[rfc][icedtea-web] Backport unsigned applet confirmation to icedtea-web 1.2
Jiri Vanek
jvanek at redhat.com
Thu Feb 28 09:01:57 PST 2013
On 02/27/2013 10:02 PM, Adam Domurad wrote:
> On 02/27/2013 12:01 PM, Jiri Vanek wrote:
>> On 02/26/2013 10:59 PM, Adam Domurad wrote:
>>> NB: This is a work in progress, posting for early feedback.
>>>
>>> So a back-port was requested for 1.2 for systems that still use it. I tried to use as much
>>> already-reviewed material as possible while retaining simplicity.
>>>
>>> The whitelist attempts to be forwards compatible with the patch aimed at HEAD, but generally it does
>>> plain string matching without regex.
>>>
>>> The icedtea-web settings panel simply has a box that changes the security level, and a button to
>>> clear the current whitelist.
>>>
>>> I *think* everything is working, but I was in a rush posting this, so let me know. There are a few
>>> println statements left in, but again, rush.
>>>
>>> This is of course meant to be applied to the 1.2 release branch.
>>>
>>> Cheers,
>>> -Adam
>>
>> Hi!
>>
>> I like this backport. Looks like it is working....
>> I like that you have addapted as much code as possible, and you are keeping forward compatibility.
>> => Maybe it is also worthy to backport UnsignedAppletActionEntry.java , which is handling the loading of lines.
>
> I looked at it but decided to go for the simplest route possible with the matching/storing/loading, which was treating the file as a set of strings.
>
>> Also I like the url normlaization stuff.
>>
>> mayor nit:
>> The checkbox is not working. Decision is always saved.
>
> Sorry, this is a remnant of the behaviour of storing y/n in HEAD. Fixed now.
>
>> Proceed/cancel is not saved correctly - in all cases "N" is saved
>> The values in .applettrustSettings are overriding main policy. Is this even in head?
>
> Really ? I couldn't reproduce this. Still doing as much testing as I can. Let me know if you have concrete reproduction steps. Note that the browser will have to be restarted after changing setting in itweb-settings
>
>> This file should be checked only (in case of this backport) only during "high security"
>>
>> Minor nits - in head the items in combobobx are sorted in reversed order.
>
> Fixed
>
>> Sometimes I noted that the combobozx have not setup its value accordingly user's value
>
> I am not sure what you mean. Do you have steps to reproduce this?
I was not able to reproduce again.
>
>> The exeption should be maybe more clear (eg distinguish custompolicy and "by applet| policy in its text) - I think this is valid also fo head
>
> The one thrown when applet is denied ? Good point. Added 'The applet was unsigned, and was not trusted.' for when user rejects / blacklist rejects the applet. They are now LUnsignedAppletPolicyDenied/LUnsignedAppletUserDenied. I will include it in my next version for HEAD.
Thanx!
Maybe for head you can think about even more verbose errors:
policy middle, but applet untrusted
well, appelt trusted, but policy to strict....
or so on... There is a lot of cases:)
>
>>
>> imho both
>> User file : /home/jvanek/.icedtea/deployment.properties
>> System file : null
>> outputs should be gone...
>
> Sorry! Those were the 'println's that I noted.
>
sure ;)
>>
>> For 1.3 I would ratehr like to have full backport of head.
>
> I'm not too strongly opinionated either way.
good :) Then head to 1.3 :)
>
>>
>>
>> Thanx for backport!
>>
>> J.
>
> Attached is new version, also added missing copyright headers.
thanx!
Two mayor nits:
the code can not be transleted by jdk6:
final JComboBox<String> comboBox = new JComboBox<String>(items); - > final JComboBox comboBox = new JComboBox(items);
You have switched the huma readable strings in combobox, nut not the input values, so extra high is actually assigned to ALLOW_ALL and low is assigned to DANY_ALL_UNSIGNED
both discussed on irc...
minor - you are saving "1" to .applets file - is new Date().getTime() to problematic?
minor - your combobox is aligned to second side then rest of controls (try to maximize it)
I'm actually fine with above fixed for 1.2....
I would like to backport also the locking file unittests and (adapted) mathching unittests which are both in head. But do as you want.
Feel free to turn one more round on distro-list if you feel so.
J.
