt/net/sourceforge/jnlp/tools/CertVerifier.java: New common interface
+ that all security related dialogs now query for certificate info (jar and
+ https).
+ * rt/net/sourceforge/jnlp/tools/JarSigner.java: Implement the new
+ CertVerifier verifier interface.
+
2009-01-19 Andrew John Hughes <gnu_andrew at member.fsf.org>
* generated/sun/nio/ch/SocketOptionRegistry.java:
diff -r 913512a256bd -r 721c79ccc804 IcedTeaPlugin.cc
--- a/IcedTeaPlugin.cc Tue Jan 20 00:06:18 2009 +0000
+++ b/IcedTeaPlugin.cc Tue Jan 20 09:44:16 2009 +0000
@@ -275,7 +275,7 @@ inline long get_time_in_s()
#define PLUGIN_CHECK(message, result)
#endif
-#define PLUGIN_NAME "IcedTea Web Browser Plugin"
+#define PLUGIN_NAME "IcedTea Java Web Browser Plugin"
#define PLUGIN_DESCRIPTION "The " PLUGIN_NAME PLUGIN_VERSION " executes Java applets."
#define PLUGIN_MIME_DESC \
"application/x-java-vm:class,jar:IcedTea;" \
diff -r 913512a256bd -r 721c79ccc804 plugin/icedtea/sun/applet/PluginAppletViewer.java
--- a/plugin/icedtea/sun/applet/PluginAppletViewer.java Tue Jan 20 00:06:18 2009 +0000
+++ b/plugin/icedtea/sun/applet/PluginAppletViewer.java Tue Jan 20 09:44:16 2009 +0000
@@ -176,7 +176,7 @@ import sun.misc.Ref;
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
try {
- panel = new NetxPanel(doc, atts, true);
+ panel = new NetxPanel(doc, atts, false);
AppletViewerPanel.debug("Using NetX panel");
PluginDebug.debug(atts.toString());
} catch (Exception ex) {
@@ -612,8 +612,14 @@ import sun.misc.Ref;
// try to fetch it locally
if (panel instanceof NetxPanel) {
+
URL localURL = null;
- localURL = ((NetxPanel) panel).getAppletClassLoader().getResource(originalURL.substring(codeBase.length()));
+
+ String resourceName = originalURL.substring(codeBase.length());
+ JNLPClassLoader loader = (JNLPClassLoader) ((NetxPanel) panel).getAppletClassLoader();
+
+ if (loader.resourceAvailableLocally(resourceName))
+ localURL = loader.getResource(resourceName);
url = localURL != null ? localURL : url;
}
@@ -630,7 +636,7 @@ import sun.misc.Ref;
return ref;
}
} catch (Exception e) {
- System.err.println("Error occurred wgen trying to fetch image:");
+ System.err.println("Error occurred when trying to fetch image:");
e.printStackTrace();
return null;
}
diff -r 913512a256bd -r 721c79ccc804 plugin/icedtea/sun/applet/PluginMain.java
--- a/plugin/icedtea/sun/applet/PluginMain.java Tue Jan 20 00:06:18 2009 +0000
+++ b/plugin/icedtea/sun/applet/PluginMain.java Tue Jan 20 09:44:16 2009 +0000
@@ -33,6 +33,14 @@ import java.net.Socket;
import java.net.Socket;
import java.util.Enumeration;
import java.util.Properties;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+
+import javax.net.ssl.HttpsURLConnection;
+
+import net.sourceforge.jnlp.security.VariableX509TrustManager;
/**
* The main entry point into PluginAppletViewer.
@@ -152,7 +160,19 @@ public class PluginMain
// INSTALL THE PROPERTY LIST
System.setProperties(avProps);
- // REMIND: Create and install a socket factory!
+
+ try {
+ SSLSocketFactory sslSocketFactory;
+ SSLContext context = SSLContext.getInstance("SSL");
+ TrustManager[] trust = new TrustManager[] { VariableX509TrustManager.getInstance() };
+ context.init(null, trust, null);
+ sslSocketFactory = context.getSocketFactory();
+
+ HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
+ } catch (Exception e) {
+ System.err.println("Unable to set SSLSocketfactory (may _prevent_ access to sites that should be trusted)! Continuing anyway...");
+ e.printStackTrace();
+ }
}
static boolean messageAvailable() {
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Jan 20 09:44:16 2009 +0000
@@ -29,7 +29,6 @@ import java.security.Permission;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
-import java.security.Policy;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Enumeration;
@@ -38,6 +37,7 @@ import java.util.List;
import java.util.List;
import java.util.Map;
import java.util.Random;
+import java.util.TreeSet;
import java.util.Vector;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
@@ -131,7 +131,11 @@ public class JNLPClassLoader extends URL
private boolean signing = false;
+ /** ArrayList containing jar indexes for various jars available to this classloader */
private ArrayList<JarIndex> jarIndexes = new ArrayList<JarIndex>();
+
+ /** File entries in the jar files available to this classloader */
+ private TreeSet jarEntries = new TreeSet();
/**
* Create a new JNLPClassLoader from the specified file.
