/hg/icedtea: Synchronise netx sources with IcedTea6 copy.
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Wed Oct 7 04:14:05 PDT 2009
changeset 175529fae103 in /hg/icedtea
details: http://icedtea.classpath.org/hg/icedtea?cmd=changeset;node=175529fae103
author: Andrew John Hughes <ahughes at redhat.com>
date: Wed Oct 07 09:48:00 2009 +0100
Synchronise netx sources with IcedTea6 copy.
2009-10-08 Andrew John Hughes <ahughes at redhat.com>
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
Synchronise whitespace with IcedTea6 copy.
* netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java:
Fix find/replace error with cert being changed to cenetx.
diffstat:
3 files changed, 195 insertions(+), 186 deletions(-)
ChangeLog | 7
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 372 ++++++-------
netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java | 2
diffs (truncated from 627 to 500 lines):
diff -r 5e20e6468dd1 -r 175529fae103 ChangeLog
--- a/ChangeLog Tue Sep 15 12:47:59 2009 -0400
+++ b/ChangeLog Wed Oct 07 09:48:00 2009 +0100
@@ -1,3 +1,10 @@ 2009-09-15 Deepak Bhole <dbhole at redhat
+2009-10-08 Andrew John Hughes <ahughes at redhat.com>
+
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
+ Synchronise whitespace with IcedTea6 copy.
+ * netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java:
+ Fix find/replace error with cert being changed to cenetx.
+
2009-09-15 Deepak Bhole <dbhole at redhat.com>
* plugin/icedteanp/IcedTeaJavaRequestProcessor.cc
diff -r 5e20e6468dd1 -r 175529fae103 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Sep 15 12:47:59 2009 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Wed Oct 07 09:48:00 2009 +0100
@@ -1,15 +1,15 @@
-//
+//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2.1 of the License, or (at your option) any later version.
-//
+//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
-//
+//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
@@ -66,7 +66,7 @@ import sun.misc.JarIndex;
* security context when the classloader was created.
*
* @author <a href="mailto:jmaxwell at users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
- * @version $Revision: 1.20 $
+ * @version $Revision: 1.20 $
*/
public class JNLPClassLoader extends URLClassLoader {
@@ -115,29 +115,29 @@ public class JNLPClassLoader extends URL
/** the security section */
private SecurityDesc security;
-
+
/** Permissions granted by the user during runtime. */
private ArrayList<Permission> runtimePermissions = new ArrayList<Permission>();
/** all jars not yet part of classloader or active */
private List available = new ArrayList();
- /** all of the jar files that were verified */
- private ArrayList<String> verifiedJars = null;
-
- /** all of the jar files that were not verified */
- private ArrayList<String> unverifiedJars = null;
-
- /** the jarsigner tool to verify our jars */
- private JarSigner js = null;
-
- private boolean signing = false;
-
- /** ArrayList containing jar indexes for various jars available to this classloader */
- private ArrayList<JarIndex> jarIndexes = new ArrayList<JarIndex>();
-
- /** File entries in the jar files available to this classloader */
- private TreeSet jarEntries = new TreeSet();
+ /** all of the jar files that were verified */
+ private ArrayList<String> verifiedJars = null;
+
+ /** all of the jar files that were not verified */
+ private ArrayList<String> unverifiedJars = null;
+
+ /** the jarsigner tool to verify our jars */
+ private JarSigner js = null;
+
+ private boolean signing = false;
+
+ /** ArrayList containing jar indexes for various jars available to this classloader */
+ private ArrayList<JarIndex> jarIndexes = new ArrayList<JarIndex>();
+
+ /** File entries in the jar files available to this classloader */
+ private TreeSet jarEntries = new TreeSet();
/**
* Create a new JNLPClassLoader from the specified file.
@@ -167,41 +167,41 @@ public class JNLPClassLoader extends URL
}
private void setSecurity() {
- /**
- * When we're trying to load an applet, file.getSecurity() will return
- * null since there is no jnlp file to specify permissions. We
- * determine security settings here, after trying to verify jars.
- */
- if (file instanceof PluginBridge) {
- if (signing == true) {
- this.security = new SecurityDesc(file,
- SecurityDesc.ALL_PERMISSIONS,
- file.getCodeBase().getHost());
- } else {
- this.security = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- file.getCodeBase().getHost());
- }
- } else { //regular jnlp file
-
- /**
- * If the application is signed, then we set the SecurityDesc to the
- * <security> tag in the jnlp file. Note that if an application is
- * signed, but there is no <security> tag in the jnlp file, the
- * application will get sandbox permissions.