> dialogue-1.2-backport2.patch
>
>
> diff --git a/netx/net/sourceforge/jnlp/PluginBridge.java b/netx/net/sourceforge/jnlp/PluginBridge.java
> --- a/netx/net/sourceforge/jnlp/PluginBridge.java
> +++ b/netx/net/sourceforge/jnlp/PluginBridge.java
> @@ -171,6 +171,10 @@ public class PluginBridge extends JNLPFi
> codeBaseLookup = cbl == null || (Boolean.valueOf(cbl));
> }
>
> + public List<String> getArchiveJars() {
> + return new ArrayList<String>(jars);
> + }
> +
> public boolean codeBaseLookup() {
> return codeBaseLookup;
> }
> diff --git a/netx/net/sourceforge/jnlp/config/Defaults.java b/netx/net/sourceforge/jnlp/config/Defaults.java
> --- a/netx/net/sourceforge/jnlp/config/Defaults.java
> +++ b/netx/net/sourceforge/jnlp/config/Defaults.java
> @@ -45,6 +45,7 @@ import java.util.Map;
>
> import net.sourceforge.jnlp.ShortcutDesc;
> import net.sourceforge.jnlp.runtime.JNLPProxySelector;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustSettings;
>
> /**
> * This class stores the default configuration
> @@ -378,6 +379,15 @@ public class Defaults {
> DeploymentConfiguration.KEY_UPDATE_TIMEOUT,
> BasicValueValidators.getRangedIntegerValidator(0, 10000),
> String.valueOf(500)
> + },
> + {
> + DeploymentConfiguration.KEY_SECURITY_LEVEL,
> + BasicValueValidators.getStringValidator(new String[] {
> + UnsignedAppletTrustSettings.AppletSecurityLevel.ALLOW_UNSIGNED.name(),
> + UnsignedAppletTrustSettings.AppletSecurityLevel.ASK_UNSIGNED.name(),
> + UnsignedAppletTrustSettings.AppletSecurityLevel.DENY_UNSIGNED.name()
> + }),
> + UnsignedAppletTrustSettings.getDefaultSecurityLevel().name()
> }
> };
>
> diff --git a/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java b/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java
> --- a/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java
> +++ b/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java
> @@ -52,6 +52,8 @@ public final class DeploymentConfigurati
> public static final String DEPLOYMENT_CONFIG = "deployment.config";
> public static final String DEPLOYMENT_PROPERTIES = "deployment.properties";
>
> + public static final String APPLET_TRUST_SETTINGS = ".appletTrustSettings";
> +
> public static final String DEPLOYMENT_COMMENT = "Netx deployment configuration";
>
> public static final int JNLP_ASSOCIATION_NEVER = 0;
> @@ -105,6 +107,8 @@ public final class DeploymentConfigurati
> /** Boolean. Only show security prompts to user if true */
> public static final String KEY_SECURITY_PROMPT_USER = "deployment.security.askgrantdialog.show";
>
> + public static final String KEY_SECURITY_LEVEL = "deployment.security.level";
> +
> public static final String KEY_SECURITY_TRUSTED_POLICY = "deployment.security.trusted.policy";
>
> /** Boolean. Only give AWTPermission("showWindowWithoutWarningBanner") if true */
> diff --git a/netx/net/sourceforge/jnlp/controlpanel/SecuritySettingsPanel.java b/netx/net/sourceforge/jnlp/controlpanel/SecuritySettingsPanel.java
> --- a/netx/net/sourceforge/jnlp/controlpanel/SecuritySettingsPanel.java
> +++ b/netx/net/sourceforge/jnlp/controlpanel/SecuritySettingsPanel.java
> @@ -17,21 +17,31 @@ Foundation, Inc., 59 Temple Place, Suite
> */
> package net.sourceforge.jnlp.controlpanel;
>
> +import static net.sourceforge.jnlp.runtime.Translator.R;
> +
> import java.awt.BorderLayout;
> import java.awt.Component;
> import java.awt.Dimension;
> +import java.awt.FlowLayout;
> import java.awt.GridBagConstraints;
> import java.awt.GridBagLayout;
> +import java.awt.GridLayout;
> import java.awt.event.ActionEvent;
> import java.awt.event.ActionListener;
>
> import javax.swing.Box;
> +import javax.swing.BoxLayout;
> +import javax.swing.JButton;
> import javax.swing.JCheckBox;
> +import javax.swing.JComboBox;
> import javax.swing.JLabel;
> import javax.swing.JPanel;
>
> import net.sourceforge.jnlp.config.DeploymentConfiguration;
> import net.sourceforge.jnlp.runtime.Translator;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionStorage;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustSettings;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustSettings.AppletSecurityLevel;
>
> /**
> * This provides a way for the user to modify the security settings through a
> @@ -80,6 +90,58 @@ public class SecuritySettingsPanel exten
> addComponents();
> }
>
> + private JPanel createAppletSecurityLevelComponent() {
> +
> + JPanel panel = new JPanel(new FlowLayout(FlowLayout.LEFT));
> + JLabel label = new JLabel(Translator.R("APPEXTSECguiPanelSecurityLevel"));
> + panel.add(label);
> +
> + // Security level choice
> + final String[] items = {
> + Translator.R("APPEXTSECappletSecurityLevelVeryHighId") + " - " + Translator.R("APPEXTSECappletSecurityLevelVeryHighExplanation"),
> + Translator.R("APPEXTSECappletSecurityLevelHighId") + " - " + Translator.R("APPEXTSECappletSecurityLevelHighExplanation"),
> + Translator.R("APPEXTSECappletSecurityLevelLowId") + " - " + Translator.R("APPEXTSECappletSecurityLevelLowExplanation")
> + };
> + final AppletSecurityLevel[] levels = { AppletSecurityLevel.ALLOW_UNSIGNED,
> + AppletSecurityLevel.ASK_UNSIGNED,
> + AppletSecurityLevel.DENY_UNSIGNED };
> +
> + final JComboBox<String> comboBox = new JComboBox<String>(items);
> +
> + for (int i = 0; i< levels.length; i++) {
> + if (levels[i] == UnsignedAppletTrustSettings.getSecurityLevel(config)) {
> + comboBox.setSelectedIndex(i);
> + }
> + }
> +
> + comboBox.addActionListener(new ActionListener(){
> + @Override
> + public void actionPerformed(ActionEvent e) {
> + int idx = comboBox.getSelectedIndex();
> + UnsignedAppletTrustSettings.setSecurityLevel(config, levels[idx]);
> + }
> + });
> +
> + panel.add(comboBox);
> + return panel;
> + }
> + private JButton createClearActionsButton() {
> + final JButton clearActions = new JButton(
> + Translator.R("SGPClearUnsignedAppletActions"));
> +
> + // Clear remembered actions button
> + clearActions.setEnabled(UnsignedAppletActionStorage.hasStoredActions());
> + clearActions.addActionListener(new ActionListener() {
> + @Override
> + public void actionPerformed(ActionEvent event) {
> + UnsignedAppletActionStorage.clearStoredActions();
> + clearActions.setEnabled(false);
> + }
> + });
> +
> + return clearActions;
> + }
> +
> /**
> * Add the components to the panel.
