From bugzilla-daemon at icedtea.classpath.org Sat Mar 1 00:39:07 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 01 Mar 2014 08:39:07 +0000 Subject: [Bug 1689] New: Java crashes everytime I attempt to run a junit test within eclipse Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689 Bug ID: 1689 Summary: Java crashes everytime I attempt to run a junit test within eclipse Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: GCJWebPlugin Assignee: dbhole at redhat.com Reporter: mjoh44 at yahoo.com CC: unassigned at icedtea.classpath.org Created attachment 1033 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1033&action=edit this is the report produced again and again (I've 6 of these stored up now) all tests are set to fail except one and I don't yet have an assert in it. It most surely has errors which I was hoping to start fixing but I can never get to the detailed error screen because java crashes every time I run the file and it consistently produces the error in the attached file. Env = Kepler on Ubuntu 13.10 the jvm is 7.5.1 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/9feceae3/attachment-0001.html From bugzilla-daemon at icedtea.classpath.org Sat Mar 1 00:40:55 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 01 Mar 2014 08:40:55 +0000 Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test within eclipse In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689 Marc Johnson changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 |P1 Component|GCJWebPlugin |JamVM Version|unspecified |7-1.5 Assignee|dbhole at redhat.com |xerxes at zafena.se Severity|enhancement |blocker -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/50f28c64/attachment.html From stefan at complang.tuwien.ac.at Sat Mar 1 00:47:59 2014 From: stefan at complang.tuwien.ac.at (Stefan Ring) Date: Sat, 1 Mar 2014 09:47:59 +0100 Subject: building icedtea-7 on ARM In-Reply-To: References: <1241533863.7170362.1392994965027.JavaMail.zimbra@redhat.com> <1221527868.7353353.1393018267203.JavaMail.zimbra@redhat.com> <2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com> <1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com> Message-ID: On Fri, Feb 28, 2014 at 4:33 PM, Grant wrote: >> You're right, sorry. I deleted and re-added the java overlay and >> tried again but it fails with: > > > Is this compiling for anyone else on ARM? Any idea on my error? > > [javac] Exception in thread "main" java.lang.NoSuchMethodError: > java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale; Current icedtea7 builds for me on both Fedora (17, softfloat) and Ubuntu (quantal, hardfloat) without troubles, but I don?t know anything about Gentoo. From bugzilla-daemon at icedtea.classpath.org Sat Mar 1 00:54:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 01 Mar 2014 08:54:05 +0000 Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test within eclipse In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689 --- Comment #1 from Marc Johnson --- A few more details. It's not my code at all. I commented out the one method for the the class under testing so none were implemented and it still failed. I further had a private class in the test file that I commented out as well, so essentially the junit 4 class is just a few stubs and the error is still hapenning. I have a different file under test with nothing but stubs and it too crashes. I am using the standard junit tester on eclipse even though this is an android project. right now I'm testing underlying logic written only in java that doesn't access any part of the dalvik code (there is some in the class under test but this is strictly java code with imports below import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.IOException; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Date; import com.pastelplanet.playmyday.framework.FileIO; The FileIO implementation within the project has an Android implementation but is itself an interface, so I created the private generic java implementation and there were no code errors/warnings to speak of. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/6d2142c3/attachment.html From yasu at ysfactory.dip.jp Sat Mar 1 06:07:06 2014 From: yasu at ysfactory.dip.jp (Yasumasa Suenaga) Date: Sat, 01 Mar 2014 23:07:06 +0900 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <53112019.9050504@oracle.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> Message-ID: <5311E98A.1020004@ysfactory.dip.jp> Hi David, > 1. Generating debug symbols in the binaries (via gcc -g or whatever) > 2. Generating debuginfo files (zipped or not) (FDS) > 3. Stripping debug symbols from the binaries (strip-policy) > > It may be that we don't have clean separation between them, and if so > that should be fixed, but I don't see the current proposal as the way > forward. Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not generated. SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. > Also there may well be differences between how things are handled on the > JDK side and hotspot side. libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make . Other native library is built with make/common/NativeCompilation.gmk . Additionally strip command is executed in "image" target which is defined in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries which are contained in JDK/JRE images are stripped when we execute "images" or "all" target. So I change: 1. Separating to add "-g" option to compiler from executing objcopy. 2. jdk/make/Images.gmk regards STRIP_POLICY. As I mentioned earlier, this issue is related to RPM. So I hope to fix it before JDK8 GA is released. Thanks, Yasumasa On 2014/03/01 8:47, David Holmes wrote: > On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote: >>> The proper way to fix this is to disable FDS. >> >> Does this mean I have to pass --disable-debug-symbols to configure ? >> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols >> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate >> debuginfo. > > There are three pieces to all of this: > > 1. Generating debug symbols in the binaries (via gcc -g or whatever) > 2. Generating debuginfo files (zipped or not) (FDS) > 3. Stripping debug symbols from the binaries (strip-policy) > > It may be that we don't have clean separation between them, and if so > that should be fixed, but I don't see the current proposal as the way > forward. > > Also there may well be differences between how things are handled on the > JDK side and hotspot side. > > I will try to look closer if I get a chance but my time is limited at > the moment. > > David > >> >> Thanks, >> >> Yasumasa >> >> >> On 2014/02/28 23:04, Daniel D. Daugherty wrote: >>> The proper way to fix this is to disable FDS. We should not need >>> yet another option to control debug info. >>> >>> Dan >>> >>> >>> On 2/28/14 4:13 AM, David Holmes wrote: >>>> Hi, >>>> >>>> As I put in the bug report this seems way too complicated. Seems to me >>>> all you need to do to get what you want is not use FDS and not strip the >>>> symbols from the binary. The former is trivial. The latter is more >>>> awkward as the strip policy stuff does not work as I would want it to >>>> work, but still doable. >>>> >>>> David >>>> >>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote: >>>>> Hi all, >>>>> >>>>> >>>>> Currently, configure script can accept --disable-debug-symbols and >>>>> --disable-zip-debug-info as controlling to generate debug information. >>>>> However, current makefiles cannot build ELF binaries which is contained >>>>> debug information with "images" target. >>>>> >>>>> Some Linux distros use RPM as package manager. >>>>> RPM is built by rpmbuild command, it strips symbols and debug information >>>>> during to generate rpm packages. >>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo >>>>> >>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo . >>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not >>>>> contain debug information. Actual debug information is shipped by OpenJDK >>>>> debuginfo package. >>>>> This packaging is important when we have to debug JVM/JNI libraries. >>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires >>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is >>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section >>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain >>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location. >>>>> >>>>> >>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries >>>>> which contain all debug information. we should not to separate debug information. >>>>> >>>>> >>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" . >>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not >>>>> execute objcopy command for generating debuginfo binaries. >>>>> >>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments >>>>> of make command. Or ELF binaries will be stripped. >>>>> >>>>> >>>>> I've uploaded webrev for this enhancement. >>>>> This is separated 3-part: top of forest, hotspot, jdk >>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/ >>>>> >>>>> Please review it and sponsoring! >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> Yasumasa >>>>> >>>>> >>>>> P.S. >>>>> I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like >>>>> "--disable-separated-debug-info" . >>>>> I ran configure which is located at jdk9/dev directory after I ran autoconf >>>>> and common/autoconf/autogen.sh. However it failed. >>>>> >>>>> I guess this is caused by changeset as below. >>>>> JDK-8035495: Improvements in autoconf integration >>>>> http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4 >>>>> >>>>> This changes add "CHECKME" option to configure script. However, this changes >>>>> affects "configure" only. It should change "configure.ac" . >>>>> >>> >> > From gnu.andrew at redhat.com Sat Mar 1 08:56:48 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Sat, 1 Mar 2014 11:56:48 -0500 (EST) Subject: building icedtea-7 on ARM In-Reply-To: References: <2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com> <1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com> Message-ID: <259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com> ----- Original Message ----- > >>> >>> Should the PAX issue be fixed in HEAD? > >>> >>> > >>> >>> - Grant > >>> >>> > >>> >> > >>> >> Should be now if you update. > >>> > > >>> > > >>> > I get the following: > >>> > >>> I just noticed the icedtea-7.9999.ebuild has been updated so I'm > >>> trying that now. I get the following error from the ebuild: > >>> > >>> !!! A file is not listed in the Manifest: > >>> '/var/lib/layman/java/dev-java/icedtea/files/openjdk6-prefer_source.patch' > >>> > >>> But the fix is easy: > >>> > >>> # ebuild icedtea-7.9999.ebuild manifest > >>> > >> > >> There's no such file... > > > > > > You're right, sorry. I deleted and re-added the java overlay and > > tried again but it fails with: > > > Is this compiling for anyone else on ARM? Any idea on my error? > > [javac] Exception in thread "main" java.lang.NoSuchMethodError: > java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale; > > - Grant > > > > [echo] +---------------------------------------+ > > [echo] + Starting ant project jaxws + > > [echo] +---------------------------------------+ > > > > -javac-jar-exists: > > > > sanity: > > [echo] Sanity Settings: > > [echo] ant.home=/usr/share/ant-core > > [echo] ant.version=Apache Ant(TM) version 1.9.1 compiled on > > February 20 2014 > > [echo] ant.java.version=1.6 > > [echo] java.home=/usr/lib/icedtea6/jre > > [echo] java.version=1.6.0_29 > > [echo] os.name=Linux > > [echo] os.arch=arm > > [echo] os.version=3.13.3-gentoo > > [echo] > > bootstrap.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/bootstrap > > [echo] > > javac.jar=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/bootstrap/lib/javac.jar > > [echo] > > langtools.jar=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/lib/classes.jar > > [echo] javac.memoryInitialSize=256m > > [echo] javac.memoryMaximumSize=512m > > [echo] javac.source=7 > > [echo] javac.debug=true > > [echo] javac.target=7 > > [echo] javac.version.opt= > > [echo] javac.lint.opts= > > [echo] javac.no.jdk.warnings=-XDignore.symbol.file=true > > [echo] > > output.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws > > [echo] > > build.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build > > [echo] > > dist.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist > > [echo] > > jdk.topdir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jdk > > [echo] > > jdk.gensrcdir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/generated.build > > [echo] > > > > init: > > [mkdir] Created dir: > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build > > [mkdir] Created dir: > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build/classes > > [mkdir] Created dir: > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist > > [mkdir] Created dir: > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist/lib > > > > compile: > > [javac] Compiling 2749 source files to > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build/classes > > [javac] Exception in thread "main" java.lang.NoSuchMethodError: > > java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale; > > [javac] at java.text.MessageFormat.(MessageFormat.java:362) > > [javac] at java.text.MessageFormat.format(MessageFormat.java:835) > > [javac] at > > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:200) > > [javac] at > > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:141) > > [javac] at > > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:135) > > [javac] at > > com.sun.tools.javac.main.Main.getLocalizedString(Main.java:585) > > [javac] at com.sun.tools.javac.main.Main.bugMessage(Main.java:503) > > [javac] at com.sun.tools.javac.main.Main.compile(Main.java:484) > > [javac] at com.sun.tools.javac.main.Main.compile(Main.java:353) > > [javac] at com.sun.tools.javac.main.Main.compile(Main.java:342) > > [javac] at com.sun.tools.javac.main.Main.compile(Main.java:333) > > [javac] at com.sun.tools.javac.Main.compile(Main.java:76) > > [javac] at com.sun.tools.javac.Main.main(Main.java:61) > > > > BUILD FAILED > > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jaxws/build.xml:155: > > Compile failed; see the compiler error output for details. > > > > Total time: 9 minutes 2 seconds > > make[4]: *** [all] Error 1 > > make[4]: Leaving directory > > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jaxws/make' > > make[3]: *** [jaxws-build] Error 2 > > make[3]: Leaving directory > > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot' > > make[2]: *** [build_product_image] Error 2 > > make[2]: Leaving directory > > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot' > > make[1]: *** [jdk_only] Error 2 > > make[1]: Leaving directory > > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot' > > make: *** [stamps/icedtea-boot.stamp] Error 2 > > > > - Grant > I think this may be related to the build VM. I'll try and replicate it next week, but in the meantime, you could try using JAVA_PKG_FORCE_VM=gcj-jdk. -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From emailgrant at gmail.com Sat Mar 1 13:42:55 2014 From: emailgrant at gmail.com (Grant) Date: Sat, 1 Mar 2014 13:42:55 -0800 Subject: building icedtea-7 on ARM In-Reply-To: <259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com> References: <2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com> <1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com> <259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com> Message-ID: >> Is this compiling for anyone else on ARM? Any idea on my error? >> >> [javac] Exception in thread "main" java.lang.NoSuchMethodError: >> java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale; >> > I think this may be related to the build VM. I'll try and replicate it next week, > but in the meantime, you could try using JAVA_PKG_FORCE_VM=gcj-jdk. I think that worked but now I'm back to an error I recognize from previously. Should the ebuild in Gentoo's java overlay be up to date and working? Here's the error: touch stamps/add-tzdata-support-boot.stamp mkdir -p /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/bootstrap/jdk1.6.0/bin/javac -g -encoding utf-8 -source 7 -target 7 \ -d /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build ./TestCryptoLevel.java Annotation processing got disabled, since it requires a 1.6 compliant JVM mkdir -p stamps touch stamps/cryptocheck.stamp if [ -e /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/j2sdk-image/bin/java ] ; then \ /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/j2sdk-image/bin/java -cp /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build TestCryptoLevel ; \ fi Exception in thread "main" java.lang.NullPointerException at java.lang.Throwable.fillInStackTrace(Throwable.java:783) at java.lang.Throwable.(Throwable.java:250) at java.lang.Exception.(Exception.java:54) at java.lang.RuntimeException.(RuntimeException.java:51) at java.lang.NullPointerException.(NullPointerException.java:60) at TestCryptoLevel.main(TestCryptoLevel.java:46) make: *** [stamps/check-crypto-boot.stamp] Error 1 - Grant From bugzilla-daemon at icedtea.classpath.org Sat Mar 1 19:53:13 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sun, 02 Mar 2014 03:53:13 +0000 Subject: [Bug 1690] New: runescape autosetup crashes Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1690 Bug ID: 1690 Summary: runescape autosetup crashes Product: IcedTea Version: unspecified Hardware: 64-bit OS: Linux Status: NEW Severity: normal Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: eric.13246 at gmail.com CC: unassigned at icedtea.classpath.org Created attachment 1034 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1034&action=edit Log file of Java after a crash After an update of the game, the Auto Setup (for graphics and the likes) stopped working correctly for me. I'm on Linux Mint 16 with Firefox 27.0.1 and with the following version of Java ("java -version" response): java version "1.7.0_51" OpenJDK Runtime Environment (IcedTea 2.4.4) (7u51-2.4.4-0ubuntu0.13.10.1) OpenJDK 64-Bit Server VM (build 24.45-b08, mixed mode) Before the update of the game (or of Java, I'm not sure), the Autosetup worked fine. It was asked the first time I started the game and the graphics were setup correctly. Now the game asks me to Autosetup every time I start it and it often crashes on the first and second try. On the third time, the game doesn't crash, but the graphics are set to the lowest level. After Autosetup, the game is set to use OpenGL for graphics. Now, it defaults to Software, a very slow alternative. The problem can be reproduced (well, on my machine at least). Here's what I'm doing (you have to be on Linux to reproduce this): 1. Go on www.runescape.com/game 2. Wait for the game to fetch updates. 3. On first run, the game will ask you to click the Auto Setup button. Click it. 4. At this point, the game either loads properly or freezes Firefox. In my case, Firefox freezes and I can't do anything else but the "killall firefox" command. I included a log file of Java to help with finding the bug (if there is any). Since I'm not sure where the problem comes from, I hope you can excuse me if the problem is not coming from Java or IcedTea. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140302/d5131513/attachment.html From yasu at ysfactory.dip.jp Sun Mar 2 06:01:10 2014 From: yasu at ysfactory.dip.jp (Yasumasa Suenaga) Date: Sun, 02 Mar 2014 23:01:10 +0900 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> Message-ID: <531339A6.3050806@ysfactory.dip.jp> HI Mike, > - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info : > 1. Compile source files with some form of "-g" > 2. Create separate debug files for object files. > 3. Strip object files. > 4. Add gnu_debuglink to object files. > 5. Link library or executable which should carry along links to debuginfo. > 6a. Debugging, testing, profiling, etc. by developers. > 6b. Packaging for program bits and debuginfo. > 7. Testing and Use. rpmbuild will execute 2 to 4 implicitly, Modern ELF binary has .note.gnu.build-id section. Debugging tools (e.g. GDB and SA in JDK) use this section for finding debuginfo files. If OpenJDK8 which is shipped by RPM is crashed and we want to analyze core image, we have to merge debuginfo and executable at first (e.g. eu-unstrip command). GDB and SA can find valid debuginfo through .note.gnu.debug-id or .gnu_debuglink section. But these tools can find /usr/lib/debug//.debug . They are cannot find *.debuginfo which are made by makefiles in OpenJDK tree. Yasumasa On 2014/03/02 8:08, Mike Duigou wrote: > > On Mar 1 2014, at 06:07 , Yasumasa Suenaga wrote: > >> Hi David, >> >>> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >>> 2. Generating debuginfo files (zipped or not) (FDS) >>> 3. Stripping debug symbols from the binaries (strip-policy) >>> >>> It may be that we don't have clean separation between them, and if so >>> that should be fixed, but I don't see the current proposal as the way >>> forward. >> >> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not >> generated. >> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. > > I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else. > > Some comments: > > - Are there important tools that cannot deal with external debuginfo files? If we can put debuginfo into external files why would we ever want unstripped binaries? Is strip policy really necessary? Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything. > > Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files. > > - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info : > 1. Compile source files with some form of "-g" > 2. Create separate debug files for object files. > 3. Strip object files. > 4. Add gnu_debuglink to object files. > 5. Link library or executable which should carry along links to debuginfo. > 6a. Debugging, testing, profiling, etc. by developers. > 6b. Packaging for program bits and debuginfo. > 7. Testing and Use. > > Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process? > > - Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated. > > There are four basic alternatives for levels of debug info: > 1. (-g0) No debug info whatsoever. > Only exported functions and globals will have names. > 2. (-g1) Abbreviated debug info. > All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces. > 3. (-g) Default debugging info. > Adds macro expansions and local variable names. Suitable for source level debugging. > 4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info. > Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option. > > Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components. > > - Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms? > >> So I change: >> >> 1. Separating to add "-g" option to compiler from executing objcopy. >> 2. jdk/make/Images.gmk regards STRIP_POLICY. >> >> >> As I mentioned earlier, this issue is related to RPM. >> So I hope to fix it before JDK8 GA is released. > > This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20). > > Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process. > > Mike From bugzilla-daemon at icedtea.classpath.org Sun Mar 2 16:21:46 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 03 Mar 2014 00:21:46 +0000 Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20 64-bit plus Firefox 27 In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687 Thomas Fitzsimmons changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fitzsim at fitzsim.org --- Comment #4 from Thomas Fitzsimmons --- Do these workarounds make WebEx work for you? http://negativo17.org/enabling-cisco-webex-in-fedora-19-x86_64-and-i686/ They worked for me on Fedora 18 i686. Unfortunately, I didn't track the IcedTea-Web and WebEx versions precisely, but from what I remember I had WebEx working fine, then recently (late January 2014) it stopped loading with a similar exception to the one you pasted, and the above-linked workarounds fixed it. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/415dfc45/attachment.html From david.holmes at oracle.com Sun Mar 2 20:39:23 2014 From: david.holmes at oracle.com (David Holmes) Date: Mon, 03 Mar 2014 14:39:23 +1000 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <5311E98A.1020004@ysfactory.dip.jp> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> Message-ID: <5314077B.9060908@oracle.com> Hi, On 2/03/2014 12:07 AM, Yasumasa Suenaga wrote: > Hi David, > >> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >> 2. Generating debuginfo files (zipped or not) (FDS) >> 3. Stripping debug symbols from the binaries (strip-policy) >> >> It may be that we don't have clean separation between them, and if so >> that should be fixed, but I don't see the current proposal as the way >> forward. > > Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not > generated. Okay. That would seem potentially inconvenient but not really critical. You simply enable FDS (the mere existence of the debuginfo files "shouldn't" cause a problem). Then you only need to address #3 - strip-policy. > SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. > > >> Also there may well be differences between how things are handled on the >> JDK side and hotspot side. > > libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make . > Other native library is built with make/common/NativeCompilation.gmk . > > Additionally strip command is executed in "image" target which is defined > in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries > which are contained in JDK/JRE images are stripped when we execute "images" > or "all" target. strip is also applied to the JVM libraries as part of the hotspot build. What occurs in the JDK "images" is additional to that.The hotspot build honors the STRIP_POLICY. It appears that STRIP_POLICY is not considered in the new build, though it was for the old. But perhaps I'm missing it somewhere in the autoconf settings? That aside it seems that you should be able to set POST_STRIP_CMD to "" avoid stripping. Moving forward I think we would need to expose the strip-policy via a configure option and have that pass STRIP_POLICY through to both hotspot and the Images target. > > So I change: > > 1. Separating to add "-g" option to compiler from executing objcopy. > 2. jdk/make/Images.gmk regards STRIP_POLICY. > > > As I mentioned earlier, this issue is related to RPM. > So I hope to fix it before JDK8 GA is released. As Mike said there is no chance of any changes to this getting into 8 GA. But if these are your own builds I'm not sure that is an issue anyway. That said, as per the above I think you can achieve what you want by enabling FDS but set STRIP_POLICY to none, and set POST_STRIP_CMD to empty. Thanks, David > > Thanks, > > Yasumasa > > > On 2014/03/01 8:47, David Holmes wrote: >> On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote: >>>> The proper way to fix this is to disable FDS. >>> >>> Does this mean I have to pass --disable-debug-symbols to configure ? >>> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols >>> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate >>> debuginfo. >> >> There are three pieces to all of this: >> >> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >> 2. Generating debuginfo files (zipped or not) (FDS) >> 3. Stripping debug symbols from the binaries (strip-policy) >> >> It may be that we don't have clean separation between them, and if so >> that should be fixed, but I don't see the current proposal as the way >> forward. >> >> Also there may well be differences between how things are handled on the >> JDK side and hotspot side. >> >> I will try to look closer if I get a chance but my time is limited at >> the moment. >> >> David >> >>> >>> Thanks, >>> >>> Yasumasa >>> >>> >>> On 2014/02/28 23:04, Daniel D. Daugherty wrote: >>>> The proper way to fix this is to disable FDS. We should not need >>>> yet another option to control debug info. >>>> >>>> Dan >>>> >>>> >>>> On 2/28/14 4:13 AM, David Holmes wrote: >>>>> Hi, >>>>> >>>>> As I put in the bug report this seems way too complicated. Seems to me >>>>> all you need to do to get what you want is not use FDS and not strip the >>>>> symbols from the binary. The former is trivial. The latter is more >>>>> awkward as the strip policy stuff does not work as I would want it to >>>>> work, but still doable. >>>>> >>>>> David >>>>> >>>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote: >>>>>> Hi all, >>>>>> >>>>>> >>>>>> Currently, configure script can accept --disable-debug-symbols and >>>>>> --disable-zip-debug-info as controlling to generate debug information. >>>>>> However, current makefiles cannot build ELF binaries which is contained >>>>>> debug information with "images" target. >>>>>> >>>>>> Some Linux distros use RPM as package manager. >>>>>> RPM is built by rpmbuild command, it strips symbols and debug information >>>>>> during to generate rpm packages. >>>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo >>>>>> >>>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo . >>>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not >>>>>> contain debug information. Actual debug information is shipped by OpenJDK >>>>>> debuginfo package. >>>>>> This packaging is important when we have to debug JVM/JNI libraries. >>>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires >>>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is >>>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section >>>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain >>>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location. >>>>>> >>>>>> >>>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries >>>>>> which contain all debug information. we should not to separate debug information. >>>>>> >>>>>> >>>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" . >>>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not >>>>>> execute objcopy command for generating debuginfo binaries. >>>>>> >>>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments >>>>>> of make command. Or ELF binaries will be stripped. >>>>>> >>>>>> >>>>>> I've uploaded webrev for this enhancement. >>>>>> This is separated 3-part: top of forest, hotspot, jdk >>>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/ >>>>>> >>>>>> Please review it and sponsoring! >>>>>> >>>>>> >>>>>> Thanks, >>>>>> >>>>>> Yasumasa >>>>>> >>>>>> >>>>>> P.S. >>>>>> I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like >>>>>> "--disable-separated-debug-info" . >>>>>> I ran configure which is located at jdk9/dev directory after I ran autoconf >>>>>> and common/autoconf/autogen.sh. However it failed. >>>>>> >>>>>> I guess this is caused by changeset as below. >>>>>> JDK-8035495: Improvements in autoconf integration >>>>>> http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4 >>>>>> >>>>>> This changes add "CHECKME" option to configure script. However, this changes >>>>>> affects "configure" only. It should change "configure.ac" . >>>>>> >>>> >>> >> > From jvanek at redhat.com Sun Mar 2 23:39:13 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 03 Mar 2014 08:39:13 +0100 Subject: [icedtea-web] RFC: PR1676: Add useLegacyMergeSort to JNLP properties In-Reply-To: <20140228183830.GD1965@redhat.com> References: <20140228183830.GD1965@redhat.com> Message-ID: <531431A1.20709@redhat.com> On 02/28/2014 07:38 PM, Omair Majid wrote: > Hi, > > The attached patch is a one-line fix for PR1676 [1]. It adds > java.util.Arrays.useLegacyMergeSort to the list of secure properties > that all applications can read or write to. This property is used for > application compatibility with Java 6. > > Any comments or suggestions? > > Thanks, > Omair > > [1] http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1676 > Should be ok. Feel free to backport to 1.4 too if you wont. Thanx! J. From jvanek at redhat.com Sun Mar 2 23:51:45 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 03 Mar 2014 08:51:45 +0100 Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times In-Reply-To: <20140228230710.GA18442@redhat.com> References: <20140228230710.GA18442@redhat.com> Message-ID: <53143491.7020802@redhat.com> On 03/01/2014 12:07 AM, Omair Majid wrote: > Hi, > > The attached patch is a fix for PR857. The idea is quite simple: make > sure UIManager.setLookAndFeel() is called at most once (and ideally > exactly once) before any UI is shown. > > There are a few code paths that can cause UIManager.setLookAndFell to be > invoked multiple times: > > - AboutDialog (only on entry from a class other than Boot) > - SecurityDialog > - PolicyEditor (only on entry from ControlPanel) > > CertificateViewer calls JNLPRuntime.initialize() which already calls > UIManager.setLookAndFeel. So I have removed the direct call from > CertificateViewer. > > Also, JNLPRuntime.initialize currently calls setLookAndFeel after > displaying a JavaConsole. This is alos fixed. > > Thoughts? > ouch, that an old one! However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff - (the confirmed one) is quite different, why so? Also " Don't set look and feel multiple times" do not sound proper to me, it is still set two times. Can't there be only one place to do so? There *should* be. I'm sometimes thinking about one clear way where to do all preinit work common for both plugin and javaws.... Although this is copypaste: + } catch (Exception e) { + // if it fails, not a problem + } I would rather log the exception. and althoug this is c&p to, + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); + } + I would ratehr log this exception in debug only (default) =? - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); + OutputController.getLogger().log(e); Thanx! J. From aph at redhat.com Mon Mar 3 01:41:33 2014 From: aph at redhat.com (Andrew Haley) Date: Mon, 03 Mar 2014 09:41:33 +0000 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> Message-ID: <53144E4D.8080606@redhat.com> On 02/28/2014 09:18 AM, Yasumasa Suenaga wrote: > For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo . > libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not > contain debug information. Actual debug information is shipped by OpenJDK > debuginfo package. That's a bug in Fedora's build. We should fix it. Andrew. From aph at redhat.com Mon Mar 3 01:46:38 2014 From: aph at redhat.com (Andrew Haley) Date: Mon, 03 Mar 2014 09:46:38 +0000 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> Message-ID: <53144F7E.5000105@redhat.com> On 03/01/2014 11:08 PM, Mike Duigou wrote: > Do I understand correctly that rpmbuild can only deal with > unstripped binaries and generates the stripped rpm package and > debuginfo package. Exactly. OpenJDK generating separate debuginfo files is very inconvenient for RPM builds. > It sounds kind of strange that find-debuginfo.sh wouldn't be able to > use already generated debuginfo files. The OpenJDK build can't have any idea of what debuginfo files the distro runtime requires, and indeed this may change. There is more than one mechanism for finding debuginfo. Separating debuginfo is not something that we want the OpenJDK build to do, and the most useful thing that we could have is a switch to turn all of OpenJDK's stripping and separate debuginfo off. I expect the same applies to all distros. Andrew. From yasu at ysfactory.dip.jp Mon Mar 3 04:04:51 2014 From: yasu at ysfactory.dip.jp (Yasumasa Suenaga) Date: Mon, 03 Mar 2014 21:04:51 +0900 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <5314077B.9060908@oracle.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> <5314077B.9060908@oracle.com> Message-ID: <53146FE3.9040205@ysfactory.dip.jp> Hi David, > Moving forward I think we would need to expose the strip-policy via a > configure option and have that pass STRIP_POLICY through to both hotspot > and the Images target. I want you to do so :-) Additionally, >>> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >>> 2. Generating debuginfo files (zipped or not) (FDS) >>> 3. Stripping debug symbols from the binaries (strip-policy) I think that FDS should be separated 1 from 2. That is more useful for building OpenJDK. > That said, as per the above I think you can achieve what you > want by enabling FDS but set STRIP_POLICY to none, and set > POST_STRIP_CMD to empty. I tried: $ make images STRIP_POLICY=no_strip POST_STRIP_CMD="" I was able to get binaries which is included debug information. Thanks, Yasumasa On 2014/03/03 13:39, David Holmes wrote: > Hi, > > On 2/03/2014 12:07 AM, Yasumasa Suenaga wrote: >> Hi David, >> >>> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >>> 2. Generating debuginfo files (zipped or not) (FDS) >>> 3. Stripping debug symbols from the binaries (strip-policy) >>> >>> It may be that we don't have clean separation between them, and if so >>> that should be fixed, but I don't see the current proposal as the way >>> forward. >> >> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not >> generated. > > Okay. That would seem potentially inconvenient but not really critical. > You simply enable FDS (the mere existence of the debuginfo files > "shouldn't" cause a problem). Then you only need to address #3 - > strip-policy. > >> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. >> >> >>> Also there may well be differences between how things are handled on the >>> JDK side and hotspot side. >> >> libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make . >> Other native library is built with make/common/NativeCompilation.gmk . >> >> Additionally strip command is executed in "image" target which is defined >> in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries >> which are contained in JDK/JRE images are stripped when we execute "images" >> or "all" target. > > strip is also applied to the JVM libraries as part of the hotspot build. > What occurs in the JDK "images" is additional to that.The hotspot build > honors the STRIP_POLICY. > > It appears that STRIP_POLICY is not considered in the new build, though > it was for the old. But perhaps I'm missing it somewhere in the autoconf > settings? That aside it seems that you should be able to set > POST_STRIP_CMD to "" avoid stripping. > > Moving forward I think we would need to expose the strip-policy via a > configure option and have that pass STRIP_POLICY through to both hotspot > and the Images target. > >> >> So I change: >> >> 1. Separating to add "-g" option to compiler from executing objcopy. >> 2. jdk/make/Images.gmk regards STRIP_POLICY. >> >> >> As I mentioned earlier, this issue is related to RPM. >> So I hope to fix it before JDK8 GA is released. > > As Mike said there is no chance of any changes to this getting into 8 > GA. But if these are your own builds I'm not sure that is an issue > anyway. That said, as per the above I think you can achieve what you > want by enabling FDS but set STRIP_POLICY to none, and set > POST_STRIP_CMD to empty. > > Thanks, > David > >> >> Thanks, >> >> Yasumasa >> >> >> On 2014/03/01 8:47, David Holmes wrote: >>> On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote: >>>>> The proper way to fix this is to disable FDS. >>>> >>>> Does this mean I have to pass --disable-debug-symbols to configure ? >>>> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols >>>> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate >>>> debuginfo. >>> >>> There are three pieces to all of this: >>> >>> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >>> 2. Generating debuginfo files (zipped or not) (FDS) >>> 3. Stripping debug symbols from the binaries (strip-policy) >>> >>> It may be that we don't have clean separation between them, and if so >>> that should be fixed, but I don't see the current proposal as the way >>> forward. >>> >>> Also there may well be differences between how things are handled on the >>> JDK side and hotspot side. >>> >>> I will try to look closer if I get a chance but my time is limited at >>> the moment. >>> >>> David >>> >>>> >>>> Thanks, >>>> >>>> Yasumasa >>>> >>>> >>>> On 2014/02/28 23:04, Daniel D. Daugherty wrote: >>>>> The proper way to fix this is to disable FDS. We should not need >>>>> yet another option to control debug info. >>>>> >>>>> Dan >>>>> >>>>> >>>>> On 2/28/14 4:13 AM, David Holmes wrote: >>>>>> Hi, >>>>>> >>>>>> As I put in the bug report this seems way too complicated. Seems to me >>>>>> all you need to do to get what you want is not use FDS and not strip the >>>>>> symbols from the binary. The former is trivial. The latter is more >>>>>> awkward as the strip policy stuff does not work as I would want it to >>>>>> work, but still doable. >>>>>> >>>>>> David >>>>>> >>>>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote: >>>>>>> Hi all, >>>>>>> >>>>>>> >>>>>>> Currently, configure script can accept --disable-debug-symbols and >>>>>>> --disable-zip-debug-info as controlling to generate debug information. >>>>>>> However, current makefiles cannot build ELF binaries which is contained >>>>>>> debug information with "images" target. >>>>>>> >>>>>>> Some Linux distros use RPM as package manager. >>>>>>> RPM is built by rpmbuild command, it strips symbols and debug information >>>>>>> during to generate rpm packages. >>>>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo >>>>>>> >>>>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo . >>>>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not >>>>>>> contain debug information. Actual debug information is shipped by OpenJDK >>>>>>> debuginfo package. >>>>>>> This packaging is important when we have to debug JVM/JNI libraries. >>>>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires >>>>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is >>>>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section >>>>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain >>>>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location. >>>>>>> >>>>>>> >>>>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries >>>>>>> which contain all debug information. we should not to separate debug information. >>>>>>> >>>>>>> >>>>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" . >>>>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not >>>>>>> execute objcopy command for generating debuginfo binaries. >>>>>>> >>>>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments >>>>>>> of make command. Or ELF binaries will be stripped. >>>>>>> >>>>>>> >>>>>>> I've uploaded webrev for this enhancement. >>>>>>> This is separated 3-part: top of forest, hotspot, jdk >>>>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/ >>>>>>> >>>>>>> Please review it and sponsoring! >>>>>>> >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Yasumasa >>>>>>> >>>>>>> >>>>>>> P.S. >>>>>>> I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like >>>>>>> "--disable-separated-debug-info" . >>>>>>> I ran configure which is located at jdk9/dev directory after I ran autoconf >>>>>>> and common/autoconf/autogen.sh. However it failed. >>>>>>> >>>>>>> I guess this is caused by changeset as below. >>>>>>> JDK-8035495: Improvements in autoconf integration >>>>>>> http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4 >>>>>>> >>>>>>> This changes add "CHECKME" option to configure script. However, this changes >>>>>>> affects "configure" only. It should change "configure.ac" . >>>>>>> >>>>> >>>> >>> >> > From yasu at ysfactory.dip.jp Mon Mar 3 04:04:59 2014 From: yasu at ysfactory.dip.jp (Yasumasa Suenaga) Date: Mon, 03 Mar 2014 21:04:59 +0900 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <53144F7E.5000105@redhat.