[icedtea-web] RFC: Patch to fix signature verification on OpenJDK7
Dr Andrew John Hughes
ahughes at redhat.com
Wed Aug 3 10:55:15 PDT 2011
On 13:45 Wed 03 Aug , Deepak Bhole wrote:
> Hi,
>
> OpenJDK7 reports MANIFEST.MF as a signed entry even when it is not. This
> causes the signature verification code in icedtea-web to throw an error
> as it is not expecting MANIFEST.MF to be signed.
>
> Attached patch makes it so that entries with signature are tracked iff
> the entry is expected to be signed. This ensures that icedtea-web will
> work with 6 and 7.
>
> Okay for HEAD and backport to 1.1/1.0?
>
> ChangeLog:
>
> 2011-08-03 Deepak Bhole <dbhole at redhat.com>
>
> * netx/net/sourceforge/jnlp/tools/JarSigner.java (verifyJar): Put
> entry in cert hashtable only if the entry is expected to be signed.
>
> Thanks,
> Deepak
Do you think this is a bug in 7? Or the right behaviour?
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
More information about the distro-pkg-dev
mailing list