> */
> @@ -126,7 +188,16 @@ public class SecuritySettingsPanel exten
> topPanel.add(securityGeneralOptions[i], c);
> }
>
> + c.fill = GridBagConstraints.NONE;
> + c.weightx = 0;
> + c.gridy += 2;
> + topPanel.add(createAppletSecurityLevelComponent(), c);
> +
> + c.gridy++;
> + topPanel.add(createClearActionsButton(), c);
> +
> Component filler = Box.createRigidArea(new Dimension(1, 1));
> + c.fill = GridBagConstraints.BOTH;
> c.weighty = 1;
> c.gridy++;
> topPanel.add(filler, c);
> diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
> --- a/netx/net/sourceforge/jnlp/resources/Messages.properties
> +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
> @@ -80,6 +80,9 @@ LUnsignedJarWithSecurity=Cannot grant pe
> LUnsignedJarWithSecurityInfo=Application requested security permissions, but jars are not signed.
> LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars.
> LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't.
> +LUnsignedApplet=The applet was unsigned.
> +LUnsignedAppletPolicyDenied=The applet was unsigned, and the security policy prevented it from running.
> +LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted.
> LSignedJNLPFileDidNotMatch=The signed JNLP file did not match the launching JNLP file.
> LNoSecInstance=Error: No security instance for {0}. The application may have trouble continuing
> LCertFoundIn={0} found in cacerts ({1})
> @@ -218,6 +221,12 @@ SNoAssociatedCertificate=<no associated
> SUnverified=(unverified)
> SAlwaysTrustPublisher=Always trust content from this publisher
> SHttpsUnverified=The website's HTTPS certificate cannot be verified.
> +SRememberOption=<b>Remember this option?</b>
> +SUnsignedSummary=An unsigned Java application wants to run
> +SUnsignedDetail=An unsigned application from the following location wants to run:<br><u>{0}</u><br><br><b>It is recommended you only run applications from sites you trust.</b>
> +SUnsignedAllowedBefore=<font color="green">You have accepted this applet previously.</font>
> +SUnsignedRejectedBefore=<font color="red">You have rejected this applet previously.</font>
> +SUnsignedQuestion=Allow the applet to run?
> SNotAllSignedSummary=Only parts of this application code are signed.
> SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
> SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
> @@ -395,6 +404,7 @@ SGPEnableCachingPassword=Enable caching
> SGPUseSSL2=Use SSL 2.0 compatible ClientHello format (Unsupported)
> SGPUseSSL3=Use SSL 3.0 (Unsupported)
> SGPUseTLS1=Use TLS 1.0 (Unsupported)
> +SGPClearUnsignedAppletActions=Clear Remembered Applets
>
> # Control Panel - TemporaryInternetFilesPanel
> TIFPEnableCache=Keep temporary files on my computer
> @@ -442,3 +452,12 @@ CLResetDescription=Resets the value for
> CLInfoDescription=Shows more information about the given property
> CLCheckDescription=Shows any properties that have been defined but are not recognized by IcedTea Web
> CLHelpDescription=The itweb-settings tool allows a user to modify, view and check configuration. \nTo use the GUI, do not pass any arguments. To use the CLI mode, pass in the approrpiate command and parameters. For help with a particular command, try: {0} command help
> +
> +APPEXTSECappletSecurityLevelVeryHighId=Very High Security
> +APPEXTSECappletSecurityLevelHighId=High Security
> +APPEXTSECappletSecurityLevelLowId=Low Security
> +
> +APPEXTSECappletSecurityLevelVeryHighExplanation=No unsigned applets will be run
> +APPEXTSECappletSecurityLevelHighExplanation=User will be prompted for each unsigned applet
> +APPEXTSECappletSecurityLevelLowExplanation=Unsigned applets will be run automatically
> +APPEXTSECguiPanelSecurityLevel=Security Level
> \ No newline at end of file
> diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> @@ -53,6 +53,7 @@ import java.util.jar.JarEntry;
> import java.util.jar.JarFile;
> import java.util.jar.Manifest;
>
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
> import net.sourceforge.jnlp.AppletDesc;
> import net.sourceforge.jnlp.ApplicationDesc;
> import net.sourceforge.jnlp.DownloadOptions;
> @@ -322,6 +323,13 @@ public class JNLPClassLoader extends URL
>
> loader = new JNLPClassLoader(file, policy);
>
> + // If security level is 'high' or greater, we must check if the user allows unsigned applets
> + // when the JNLPClassLoader is created. We do so here, because doing so in the constructor
> + // causes unwanted side-effects for some applets
> + if (!loader.getSigning()&& file instanceof PluginBridge) {
> + UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file);
> + }
> +
> // New loader init may have caused extentions to create a
> // loader for this unique key. Check.