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> <53144F7E.5000105@redhat.com> Message-ID: <53146FEB.8050300@ysfactory.dip.jp> Hi Andrew, > Separating debuginfo is not > something that we want the OpenJDK build to do, and the most useful > thing that we could have is a switch to turn all of OpenJDK's > stripping and separate debuginfo off. I expect the same applies to > all distros. My patch provides "SEPARATED_DEBUGINFO_FILES" as a switch of separating debuginfo files, and affects "STRIP_POILCY" in HotSpot and other ELF binaries. > I expect the same applies to all distros. We need to pass ' STRIP_POLICY=no_strip POST_STRIP_CMD="" ' to make command as David said. And we need to pick up binaries which are NOT named ".debuginfo" or ".diz" suffix. Thanks, Yasumasa On 2014/03/03 18:46, Andrew Haley wrote: > On 03/01/2014 11:08 PM, Mike Duigou wrote: > >> Do I understand correctly that rpmbuild can only deal with >> unstripped binaries and generates the stripped rpm package and >> debuginfo package. > > Exactly. OpenJDK generating separate debuginfo files is very > inconvenient for RPM builds. > >> It sounds kind of strange that find-debuginfo.sh wouldn't be able to >> use already generated debuginfo files. > > The OpenJDK build can't have any idea of what debuginfo files the > distro runtime requires, and indeed this may change. There is more > than one mechanism for finding debuginfo. Separating debuginfo is not > something that we want the OpenJDK build to do, and the most useful > thing that we could have is a switch to turn all of OpenJDK's > stripping and separate debuginfo off. I expect the same applies to > all distros. > > Andrew. > From ptisnovs at icedtea.classpath.org Mon Mar 3 04:17:12 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 03 Mar 2014 12:17:12 +0000 Subject: /hg/gfx-test: Eight new tests added into BitBitAffineIdentityTra... Message-ID: changeset e839356ee2da in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=e839356ee2da author: Pavel Tisnovsky date: Mon Mar 03 13:17:49 2014 +0100 Eight new tests added into BitBitAffineIdentityTransformOp.java. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java | 112 ++++++++++ 2 files changed, 117 insertions(+), 0 deletions(-) diffs (134 lines): diff -r 830c798b8e25 -r e839356ee2da ChangeLog --- a/ChangeLog Fri Feb 28 11:07:00 2014 +0100 +++ b/ChangeLog Mon Mar 03 13:17:49 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-03 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: + Eight new tests added into BitBitAffineIdentityTransformOp.java: + 2014-02-28 Pavel Tisnovsky * src/org/gfxtest/testsuites/CAGOperationsOnChordAndRectangle.java: diff -r 830c798b8e25 -r e839356ee2da src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Fri Feb 28 11:07:00 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Mon Mar 03 13:17:49 2014 +0100 @@ -3375,6 +3375,118 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp1); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp2); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp3); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp4); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp5); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp6); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp1); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp2); + } + + /** * Entry point to the test suite. * * @param args not used in this case From ptisnovs at icedtea.classpath.org Mon Mar 3 04:20:58 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 03 Mar 2014 12:20:58 +0000 Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamPositiveT... Message-ID: changeset 9a2ccd2993cb in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=9a2ccd2993cb author: Pavel Tisnovsky date: Mon Mar 03 13:21:10 2014 +0100 Added new test testGetResourceAsStreamPositiveTest into CompiledScriptClassTest. diffstat: ChangeLog | 6 ++ src/org/RhinoTests/CompiledScriptClassTest.java | 61 +++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 0 deletions(-) diffs (84 lines): diff -r 3758c6b6d899 -r 9a2ccd2993cb ChangeLog --- a/ChangeLog Fri Feb 28 11:12:48 2014 +0100 +++ b/ChangeLog Mon Mar 03 13:21:10 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-03 Pavel Tisnovsky + + * src/org/RhinoTests/CompiledScriptClassTest.java: + Added new test testGetResourceAsStreamPositiveTest into + CompiledScriptClassTest. + 2014-02-28 Pavel Tisnovsky * src/org/RhinoTests/SimpleBindingsClassTest.java: diff -r 3758c6b6d899 -r 9a2ccd2993cb src/org/RhinoTests/CompiledScriptClassTest.java --- a/src/org/RhinoTests/CompiledScriptClassTest.java Fri Feb 28 11:12:48 2014 +0100 +++ b/src/org/RhinoTests/CompiledScriptClassTest.java Mon Mar 03 13:21:10 2014 +0100 @@ -1923,6 +1923,67 @@ } /** + * Test for method javax.script.CompiledScript.getClass().getResourcePositiveTest() + */ + protected void testGetResourcePositiveTest() { + Object resource; + resource = this.compiledScriptClass.getResource("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/BindingsTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompilableTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/Constants.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/Constants.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/InvocableTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + + /** * Test for instanceof operator applied to a class javax.script.CompiledScript */ @SuppressWarnings("cast") From daniel.daugherty at oracle.com Mon Mar 3 06:56:38 2014 From: daniel.daugherty at oracle.com (Daniel D. Daugherty) Date: Mon, 03 Mar 2014 07:56:38 -0700 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> Message-ID: <53149826.7030106@oracle.com> I think we're having a problem with not all replies making it to all the aliases. Yasumasa's reply to David below that Mike is replying to did not arrive on any of the aliases that I'm on... Folks need to remember to reply to all of the aliases... On 3/1/14 4:08 PM, Mike Duigou wrote: > On Mar 1 2014, at 06:07 , Yasumasa Suenaga wrote: > >> Hi David, >> >>> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >>> 2. Generating debuginfo files (zipped or not) (FDS) >>> 3. Stripping debug symbols from the binaries (strip-policy) >>> >>> It may be that we don't have clean separation between them, and if so >>> that should be fixed, but I don't see the current proposal as the way >>> forward. >> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not >> generated. Bit of history here. When FDS is disabled, the build system is supposed to go back to what was there prior to the FDS project. On Linux, one of the debug configs didn't actually have any debugging flags enabled (debug or fastdebug, I don't remember which). So when I implemented FDS, disabling FDS meant no debug info. Bug in the original? You betcha. >> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. > I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else. > > Some comments: > > - Are there important tools that cannot deal with external debuginfo files? Not that I'm aware of. There have been bugs in the way gobjcopy is extracting the debuginfo into the separate files, but no complete failures as far as I know... > If we can put debuginfo into external files why would we ever want unstripped binaries? We deliver minimal stripped binaries so that can have stack traces with some amount of information in them when the debuginfo files are not available. We have not yet figured out how to implement minimal stripping on Windows so Windows hs_err_pid files have no symbols in them when the debuginfo bundles are not present. > Is strip policy really necessary? Yes. STRIP_POLICY allows folks to configure what they want for the build that they are doing. It is also meant to map to the Oracle policy where we were granted a waiver to deliver minimal symbols in FDS project. > Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything. No you don't want to strip everything. See above aboutminimal info in stack traces. > Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files. > > - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info : > 1. Compile source files with some form of "-g" > 2. Create separate debug files for object files. > 3. Strip object files. > 4. Add gnu_debuglink to object files. > 5. Link library or executable which should carry along links to debuginfo. > 6a. Debugging, testing, profiling, etc. by developers. > 6b. Packaging for program bits and debuginfo. > 7. Testing and Use. > > Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process? > > - Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated. It's STRIP_POLICY=min_strip that leaves the minimal debug info attached to the binaries and the more complete debug info in left in the debuginfo file(s). And I'll disagree about only wanting abbreviated debug info in the separate debuginfo files. > There are four basic alternatives for levels of debug info: > 1. (-g0) No debug info whatsoever. > Only exported functions and globals will have names. > 2. (-g1) Abbreviated debug info. > All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces. > 3. (-g) Default debugging info. > Adds macro expansions and local variable names. Suitable for source level debugging. > 4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info. > Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option. > > Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components. There is a whole boatload of history behind using STABS or DWARF or -g1 and usually (at least in HotSpot) there are comments in the Makefiles explaining the sometimes arcane reasons why these choices were made... On Linux there is a special option DEBUG_BINARIES that is used to specify '-g' for everything. I believe the magic incantation for making RPM happy is something like: DEBUG_BINARIES=true FULL_DEBUG_SYMBOLS=0 STRIP_POLICY=none ALT_OBJCOPY=/does_not_exist The combination of FULL_DEBUG_SYMBOLS=0 and ALT_OBJCOPY=/does_not_exist disables FDS for all build configs and reverts to pre-FDS make logic. STRIP_POLICY=none says don't do any stripping. DEBUG_BINARIES=true says ignore all the other logic about which debug options and just do '-g'. I've accidentally broken DEBUG_BINARIES at least once, but I usually get pinged by the Red Hat folks when I do... Dan > - Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms? > >> So I change: >> >> 1. Separating to add "-g" option to compiler from executing objcopy. >> 2. jdk/make/Images.gmk regards STRIP_POLICY. >> >> >> As I mentioned earlier, this issue is related to RPM. >> So I hope to fix it before JDK8 GA is released. > This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20). > > Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process. > > Mike From bugzilla-daemon at icedtea.classpath.org Mon Mar 3 07:26:12 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 03 Mar 2014 15:26:12 +0000 Subject: [Bug 1692] New: SIGSEV crash when installing xtext in eclipse Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692 Bug ID: 1692 Summary: SIGSEV crash when installing xtext in eclipse Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: major Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: b.murauer at gmail.com CC: unassigned at icedtea.classpath.org Created attachment 1039 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1039&action=edit java error log Steps to reproduce: clean install of Linux Mint 16 KDE updated OS as far as possible installed eclipse using repos (version 3.8.1 debbuild) eclipse starts fine, no problems. installing the xtext plugin from eclipse software repository after accepting license agreement and hitting "install", eclipse crashes with attatched error message also tried with installing PHP-Plugin, same crash -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/68223e02/attachment.html From bugzilla-daemon at icedtea.classpath.org Mon Mar 3 07:28:09 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 03 Mar 2014 15:28:09 +0000 Subject: [Bug 1692] SIGSEV crash when installing plugin in eclipse In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692 Benjamin Murauer changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|SIGSEV crash when |SIGSEV crash when |installing xtext in eclipse |installing plugin in | |eclipse -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/3e2a661c/attachment.html From mike.duigou at oracle.com Sat Mar 1 15:08:56 2014 From: mike.duigou at oracle.com (Mike Duigou) Date: Sat, 1 Mar 2014 15:08:56 -0800 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <5311E98A.1020004@ysfactory.dip.jp> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> Message-ID: On Mar 1 2014, at 06:07 , Yasumasa Suenaga wrote: > Hi David, > >> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >> 2. Generating debuginfo files (zipped or not) (FDS) >> 3. Stripping debug symbols from the binaries (strip-policy) >> >> It may be that we don't have clean separation between them, and if so >> that should be fixed, but I don't see the current proposal as the way >> forward. > > Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not > generated. > SEPARATED_DEBUGINFO_FILES which my patch provides can separate them. I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else. Some comments: - Are there important tools that cannot deal with external debuginfo files? If we can put debuginfo into external files why would we ever want unstripped binaries? Is strip policy really necessary? Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything. Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files. - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info : 1. Compile source files with some form of "-g" 2. Create separate debug files for object files. 3. Strip object files. 4. Add gnu_debuglink to object files. 5. Link library or executable which should carry along links to debuginfo. 6a. Debugging, testing, profiling, etc. by developers. 6b. Packaging for program bits and debuginfo. 7. Testing and Use. Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process? - Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated. There are four basic alternatives for levels of debug info: 1. (-g0) No debug info whatsoever. Only exported functions and globals will have names. 2. (-g1) Abbreviated debug info. All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces. 3. (-g) Default debugging info. Adds macro expansions and local variable names. Suitable for source level debugging. 4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info. Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option. Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components. - Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms? > So I change: > > 1. Separating to add "-g" option to compiler from executing objcopy. > 2. jdk/make/Images.gmk regards STRIP_POLICY. > > > As I mentioned earlier, this issue is related to RPM. > So I hope to fix it before JDK8 GA is released. This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20). Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process. Mike From jvanek at redhat.com Mon Mar 3 08:24:20 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 03 Mar 2014 17:24:20 +0100 Subject: [rfc][icedtea-web] Unsigned applet security dialog abstraction In-Reply-To: <5310A809.1010502@redhat.com> References: <530FA52F.6090204@redhat.com> <53106D32.4080707@redhat.com> <5310A809.1010502@redhat.com> Message-ID: <5314ACB4.70800@redhat.com> On 02/28/2014 04:15 PM, Andrew Azores wrote: > On 02/28/2014 06:04 AM, Jiri Vanek wrote: >> >> The renaming patch is ok to go, unless you wont to rename it to general ExecuteAction (see bottom >> of email) >> >> Code itself looks good. Only nit: >> >> + } catch (Exception e) { >> + e.printStackTrace(); >> + throw e; >> + } >> >> Whats that? print and rethrow:-) why? only one of it should be enough or not. Anyway, print stack >> trace is forbidden. Use ServerAccess.log* rather. > > This is in the tests, right? That's the only place I can find a match in the patches. Anyway - not > sure what I was doing here, honestly. The exception doesn't even need to be caught and printed, does > it? It's a JUnit @BeforeClass method, so if it throws an exception, will this be logged anyway? New > tests attached, but the only difference is the try/catch there has been removed altogether. I have already noted some issues when BeforClass throw an exception. If something will be noted.... > >> >> One general comment to idea itself. I was thinking about reusing this dialogue for >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library (And >> maybe some more ) but it forces few more generalizations: >> - it should depend on jnlpfile, not on plugin bridge. (But this should not prevent the dialogue >> from some cations if it is instance of plugin bridge)\ > > I already reduced most of the dependency on PluginBridge over JNLPFile, but I think with the new > abstraction patch I've removed it entirely. > >> - it should use also title of application >> - the help have to be adapted >> (maybe some acces to disable/enable some controls or similar..) >> >> From the quick glance those should be not hard to achieve. Do you wont to include it in this >> refactoring, or later? Eg when I will use this. Probably something now, something later on demand... > > These are both probably worthy but as a separate changeset, especially making the controls generally > enable/disable-able. marking your words ;) > >> >> Also in sound of those refactoings, I'm thinking if it is correct to use ExtendedAppletsSecurity >> table as it is now. >> - you wont to reuse it for partially signed yes applets yes? > > Yes. It already works just fine as far as I've been able to tell in my testing. I suppose there > might be a conflict if somehow one applet goes from being partially signed to unsigned or > vice-versa, while it already has a remembered entry in the table... I hadn't even thought of that > case before. It just seems to me that normally there shouldn't be any collision having them together > in the same table. But your solution below helps with this anyway. Yes this was also my background idea. That suddnely( without letting user know) will be allowed newly partialy signed applet. Your reply persuaded me to the "definitely requires extra work to be done" as I noted. > >> - I wont to use it for Application-Library-Allowable-Codebase >> - currently it is used for unsigned applet wont to run >> >> Your usecase is probably ok, and with some compromising it can reuse current table. But definitely >> not the my one:( > > Yours definitely requires extra work to be done ;) > >> >> So I was thinking about extending the format for some flag "purpose" (rather then to have new table) >> eg: >> from current resolution timestamp url-regex jars: >> y 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E >> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar >> to >> y ACACA 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E >> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar >> or >> y UNSIGNED 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E >> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar >> or >> y PARTIALLY 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E >> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar >> >> so: >> resolution purpose timestamp url-regex jars >> or similar, >> >> >> What do you think? >> >> >> >> >> >> J. > > This sounds okay, I suppose. It should come with some pretty heaving renaming of the action storage > classes though, because their names are really getting inaccurate with this kind of change. I would > like to reuse the table if possible rather than create new one(s), and this seems like a reasonable > way to do it I think? There will need to be some "migration" done to the table as well, but older > tables that don't have this field should just have it filled in with UNSIGNED, so it shouldn't be > too hard to work out. The backward compatibility will not be issue. Issue is to design it properly for new usecases :) > > "tests2" has the try/catch removed, "abstraction_pluginbridge_deps" just changes a few occurrences > of PluginBridge to JNLPFile, and "renames" hasn't been changed but is included for convenience. > Ok for head, some more work needed before 1.5 release. From aazores at icedtea.classpath.org Mon Mar 3 08:38:01 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 03 Mar 2014 16:38:01 +0000 Subject: /hg/icedtea-web: Unsigned applet warning dialog abstracted and g... Message-ID: changeset 61bfad46e9cc in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=61bfad46e9cc author: Andrew Azores date: Mon Mar 03 11:36:14 2014 -0500 Unsigned applet warning dialog abstracted and generalized UnsignedAppletTrustWarningPanel logic moved into new abstract parent class AppTrustWarningPanel for reusability. * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: new class * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: new class * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: major refactor into subclass of AppTrustWarningPanel * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (UnsignedWarningAction) references changed to AppSigningWarningAction * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: same * tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: new tests for AppTrustWarningPanel * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java: renamed, changed all references * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: (ExecuteUnsignedApplet) renamed to this * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java: (ExecuteAppletAction) changed references * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java: (ExecuteAppletAction) changed references * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java: (ExecuteAppletAction) changed references * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: (ExecuteAppletAction) changed references * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java: (ExecuteAppletAction) changed references * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java: (ExecuteAppletAction) changed references diffstat: ChangeLog | 30 + netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java | 8 +- netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java | 38 +- netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java | 68 ++ netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java | 321 ++++++++++ netx/net/sourceforge/jnlp/security/SecurityDialog.java | 2 +- netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 11 +- netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java | 10 +- netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java | 280 +------- netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java | 90 ++ netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java | 90 -- netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java | 10 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java | 57 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java | 6 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java | 6 +- tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java | 130 ++++ 16 files changed, 755 insertions(+), 402 deletions(-) diffs (truncated from 1554 to 500 lines): diff -r ededca6b0659 -r 61bfad46e9cc ChangeLog --- a/ChangeLog Fri Feb 28 16:45:24 2014 -0500 +++ b/ChangeLog Mon Mar 03 11:36:14 2014 -0500 @@ -1,3 +1,33 @@ +2014-03-03 Andrew Azores + + UnsignedAppletTrustWarningPanel logic moved into new abstract parent class + AppTrustWarningPanel for reusability. + * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: new class + * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: new class + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: + major refactor into subclass of AppTrustWarningPanel + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: + (UnsignedWarningAction) references changed to AppSigningWarningAction + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: same + * tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: + new tests for AppTrustWarningPanel + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java: + renamed, changed all references + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: + (ExecuteUnsignedApplet) renamed to this + * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java: + (ExecuteAppletAction) changed references + * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java: + (ExecuteAppletAction) changed references + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java: + (ExecuteAppletAction) changed references + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: + (ExecuteAppletAction) changed references + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java: + (ExecuteAppletAction) changed references + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java: + (ExecuteAppletAction) changed references + 2014-02-28 Andrew Azores Added "Sandbox" button to CertWarning dialogs, allowing signed applets diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java --- a/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java Fri Feb 28 16:45:24 2014 -0500 +++ b/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java Mon Mar 03 11:36:14 2014 -0500 @@ -39,7 +39,7 @@ import javax.swing.event.TableModelEvent; import javax.swing.table.AbstractTableModel; import net.sourceforge.jnlp.runtime.Translator; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteUnsignedApplet; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionEntry; import net.sourceforge.jnlp.security.appletextendedsecurity.UrlRegEx; import net.sourceforge.jnlp.security.appletextendedsecurity.impl.UnsignedAppletActionStorageExtendedImpl; @@ -75,7 +75,7 @@ @Override public Class getColumnClass(int columnIndex) { if (columnIndex == 0) { - return ExecuteUnsignedApplet.class; + return ExecuteAppletAction.class; } if (columnIndex == 1) { return Date.class; @@ -145,7 +145,7 @@ int i = getRowCount()-1; String s = "\\Qhttp://localhost:80/\\E.*"; back.add(new UnsignedAppletActionEntry( - ExecuteUnsignedApplet.NEVER, + ExecuteAppletAction.NEVER, new Date(), new UrlRegEx(s), new UrlRegEx(s), @@ -174,7 +174,7 @@ fireTableRowsDeleted(0, i); } - void removeByBehaviour(ExecuteUnsignedApplet unsignedAppletAction) { + void removeByBehaviour(ExecuteAppletAction unsignedAppletAction) { int i = getRowCount()-1; if (i<0){ return; diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java --- a/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java Fri Feb 28 16:45:24 2014 -0500 +++ b/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java Mon Mar 03 11:36:14 2014 -0500 @@ -75,7 +75,7 @@ import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.Translator; import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteUnsignedApplet; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionEntry; import net.sourceforge.jnlp.security.appletextendedsecurity.UrlRegEx; @@ -520,16 +520,16 @@ removeSelectedFromTable(currentTable); } if (deleteTypeComboBox.getSelectedIndex() == 1) { - removeByBehaviour(ExecuteUnsignedApplet.ALWAYS); + removeByBehaviour(ExecuteAppletAction.ALWAYS); } if (deleteTypeComboBox.getSelectedIndex() == 2) { - removeByBehaviour(ExecuteUnsignedApplet.NEVER); + removeByBehaviour(ExecuteAppletAction.NEVER); } if (deleteTypeComboBox.getSelectedIndex() == 3) { - removeByBehaviour(ExecuteUnsignedApplet.YES); + removeByBehaviour(ExecuteAppletAction.YES); } if (deleteTypeComboBox.getSelectedIndex() == 4) { - removeByBehaviour(ExecuteUnsignedApplet.NO); + removeByBehaviour(ExecuteAppletAction.NO); } if (deleteTypeComboBox.getSelectedIndex() == 5) { removeAllItemsFromTable(currentTable, customModel); @@ -701,7 +701,7 @@ public TableCellEditor getCellEditor(int row, int column) { int columnx = convertColumnIndexToModel(column); if (columnx == 0) { - return new DefaultCellEditor(new JComboBox(new ExecuteUnsignedApplet[]{ExecuteUnsignedApplet.ALWAYS, ExecuteUnsignedApplet.NEVER, ExecuteUnsignedApplet.YES, ExecuteUnsignedApplet.NO})); + return new DefaultCellEditor(new JComboBox(new ExecuteAppletAction[]{ExecuteAppletAction.ALWAYS, ExecuteAppletAction.NEVER, ExecuteAppletAction.YES, ExecuteAppletAction.NO})); } if (columnx == 2) { column = convertColumnIndexToModel(column); @@ -758,7 +758,7 @@ } - private void removeByBehaviour(ExecuteUnsignedApplet unsignedAppletAction) { + private void removeByBehaviour(ExecuteAppletAction unsignedAppletAction) { UnsignedAppletActionEntry[] items = currentModel.back.toArray(); if (askBeforeActionCheckBox.isSelected()) { List toBeDeleted = new ArrayList(); @@ -904,16 +904,16 @@ @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.ALWAYS) || o.equals(ExecuteUnsignedApplet.NEVER)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.ALWAYS) || o.equals(ExecuteAppletAction.NEVER)); } } private static final class ShowPermanentA extends MyCommonSorter { @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.ALWAYS)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.ALWAYS)); } } @@ -921,8 +921,8 @@ @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.NEVER)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.NEVER)); } } @@ -930,8 +930,8 @@ @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.YES) || o.equals(ExecuteUnsignedApplet.NO)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.YES) || o.equals(ExecuteAppletAction.NO)); } } @@ -939,8 +939,8 @@ @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.YES)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.YES)); } @@ -950,8 +950,8 @@ @Override public boolean include(Entry entry) { - ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0); - return (o.equals(ExecuteUnsignedApplet.NO)); + ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0); + return (o.equals(ExecuteAppletAction.NO)); } } diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java Mon Mar 03 11:36:14 2014 -0500 @@ -0,0 +1,68 @@ +/* Copyright (C) 2013 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener; +import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; + +/** + * A panel that confirms that the user is OK with unsigned code running. + */ +public class AppTrustWarningDialog extends SecurityDialogPanel { + + private AppTrustWarningDialog(final SecurityDialog dialog) { + super(dialog); + } + + public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) { + final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog); + warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener())); + return warningDialog; + } + + private ActionChoiceListener getActionChoiceListener() { + return new ActionChoiceListener() { + @Override + public void actionChosen(final AppSigningWarningAction action) { + parent.setValue(action); + parent.dispose(); + } + }; + } + +} diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Mon Mar 03 11:36:14 2014 -0500 @@ -0,0 +1,321 @@ +/* Copyright (C) 2013 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.GridLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ButtonGroup; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JDialog; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.JRadioButton; +import javax.swing.SwingConstants; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; +import net.sourceforge.jnlp.util.ScreenFinder; + +/* + * This class is meant to provide a common layout and functionality for warning dialogs + * that appear when the user needs to confirm the running of applets/applications. + * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and + * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as + * plugin applets. New implementations should be added to the unit test at + * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest + */ +public abstract class AppTrustWarningPanel extends JPanel { + + /* + * Details of decided action. + */ + public static class AppSigningWarningAction { + private ExecuteAppletAction action; + private boolean applyToCodeBase; + + public AppSigningWarningAction(ExecuteAppletAction action, + boolean applyToCodeBase) { + this.action = action; + this.applyToCodeBase = applyToCodeBase; + } + + public ExecuteAppletAction getAction() { + return action; + } + + public boolean rememberForCodeBase() { + return applyToCodeBase; + } + } + + /* + * Callback for when action is decided. + */ + public static interface ActionChoiceListener { + void actionChosen(AppSigningWarningAction action); + } + + protected int PANE_WIDTH = 500; + + protected int TOP_PANEL_HEIGHT = 60; + protected int INFO_PANEL_HEIGHT = 140; + protected int INFO_PANEL_HINT_HEIGHT = 25; + protected int QUESTION_PANEL_HEIGHT = 35; + + private JButton allowButton; + private JButton rejectButton; + private JButton helpButton; + private JCheckBox permanencyCheckBox; + private JRadioButton applyToAppletButton; + private JRadioButton applyToCodeBaseButton; + + protected JNLPFile file; + + private ActionChoiceListener actionChoiceListener; + + /* + * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor! + */ + public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) { + this.file = file; + this.actionChoiceListener = actionChoiceListener; + } + + /* + * Provides an image to be displayed near the upper left corner of the dialog. + */ + protected abstract ImageIcon getInfoImage(); + + /* + * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted. + */ + protected abstract String getTopPanelText(); + + /* + * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted. + */ + protected abstract String getInfoPanelText(); + + /* + * This provides the text for the final prompt to the user. The message is expected to be HTML formatted. + * The user's action is a direct response to this question. + */ + protected abstract String getQuestionPanelText(); + + public JButton getAllowButton() { + return allowButton; + } + + public JButton getRejectButton() { + return rejectButton; + } + + protected static String htmlWrap(String text) { + return "" + text + ""; + } + + private void setupTopPanel() { + final String topLabelText = getTopPanelText(); + + JLabel topLabel = new JLabel(topLabelText, getInfoImage(), + SwingConstants.LEFT); + topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12)); + + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(PANE_WIDTH, TOP_PANEL_HEIGHT)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + add(topPanel); + } + + private void setupInfoPanel() { + String infoLabelText = getInfoPanelText(); + int panelHeight = INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT; + + JLabel infoLabel = new JLabel(infoLabelText); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(infoLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + add(infoPanel); + } + + private void setupQuestionsPanel() { + JPanel questionPanel = new JPanel(new BorderLayout()); + + final String questionPanelText = getQuestionPanelText(); + questionPanel.add(new JLabel(questionPanelText), BorderLayout.EAST); + + questionPanel.setPreferredSize(new Dimension(PANE_WIDTH, QUESTION_PANEL_HEIGHT)); + questionPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); + + add(questionPanel); + } + + private JPanel createMatchOptionsPanel() { + JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + ButtonGroup group = new ButtonGroup(); + applyToAppletButton = new JRadioButton(R("SRememberAppletOnly")); + applyToAppletButton.setSelected(true); + applyToAppletButton.setEnabled(false); // Start disabled until 'Remember this option' is selected + + applyToCodeBaseButton = new JRadioButton(htmlWrap(R("SRememberCodebase", file.getCodeBase()))); + applyToCodeBaseButton.setEnabled(false); + + group.add(applyToAppletButton); + group.add(applyToCodeBaseButton); + + matchOptionsPanel.add(applyToAppletButton); + matchOptionsPanel.add(applyToCodeBaseButton); + + return matchOptionsPanel; + } + + private JPanel createCheckBoxPanel() { + JPanel checkBoxPanel = new JPanel(new FlowLayout(FlowLayout.LEFT)); + + permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption"))); + permanencyCheckBox.addActionListener(permanencyListener()); + checkBoxPanel.add(permanencyCheckBox); From omajid at icedtea.classpath.org Mon Mar 3 09:23:43 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Mon, 03 Mar 2014 17:23:43 +0000 Subject: /hg/icedtea-web: PR1676: Add useLegacyMergeSort to JNLP properties Message-ID: changeset 3381129e3ae2 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=3381129e3ae2 author: Omair Majid date: Mon Mar 03 12:21:19 2014 -0500 PR1676: Add useLegacyMergeSort to JNLP properties 2014-03-03 Omair Majid PR1676 * netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to read/write useLegacyMergeSort. diffstat: ChangeLog | 6 ++++++ netx/net/sourceforge/jnlp/SecurityDesc.java | 1 + 2 files changed, 7 insertions(+), 0 deletions(-) diffs (24 lines): diff -r 61bfad46e9cc -r 3381129e3ae2 ChangeLog --- a/ChangeLog Mon Mar 03 11:36:14 2014 -0500 +++ b/ChangeLog Mon Mar 03 12:21:19 2014 -0500 @@ -1,3 +1,9 @@ +2014-03-03 Omair Majid + + PR1676 + * netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to + read/write useLegacyMergeSort. + 2014-03-03 Andrew Azores UnsignedAppletTrustWarningPanel logic moved into new abstract parent class diff -r 61bfad46e9cc -r 3381129e3ae2 netx/net/sourceforge/jnlp/SecurityDesc.java --- a/netx/net/sourceforge/jnlp/SecurityDesc.java Mon Mar 03 11:36:14 2014 -0500 +++ b/netx/net/sourceforge/jnlp/SecurityDesc.java Mon Mar 03 12:21:19 2014 -0500 @@ -88,6 +88,7 @@ private static Permission sandboxPermissions[] = { new SocketPermission("localhost:1024-", "listen"), // new SocketPermission("", "connect, accept"), // added by code + new PropertyPermission("java.util.Arrays.useLegacyMergeSort", "read,write"), new PropertyPermission("java.version", "read"), new PropertyPermission("java.vendor", "read"), new PropertyPermission("java.vendor.url", "read"), From bugzilla-daemon at icedtea.classpath.org Mon Mar 3 09:23:51 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 03 Mar 2014 17:23:51 +0000 Subject: [Bug 1676] enhance the list of secure jnlp properties to support useLegacyMergeSort In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1676 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea-web?cmd=changeset;node=3381129e3ae2 author: Omair Majid date: Mon Mar 03 12:21:19 2014 -0500 PR1676: Add useLegacyMergeSort to JNLP properties 2014-03-03 Omair Majid PR1676 * netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to read/write useLegacyMergeSort. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/cffc60b1/attachment.html From omajid at redhat.com Mon Mar 3 09:42:55 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 3 Mar 2014 12:42:55 -0500 Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times In-Reply-To: <53143491.7020802@redhat.com> References: <20140228230710.GA18442@redhat.com> <53143491.7020802@redhat.com> Message-ID: <20140303174255.GD2045@redhat.com> * Jiri Vanek [2014-03-03 02:51]: > On 03/01/2014 12:07 AM, Omair Majid wrote: > >Hi, > > > >The attached patch is a fix for PR857. The idea is quite simple: make > >sure UIManager.setLookAndFeel() is called at most once (and ideally > >exactly once) before any UI is shown. > > > >There are a few code paths that can cause UIManager.setLookAndFell to be > >invoked multiple times: > > > >- AboutDialog (only on entry from a class other than Boot) > >- SecurityDialog > >- PolicyEditor (only on entry from ControlPanel) > > > >CertificateViewer calls JNLPRuntime.initialize() which already calls > >UIManager.setLookAndFeel. So I have removed the direct call from > >CertificateViewer. > > > >Also, JNLPRuntime.initialize currently calls setLookAndFeel after > >displaying a JavaConsole. This is alos fixed. > > > >Thoughts? > > > > ouch, that an old one! > > > However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff > - (the confirmed one) is quite different, why so? For a couple of reasons: - The reporter only tested one code path (the main plugin/javaws code path) - I went through more code this time and noticed more subtle issues, including cases where setting the look and feel is completely redundant. > Also " Don't set look and feel multiple times" do not sound proper > to me, it is still set two times. I don't follow. It is set exactly once in (a shared code path) in the case of plugins/javaws: in JNLPRuntime.initialize(). > Can't there be only one place to do so? No, unless you want to have exactly one entry point for icedtea-web that then selects what to run: - javaws - plugin - about dialog - controlpanel - certificate viewer - policy editor > I would rather log the exception. > > I would ratehr log this exception in debug only (default) =? > - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); > + OutputController.getLogger().log(e); Fixed. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/ChangeLog b/ChangeLog --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,21 @@ +2014-03-03 Omair Majid + + PR857 + * netx/net/sourceforge/jnlp/about/AboutDialog.java + (run): Do not set look and feel. + * netx/net/sourceforge/jnlp/runtime/Boot.java + (main) : Set look and feel before displaying dialog. + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java + (initialize): Set look and feel before any UI is created. + * netx/net/sourceforge/jnlp/security/SecurityDialog.java + (init): Do not set look and feel. + (setSystemLookAndFeel): Removed. + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java + (createInstance): Do not set look and feel. + * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java + (showCertificateViewer): Do not set look and feel. + (setSystemLookAndFeel): Removed. + 2014-03-03 Omair Majid PR1676 diff --git a/netx/net/sourceforge/jnlp/about/AboutDialog.java b/netx/net/sourceforge/jnlp/about/AboutDialog.java --- a/netx/net/sourceforge/jnlp/about/AboutDialog.java +++ b/netx/net/sourceforge/jnlp/about/AboutDialog.java @@ -175,11 +175,6 @@ @Override public void run() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - } - layoutWindow(); ScreenFinder.centerWindowsToCurrentScreen(frame); frame.setVisible(true); diff --git a/netx/net/sourceforge/jnlp/runtime/Boot.java b/netx/net/sourceforge/jnlp/runtime/Boot.java --- a/netx/net/sourceforge/jnlp/runtime/Boot.java +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java @@ -28,6 +28,8 @@ import java.util.List; import java.util.Map; +import javax.swing.UIManager; + import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.Launcher; import net.sourceforge.jnlp.ParserSettings; @@ -161,6 +163,11 @@ if (null != getOption("-headless")) { JNLPRuntime.exit(0); } else { + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } OutputController.getLogger().printOutLn(R("BLaunchAbout")); AboutDialog.display(); return; diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java @@ -195,6 +195,12 @@ public static void initialize(boolean isApplication) throws IllegalStateException { checkInitialized(); + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } + if (JavaConsole.canShowOnStartup(isApplication)) { JavaConsole.getConsole().showConsoleLater(); } @@ -236,12 +242,6 @@ policy = new JNLPPolicy(); security = new JNLPSecurityManager(); // side effect: create JWindow - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); - } - doMainAppContextHacks(); if (securityEnabled) { diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java @@ -216,8 +216,6 @@ } private void initDialog() { - setSystemLookAndFeel(); - String dialogTitle = ""; if (dialogType == DialogType.CERT_WARNING) { if (accessType == AccessType.VERIFIED) @@ -346,17 +344,6 @@ super.dispose(); } - /** - * Updates the look and feel of the window to be the system look and feel - */ - protected void setSystemLookAndFeel() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - //don't worry if we can't. - } - } - private final List listeners = new CopyOnWriteArrayList(); /** diff --git a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java @@ -917,11 +917,6 @@ } public static PolicyEditor createInstance(final String filepath) { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (final Exception e) { - // not really important, so just ignore - } return new PolicyEditor(filepath); } diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java --- a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java @@ -100,7 +100,6 @@ public static void showCertificateViewer() throws Exception { JNLPRuntime.initialize(true); - setSystemLookAndFeel(); CertificateViewer cv = new CertificateViewer(); cv.setResizable(true); @@ -109,14 +108,6 @@ cv.dispose(); } - private static void setSystemLookAndFeel() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - // don't worry if we can't. - } - } - public static void main(String[] args) throws Exception { CertificateViewer.showCertificateViewer(); } From bugzilla-daemon at icedtea.classpath.org Mon Mar 3 10:02:36 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 03 Mar 2014 18:02:36 +0000 Subject: [Bug 1692] SIGSEV crash when installing plugin in eclipse In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692 --- Comment #1 from Benjamin Murauer --- With a downloaded eclipse 4.3.2 Kepler v.2 no error occur during plugin installation. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/a730c716/attachment.html From omajid at redhat.com Mon Mar 3 11:01:03 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 3 Mar 2014 14:01:03 -0500 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <53144E4D.8080606@redhat.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53144E4D.8080606@redhat.com> Message-ID: <20140303190102.GE2045@redhat.com> * Andrew Haley [2014-03-03 04:43]: > On 02/28/2014 09:18 AM, Yasumasa Suenaga wrote: > > For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo . > > libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not > > contain debug information. Actual debug information is shipped by OpenJDK > > debuginfo package. > > That's a bug in Fedora's build. We should fix it. This should fix it: http://pkgs.fedoraproject.org/cgit/java-1.8.0-openjdk.git/commit/?id=1734315551d634b7467f28788d90595b467ea5eb Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From omajid at redhat.com Mon Mar 3 11:11:18 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 3 Mar 2014 14:11:18 -0500 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <53149826.7030106@oracle.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> <53149826.7030106@oracle.com> Message-ID: <20140303191118.GF2045@redhat.com> Hi, * Daniel D. Daugherty [2014-03-03 09:57]: > On 3/1/14 4:08 PM, Mike Duigou wrote: > > If we can put debuginfo into external files why would we ever want unstripped binaries? > > We deliver minimal stripped binaries so that can have stack traces > with some amount of information in them when the debuginfo files > are not available. We have not yet figured out how to implement > minimal stripping on Windows so Windows hs_err_pid files have no > symbols in them when the debuginfo bundles are not present. Am I reading it right that when tools (like RPM) strip the debug information from these binaries, hotspot will break completely when it tries to generate a stack trace on crash? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From daniel.daugherty at oracle.com Mon Mar 3 11:20:38 2014 From: daniel.daugherty at oracle.com (Daniel D. Daugherty) Date: Mon, 03 Mar 2014 12:20:38 -0700 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <20140303191118.GF2045@redhat.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp> <53149826.7030106@oracle.com> <20140303191118.GF2045@redhat.com> Message-ID: <5314D606.70804@oracle.com> On 3/3/14 12:11 PM, Omair Majid wrote: > Hi, > > * Daniel D. Daugherty [2014-03-03 09:57]: >> On 3/1/14 4:08 PM, Mike Duigou wrote: >>> If we can put debuginfo into external files why would we ever want unstripped binaries? >> We deliver minimal stripped binaries so that can have stack traces >> with some amount of information in them when the debuginfo files >> are not available. We have not yet figured out how to implement >> minimal stripping on Windows so Windows hs_err_pid files have no >> symbols in them when the debuginfo bundles are not present. > Am I reading it right that when tools (like RPM) strip the debug > information from these binaries, hotspot will break completely when it > tries to generate a stack trace on crash? Not quite. If you follow this process: - use gobjcopy to copy debug info from libjvm.so -> libjvm.debuginfo - use gobjcopy to tell libjvm.so that debug info is found in libjvm.debuginfo - strip libjvm.so (I don't remember the strip everything option) then you can still get symbols in your crashes as long as you have BOTH libjvm.so and libjvm.debuginfo. However, if you are in a situation where you don't have libjvm.debuginfo, then you do not get symbols in your crashes. When I did the Full Debug Symbols (FDS) project, I copied complete debug info from libjvm.so -> libjvm.debuginfo and left minimal debug info in libjvm.so so that you could still get symbols on crashes on Linux and Solaris when the libjvm.debuginfo files were not present. Dan > > Thanks, > Omair > From omajid at redhat.com Mon Mar 3 13:49:24 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 3 Mar 2014 16:49:24 -0500 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <53112019.9050504@oracle.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> Message-ID: <20140303214923.GA26825@redhat.com> * David Holmes [2014-02-28 18:48]: > There are three pieces to all of this: > > 1. Generating debug symbols in the binaries (via gcc -g or whatever) > 2. Generating debuginfo files (zipped or not) (FDS) > 3. Stripping debug symbols from the binaries (strip-policy) > > It may be that we don't have clean separation between them, and if so > that should be fixed, but I don't see the current proposal as the way > forward. Any chance we could clean up the names too? It's not obvious to me why FDS means 'generating debuginfo files'. What do folks think of modifying the OPENJDK build to use this as the settings for the options above by default. 1. Yes 2. No 3. No > Also there may well be differences between how things are handled on the > JDK side and hotspot side. Is there any chance of this becoming consistent between hotspot and JDK? It would be much nicer if concepts like strip-policy were consistent between hotspot and the rest of the JDK. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Mon Mar 3 14:04:44 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 03 Mar 2014 17:04:44 -0500 Subject: [rfc][icedtea-web] AppTrustWarningPanel applet title, controls Message-ID: <5314FC7C.3070607@redhat.com> Hi, This patch adds a label to AppTrustWarningPanel displaying applet/application titles, makes it so that the action performed by the Help button can be overridden easily, and finally makes it so that subclasses can easily add (or remove or reorder) the buttons in the button panel. This is particularly useful for the next related patch coming after this, which will be the new PartiallySigned Dialog, with Sandbox button. ChangeLog: * netx/net/sourceforge/jnlp/resources/Messages.properties: (SAppletTitle) new message * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: (buttons) new list of UI buttons. (getAllowButton, getRejectButton, addComponents) made final. (createButtonPanel) uses list of buttons rather than hardcoded. (helpButton) action made configurable. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: partially-signed-abstraction-touchup.patch Type: text/x-patch Size: 6893 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/8dcb0bd4/partially-signed-abstraction-touchup.patch From daniel.daugherty at oracle.com Mon Mar 3 19:02:34 2014 From: daniel.daugherty at oracle.com (Daniel D. Daugherty) Date: Mon, 03 Mar 2014 20:02:34 -0700 Subject: JDK-8036003: Add variable not to separate debug information. In-Reply-To: <20140303214923.GA26825@redhat.com> References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp> <53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com> <20140303214923.GA26825@redhat.com> Message-ID: <5315424A.4080201@oracle.com> On 3/3/14 2:49 PM, Omair Majid wrote: > * David Holmes [2014-02-28 18:48]: >> There are three pieces to all of this: >> >> 1. Generating debug symbols in the binaries (via gcc -g or whatever) >> 2. Generating debuginfo files (zipped or not) (FDS) >> 3. Stripping debug symbols from the binaries (strip-policy) >> >> It may be that we don't have clean separation between them, and if so >> that should be fixed, but I don't see the current proposal as the way >> forward. > Any chance we could clean up the names too? It's not obvious to me why > FDS means 'generating debuginfo files'. FDS stands for Full Debug Symbols and is defined that way in quite a few Makefiles... We just call it FDS for short... > What do folks think of modifying the OPENJDK build to use this as the > settings for the options above by default. > > 1. Yes > 2. No > 3. No Whatever we do here has be architecturallyconsistent across the various OpenJDK platforms. The above settings would not work well on non-Linux platforms so I'm not in favor of doing that. However, I don't have a problem with providing support for config'ing a build to work with the downstream Linux repos... >> Also there may well be differences between how things are handled on the >> JDK side and hotspot side. > Is there any chance of this becoming consistent between hotspot and JDK? > It would be much nicer if concepts like strip-policy were consistent > between hotspot and the rest of the JDK. When I did the Full Debug Symbols (FDS) project, I made it architecturally consistent between the HotSpot and JDK sides. Since the new build system has arrived, something of the consistency has been broken and I haven't been back on the JDK side to see what happened... Dan > > Thanks, > Omair > From ptisnovs at icedtea.classpath.org Tue Mar 4 02:03:47 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 04 Mar 2014 10:03:47 +0000 Subject: /hg/gfx-test: Eight new tests added into BitBltAffineQuadrantRot... Message-ID: changeset 219ddc3bf108 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=219ddc3bf108 author: Pavel Tisnovsky date: Tue Mar 04 11:04:28 2014 +0100 Eight new tests added into BitBltAffineQuadrantRotateTransformOp. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java | 112 ++++++++++ 2 files changed, 117 insertions(+), 0 deletions(-) diffs (134 lines): diff -r e839356ee2da -r 219ddc3bf108 ChangeLog --- a/ChangeLog Mon Mar 03 13:17:49 2014 +0100 +++ b/ChangeLog Tue Mar 04 11:04:28 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-04 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: + Eight new tests added into BitBltAffineQuadrantRotateTransformOp. + 2014-03-03 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: diff -r e839356ee2da -r 219ddc3bf108 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Mon Mar 03 13:17:49 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Tue Mar 04 11:04:28 2014 +0100 @@ -669,6 +669,118 @@ } /** + * Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeCustomRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeCustom(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeCustomRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeCustom(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR. * * @param image From ptisnovs at icedtea.classpath.org Tue Mar 4 02:41:21 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 04 Mar 2014 10:41:21 +0000 Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamPositiveT... Message-ID: changeset c7bc5728b4a1 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=c7bc5728b4a1 author: Pavel Tisnovsky date: Tue Mar 04 11:42:00 2014 +0100 Added new test testGetResourceAsStreamPositiveTest into ScriptEngineFactoryClassTest. diffstat: ChangeLog | 6 ++ src/org/RhinoTests/ScriptEngineFactoryClassTest.java | 60 ++++++++++++++++++++ 2 files changed, 66 insertions(+), 0 deletions(-) diffs (83 lines): diff -r 9a2ccd2993cb -r c7bc5728b4a1 ChangeLog --- a/ChangeLog Mon Mar 03 13:21:10 2014 +0100 +++ b/ChangeLog Tue Mar 04 11:42:00 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-04 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: + Added new test testGetResourceAsStreamPositiveTest into + ScriptEngineFactoryClassTest. + 2014-03-03 Pavel Tisnovsky * src/org/RhinoTests/CompiledScriptClassTest.java: diff -r 9a2ccd2993cb -r c7bc5728b4a1 src/org/RhinoTests/ScriptEngineFactoryClassTest.java --- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Mon Mar 03 13:21:10 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Tue Mar 04 11:42:00 2014 +0100 @@ -1787,6 +1787,66 @@ } /** + * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamNegativeTest() + */ + protected void testGetResourceAsStreamNegativeTest() { + Object stream = null; + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/Constants.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + /** * Test for instanceof operator applied to a class javax.script.ScriptEngineFactory */ @SuppressWarnings("cast") From jvanek at redhat.com Tue Mar 4 04:15:17 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 04 Mar 2014 13:15:17 +0100 Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times In-Reply-To: <20140303174255.GD2045@redhat.com> References: <20140228230710.GA18442@redhat.com> <53143491.7020802@redhat.com> <20140303174255.GD2045@redhat.com> Message-ID: <5315C3D5.4050102@redhat.com> On 03/03/2014 06:42 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-03 02:51]: >> On 03/01/2014 12:07 AM, Omair Majid wrote: >>> Hi, >>> >>> The attached patch is a fix for PR857. The idea is quite simple: make >>> sure UIManager.setLookAndFeel() is called at most once (and ideally >>> exactly once) before any UI is shown. >>> >>> There are a few code paths that can cause UIManager.setLookAndFell to be >>> invoked multiple times: >>> >>> - AboutDialog (only on entry from a class other than Boot) >>> - SecurityDialog >>> - PolicyEditor (only on entry from ControlPanel) >>> >>> CertificateViewer calls JNLPRuntime.initialize() which already calls >>> UIManager.setLookAndFeel. So I have removed the direct call from >>> CertificateViewer. >>> >>> Also, JNLPRuntime.initialize currently calls setLookAndFeel after >>> displaying a JavaConsole. This is alos fixed. >>> >>> Thoughts? >>> >> >> ouch, that an old one! >> >> >> However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff >> - (the confirmed one) is quite different, why so? > > For a couple of reasons: > - The reporter only tested one code path (the main plugin/javaws code > path) > - I went through more code this time and noticed more subtle issues, > including cases where setting the look and feel is completely > redundant. > >> Also " Don't set look and feel multiple times" do not sound proper >> to me, it is still set two times. > > I don't follow. It is set exactly once in (a shared code path) in the > case of plugins/javaws: in JNLPRuntime.initialize(). > >> Can't there be only one place to do so? > > No, unless you want to have exactly one entry point for icedtea-web that then selects what to run: > - javaws > - plugin > - about dialog > - controlpanel > - certificate viewer > - policy editor > >> I would rather log the exception. >> >> I would ratehr log this exception in debug only (default) =? >> - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); >> + OutputController.getLogger().log(e); > > Fixed. hmm. Then it is probably ok. If your conscience is clear, feel free to push. But I still can see: diff --git a/netx/net/sourceforge/jnlp/runtime/Boot.java b/netx/net/sourceforge/jnlp/runtime/Boot.java --- a/netx/net/sourceforge/jnlp/runtime/Boot.java +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java @@ -28,6 +28,8 @@ import java.util.List; import java.util.Map; +import javax.swing.UIManager; + import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.Launcher; import net.sourceforge.jnlp.ParserSettings; @@ -161,6 +163,11 @@ if (null != getOption("-headless")) { JNLPRuntime.exit(0); } else { + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } OutputController.getLogger().printOutLn(R("BLaunchAbout")); AboutDialog.display(); return; diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java @@ -195,6 +195,12 @@ public static void initialize(boolean isApplication) throws IllegalStateException { checkInitialized(); + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } + if (JavaConsole.canShowOnStartup(isApplication)) { JavaConsole.getConsole().showConsoleLater(); } It looks like duplication. Well it nitpicking to wont it unify somehow....Feel free to act as you wish. It probably just my personal issue that it looks nasty to me :) However - It really can not be set before for both in common?? Sorry for nitpicking. J. From jvanek at redhat.com Tue Mar 4 04:56:13 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 04 Mar 2014 13:56:13 +0100 Subject: [rfc][icedtea-web] Move all security dialogues' panels implementation into separate subpackage. In-Reply-To: <530DF32C.4040005@redhat.com> References: <530DF32C.4040005@redhat.com> Message-ID: <5315CD6D.7060600@redhat.com> On 02/26/2014 02:59 PM, Jiri Vanek wrote: > Move all security dialogues' panels implementation into separate subpackage. > > The dialogues are really multiplying, and the package of net/sourceforge/jnlp/security/ is overrun. > This refactoring is moving all implementations of security dialogues' panels into > net/sourceforge/jnlp/security/dialogues/ > > The only real change of code is > > > - protected void setValue(Object value) { > + public void setValue(Object value) { > OutputController.getLogger().log("Setting value:" + value); > this.value = value; > } > > in netx/net/sourceforge/jnlp/security/SecurityDialog.java > > Which seems tome better then move netx/net/sourceforge/jnlp/security/SecurityDialog.java to > netx/net/sourceforge/jnlp/security/dialogues/SecurityDialog.java > > If somebody cares, this patch is applicable also to 1.4 but backports to Panes are not common. Is > anybody for/against the refactoring of 1.4 too? > > Best regards from CZ > J. ping? The dialogues multiply.... Now I'm even in mode to move all AppTrustWarningPanel derived panels to separate subpackage too... J. From jvanek at redhat.com Tue Mar 4 05:02:59 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 04 Mar 2014 14:02:59 +0100 Subject: [rfc][icedtea-web] minor tests improvements - starTest and removed unused imports Message-ID: <5315CF03.5000003@redhat.com> AIS Although startests for base classes were presented, the test for matcher and plain star was missing. When the ALACA will be in, also this test will be enlarged for * and path. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: starTests.diff Type: text/x-patch Size: 2159 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/04a93398/starTests.diff From jvanek at redhat.com Tue Mar 4 06:56:15 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 04 Mar 2014 15:56:15 +0100 Subject: [rfc][icedtea-web] fixed AppTrustWarningPanel "hidding buttons" Message-ID: <5315E98F.1020108@redhat.com> Hi! The AppTrustWarningPanel have bad behavior when is getting smaller. The buttons hide under panel, which is adapted to page url width. This can be sometimes long. So buttons disappear always. On screenshois both bad (lower) and new version (upper). J. -------------- next part -------------- A non-text attachment was scrubbed... Name: fixedDialogue.patch Type: text/x-patch Size: 3338 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/7849a832/fixedDialogue-0001.patch -------------- next part -------------- A non-text attachment was scrubbed... Name: Screenshot.png Type: image/png Size: 95778 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/7849a832/Screenshot-0001.png From omajid at icedtea.classpath.org Tue Mar 4 07:35:45 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Tue, 04 Mar 2014 15:35:45 +0000 Subject: /hg/icedtea-web: PR857: Don't set look and feel multiple times Message-ID: changeset 07d7757eda0c in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=07d7757eda0c author: Omair Majid date: Tue Mar 04 10:35:17 2014 -0500 PR857: Don't set look and feel multiple times 2014-03-03 Omair Majid PR857 * netx/net/sourceforge/jnlp/about/AboutDialog.java (run): Do not set look and feel. * netx/net/sourceforge/jnlp/runtime/Boot.java (main) : Set look and feel before displaying dialog. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initialize): Set look and feel before any UI is created. * netx/net/sourceforge/jnlp/security/SecurityDialog.java (init): Do not set look and feel. (setSystemLookAndFeel): Removed. * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java (createInstance): Do not set look and feel. * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java (showCertificateViewer): Do not set look and feel. (setSystemLookAndFeel): Removed. diffstat: ChangeLog | 18 ++++++++++ netx/net/sourceforge/jnlp/about/AboutDialog.java | 5 -- netx/net/sourceforge/jnlp/runtime/Boot.java | 7 +++ netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 12 +++--- netx/net/sourceforge/jnlp/security/SecurityDialog.java | 13 ------- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 5 -- netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java | 9 ----- 7 files changed, 31 insertions(+), 38 deletions(-) diffs (164 lines): diff -r 3381129e3ae2 -r 07d7757eda0c ChangeLog --- a/ChangeLog Mon Mar 03 12:21:19 2014 -0500 +++ b/ChangeLog Tue Mar 04 10:35:17 2014 -0500 @@ -1,3 +1,21 @@ +2014-03-03 Omair Majid + + PR857 + * netx/net/sourceforge/jnlp/about/AboutDialog.java + (run): Do not set look and feel. + * netx/net/sourceforge/jnlp/runtime/Boot.java + (main) : Set look and feel before displaying dialog. + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java + (initialize): Set look and feel before any UI is created. + * netx/net/sourceforge/jnlp/security/SecurityDialog.java + (init): Do not set look and feel. + (setSystemLookAndFeel): Removed. + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java + (createInstance): Do not set look and feel. + * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java + (showCertificateViewer): Do not set look and feel. + (setSystemLookAndFeel): Removed. + 2014-03-03 Omair Majid PR1676 diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/about/AboutDialog.java --- a/netx/net/sourceforge/jnlp/about/AboutDialog.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/about/AboutDialog.java Tue Mar 04 10:35:17 2014 -0500 @@ -175,11 +175,6 @@ @Override public void run() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - } - layoutWindow(); ScreenFinder.centerWindowsToCurrentScreen(frame); frame.setVisible(true); diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/runtime/Boot.java --- a/netx/net/sourceforge/jnlp/runtime/Boot.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Tue Mar 04 10:35:17 2014 -0500 @@ -28,6 +28,8 @@ import java.util.List; import java.util.Map; +import javax.swing.UIManager; + import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.Launcher; import net.sourceforge.jnlp.ParserSettings; @@ -161,6 +163,11 @@ if (null != getOption("-headless")) { JNLPRuntime.exit(0); } else { + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } OutputController.getLogger().printOutLn(R("BLaunchAbout")); AboutDialog.display(); return; diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Tue Mar 04 10:35:17 2014 -0500 @@ -195,6 +195,12 @@ public static void initialize(boolean isApplication) throws IllegalStateException { checkInitialized(); + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + OutputController.getLogger().log("Unable to set system look and feel"); + } + if (JavaConsole.canShowOnStartup(isApplication)) { JavaConsole.getConsole().showConsoleLater(); } @@ -236,12 +242,6 @@ policy = new JNLPPolicy(); security = new JNLPSecurityManager(); // side effect: create JWindow - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); - } - doMainAppContextHacks(); if (securityEnabled) { diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Tue Mar 04 10:35:17 2014 -0500 @@ -216,8 +216,6 @@ } private void initDialog() { - setSystemLookAndFeel(); - String dialogTitle = ""; if (dialogType == DialogType.CERT_WARNING) { if (accessType == AccessType.VERIFIED) @@ -346,17 +344,6 @@ super.dispose(); } - /** - * Updates the look and feel of the window to be the system look and feel - */ - protected void setSystemLookAndFeel() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - //don't worry if we can't. - } - } - private final List listeners = new CopyOnWriteArrayList(); /** diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Tue Mar 04 10:35:17 2014 -0500 @@ -917,11 +917,6 @@ } public static PolicyEditor createInstance(final String filepath) { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (final Exception e) { - // not really important, so just ignore - } return new PolicyEditor(filepath); } diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java --- a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java Mon Mar 03 12:21:19 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java Tue Mar 04 10:35:17 2014 -0500 @@ -100,7 +100,6 @@ public static void showCertificateViewer() throws Exception { JNLPRuntime.initialize(true); - setSystemLookAndFeel(); CertificateViewer cv = new CertificateViewer(); cv.setResizable(true); @@ -109,14 +108,6 @@ cv.dispose(); } - private static void setSystemLookAndFeel() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - // don't worry if we can't. - } - } - public static void main(String[] args) throws Exception { CertificateViewer.showCertificateViewer(); } From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 07:36:00 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 15:36:00 +0000 Subject: [Bug 857] gtk look and feel setting causes javaws to hang if accessibility used In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=857 --- Comment #11 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea-web?cmd=changeset;node=07d7757eda0c author: Omair Majid date: Tue Mar 04 10:35:17 2014 -0500 PR857: Don't set look and feel multiple times 2014-03-03 Omair Majid PR857 * netx/net/sourceforge/jnlp/about/AboutDialog.java (run): Do not set look and feel. * netx/net/sourceforge/jnlp/runtime/Boot.java (main) : Set look and feel before displaying dialog. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initialize): Set look and feel before any UI is created. * netx/net/sourceforge/jnlp/security/SecurityDialog.java (init): Do not set look and feel. (setSystemLookAndFeel): Removed. * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java (createInstance): Do not set look and feel. * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java (showCertificateViewer): Do not set look and feel. (setSystemLookAndFeel): Removed. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/df2e0dcd/attachment.html From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 08:01:00 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 16:01:00 +0000 Subject: [Bug 1652] Fatal: Read Error: Could not read or parse the JNLP file. In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1652 Omair Majid changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WORKSFORME --- Comment #3 from Omair Majid --- Since this works in HEAD already, closing as WORKSFORME. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/e415e079/attachment.html From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 08:05:07 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 16:05:07 +0000 Subject: [Bug 1606] jnlp href value stripped of url parameters In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1606 Omair Majid changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|omajid at redhat.com |jvanek at redhat.com -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/39075d29/attachment.html From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 08:09:22 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 16:09:22 +0000 Subject: [Bug 1614] javaws fails on special character in jnlp In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1614 --- Comment #3 from Omair Majid --- (In reply to Thomas Taylor from comment #0) > Tried to play on ecribbage.com from Ubuntu and could not. Problem seems to > be with special line-break codes in the jnlp file. Yeah, & is used to start entities in XML. This file is malformed XML. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/2ac11f7a/attachment.html From aazores at icedtea.classpath.org Tue Mar 4 08:11:03 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Tue, 04 Mar 2014 16:11:03 +0000 Subject: /hg/icedtea-web: AppTrustWarningPanel buttons made more flexible Message-ID: changeset d8407ab3635c in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d8407ab3635c author: Andrew Azores date: Tue Mar 04 11:10:51 2014 -0500 AppTrustWarningPanel buttons made more flexible * netx/net/sourceforge/jnlp/resources/Messages.properties: (SAppletTitle) new message * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: (buttons) new list of UI buttons. (getAllowButton, getRejectButton, addComponents) made final. (createButtonPanel) uses list of buttons rather than hardcoded. (helpButton) action made configurable. diffstat: ChangeLog | 10 + netx/net/sourceforge/jnlp/resources/Messages.properties | 1 + netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java | 82 +++++++---- 3 files changed, 60 insertions(+), 33 deletions(-) diffs (181 lines): diff -r 07d7757eda0c -r d8407ab3635c ChangeLog --- a/ChangeLog Tue Mar 04 10:35:17 2014 -0500 +++ b/ChangeLog Tue Mar 04 11:10:51 2014 -0500 @@ -1,3 +1,13 @@ +2014-03-04 Andrew Azores + + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (SAppletTitle) new message + * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: + (buttons) new list of UI buttons. (getAllowButton, getRejectButton, + addComponents) made final. + (createButtonPanel) uses list of buttons rather than hardcoded. + (helpButton) action made configurable. + 2014-03-03 Omair Majid PR857 diff -r 07d7757eda0c -r d8407ab3635c netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 04 10:35:17 2014 -0500 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 04 11:10:51 2014 -0500 @@ -264,6 +264,7 @@ SNotAllSignedQuestion=Do you wish to proceed and run this application anyway? SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}" SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. +SAppletTitle=Applet title: {0} # Security - used for the More Information dialog SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. diff -r 07d7757eda0c -r d8407ab3635c netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Tue Mar 04 10:35:17 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Tue Mar 04 11:10:51 2014 -0500 @@ -46,6 +46,8 @@ import java.awt.GridLayout; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; +import java.util.ArrayList; +import java.util.List; import javax.swing.BorderFactory; import javax.swing.BoxLayout; @@ -60,7 +62,6 @@ import javax.swing.SwingConstants; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; import net.sourceforge.jnlp.util.ScreenFinder; @@ -111,16 +112,17 @@ protected int INFO_PANEL_HINT_HEIGHT = 25; protected int QUESTION_PANEL_HEIGHT = 35; - private JButton allowButton; - private JButton rejectButton; - private JButton helpButton; - private JCheckBox permanencyCheckBox; - private JRadioButton applyToAppletButton; - private JRadioButton applyToCodeBaseButton; + protected List buttons; + protected JButton allowButton; + protected JButton rejectButton; + protected JButton helpButton; + protected JCheckBox permanencyCheckBox; + protected JRadioButton applyToAppletButton; + protected JRadioButton applyToCodeBaseButton; protected JNLPFile file; - private ActionChoiceListener actionChoiceListener; + protected ActionChoiceListener actionChoiceListener; /* * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor! @@ -128,6 +130,20 @@ public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) { this.file = file; this.actionChoiceListener = actionChoiceListener; + this.buttons = new ArrayList(); + + allowButton = new JButton(R("ButProceed")); + rejectButton = new JButton(R("ButCancel")); + helpButton = new JButton(R("APPEXTSECguiPanelHelpButton")); + + allowButton.addActionListener(chosenActionSetter(true)); + rejectButton.addActionListener(chosenActionSetter(false)); + + helpButton.addActionListener(getHelpButtonAction()); + + buttons.add(allowButton); + buttons.add(rejectButton); + buttons.add(helpButton); } /* @@ -151,15 +167,26 @@ */ protected abstract String getQuestionPanelText(); - public JButton getAllowButton() { + public final JButton getAllowButton() { return allowButton; } - public JButton getRejectButton() { + public final JButton getRejectButton() { return rejectButton; } - protected static String htmlWrap(String text) { + protected ActionListener getHelpButtonAction() { + return new ActionListener() { + + public void actionPerformed(ActionEvent e) { + JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue"); + ScreenFinder.centerWindowsToCurrentScreen(d); + d.setVisible(true); + } + }; + } + + protected static final String htmlWrap(String text) { return "" + text + ""; } @@ -180,11 +207,16 @@ } private void setupInfoPanel() { + String titleText = R("SAppletTitle", file.getTitle()); + JLabel titleLabel = new JLabel(titleText); + titleLabel.setFont(new Font(titleLabel.getFont().getName(), Font.BOLD, 18)); + String infoLabelText = getInfoPanelText(); - int panelHeight = INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT; + JLabel infoLabel = new JLabel(infoLabelText); - JLabel infoLabel = new JLabel(infoLabelText); + int panelHeight = titleLabel.getHeight() + INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT; JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(titleLabel, BorderLayout.PAGE_START); infoPanel.add(infoLabel, BorderLayout.CENTER); infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight)); infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); @@ -237,25 +269,9 @@ private JPanel createButtonPanel() { JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - allowButton = new JButton(R("ButProceed")); - rejectButton = new JButton(R("ButCancel")); - helpButton = new JButton(R("APPEXTSECguiPanelHelpButton")); - - allowButton.addActionListener(chosenActionSetter(true)); - rejectButton.addActionListener(chosenActionSetter(false)); - - helpButton.addActionListener(new ActionListener() { - - public void actionPerformed(ActionEvent e) { - JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue"); - ScreenFinder.centerWindowsToCurrentScreen(d); - d.setVisible(true); - } - }); - - buttonPanel.add(allowButton); - buttonPanel.add(rejectButton); - buttonPanel.add(helpButton); + for (final JButton button : buttons) { + buttonPanel.add(button); + } buttonPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 10, 10)); @@ -280,7 +296,7 @@ * Creates the actual GUI components, and adds it to this panel. This should be called by all subclasses * IMMEDIATELY after calling the super() constructor! */ - protected void addComponents() { + protected final void addComponents() { setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); setupTopPanel(); From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 08:49:22 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 16:49:22 +0000 Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test within eclipse In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689 Andrew Haley changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aph at redhat.com --- Comment #2 from Andrew Haley --- It seems to me that you are using a jarfile that contains classes for system objects (e.g. java.lang.String) that is not compatible with OpenJDK. -Xbootclasspath:/home/marc/android-sdks/platforms/android-15/android.jar -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/e0ea1c81/attachment.html From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 09:26:56 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 17:26:56 +0000 Subject: [Bug 1625] Dell iDRAC virtual console: icedtea does not find trusted.certs and trusted.jssecerts (fails to look into ~/.icedtea/security) In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1625 Omair Majid changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|omajid at redhat.com |jvanek at redhat.com -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/776c21cd/attachment.html From bugzilla-daemon at icedtea.classpath.org Tue Mar 4 09:28:03 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 04 Mar 2014 17:28:03 +0000 Subject: [Bug 1583] XML Parse error? In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1583 Omair Majid changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|omajid at redhat.com |jvanek at redhat.com -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/b894729f/attachment.html From aazores at redhat.com Tue Mar 4 14:07:09 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:07:09 -0500 Subject: [rfc][icedtea-web] New PartiallySigned Dialog Message-ID: <53164E8D.90101@redhat.com> Hi, This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it uses the same remembered action storage and has the same general look and feel. This dialog also has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which allows partially signed ones to also be run with only sandbox permissions. Some more security info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a new Help text for this dialog, but this can be written up separately IMO. Right now it will just display the same Help as the Unsigned dialog. ChangeLog: Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. Also includes a Sandbox button. * netx/net/sourceforge/jnlp/resources/Messages.properties: (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet, LPartiallySignedAppletUserDenied) new messages * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Logic added for displaying new PartiallySigned dialog. (showNotAllSignedDialog) removed. (getSigningState) new method. (promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for SecurityDelegate. * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: (partiallySigned) new method * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: (chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet title made overrideable by subclasses * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING) renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING) renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed. (showPartiallySignedWarningDialog) new method * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: Added Sandbox action * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: (checkPartiallySignedWithUserIfRequired) new method * tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java: test now passes since dialog will not appear if applet security is set to Low. KnownToFail removed. * tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java: same * netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java: new class * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: deleted in favour of PartiallySignedAppTrustWarningPanel Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: partially-signed-dialog.patch Type: text/x-patch Size: 36956 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/c8201b95/partially-signed-dialog-0001.patch From aazores at redhat.com Tue Mar 4 14:12:38 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:12:38 -0500 Subject: [rfc][icedtea-web] fixed AppTrustWarningPanel "hidding buttons" In-Reply-To: <5315E98F.1020108@redhat.com> References: <5315E98F.1020108@redhat.com> Message-ID: <53164FD6.7060906@redhat.com> On 03/04/2014 09:56 AM, Jiri Vanek wrote: > Hi! > > The AppTrustWarningPanel have bad behavior when is getting smaller. > The buttons hide under panel, which is adapted to page url width. This > can be sometimes long. So buttons disappear always. > > On screenshois both bad (lower) and new version (upper). > > J. Is the last hunk of the patch (new main method) supposed to be there... ? Otherwise, looks good to me. Thanks, -- Andrew A From aazores at redhat.com Tue Mar 4 14:14:13 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:14:13 -0500 Subject: [rfc][icedtea-web] minor tests improvements - starTest and removed unused imports In-Reply-To: <5315CF03.5000003@redhat.com> References: <5315CF03.5000003@redhat.com> Message-ID: <53165035.4010804@redhat.com> On 03/04/2014 08:02 AM, Jiri Vanek wrote: > AIS > > Although startests for base classes were presented, the test for > matcher and plain star was missing. When the ALACA will be in, also > this test will be enlarged for * and path. > > J. Looks fine. Thanks, -- Andrew A From aazores at redhat.com Tue Mar 4 14:20:09 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:20:09 -0500 Subject: [rfc][icedtea-web] Move all security dialogues' panels implementation into separate subpackage. In-Reply-To: <530DF32C.4040005@redhat.com> References: <530DF32C.4040005@redhat.com> Message-ID: <53165199.30101@redhat.com> On 02/26/2014 08:59 AM, Jiri Vanek wrote: > Move all security dialogues' panels implementation into separate > subpackage. > > The dialogues are really multiplying, and the package of > net/sourceforge/jnlp/security/ is overrun. > This refactoring is moving all implementations of security dialogues' > panels into net/sourceforge/jnlp/security/dialogues/ Yea, this is a good idea. Nit: it should be "dialogs", not "dialogues". Dialog is for windows that pop up prompting you for stuff, Dialogue means actual conversation between people ;) > > The only real change of code is > > > - protected void setValue(Object value) { > + public void setValue(Object value) { > OutputController.getLogger().log("Setting value:" + value); > this.value = value; > } > > in netx/net/sourceforge/jnlp/security/SecurityDialog.java > > Which seems tome better then move > netx/net/sourceforge/jnlp/security/SecurityDialog.java to > netx/net/sourceforge/jnlp/security/dialogues/SecurityDialog.java Seems fine to me. > > If somebody cares, this patch is applicable also to 1.4 but backports > to Panes are not common. Is anybody for/against the refactoring of 1.4 > too? > > Best regards from CZ > J. I don't see much point to it, but if you or anyone else want to do it then go ahead I suppose. I'll call this OK to push when the newest added classes are also taken into account, and preferably you change the new subpackage name as well. Unfortunately I just sent another new dialog out for review before getting to this, so that one isn't in the new subpackage either. Thanks, -- Andrew A From aazores at redhat.com Tue Mar 4 14:22:05 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:22:05 -0500 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <530CCFE4.2040008@redhat.com> References: <530CCFE4.2040008@redhat.com> Message-ID: <5316520D.9020705@redhat.com> On 02/25/2014 12:16 PM, Jiri Vanek wrote: > AIS > > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions > > > Please, any reviewer, read the specification. It appeared to be tricky > to transform its spoken language to algorithm... Well at least default > was specified without fog :( > > Thanx for any comments! > J. > > not sure how with unittests, but reproducers are on the way... Are you just looking for additional help figuring out what the spec is trying to define? Or was a patch forgotten here? Thanks, -- Andrew A From aazores at redhat.com Tue Mar 4 14:22:58 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:22:58 -0500 Subject: [rfc][icedtea-web] have bash in shebang instead of sh or get rid of bashism In-Reply-To: <530E0C94.6070606@redhat.com> References: <530E0C94.6070606@redhat.com> Message-ID: <53165242.9000308@redhat.com> On 02/26/2014 10:47 AM, Jiri Vanek wrote: > After short discussion with Omair, we agreed that this > > http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 > > > IS probably better then get rid of bashism completely. > > So I would like to forward-port this patch to head. > > ok? Fine by me. Thanks, -- Andrew A From aazores at redhat.com Tue Mar 4 14:26:37 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 04 Mar 2014 17:26:37 -0500 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <5304C60C.5070608@redhat.com> References: <5304C60C.5070608@redhat.com> Message-ID: <5316531D.7010304@redhat.com> On 02/19/2014 09:56 AM, Jiri Vanek wrote: > hi! > > As java abrt connector is sending quite good reports, the url, on > which I can reproduce the issue is missing. So always my first > question in bug is "may you please post url" ? > > Also java connector is printing out system properties. So it crossed > my mind to store the launched jnlps/htmls for this usage. I have quite > mixed feelings about it but do not have it makes java-abrt-connector a > bit useless (users donot care to much about auto generated bugs) > - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 > > This needs also some more work on java-abrt-conenctor - see > https://github.com/jfilak/abrt-java-connector/issues/34 > > J. I like the intent behind the patch but I don't know if I really like using system properties for this :/ not that I have any better ideas off the top of my head. But this just does not seem to me like what the properties are meant to be used for. It seems like nobody else is chiming in with any better ideas, and you're right that the automatic bug reports are a little bit useless without something like this, so if you have no better implementations in mind then I suppose this will have to suffice. Thanks, -- Andrew A From jvanek at redhat.com Wed Mar 5 06:19:46 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 15:19:46 +0100 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <5316531D.7010304@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> Message-ID: <53173282.7020401@redhat.com> On 03/04/2014 11:26 PM, Andrew Azores wrote: > On 02/19/2014 09:56 AM, Jiri Vanek wrote: >> hi! >> >> As java abrt connector is sending quite good reports, the url, on which I can reproduce the issue is missing. So always my first question in bug is "may you please post url" ? >> >> Also java connector is printing out system properties. So it crossed my mind to store the launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs) >> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >> >> This needs also some more work on java-abrt-conenctor - see https://github.com/jfilak/abrt-java-connector/issues/34 >> >> J. > > I like the intent behind the patch but I don't know if I really like using system properties for this :/ I'm not sure with them too:( > not that I have any better ideas off the top of my head. The abrt agent can actually do anything. My another idea is to store it in some static (private) variable. The whitleist in issue 34 will then be package.class fieldName > But this just does not seem to me like what the properties are meant to be used for. Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read properties, will be able to spy history. I have commented also https://github.com/jfilak/abrt-java-connector/issues/34 > It seems like nobody else is chiming in with any better ideas, and you're right that the automatic bug reports are a little bit useless without something like this, so if you have no better implementations in mind then I suppose this will have to suffice. What do you thnk about this approach? (otherwise it will be same) Thank you! J. From jvanek at redhat.com Wed Mar 5 06:22:18 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 15:22:18 +0100 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <5316520D.9020705@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> Message-ID: <5317331A.90405@redhat.com> On 03/04/2014 11:22 PM, Andrew Azores wrote: > On 02/25/2014 12:16 PM, Jiri Vanek wrote: >> AIS >> >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions >> >> Please, any reviewer, read the specification. It appeared to be tricky to transform its spoken language to algorithm... Well at least default was specified without fog :( >> >> Thanx for any comments! >> J. >> >> not sure how with unittests, but reproducers are on the way... > > Are you just looking for additional help figuring out what the spec is trying to define? Or was a patch forgotten here? > Crap. Sorry. Forgot to attach aptch :( -------------- next part -------------- A non-text attachment was scrubbed... Name: permissionAttribute_01.patch Type: text/x-patch Size: 15350 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/5956aa4e/permissionAttribute_01-0001.patch From aazores at redhat.com Wed Mar 5 06:16:07 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 09:16:07 -0500 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <53173282.7020401@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> Message-ID: <531731A7.6000006@redhat.com> On 03/05/2014 09:19 AM, Jiri Vanek wrote: > On 03/04/2014 11:26 PM, Andrew Azores wrote: >> On 02/19/2014 09:56 AM, Jiri Vanek wrote: >>> hi! >>> >>> As java abrt connector is sending quite good reports, the url, on >>> which I can reproduce the issue is missing. So always my first >>> question in bug is "may you please post url" ? >>> >>> Also java connector is printing out system properties. So it crossed >>> my mind to store the launched jnlps/htmls for this usage. I have >>> quite mixed feelings about it but do not have it makes >>> java-abrt-connector a bit useless (users donot care to much about >>> auto generated bugs) >>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >>> >>> This needs also some more work on java-abrt-conenctor - see >>> https://github.com/jfilak/abrt-java-connector/issues/34 >>> >>> J. >> >> I like the intent behind the patch but I don't know if I really like >> using system properties for this :/ > > I'm not sure with them too:( > > > not that I have any better ideas off the top of my head. > > The abrt agent can actually do anything. My another idea is to store > it in some static (private) variable. The whitleist in issue 34 will > then be package.class fieldName I didn't know that this would be an option. This sounds much, much better to me. > > > But this just does not seem to me like what the properties are meant > to be used for. > > Agree. And my concern is that with this, *maybe* (but probably) all > appelts which can read properties, will be able to spy history. Yea, and this is really not a good mechanism to be providing. > > I have commented also > https://github.com/jfilak/abrt-java-connector/issues/34 >> It seems like nobody else is chiming in with any better ideas, and >> you're right that the automatic bug reports are a little bit useless >> without something like this, so if you have no better implementations >> in mind then I suppose this will have to suffice. > > What do you thnk about this approach? (otherwise it will be same) > Thank you! > > J. Thanks, -- Andrew A From jvanek at redhat.com Wed Mar 5 06:29:09 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 15:29:09 +0100 Subject: [rfc][icedtea-web] have bash in shebang instead of sh or get rid of bashism In-Reply-To: <53165242.9000308@redhat.com> References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com> Message-ID: <531734B5.9040105@redhat.com> On 03/04/2014 11:22 PM, Andrew Azores wrote: > On 02/26/2014 10:47 AM, Jiri Vanek wrote: >> After short discussion with Omair, we agreed that this >> >> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 >> >> IS probably better then get rid of bashism completely. >> >> So I would like to forward-port this patch to head. >> >> ok? > > Fine by me. > > Thanks, > Thanx. Pushed. The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect windows. Actually I have no idea how windows are building ITW :( J. From aazores at redhat.com Wed Mar 5 06:21:58 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 09:21:58 -0500 Subject: [rfc][icedtea-web] have bash in shebang instead of sh or get rid of bashism In-Reply-To: <531734B5.9040105@redhat.com> References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com> <531734B5.9040105@redhat.com> Message-ID: <53173306.6000906@redhat.com> On 03/05/2014 09:29 AM, Jiri Vanek wrote: > On 03/04/2014 11:22 PM, Andrew Azores wrote: >> On 02/26/2014 10:47 AM, Jiri Vanek wrote: >>> After short discussion with Omair, we agreed that this >>> >>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 >>> >>> >>> IS probably better then get rid of bashism completely. >>> >>> So I would like to forward-port this patch to head. >>> >>> ok? >> >> Fine by me. >> >> Thanks, >> > > Thanx. Pushed. > > The configure check for /bin/bash is needed for .configure now. But > I'm not sure how it will affect windows. Actually I have no idea how > windows are building ITW :( > > J. > Probably with Cygwin or something, I'd guess? Thanks, -- Andrew A From jvanek at redhat.com Wed Mar 5 06:35:34 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 15:35:34 +0100 Subject: [rfc][icedtea-web] fixed AppTrustWarningPanel "hidding buttons" In-Reply-To: <53164FD6.7060906@redhat.com> References: <5315E98F.1020108@redhat.com> <53164FD6.7060906@redhat.com> Message-ID: <53173636.8020505@redhat.com> On 03/04/2014 11:12 PM, Andrew Azores wrote: > On 03/04/2014 09:56 AM, Jiri Vanek wrote: >> Hi! >> >> The AppTrustWarningPanel have bad behavior when is getting smaller. The buttons hide under panel, which is adapted to page url width. This can be sometimes long. So buttons disappear always. >> >> On screenshois both bad (lower) and new version (upper). >> >> J. > > Is the last hunk of the patch (new main method) supposed to be there... ? Otherwise, looks good to me. Yes, it was. Pushed. Thanx! J. From jvanek at icedtea.classpath.org Wed Mar 5 06:39:16 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Wed, 05 Mar 2014 14:39:16 +0000 Subject: /hg/icedtea-web: 3 new changesets Message-ID: changeset 6334973af853 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=6334973af853 author: Jiri Vanek date: Wed Mar 05 15:27:53 2014 +0100 Use bash as shebang in launchers.in changeset 01e20acaf6af in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=01e20acaf6af author: Jiri Vanek date: Wed Mar 05 15:34:24 2014 +0100 added test for plain * in ClasspathMatcher.ClasspathMatchers.compile() changeset 907fe0c8a3fa in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=907fe0c8a3fa author: Jiri Vanek date: Wed Mar 05 15:43:03 2014 +0100 Fixed layout of AppTrustWarningPanel so buttons do not disappear under radioboxes. diffstat: ChangeLog | 18 ++++++++++ launcher/launchers.in | 2 +- netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java | 13 +++--- netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java | 12 ++++++ tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java | 15 ++------ tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java | 9 +++++ 6 files changed, 51 insertions(+), 18 deletions(-) diffs (156 lines): diff -r d8407ab3635c -r 907fe0c8a3fa ChangeLog --- a/ChangeLog Tue Mar 04 11:10:51 2014 -0500 +++ b/ChangeLog Wed Mar 05 15:43:03 2014 +0100 @@ -1,3 +1,21 @@ +2014-03-05 Jiri Vanek + + * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: fixed + layout so buttons do not disappear under radioboxes. + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: + added testable main method. + +2014-03-05 Jiri Vanek + + * tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: + removed unused imports + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: + added test for plain * in ClasspathMatcher.ClasspathMatchers.compile() + +2014-03-05 Matthias Klose + + * launcher/launchers.in: Use bash as shebang. + 2014-03-04 Andrew Azores * netx/net/sourceforge/jnlp/resources/Messages.properties: diff -r d8407ab3635c -r 907fe0c8a3fa launcher/launchers.in --- a/launcher/launchers.in Tue Mar 04 11:10:51 2014 -0500 +++ b/launcher/launchers.in Wed Mar 05 15:43:03 2014 +0100 @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash JAVA=@JAVA@ LAUNCHER_BOOTCLASSPATH=@LAUNCHER_BOOTCLASSPATH@ diff -r d8407ab3635c -r 907fe0c8a3fa netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Tue Mar 04 11:10:51 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Wed Mar 05 15:43:03 2014 +0100 @@ -237,7 +237,7 @@ } private JPanel createMatchOptionsPanel() { - JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.LEFT)); ButtonGroup group = new ButtonGroup(); applyToAppletButton = new JRadioButton(R("SRememberAppletOnly")); @@ -257,11 +257,12 @@ } private JPanel createCheckBoxPanel() { - JPanel checkBoxPanel = new JPanel(new FlowLayout(FlowLayout.LEFT)); + JPanel checkBoxPanel = new JPanel(new BorderLayout()); permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption"))); permanencyCheckBox.addActionListener(permanencyListener()); - checkBoxPanel.add(permanencyCheckBox); + checkBoxPanel.setBorder(BorderFactory.createEmptyBorder(0, 15, 0, 0)); + checkBoxPanel.add(permanencyCheckBox, BorderLayout.SOUTH); return checkBoxPanel; } @@ -282,11 +283,11 @@ private void setupButtonAndCheckBoxPanel() { JPanel outerPanel = new JPanel(new BorderLayout()); JPanel rememberPanel = new JPanel(new GridLayout(2 /*rows*/, 1 /*column*/)); - rememberPanel.add(createCheckBoxPanel()); rememberPanel.add(createMatchOptionsPanel()); - rememberPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + rememberPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); - outerPanel.add(rememberPanel, BorderLayout.WEST); + outerPanel.add(createCheckBoxPanel(), BorderLayout.WEST); + outerPanel.add(rememberPanel, BorderLayout.SOUTH); outerPanel.add(createButtonPanel(), BorderLayout.EAST); add(outerPanel); diff -r d8407ab3635c -r 907fe0c8a3fa netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java Tue Mar 04 11:10:51 2014 -0500 +++ b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java Wed Mar 05 15:43:03 2014 +0100 @@ -36,9 +36,12 @@ package net.sourceforge.jnlp.security; +import java.awt.BorderLayout; +import java.net.URL; import static net.sourceforge.jnlp.runtime.Translator.R; import javax.swing.ImageIcon; +import javax.swing.JFrame; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; @@ -90,5 +93,14 @@ protected String getQuestionPanelText() { return htmlWrap(R(getQuestionPanelTextKey())); } + + public static void main(String[] args) throws Exception { + UnsignedAppletTrustWarningPanel w = new UnsignedAppletTrustWarningPanel(new JNLPFile(new URL("http://www.geogebra.org/webstart/geogebra.jnlp")), null); + JFrame f = new JFrame(); + f.setSize(600, 400); + f.add(w, BorderLayout.CENTER); + f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + f.setVisible(true); + } } diff -r d8407ab3635c -r 907fe0c8a3fa tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java Tue Mar 04 11:10:51 2014 -0500 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java Wed Mar 05 15:43:03 2014 +0100 @@ -1,24 +1,17 @@ package net.sourceforge.jnlp.security; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; - import java.net.URL; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; - import javax.swing.JButton; - import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.PluginParameters; -import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; -import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; -import net.sourceforge.jnlp.tools.JarCertVerifier; - +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; import org.junit.BeforeClass; import org.junit.Test; diff -r d8407ab3635c -r 907fe0c8a3fa tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Tue Mar 04 11:10:51 2014 -0500 +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Wed Mar 05 15:43:03 2014 +0100 @@ -556,4 +556,13 @@ Assert.assertFalse(cps2.matches(new URL("http://bb.cz"))); } + + @Test + public void testStar() throws MalformedURLException { + ClasspathMatchers cps1 = ClasspathMatcher.ClasspathMatchers.compile("*"); + Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/something/at.some"))); + Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/something/at"))); + Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/"))); + Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher"))); + } } From aazores at redhat.com Wed Mar 5 07:02:16 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 10:02:16 -0500 Subject: [rfc][icedtea-web] implemented Application-Library-Allowable-Codebase Attribute In-Reply-To: <530F71CF.4040207@redhat.com> References: <530F71CF.4040207@redhat.com> Message-ID: <53173C78.5050204@redhat.com> On 02/27/2014 12:11 PM, Jiri Vanek wrote: > hi! > > Implementation of - Application-Library-Allowable-Codebase Attribute. > Well it grow a bit. > > The implementation itself, is as straightforward as terrible > "specification" allowed (please reviwer, study the specification too:( ) > > However, many workarounds were needed: > > * netx/net/sourceforge/jnlp/JNLPFile.java and > netx/net/sourceforge/jnlp/util/ClasspathMatcher.java : It appeared, > that this attribute honors path in pattern. Luckily the matcher was > prepared for it, and now it is just conditionally enabled. > > * dialogues - still the same with one detail - the remember option do > not work. I'm not sure if I wont to use already implemented whitelist > from Extended Applets Security... Well why not? Becasue all alowed > appelts will be able to run rmeote context...But well.. why not? If I > will reuse it, then MatchingALACAttributePanel will be reworked. Are you talking about using AppTrustWarningPanel? ;) > > * netx/net/sourceforge/jnlp/util/UrlUtils.java - this was most unlucky > - two new utility methods - to remove name filename from url path, and > to compare urls no meter if there is tailing slash. > - the exctraction of name is for puposes to find the uri of its > location, which is then matched against attribute > - the comparison without tailing slash is not so clear - There is > only one suecase of it : > > + if (usedUrls.size() == 1) { > + if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new > URL[]{})[0], codebase) > + && > UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], > documentBase)) { > + //all resoources are from codebase or document base. > it is ok to proceeed. > + OutputController.getLogger().log("All applications > resources (" + usedUrls.toArray(new URL[]{})[0] + ") are from > codebas/documentbase " + codebase + "/" + documentBase + ", skipping > Application-Library-Allowable-Codebase Attribute check."); > + return; > + } > + } > > > It happened that different applications have or have not the trailing > slash On codebase and so the implementation of removeFileName was > burdened by keep trailing slash or not. This is workarround. > > Nit here: why "new URL[]{}" ? Why not "new URL[0]" ? > > *however* I'm a hesitating how to deal with it in Matcher. I adapted > it (if compare of paths is true) that some.url/some/path matches both > some.url/some/path/ and some.url/some/path, but some.url/some/path/ do > not match some.url/some/path (matches only some.url/some/path/) > I consider it as lowest evil....:( > > All should be unittested as much as possible. > I'm still taking deep breath before doing reproducers for both this > and permissions. > > > Thanx in advance, > J. Rest of comments here: Messages.properties: > # missing Application-Library-Allowable-Codebase dialogue > ALACAMissingMainTitle=Application {0} \ > form codebase {1} is missing the > Application-Library-Allowable-Codebase attribute. \ > The resources this applications is opening are from remote > locations:
{2}
Are you sure to run this application to? "This application uses resources from the following remote locations: {2} Are you sure you want to run this application?" > ALACAMissingInfo=For more information you can visit:
\ > href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> > \ > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library >
\ > and
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > \ > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html > # matching Application-Library-Allowable-Codebase dialogue > ALACAMatchingMainTitle=Application {0} \ > form codebase {1} is requiring valid > resources from different locations:
{2}
\ > Those resources are expected to be loaded. Do you agree to run this > application? > ALACAMatchingInfo=For more information you can visit:
\ > href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> > \ > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library >
\ > and
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > \ > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html JNLPClassLoader: > //do this check for unsigned apps? imho yes > //if > (security.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)){ > // return; /*when app isnot signed, then skip this check*/ > //} Why should we do this check for unsigned? The spec specifies it's for "signed RIAs", and I don't think it's necessary to enforce it for unsigned. Partially signed is questionable. Anyway, this check would be better if it used the "signing" field instead, which has type SigningState and is meant for exactly this kind of check. There's also the new SecurityDelegate inner class (which was added after you sent this patch, I know), and maybe this whole method or at least large parts of it should be inside there instead. > + URL documentBase = null; > + if (file instanceof PluginBridge) { > + documentBase = ((PluginBridge) file).getSourceLocation(); > + } > + if (documentBase == null) { > + documentBase = file.getCodeBase(); > + } URL documentBase; if (file instanceof PluginBridge) { documentBase = ((PluginBridge) file).getSourceLocation(); } else { documentBase = file.getCodeBase(); } This would be preferable, no? > + for (int i = 0; i < resourcesDescs.length; i++) { > + ResourcesDesc resourcesDesc = resourcesDescs[i]; > + for (int j = 0; j < ex.length; j++) { > + ExtensionDesc extensionDesc = ex[j]; > + for (int k = 0; k < jars.length; k++) { > + JARDesc jarDesc = jars[k]; Why not use for-each loops? > + ExtensionDesc[] ex = resourcesDesc.getExtensions(); > + if (ex != null) { > + JARDesc[] jars = resourcesDesc.getJARs(); > + if (jars != null) { I think the null checks here are over-defensive. These methods appear to be designed to return empty arrays if there is no matching resource, not null. > + if (att == null) { > + int a = > SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), > documentBase, usedUrls); > + if (a != 0) { I'll come back to this later... > + throw new LaunchException("The application is using > resources from elsewhere then its base is, have missing > Application-Library-Allowable-Codebase attribute and you forbifd it to > run"); "The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user" Should these new LaunchException explanations not go in Messages.properties? > + throw new LaunchException("The resource from " + > foundUrl + " do not have any match in > Application-Library-Allowable-Codebase Attribute " + att + ". Thats > fatal"); "The resource from " + foundUrl + " does not match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running." > + throw new LaunchException("The application is using > resources from elsewhere then its base is which are matching > Application-Library-Allowable-Codebase attribute but you forbifd it > to run"); "The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." MatchingALACAttributePanel and MissingALACAttributePanel: Why do these need main methods? Can you make an abstract parent class and have them subclass it? It seems like most of the code is shared. SecurityDialogs: > + public static int showMissingALACAttributePanel(String title, > URL codeBase, Set remoteUrls) { > + > + if (!shouldPromptUser()) { > + return 1; > + } > + > + SecurityDialogMessage message = new SecurityDialogMessage(); > + message.dialogType = DialogType.MISSING_ALACA; > + message.extras = new Object[]{title, codeBase.toString(), > UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; > + Object selectedValue = getUserResponse(message); > + > + // result 0 = Yes, 1 = No > + if (selectedValue instanceof Integer) { > + // If the selected value can be cast to Integer, use that > value > + return ((Integer) selectedValue).intValue(); > + } else { > + // Otherwise default to "no" > + return 1; > + } > + } > + > + public static int showMatchingALACAttributePanel(String title, > URL codeBase, Set remoteUrls) { > + > + if (!shouldPromptUser()) { > + return 1; > + } > + > + SecurityDialogMessage message = new SecurityDialogMessage(); > + message.dialogType = DialogType.MATCHING_ALACA; > + message.extras = new Object[]{title, codeBase.toString(), > UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; > + Object selectedValue = getUserResponse(message); > + > + // result 0 = Yes, 1 = No > + if (selectedValue instanceof Integer) { > + // If the selected value can be cast to Integer, use that > value > + return ((Integer) selectedValue).intValue(); > + } else { > + // Otherwise default to "no" > + return 1; > + } > + } Please use either getIntegerResponseAsBoolean or getIntegerResponseAsAppletAction rather than returning 0/1 as ints for yes/no. Thanks, -- Andrew A From aazores at redhat.com Wed Mar 5 07:21:23 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 10:21:23 -0500 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <5317331A.90405@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> <5317331A.90405@redhat.com> Message-ID: <531740F3.2040102@redhat.com> On 03/05/2014 09:22 AM, Jiri Vanek wrote: > On 03/04/2014 11:22 PM, Andrew Azores wrote: >> On 02/25/2014 12:16 PM, Jiri Vanek wrote: >>> AIS >>> >>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions >>> >>> >>> Please, any reviewer, read the specification. It appeared to be >>> tricky to transform its spoken language to algorithm... Well at >>> least default was specified without fog :( >>> >>> Thanx for any comments! >>> J. >>> >>> not sure how with unittests, but reproducers are on the way... >> >> Are you just looking for additional help figuring out what the spec >> is trying to define? Or was a patch forgotten here? >> > > Crap. Sorry. Forgot to attach aptch :( Messages.properties: > +# missing permissions dialogue > +MissingPermissionsMainTitle=Application {0} \ > +form codebase {1} is missing the > permissions attribute. \ > +Applications without this attribute should not be trusted. Do you > allow this application to run? "Do you want to run this application?" or "Do you wish to allow this application to run?" > +MissingPermissionsInfo=For more information you can visit:
\ > + href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> > \ > +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions >
\ > +and
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > \ > +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html JNLPClassLoader: > + Boolean permissions = > file.getManifestsAttributes().isSandboxForced(); I'm not liking the use of the boxed type here... true/false/null is kind of ugly. Can an enum be made for the three states, rather than actually using null as an acceptable value? I know this isn't directly relevant to this patch, though. > + throw new LaunchException("Your Extended applets > security is at 'Very high', and this applicationis missing the > 'permissions' attribute in manifest. This is fatal"); > + throw new LaunchException("Your Extended applets > security is at 'high' and this applicationis missing the 'permissions' > attribute in manifest. And you have refused to run it."); "applicationis" - missing a space. Should this go in Messages.properties? And please consider moving this method into the new SecurityDelegate as well (which is newer than this patch, I know) SecurityDialogs: > + public static int showMissingPermissionsAttributeDialogue(String > title, URL codeBase) { > + > + if (!shouldPromptUser()) { > + return 1; > + } > + > + SecurityDialogMessage message = new SecurityDialogMessage(); > + message.dialogType = > DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING; > + message.extras = new Object[]{title, codeBase.toExternalForm()}; > + Object selectedValue = getUserResponse(message); > + > + // result 0 = Yes, 1 = No > + if (selectedValue instanceof Integer) { > + // If the selected value can be cast to Integer, use that > value > + return ((Integer) selectedValue).intValue(); > + } else { > + // Otherwise default to "cancel" > + return 1; > + } > + } As in the ALAC review, return a boolean or AppletAction here instead please. Thanks, -- Andrew A From thomas at m3y3r.de Wed Mar 5 07:29:35 2014 From: thomas at m3y3r.de (Thomas Meyer) Date: Wed, 05 Mar 2014 16:29:35 +0100 Subject: [icedtea-web] plugin hangs in xcb_wait_for_reply In-Reply-To: <530AF4F0.50400@redhat.com> References: <1393162615.4301.5.camel@localhost.localdomain> <530AF4F0.50400@redhat.com> Message-ID: <1394033375.8394.7.camel@localhost.localdomain> Am Montag, den 24.02.2014, 08:29 +0100 schrieb Jiri Vanek: > On 02/23/2014 02:36 PM, Thomas Meyer wrote: > > Hi, > > > > The icedtea-web plugin hangs on my computer in xcb_wait_for_reply while > > trying to init the GTK look and feel: > > > > I'm using this version: > > Name : icedtea-web > > Architektur : x86_64 > > Version : 1.4.2 > > Ausgabe : 0.fc20 > > Gr??e : 1.1 M > > How is it reproducible? It seems that all java programs using the GTK L&F suffer from this hang in xcb on my machine! I just tried to run jedit with GTK L&F and it also hangs and waits for some xcb/X server reply. Can somebody reproduce this error on Fedora 20 with a multi-monitor setup? > > Personally I don know why the look and feel is used there anyway? It have probably its place in > Various dialogues, but the usage in jnlpruntime is a little bit confusing. > > How does it behave when you remove those lines? Behaviour is the same, as my system default L&F seems to be the GTK one. I explicitly need to set the L&F in the deployment descriptor like this, to make it work for me on Fedora 20: $ cat .icedtea/deployment.properties #Netx deployment configuration #Wed Mar 05 15:22:26 CET 2014 swing.systemlaf=javax.swing.plaf.metal.MetalLookAndFeel deployment.security.level=ASK_UNSIGNED btw. providing JVM option -Dswing.systemlaf=javax.swing.plaf.metal.MetalLookAndFeel via the icetea-web setting program (itweb-settings) doesn't work as the "=" is expanded to "\="... > > Thankx, > > J. > > > > Thread 16 (Thread 0x7f73bc4eb700 (LWP 14468)): > > #0 0x0000003623aea9dd in poll () from /lib64/libc.so.6 > > #1 0x0000003627209f72 in poll (__timeout=-1, __nfds=1, > > __fds=0x7f73bc4ea0e0) > > at /usr/include/bits/poll2.h:46 > > #2 _xcb_conn_wait (c=c at entry=0x7f73b82a6c20, > > cond=cond at entry=0x7f73bc4ea160, > > vector=vector at entry=0x0, count=count at entry=0x0) at xcb_conn.c:414 > > #3 0x000000362720b44f in wait_for_reply (c=c at entry=0x7f73b82a6c20, > > request=112, > > e=e at entry=0x7f73bc4ea220) at xcb_in.c:399 > > #4 0x000000362720b562 in xcb_wait_for_reply (c=c at entry=0x7f73b82a6c20, > > request=112, > > e=e at entry=0x7f73bc4ea220) at xcb_in.c:429 > > #5 0x0000003626e43017 in _XReply (dpy=dpy at entry=0x7f73b82a59d0, > > rep=rep at entry=0x7f73bc4ea270, extra=extra at entry=0, > > discard=discard at entry=1) > > at xcb_io.c:602 > > #6 0x0000003626e38f04 in XQueryExtension > > (dpy=dpy at entry=0x7f73b82a59d0, > > name=name at entry=0x362e20c724 "XInputExtension", > > major_opcode=major_opcode at entry=0x7f73bc4ea2e4, > > first_event=first_event at entry=0x7f73bc4ea2e8, > > first_error=first_error at entry=0x7f73bc4ea2ec) at QuExt.c:48 > > #7 0x0000003626e2ccc2 in XInitExtension (dpy=0x7f73b82a59d0, > > name=0x362e20c724 "XInputExtension") at InitExt.c:47 > > #8 0x000000362760d07f in XextAddDisplay () from /lib64/libXext.so.6 > > #9 0x000000362e207313 in XInput_find_display > > (dpy=dpy at entry=0x7f73b82a59d0) at XExtInt.c:223 > > #10 0x000000362e205c19 in XListInputDevices (dpy=0x7f73b82a59d0, > > ndevices=0x7f73bc4ea46c) > > at XListDev.c:184 > > #11 0x0000003e3c87d684 in _gdk_input_common_init () > > from /lib64/libgdk-x11-2.0.so.0 > > #12 0x0000003e3c8516df in gdk_display_open () > > from /lib64/libgdk-x11-2.0.so.0 > > #13 0x0000003e3c81f03d in gdk_display_open_default_libgtk_only () > > from /lib64/libgdk-x11-2.0.so.0 > > #14 0x0000003e3cd45aa4 in gtk_init_check () > > from /lib64/libgtk-x11-2.0.so.0 > > #15 0x00007f73b339e3c1 in gtk2_load () > > > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/xawt/libmawt.so > > #16 0x00007f73b3386c6b in Java_sun_awt_UNIXToolkit_load_1gtk () > > > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/xawt/libmawt.so > > #17 0x00007f73b49d304c in ?? () > > #18 0x00007f73bc4ea640 in ?? () > > #19 0x00000007f6045368 in ?? () > > #20 0x00007f73bc4ea698 in ?? () > > #21 0x00000007f6046ce0 in ?? () > > #22 0x0000000000000000 in ?? () > > > > Probably in net.sourceforge.jnlp.runtime.JNLPRuntime in the > > UIManager.setLookAndFeel() call. > > > > > > any ideas? > > > > > > Maybe these threads are related? > > Thread 2 (Thread 0x7f73b2577700 (LWP 14492)): > > #0 0x0000003623aea9dd in poll () from /lib64/libc.so.6 > > #1 0x00000036266495b4 in g_main_context_iterate.isra.24 () > > from /lib64/libglib-2.0.so.0 > > #2 0x0000003626649a3a in g_main_loop_run () > > from /lib64/libglib-2.0.so.0 > > #3 0x00007f73b2bcfbb9 in jni_main_loop () > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/libatk-wrapper.so > > #4 0x000000362666ea45 in g_thread_proxy () from /lib64/libglib-2.0.so.0 > > #5 0x0000003624607f33 in start_thread () from /lib64/libpthread.so.0 > > #6 0x0000003623af4ded in clone () from /lib64/libc.so.6 > > > > Thread 1 (Thread 0x7f73bd2c9740 (LWP 14465)): > > #0 0x0000003624609297 in pthread_join () from /lib64/libpthread.so.0 > > #1 0x0000003fc5a096d5 in ContinueInNewThread0 () > > > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so > > #2 0x0000003fc5a04307 in ContinueInNewThread () > > > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so > > #3 0x0000003fc5a04db9 in JLI_Launch () > > > > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so > > #4 0x0000000000400685 in main () > > > > > From jvanek at icedtea.classpath.org Wed Mar 5 07:33:06 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Wed, 05 Mar 2014 15:33:06 +0000 Subject: /hg/icedtea-web: All security dialogs moved to appropriate package Message-ID: changeset 0a36108ce4b9 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=0a36108ce4b9 author: Jiri Vanek date: Wed Mar 05 16:41:06 2014 +0100 All security dialogs moved to appropriate package diffstat: ChangeLog | 40 + netx/net/sourceforge/jnlp/security/AccessWarningPane.java | 213 ------ netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java | 68 - netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java | 338 --------- netx/net/sourceforge/jnlp/security/AppletWarningPane.java | 114 --- netx/net/sourceforge/jnlp/security/CertWarningPane.java | 319 --------- netx/net/sourceforge/jnlp/security/CertificateUtils.java | 5 - netx/net/sourceforge/jnlp/security/CertsInfoPane.java | 347 --------- netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java | 1 + netx/net/sourceforge/jnlp/security/KeyStores.java | 2 +- netx/net/sourceforge/jnlp/security/MoreInfoPane.java | 125 --- netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java | 114 --- netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java | 182 ----- netx/net/sourceforge/jnlp/security/SecurityDialog.java | 14 +- netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java | 1 - netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java | 119 --- netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 2 +- netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java | 76 -- netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java | 63 - netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java | 106 --- netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java | 2 +- netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java | 216 ++++++ netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java | 116 +++ netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 325 +++++++++ netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java | 350 ++++++++++ netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java | 128 +++ netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java | 115 +++ netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java | 185 +++++ netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java | 121 +++ netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java | 81 ++ netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java | 70 ++ netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java | 339 +++++++++ netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java | 65 + netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java | 106 +++ tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java | 123 --- tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java | 125 +++ tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java | 16 +- 37 files changed, 2405 insertions(+), 2327 deletions(-) diffs (truncated from 4956 to 500 lines): diff -r 907fe0c8a3fa -r 0a36108ce4b9 ChangeLog --- a/ChangeLog Wed Mar 05 15:43:03 2014 +0100 +++ b/ChangeLog Wed Mar 05 16:41:06 2014 +0100 @@ -1,3 +1,43 @@ +2014-03-05 Jiri Vanek + + All security dialogs moved to appropriate package + * netx/net/sourceforge/jnlp/security/AccessWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java: + * netx/net/sourceforge/jnlp/security/AppletWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java: + * netx/net/sourceforge/jnlp/security/CertWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java + * netx/net/sourceforge/jnlp/security/CertsInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java: + * netx/net/sourceforge/jnlp/security/MoreInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java: + * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: + * netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java: + * netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: + * netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java: + * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: + * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java: + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java: + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java: + * tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: to + * tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java: + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: necessary changes + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: necessary changes + * netx/net/sourceforge/jnlp/security/KeyStores.java: necessary changes + * netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java: necessary changes + * netx/net/sourceforge/jnlp/security/CertificateUtils.java: necessary changes + 2014-03-05 Jiri Vanek * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: fixed diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AccessWarningPane.java --- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,213 +0,0 @@ -/* AccessWarningPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JCheckBox; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingConstants; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; -import net.sourceforge.jnlp.util.FileUtils; - -/** - * Provides a panel to show inside a SecurityDialog. These dialogs are - * used to warn the user when either signed code (with or without signing - * issues) is going to be run, or when service permission (file, clipboard, - * printer, etc) is needed with unsigned code. - * - * @author Joshua Sumali - */ -public class AccessWarningPane extends SecurityDialogPanel { - - JCheckBox alwaysAllow; - Object[] extras; - - public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - addComponents(); - } - - public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) { - super(x, certVerifier); - this.extras = extras; - addComponents(); - } - - /** - * Creates the actual GUI components, and adds it to this panel - */ - private void addComponents() { - AccessType type = parent.getAccessType(); - JNLPFile file = parent.getFile(); - - String name = ""; - String publisher = ""; - String from = ""; - - //We don't worry about exceptions when trying to fill in - //these strings -- we just want to fill in as many as possible. - try { - name = file.getInformation().getTitle() != null ? file.getInformation().getTitle() : R("SNoAssociatedCertificate"); - } catch (Exception e) { - } - - try { - publisher = file.getInformation().getVendor() != null ? - file.getInformation().getVendor() + " " + R("SUnverified") : - R("SNoAssociatedCertificate"); - } catch (Exception e) { - } - - try { - from = !file.getInformation().getHomepage().toString().equals("") ? file.getInformation().getHomepage().toString() : file.getSourceLocation().getAuthority(); - } catch (Exception e) { - from = file.getSourceLocation().getAuthority(); - } - - //Top label - String topLabelText = ""; - switch (type) { - case READ_FILE: - if (extras != null && extras.length > 0 && extras[0] instanceof String) { - topLabelText = R("SFileReadAccess", FileUtils.displayablePath((String) extras[0])); - } else { - topLabelText = R("SFileReadAccess", R("AFileOnTheMachine")); - } - break; - case WRITE_FILE: - if (extras != null && extras.length > 0 && extras[0] instanceof String) { - topLabelText = R("SFileWriteAccess", FileUtils.displayablePath((String) extras[0])); - } else { - topLabelText = R("SFileWriteAccess", R("AFileOnTheMachine")); - } - break; - case CREATE_DESTKOP_SHORTCUT: - topLabelText = R("SDesktopShortcut"); - break; - case CLIPBOARD_READ: - topLabelText = R("SClipboardReadAccess"); - break; - case CLIPBOARD_WRITE: - topLabelText = R("SClipboardWriteAccess"); - break; - case PRINTER: - topLabelText = R("SPrinterAccess"); - break; - case NETWORK: - if (extras != null && extras.length >= 0) - topLabelText = R("SNetworkAccess", extras[0]); - else - topLabelText = R("SNetworkAccess", "(address here)"); - } - - ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/question.png")); - JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); - topLabel.setFont(new Font(topLabel.getFont().toString(), - Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(450, 100)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //application info - JLabel nameLabel = new JLabel(R("Name") + ": " + name); - nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); - publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel fromLabel = new JLabel(R("From") + ": " + from); - fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - - alwaysAllow = new JCheckBox(R("AlwaysAllowAction")); - alwaysAllow.setEnabled(false); - - JPanel infoPanel = new JPanel(new GridLayout(4, 1)); - infoPanel.add(nameLabel); - infoPanel.add(publisherLabel); - infoPanel.add(fromLabel); - infoPanel.add(alwaysAllow); - infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); - - //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - - JButton run = new JButton(R("ButAllow")); - JButton cancel = new JButton(R("ButCancel")); - run.addActionListener(createSetValueListener(parent, 0)); - run.addActionListener(new CheckBoxListener()); - cancel.addActionListener(createSetValueListener(parent, 1)); - initialFocusComponent = cancel; - buttonPanel.add(run); - buttonPanel.add(cancel); - buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //all of the above - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - add(topPanel); - add(infoPanel); - add(buttonPanel); - - } - - private class CheckBoxListener implements ActionListener { - public void actionPerformed(ActionEvent e) { - if (alwaysAllow != null && alwaysAllow.isSelected()) { - // TODO: somehow tell the ApplicationInstance - // to stop asking for permission - } - } - } - -} diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java --- a/netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,68 +0,0 @@ -/* Copyright (C) 2013 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ - -package net.sourceforge.jnlp.security; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; - -/** - * A panel that confirms that the user is OK with unsigned code running. - */ -public class AppTrustWarningDialog extends SecurityDialogPanel { - - private AppTrustWarningDialog(final SecurityDialog dialog) { - super(dialog); - } - - public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) { - final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog); - warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener())); - return warningDialog; - } - - private ActionChoiceListener getActionChoiceListener() { - return new ActionChoiceListener() { - @Override - public void actionChosen(final AppSigningWarningAction action) { - parent.setValue(action); - parent.dispose(); - } - }; - } - -} diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,338 +0,0 @@ -/* Copyright (C) 2013 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.util.ArrayList; -import java.util.List; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ButtonGroup; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JCheckBox; -import javax.swing.JDialog; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.JRadioButton; -import javax.swing.SwingConstants; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; -import net.sourceforge.jnlp.util.ScreenFinder; - -/* - * This class is meant to provide a common layout and functionality for warning dialogs - * that appear when the user needs to confirm the running of applets/applications. - * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and - * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as - * plugin applets. New implementations should be added to the unit test at - * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest - */ -public abstract class AppTrustWarningPanel extends JPanel { - - /* - * Details of decided action. - */ - public static class AppSigningWarningAction { - private ExecuteAppletAction action; - private boolean applyToCodeBase; - - public AppSigningWarningAction(ExecuteAppletAction action, - boolean applyToCodeBase) { - this.action = action; - this.applyToCodeBase = applyToCodeBase; - } - - public ExecuteAppletAction getAction() { - return action; - } - - public boolean rememberForCodeBase() { - return applyToCodeBase; - } - } - - /* - * Callback for when action is decided. - */ - public static interface ActionChoiceListener { - void actionChosen(AppSigningWarningAction action); - } - - protected int PANE_WIDTH = 500; - - protected int TOP_PANEL_HEIGHT = 60; - protected int INFO_PANEL_HEIGHT = 140; - protected int INFO_PANEL_HINT_HEIGHT = 25; - protected int QUESTION_PANEL_HEIGHT = 35; - - protected List buttons; - protected JButton allowButton; - protected JButton rejectButton; - protected JButton helpButton; - protected JCheckBox permanencyCheckBox; - protected JRadioButton applyToAppletButton; - protected JRadioButton applyToCodeBaseButton; - - protected JNLPFile file; - - protected ActionChoiceListener actionChoiceListener; - - /* - * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor! - */ - public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) { - this.file = file; - this.actionChoiceListener = actionChoiceListener; - this.buttons = new ArrayList(); - - allowButton = new JButton(R("ButProceed")); - rejectButton = new JButton(R("ButCancel")); - helpButton = new JButton(R("APPEXTSECguiPanelHelpButton")); - - allowButton.addActionListener(chosenActionSetter(true)); - rejectButton.addActionListener(chosenActionSetter(false)); - - helpButton.addActionListener(getHelpButtonAction()); - - buttons.add(allowButton); - buttons.add(rejectButton); - buttons.add(helpButton); - } - - /* - * Provides an image to be displayed near the upper left corner of the dialog. - */ - protected abstract ImageIcon getInfoImage(); - - /* - * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted. - */ - protected abstract String getTopPanelText(); - - /* - * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted. From jvanek at redhat.com Wed Mar 5 07:42:26 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 16:42:26 +0100 Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile In-Reply-To: <53174396.7000808@redhat.com> References: <52FB93A4.4000100@redhat.com> <53174396.7000808@redhat.com> Message-ID: <531745E2.9030608@redhat.com> On 03/05/2014 04:32 PM, Andrew Azores wrote: > On 02/12/2014 10:30 AM, Jiri Vanek wrote: >> the hreffed jnlp file was not used if its caller was remote file. This patch should fix it. >> >> >> J. >> >> please note the changed reproducer. The change is exactly coresponding with I changed in Luncher. So I hope it is correct. >> >> The living reproducer can be the https://java.net/downloads/electric/electric.jnlp from yesterdays Fatal: Read Error: Could not read or parse the JNLP file thread > > electric.jnlp doesn't seem to work with or without this patch. > > Thanks, > Yes it is not.It have invalid certificates. The patch works, if electricity downlaod all encessary jnl/jars. J. From aazores at redhat.com Wed Mar 5 07:32:38 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 10:32:38 -0500 Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile In-Reply-To: <52FB93A4.4000100@redhat.com> References: <52FB93A4.4000100@redhat.com> Message-ID: <53174396.7000808@redhat.com> On 02/12/2014 10:30 AM, Jiri Vanek wrote: > the hreffed jnlp file was not used if its caller was remote file. This > patch should fix it. > > > J. > > please note the changed reproducer. The change is exactly > coresponding with I changed in Luncher. So I hope it is correct. > > The living reproducer can be the > https://java.net/downloads/electric/electric.jnlp from yesterdays > Fatal: Read Error: Could not read or parse the JNLP file thread electric.jnlp doesn't seem to work with or without this patch. Thanks, -- Andrew A From aazores at redhat.com Wed Mar 5 08:08:59 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 11:08:59 -0500 Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile In-Reply-To: <531745E2.9030608@redhat.com> References: <52FB93A4.4000100@redhat.com> <53174396.7000808@redhat.com> <531745E2.9030608@redhat.com> Message-ID: <53174C1B.9040505@redhat.com> On 03/05/2014 10:42 AM, Jiri Vanek wrote: > On 03/05/2014 04:32 PM, Andrew Azores wrote: >> On 02/12/2014 10:30 AM, Jiri Vanek wrote: >>> the hreffed jnlp file was not used if its caller was remote file. >>> This patch should fix it. >>> >>> >>> J. >>> >>> please note the changed reproducer. The change is exactly >>> coresponding with I changed in Luncher. So I hope it is correct. >>> >>> The living reproducer can be the >>> https://java.net/downloads/electric/electric.jnlp from yesterdays >>> Fatal: Read Error: Could not read or parse the JNLP file thread >> >> electric.jnlp doesn't seem to work with or without this patch. >> >> Thanks, >> > > Yes it is not.It have invalid certificates. > The patch works, if electricity downlaod all encessary jnl/jars. > > J. Okay to push then. Thanks, -- Andrew A From jvanek at redhat.com Wed Mar 5 08:23:19 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 17:23:19 +0100 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <531731A7.6000006@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> Message-ID: <53174F77.2070209@redhat.com> On 03/05/2014 03:16 PM, Andrew Azores wrote: > On 03/05/2014 09:19 AM, Jiri Vanek wrote: >> On 03/04/2014 11:26 PM, Andrew Azores wrote: >>> On 02/19/2014 09:56 AM, Jiri Vanek wrote: >>>> hi! >>>> >>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the issue is missing. So always my first question in bug is "may you please post url" ? >>>> >>>> Also java connector is printing out system properties. So it crossed my mind to store the launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs) >>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >>>> >>>> This needs also some more work on java-abrt-conenctor - see https://github.com/jfilak/abrt-java-connector/issues/34 >>>> >>>> J. >>> >>> I like the intent behind the patch but I don't know if I really like using system properties for this :/ >> >> I'm not sure with them too:( >> >> > not that I have any better ideas off the top of my head. >> >> The abrt agent can actually do anything. My another idea is to store it in some static (private) variable. The whitleist in issue 34 will then be package.class fieldName > > I didn't know that this would be an option. This sounds much, much better to me. > >> >> > But this just does not seem to me like what the properties are meant to be used for. >> >> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read properties, will be able to spy history. > > Yea, and this is really not a good mechanism to be providing. > >> >> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34 >>> It seems like nobody else is chiming in with any better ideas, and you're right that the automatic bug reports are a little bit useless without something like this, so if you have no better implementations in mind then I suppose this will have to suffice. >> >> What do you thnk about this approach? (otherwise it will be same) >> Thank you! >> So here is version with field. the whitelist then will be: netx.net.sourceforge.jnlp.runtime.JNLPRuntime history J -------------- next part -------------- A non-text attachment was scrubbed... Name: saveRatherToPRivateField.patch Type: text/x-patch Size: 2505 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/44fc961d/saveRatherToPRivateField.patch From aazores at redhat.com Wed Mar 5 08:24:28 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 11:24:28 -0500 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <53174F77.2070209@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com> Message-ID: <53174FBC.6080407@redhat.com> On 03/05/2014 11:23 AM, Jiri Vanek wrote: > On 03/05/2014 03:16 PM, Andrew Azores wrote: >> On 03/05/2014 09:19 AM, Jiri Vanek wrote: >>> On 03/04/2014 11:26 PM, Andrew Azores wrote: >>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote: >>>>> hi! >>>>> >>>>> As java abrt connector is sending quite good reports, the url, on >>>>> which I can reproduce the issue is missing. So always my first >>>>> question in bug is "may you please post url" ? >>>>> >>>>> Also java connector is printing out system properties. So it >>>>> crossed my mind to store the launched jnlps/htmls for this usage. >>>>> I have quite mixed feelings about it but do not have it makes >>>>> java-abrt-connector a bit useless (users donot care to much about >>>>> auto generated bugs) >>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >>>>> >>>>> This needs also some more work on java-abrt-conenctor - see >>>>> https://github.com/jfilak/abrt-java-connector/issues/34 >>>>> >>>>> J. >>>> >>>> I like the intent behind the patch but I don't know if I really >>>> like using system properties for this :/ >>> >>> I'm not sure with them too:( >>> >>> > not that I have any better ideas off the top of my head. >>> >>> The abrt agent can actually do anything. My another idea is to store >>> it in some static (private) variable. The whitleist in issue 34 will >>> then be package.class fieldName >> >> I didn't know that this would be an option. This sounds much, much >> better to me. >> >>> >>> > But this just does not seem to me like what the properties are >>> meant to be used for. >>> >>> Agree. And my concern is that with this, *maybe* (but probably) all >>> appelts which can read properties, will be able to spy history. >> >> Yea, and this is really not a good mechanism to be providing. >> >>> >>> I have commented also >>> https://github.com/jfilak/abrt-java-connector/issues/34 >>>> It seems like nobody else is chiming in with any better ideas, and >>>> you're right that the automatic bug reports are a little bit >>>> useless without something like this, so if you have no better >>>> implementations in mind then I suppose this will have to suffice. >>> >>> What do you thnk about this approach? (otherwise it will be same) >>> Thank you! >>> > > So here is version with field. > > the whitelist then will be: > netx.net.sourceforge.jnlp.runtime.JNLPRuntime history > > > J Yes, this looks so much better to me. Assuming abrt-connector can't just call an arbitrary method rather than reading a field, I think this is ok to push. If it can call a method though, it would probably be better to store the URLs as a Set and then return it as a String on demand. But if this isn't possible then storing it as a String is good enough. Thanks, -- Andrew A From omajid at redhat.com Wed Mar 5 08:33:58 2014 From: omajid at redhat.com (Omair Majid) Date: Wed, 5 Mar 2014 11:33:58 -0500 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <53174F77.2070209@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com> Message-ID: <20140305163358.GE2011@redhat.com> Hi, * Jiri Vanek [2014-03-05 11:16]: > diff -r 0a36108ce4b9 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java > + /*urls lunching this application*/ > + private static String history = ""; > + public static void saveHistory(String documentBase) { > + //java-abrt-connector can print out specific application String field, it is good to save visited urls for reproduce purposes > + //for javaws we can read the destination jnlp from commandline > + //hoever for plugin (url arrive via pipes)? Also for plugin ve can not be sure which opened tab/window > + //have casued the crash,. Thats why the individual urls are added, not repalced. Would it make more sense to put this comment on the field? If I am trying to find the reason for existence of a field, I am more likely to look at the field first than the code that touches it. > diff -r 0a36108ce4b9 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java > "Height = ", height, "\n", > "DocumentBase = ", documentBase, "\n", > "Params = ", paramString); > + JNLPRuntime.saveHistory(documentBase); > > PluginAppletPanelFactory factory = new PluginAppletPanelFactory(); > AppletMessageHandler amh = new AppletMessageHandler("appletviewer"); Will this work correctly when multiple applets are initializing? Is thread safety something we have to consider? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Wed Mar 5 08:53:39 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 05 Mar 2014 17:53:39 +0100 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <20140305163358.GE2011@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com> <20140305163358.GE2011@redhat.com> Message-ID: <53175693.3010607@redhat.com> On 03/05/2014 05:33 PM, Omair Majid wrote: > Hi, > > * Jiri Vanek [2014-03-05 11:16]: > >> diff -r 0a36108ce4b9 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java > >> + /*urls lunching this application*/ >> + private static String history = ""; > >> + public static void saveHistory(String documentBase) { >> + //java-abrt-connector can print out specific application String field, it is good to save visited urls for reproduce purposes >> + //for javaws we can read the destination jnlp from commandline >> + //hoever for plugin (url arrive via pipes)? Also for plugin ve can not be sure which opened tab/window >> + //have casued the crash,. Thats why the individual urls are added, not repalced. > > Would it make more sense to put this comment on the field? If I am > trying to find the reason for existence of a field, I am more likely to > look at the field first than the code that touches it. Sure. > >> diff -r 0a36108ce4b9 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java > >> "Height = ", height, "\n", >> "DocumentBase = ", documentBase, "\n", >> "Params = ", paramString); >> + JNLPRuntime.saveHistory(documentBase); >> >> PluginAppletPanelFactory factory = new PluginAppletPanelFactory(); >> AppletMessageHandler amh = new AppletMessageHandler("appletviewer"); > > Will this work correctly when multiple applets are initializing? Is > thread safety something we have to consider? > Well. It is handled in message consumer thread. So it should be perfectly safe. But I would guess synchronised keyword for saveHistroy will not harm if you insists. J. From aazores at redhat.com Wed Mar 5 09:01:22 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 12:01:22 -0500 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests Message-ID: <53175862.8080408@redhat.com> Hi, The previous thread was diverging into two quite different patches, so I'm splitting it. This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. ChangeLog: * NEWS: added entry for PolicyEditor * netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java: (fromString) use regexes to parse * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (file) keep reference to File rather than String filePath. (getPermissions) returns empty map rather than null. (setComponentMnemonic) new method. (getCustomPermissions) new function. (openAndParsePolicyFile) check for OpenFileResult FAILURE and NOT_FILE rather than null * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: (fromString) use regexes to parse * netx/net/sourceforge/jnlp/util/FileUtils.java: (testDirectoryPermissions) add check for getCanonicalFile and null safeguarding. (testFilePermissions) add check for getCanonicalFile and return FAILURE rather than null * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java: (testMissingQuotationMarks) new test * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: (testReturnedCustomPermissionsSetIsCopy, testCodebaseTrailingSlashesDoNotMatch) new tests * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: new tests Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policy-editor-parsing-tests.patch Type: text/x-patch Size: 50577 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/242e212f/policy-editor-parsing-tests-0001.patch From bugzilla-daemon at icedtea.classpath.org Wed Mar 5 10:54:38 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 05 Mar 2014 18:54:38 +0000 Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20 64-bit plus Firefox 27 In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687 --- Comment #5 from Andrew Azores --- (In reply to Harish Pillay from comment #3) > I just tested it on another site: > http://stilllistener.addr.com/checkpoint1/Java/ and the 2nd Java applet on > that page (towards the bottom) failed as well and the stack trace is: > > IcedTea-Web Plugin version: 1.4.2 (fedora-0.fc20-x86_64) > Sat Mar 01 06:26:53 SGT 2014 > java.lang.NullPointerException > at net.sourceforge.jnlp.NetxPanel.runLoader(NetxPanel.java:116) > at sun.applet.AppletPanel.run(AppletPanel.java:380) > at java.lang.Thread.run(Thread.java:744) This happens occasionally, it's an intermittent problem unrelated to your original bug report. I'm still unable to determine what's causing the failure for you and one other person here who I asked. It works fine for myself and most other users. Is there anything you did in particular to come across this error? Does the WebEx test page at [1] work for you? [1] http://www.webex.com/test-meeting.html -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/33635b6f/attachment.html From aazores at redhat.com Wed Mar 5 13:57:34 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 05 Mar 2014 16:57:34 -0500 Subject: [rfc][icedtea-web] javaws -version flag Message-ID: <53179DCE.6070405@redhat.com> Hi, Adds a -version flag that simply prints out "icedtea-web $version" and exits. "-about -headless" sort of does this already, but it also includes a mini license. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: javaws-version.patch Type: text/x-patch Size: 2715 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/2dec8243/javaws-version.patch From bugzilla-daemon at icedtea.classpath.org Thu Mar 6 00:05:42 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 06 Mar 2014 08:05:42 +0000 Subject: [Bug 1693] New: Could not find Xt - Try installing libXt-devel Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693 Bug ID: 1693 Summary: Could not find Xt - Try installing libXt-devel Product: IcedTea Version: 6-1.12.8 Hardware: 64-bit OS: Linux Status: NEW Severity: major Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: hiteckh at hotmail.com CC: unassigned at icedtea.classpath.org the libXt is already installed however i still get this error when trying to build through this command: LLVM_CONFIG=/home/stde/Documents/icedtea6-1.12.8/llvm/Debug+Asserts/bin/llvm-config ./configure --enable-shark --disable-system-gif --disable-system-lcms --disable-system-kerberos checking for XT... no configure: error: Could not find Xt - Try installing libXt-devel. best regards, Hamza -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/a30e9191/attachment.html From bugzilla-daemon at icedtea.classpath.org Thu Mar 6 00:45:57 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 06 Mar 2014 08:45:57 +0000 Subject: [Bug 1693] Could not find Xt - Try installing libXt-devel In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693 Xerxes R?nby changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xerxes at zafena.se Severity|major |normal --- Comment #1 from Xerxes R?nby --- please include the following: Which OS you are building icedtea? Which version of libxt headers you are using? Where are the libxt headers installed on your system? For example on Debian you need to install both the libxt and libxt-dev package. Many linux distributions has a way to download all build dependencies for icedtea based on the distributions source package information. example on debian you can install all/most of the build dependencies for icedtea-6 by running. apt-get build-dep openjdk-6 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/36e71428/attachment.html From bugzilla-daemon at icedtea.classpath.org Thu Mar 6 03:44:11 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 06 Mar 2014 11:44:11 +0000 Subject: [Bug 1693] Could not find Xt - Try installing libXt-devel In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693 --- Comment #2 from Hamza --- Hi, Thanks for the reply, The OS I have is openSuse 13.1 I have libXt6 installed version 1.1.4-2.1.2 they are installed in: /usr/lib64/libXt.so.6 I have also libXt-devel installed version 1.1.4-2.1.2 they are installed in: /usr/include/X11 /usr/lib64/libXt.so /usr/lib64/pkgconfig/xt.pc Best Regards, Hamza -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/c7abd8b4/attachment.html From jvanek at redhat.com Thu Mar 6 04:43:42 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 13:43:42 +0100 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <53179DCE.6070405@redhat.com> References: <53179DCE.6070405@redhat.com> Message-ID: <53186D7E.8010608@redhat.com> On 03/05/2014 10:57 PM, Andrew Azores wrote: > Hi, > > Adds a -version flag that simply prints out "icedtea-web $version" and exits. "-about -headless" sort of does this already, but it also includes a mini license. > > Thanks, > Well if you wish., NEWS entry is missing. Otherwise ok to go. We really *have to* add an generated man pages in as close future as possible.... J. From jvanek at redhat.com Thu Mar 6 06:07:46 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 15:07:46 +0100 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <53175862.8080408@redhat.com> References: <53175862.8080408@redhat.com> Message-ID: <53188132.2040009@redhat.com> On 03/05/2014 06:01 PM, Andrew Azores wrote: > Hi, > > The previous thread was diverging into two quite different patches, so I'm splitting it. > > This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. > The Messages.properties changes are missing in in-pathc chagelog public static CustomPermission fromString - more more and more tests. Try to hack yourself. But generally ok. Well the comment is poem-writer's masterpiece :) But better then nothing :) The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be: [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :) The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg? The first quotes are mandatory, and the scond not? As far as I read from regex. Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself. Why is the CustomPermission.fromStirng copypasted to PolicyEditorPermissions ??? Quick glance over tests is ook. Thanx! J. From aazores at icedtea.classpath.org Thu Mar 6 06:18:52 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 06 Mar 2014 14:18:52 +0000 Subject: /hg/icedtea-web: Add -version flag Message-ID: changeset bbf4cc4319da in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bbf4cc4319da author: Andrew Azores date: Thu Mar 06 09:18:35 2014 -0500 Add -version flag * NEWS: added -version flag entry * netx/net/sourceforge/jnlp/resources/Messages.properties: (BOVersion) new message for command line -version flag * netx/net/sourceforge/jnlp/runtime/Boot.java: (main) added "-version" flag diffstat: ChangeLog | 8 ++++++++ NEWS | 1 + netx/net/sourceforge/jnlp/resources/Messages.properties | 1 + netx/net/sourceforge/jnlp/runtime/Boot.java | 10 ++++++++-- 4 files changed, 18 insertions(+), 2 deletions(-) diffs (85 lines): diff -r 0a36108ce4b9 -r bbf4cc4319da ChangeLog --- a/ChangeLog Wed Mar 05 16:41:06 2014 +0100 +++ b/ChangeLog Thu Mar 06 09:18:35 2014 -0500 @@ -1,3 +1,11 @@ +2014-03-06 Andrew Azores + + * NEWS: added -version flag entry + * netx/net/sourceforge/jnlp/resources/Messages.properties: (BOVersion) + new message for command line -version flag + * netx/net/sourceforge/jnlp/runtime/Boot.java: (main) added "-version" + flag + 2014-03-05 Jiri Vanek All security dialogs moved to appropriate package diff -r 0a36108ce4b9 -r bbf4cc4319da NEWS --- a/NEWS Wed Mar 05 16:41:06 2014 +0100 +++ b/NEWS Thu Mar 06 09:18:35 2014 -0500 @@ -16,6 +16,7 @@ * Dialogs center on screen before becoming visible * Support for u45 and u51 new manifest attributes (Application-Name, Codebase) * Custom applet permission policies panel in itweb-settings control panel +* javaws -version flag * Cache Viewer - Can be closed by ESC key - Enabling and disabling of operational buttons is handled properly diff -r 0a36108ce4b9 -r bbf4cc4319da netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 05 16:41:06 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 06 09:18:35 2014 -0500 @@ -209,6 +209,7 @@ BOLicense = Display the GPL license and exit. BOVerbose = Enable verbose output. BOAbout = Shows a sample application. +BOVersion = Print the IcedTea-Web version and exit. BONosecurity= Disables the secure runtime environment. BONoupdate = Disables checking for updates. BOHeadless = Disables download window, other UIs. diff -r 0a36108ce4b9 -r bbf4cc4319da netx/net/sourceforge/jnlp/runtime/Boot.java --- a/netx/net/sourceforge/jnlp/runtime/Boot.java Wed Mar 05 16:41:06 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Thu Mar 06 09:18:35 2014 -0500 @@ -63,6 +63,8 @@ public static final String name = Boot.class.getPackage().getImplementationTitle(); public static final String version = Boot.class.getPackage().getImplementationVersion(); + private static final String nameAndVersion = name + " " + version; + private static final String miniLicense = "\n" + " netx - an open-source JNLP client.\n" + " Copyright (C) 2001-2003 Jon A. Maxwell (JAM)\n" @@ -83,7 +85,7 @@ + "\n"; private static final String itwInfoMessage = "" - + name + " " + version + + nameAndVersion + "\n\n* " + R("BAboutITW") + "\n* " @@ -102,6 +104,7 @@ + " -viewer " + R("BOViewer") + "\n" + "\n" + "run-options:" + "\n" + + " -version " + R("BOVersion") + "\n" + " -arg arg " + R("BOArg") + "\n" + " -param name=value " + R("BOParam") + "\n" + " -property name=value " + R("BOProperty") + "\n" @@ -138,14 +141,17 @@ DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched(); if (null != getOption("-viewer")) { - try { CertificateViewer.main(null); JNLPRuntime.exit(0); } catch (Exception e) { OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e); } + } + if (null != getOption("-version")) { + OutputController.getLogger().printOutLn(nameAndVersion); + JNLPRuntime.exit(0); } if (null != getOption("-license")) { From bugzilla-daemon at icedtea.classpath.org Thu Mar 6 07:49:13 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 06 Mar 2014 15:49:13 +0000 Subject: [Bug 1695] New: FileURLConnection inputstream isn't closed Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1695 Bug ID: 1695 Summary: FileURLConnection inputstream isn't closed Product: IcedTea Version: 6-1.13.1 Hardware: x86_64 OS: Linux Status: NEW Severity: major Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: stephan.meisinger at opitec.com CC: unassigned at icedtea.classpath.org if an application calls getHeaderField(String) in org.jboss.net.protocol.file.FileURLConnection an FileInputStream is generated. The handle stays open as a member variable. If the Connection is closed -> the handle stays open. so please overload the method void close() { super(close); if(is != null) { is.close(); } } This could be a unintended functional change and could be avoided by adding a flag "isStreamRead". This flag is set to true when stream is returned by public synchronized InputStream getInputStream(); void close() { super(close); if(is != null && !isStreamRead) { is.close(); } } This is issue is also available in IceTea7. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/73ac9ffe/attachment.html From omajid at redhat.com Thu Mar 6 07:59:11 2014 From: omajid at redhat.com (Omair Majid) Date: Thu, 6 Mar 2014 10:59:11 -0500 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <53186D7E.8010608@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> Message-ID: <20140306155911.GB1968@redhat.com> * Jiri Vanek [2014-03-06 07:36]: > On 03/05/2014 10:57 PM, Andrew Azores wrote: > >Adds a -version flag that simply prints out "icedtea-web $version" > >and exits. "-about -headless" sort of does this already, but it also > >includes a mini license. > > > We really *have to* add an generated man pages in as close future as possible.... But since we only have a pre-written man page (netx/javaws.1) can you please update that with this patch too? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Thu Mar 6 08:19:06 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 17:19:06 +0100 Subject: [rfc][icedtea-web] New PartiallySigned Dialog In-Reply-To: <53164E8D.90101@redhat.com> References: <53164E8D.90101@redhat.com> Message-ID: <53189FFA.3000404@redhat.com> On 03/04/2014 11:07 PM, Andrew Azores wrote: > Hi, > > This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it uses the same remembered action storage and has the same general look and feel. This dialog also has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which allows partially signed ones to also be run with only sandbox permissions. Some more security info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a new Help text for this dialog, but this can be written up separately IMO. Right now it will just display the same Help as the Unsigned dialog. > > ChangeLog: > Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. > Also includes a Sandbox button. > * netx/net/sourceforge/jnlp/resources/Messages.properties: > (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet, > LPartiallySignedAppletUserDenied) new messages > * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: > Logic added for displaying new PartiallySigned dialog. > (showNotAllSignedDialog) removed. (getSigningState) new method. > (promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for > SecurityDelegate. > * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: > (partiallySigned) new method > * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: > (chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet > title made overrideable by subclasses > * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING) > renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old > * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING) > renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed. > (showPartiallySignedWarningDialog) new method > * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: > Added Sandbox action > * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: > (checkPartiallySignedWithUserIfRequired) new method > * tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java: > test now passes since dialog will not appear if applet security is set to Low. > KnownToFail removed. > * tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java: > same > * netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java: > new class > * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: deleted > in favour of PartiallySignedAppTrustWarningPanel > > Thanks, > Ouch - "legacy" dialogs packages? :) Please dont forget to adapt changelog. For patch I think there will be more rounds. Also pls move your new dialogue to proper pacage.package General thoughts: SANDBOX_ALWAYS is not (going to be) supported? If so, the checbox and radiobuttons should be disabled (I have not noted it but I could overlook). But I' +1 to support SANDBOX_ALWAYS - if this will be supported, then there is going to be fun with the sandbox+custom policies saving :) The removal of NotAllSignedWarningPane is not compelte. Please check also used Trasnlator.R keys. If they are dangling, please rmeove them from all Messages*.properties You have removed: - @KnownToFail - assertTrue("NotAllSigned dialog will appear if this test runs. Remove this exception and KnownToFail " - + "when a proper replacement is in place", false); How come? I think partialy signed dialogue should appear always, no matter of EAS level. Or not? + protected String getAppletTitle() { + return R("SAppletTitle", file.getTitle()); + } (And few more methods about title) Wasn't this handled in previous push? Can we have some testing main method as I added recently for unsigned warnng dialogue? hmmm . . . I ahve just spotted usage of type = AccessType.SIGNING_ERROR; In this case this dialogue have sense also for JNLP files. Then ~/icedtea-web-image/bin/javaws -allowredirect http://java.net/projects/electric/downloads/download/WebStartFiles/electricAnt.jnlp would be an example... But it is something for think about for future work. + private String getSigningInfo() { + CertInformation info = jcv.getCertInformation(jcv.getCertPath(null)); + + AccessType type; + if (info != null && info.isRootInCacerts() && !info.hasSigningIssues()) { + type = AccessType.VERIFIED; + } else if (info != null && info.isRootInCacerts()) { + type = AccessType.SIGNING_ERROR; + } else { + type = AccessType.UNVERIFIED; + } + + String mainText = ""; + switch (type) { + case VERIFIED: + mainText = R("SSigVerified"); + break; + case UNVERIFIED: + mainText = R("SSigUnverified"); + break; + case SIGNING_ERROR: + mainText = R("SSignatureError"); + break; + } + + return mainText; + } ouh thats looong way to return one of three strings :) Good work otherwise, Thanx J. From jvanek at redhat.com Thu Mar 6 08:22:32 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 17:22:32 +0100 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <20140306155911.GB1968@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> Message-ID: <5318A0C8.5090507@redhat.com> On 03/06/2014 04:59 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-06 07:36]: >> On 03/05/2014 10:57 PM, Andrew Azores wrote: >>> Adds a -version flag that simply prints out "icedtea-web $version" >>> and exits. "-about -headless" sort of does this already, but it also >>> includes a mini license. >>> >> We really *have to* add an generated man pages in as close future as possible.... > > But since we only have a pre-written man page (netx/javaws.1) can you > please update that with this patch too? > I dont think it is worthy. The current man pages are really *outdated* :( J. From omajid at redhat.com Thu Mar 6 08:15:52 2014 From: omajid at redhat.com (Omair Majid) Date: Thu, 6 Mar 2014 11:15:52 -0500 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <5318A0C8.5090507@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> Message-ID: <20140306161552.GC1968@redhat.com> * Jiri Vanek [2014-03-06 11:14]: > I dont think it is worthy. The current man pages are really *outdated* :( I don't follow. If the pages are outdated, shouldn't we fix that by updating them? Are we abandoning the man pages? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Thu Mar 6 08:37:14 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 17:37:14 +0100 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <20140306161552.GC1968@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> Message-ID: <5318A43A.5080305@redhat.com> On 03/06/2014 05:15 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-06 11:14]: >> I dont think it is worthy. The current man pages are really *outdated* :( > > I don't follow. If the pages are outdated, shouldn't we fix that by > updating them? Are we abandoning the man pages? > Yes we should. Only the good will is missing. First half of previous 8 months I was ignoring them willingly, because I hoped to have the generated ones prepared for 1.5. But this task was moved to 1.6 due to new D-I-D attributes Also you may note - icedtea=web man page is missing (it is jsut copy of current (outdated) javaws.1), itw-settings manpage is missing - and it is HUGE man page, and newly policyeditor is missing. For javaws x icedtea-web man page see a bug in bugzilla. I have jsut spend 10 minutes by trying to connect to bugzilal without sucess[1] J. [1] https://bugzilla.redhat.com/show_bug.cgi?id=948443 it appeared just before press "sent" :) From omajid at redhat.com Thu Mar 6 08:52:33 2014 From: omajid at redhat.com (Omair Majid) Date: Thu, 6 Mar 2014 11:52:33 -0500 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <5318A43A.5080305@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> Message-ID: <20140306165233.GD1968@redhat.com> * Jiri Vanek [2014-03-06 11:29]: > On 03/06/2014 05:15 PM, Omair Majid wrote: > >* Jiri Vanek [2014-03-06 11:14]: > >>I dont think it is worthy. The current man pages are really *outdated* :( > > > >I don't follow. If the pages are outdated, shouldn't we fix that by > >updating them? Are we abandoning the man pages? > > > > Yes we should. Only the good will is missing. Abandoning man pages for 'good will'? I don't follow. If anything, we make things harder for users. > First half of previous 8 months I was ignoring them willingly, > because I hoped to have the generated ones prepared for 1.5. I don't know if generated ones are the magic bullet you think they are. Either way you have to write the documentation. And some parts of the documentation don't belong in code. Still, generated or not, we need some place where users can find documentation. > But this task was moved to 1.6 due to new D-I-D attributes I would like to think that features are not considered 'complete' unless they are documented. > Also you may note - icedtea=web man page is missing (it is jsut copy > of current (outdated) javaws.1) I thought only the commands themselves have man pages. There is no command named `icedtea-web` so there is no man page for it. There is no man page for `mercurial` either, but there is for `hg`. Where is this copy of javaws.1? I don't see it in our repo, and I don't see it when I `make install`. > , itw-settings manpage is missing - and > it is HUGE man page, and newly policyeditor is missing. For self-explanatory GUIs, I am not sure we need detailed man pages. They mostly make sense for command line programs that take lots of arguments and/or options so the options and arguments are properly documented. Aside from the basics ('run itw-settings using the command itw-settings', 'itw-settings allows you to modify setings graphically', 'file bugs at this bug tracker', 'config files are located here'), what else do we need? > For javaws x icedtea-web man page see a bug in bugzilla. I have jsut > spend 10 minutes by trying to connect to bugzilal without sucess[1] It's a private bug, but when I do log in, I don't actually see anything, just your comment saying that you have linked icedtea-web.1 to javaws.1. I think that's not ideal because: - Man pages document binaries rather than packages - You are completely leaving out the plugin :( Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Thu Mar 6 09:39:05 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 06 Mar 2014 18:39:05 +0100 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <20140306165233.GD1968@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> Message-ID: <5318B2B9.8060009@redhat.com> On 03/06/2014 05:52 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-06 11:29]: >> On 03/06/2014 05:15 PM, Omair Majid wrote: >>> * Jiri Vanek [2014-03-06 11:14]: >>>> I dont think it is worthy. The current man pages are really *outdated* :( >>> >>> I don't follow. If the pages are outdated, shouldn't we fix that by >>> updating them? Are we abandoning the man pages? >>> >> >> Yes we should. Only the good will is missing. > > Abandoning man pages for 'good will'? I don't follow. If anything, we > make things harder for users. No. You misunderstood me completely. The will to maintain them is missing. I 100% agree that they are necessary. > >> First half of previous 8 months I was ignoring them willingly, >> because I hoped to have the generated ones prepared for 1.5. > > I don't know if generated ones are the magic bullet you think they are. > Either way you have to write the documentation. And some parts of the > documentation don't belong in code. Still, generated or not, we need > some place where users can find documentation. 100% yes, and the man pages are th way to go. They may be the magic bullet if I fulfil my idea. Some of the content will be reused from -help (especially the cmd switches). They will be easily localisable from properties, and also runtiem help will be possible to generate from them. Defintly the way to go. Also I think the maintainability will be much better. > >> But this task was moved to 1.6 due to new D-I-D attributes > > I would like to think that features are not considered 'complete' unless > they are documented. I would guess the urls in error messgaes and hints in news are ok. And those exists. What else do you recommend? > >> Also you may note - icedtea=web man page is missing (it is jsut copy >> of current (outdated) javaws.1) > > I thought only the commands themselves have man pages. There is no > command named `icedtea-web` so there is no man page for it. > There is no man page for `mercurial` either, but there is for `hg`. > > Where is this copy of javaws.1? I don't see it in our repo, and I don't > see it when I `make install`. Right. Right now there is only javaws.1 Imho two more are misisng. And manpage for "package name" is good recomandation. It can be jsut see javaws + expalinig alternatives, or something more general. Also it may be spec patch only. > >> , itw-settings manpage is missing - and >> it is HUGE man page, and newly policyeditor is missing. > > For self-explanatory GUIs, I am not sure we need detailed man pages. > They mostly make sense for command line programs that take lots of Self expalantory??? The itw-settings have incredible cmd line support! For policieditor we may argue, but at least mentioning that it have --help (again, same with man page => generate) and the only argument expected is filename. > arguments and/or options so the options and arguments are properly > documented. Aside from the basics ('run itw-settings using the command > itw-settings', 'itw-settings allows you to modify setings graphically', > 'file bugs at this bug tracker', 'config files are located here'), what > else do we need? > Well this with config files is good idea. Another good reason for generated mn pages (as defautls are in source codes) >> For javaws x icedtea-web man page see a bug in bugzilla. I have jsut >> spend 10 minutes by trying to connect to bugzilal without sucess[1] > > It's a private bug, but when I do log in, I don't actually see anything, > just your comment saying that you have linked icedtea-web.1 to javaws.1. > I think that's not ideal because: > > - Man pages document binaries rather than packages > - You are completely leaving out the plugin :( hmhmh.. Well thats true. Then the few lines above "see javaws + expalinig alternatives" + "and plugin" may be a solution here. J. From omajid at redhat.com Thu Mar 6 10:00:04 2014 From: omajid at redhat.com (Omair Majid) Date: Thu, 6 Mar 2014 13:00:04 -0500 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <5318B2B9.8060009@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com> Message-ID: <20140306180003.GG1968@redhat.com> * Jiri Vanek [2014-03-06 12:30]: > No. You misunderstood me completely. The will to maintain them is > missing. I 100% agree that they are necessary. Ah, well that's a different matter. I will try and help. > On 03/06/2014 05:52 PM, Omair Majid wrote: > >* Jiri Vanek [2014-03-06 11:29]: > >> First half of previous 8 months I was ignoring them willingly, > >> because I hoped to have the generated ones prepared for 1.5. > > > >I don't know if generated ones are the magic bullet you think they are. > >Either way you have to write the documentation. And some parts of the > >documentation don't belong in code. Still, generated or not, we need > >some place where users can find documentation. > > 100% yes, and the man pages are th way to go. > > They may be the magic bullet if I fulfil my idea. Fair enough. My original suggestion was: let's add a tiny fix (document -version) while we wait for the bigger (and better) fix (the auto-generated man pages). > Right. Right now there is only javaws.1 Imho two more are misisng. And > manpage for "package name" is good recomandation. I am not so sure. `man man` says: "man is the system's manual pager. Each page argument given to man is normally the name of a program, utility or function" `javaws` qualifies as a program, but does icedtea-web? Isn't a README the more appropriate place for this? Do you know of examples where there is a man page for a package where package name is different from the binary name? Any way, if you want to add more documentation and maintain it, that's perfectly fine with me :) > It can be jsut see javaws + expalinig alternatives, or something more > general. Also it may be spec patch only. *If* we decide that this it not very useful upstream, maybe we should encourage downstream to follow? > >>, itw-settings manpage is missing - and > >>it is HUGE man page, and newly policyeditor is missing. > > > >For self-explanatory GUIs, I am not sure we need detailed man pages. > >They mostly make sense for command line programs that take lots of > > Self expalantory??? The itw-settings have incredible cmd line support! Haha. I wrote that :) I meant that it's fairly simple to document the cli bits (there's only 4 or so commands, right) and the GUI is self-explanatory. So the man page shouldn't be that large. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From omajid at redhat.com Thu Mar 6 09:12:57 2014 From: omajid at redhat.com (Omair Majid) Date: Thu, 6 Mar 2014 12:12:57 -0500 Subject: [rfc][icedtea-web] javaws -version flag In-Reply-To: <20140306165233.GD1968@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> Message-ID: <20140306171257.GE1968@redhat.com> * Omair Majid [2014-03-06 12:11]: > Where is this copy of javaws.1? I don't see it in our repo, and I don't > see it when I `make install`. s/javaws.1/icedtea-web.1/ Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Thu Mar 6 12:18:17 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 6 Mar 2014 15:18:17 -0500 (EST) Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <53188132.2040009@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> Message-ID: <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> Thanks for review! Hopefully the new attached patch is nicer. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "Andrew Azores" Cc: "IcedTea" Sent: Thursday, March 6, 2014 9:07:46 AM Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests On 03/05/2014 06:01 PM, Andrew Azores wrote: > Hi, > > The previous thread was diverging into two quite different patches, so I'm splitting it. > > This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. > The Messages.properties changes are missing in in-pathc chagelog public static CustomPermission fromString - more more and more tests. Try to hack yourself. But generally ok. Well the comment is poem-writer's masterpiece :) But better then nothing :) The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be: [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :) The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg? The first quotes are mandatory, and the scond not? As far as I read from regex. Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself. Why is the CustomPermission.fromStirng copypasted to PolicyEditorPermissions ??? Quick glance over tests is ook. Thanx! J. -------------- next part -------------- A non-text attachment was scrubbed... Name: policy-editor-parsing-tests.patch Type: text/x-patch Size: 53575 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/78e05e8e/policy-editor-parsing-tests-0001.patch From jvanek at redhat.com Fri Mar 7 02:44:41 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 11:44:41 +0100 Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag In-Reply-To: <20140306180003.GG1968@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com> <20140306180003.GG1968@redhat.com> Message-ID: <5319A319.90707@redhat.com> Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and itw-settings ? :)) J. On 03/06/2014 07:00 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-06 12:30]: >> No. You misunderstood me completely. The will to maintain them is >> missing. I 100% agree that they are necessary. > > Ah, well that's a different matter. I will try and help. > >> On 03/06/2014 05:52 PM, Omair Majid wrote: >>> * Jiri Vanek [2014-03-06 11:29]: >>>> First half of previous 8 months I was ignoring them willingly, >>>> because I hoped to have the generated ones prepared for 1.5. >>> >>> I don't know if generated ones are the magic bullet you think they are. >>> Either way you have to write the documentation. And some parts of the >>> documentation don't belong in code. Still, generated or not, we need >>> some place where users can find documentation. >> >> 100% yes, and the man pages are th way to go. >> >> They may be the magic bullet if I fulfil my idea. > > Fair enough. My original suggestion was: let's add a tiny fix (document > -version) while we wait for the bigger (and better) fix (the > auto-generated man pages). > >> Right. Right now there is only javaws.1 Imho two more are misisng. And >> manpage for "package name" is good recomandation. > > I am not so sure. `man man` says: > > "man is the system's manual pager. Each page argument given to man is > normally the name of a program, utility or function" > > `javaws` qualifies as a program, but does icedtea-web? > > Isn't a README the more appropriate place for this? Do you know of > examples where there is a man page for a package where package name is > different from the binary name? > > Any way, if you want to add more documentation and maintain it, that's > perfectly fine with me :) > >> It can be jsut see javaws + expalinig alternatives, or something more >> general. Also it may be spec patch only. > > *If* we decide that this it not very useful upstream, maybe we should > encourage downstream to follow? > >>>> , itw-settings manpage is missing - and >>>> it is HUGE man page, and newly policyeditor is missing. >>> >>> For self-explanatory GUIs, I am not sure we need detailed man pages. >>> They mostly make sense for command line programs that take lots of >> >> Self expalantory??? The itw-settings have incredible cmd line support! > > Haha. I wrote that :) > > I meant that it's fairly simple to document the cli bits (there's only 4 > or so commands, right) and the GUI is self-explanatory. So the man page > shouldn't be that large. > > Thanks, > Omair > -------------- next part -------------- A non-text attachment was scrubbed... Name: minorFixes-man.patch Type: text/x-patch Size: 3236 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/39487d7d/minorFixes-man.patch From jvanek at redhat.com Fri Mar 7 02:51:01 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 11:51:01 +0100 Subject: [rfc][icedtea-web] /bin/bash check for configure time Re: [rfc][icedtea-web] have bash in shebang instead of sh or get rid of bashism In-Reply-To: <531734B5.9040105@redhat.com> References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com> <531734B5.9040105@redhat.com> Message-ID: <5319A495.7090601@redhat.com> On 03/05/2014 03:29 PM, Jiri Vanek wrote: > On 03/04/2014 11:22 PM, Andrew Azores wrote: >> On 02/26/2014 10:47 AM, Jiri Vanek wrote: >>> After short discussion with Omair, we agreed that this >>> >>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 >>> >>> IS probably better then get rid of bashism completely. >>> >>> So I would like to forward-port this patch to head. >>> >>> ok? >> >> Fine by me. >> >> Thanks, >> > > Thanx. Pushed. > > The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect > windows. Actually I have no idea how windows are building ITW :( > > J. > Well /bin/bash is used also for generation of htmls. So this is really needed. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: minorFixes-bashCheck.patch Type: text/x-patch Size: 491 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/05ce6f1e/minorFixes-bashCheck.patch From ptisnovs at icedtea.classpath.org Fri Mar 7 04:08:43 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 07 Mar 2014 12:08:43 +0000 Subject: /hg/gfx-test: Eight new tests added into BitBltUsingBgColor test... Message-ID: changeset 154d24fa3f31 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=154d24fa3f31 author: Pavel Tisnovsky date: Fri Mar 07 13:09:25 2014 +0100 Eight new tests added into BitBltUsingBgColor test suite. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltUsingBgColor.java | 120 +++++++++++++++++++++ 2 files changed, 125 insertions(+), 0 deletions(-) diffs (142 lines): diff -r 219ddc3bf108 -r 154d24fa3f31 ChangeLog --- a/ChangeLog Tue Mar 04 11:04:28 2014 +0100 +++ b/ChangeLog Fri Mar 07 13:09:25 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-07 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: + Eight new tests added into BitBltUsingBgColor test suite. + 2014-03-04 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: diff -r 219ddc3bf108 -r 154d24fa3f31 src/org/gfxtest/testsuites/BitBltUsingBgColor.java --- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Tue Mar 04 11:04:28 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Fri Mar 07 13:09:25 2014 +0100 @@ -5552,6 +5552,126 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * Background color is set to Color.cyan. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundCyan(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.cyan); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * Background color is set to Color.red. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundRed(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.red); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * Background color is set to Color.magenta. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundMagenta(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.magenta); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * Background color is set to Color.yellow. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundYellow(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.yellow); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * Background color is set to Color.white. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundWhite(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.white); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.black. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundBlack(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.black); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.blue. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundBlue(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.blue); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.green. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundGreen(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.green); + } + + /** * Entry point to the test suite. * * @param args not used in this case From ptisnovs at icedtea.classpath.org Fri Mar 7 04:20:32 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 07 Mar 2014 12:20:32 +0000 Subject: /hg/rhino-tests: Added new tests testGetResourceAsStreamPositiov... Message-ID: changeset 482d9f98ee40 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=482d9f98ee40 author: Pavel Tisnovsky date: Fri Mar 07 13:21:16 2014 +0100 Added new tests testGetResourceAsStreamPositioveTest and toStringTest into SimpleBindingsClassTest. diffstat: ChangeLog | 6 ++++++ src/org/RhinoTests/SimpleBindingsClassTest.java | 18 ++++++++++++++++++ 2 files changed, 24 insertions(+), 0 deletions(-) diffs (41 lines): diff -r c7bc5728b4a1 -r 482d9f98ee40 ChangeLog --- a/ChangeLog Tue Mar 04 11:42:00 2014 +0100 +++ b/ChangeLog Fri Mar 07 13:21:16 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-07 Pavel Tisnovsky + + * src/org/RhinoTests/SimpleBindingsClassTest.java: + Added new tests testGetResourceAsStreamPositioveTest and + toStringTest into SimpleBindingsClassTest. + 2014-03-04 Pavel Tisnovsky * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: diff -r c7bc5728b4a1 -r 482d9f98ee40 src/org/RhinoTests/SimpleBindingsClassTest.java --- a/src/org/RhinoTests/SimpleBindingsClassTest.java Tue Mar 04 11:42:00 2014 +0100 +++ b/src/org/RhinoTests/SimpleBindingsClassTest.java Fri Mar 07 13:21:16 2014 +0100 @@ -2154,6 +2154,24 @@ } /** + * Test for method javax.script.SimpleBindings.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.simpleBindingsClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.SimpleBindings.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.simpleBindingsClass.toString(); + assertEquals("class javax.script.SimpleBindings", asString, "wrong toString() return value"); + } + + /** * Test for instanceof operator applied to a class javax.script.SimpleBindings */ @SuppressWarnings("cast") From jvanek at redhat.com Fri Mar 7 04:40:28 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 13:40:28 +0100 Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) Message-ID: <5319BE3C.2030008@redhat.com> When plugin is using jnlpHref to start, the location of jnlp file is not stored properly. When one wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then tmplate have nothing to match) However I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :( Now it is dying with itself : Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit() at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391) at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388) at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46) at arcadeflex.UrlDownloadProgress.(UrlDownloadProgress.java:28) at arcadeflex.osdepend.main(osdepend.java:75) at arcadeflex.MainApplet$1.run(MainApplet.java:78) at java.lang.Thread.run(Thread.java:744) Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :) J. ps: reproducers for this are missing. -------------- next part -------------- A non-text attachment was scrubbed... Name: fixedUnsetLocationForJnlpHref.patch Type: text/x-patch Size: 676 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/8d73c303/fixedUnsetLocationForJnlpHref.patch From jvanek at redhat.com Fri Mar 7 04:56:15 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 13:56:15 +0100 Subject: Upcoming release of icedtea-web 1.5 Message-ID: <5319C1EF.2020801@redhat.com> Hi All! I would like to announce, that deadline for icedtea-web 1.5 to be released should match start of April. 1st April sounds good, doesn't it ?-) But Few days later should be still ok. Please count with head branch freezing in last week before release - an week for testing - so pushes in this week will be only for for translation files and regression fixes. According to my knowledge 1.5 is healthy now. Also I'm continually pushing it alive into fedora-rawhide. And well, no one complains :) Also please note I will be off 17-19.3. The reason for start of April is that 16.4 is Oracle CPU. This my cause another month of delay, which would be unbearable. Thank you for understanding. J From jvanek at redhat.com Fri Mar 7 05:24:09 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 14:24:09 +0100 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> Message-ID: <5319C879.4090903@redhat.com> The messages.properties changes are still not listed in changelog. This is probably nit, but: + final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string); + final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string); + if (!targetMatcher.matches() && !actionMatcher.matches()) { + return null; + } + + final String typeStr, targetStr, actionsStr; + + if (actionMatcher.matches()) { + typeStr = actionMatcher.group(1); + targetStr = actionMatcher.group(2); + actionsStr = actionMatcher.group(3); + } else { + typeStr = targetMatcher.group(1); + targetStr = targetMatcher.group(2); + actionsStr = ""; } the first matcher is needed only when second one fails. Maybe would be nice to remove the unnecessary matching. similar for PolicyEditorPermissions which is still suspiciously similar:( The chnage [\\w.] -> [\\w\\.] looks enough :) Thanx! J. On 03/06/2014 09:18 PM, Andrew Azores wrote: > Thanks for review! Hopefully the new attached patch is nicer. > > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "Andrew Azores" > Cc: "IcedTea" > Sent: Thursday, March 6, 2014 9:07:46 AM > Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests > > On 03/05/2014 06:01 PM, Andrew Azores wrote: >> Hi, >> >> The previous thread was diverging into two quite different patches, so I'm splitting it. >> >> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. >> > > The Messages.properties changes are missing in in-pathc chagelog > > public static CustomPermission fromString - more more and more tests. Try to hack yourself. But generally ok. > Well the comment is poem-writer's masterpiece :) But better then nothing :) > The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be: > [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :) > The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg? > The first quotes are mandatory, and the scond not? As far as I read from regex. > Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself. > > > Why is the CustomPermission.fromStirng copypasted to PolicyEditorPermissions ??? > > Quick glance over tests is ook. > > Thanx! > J. > From jvanek at redhat.com Fri Mar 7 07:21:29 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 07 Mar 2014 16:21:29 +0100 Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <53174F77.2070209@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com> Message-ID: <5319E3F9.9020405@redhat.com> On 03/05/2014 05:23 PM, Jiri Vanek wrote: > On 03/05/2014 03:16 PM, Andrew Azores wrote: >> On 03/05/2014 09:19 AM, Jiri Vanek wrote: >>> On 03/04/2014 11:26 PM, Andrew Azores wrote: >>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote: >>>>> hi! >>>>> >>>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the >>>>> issue is missing. So always my first question in bug is "may you please post url" ? >>>>> >>>>> Also java connector is printing out system properties. So it crossed my mind to store the >>>>> launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it >>>>> makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs) >>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >>>>> >>>>> This needs also some more work on java-abrt-conenctor - see >>>>> https://github.com/jfilak/abrt-java-connector/issues/34 >>>>> >>>>> J. >>>> >>>> I like the intent behind the patch but I don't know if I really like using system properties for >>>> this :/ >>> >>> I'm not sure with them too:( >>> >>> > not that I have any better ideas off the top of my head. >>> >>> The abrt agent can actually do anything. My another idea is to store it in some static (private) >>> variable. The whitleist in issue 34 will then be package.class fieldName >> >> I didn't know that this would be an option. This sounds much, much better to me. >> >>> >>> > But this just does not seem to me like what the properties are meant to be used for. >>> >>> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read >>> properties, will be able to spy history. >> >> Yea, and this is really not a good mechanism to be providing. >> >>> >>> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34 >>>> It seems like nobody else is chiming in with any better ideas, and you're right that the >>>> automatic bug reports are a little bit useless without something like this, so if you have no >>>> better implementations in mind then I suppose this will have to suffice. >>> >>> What do you thnk about this approach? (otherwise it will be same) >>> Thank you! >>> > > So here is version with field. So here is version with method. We agreed on it today With Jakub. Andrew, I.m still using the string. Although I was thinking about usage of: if (!history.contains(documentBase)){ JNLPRuntime.history += " " + documentBase + " "; } I think it can be interesting to know number of reloads. Also I wont to have string since begining (not set - method -> sting) as any logic after OOM error, can be undoable. But String will be still possible to dig. > > the whitelist then will be: > netx.net.sourceforge.jnlp.runtime.JNLPRuntime history netx.net.sourceforge.jnlp.runtime.JNLPRuntime getHistory (or whatever, but it is still private method) The comment is added as Omair wonted. The synchronization was *not* added. I really think it do not belongs here. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: abrtMethod.diff Type: text/x-patch Size: 2655 bytes Desc: not available Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/4b5b6027/abrtMethod.diff From omajid at redhat.com Fri Mar 7 07:57:25 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 7 Mar 2014 10:57:25 -0500 Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag In-Reply-To: <5319A319.90707@redhat.com> References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com> <20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com> <20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com> Message-ID: <20140307155724.GA24571@redhat.com> * Jiri Vanek [2014-03-07 05:44]: > .SH FILES > -~/.icedtea/deployment.properties specifies the settings used by javaws > +~/.config/icedtea-web/deployment.properties specifies the settings used by javaws > + > +~/.config/icedtea-web/log (may be set to different location by you) contains file log files (if enabled). > +itw-cplugin-date_time.log for native part of plugin, itw-javantx-date_time.log for everything else. > + > +~/.config/icedtea-web/security/java.policy contains granted permissions for selected usnigned apps > + > +~/.config/icedtea-web/security/trusted.*certs contains various stored certificates > + > +~/.cache/icedtea-web/cache contains cached runtime entries (amy be changed by you) > + > +~/.cache/icedtea-web/pcache contains saved applicatin data > + > +~/.cache/icedtea-web/tmp contains temporary runtime files You might want to use XDG_* variables for `.cache` and `.config` too. Looks fine, though. Cheers, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From andrew at icedtea.classpath.org Sat Mar 8 18:06:52 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Sat, 08 Mar 2014 18:06:52 +0000 Subject: /hg/icedtea7: 2 new changesets Message-ID: changeset ae136889742c in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=ae136889742c author: Andrew John Hughes date: Sat Mar 08 18:05:26 2014 +0000 Add support for the AArch64 port HotSpot. 2014-03-07 Andrew John Hughes * patches/systemtap_gc.patch: Moved to... * Makefile.am: Make systemtap_gc.patch HotSpot-dependent. * hotspot.map: Add aarch64 HotSpot. * patches/hotspot/aarch64/systemtap_gc.patch: New patch against AArch64 HotSpot tarball. * patches/hotspot/default/systemtap_gc.patch: ... here. changeset b1043cc0cd82 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=b1043cc0cd82 author: Andrew John Hughes date: Sat Mar 08 18:06:34 2014 +0000 Default libpcsc usage to off, so others can be used at run-time. 2014-03-07 Andrew John Hughes * acinclude: (IT_CHECK_FOR_PCSC): Default to off. diffstat: ChangeLog | 15 + Makefile.am | 2 +- acinclude.m4 | 2 +- hotspot.map | 1 + patches/hotspot/aarch64/systemtap_gc.patch | 373 ++++++++++++++++++++++++++++ patches/hotspot/default/systemtap_gc.patch | 379 +++++++++++++++++++++++++++++ patches/systemtap_gc.patch | 379 ----------------------------- 7 files changed, 770 insertions(+), 381 deletions(-) diffs (truncated from 1196 to 500 lines): diff -r 74d5e26fce82 -r b1043cc0cd82 ChangeLog --- a/ChangeLog Mon Feb 24 16:19:53 2014 +0000 +++ b/ChangeLog Sat Mar 08 18:06:34 2014 +0000 @@ -1,3 +1,18 @@ +2014-03-07 Andrew John Hughes + + * acinclude: + (IT_CHECK_FOR_PCSC): Default to off. + +2014-03-07 Andrew John Hughes + + * patches/systemtap_gc.patch: Moved to... + * Makefile.am: Make systemtap_gc.patch HotSpot-dependent. + * hotspot.map: Add aarch64 HotSpot. + * patches/hotspot/aarch64/systemtap_gc.patch: + New patch against AArch64 HotSpot tarball. + * patches/hotspot/default/systemtap_gc.patch: + ... here. + 2014-02-24 Andrew John Hughes * NEWS: Add Gentoo bug reference for diff -r 74d5e26fce82 -r b1043cc0cd82 Makefile.am --- a/Makefile.am Mon Feb 24 16:19:53 2014 +0000 +++ b/Makefile.am Sat Mar 08 18:06:34 2014 +0000 @@ -290,7 +290,7 @@ if ENABLE_SYSTEMTAP ICEDTEA_PATCHES += \ - patches/systemtap_gc.patch + patches/hotspot/$(HSBUILD)/systemtap_gc.patch endif if ENABLE_NSS diff -r 74d5e26fce82 -r b1043cc0cd82 acinclude.m4 --- a/acinclude.m4 Mon Feb 24 16:19:53 2014 +0000 +++ b/acinclude.m4 Sat Mar 08 18:06:34 2014 +0000 @@ -2219,7 +2219,7 @@ ENABLE_SYSTEM_PCSC="${enableval}" ], [ - ENABLE_SYSTEM_PCSC="yes" + ENABLE_SYSTEM_PCSC="no" ]) AC_MSG_RESULT(${ENABLE_SYSTEM_PCSC}) if test x"${ENABLE_SYSTEM_PCSC}" = "xyes"; then diff -r 74d5e26fce82 -r b1043cc0cd82 hotspot.map --- a/hotspot.map Mon Feb 24 16:19:53 2014 +0000 +++ b/hotspot.map Sat Mar 08 18:06:34 2014 +0000 @@ -1,2 +1,3 @@ # version url changeset sha256sum default http://icedtea.classpath.org/hg/icedtea7-forest/hotspot f30e87f16d90 871fa08b8e9d7a2958cee844f940752c39b1946146dc382c005269e86b687a49 +aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a diff -r 74d5e26fce82 -r b1043cc0cd82 patches/hotspot/aarch64/systemtap_gc.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/hotspot/aarch64/systemtap_gc.patch Sat Mar 08 18:06:34 2014 +0000 @@ -0,0 +1,373 @@ +diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp +--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp 2014-03-07 04:29:33.230530073 +0000 +@@ -33,9 +33,13 @@ + #include "memory/resourceArea.hpp" + #include "runtime/frame.inline.hpp" + #include "runtime/signature.hpp" ++#include "utilities/dtrace.hpp" + #ifdef COMPILER1 + #include "c1/c1_Defs.hpp" + #endif ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t); ++#endif /* !USDT2 */ + + // OopMapStream + +@@ -677,6 +681,9 @@ + " - Derived: " INTPTR_FORMAT " Base: " INTPTR_FORMAT " (Offset: %d)", + derived_loc, (address)*derived_loc, (address)base, offset); + } ++#ifndef USDT2 ++ HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry); ++#endif /* !USDT2 */ + + // Delete entry + delete entry; +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -62,6 +62,12 @@ + #include "runtime/vmThread.hpp" + #include "services/memoryService.hpp" + #include "services/runtimeService.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + // statics + CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL; +@@ -1642,7 +1648,13 @@ + size_t size, + bool tlab) + { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + collector()->collect(full, clear_all_soft_refs, size, tlab); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + } + + void CMSCollector::collect(bool full, +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-03-07 04:33:00.601620772 +0000 +@@ -49,8 +49,13 @@ + #include "runtime/thread.hpp" + #include "runtime/vmThread.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__end, *uintptr_t, *uintptr_t); ++ #endif /* !USDT2 */ + class HeapRegion; + + void G1MarkSweep::invoke_at_safepoint(ReferenceProcessor* rp, +@@ -84,6 +89,9 @@ + // The marking doesn't preserve the marks of biased objects. + BiasedLocking::preserve_marks(); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__G1__begin, &sh, sh->gc_cause()); ++#endif /* !USDT2 */ + mark_sweep_phase1(marked_for_unloading, clear_all_softrefs); + + mark_sweep_phase2(); +@@ -99,6 +107,9 @@ + BiasedLocking::restore_marks(); + GenMarkSweep::deallocate_stacks(); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__G1__end, &sh, sh->gc_cause()); ++#endif /* !USDT2 */ + // "free at last gc" is calculated from these. + // CHF: cheating for now!!! + // Universe::set_heap_capacity_at_last_gc(Universe::heap()->capacity()); +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp 2014-03-07 04:31:58.396693660 +0000 +@@ -43,8 +43,14 @@ + #include "runtime/java.hpp" + #include "runtime/vmThread.hpp" + #include "services/memTracker.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/vmError.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__end, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ ++ + PSYoungGen* ParallelScavengeHeap::_young_gen = NULL; + PSOldGen* ParallelScavengeHeap::_old_gen = NULL; + PSAdaptiveSizePolicy* ParallelScavengeHeap::_size_policy = NULL; +@@ -530,7 +536,13 @@ + } + + VM_ParallelGCSystemGC op(gc_count, full_gc_count, cause); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__begin, &op, cause); ++#endif /* !USDT2 */ + VMThread::execute(&op); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__end, &op, cause); ++#endif /* !USDT2 */ + } + + void ParallelScavengeHeap::oop_iterate(ExtendedOopClosure* cl) { +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -56,11 +56,18 @@ + #include "services/management.hpp" + #include "services/memoryService.hpp" + #include "services/memTracker.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + #include "utilities/stack.inline.hpp" + + #include + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__ParallelCompact__clear, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parallel__collect, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__move, *uintptr_t, *uintptr_t, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ ++ + // All sizes are in HeapWords. + const size_t ParallelCompactData::Log2RegionSize = 16; // 64K words + const size_t ParallelCompactData::RegionSize = (size_t)1 << Log2RegionSize; +@@ -451,6 +458,9 @@ + + void ParallelCompactData::clear() + { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__ParallelCompact__clear, &_region_data, _region_data->data_location()); ++#endif /* !USDT2 */ + memset(_region_data, 0, _region_vspace->committed_size()); + memset(_block_data, 0, _block_vspace->committed_size()); + } +@@ -1977,6 +1987,9 @@ + "should be in vm thread"); + + ParallelScavengeHeap* heap = gc_heap(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parallel__collect, heap, heap->gc_cause()); ++#endif /* !USDT2 */ + GCCause::Cause gc_cause = heap->gc_cause(); + assert(!heap->is_gc_active(), "not reentrant"); + +@@ -3269,6 +3282,9 @@ + // past the end of the partial object entering the region (if any). + HeapWord* const dest_addr = sd.partial_obj_end(dp_region); + HeapWord* const new_top = _space_info[space_id].new_top(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__move, &beg_addr, &end_addr, &dest_addr, &new_top); ++#endif /* !USDT2 */ + assert(new_top >= dest_addr, "bad new_top value"); + const size_t words = pointer_delta(new_top, dest_addr); + +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -54,8 +54,17 @@ + #include "runtime/vmThread.hpp" + #include "runtime/vm_operations.hpp" + #include "services/memoryService.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/stack.inline.