@@ -478,7 +482,6 @@ public class JNLPClassLoader extends URL
// transfer the Jars
waitForJars(jars);
-
for (int i=0; i < jars.size(); i++) {
JARDesc jar = (JARDesc) jars.get(i);
@@ -488,8 +491,23 @@ public class JNLPClassLoader extends URL
File localFile = tracker.getCacheFile(jar.getLocation());
try {
URL location = jar.getLocation(); // non-cacheable, use source location
- if (localFile != null)
+ if (localFile != null) {
location = localFile.toURL(); // cached file
+
+ // This is really not the best way.. but we need some way for
+ // PluginAppletViewer::getCachedImageRef() to check if the image
+ // is available locally, and it cannot use getResources() because
+ // that prefetches the resource, which confuses MediaTracker.waitForAll()
+ // which does a wait(), waiting for notification (presumably
+ // thrown after a resource is fetched). This bug manifests itself
+ // particularly when using The FileManager applet from Webmin.
+
+ JarFile jarFile = new JarFile(localFile);
+ Enumeration e = jarFile.entries();
+ while (e.hasMoreElements())
+ jarEntries.add(((JarEntry) e.nextElement()).getName());
+
+ }
addURL(location);
@@ -829,6 +847,16 @@ public class JNLPClassLoader extends URL
return resources.elements();
}
+
+ /**
+ * Returns if the specified resource is available locally from a cached jar
+ *
+ * @param s The name of the resource
+ * @return Whether or not the resource is available locally
+ */
+ public boolean resourceAvailableLocally(String s) {
+ return jarEntries.contains(s);
+ }
/**
* Adds whatever resources have already been downloaded in the
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/AccessWarningPane.java
--- a/rt/net/sourceforge/jnlp/security/AccessWarningPane.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/security/AccessWarningPane.java Tue Jan 20 09:44:16 2009 +0000
@@ -37,14 +37,28 @@ exception statement from your version.
package net.sourceforge.jnlp.security;
-import java.awt.*;
-import javax.swing.*;
+import java.awt.BorderLayout;
+import java.awt.Color;
+import java.awt.Dimension;
+import java.awt.FlowLayout;
+import java.awt.Font;
+import java.awt.GridLayout;
+import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
-import java.awt.event.ActionEvent;
-import java.net.URL;
+
+import javax.swing.BorderFactory;
+import javax.swing.BoxLayout;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JCheckBox;
+import javax.swing.JComponent;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.SwingConstants;
import net.sourceforge.jnlp.JNLPFile;
import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.tools.CertVerifier;
/**
* Provides the look and feel for a SecurityWarningDialog. These dialogs are
@@ -59,12 +73,12 @@ public class AccessWarningPane extends S
JCheckBox alwaysAllow;
Object[] extras;
- public AccessWarningPane(JComponent x) {
- super(x);
- }
-
- public AccessWarningPane(JComponent x, Object[] extras) {
- super(x);
+ public AccessWarningPane(JComponent x, CertVerifier certVerifier) {
+ super(x, certVerifier);
+ }
+
+ public AccessWarningPane(JComponent x, Object[] extras, CertVerifier certVerifier) {
+ super(x, certVerifier);
this.extras = extras;
}
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/AppletWarningPane.java
--- a/rt/net/sourceforge/jnlp/security/AppletWarningPane.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/security/AppletWarningPane.java Tue Jan 20 09:44:16 2009 +0000
@@ -50,10 +50,12 @@ import javax.swing.JLabel;
import javax.swing.JLabel;
import javax.swing.JPanel;
+import net.sourceforge.jnlp.tools.CertVerifier;
+
public class AppletWarningPane extends SecurityDialogUI {
- public AppletWarningPane(JComponent x) {
- super(x);
+ public AppletWarningPane(JComponent x, CertVerifier certVerifier) {
+ super(x, certVerifier);
}
protected void installComponents() {
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/CertWarningPane.java
--- a/rt/net/sourceforge/jnlp/security/CertWarningPane.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/security/CertWarningPane.java Tue Jan 20 09:44:16 2009 +0000
@@ -37,18 +37,31 @@ exception statement from your version.