> JNLPClassLoader extLoader = urlToLoader.get(uniqueKey);
> @@ -494,7 +502,6 @@ public class JNLPClassLoader extends URL
> !SecurityDialogs.showNotAllSignedWarningDialog(file))
> throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
>
> -
> // Check for main class in the downloaded jars, and check/verify signed JNLP fill
> checkForMain(initialJars);
>
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> @@ -38,6 +38,7 @@ exception statement from your version.
> package net.sourceforge.jnlp.security;
>
> import net.sourceforge.jnlp.JNLPFile;
> +import net.sourceforge.jnlp.PluginBridge;
> import net.sourceforge.jnlp.runtime.JNLPRuntime;
> import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
> @@ -303,6 +304,8 @@ public class SecurityDialog extends JDia
> panel = new AppletWarningPane(this, this.certVerifier);
> else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> panel = new NotAllSignedWarningPane(this);
> + else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above
> + panel = new UnsignedAppletTrustWarningDialog(this, (PluginBridge)file);
> else if (dialogType == DialogType.AUTHENTICATION)
> panel = new PasswordAuthenticationPane(this, extras);
>
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> @@ -37,6 +37,8 @@ exception statement from your version.
>
> package net.sourceforge.jnlp.security;
>
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionStorage.ExecuteUnsignedApplet;
> +
> import java.awt.Dialog.ModalityType;
> import java.awt.event.WindowAdapter;
> import java.awt.event.WindowEvent;
> @@ -70,6 +72,7 @@ public class SecurityDialogs {
> SINGLE_CERT_INFO,
> ACCESS_WARNING,
> NOTALLSIGNED_WARNING,
> + UNSIGNED_WARNING, /* requires confirmation with 'high-security' setting */
> APPLET_WARNING,
> AUTHENTICATION,
> }
> @@ -86,6 +89,7 @@ public class SecurityDialogs {
> VERIFIED,
> UNVERIFIED,
> NOTALLSIGNED,
> + UNSIGNED, /* requires confirmation with 'high-security' setting */
> SIGNING_ERROR
> }
>
> @@ -173,6 +177,26 @@ public class SecurityDialogs {
> }
>
> /**
> + * Shows a warning dialog for when a plugin applet is unsigned.
> + * This is used with 'high-security' setting.
> + *
> + * @return true if permission was granted by the user, false otherwise.
> + */
> + public static ExecuteUnsignedApplet showUnsignedWarningDialog(JNLPFile file) {
> +
> + if (!shouldPromptUser()) {
> + return ExecuteUnsignedApplet.NO;
> + }
> +
> + final SecurityDialogMessage message = new SecurityDialogMessage();
> + message.dialogType = DialogType.UNSIGNED_WARNING;
> + message.accessType = AccessType.UNSIGNED;
> + message.file = file;
> +
> + return (ExecuteUnsignedApplet)getUserResponse(message);
> + }
> +
> + /**
> * Shows a security warning dialog according to the specified type of
> * access. If<code>type</code> is one of AccessType.VERIFIED or
> * AccessType.UNVERIFIED, extra details will be available with regards
> diff --git a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java
> @@ -0,0 +1,63 @@
> +/* Copyright (C) 2013 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> +package net.sourceforge.jnlp.security;
> +
> +import net.sourceforge.jnlp.PluginBridge;
> +import net.sourceforge.jnlp.security.UnsignedAppletTrustWarningPanel.ActionChoiceListener;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionStorage.ExecuteUnsignedApplet;
> +
> +/**
> + * A panel that confirms that the user is OK with unsigned code running.
> + *
> + */
> +public class UnsignedAppletTrustWarningDialog extends SecurityDialogPanel {
> +
> + public UnsignedAppletTrustWarningDialog(SecurityDialog x, PluginBridge file) {
> + super(x);
> +
> + add(new UnsignedAppletTrustWarningPanel(file,
> + new ActionChoiceListener() {
> + @Override
> + public void actionChosen(ExecuteUnsignedApplet action) {
> + parent.setValue(action);
> + parent.dispose();
> + }
> + })
> + );
> + }
> +
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java
> @@ -0,0 +1,216 @@
> +/* Copyright (C) 2013 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> +package net.sourceforge.jnlp.security;
> +
> +import static net.sourceforge.jnlp.runtime.Translator.R;
> +
> +import java.awt.BorderLayout;
> +import java.awt.Color;
> +import java.awt.Dimension;
> +import java.awt.FlowLayout;
> +import java.awt.Font;
> +import java.awt.event.ActionEvent;
> +import java.awt.event.ActionListener;
> +
> +import javax.swing.BorderFactory;
> +import javax.swing.BoxLayout;
> +import javax.swing.ImageIcon;
> +import javax.swing.JButton;
> +import javax.swing.JCheckBox;
> +import javax.swing.JLabel;
> +import javax.swing.JPanel;
> +import javax.swing.SwingConstants;
> +
> +import net.sourceforge.jnlp.PluginBridge;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionStorage.ExecuteUnsignedApplet;
> +
> +public class UnsignedAppletTrustWarningPanel extends JPanel {
> +
> + /*
> + * Callback for when action is decided.