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__end, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__end, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__end, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ + + HeapWord* PSScavenge::_to_space_top_before_gc = NULL; + int PSScavenge::_consecutive_skipped_scavenges = 0; +@@ -228,7 +237,13 @@ + PSAdaptiveSizePolicy* policy = heap->size_policy(); + IsGCActiveMark mark; + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + const bool scavenge_done = PSScavenge::invoke_no_policy(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + const bool need_full_gc = !scavenge_done || + policy->should_full_GC(heap->old_gen()->free_in_bytes()); + bool full_gc_done = false; +@@ -245,9 +260,21 @@ + const bool clear_all_softrefs = cp->should_clear_all_soft_refs(); + + if (UseParallelOldGC) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + full_gc_done = PSParallelCompact::invoke_no_policy(clear_all_softrefs); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + } else { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + full_gc_done = PSMarkSweep::invoke_no_policy(clear_all_softrefs); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + } + } + +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -54,6 +54,12 @@ + #include "utilities/copy.hpp" + #include "utilities/globalDefinitions.hpp" + #include "utilities/workgroup.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + #ifdef _MSC_VER + #pragma warning( push ) +@@ -911,6 +917,9 @@ + bool clear_all_soft_refs, + size_t size, + bool is_tlab) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + assert(full || size > 0, "otherwise we don't want to collect"); + + GenCollectedHeap* gch = GenCollectedHeap::heap(); +@@ -1061,6 +1070,10 @@ + gch->print_heap_change(gch_prev_used); + } + ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ ++ + if (PrintGCDetails && ParallelGCVerbose) { + TASKQUEUE_STATS_ONLY(thread_state_set.print_termination_stats()); + TASKQUEUE_STATS_ONLY(thread_state_set.print_taskqueue_stats()); +diff -Nru openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp 2014-03-07 04:31:15.676056944 +0000 +@@ -44,8 +44,13 @@ + #include "runtime/java.hpp" + #include "runtime/thread.inline.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/stack.inline.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + // + // DefNewGeneration functions. + +@@ -558,6 +563,9 @@ + bool clear_all_soft_refs, + size_t size, + bool is_tlab) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + assert(full || size > 0, "otherwise we don't want to collect"); + + GenCollectedHeap* gch = GenCollectedHeap::heap(); +@@ -706,6 +714,10 @@ + jlong now = os::javaTimeNanos() / NANOSECS_PER_MILLISEC; + update_time_of_last_gc(now); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ ++ + gch->trace_heap_after_gc(&gc_tracer); + gc_tracer.report_tenuring_threshold(tenuring_threshold()); + +diff -Nru openjdk.orig/hotspot/src/share/vm/memory/generation.cpp openjdk/hotspot/src/share/vm/memory/generation.cpp +--- openjdk.orig/hotspot/src/share/vm/memory/generation.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/memory/generation.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -41,8 +41,14 @@ + #include "oops/oop.inline.hpp" + #include "runtime/java.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ ++ + Generation::Generation(ReservedSpace rs, size_t initial_size, int level) : + _level(level), + _ref_processor(NULL) { +@@ -640,7 +646,13 @@ + SerialOldTracer* gc_tracer = GenMarkSweep::gc_tracer(); + gc_tracer->report_gc_start(gch->gc_cause(), gc_timer->gc_start()); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + GenMarkSweep::invoke_at_safepoint(_level, ref_processor(), clear_all_soft_refs); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + + gc_timer->register_gc_end(); + +diff -Nru openjdk.orig/hotspot/src/share/vm/memory/tenuredGeneration.cpp openjdk/hotspot/src/share/vm/memory/tenuredGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/memory/tenuredGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/memory/tenuredGeneration.cpp 2014-03-07 04:30:33.691431197 +0000 +@@ -34,6 +34,12 @@ + #include "oops/oop.inline.hpp" + #include "runtime/java.hpp" + #include "utilities/macros.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__tenured__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__tenured__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + TenuredGeneration::TenuredGeneration(ReservedSpace rs, + size_t initial_byte_size, int level, +@@ -152,8 +158,14 @@ + size_t size, + bool is_tlab) { + retire_alloc_buffers_before_full_gc(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__tenured__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + OneContigSpaceCardGeneration::collect(full, clear_all_soft_refs, + size, is_tlab); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__tenured__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + } + + void TenuredGeneration::compute_new_size() { diff -r 74d5e26fce82 -r b1043cc0cd82 patches/hotspot/default/systemtap_gc.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/hotspot/default/systemtap_gc.patch Sat Mar 08 18:06:34 2014 +0000 @@ -0,0 +1,379 @@ +diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp +--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp 2014-01-23 23:25:39.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp 2014-01-24 04:36:46.878006161 +0000 +@@ -33,9 +33,13 @@ + #include "memory/resourceArea.hpp" + #include "runtime/frame.inline.hpp" + #include "runtime/signature.hpp" ++#include "utilities/dtrace.hpp" + #ifdef COMPILER1 + #include "c1/c1_Defs.hpp" + #endif ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t); ++#endif /* !USDT2 */ + + // OopMapStream + +@@ -677,6 +681,9 @@ + " - Derived: " INTPTR_FORMAT " Base: " INTPTR_FORMAT " (Offset: %d)", + derived_loc, (address)*derived_loc, (address)base, offset); + } ++#ifndef USDT2 ++ HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry); ++#endif /* !USDT2 */ + + // Delete entry + delete entry; +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-01-23 23:25:39.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-01-24 04:36:46.878006161 +0000 +@@ -59,6 +59,12 @@ + #include "runtime/vmThread.hpp" + #include "services/memoryService.hpp" + #include "services/runtimeService.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + // statics + CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL; +@@ -1647,7 +1653,13 @@ + size_t size, + bool tlab) + { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + collector()->collect(full, clear_all_soft_refs, size, tlab); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + } + + void CMSCollector::collect(bool full, +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-01-23 23:25:39.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-01-24 04:36:46.878006161 +0000 +@@ -50,8 +50,13 @@ + #include "runtime/thread.hpp" + #include "runtime/vmThread.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" From aazores at redhat.com Sat Mar 8 03:58:20 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 7 Mar 2014 22:58:20 -0500 (EST) Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) In-Reply-To: <5319BE3C.2030008@redhat.com> References: <5319BE3C.2030008@redhat.com> Message-ID: <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> No, I don't think there's any way to make applets able to call System.exit() with the custom policies. Not with the way JNLPSecurityManager is currently written. I can't think of a valid reason an applet would need to be able to kill the JVM though... so I don't think it's worth modifying the security manager to allow this. Patch itself looks good to me. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "IcedTea Distro List" Sent: Friday, March 7, 2014 7:40:28 AM Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) When plugin is using jnlpHref to start, the location of jnlp file is not stored properly. When one wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then tmplate have nothing to match) However I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :( Now it is dying with itself : Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit() at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391) at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388) at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46) at arcadeflex.UrlDownloadProgress.(UrlDownloadProgress.java:28) at arcadeflex.osdepend.main(osdepend.java:75) at arcadeflex.MainApplet$1.run(MainApplet.java:78) at java.lang.Thread.run(Thread.java:744) Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :) J. ps: reproducers for this are missing. From aazores at redhat.com Sat Mar 8 03:59:15 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 7 Mar 2014 22:59:15 -0500 (EST) Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag In-Reply-To: <5319A319.90707@redhat.com> References: <53179DCE.6070405@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com> <20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com> Message-ID: <208916506.984399.1394251155320.JavaMail.zimbra@redhat.com> I have no idea how to write a man page, but PolicyEditor's should be quite short and simple. Good opportunity for me to learn? Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "Omair Majid" Cc: "Andrew Azores" , "IcedTea" Sent: Friday, March 7, 2014 5:44:41 AM Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and itw-settings ? :)) J. On 03/06/2014 07:00 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-06 12:30]: >> No. You misunderstood me completely. The will to maintain them is >> missing. I 100% agree that they are necessary. > > Ah, well that's a different matter. I will try and help. > >> On 03/06/2014 05:52 PM, Omair Majid wrote: >>> * Jiri Vanek [2014-03-06 11:29]: >>>> First half of previous 8 months I was ignoring them willingly, >>>> because I hoped to have the generated ones prepared for 1.5. >>> >>> I don't know if generated ones are the magic bullet you think they are. >>> Either way you have to write the documentation. And some parts of the >>> documentation don't belong in code. Still, generated or not, we need >>> some place where users can find documentation. >> >> 100% yes, and the man pages are th way to go. >> >> They may be the magic bullet if I fulfil my idea. > > Fair enough. My original suggestion was: let's add a tiny fix (document > -version) while we wait for the bigger (and better) fix (the > auto-generated man pages). > >> Right. Right now there is only javaws.1 Imho two more are misisng. And >> manpage for "package name" is good recomandation. > > I am not so sure. `man man` says: > > "man is the system's manual pager. Each page argument given to man is > normally the name of a program, utility or function" > > `javaws` qualifies as a program, but does icedtea-web? > > Isn't a README the more appropriate place for this? Do you know of > examples where there is a man page for a package where package name is > different from the binary name? > > Any way, if you want to add more documentation and maintain it, that's > perfectly fine with me :) > >> It can be jsut see javaws + expalinig alternatives, or something more >> general. Also it may be spec patch only. > > *If* we decide that this it not very useful upstream, maybe we should > encourage downstream to follow? > >>>> , itw-settings manpage is missing - and >>>> it is HUGE man page, and newly policyeditor is missing. >>> >>> For self-explanatory GUIs, I am not sure we need detailed man pages. >>> They mostly make sense for command line programs that take lots of >> >> Self expalantory??? The itw-settings have incredible cmd line support! > > Haha. I wrote that :) > > I meant that it's fairly simple to document the cli bits (there's only 4 > or so commands, right) and the GUI is self-explanatory. So the man page > shouldn't be that large. > > Thanks, > Omair > From aazores at redhat.com Sat Mar 8 03:52:21 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 7 Mar 2014 22:52:21 -0500 (EST) Subject: [rfc][icedtea-web] save runn urls to property In-Reply-To: <5319E3F9.9020405@redhat.com> References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com> <53173282.7020401@redhat.com> <531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com> <5319E3F9.9020405@redhat.com> Message-ID: <1903193196.984297.1394250741270.JavaMail.zimbra@redhat.com> Fair enough on the Set argument. IMO this looks pretty good, but maybe wait to see if Omair has any comments still before pushing. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "Andrew Azores" Cc: "Jakub Filak" , "IcedTea Distro List" , "Omair Majid" Sent: Friday, March 7, 2014 10:21:29 AM Subject: Re: [rfc][icedtea-web] save runn urls to property On 03/05/2014 05:23 PM, Jiri Vanek wrote: > On 03/05/2014 03:16 PM, Andrew Azores wrote: >> On 03/05/2014 09:19 AM, Jiri Vanek wrote: >>> On 03/04/2014 11:26 PM, Andrew Azores wrote: >>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote: >>>>> hi! >>>>> >>>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the >>>>> issue is missing. So always my first question in bug is "may you please post url" ? >>>>> >>>>> Also java connector is printing out system properties. So it crossed my mind to store the >>>>> launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it >>>>> makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs) >>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390 >>>>> >>>>> This needs also some more work on java-abrt-conenctor - see >>>>> https://github.com/jfilak/abrt-java-connector/issues/34 >>>>> >>>>> J. >>>> >>>> I like the intent behind the patch but I don't know if I really like using system properties for >>>> this :/ >>> >>> I'm not sure with them too:( >>> >>> > not that I have any better ideas off the top of my head. >>> >>> The abrt agent can actually do anything. My another idea is to store it in some static (private) >>> variable. The whitleist in issue 34 will then be package.class fieldName >> >> I didn't know that this would be an option. This sounds much, much better to me. >> >>> >>> > But this just does not seem to me like what the properties are meant to be used for. >>> >>> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read >>> properties, will be able to spy history. >> >> Yea, and this is really not a good mechanism to be providing. >> >>> >>> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34 >>>> It seems like nobody else is chiming in with any better ideas, and you're right that the >>>> automatic bug reports are a little bit useless without something like this, so if you have no >>>> better implementations in mind then I suppose this will have to suffice. >>> >>> What do you thnk about this approach? (otherwise it will be same) >>> Thank you! >>> > > So here is version with field. So here is version with method. We agreed on it today With Jakub. Andrew, I.m still using the string. Although I was thinking about usage of: if (!history.contains(documentBase)){ JNLPRuntime.history += " " + documentBase + " "; } I think it can be interesting to know number of reloads. Also I wont to have string since begining (not set - method -> sting) as any logic after OOM error, can be undoable. But String will be still possible to dig. > > the whitelist then will be: > netx.net.sourceforge.jnlp.runtime.JNLPRuntime history netx.net.sourceforge.jnlp.runtime.JNLPRuntime getHistory (or whatever, but it is still private method) The comment is added as Omair wonted. The synchronization was *not* added. I really think it do not belongs here. J. From aazores at redhat.com Sat Mar 8 04:07:23 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 7 Mar 2014 23:07:23 -0500 (EST) Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <5319C879.4090903@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> <5319C879.4090903@redhat.com> Message-ID: <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com> Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users, unless they end up with much more massive custom policy files than I'm expecting. And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "Andrew Azores" Cc: "IcedTea" Sent: Friday, March 7, 2014 8:24:09 AM Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests The messages.properties changes are still not listed in changelog. This is probably nit, but: + final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string); + final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string); + if (!targetMatcher.matches() && !actionMatcher.matches()) { + return null; + } + + final String typeStr, targetStr, actionsStr; + + if (actionMatcher.matches()) { + typeStr = actionMatcher.group(1); + targetStr = actionMatcher.group(2); + actionsStr = actionMatcher.group(3); + } else { + typeStr = targetMatcher.group(1); + targetStr = targetMatcher.group(2); + actionsStr = ""; } the first matcher is needed only when second one fails. Maybe would be nice to remove the unnecessary matching. similar for PolicyEditorPermissions which is still suspiciously similar:( The chnage [\\w.] -> [\\w\\.] looks enough :) Thanx! J. On 03/06/2014 09:18 PM, Andrew Azores wrote: > Thanks for review! Hopefully the new attached patch is nicer. > > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "Andrew Azores" > Cc: "IcedTea" > Sent: Thursday, March 6, 2014 9:07:46 AM > Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests > > On 03/05/2014 06:01 PM, Andrew Azores wrote: >> Hi, >> >> The previous thread was diverging into two quite different patches, so I'm splitting it. >> >> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. >> > > The Messages.properties changes are missing in in-pathc chagelog > > public static CustomPermission fromString - more more and more tests. Try to hack yourself. But generally ok. > Well the comment is poem-writer's masterpiece :) But better then nothing :) > The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be: > [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :) > The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg? > The first quotes are mandatory, and the scond not? As far as I read from regex. > Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself. > > > Why is the CustomPermission.fromStirng copypasted to PolicyEditorPermissions ??? > > Quick glance over tests is ook. > > Thanx! > J. > From omajid at redhat.com Sat Mar 8 00:28:09 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 7 Mar 2014 19:28:09 -0500 Subject: [icedtea-web] RFC: man page for itweb-settings Message-ID: <20140308002809.GG24571@redhat.com> Hi, This is a very simple man page for itweb-settings. Okay to push? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/ChangeLog b/ChangeLog --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2014-03-07 Omair Majid + + * Makefile.am (install-data-local): Install itweb-settings.1. + * netx/itweb-settings.1: New file. + 2014-03-06 Andrew Azores * NEWS: added -version flag entry diff --git a/Makefile.am b/Makefile.am --- a/Makefile.am +++ b/Makefile.am @@ -256,6 +256,7 @@ install-data-local: ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1 ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1 + ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1 if ENABLE_DOCS ${mkinstalldirs} $(DESTDIR)$(htmldir) (cd ${abs_top_builddir}/docs/netx; \ diff --git a/netx/itweb-settings.1 b/netx/itweb-settings.1 new file mode 100644 --- /dev/null +++ b/netx/itweb-settings.1 @@ -0,0 +1,79 @@ +.TH itweb-settings 1 "07 Mar 2014" +.SH NAME +itweb-settings - view and modify settings for +.B +javaws +and the browser plugin + +.SH SYNOPSYS +.B itweb-settings +.br +.B itweb-settings +[options] command arguments +.SH DESCRIPTION +.B itweb-settings +is a command line and a GUI program to modify and edit settings used by the +icedtea-web implementation of +.B javaws +and the browser plugin. + +If executed without any arguments, it starts up a GUI. Otherwise, it tries to +do what is specified in the argument. + +The command-line allows quickly searching, making a copy of and modifying +specific settings without having to hunt through a UI. + +.SH OPTIONS + +.TP 12 +--help +Shows some helpful information about the program + +.SH COMMANDS + +.TP 12 +list +Shows a list of all settings. +.TP +get +Shows the value of the named setting. +.TP +info +Shows additional information about the named setting. Includes a description, +the current value, the possible values, and the source of the setting. +.TP +set +Sets the setting to the new value, after checking that it is an appropriate +value. +.TP +reset all +Resets all settings to their original values. +.TP +reset +Resets the named setting to its original value. +.TP +check +Checks that the current value of the setting is a valid value. + +.SH EXAMPLES + +.TP +.B itweb-settings + +Show the GUI editor + +.SH FILES +~/$XDG_CONFIG_DIR/deployment.properties specifies the settings used + +.SH BUGS +There arent any known bugs. If you come across one, please file it at + http://icedtea.classpath.org/bugzilla/ + +.SH AUTHOR +Written and maintained by the IcedTea contributors. + +.SH SEE ALSO +.BR javaws (1), +.BR java (1) +.br +http://icedtea.classpath.org/wiki/IcedTea-Web From stefan.reich.maker.of.eye at googlemail.com Sun Mar 9 15:03:15 2014 From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich) Date: Sun, 9 Mar 2014 16:03:15 +0100 Subject: How to have WebStart create start menu items (on Linux)? Message-ID: I have successfully deployed a WebStart app on both Windows and IcedTea. Just about the only thing I'm missing (- apart from a certificate from a CA that I can afford - ) is to place entries in the start menu. It's Peppermint Linux, so the application in question is lxpanel I believe. I have always found the way that lxpanel collects its applications to be intellectually quite unpenetrable. But anyways - WebStart/IcedTea should be able to do it, right? I am getting a desktop short cut alright, just none in the start menu. Here's my JNLP file: http://tinybrain.de:8080/webstart/webstart.jnlp Many greetings, Stefan And here's a copy: TinyBrain - a brain for your computer TinyBrain.de (Stefan Reich) A brain for your computer that can talk. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ptisnovs at icedtea.classpath.org Mon Mar 10 10:23:18 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 10 Mar 2014 10:23:18 +0000 Subject: /hg/gfx-test: Eight new tests added into CAGOperationsOnTwoTouch... Message-ID: changeset 6c11c8263a23 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=6c11c8263a23 author: Pavel Tisnovsky date: Mon Mar 10 11:23:57 2014 +0100 Eight new tests added into CAGOperationsOnTwoTouchingCircles. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java | 200 ++++++++++ 2 files changed, 205 insertions(+), 0 deletions(-) diffs (222 lines): diff -r 154d24fa3f31 -r 6c11c8263a23 ChangeLog --- a/ChangeLog Fri Mar 07 13:09:25 2014 +0100 +++ b/ChangeLog Mon Mar 10 11:23:57 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-10 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java: + Eight new tests added into CAGOperationsOnTwoTouchingCircles. + 2014-03-07 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: diff -r 154d24fa3f31 -r 6c11c8263a23 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java --- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Fri Mar 07 13:09:25 2014 +0100 +++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Mon Mar 10 11:23:57 2014 +0100 @@ -1407,6 +1407,206 @@ return TestResult.PASSED; } + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Xor operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorTextureFillUsingDiagonalCheckerTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalCheckerTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using union operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using inverse subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testInverseSubtractTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d); + // create area using inverse subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using intersect operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testIntersectTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Xor operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using union operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + // create area using union operator Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); // draw the area From ptisnovs at icedtea.classpath.org Mon Mar 10 10:29:04 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 10 Mar 2014 10:29:04 +0000 Subject: /hg/rhino-tests: Two new tests added into CompiledScriptClassTest. Message-ID: changeset 3452613adb44 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=3452613adb44 author: Pavel Tisnovsky date: Mon Mar 10 11:29:46 2014 +0100 Two new tests added into CompiledScriptClassTest. diffstat: ChangeLog | 5 +++++ src/org/RhinoTests/CompiledScriptClassTest.java | 21 +++++++++++++++++++++ 2 files changed, 26 insertions(+), 0 deletions(-) diffs (50 lines): diff -r 482d9f98ee40 -r 3452613adb44 ChangeLog --- a/ChangeLog Fri Mar 07 13:21:16 2014 +0100 +++ b/ChangeLog Mon Mar 10 11:29:46 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-10 Pavel Tisnovsky + + * src/org/RhinoTests/CompiledScriptClassTest.java: + Two new tests added into CompiledScriptClassTest. + 2014-03-07 Pavel Tisnovsky * src/org/RhinoTests/SimpleBindingsClassTest.java: diff -r 482d9f98ee40 -r 3452613adb44 src/org/RhinoTests/CompiledScriptClassTest.java --- a/src/org/RhinoTests/CompiledScriptClassTest.java Fri Mar 07 13:21:16 2014 +0100 +++ b/src/org/RhinoTests/CompiledScriptClassTest.java Mon Mar 10 11:29:46 2014 +0100 @@ -1923,6 +1923,14 @@ } /** + * Test for method javax.script.CompiledScript.getClass().getResourceNegativeTest() + */ + protected void testGetResourceNegativeTest() { + Object resource = this.compiledScriptClass.getResource("unknown"); + assertNull(resource, "getResource() does not return null"); + } + + /** * Test for method javax.script.CompiledScript.getClass().getResourcePositiveTest() */ protected void testGetResourcePositiveTest() { @@ -1984,6 +1992,19 @@ } /** + * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamNPETest() + */ + protected void testGetResourceAsStreamNPETest() { + try { + Object resource = this.compiledScriptClass.getResourceAsStream(null); + throw new AssertionError("NullPointerException expected!"); + } + catch (NullPointerException e) { + //This is OK OK + } + } + + /** * Test for instanceof operator applied to a class javax.script.CompiledScript */ @SuppressWarnings("cast") From jvanek at redhat.com Mon Mar 10 12:25:20 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 13:25:20 +0100 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> <5319C879.4090903@redhat.com> <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com> Message-ID: <531DAF30.3010204@redhat.com> On 03/08/2014 05:07 AM, Andrew Azores wrote: > Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users, > unless they end up with much more massive custom policy files than I'm expecting. Well its not about the performance of this method, but about ITW as a whole. Consider such a redundant calls in each method. They will mutliply runtime later unbearable. > > And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar Then why they dont share an code? > - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method. Please eleaborate on this two hunks a bit. > > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "Andrew Azores" > Cc: "IcedTea" > Sent: Friday, March 7, 2014 8:24:09 AM > Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests > > The messages.properties changes are still not listed in changelog. and dont forget^ O:) > > This is probably nit, but: > + final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string); > + final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string); > + if (!targetMatcher.matches()&& !actionMatcher.matches()) { > + return null; > + } > + > + final String typeStr, targetStr, actionsStr; > + > + if (actionMatcher.matches()) { > + typeStr = actionMatcher.group(1); > + targetStr = actionMatcher.group(2); > + actionsStr = actionMatcher.group(3); > + } else { > + typeStr = targetMatcher.group(1); > + targetStr = targetMatcher.group(2); > + actionsStr = ""; > } > > the first matcher is needed only when second one fails. Maybe would be nice to remove the > unnecessary matching. > > similar for PolicyEditorPermissions which is still suspiciously similar:( > > > The chnage [\\w.] -> [\\w\\.] looks enough :) > > > > Thanx! > J. > On 03/06/2014 09:18 PM, Andrew Azores wrote: >> Thanks for review! Hopefully the new attached patch is nicer. >> >> Thanks, >> >> Andrew A >> >> ----- Original Message ----- >> From: "Jiri Vanek" >> To: "Andrew Azores" >> Cc: "IcedTea" >> Sent: Thursday, March 6, 2014 9:07:46 AM >> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests >> >> On 03/05/2014 06:01 PM, Andrew Azores wrote: >>> Hi, >>> >>> The previous thread was diverging into two quite different patches, so I'm splitting it. >>> >>> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way. >>> >> >> The Messages.properties changes are missing in in-pathc chagelog >> >> public static CustomPermission fromString - more more and more tests. Try to hack yourself. But generally ok. >> Well the comment is poem-writer's masterpiece :) But better then nothing :) >> The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be: >> [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :) >> The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg? >> The first quotes are mandatory, and the scond not? As far as I read from regex. >> Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself. >> >> >> Why is the CustomPermission.fromStirng copypasted to PolicyEditorPermissions ??? >> >> Quick glance over tests is ook. >> >> Thanx! >> J. >> > From jvanek at redhat.com Mon Mar 10 12:35:15 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 13:35:15 +0100 Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag In-Reply-To: <208916506.984399.1394251155320.JavaMail.zimbra@redhat.com> References: <53179DCE.6070405@redhat.com> <5318A0C8.5090507@redhat.com> <20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com> <20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com> <20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com> <208916506.984399.1394251155320.JavaMail.zimbra@redhat.com> Message-ID: <531DB183.1080402@redhat.com> On 03/08/2014 04:59 AM, Andrew Azores wrote: > I have no idea how to write a man page, but PolicyEditor's should be quite short and simple. Good opportunity for me to learn? Yes O:) You can follow Omairs work - [icedtea-web] RFC: man page for itweb-settings Your is just much simpler. Please don't forge to highlit policytool (as it have quite good manpage) at least as see also (but maybe in description is worthy too) J. > > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "Omair Majid" > Cc: "Andrew Azores", "IcedTea" > Sent: Friday, March 7, 2014 5:44:41 AM > Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag > > Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and > itw-settings ? :)) > > J. > On 03/06/2014 07:00 PM, Omair Majid wrote: >> * Jiri Vanek [2014-03-06 12:30]: >>> No. You misunderstood me completely. The will to maintain them is >>> missing. I 100% agree that they are necessary. >> >> Ah, well that's a different matter. I will try and help. >> >>> On 03/06/2014 05:52 PM, Omair Majid wrote: >>>> * Jiri Vanek [2014-03-06 11:29]: >>>>> First half of previous 8 months I was ignoring them willingly, >>>>> because I hoped to have the generated ones prepared for 1.5. >>>> >>>> I don't know if generated ones are the magic bullet you think they are. >>>> Either way you have to write the documentation. And some parts of the >>>> documentation don't belong in code. Still, generated or not, we need >>>> some place where users can find documentation. >>> >>> 100% yes, and the man pages are th way to go. >>> >>> They may be the magic bullet if I fulfil my idea. >> >> Fair enough. My original suggestion was: let's add a tiny fix (document >> -version) while we wait for the bigger (and better) fix (the >> auto-generated man pages). >> >>> Right. Right now there is only javaws.1 Imho two more are misisng. And >>> manpage for "package name" is good recomandation. >> >> I am not so sure. `man man` says: >> >> "man is the system's manual pager. Each page argument given to man is >> normally the name of a program, utility or function" >> >> `javaws` qualifies as a program, but does icedtea-web? >> >> Isn't a README the more appropriate place for this? Do you know of >> examples where there is a man page for a package where package name is >> different from the binary name? >> >> Any way, if you want to add more documentation and maintain it, that's >> perfectly fine with me :) >> >>> It can be jsut see javaws + expalinig alternatives, or something more >>> general. Also it may be spec patch only. >> >> *If* we decide that this it not very useful upstream, maybe we should >> encourage downstream to follow? >> >>>>> , itw-settings manpage is missing - and >>>>> it is HUGE man page, and newly policyeditor is missing. >>>> >>>> For self-explanatory GUIs, I am not sure we need detailed man pages. >>>> They mostly make sense for command line programs that take lots of >>> >>> Self expalantory??? The itw-settings have incredible cmd line support! >> >> Haha. I wrote that :) >> >> I meant that it's fairly simple to document the cli bits (there's only 4 >> or so commands, right) and the GUI is self-explanatory. So the man page >> shouldn't be that large. >> >> Thanks, >> Omair >> > From jvanek at redhat.com Mon Mar 10 13:03:34 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 14:03:34 +0100 Subject: [icedtea-web] RFC: man page for itweb-settings In-Reply-To: <20140308002809.GG24571@redhat.com> References: <20140308002809.GG24571@redhat.com> Message-ID: <531DB826.7040400@redhat.com> On 03/08/2014 01:28 AM, Omair Majid wrote: > Hi, > > This is a very simple man page for itweb-settings. Okay to push? > > Thanks, > Omair > Yes please. One nit. The --help is actually not correct. Itw-settings handles any unrecognised argument as request for help. So I would: - not confuse with "--" but say just +.TP 12 +help - Also It would be probably good to mention that anything (not just "help") will print info. ALso "Shows some helpful information about the program" hmhmh do not .. well sound :) Maybe Prints out general information about supported program, commands and basic usage. Also: +.SH EXAMPLES Cna contains exmaple ot two :) Feel free to push as it is or with anything above fixed. I'm insists only on not confusing with "--". Thanx for taking it ;) J. From jvanek at icedtea.classpath.org Mon Mar 10 13:58:03 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 10 Mar 2014 13:58:03 +0000 Subject: /hg/icedtea-web: PluginBridge's (fileLocation) of JNLPFile is no... Message-ID: changeset ffc228f3c71f in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ffc228f3c71f author: Jiri Vanek date: Mon Mar 10 15:05:42 2014 +0100 PluginBridge's (fileLocation) of JNLPFile is now properly set in constructor if not existing. Fixed rhbz#1072013 diffstat: ChangeLog | 6 ++++++ netx/net/sourceforge/jnlp/PluginBridge.java | 3 +++ 2 files changed, 9 insertions(+), 0 deletions(-) diffs (26 lines): diff -r bbf4cc4319da -r ffc228f3c71f ChangeLog --- a/ChangeLog Thu Mar 06 09:18:35 2014 -0500 +++ b/ChangeLog Mon Mar 10 15:05:42 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-10 Jiri Vanek + + Fixed rhbz#1072013 + * netx/net/sourceforge/jnlp/PluginBridge.java: The (fileLocation) of + JNLPFile is now properly set in constructor if not existing. + 2014-03-06 Andrew Azores * NEWS: added -version flag entry diff -r bbf4cc4319da -r ffc228f3c71f netx/net/sourceforge/jnlp/PluginBridge.java --- a/netx/net/sourceforge/jnlp/PluginBridge.java Thu Mar 06 09:18:35 2014 -0500 +++ b/netx/net/sourceforge/jnlp/PluginBridge.java Mon Mar 10 15:05:42 2014 +0100 @@ -101,6 +101,9 @@ // value is a complete URL, it will replace codeBase's context. ParserSettings defaultSettings = new ParserSettings(); URL jnlp = new URL(codeBase, params.getJNLPHref()); + if (fileLocation == null){ + fileLocation = jnlp; + } JNLPFile jnlpFile = null; if (params.getJNLPEmbedded() != null) { From jvanek at redhat.com Mon Mar 10 14:08:35 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 15:08:35 +0100 Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) In-Reply-To: <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> References: <5319BE3C.2030008@redhat.com> <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> Message-ID: <531DC763.8090501@redhat.com> On 03/08/2014 04:58 AM, Andrew Azores wrote: > No, I don't think there's any way to make applets able to call System.exit() with the custom policies. Not with the way JNLPSecurityManager is currently written. I can't think of a valid reason an applet would need to be able to kill the JVM though... so I don't think it's worth modifying the security manager to allow this. > Well. I was thinking moreover if it is usable as workaround before upstream removes the call. But this lead me to idea - why is system.exit not checked against policies as all other stuff? But I can probably answer - because there is no such policy? > Patch itself looks good to me. Thanx, pushed. > > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "IcedTea Distro List" > Sent: Friday, March 7, 2014 7:40:28 AM > Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) > > When plugin is using jnlpHref to start, the location of jnlp file is not stored properly. When one > wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then > tmplate have nothing to match) > > However I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :( > > Now it is dying with itself : > > Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit() > at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391) > at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388) > at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46) > at arcadeflex.UrlDownloadProgress.(UrlDownloadProgress.java:28) > at arcadeflex.osdepend.main(osdepend.java:75) > at arcadeflex.MainApplet$1.run(MainApplet.java:78) > at java.lang.Thread.run(Thread.java:744) > > Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :) > > > J. > > > ps: reproducers for this are missing. > From aazores at redhat.com Mon Mar 10 14:22:51 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 10:22:51 -0400 Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) In-Reply-To: <531DC763.8090501@redhat.com> References: <5319BE3C.2030008@redhat.com> <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> <531DC763.8090501@redhat.com> Message-ID: <531DCABB.2090507@redhat.com> On 03/10/2014 10:08 AM, Jiri Vanek wrote: > On 03/08/2014 04:58 AM, Andrew Azores wrote: >> No, I don't think there's any way to make applets able to call >> System.exit() with the custom policies. Not with the way >> JNLPSecurityManager is currently written. I can't think of a valid >> reason an applet would need to be able to kill the JVM though... so I >> don't think it's worth modifying the security manager to allow this. >> > Well. I was thinking moreover if it is usable as workaround before > upstream removes the call. > > But this lead me to idea - why is system.exit not checked against > policies as all other stuff? > But I can probably answer - because there is no such policy? > http://docs.oracle.com/javase/7/docs/api/java/lang/RuntimePermission.html There is a permission that's meant for this (exitVM), but it's supposedly automatically granted, which implies any thread can exit the VM if it wants to. This would explain why JNLPSecurityManager doesn't rely on this permission to determine whether applets/applications are allowed to exit. Thanks, -- Andrew A From jvanek at icedtea.classpath.org Mon Mar 10 14:41:48 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 10 Mar 2014 14:41:48 +0000 Subject: /hg/icedtea-web: Actualized man page for javaws Message-ID: changeset 2217cdd13ad6 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2217cdd13ad6 author: Jiri Vanek date: Mon Mar 10 15:48:24 2014 +0100 Actualized man page for javaws diffstat: ChangeLog | 5 +++++ netx/javaws.1 | 52 +++++++++++++++++++++++++++++++++++++++------------- 2 files changed, 44 insertions(+), 13 deletions(-) diffs (110 lines): diff -r ffc228f3c71f -r 2217cdd13ad6 ChangeLog --- a/ChangeLog Mon Mar 10 15:05:42 2014 +0100 +++ b/ChangeLog Mon Mar 10 15:48:24 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-10 Jiri Vanek + + Actualized man page for javaws + * netx/javaws.1: made sync with current state + 2014-03-10 Jiri Vanek Fixed rhbz#1072013 diff -r ffc228f3c71f -r 2217cdd13ad6 netx/javaws.1 --- a/netx/javaws.1 Mon Mar 10 15:05:42 2014 +0100 +++ b/netx/javaws.1 Mon Mar 10 15:48:24 2014 +0100 @@ -34,8 +34,7 @@ options can be used to change this behaviour. .TP 12 \-about -Shows a sample application that can be used to test the basic functionality -of this implementation. +Shows about dialog. .TP \-viewer Shows the trusted certificate viewer. This allows a user to list, examine, remove @@ -49,8 +48,8 @@ .PP In the default mode, the following run-options can be used: .TP 12 -\-basedir dir -Directory where the cache and certificates to be used are stored. +\-version +Prints out version and exit .TP \-arg arg Adds an application argument before launching. @@ -85,13 +84,23 @@ .B javaws to abort. .TP -\-umask=value -Sets the umask for files created by an application. +\-xml +The jnlp files will be checked more strictly for XML validity +.TP +\-allowredirect +Allow to follow 301, 302, 303, 307 and 308 redirections for javaws +applications .TP \-Xnofork Do not create another JVM, even if the JNLP file asks for running in a separate JVM. This is useful for debugging. .TP +\-Xclearcache +Clean the JNLP application cache. +.TP +\-Xignoreheaders +Skip jar header verification. +.TP \-Jjava-option This passes along java-option to the java binary that is running javaws. For example, to make javaws run with a max heap size @@ -101,23 +110,40 @@ Print a help message and exit. .SH FILES -~/.icedtea/deployment.properties specifies the settings used by javaws +$XDG_CONFIG_DIR/icedtea-web/deployment.properties specifies the settings used by javaws + +$XDG_CONFIG_DIR/icedtea-web/log (may be set to different location by you) contains file log files (if enabled). +itw-cplugin-date_time.log for native part of plugin, itw-javantx-date_time.log for everything else. + +$XDG_CONFIG_DIR/icedtea-web/security/java.policy contains granted permissions for selected unsigned apps + +$XDG_CONFIG_DIR/icedtea-web/security/trusted.