RFC: Netx - Fix Certificate name display
Deepak Bhole
dbhole at redhat.com
Wed Jun 24 11:30:05 PDT 2009
* Omair Majid <omajid at redhat.com> [2009-06-23 16:34]:
> Hi,
>
> This patch addresses two issues with Netx code dealing with Certificates.
>
> First, Netx' doesnt know much about the escaping rules of x500
> certificate principal names. For example if Netx tries to load
> j3dcore[1] , it shows the publisher as:
> sun microsystems\
> RFC 2253 [2] describes the results completly; this patch implements that
> partially to deal with the most common cases. So the previous text now
> shows up as:
> sun microsystems, inc
>
> Second, there are three copies of getCN(String) in Netx (including a
> public static version). The patch removes two copies and modifies the
> code to call SecurityUtil.getCN.
>
>
Whatever is implemented seems compliant with the BNF in the RFC. And it
is much better than the current system that just dumps it raw. Assuming
you have tested this, go ahead and apply.
Deepak
> ChangeLog:
> 2009-06-23 Omair Majid <omajid at redhat.com>
>
> * rt/net/sourceforge/jnlp/security/CertWarningPane.java
> (installComponents): Call SecurityUtil.getCN instead of getCN.
> (getCN): Removed.
> * rt/net/sourceforge/jnlp/security/CertsInfoPane.java
> (buildTree): Call SecurityUtil.getCN instead of getCN.
> (populateTable): Likewise.
> (getCN): Removed.
> * rt/net/sourceforge/jnlp/security/SecurityUtil.java
> (getCN): Modified to follow RFC 2253 and understand escaping.
> (isHexDigit): New function.
> * rt/net/sourceforge/jnlp/security/SingleCertInfoPane.java
> (buildTree): Call SecurityUtil.getCN instead of getCN.
> (populateTable): Likewise.
> * rt/net/sourceforge/jnlp/tools/KeyTool.java:
> (doPrintEntry): Call SecurityUtil.getCN instead of getCN.
> (getCN): Removed.
>
> Any comments?
>
> Cheers,
> Omair
>
> [1] https://j3d-core.dev.java.net/
> [2] http://www.ietf.org/rfc/rfc2253.txt
More information about the distro-pkg-dev
mailing list