> + */
> + public static interface ActionChoiceListener {
> + void actionChosen(ExecuteUnsignedApplet action);
> + }
> +
> + private final int PANE_WIDTH = 500;
> +
> + private final int TOP_PANEL_HEIGHT = 60;
> + private final int INFO_PANEL_HEIGHT = 100;
> + private final int QUESTION_PANEL_HEIGHT = 35;
> +
> + private JButton allowButton;
> + private JButton rejectButton;
> + private JCheckBox checkBox;
> +
> + private PluginBridge file;
> +
> + private ActionChoiceListener actionChoiceListener;
> +
> + public UnsignedAppletTrustWarningPanel(PluginBridge file, ActionChoiceListener actionChoiceListener) {
> +
> + this.file = file;
> + this.actionChoiceListener = actionChoiceListener;
> +
> + addComponents();
> + }
> +
> + public JButton getAllowButton() {
> + return allowButton;
> + }
> +
> + public JButton getRejectButton() {
> + return rejectButton;
> + }
> +
> + private String htmlWrap(String text) {
> + return "<html>" + text +"</html>";
> + }
> +
> + private ImageIcon infoImage() {
> + final String location = "net/sourceforge/jnlp/resources/info-small.png";
> + final ClassLoader appLoader = new sun.misc.Launcher().getClassLoader();
> + return new ImageIcon(appLoader.getResource(location));
> + }
> +
> + private void setupTopPanel() {
> + final String topLabelText = R("SUnsignedSummary");
> +
> + JLabel topLabel = new JLabel(htmlWrap(topLabelText), infoImage(),
> + SwingConstants.LEFT);
> + topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12));
> +
> + JPanel topPanel = new JPanel(new BorderLayout());
> + topPanel.setBackground(Color.WHITE);
> + topPanel.add(topLabel, BorderLayout.CENTER);
> + topPanel.setPreferredSize(new Dimension(PANE_WIDTH, TOP_PANEL_HEIGHT));
> + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
> +
> + add(topPanel);
> + }
> +
> + private void setupInfoPanel() {
> + String infoLabelText = R("SUnsignedDetail", file.getCodeBase());
> +
> + JLabel infoLabel = new JLabel(htmlWrap(infoLabelText));
> + JPanel infoPanel = new JPanel(new BorderLayout());
> + infoPanel.add(infoLabel, BorderLayout.CENTER);
> + infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, INFO_PANEL_HEIGHT));
> + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
> +
> + add(infoPanel);
> + }
> +
> + private void setupQuestionsPanel() {
> + JPanel questionPanel = new JPanel(new BorderLayout());
> +
> + questionPanel.add(new JLabel(htmlWrap(R("SUnsignedQuestion"))), BorderLayout.EAST);
> +
> + questionPanel.setPreferredSize(new Dimension(PANE_WIDTH, QUESTION_PANEL_HEIGHT));
> + questionPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
> +
> + add(questionPanel);
> + }
> +
> + private JPanel createCheckBoxPanel() {
> + JPanel checkBoxPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
> +
> + checkBox = new JCheckBox(htmlWrap(R("SRememberOption")));
> + checkBoxPanel.add(checkBox);
> +
> + checkBoxPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
> +
> + return checkBoxPanel;
> + }
> +
> + private JPanel createButtonPanel() {
> + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
> +
> + allowButton = new JButton(R("ButProceed"));
> + rejectButton = new JButton(R("ButCancel"));
> +
> + allowButton.addActionListener(chosenActionSetter(true));
> + rejectButton.addActionListener(chosenActionSetter(false));
> +
> + buttonPanel.add(allowButton);
> + buttonPanel.add(rejectButton);
> +
> + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
> +
> + return buttonPanel;
> + }
> +
> + // Set up 'Remember Option' checkbox& Proceed/Cancel buttons
> + private void setupButtonAndCheckBoxPanel() {
> + JPanel outerPanel = new JPanel(new BorderLayout());
> +
> + outerPanel.add(createCheckBoxPanel(), BorderLayout.WEST);
> + outerPanel.add(createButtonPanel(), BorderLayout.EAST);
> +
> + add(outerPanel);
> + }
> +
> + /**
> + * Creates the actual GUI components, and adds it to this panel
> + */
> + private void addComponents() {
> + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS));
> +
> + setupTopPanel();
> + setupInfoPanel();
> + setupQuestionsPanel();
> + setupButtonAndCheckBoxPanel();
> + }
> +
> + // Sets action depending on allowApplet + checkbox state
> + private ActionListener chosenActionSetter(final boolean allowApplet) {
> + return new ActionListener() {
> + @Override
> + public void actionPerformed(ActionEvent e) {
> + ExecuteUnsignedApplet action;
> +
> + if (allowApplet) {
> + action = checkBox.isSelected() ? ExecuteUnsignedApplet.ALWAYS : ExecuteUnsignedApplet.YES;
> + } else {
> + action = checkBox.isSelected() ? ExecuteUnsignedApplet.NEVER : ExecuteUnsignedApplet.NO;
> + }
> +
> + actionChoiceListener.actionChosen(action);
> + }
> + };
> + }
> +}
> \ No newline at end of file
> diff --git a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionStorage.java b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionStorage.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionStorage.java
> @@ -0,0 +1,264 @@
> +/* Copyright (C) 2013 Red Hat
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version. */
> +
> +package net.sourceforge.jnlp.security.appletextendedsecurity;
> +
> +import java.io.BufferedReader;
> +import java.io.BufferedWriter;
> +import java.io.File;
> +import java.io.FileInputStream;
> +import java.io.FileOutputStream;
> +import java.io.IOException;
> +import java.io.InputStreamReader;
> +import java.io.OutputStreamWriter;
