/hg/icedtea-web: PR768: Signed applets/Web Start apps don't work...

Wed Aug 3 11:16:03 PDT 2011

changeset defa7d0051bf in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=defa7d0051bf
author: Deepak Bhole <dbhole at redhat.com>
date: Wed Aug 03 14:11:11 2011 -0400

	PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up


diffstat:

 ChangeLog                                      |  6 ++++++
 NEWS                                           |  2 ++
 netx/net/sourceforge/jnlp/tools/JarSigner.java |  2 +-
 3 files changed, 9 insertions(+), 1 deletions(-)

diffs (40 lines):

diff -r f2c80b9ceae1 -r defa7d0051bf ChangeLog

--- a/ChangeLog	Wed Aug 03 12:32:22 2011 -0400
+++ b/ChangeLog	Wed Aug 03 14:11:11 2011 -0400
@@ -12,6 +12,12 @@
 	* netx/net/sourceforge/jnlp/Node.java:
 	  Removed getAttributeNames() method from the commented section
 
+2011-08-03  Deepak Bhole <dbhole at redhat.com>
+
+	PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up
+	* netx/net/sourceforge/jnlp/tools/JarSigner.java (verifyJar): Put entry in
+	cert hashtable only if the entry is expected to be signed.
+
 2011-08-02 Jiri Vanek <jvanek at redhat.com>
 
 	*Makefile.am: (stamps/netx-dist-tests-prepare-reproducers.stamp):
diff -r f2c80b9ceae1 -r defa7d0051bf NEWS
--- a/NEWS	Wed Aug 03 12:32:22 2011 -0400
+++ b/NEWS	Wed Aug 03 14:11:11 2011 -0400
@@ -14,6 +14,8 @@
 	- RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation
 * Plugin
   - PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow
+Common
+  - PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up
 
 New in release 1.1 (2011-XX-XX):
 * Security updates
diff -r f2c80b9ceae1 -r defa7d0051bf netx/net/sourceforge/jnlp/tools/JarSigner.java
--- a/netx/net/sourceforge/jnlp/tools/JarSigner.java	Wed Aug 03 12:32:22 2011 -0400
+++ b/netx/net/sourceforge/jnlp/tools/JarSigner.java	Wed Aug 03 14:11:11 2011 -0400
@@ -284,7 +284,7 @@
                     if (shouldHaveSignature)
                         totalSignableEntries++;
 
-                    if (isSigned) {
+                    if (shouldHaveSignature && isSigned) {
                         for (int i = 0; i < signers.length; i++) {
                             CertPath certPath = signers[i].getSignerCertPath();
                             if (!certs.containsKey(certPath))

