[icedtea-web][rfc] Update on Danesh's major rework of JarCertVerifier

[Omair Majid]

On 09/28/2012 10:32 AM, Adam Domurad wrote:
> This is a reproducer for cases where jar's have multiple signers. (This
> only makes sense in the context of the other patches, because it relies
> on checking for the new message that is printed when jars have
> improperly mixed signage.)
> 

Comments in-line below.

> diff -r cbf8e415c5bf tests/reproducers/custom/MultipleSignaturesPerJar/README
> --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
> +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/README	Thu Sep 27 16:10:12 2012 -0400
> @@ -0,0 +1,2 @@
> +This test relies on reproducers signed/ReadPropertiesSigned.
> +Any changes to that reproducer may require updates here.
> \ No newline at end of file

Sounds like this message belongs in signed/ReadPropertiesSigned. Someone
modifying that is not very likely to look here; this message will likely
be ignored.

> diff -r cbf8e415c5bf tests/reproducers/custom/MultipleSignaturesPerJar/srcs/Makefile
> --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
> +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/Makefile	Thu Sep 27 16:10:12 2012 -0400

> +# Index jar causes main class jar to load

Is this correct/relevant?

> diff -r cbf8e415c5bf tests/reproducers/signed/ReadPropertiesSigned/srcs/ReadPropertiesSigned.java
> --- a/tests/reproducers/signed/ReadPropertiesSigned/srcs/ReadPropertiesSigned.java	Wed Sep 26 15:15:35 2012 -0400
> +++ b/tests/reproducers/signed/ReadPropertiesSigned/srcs/ReadPropertiesSigned.java	Thu Sep 27 16:10:12 2012 -0400
> @@ -41,5 +41,6 @@ public class ReadPropertiesSigned {
>      */    
>      public static void main(String[] args) {
>           System.out.println(System.getProperty(args[0]));
> +         System.out.println("*** APPLET FINISHED ***");
>    }
>  }

Is this always an applet? Or do we not care even if it's printed for
applications?

Thanks,
Omair