> +import java.io.UnsupportedEncodingException;
> +import java.net.MalformedURLException;
> +import java.net.URI;
> +import java.net.URISyntaxException;
> +import java.net.URL;
> +import java.net.URLDecoder;
> +import java.util.ArrayList;
> +import java.util.List;
> +
> +import net.sourceforge.jnlp.PluginBridge;
> +import net.sourceforge.jnlp.config.DeploymentConfiguration;
> +import net.sourceforge.jnlp.util.lockingfile.LockedFile;
> +
> +public class UnsignedAppletActionStorage {
> + public enum ExecuteUnsignedApplet {
> + ALWAYS, NEVER,
> + /*
> + * The following will never be stored but can be returned from the
> + * security dialogue
> + */
> + YES, NO
> + }
> +
> + public static void clearStoredActions() {
> + try {
> + writeActionEntryList(new ArrayList<String>());
> + } catch (IOException e) {
> + /* It isn't clear how this should be handled, just log */
> + e.printStackTrace();
> + }
> + }
> + public static boolean hasStoredActions() {
> + try {
> + return !readActionEntryList().isEmpty();
> + } catch (IOException e) {
> + /* It isn't clear how this should be handled, log and return false */
> + e.printStackTrace();
> + return false;
> + }
> + }
> +
> + public static ExecuteUnsignedApplet getStoredAction(PluginBridge file) {
> + try {
> + List<String> actions = readActionEntryList();
> +
> + if (actions.contains(createActionEntryString(file,
> + ExecuteUnsignedApplet.NEVER))) {
> + return ExecuteUnsignedApplet.NEVER;
> + }
> +
> + if (actions.contains(createActionEntryString(file,
> + ExecuteUnsignedApplet.ALWAYS))) {
> + return ExecuteUnsignedApplet.ALWAYS;
> + }
> + } catch (IOException e) {
> + /* It isn't clear how this should be handled, log and return null */
> + e.printStackTrace();
> + } catch (URISyntaxException e) {
> + /* It isn't clear how this should be handled, log and return null */
> + e.printStackTrace();
> + }
> +
> + return null;
> + }
> +
> + public static void storeAction(PluginBridge file,
> + ExecuteUnsignedApplet action) {
> + try {
> + List<String> actions = readActionEntryList();
> + String actionEntry = createActionEntryString(file, action);
> +
> + boolean found = false;
> + for (int i = 0; !found&& i< actions.size(); i++) {
> + // Compare, ignoring the actual action (first character)
> + if (actions.get(i).substring(2)
> + .equals(actionEntry.substring(2))) {
> + // Overwrite matching entry
> + actions.set(i, actionEntry);
> + found = true;
> + }
> + }
> +
> + if (!found) {
> + actions.add(actionEntry);
> + }
> +
> + writeActionEntryList(actions);
> + } catch (IOException e) {
> + /* It isn't clear how this should be handled, just log */
> + e.printStackTrace();
> + } catch (URISyntaxException e) {
> + /* It isn't clear how this should be handled, just log */
> + e.printStackTrace();
> + }
> + }
> +
> + private static File getAppletTrustSettingsPath() {
> + return new File(System.getProperty("user.home") + File.separator
> + + DeploymentConfiguration.DEPLOYMENT_DIR + File.separator
> + + DeploymentConfiguration.APPLET_TRUST_SETTINGS);
> + }
> +
> + private static List<String> readActionEntryList() throws IOException {
> + List<String> actions = new ArrayList<String>();
> +
> + LockedFile trustSettings = LockedFile
> + .getInstance(getAppletTrustSettingsPath());
> +
> + BufferedReader reader = null;
> + trustSettings.lock();
> + try {
> + reader = new BufferedReader(new InputStreamReader(
> + new FileInputStream(trustSettings.getFile()), "UTF-8"));
> + while (true) {
> + String line = reader.readLine();
> + if (line == null)
> + break;
> + actions.add(line);
> + }
> + } finally {
> + if (reader != null) {
> + reader.close();
> + }
> + trustSettings.unlock();
> + }
> +
> + return actions;
> + }
> +
> + private static void writeActionEntryList(List<String> actions)
> + throws IOException {
> + LockedFile trustSettings = LockedFile
> + .getInstance(getAppletTrustSettingsPath());
> +
> + BufferedWriter writer = null;
> + trustSettings.lock();
> + try {
> + writer = new BufferedWriter(new OutputStreamWriter(
> + new FileOutputStream(trustSettings.getFile()), "UTF-8"));
> + for (String action : actions) {
> + writer.write(action);
> + writer.newLine();
> + }
> + writer.flush();
> + } finally {
> + if (writer != null) {
> + writer.close();
> + }
> + trustSettings.unlock();
> + }
> + }
> +
> + /* We make our best effort to be forwards-compatible with icedtea-web 1.4 */
> + private static String createActionEntryString(PluginBridge file,
> + ExecuteUnsignedApplet action) throws IOException,
> + URISyntaxException {
> + char actionChar = (action == ExecuteUnsignedApplet.ALWAYS) ? 'A' : 'N';
> +
> + return actionChar + " 1" /* placeholder for future compatibility with timestamp */
> + + " " + urlAsValidRegex(normalizeUrl(file.getSourceLocation()))
> + + " " + urlAsValidRegex(normalizeUrl(file.getCodeBase())) + " "
> + + createArchivesString(file.getArchiveJars());
> + }
> +
> + /* Create a comma separated list of the archives */
> + private static String createArchivesString(List<String> listOfArchives) {
> + StringBuilder sb = new StringBuilder();
> + for (int i = 0; i< listOfArchives.size(); i++) {
> + String string = listOfArchives.get(i);
> + if (string.trim().isEmpty()) {
> + continue;
> + }
> + sb.append(string);
> + if (i != listOfArchives.size() - 1) {
> + sb.append(",");
> + }
> + }
> + return sb.toString();
> + }
> +
> + /*