package net.sourceforge.jnlp.security;
-import java.awt.*;
-import javax.swing.*;
-
-
+import java.awt.BorderLayout;
+import java.awt.Color;
+import java.awt.Dimension;
+import java.awt.FlowLayout;
+import java.awt.Font;
+import java.awt.GridLayout;
+import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
-import java.awt.event.ActionEvent;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
+
+import javax.swing.BorderFactory;
+import javax.swing.BoxLayout;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JCheckBox;
+import javax.swing.JComponent;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.SwingConstants;
import net.sourceforge.jnlp.JNLPFile;
import net.sourceforge.jnlp.PluginBridge;
import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.tools.CertVerifier;
import net.sourceforge.jnlp.tools.KeyTool;
/**
@@ -63,8 +76,8 @@ public class CertWarningPane extends Sec
JCheckBox alwaysTrust;
- public CertWarningPane(JComponent x) {
- super(x);
+ public CertWarningPane(JComponent x, CertVerifier certVerifier) {
+ super(x, certVerifier);
}
/**
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/CertsInfoPane.java
--- a/rt/net/sourceforge/jnlp/security/CertsInfoPane.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/security/CertsInfoPane.java Tue Jan 20 09:44:16 2009 +0000
@@ -76,8 +76,8 @@ public class CertsInfoPane extends Secur
private String[] columnNames = { "Field", "Value" };
protected ArrayList<String[][]> certsData;
- public CertsInfoPane(JComponent x) {
- super(x);
+ public CertsInfoPane(JComponent x, CertVerifier certVerifier) {
+ super(x, certVerifier);
}
/**
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/HttpsCertVerifier.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/rt/net/sourceforge/jnlp/security/HttpsCertVerifier.java Tue Jan 20 09:44:16 2009 +0000
@@ -0,0 +1,119 @@
+/* VariableX509TrustManager.java
+ Copyright (C) 2009 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+*/
+
+package net.sourceforge.jnlp.security;
+
+import java.security.cert.CertPath;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+
+import net.sourceforge.jnlp.tools.CertVerifier;
+
+public class HttpsCertVerifier implements CertVerifier {
+
+ private VariableX509TrustManager tm;
+ private X509Certificate[] chain;
+ private String authType;
+
+ public HttpsCertVerifier(VariableX509TrustManager tm, X509Certificate[] chain, String authType) {
+ this.tm = tm;
+ this.chain = chain;
+ this.authType = authType;
+ }
+
+ public boolean getAlreadyTrustPublisher() {
+ try {
+ tm.checkServerTrusted(chain, authType, true);
+ return true;
+ } catch (CertificateException ce) {
+ return false;
+ }
+ }
+
+ public ArrayList<CertPath> getCerts() {
+
+ ArrayList<X509Certificate> list = new ArrayList<X509Certificate>();
+ for (int i=0; i < chain.length; i++)
+ list.add(chain[i]);
+
+ ArrayList<CertPath> certPaths = new ArrayList<CertPath>();
+
+ try {
+ certPaths.add(CertificateFactory.getInstance("X.509").generateCertPath(list));
+ } catch (CertificateException ce) {
+ ce.printStackTrace();
+
+ // carry on
+ }
+
+ return certPaths;
+ }
+
+ public ArrayList<String> getDetails() {
+ // TODO Auto-generated method stub
+ return new ArrayList<String>();
+ }
+
+ public Certificate getPublisher() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public Certificate getRoot() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public boolean getRootInCacerts() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public boolean hasSigningIssues() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public boolean noSigningIssues() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+}
diff -r 913512a256bd -r 721c79ccc804 rt/net/sourceforge/jnlp/security/MoreInfoPane.java
--- a/rt/net/sourceforge/jnlp/security/MoreInfoPane.java Tue Jan 20 00:06:18 2009 +0000
+++ b/rt/net/sourceforge/jnlp/security/MoreInfoPane.java Tue Jan 20 09:44:16 2009 +0000
@@ -37,15 +37,23 @@ exception statement from your version.
package net.sourceforge.jnlp.security;
-import java.awt.*;
-import javax.swing.*;
+import java.awt.BorderLayout;
+import java.awt.Dimension;
+import java.awt.GridLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+import java.util.ArrayList;
-import net.sourceforge.jnlp.runtime.*;
+import javax.swing.BorderFactory;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JComponent;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.SwingConstants;
-import java.util.ArrayList;
-import java.awt.event.ActionListener;
More information about the distro-pkg-dev
mailing list