- * If the application is unsigned, we ignore the <security> tag and
- * use a sandbox instead.
- */
- if (signing == true) {
- this.security = file.getSecurity();
- } else {
- this.security = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- file.getCodeBase().getHost());
- }
- }
- }
-
+ /**
+ * When we're trying to load an applet, file.getSecurity() will return
+ * null since there is no jnlp file to specify permissions. We
+ * determine security settings here, after trying to verify jars.
+ */
+ if (file instanceof PluginBridge) {
+ if (signing == true) {
+ this.security = new SecurityDesc(file,
+ SecurityDesc.ALL_PERMISSIONS,
+ file.getCodeBase().getHost());
+ } else {
+ this.security = new SecurityDesc(file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ file.getCodeBase().getHost());
+ }
+ } else { //regular jnlp file
+
+ /**
+ * If the application is signed, then we set the SecurityDesc to the
+ * <security> tag in the jnlp file. Note that if an application is
+ * signed, but there is no <security> tag in the jnlp file, the
+ * application will get sandbox permissions.
+ * If the application is unsigned, we ignore the <security> tag and
+ * use a sandbox instead.
+ */
+ if (signing == true) {
+ this.security = file.getSecurity();
+ } else {
+ this.security = new SecurityDesc(file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ file.getCodeBase().getHost());
+ }
+ }
+ }
+
/**
* Returns a JNLP classloader for the specified JNLP file.
*
@@ -213,18 +213,20 @@ public class JNLPClassLoader extends URL
JNLPClassLoader loader = null;
String uniqueKey = file.getUniqueKey();
- if (uniqueKey != null)
- baseLoader = (JNLPClassLoader) urlToLoader.get(uniqueKey);
-
- try {
-
- // If base loader is null, or the baseloader's file and this
- // file is different, initialize a new loader
- if (baseLoader == null ||
- !baseLoader.getJNLPFile().getFileLocation().equals(file.getFileLocation())) {
+ if (uniqueKey != null)
+ baseLoader = (JNLPClassLoader) urlToLoader.get(uniqueKey);
+
+ try {
+
+ // If base loader is null, or the baseloader's file and this
+ // file is different, initialize a new loader
+ if (baseLoader == null ||
+ !baseLoader.getJNLPFile().getFileLocation().equals(file.getFileLocation())) {
+
loader = new JNLPClassLoader(file, policy);
+
// New loader init may have caused extentions to create a
- // loader for this unique key. Check.
+ // loader for this unique key. Check.
JNLPClassLoader extLoader = (JNLPClassLoader) urlToLoader.get(uniqueKey);
if (extLoader != null) {
@@ -248,19 +250,20 @@ public class JNLPClassLoader extends URL
loader = baseLoader;
}
- } catch (LaunchException e) {
- throw e;
- }
-
- if (file.getInformation().isSharingAllowed())
- urlToLoader.put(location, loader);
+ } catch (LaunchException e) {
+ throw e;
+ }
+
+ // loaders are mapped to a unique key. Only extensions and parent
+ // share a key, so it is safe to always share based on it
+ urlToLoader.put(uniqueKey, loader);
return loader;
}
/**
* Returns a JNLP classloader for the JNLP file at the specified
- * location.
+ * location.