> + * This ensures the stored records are valid regexes, for
> + * forward-compatibility
> + */
> + private static String urlAsValidRegex(URL url) {
> + return "\\Q" + url.toExternalForm() + "\\E";
> + }
> +
> + /* Backported from ResourceTracker.normalizeUrl in icedtea-web 1.4 */
> + private static URL normalizeUrl(URL u) throws MalformedURLException,
> + UnsupportedEncodingException, URISyntaxException {
> + if (u == null) {
> + return null;
> + }
> + String protocol = u.getProtocol();
> +
> + if (protocol == null || "file".equals(protocol)) {
> + return u;
> + }
> +
> + if (u.getPath() == null) {
> + return u;
> + }
> +
> + // Decode the URL before encoding
> + URL decodedURL = new URL(URLDecoder.decode(u.toString(), "utf-8"));
> +
> + // Create URI with the decoded URL
> + URI uri = new URI(decodedURL.getProtocol(), null, decodedURL.getHost(),
> + decodedURL.getPort(), decodedURL.getPath(),
> + decodedURL.getQuery(), null);
> +
> + // Returns the encoded URL
> + URL encodedURL = new URL(uri.toASCIIString());
> +
> + return encodedURL;
> + }
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
> @@ -0,0 +1,96 @@
> +/* Copyright (C) 2013 Red Hat
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version. */
> +
> +package net.sourceforge.jnlp.security.appletextendedsecurity;
> +
> +import static net.sourceforge.jnlp.runtime.Translator.R;
> +import net.sourceforge.jnlp.LaunchException;
> +import net.sourceforge.jnlp.PluginBridge;
> +import net.sourceforge.jnlp.security.SecurityDialogs;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionStorage.ExecuteUnsignedApplet;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustSettings.AppletSecurityLevel;
> +
> +public class UnsignedAppletTrustConfirmation {
> +
> + private static boolean unsignedConfirmationIsRequired() {
> + // If we are using the 'high' security setting or higher, we must confirm
> + // if the user wishes to run unsigned applets (not applicable to JNLP-launched apps)
> + return !(AppletSecurityLevel.ALLOW_UNSIGNED == UnsignedAppletTrustSettings.getSecurityLevel());
> + }
> +
> + private static boolean unsignedAppletsAreForbidden() {
> + // If we are using the 'very high' security setting or higher, we do not
> + // run unsigned applets
> + return AppletSecurityLevel.DENY_UNSIGNED == UnsignedAppletTrustSettings.getSecurityLevel();
> + }
> +
> + public static void checkUnsignedWithUserIfRequired(PluginBridge file) throws LaunchException {
> +
> + if (unsignedAppletsAreForbidden()) {
> + throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedApplet"), R("LUnsignedAppletPolicyDenied"));
> + }
> +
> + if (!unsignedConfirmationIsRequired()) {
> + return;
> + }
> +
> + ExecuteUnsignedApplet storedAction = UnsignedAppletActionStorage.getStoredAction(file);
> +
> + boolean appletOK;
> +
> + if (storedAction == ExecuteUnsignedApplet.ALWAYS) {
> + appletOK = true;
> + } else if (storedAction == ExecuteUnsignedApplet.NEVER) {
> + appletOK = false;
> + } else {
> + // No remembered decision, prompt the user
> + ExecuteUnsignedApplet decidedAction = SecurityDialogs.showUnsignedWarningDialog(file);
> +
> + appletOK = (decidedAction == ExecuteUnsignedApplet.YES || decidedAction == ExecuteUnsignedApplet.ALWAYS);
> +
> + // Store any remembered actions
> + if (decidedAction == ExecuteUnsignedApplet.NEVER
> + || decidedAction == ExecuteUnsignedApplet.ALWAYS) {
> + UnsignedAppletActionStorage.storeAction(file, decidedAction);
> + }
> + }
> +
> + if (!appletOK) {
> + throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedApplet"), R("LUnsignedAppletUserDenied"));
> + }
> +
> + }
> +}
> \ No newline at end of file
> diff --git a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustSettings.java b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustSettings.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustSettings.java
> @@ -0,0 +1,69 @@
> +/* Copyright (C) 2013 Red Hat
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version. */
> +
> +package net.sourceforge.jnlp.security.appletextendedsecurity;
> +
> +import net.sourceforge.jnlp.config.DeploymentConfiguration;
> +import net.sourceforge.jnlp.runtime.JNLPRuntime;
> +
> +public class UnsignedAppletTrustSettings {
> + public enum AppletSecurityLevel {
> + ALLOW_UNSIGNED, ASK_UNSIGNED, DENY_UNSIGNED
> + }
> +
> + public static AppletSecurityLevel getDefaultSecurityLevel() {
> + return AppletSecurityLevel.ASK_UNSIGNED;
> + }
> +
> + public static AppletSecurityLevel getSecurityLevel(DeploymentConfiguration configuration) {
> + String securityLevel = configuration.getProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL);
> +
> + if (securityLevel == null) {
> + return getDefaultSecurityLevel();
> + }
> +
> + return AppletSecurityLevel.valueOf(securityLevel);
> + }
> +
> + public static AppletSecurityLevel getSecurityLevel() {
> + return getSecurityLevel(JNLPRuntime.getConfiguration());
> + }
> +
> + public static void setSecurityLevel(DeploymentConfiguration configuration, AppletSecurityLevel level) {
> + configuration.setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.name());
> + }
> +
> +}
> diff --git a/netx/net/sourceforge/jnlp/util/lockingfile/LockedFile.java b/netx/net/sourceforge/jnlp/util/lockingfile/LockedFile.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/util/lockingfile/LockedFile.java
> @@ -0,0 +1,147 @@
> +/*
> + Copyright (C) 2013 Red Hat, Inc.
