RFC: Netx - Dont prompt the user multiple times for the same https certificate
Deepak Bhole
dbhole at redhat.com
Thu Jul 23 10:19:42 PDT 2009
* Omair Majid <omajid at redhat.com> [2009-07-23 10:00]:
> Deepak Bhole wrote:
>> * Omair Majid <omajid at redhat.com> [2009-07-16 16:47]:
>>> Hi,
>>>
>>> Currently Netx can prompt the user multiple times to accept a single
>>> https certificate.
>>>
>>> You can see the behaviour by running javaws (without cacerts) and
>>> going to https://substance.dev.java.net/webstart/Issue447.jnlp. You
>>> will get 2 dialogs that ask you to confirm the https certificate (and
>>> one that asks you to confirm the jar certificate).
>>>
>>> The attached patch makes it so that the user is only prompted once to
>>> confirm the https certificate.
>>>
>>
>> Can't you just synchronize the function instead of doing it on an object
>> lock? All contents appear to be inside the syn. block anyway..
>>
>
> Makes sense. Updated patch attached. Ok to commit?
>
Yep, looks good!
Deepak
> Thanks,
> Omair
> diff -r d20bab985f89 rt/net/sourceforge/jnlp/security/VariableX509TrustManager.java
> --- a/rt/net/sourceforge/jnlp/security/VariableX509TrustManager.java Fri Jul 17 06:04:59 2009 -0400
> +++ b/rt/net/sourceforge/jnlp/security/VariableX509TrustManager.java Thu Jul 23 09:58:18 2009 -0400
> @@ -143,7 +143,7 @@
> * @param authType The auth type algorithm
> * @param checkOnly Whether to "check only" i.e. no user prompt, or to prompt for permission
> */
> - public void checkServerTrusted(X509Certificate[] chain, String authType, boolean checkOnly) throws CertificateException {
> + public synchronized void checkServerTrusted(X509Certificate[] chain, String authType, boolean checkOnly) throws CertificateException {
> try {
> checkAllManagers(chain, authType);
> } catch (CertificateException ce) {
More information about the distro-pkg-dev
mailing list