*
* @param location the file's location
* @param version the file's version
@@ -286,17 +289,18 @@ public class JNLPClassLoader extends URL
loaderList.add(this);
- //if (ext != null) {
- for (int i=0; i < ext.length; i++) {
- try {
- JNLPClassLoader loader = getInstance(ext[i].getLocation(), ext[i].getVersion(), updatePolicy);
- loaderList.add(loader);
- }
- catch (Exception ex) {
- ex.printStackTrace();
- }
- }
- //}
+ //if (ext != null) {
+ for (int i=0; i < ext.length; i++) {
+ try {
+ String uniqueKey = this.getJNLPFile().getUniqueKey();
+ JNLPClassLoader loader = getInstance(ext[i].getLocation(), uniqueKey, ext[i].getVersion(), updatePolicy);
+ loaderList.add(loader);
+ }
+ catch (Exception ex) {
+ ex.printStackTrace();
+ }
+ }
+ //}
loaders = (JNLPClassLoader[]) loaderList.toArray(new JNLPClassLoader[ loaderList.size()]);
}
@@ -313,10 +317,10 @@ public class JNLPClassLoader extends URL
jars[i].getVersion());
if (JNLPRuntime.isDebug()) {
- if (p == null)
- System.out.println("Unable to add permission for " + jars[i].getLocation());
- else
- System.out.println("Permission added: " + p.toString());
+ if (p == null)
+ System.out.println("Unable to add permission for " + jars[i].getLocation());
+ else
+ System.out.println("Permission added: " + p.toString());
}
if (p != null)
resourcePermissions.add(p);
@@ -329,14 +333,14 @@ public class JNLPClassLoader extends URL
*/
void initializeResources() throws LaunchException {
JARDesc jars[] = resources.getJARs();
- if (jars == null || jars.length == 0)
- return;
- /*
- if (jars == null || jars.length == 0) {
- throw new LaunchException(null, null, R("LSFatal"),
- R("LCInit"), R("LFatalVerification"), "No jars!");
- }
- */
+ if (jars == null || jars.length == 0)
+ return;
+ /*
+ if (jars == null || jars.length == 0) {
+ throw new LaunchException(null, null, R("LSFatal"),
+ R("LCInit"), R("LFatalVerification"), "No jars!");
+ }
+ */
List initialJars = new ArrayList();
for (int i=0; i < jars.length; i++) {
@@ -347,7 +351,7 @@ public class JNLPClassLoader extends URL
initialJars.add(jars[i]); // regardless of part
tracker.addResource(jars[i].getLocation(),
- jars[i].getVersion(),
+ jars[i].getVersion(),
jars[i].isCacheable() ? JNLPRuntime.getDefaultUpdatePolicy() : UpdatePolicy.FORCE
);
}
@@ -355,42 +359,42 @@ public class JNLPClassLoader extends URL
if (strict)
fillInPartJars(initialJars); // add in each initial part's lazy jars
- if (JNLPRuntime.isVerifying()) {
-
- JarSigner js;
- waitForJars(initialJars); //download the jars first.
-
- try {
- js = verifyJars(initialJars);
- } catch (Exception e) {
- //we caught an Exception from the JarSigner class.
- //Note: one of these exceptions could be from not being able
- //to read the cacerts or trusted.certs files.
- e.printStackTrace();
- throw new LaunchException(null, null, R("LSFatal"),
- R("LCInit"), R("LFatalVerification"), R("LFatalVerificationInfo"));
- }
-
- //Case when at least one jar has some signing
- if (js.anyJarsSigned()){
- signing = true;
-
- //user does not trust this publisher
- if (!js.getAlreadyTrustPublisher()) {
- checkTrustWithUser(js);
- } else {
- /**
- * If the user trusts this publisher (i.e. the publisher's certificate
- * is in the user's trusted.certs file), we do not show any dialogs.
- */
- }
- } else {
-
- signing = false;
- //otherwise this jar is simply unsigned -- make sure to ask
- //for permission on certain actions
- }
- }
+ if (JNLPRuntime.isVerifying()) {
+
+ JarSigner js;
+ waitForJars(initialJars); //download the jars first.
+
+ try {
+ js = verifyJars(initialJars);
+ } catch (Exception e) {
+ //we caught an Exception from the JarSigner class.
+ //Note: one of these exceptions could be from not being able
+ //to read the cacerts or trusted.certs files.
+ e.printStackTrace();
+ throw new LaunchException(null, null, R("LSFatal"),
+ R("LCInit"), R("LFatalVerification"), R("LFatalVerificationInfo"));
+ }
+
+ //Case when at least one jar has some signing
+ if (js.anyJarsSigned()){
+ signing = true;
+
+ //user does not trust this publisher
+ if (!js.getAlreadyTrustPublisher()) {
+ checkTrustWithUser(js);
+ } else {
+ /**
+ * If the user trusts this publisher (i.e. the publisher's certificate
+ * is in the user's trusted.certs file), we do not show any dialogs.
