/hg/release/icedtea6-1.7: netx: error out when unsigned jnlp app...

Dr Andrew John Hughes ahughes at redhat.com
Wed Jul 21 10:50:14 PDT 2010 

On 21 July 2010 17:56,  <omajid at icedtea.classpath.org> wrote:
> changeset 87c67dea5e0a in /hg/release/icedtea6-1.7
> details: http://icedtea.classpath.org/hg/release/icedtea6-1.7?cmd=changeset;node=87c67dea5e0a
> author: Omair Majid <omajid at redhat.com>
> date: Wed Jul 21 12:55:35 2010 -0400
>
>        netx: error out when unsigned jnlp applications request permissions
>
>        2010-07-20 Omair Majid <omajid at redhat.com>
>
>         * netx/net/sourceforge/jnlp/resources/Messages.properties:
>        Add LUnsignedJarWithSecurity LUnsignedJarWithSecurityInfo.
>            * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
>        (setSecurity): Can now throw a LaunchException if the JNLP file
>        requests permissions but the jars are unsigned.
>
>
> diffstat:
>
> 3 files changed, 27 insertions(+), 9 deletions(-)
> ChangeLog                                             |    8 +++++
> rt/net/sourceforge/jnlp/resources/Messages.properties |    2 +
> rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java  |   26 +++++++++++------
>
> diffs (63 lines):
>
> diff -r 40a2a5a54fce -r 87c67dea5e0a ChangeLog
> --- a/ChangeLog Wed Jul 21 17:31:46 2010 +0100
> +++ b/ChangeLog Wed Jul 21 12:55:35 2010 -0400
> @@ -1,3 +1,11 @@ 2010-07-21  Andrew John Hughes  <ahughes
> +2010-07-21  Omair Majid  <omajid at redhat.com>
> +
> +       * netx/net/sourceforge/jnlp/resources/Messages.properties:
> +       Add LUnsignedJarWithSecurity LUnsignedJarWithSecurityInfo.
> +       * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> +       (setSecurity): Can now throw a LaunchException if the JNLP file requests
> +       permissions but the jars are unsigned.
> +
>  2010-07-21  Andrew John Hughes  <ahughes at redhat.com>
>
>        * NEWS: Add NIO2 changes.
> diff -r 40a2a5a54fce -r 87c67dea5e0a rt/net/sourceforge/jnlp/resources/Messages.properties
> --- a/rt/net/sourceforge/jnlp/resources/Messages.properties     Wed Jul 21 17:31:46 2010 +0100
> +++ b/rt/net/sourceforge/jnlp/resources/Messages.properties     Wed Jul 21 12:55:35 2010 -0400
> @@ -50,6 +50,8 @@ LNotLaunchableInfo=File must be a JNLP a
>  LNotLaunchableInfo=File must be a JNLP application, applet, or installer type.
>  LCantDetermineMainClass=Unknown Main-Class.
>  LCantDetermineMainClassInfo=Could not determine the main class for this application.
> +LUnsignedJarWithSecurity=Cannot grant permissions to unsigned jars.
> +LUnsignedJarWithSecurityInfo=Application requested security permissions, but jars are not signed.
>
>  JNotApplet=File is not an applet.
>  JNotApplication=File is not an application.
> diff -r 40a2a5a54fce -r 87c67dea5e0a rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> --- a/rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java      Wed Jul 21 17:31:46 2010 +0100
> +++ b/rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java      Wed Jul 21 12:55:35 2010 -0400
> @@ -185,15 +185,23 @@ public class JNLPClassLoader extends URL
>                        }
>                } else { //regular jnlp file
>
> -                       /**
> -                        * If the application is signed, then we set the SecurityDesc to the
> -                        * <security> tag in the jnlp file. Note that if an application is
> -                        * signed, but there is no <security> tag in the jnlp file, the
> -                        * application will get sandbox permissions.
> -                        * If the application is unsigned, we ignore the <security> tag and
> -                        * use a sandbox instead.
> -                        */
> -                       if (signing == true) {
> +            /*
> +             * Various combinations of the jars being signed and <security> tags being
> +             * present are possible. They are treated as follows
> +             *
> +             * Jars          JNLP File         Result
> +             *
> +             * Signed        <security>        Appropriate Permissions
> +             * Signed        no <security>     Sandbox
> +             * Unsigned      <security>        Error
> +             * Unsigned      no <security>     Sandbox
> +             *
> +             */
> +
> +            if (!file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS) && !signing) {
> +                throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
> +            }
> +            else if (signing == true) {
>                                this.security = file.getSecurity();
>                        } else {
>                                this.security = new SecurityDesc(file,
>

This breaks the build:

1. ERROR in /home/andrew/projects/openjdk/icedtea6-1.7/rt/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
(at line 202)
	throw new LaunchException(file, null, R("LSFatal"), R("LCClient"),
R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
	^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Unhandled exception type LaunchException

-- 
Andrew :-)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net

PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA  7927 142C 2591 94EF D9D8

More information about the distro-pkg-dev mailing list