> +
> + This file is part of IcedTea.
> +
> + IcedTea is free software; you can redistribute it and/or
> + modify it under the terms of the GNU General Public License as published by
> + the Free Software Foundation, version 2.
> +
> + IcedTea is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + General Public License for more details.
> +
> + You should have received a copy of the GNU General Public License
> + along with IcedTea; see the file COPYING. If not, write to
> + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> + 02110-1301 USA.
> +
> + Linking this library statically or dynamically with other modules is
> + making a combined work based on this library. Thus, the terms and
> + conditions of the GNU General Public License cover the whole
> + combination.
> +
> + As a special exception, the copyright holders of this library give you
> + permission to link this library with independent modules to produce an
> + executable, regardless of the license terms of these independent
> + modules, and to copy and distribute the resulting executable under
> + terms of your choice, provided that you also meet, for each linked
> + independent module, the terms and conditions of the license of that
> + module. An independent module is a module which is not derived from
> + or based on this library. If you modify this library, you may extend
> + this exception to your version of the library, but you are not
> + obligated to do so. If you do not wish to do so, delete this
> + exception statement from your version.
> + */
> +package net.sourceforge.jnlp.util.lockingfile;
> +
> +import java.io.File;
> +import java.io.IOException;
> +import java.io.RandomAccessFile;
> +import java.nio.channels.FileChannel;
> +import java.nio.channels.FileLock;
> +import java.util.Map;
> +import java.util.WeakHashMap;
> +import java.util.concurrent.locks.ReentrantLock;
> +
> +/*
> + * Process& thread locked access to a file. Creates file if it does not already exist.
> + */
> +public class LockedFile {
> +
> + // The file for access
> + private RandomAccessFile randomAccessFile;
> + private FileChannel fileChannel;
> + private File file;
> + // A file lock will protect against locks for multiple
> + // processes, while a thread lock is still needed within a single JVM.
> + private FileLock processLock = null;
> + private ReentrantLock threadLock = new ReentrantLock();
> + private boolean readOnly;
> +
> + private LockedFile(File file) {
> + this.file = file;
> + try {
> + //just try to create
> + this.file.createNewFile();
> + } catch (Exception ex) {
> + //intentionaly silent
> + }
> + if (!this.file.isFile()&& file.getParentFile() != null&& !file.getParentFile().canWrite()) {
> + readOnly = true;
> + } else {
> + this.readOnly = !file.canWrite();
> + if (!readOnly&& file.getParentFile() != null&& !file.getParentFile().canWrite()) {
> + readOnly = true;
> + }
> + }
> + }
> +
> + public boolean isReadOnly() {
> + return readOnly;
> + }
> + // Provide shared access to LockedFile's via weak map
> + static private final Map<File, LockedFile> instanceCache = new WeakHashMap<File, LockedFile>();
> +
> + /**
> + * Get a LockedFile for a given File. Ensures that we share the same
> + * instance for all threads
> + *
> + * @param file the file to lock
> + * @return a LockedFile instance
> + */
> + synchronized public static LockedFile getInstance(File file) {
> + if (!instanceCache.containsKey(file)) {
> + instanceCache.put(file, new LockedFile(file));
> + }
> +
> + return instanceCache.get(file);
> + }
> +
> + /**
> + * Get the file being locked.
> + *
> + * @return the file
> + */
> + public File getFile() {
> + return file;
> + }
> +
> + /**
> + * Lock access to the file. Lock is reentrant.
> + */
> + public void lock() throws IOException {
> + // Create if does not already exist, cannot lock non-existing file
> +
> + this.threadLock.lock();
> +
> + if (this.processLock != null) {
> + return;
> + }
> +
> + if (!isReadOnly()) {
> + this.file.createNewFile();
> + this.randomAccessFile = new RandomAccessFile(this.file, isReadOnly() ? "r" : "rws");
> + this.fileChannel = randomAccessFile.getChannel();
> + this.processLock = this.fileChannel.lock();
> + }
> + }
> +
> + /**
> + * Unlock access to the file. Lock is reentrant.
> + */
> + public void unlock() throws IOException {
> + boolean releaseProcessLock = (this.threadLock.getHoldCount() == 1);
> + try {
> + if (releaseProcessLock&& this.processLock != null) {
> + this.processLock.release();
> + this.randomAccessFile.close();
> + this.fileChannel.close();
> + this.processLock = null;
> + }
> + } finally {
> + this.threadLock.unlock();
> + }
> + }
> +}
> \ No newline at end of file
More information about the distro-pkg-dev
mailing list