+ */
+ }
+ } else {
+
+ signing = false;
+ //otherwise this jar is simply unsigned -- make sure to ask
+ //for permission on certain actions
+ }
+ }
activateJars(initialJars);
}
@@ -400,7 +404,7 @@ public class JNLPClassLoader extends URL
boolean b = SecurityWarningDialog.showCertWarningDialog(
SecurityWarningDialog.AccessType.UNVERIFIED, file, js);
if (!b)
- throw new LaunchException(null, null, R("LSFatal"),
+ throw new LaunchException(null, null, R("LSFatal"),
R("LCLaunching"), R("LNotVerified"), "");
} else if (js.getRootInCacerts()) { //root cert is in cacerts
boolean b = false;
@@ -465,19 +469,19 @@ public class JNLPClassLoader extends URL
// access w/o security dialog once we actually check certificates.
// copy security permissions from SecurityDesc element
- if (security != null) {
+ if (security != null) {
// Security desc. is used only to track security settings for the
// application. However, an application may comprise of multiple
// jars, and as such, security must be evaluated on a per jar basis.
-
+
// set default perms
PermissionCollection permissions = security.getSandBoxPermissions();
-
+
// If more than default is needed, evaluate based on codesource
if (security.getSecurityType().equals(SecurityDesc.ALL_PERMISSIONS) ||
security.getSecurityType().equals(SecurityDesc.J2EE_PERMISSIONS)) {
- if (cs.getCodeSigners() != null) {
+ if (cs.getCodeSigners() != null) {
permissions = security.getPermissions();
}
}
@@ -487,23 +491,21 @@ public class JNLPClassLoader extends URL
result.add(e.nextElement());
}
-
-
// add in permission to read the cached JAR files
for (int i=0; i < resourcePermissions.size(); i++)
result.add((Permission) resourcePermissions.get(i));
// add in the permissions that the user granted.
for (int i=0; i < runtimePermissions.size(); i++)
- result.add(runtimePermissions.get(i));
+ result.add(runtimePermissions.get(i));
return result;
}
protected void addPermission(Permission p) {
- runtimePermissions.add(p);
- }
-
+ runtimePermissions.add(p);
+ }
+
/**
* Adds to the specified list of JARS any other JARs that need
* to be loaded at the same time as the JARs specified (ie, are
@@ -549,25 +551,25 @@ public class JNLPClassLoader extends URL
URL location = jar.getLocation(); // non-cacheable, use source location
if (localFile != null) {
location = localFile.toURL(); // cached file
-
- // This is really not the best way.. but we need some way for
- // PluginAppletViewer::getCachedImageRef() to check if the image
- // is available locally, and it cannot use getResources() because
- // that prefetches the resource, which confuses MediaTracker.waitForAll()
- // which does a wait(), waiting for notification (presumably
+
+ // This is really not the best way.. but we need some way for
+ // PluginAppletViewer::getCachedImageRef() to check if the image
+ // is available locally, and it cannot use getResources() because
+ // that prefetches the resource, which confuses MediaTracker.waitForAll()
+ // which does a wait(), waiting for notification (presumably
// thrown after a resource is fetched). This bug manifests itself
// particularly when using The FileManager applet from Webmin.
-
+
JarFile jarFile = new JarFile(localFile);
Enumeration e = jarFile.entries();
while (e.hasMoreElements()) {
-
+
JarEntry je = (JarEntry) e.nextElement();
-
- // another jar in my jar? it is more likely than you think
+
+ // another jar in my jar? it is more likely than you think
if (je.getName().endsWith(".jar")) {
- // We need to extract that jar so that it can be loaded
- // (inline loading with "jar:..!/..." path will not work
+ // We need to extract that jar so that it can be loaded
+ // (inline loading with "jar:..!/..." path will not work
// with standard classloader methods)
String extractedJarLocation = localFile.getParent() + "/" + je.getName();
@@ -612,7 +614,7 @@ public class JNLPClassLoader extends URL
addURL(location);
- // there is currently no mechanism to cache files per
+ // there is currently no mechanism to cache files per
// instance.. so only index cached files
if (localFile != null) {
JarIndex index = JarIndex.getJarIndex(new JarFile(localFile.getAbsolutePath()), null);
@@ -684,11 +686,11 @@ public class JNLPClassLoader extends URL
* calls.
*/
protected File getNativeDir() {
- nativeDir = new File(System.getProperty("java.io.tmpdir")
- + File.separator + "netx-native-"
+ nativeDir = new File(System.getProperty("java.io.tmpdir")
+ + File.separator + "netx-native-"
More information about the distro-pkg-dev
mailing list