*certs contains various stored certificates + +$XDG_CACHE_DIR/icedtea-web/cache contains cached runtime entries (amy be changed by you) + +$XDG_CACHE_DIR/icedtea-web/pcache contains saved application data + +$XDG_CACHE_DIR/icedtea-web/tmp contains temporary runtime files + +$XDG_RUNTIME_DIR/icedteaplugin-user-*/ contains in and out pipe for native<->java communication and +(if enabled) debugging pipe + +Where $XDG_CONFIG_DIR, $XDG_CACHE_DIR and $XDG_RUNTIME_DIR are set as ~/.config, ~/.cache and /tmp or /var/tmp if not set. .SH BUGS There arent any known bugs. If you come across one, please file it at http://icedtea.classpath.org/bugzilla/ .br -Please run javaws in verbose mode and include that output along -with the jnlp file when filing out the bug report. +Please run javaws in debug (-verbose switch or itw-settings setting or ICEDTEAPLUGIN_DEBUG variable set to true) +mode and include that output (best is from java console) with URL to jnlp or html file +(ot the jnlp/html file or application itself) when filing out the bug report. .SH AUTHOR Originally written by Jon. A. Maxwell. .br -Currently maintained by the IcedTea contributors. +Currently maintained by the IcedTea contributors. See javaws -about for more info .SH SEE ALSO .BR java (1) .br -http://icedtea.classpath.org/ -.br -http://jnlp.sourceforge.net/netx/ +http://icedtea.classpath.org/wiki/IcedTea-Web From jvanek at icedtea.classpath.org Mon Mar 10 14:54:35 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 10 Mar 2014 14:54:35 +0000 Subject: /hg/icedtea-web: Added getter for java-abrt-connector on demand ... Message-ID: changeset bc97499d95f4 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bc97499d95f4 author: Jiri Vanek date: Mon Mar 10 16:02:39 2014 +0100 Added getter for java-abrt-connector on demand whitelist of fields diffstat: ChangeLog | 10 ++++++ netx/net/sourceforge/jnlp/Launcher.java | 3 +- netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 24 ++++++++++++++++ plugin/icedteanp/java/sun/applet/PluginAppletViewer.java | 2 + 4 files changed, 37 insertions(+), 2 deletions(-) diffs (93 lines): diff -r 2217cdd13ad6 -r bc97499d95f4 ChangeLog --- a/ChangeLog Mon Mar 10 15:48:24 2014 +0100 +++ b/ChangeLog Mon Mar 10 16:02:39 2014 +0100 @@ -1,3 +1,13 @@ +2014-03-10 Jiri Vanek + + Added getter for java-abrt-connector on demand whitelist of fields. + * netx/net/sourceforge/jnlp/Launcher.java: (launch) saving (location.toExternalForm()) + via JNLPRuntime.saveHistory + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: (history) new static field + with getter (getHistory) and "setter" (saveHistory) + * plugin/icedteanp/java/sun/applet/PluginAppletViewer.java: (handleInitializationMessage) + saving (documentBase) via JNLPRuntime.saveHistory + 2014-03-10 Jiri Vanek Actualized man page for javaws diff -r 2217cdd13ad6 -r bc97499d95f4 netx/net/sourceforge/jnlp/Launcher.java --- a/netx/net/sourceforge/jnlp/Launcher.java Mon Mar 10 15:48:24 2014 +0100 +++ b/netx/net/sourceforge/jnlp/Launcher.java Mon Mar 10 16:02:39 2014 +0100 @@ -281,6 +281,7 @@ * @return the application instance */ public ApplicationInstance launch(URL location) throws LaunchException { + JNLPRuntime.saveHistory(location.toExternalForm()); return launch(fromUrl(location)); } @@ -944,6 +945,4 @@ }; - - } diff -r 2217cdd13ad6 -r bc97499d95f4 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Mar 10 15:48:24 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Mar 10 16:02:39 2014 +0100 @@ -91,6 +91,14 @@ loadResources(); } + /** + * java-abrt-connector can print out specific application String method, it is good to save visited urls for reproduce purposes. + * For javaws we can read the destination jnlp from commandline + * However for plugin (url arrive via pipes). Also for plugin we can not be sure which opened tab/window + * have caused the crash. Thats why the individual urls are added, not replaced. + */ + private static String history = ""; + /** the localized resource strings */ private static ResourceBundle resources; @@ -831,4 +839,20 @@ OutputController.getLogger().close(); System.exit(i); } + + + public static void saveHistory(String documentBase) { + JNLPRuntime.history += " " + documentBase + " "; + } + + /** + * Used by java-abrt-connector via reflection + * @return history + */ + private static String getHistory() { + return history; + } + + + } diff -r 2217cdd13ad6 -r bc97499d95f4 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java --- a/plugin/icedteanp/java/sun/applet/PluginAppletViewer.java Mon Mar 10 15:48:24 2014 +0100 +++ b/plugin/icedteanp/java/sun/applet/PluginAppletViewer.java Mon Mar 10 16:02:39 2014 +0100 @@ -118,6 +118,7 @@ import sun.misc.Ref; import com.sun.jndi.toolkit.url.UrlUtil; +import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.util.logging.OutputController; /* @@ -467,6 +468,7 @@ "Height = ", height, "\n", "DocumentBase = ", documentBase, "\n", "Params = ", paramString); + JNLPRuntime.saveHistory(documentBase); PluginAppletPanelFactory factory = new PluginAppletPanelFactory(); AppletMessageHandler amh = new AppletMessageHandler("appletviewer"); From aazores at redhat.com Mon Mar 10 15:03:54 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 11:03:54 -0400 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <531DAF30.3010204@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> <5319C879.4090903@redhat.com> <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com> <531DAF30.3010204@redhat.com> Message-ID: <531DD45A.2030800@redhat.com> On 03/10/2014 08:25 AM, Jiri Vanek wrote: > On 03/08/2014 05:07 AM, Andrew Azores wrote: >> Well, I guess I could make one matcher, check if it matches, and then >> if not, make the other and check with it, but how much does it really >> matter... ? I think the intention is clearer, having the conjunction >> in the first if check. I doubt it will make much of a perfomance >> difference for most users, > > unless they end up with much more massive custom policy files than > I'm expecting. > > Well its not about the performance of this method, but about ITW as a > whole. Consider such a redundant calls in each method. They will > mutliply runtime later unbearable. Bordering on premature optimization here IMO, but I made the change anyway. >> >> And of course the CustomPermission and PolicyEditorPermissions >> fromString() methods are "suspiciously" similar > > Then why they dont share an code? > > > - they are both reading from the same source and attempting to parse > into more or less the same end result. Why would they be really > different? I guess the logic is mostly the same so they could be given > a parent class or some utility method. > > Please eleaborate on this two hunks a bit. PolicyEditorPermissions now uses CustomPermission as an intermediate form, which is a little funny sounding, but CustomPermission is really just a holder for the three attributes a permission entry has, and PolicyEditorPermissions just enumerates specific combinations that are presented as checkboxes in the GUI. So it actually does make sense. From this perspective, CustomPermission's name might make more sense as something like BasicPermission, but from the perspective of the PolicyEditor itself, CustomPermission is a more informative name, so I'd rather keep the name as-is. > >> >> Thanks, >> >> Andrew A >> >> ----- Original Message ----- >> From: "Jiri Vanek" >> To: "Andrew Azores" >> Cc: "IcedTea" >> Sent: Friday, March 7, 2014 8:24:09 AM >> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements >> and unit tests >> >> The messages.properties changes are still not listed in changelog. > and dont forget^ O:) Yes, remembered this time :) Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policy-editor-parsing-tests-2.patch Type: text/x-patch Size: 55342 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 10 15:08:39 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 11:08:39 -0400 Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) In-Reply-To: <531DC763.8090501@redhat.com> References: <5319BE3C.2030008@redhat.com> <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> <531DC763.8090501@redhat.com> Message-ID: <20140310150839.GD2011@redhat.com> * Jiri Vanek [2014-03-10 10:16]: > On 03/08/2014 04:58 AM, Andrew Azores wrote: > >No, I don't think there's any way to make applets able to call > >System.exit() with the custom policies. Not with the way > >JNLPSecurityManager is currently written. I can't think of a valid > >reason an applet would need to be able to kill the JVM though... so I > >don't think it's worth modifying the security manager to allow this. > > > Well. I was thinking moreover if it is usable as workaround before > upstream removes the call. > > But this lead me to idea - why is system.exit not checked against > policies as all other stuff? But I can probably answer - because > there is no such policy? The exit permission is not granted by default to applets. This is because all applets that are running in the browser share a single JVM. If one applet calls System.exit(), all applets will die. This is something we do not want, so we don't grant that permission. For javaws, the security manager handles this permission like any other, allowing sufficiently privileged applications to override it. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Mon Mar 10 15:44:37 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 16:44:37 +0100 Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly (rh1072013) In-Reply-To: <20140310150839.GD2011@redhat.com> References: <5319BE3C.2030008@redhat.com> <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com> <531DC763.8090501@redhat.com> <20140310150839.GD2011@redhat.com> Message-ID: <531DDDE5.6090109@redhat.com> On 03/10/2014 04:08 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-10 10:16]: >> On 03/08/2014 04:58 AM, Andrew Azores wrote: >>> No, I don't think there's any way to make applets able to call >>> System.exit() with the custom policies. Not with the way >>> JNLPSecurityManager is currently written. I can't think of a valid >>> reason an applet would need to be able to kill the JVM though... so I >>> don't think it's worth modifying the security manager to allow this. >>> > >> Well. I was thinking moreover if it is usable as workaround before >> upstream removes the call. >> >> But this lead me to idea - why is system.exit not checked against >> policies as all other stuff? But I can probably answer - because >> there is no such policy? > > The exit permission is not granted by default to applets. This is > because all applets that are running in the browser share a single JVM. > If one applet calls System.exit(), all applets will die. This is > something we do not want, so we don't grant that permission. > > For javaws, the security manager handles this permission like any other, > allowing sufficiently privileged applications to override it. > > Yes, I know this. I was thinking if user can allow i as workaround via custom permissions for special cases (like this one). But > > http://docs.oracle.com/javase/7/docs/api/java/lang/RuntimePermission.html > > There is a permission that's meant for this (exitVM), but it's supposedly automatically granted, which implies any thread can exit the VM if it wants to. This would explain why JNLPSecurityManager doesn't rely on this permission to determine whether applets/applications are allowed to exit. > , apparently it is not possible, because default permission is "allowed". J From jvanek at redhat.com Mon Mar 10 15:50:01 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 16:50:01 +0100 Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests In-Reply-To: <531DD45A.2030800@redhat.com> References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com> <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com> <5319C879.4090903@redhat.com> <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com> <531DAF30.3010204@redhat.com> <531DD45A.2030800@redhat.com> Message-ID: <531DDF29.9000307@redhat.com> On 03/10/2014 04:03 PM, Andrew Azores wrote: > On 03/10/2014 08:25 AM, Jiri Vanek wrote: >> On 03/08/2014 05:07 AM, Andrew Azores wrote: >>> Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users, >> > unless they end up with much more massive custom policy files than I'm expecting. >> >> Well its not about the performance of this method, but about ITW as a whole. Consider such a redundant calls in each method. They will mutliply runtime later unbearable. > > Bordering on premature optimization here IMO, but I made the change anyway. > ZZZZ :)) I would write it still much differently, but nvm. Even ^ was nitpicking. Sorry. ok for head. >>> >>> And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar >> >> Then why they dont share an code? >> >> > - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method. >> >> Please eleaborate on this two hunks a bit. > > PolicyEditorPermissions now uses CustomPermission as an intermediate form, which is a little funny sounding, but CustomPermission is really just a holder for the three attributes a permission entry has, and PolicyEditorPermissions just enumerates specific combinations that are presented as checkboxes in the GUI. So it actually does make sense. From this perspective, CustomPermission's name might make more sense as something like BasicPermission, but from the perspective of the PolicyEditor itself, CustomPermission is a more informative name, so I'd rather keep the name as-is. > >> >>> >>> Thanks, >>> >>> Andrew A >>> >>> ----- Original Message ----- >>> From: "Jiri Vanek" >>> To: "Andrew Azores" >>> Cc: "IcedTea" >>> Sent: Friday, March 7, 2014 8:24:09 AM >>> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests >>> >>> The messages.properties changes are still not listed in changelog. >> and dont forget^ O:) > > Yes, remembered this time :) > > Thanks, > From omajid at icedtea.classpath.org Mon Mar 10 15:57:23 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Mon, 10 Mar 2014 15:57:23 +0000 Subject: /hg/icedtea-web: Add man page for itweb-settings Message-ID: changeset 2157f0e06002 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2157f0e06002 author: Omair Majid date: Mon Mar 10 11:57:12 2014 -0400 Add man page for itweb-settings 2014-03-10 Omair Majid * Makefile.am (install-data-local): Install itweb-settings.1. * netx/itweb-settings.1: New file. diffstat: ChangeLog | 5 ++ Makefile.am | 1 + netx/itweb-settings.1 | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 0 deletions(-) diffs (117 lines): diff -r bc97499d95f4 -r 2157f0e06002 ChangeLog --- a/ChangeLog Mon Mar 10 16:02:39 2014 +0100 +++ b/ChangeLog Mon Mar 10 11:57:12 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-10 Omair Majid + + * Makefile.am (install-data-local): Install itweb-settings.1. + * netx/itweb-settings.1: New file. + 2014-03-10 Jiri Vanek Added getter for java-abrt-connector on demand whitelist of fields. diff -r bc97499d95f4 -r 2157f0e06002 Makefile.am --- a/Makefile.am Mon Mar 10 16:02:39 2014 +0100 +++ b/Makefile.am Mon Mar 10 11:57:12 2014 -0400 @@ -256,6 +256,7 @@ install-data-local: ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1 ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1 + ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1 if ENABLE_DOCS ${mkinstalldirs} $(DESTDIR)$(htmldir) (cd ${abs_top_builddir}/docs/netx; \ diff -r bc97499d95f4 -r 2157f0e06002 netx/itweb-settings.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/itweb-settings.1 Mon Mar 10 11:57:12 2014 -0400 @@ -0,0 +1,90 @@ +.TH itweb-settings 1 "07 Mar 2014" + +.SH NAME + +itweb-settings - view and modify settings for +.B +javaws +and the browser plugin + +.SH SYNOPSYS + +.B itweb-settings +.br +.B itweb-settings +command arguments +.SH DESCRIPTION +.B itweb-settings +is a command line and a GUI program to modify and edit settings used by the +icedtea-web implementation of +.B javaws +and the browser plugin. + +If executed without any arguments, it starts up a GUI. Otherwise, it tries to +do what is specified in the argument. + +The command-line allows quickly searching, making a copy of and modifying +specific settings without having to hunt through a UI. + + +.SH COMMANDS + +.TP +help +Prints out information about supported command, descriptions and basic usage. +.TP 12 +list +Shows a list of all settings. +.TP +get +Shows the value of the named setting. +.TP +info +Shows additional information about the named setting. Includes a description, +the current value, the possible values, and the source of the setting. +.TP +set +Sets the setting to the new value, after checking that it is an appropriate +value. +.TP +reset all +Resets all settings to their original values. +.TP +reset +Resets the named setting to its original value. +.TP +check +Checks that the current value of the setting is a valid value. + +.SH EXAMPLES + +.TP +itweb-settings + +Show the GUI editor + +.TP +itweb-settings reset deployment.proxy.type + +Resets the value of 'deployment.proxy.type' setting. + + +.SH FILES + +$XDG_CONFIG_HOME/icedtea-web/deployment.properties specifies the settings used + +.SH BUGS + +There arent any known bugs. If you come across one, please file it at + http://icedtea.classpath.org/bugzilla/ + +.SH AUTHOR + +Written and maintained by the IcedTea contributors. + +.SH SEE ALSO + +.BR javaws (1), +.BR java (1) +.br +http://icedtea.classpath.org/wiki/IcedTea-Web From omajid at redhat.com Mon Mar 10 16:00:57 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 12:00:57 -0400 Subject: [icedtea-web] RFC: man page for itweb-settings In-Reply-To: <531DB826.7040400@redhat.com> References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com> Message-ID: <20140310160056.GE2011@redhat.com> * Jiri Vanek [2014-03-10 08:55]: > On 03/08/2014 01:28 AM, Omair Majid wrote: > >This is a very simple man page for itweb-settings. Okay to push? > > So I would: > - not confuse with "--" but say just > +.TP 12 > +help Done. > - Also It would be probably good to mention that anything (not just "help") will print info. I think this is pretty common convention, no? If a program sees an argument it doesn't recognize, it complains and prints help info. I haven't added it yet, but I can if you still think this is worth mentioning explicitly. > ALso "Shows some helpful information about the program" hmhmh do not .. well sound :) > Maybe Prints out general information about supported program, commands and basic usage. Should be fixed now. > Also: > +.SH EXAMPLES > > Cna contains exmaple ot two :) Now it has an all of 2 examples :) > Feel free to push as it is or with anything above fixed. I'm insists > only on not confusing with "--". Pushed: http://icedtea.classpath.org/hg/icedtea-web/rev/2157f0e06002 Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Mon Mar 10 16:07:07 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 12:07:07 -0400 Subject: [rfc][icedtea-web] New PartiallySigned Dialog In-Reply-To: <53189FFA.3000404@redhat.com> References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com> Message-ID: <531DE32B.90300@redhat.com> On 03/06/2014 11:19 AM, Jiri Vanek wrote: > On 03/04/2014 11:07 PM, Andrew Azores wrote: >> Hi, >> >> This patch introduces a new PartiallySigned dialog to replace the >> NotAllSigned prompt. This new dialog uses the same abstracted parent >> class that was pulled out of the Unsigned dialog, so it uses the same >> remembered action storage and has the same general look and feel. >> This dialog also has a Sandbox button, just like CertWarningPane >> recently gained for fully signed applets, which allows partially >> signed ones to also be run with only sandbox permissions. Some more >> security info is also present on the dialog, eg the applet's >> publisher and codebase. Not yet included is a new Help text for this >> dialog, but this can be written up separately IMO. Right now it will >> just display the same Help as the Unsigned dialog. >> >> ChangeLog: >> Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. >> Also includes a Sandbox button. >> * netx/net/sourceforge/jnlp/resources/Messages.properties: >> (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet, >> LPartiallySignedAppletUserDenied) new messages >> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: >> Logic added for displaying new PartiallySigned dialog. >> (showNotAllSignedDialog) removed. (getSigningState) new method. >> (promptUserOnPartialSigning, userPromptedForPartialSigning) new >> methods for >> SecurityDelegate. >> * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: >> (partiallySigned) new method >> * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: >> (chosenActionSetter) refactored to allow Sandbox action. >> (setupInfoPanel) applet >> title made overrideable by subclasses >> * netx/net/sourceforge/jnlp/security/SecurityDialog.java: >> (NOTALLSIGNED_WARNING) >> renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old >> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: >> (NOTALLSIGNED_WARNING) >> renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) >> removed. >> (showPartiallySignedWarningDialog) new method >> * >> netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: >> Added Sandbox action >> * >> netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: >> (checkPartiallySignedWithUserIfRequired) new method >> * >> tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java: >> test now passes since dialog will not appear if applet security is >> set to Low. >> KnownToFail removed. >> * >> tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java: >> same >> * >> netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java: >> new class >> * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: >> deleted >> in favour of PartiallySignedAppTrustWarningPanel >> >> Thanks, >> > Ouch - "legacy" dialogs packages? :) Please dont forget to adapt > changelog. For patch I think there will be more rounds. Also pls move > your new dialogue to proper pacage.package Updated. > > General thoughts: > > SANDBOX_ALWAYS is not (going to be) supported? If so, the checbox and > radiobuttons should be disabled (I have not noted it but I could > overlook). But I' +1 to support SANDBOX_ALWAYS It's supported here. It's disabled for CertWarningPane ie fully signed just because in that case we aren't using the nice extended security action storage - it just uses the certificate keystore, so there wasn't a clean and easy way to incorporate remembering the sandbox decision, as far as I could tell. But since this one is based off of the Extended Applet Security stuff, remembering this action is no problem. > - if this will be supported, then there is going to be fun with the > sandbox+custom policies saving :) What do you mean? It will allow partially signed applets to always be run with a user-defined set of extra permissions above the sandbox level but below all-permission. This was the exact overarching objective of all of these patches. > > The removal of NotAllSignedWarningPane is not compelte. Please check > also used Trasnlator.R keys. If they are dangling, please rmeove them > from all Messages*.properties They were being reused in the PartiallySigned dialog, so no removals. I renamed them though. > > You have removed: > - @KnownToFail > - assertTrue("NotAllSigned dialog will appear if this test > runs. Remove this exception and KnownToFail " > - + "when a proper replacement is in place", false); > > How come? I think partialy signed dialogue should appear always, no > matter of EAS level. > Or not? I can see the motivation behind having it always appear, since partially signed applets seem to be the most inherently untrustworthy class, but from a user perspective it also seems like it makes little sense for only these applets to have a dialog appear. Maybe a new, even lower level could be made to display no dialogs ever, and partially signed will appear at any level above this? I'm not sure this is really worthwhile. > > + protected String getAppletTitle() { > + return R("SAppletTitle", file.getTitle()); > + } > > (And few more methods about title) Wasn't this handled in previous push? Not sure what you mean. > > Can we have some testing main method as I added recently for unsigned > warnng dialogue? It will be messy, since it will require a mocked SecurityDialog, which only has package-private constructors, and these classes are no longer in the same package. > > > hmmm . . . I ahve just spotted usage of > type = AccessType.SIGNING_ERROR; Where? > In this case this dialogue have sense also for JNLP files. > Then ~/icedtea-web-image/bin/javaws -allowredirect > http://java.net/projects/electric/downloads/download/WebStartFiles/electricAnt.jnlp > would be an example... But it is something for think about for future > work. > Yes, this dialog is built to depend only on JNLPFile, not PluginBridge, and JNLPClassLoader's checks that cause it to appear are also not restricted only for browser applets. > > > + private String getSigningInfo() { > + CertInformation info = > jcv.getCertInformation(jcv.getCertPath(null)); > + > + AccessType type; > + if (info != null && info.isRootInCacerts() && > !info.hasSigningIssues()) { > + type = AccessType.VERIFIED; > + } else if (info != null && info.isRootInCacerts()) { > + type = AccessType.SIGNING_ERROR; > + } else { > + type = AccessType.UNVERIFIED; > + } > + > + String mainText = ""; > + switch (type) { > + case VERIFIED: > + mainText = R("SSigVerified"); > + break; > + case UNVERIFIED: > + mainText = R("SSigUnverified"); > + break; > + case SIGNING_ERROR: > + mainText = R("SSignatureError"); > + break; > + } > + > + return mainText; > + } > > ouh thats looong way to return one of three strings :) > > > Good work otherwise, > Thanx > J. Yea, what the heck was I doing there... jeez. Thanks for pointing this out. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: partially-signed-dialog-new-packages.patch Type: text/x-patch Size: 46414 bytes Desc: not available URL: From aazores at icedtea.classpath.org Mon Mar 10 16:18:05 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 10 Mar 2014 16:18:05 +0000 Subject: /hg/icedtea-web: PolicyEditor parsing enhancements, new tests, a... Message-ID: changeset 17c6e5a59602 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=17c6e5a59602 author: Andrew Azores date: Mon Mar 10 12:17:56 2014 -0400 PolicyEditor parsing enhancements, new tests, and bug fixes * NEWS: added entry for PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: (PESaveAsMenuItemMnemonic, PEExitMenuItemMnemonic) changed mnemonic keys due to masking with ctrl rather than alt * netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java: (ACTIONS_PERMISSION, TARGET_PERMISSION, fromString) use regexes to parse * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (file) keep reference to File rather than String filePath. (getPermissions) returns empty map rather than null. (setComponentMnemonic) new method. (getCustomPermissions) new function. (openAndParsePolicyFile) check for OpenFileResult FAILURE and NOT_FILE rather than null. (setupLayout) File, Save, SaveAs, and Exit items modifier mask changed to Ctrl rather than Alt * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: (fromString) use regexes to parse, using CustomPermission as intermediate representation * netx/net/sourceforge/jnlp/util/FileUtils.java: (testDirectoryPermissions) add check for getCanonicalFile and null safeguarding. (testFilePermissions) add check for getCanonicalFile and return FAILURE rather than null * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java: (testMissingQuotationMarks) new test * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: (testReturnedCustomPermissionsSetIsCopy, testCodebaseTrailingSlashesDoNotMatch) new tests * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: new tests diffstat: ChangeLog | 30 + NEWS | 1 + netx/net/sourceforge/jnlp/resources/Messages.properties | 8 +- netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java | 52 +- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 214 +++++- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java | 35 +- netx/net/sourceforge/jnlp/util/FileUtils.java | 22 +- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java | 48 +- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java | 290 ++++++++++ tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java | 41 + tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java | 21 + 11 files changed, 644 insertions(+), 118 deletions(-) diffs (truncated from 1168 to 500 lines): diff -r 2157f0e06002 -r 17c6e5a59602 ChangeLog --- a/ChangeLog Mon Mar 10 11:57:12 2014 -0400 +++ b/ChangeLog Mon Mar 10 12:17:56 2014 -0400 @@ -1,3 +1,33 @@ +2014-03-10 Andrew Azores + + PolicyEditor parsing enhancements, new tests, and bugfixes + * NEWS: added entry for PolicyEditor + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (PESaveAsMenuItemMnemonic, PEExitMenuItemMnemonic) changed mnemonic keys + due to masking with ctrl rather than alt + * netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java: + (ACTIONS_PERMISSION, TARGET_PERMISSION, fromString) use regexes to parse + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (file) keep reference to File rather than String filePath. (getPermissions) + returns empty map rather than null. (setComponentMnemonic) new method. + (getCustomPermissions) new function. (openAndParsePolicyFile) check for + OpenFileResult FAILURE and NOT_FILE rather than null. (setupLayout) File, + Save, SaveAs, and Exit items modifier mask changed to Ctrl rather than Alt + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: + (fromString) use regexes to parse, using CustomPermission as intermediate + representation + * netx/net/sourceforge/jnlp/util/FileUtils.java: + (testDirectoryPermissions) add check for getCanonicalFile and null + safeguarding. (testFilePermissions) add check for getCanonicalFile and + return FAILURE rather than null + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java: + (testMissingQuotationMarks) new test + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: + (testReturnedCustomPermissionsSetIsCopy, + testCodebaseTrailingSlashesDoNotMatch) new tests + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: + new tests + 2014-03-10 Omair Majid * Makefile.am (install-data-local): Install itweb-settings.1. diff -r 2157f0e06002 -r 17c6e5a59602 NEWS --- a/NEWS Mon Mar 10 11:57:12 2014 -0400 +++ b/NEWS Mon Mar 10 12:17:56 2014 -0400 @@ -17,6 +17,7 @@ * Support for u45 and u51 new manifest attributes (Application-Name, Codebase) * Custom applet permission policies panel in itweb-settings control panel * javaws -version flag +* New PolicyEditor for easily adding/removing permissions to individual applets * Cache Viewer - Can be closed by ESC key - Enabling and disabling of operational buttons is handled properly diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 10 11:57:12 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 10 12:17:56 2014 -0400 @@ -519,10 +519,10 @@ PEOpenMenuItemMnemonic=79 # S PESaveMenuItemMnemonic=83 -# V -PESaveAsMenuItemMnemonic=86 -# E -PEExitMenuItemMnemonic=69 +# A +PESaveAsMenuItemMnemonic=65 +# X +PEExitMenuItemMnemonic=88 # U PECustomPermissionsItemMnemonic=85 diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java Mon Mar 10 11:57:12 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java Mon Mar 10 12:17:56 2014 -0400 @@ -36,6 +36,9 @@ package net.sourceforge.jnlp.security.policyeditor; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + /** * This class models a permission entry in a policy file which is not included * in the default set of permissions used by the PolicyEditor, ie, permissions @@ -43,6 +46,18 @@ */ public class CustomPermission implements Comparable { + /* Matches eg 'permission java.io.FilePermission "${user.home}${/}*", "read";' + * eg permissions that have a permission type, target, and actions set. + */ + public static final Pattern ACTIONS_PERMISSION = + Pattern.compile("\\s*permission\\s+([\\w\\.]+)\\s+\"([^\"]+)\",\\s*\"([^\"]*)\";.*"); + + /* Matches eg 'permission java.lang.RuntimePermission "queuePrintJob";' + * eg permissions that have a permission type and target, but no actions. + */ + public static final Pattern TARGET_PERMISSION = + Pattern.compile("\\s*permission\\s+([\\w\\.]+)\\s+\"([^\"]+)\";.*"); + public final String type, target, actions; /** @@ -63,16 +78,23 @@ * @return a CustomPermission representing this string */ public static CustomPermission fromString(final String string) { - final String[] parts = string.trim().split(" "); - if (!parts[0].equals("permission") || parts.length < 3 || !string.trim().endsWith(";")) { - return null; + final String typeStr, targetStr, actionsStr; + + final Matcher actionMatcher = ACTIONS_PERMISSION.matcher(string); + if (actionMatcher.matches()) { + typeStr = actionMatcher.group(1); + targetStr = actionMatcher.group(2); + actionsStr = actionMatcher.group(3); + } else { + final Matcher targetMatcher = TARGET_PERMISSION.matcher(string); + if (!targetMatcher.matches()) { + return null; + } + typeStr = targetMatcher.group(1); + targetStr = targetMatcher.group(2); + actionsStr = ""; } - final String typeStr = removeQuotes(parts[1]); - final String targetStr = removeQuotes(removeSemicolon(removeComma(parts[2]))); - String actionsStr = ""; - if (parts.length > 3) { - actionsStr = removeQuotes(removeSemicolon(parts[3])); - } + return new CustomPermission(typeStr, targetStr, actionsStr); } @@ -96,18 +118,6 @@ return sb.toString(); } - private static String removeQuotes(final String string) { - return string.replaceAll("\"", ""); - } - - private static String removeSemicolon(final String string) { - return string.replaceAll(";", ""); - } - - private static String removeComma(final String string) { - return string.replaceAll(",", ""); - } - @Override public int compareTo(final CustomPermission o) { if (this == o) { diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Mon Mar 10 11:57:12 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Mon Mar 10 12:17:56 2014 -0400 @@ -56,6 +56,7 @@ import java.util.Arrays; import java.util.Calendar; import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -66,6 +67,7 @@ import java.util.regex.Pattern; import javax.swing.AbstractAction; +import javax.swing.AbstractButton; import javax.swing.Action; import javax.swing.DefaultListModel; import javax.swing.JButton; @@ -146,7 +148,7 @@ private static final String AUTOGENERATED_NOTICE = "/* DO NOT MODIFY! AUTO-GENERATED */"; - private String filePath; + private File file; private boolean changesMade = false; private boolean closed = false; private final Map> codebasePermissionsMap = new HashMap>(); @@ -169,10 +171,6 @@ super(); setLayout(new GridBagLayout()); - this.filePath = filepath; - - fileChooser = new JFileChooser(filePath); - for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { final JCheckBox box = new JCheckBox(); box.setText(perm.getName()); @@ -180,16 +178,14 @@ checkboxMap.put(perm, box); } - if (filePath != null) { - try { - new URL("file://" + filePath); - openAndParsePolicyFile(); - } catch (final MalformedURLException e) { - OutputController.getLogger().log(e); - FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), filepath); - } + if (filepath != null) { + file = new File(filepath); + openAndParsePolicyFile(); } + fileChooser = new JFileChooser(file); + fileChooser.setFileHidingEnabled(false); + initializeMapForCodebase(""); listModel.addElement(R("PEGlobalSettings")); updateCheckboxes(""); @@ -197,15 +193,15 @@ okButtonAction = new ActionListener() { @Override public void actionPerformed(final ActionEvent event) { - if (filePath == null) { + if (file == null) { final int choice = fileChooser.showOpenDialog(weakThis.get()); if (choice == JFileChooser.APPROVE_OPTION) { - filePath = fileChooser.getSelectedFile().getAbsolutePath(); + file = fileChooser.getSelectedFile(); } } // May still be null if user cancelled the file chooser - if (filePath != null) { + if (file != null) { savePolicyFile(); } } @@ -253,7 +249,7 @@ } final int choice = fileChooser.showOpenDialog(weakThis.get()); if (choice == JFileChooser.APPROVE_OPTION) { - filePath = fileChooser.getSelectedFile().getAbsolutePath(); + file = fileChooser.getSelectedFile(); openAndParsePolicyFile(); } } @@ -264,7 +260,7 @@ public void actionPerformed(final ActionEvent e) { final int choice = fileChooser.showSaveDialog(weakThis.get()); if (choice == JFileChooser.APPROVE_OPTION) { - filePath = fileChooser.getSelectedFile().getAbsolutePath(); + file = fileChooser.getSelectedFile(); savePolicyFile(); } } @@ -315,10 +311,18 @@ closed = true; } + /** + * Check if the PolicyEditor instance has been visually closed + * @return if the PolicyEditor instance has been closed + */ public boolean isClosed() { return closed; } + /** + * Called by the Custom Policy Viewer on its parent Policy Editor when + * the Custom Policy Viewer is closing + */ void customPolicyViewerClosing() { cpViewer = null; } @@ -341,6 +345,26 @@ * @param action to be performed * @param identifier an identifier for the action */ + private void setAccelerator(final String trigger, final int modifiers, final Action action, final String identifier) { + final int trig; + try { + trig = Integer.parseInt(trigger); + } catch (final NumberFormatException nfe) { + OutputController.getLogger().log("Unable to set accelerator action \"" + + identifier + "\" for trigger \"" + trigger + "\""); + OutputController.getLogger().log(nfe); + return; + } + setAccelerator(trig, modifiers, action, identifier); + } + + /** + * Set a key accelerator + * @param trigger the accelerator key + * @param modifiers Alt, Ctrl, or other modifiers to be held with the trigger + * @param action to be performed + * @param identifier an identifier for the action + */ private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) { final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers); final JRootPane root = getRootPane(); @@ -371,7 +395,7 @@ interactivelyAddCodebase(); } }; - setAccelerator(Integer.parseInt(R("PEAddCodebaseMnemonic")), ActionEvent.ALT_MASK, act, "AddCodebaseAccelerator"); + setAccelerator(R("PEAddCodebaseMnemonic"), ActionEvent.ALT_MASK, act, "AddCodebaseAccelerator"); } /** @@ -384,7 +408,7 @@ removeCodebase((String) list.getSelectedValue()); } }; - setAccelerator(Integer.parseInt(R("PERemoveCodebaseMnemonic")), ActionEvent.ALT_MASK, act, "RemoveCodebaseAccelerator"); + setAccelerator(R("PERemoveCodebaseMnemonic"), ActionEvent.ALT_MASK, act, "RemoveCodebaseAccelerator"); } /** @@ -397,7 +421,7 @@ savePolicyFile(); } }; - setAccelerator(Integer.parseInt(R("PEOkButtonMnemonic")), ActionEvent.ALT_MASK, act, "OkButtonAccelerator"); + setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, act, "OkButtonAccelerator"); } /** @@ -410,7 +434,7 @@ quit(); } }; - setAccelerator(Integer.parseInt(R("PECancelButtonMnemonic")), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator"); + setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator"); } /** @@ -533,7 +557,29 @@ * @return a map of permissions to whether these permissions are set for the given codebase */ public Map getPermissions(final String codebase) { - return new HashMap(codebasePermissionsMap.get(codebase)); + final Map permissions = codebasePermissionsMap.get(codebase); + if (permissions != null) { + return new HashMap(permissions); + } else { + final Map blank = new HashMap(); + for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { + blank.put(perm, false); + } + return blank; + } + } + + /** + * @param codebase the codebase to query + * @return a collection of CustomPermissions granted to the given codebase + */ + public Collection getCustomPermissions(final String codebase) { + final Collection permissions = customPermissionsMap.get(codebase); + if (permissions != null) { + return new HashSet(permissions); + } else { + return Collections.emptySet(); + } } /** @@ -558,37 +604,53 @@ } /** + * Set a mnemonic key for a menu item or button + * @param component the component for which to set a mnemonic + * @param mnemonic the mnemonic to set + */ + private void setComponentMnemonic(final AbstractButton component, final String mnemonic) { + final int trig; + try { + trig = Integer.parseInt(mnemonic); + } catch (final NumberFormatException nfe) { + OutputController.getLogger().log(nfe); + return; + } + component.setMnemonic(trig); + } + + /** * Lay out all controls, tooltips, etc. */ private void setupLayout() { final JMenu fileMenu = new JMenu(R("PEFileMenu")); - fileMenu.setMnemonic(Integer.parseInt(R("PEFileMenuMnemonic"))); + setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic")); final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem")); - openItem.setMnemonic(Integer.parseInt(R("PEOpenMenuItemMnemonic"))); - openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.ALT_MASK)); + setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic")); + openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); openItem.addActionListener(openButtonAction); fileMenu.add(openItem); final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem")); - saveItem.setMnemonic(Integer.parseInt(R("PESaveMenuItemMnemonic"))); - saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.ALT_MASK)); + setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic")); + saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); saveItem.addActionListener(okButtonAction); fileMenu.add(saveItem); final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem")); - saveAsItem.setMnemonic(Integer.parseInt(R("PESaveAsMenuItemMnemonic"))); - saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.ALT_MASK)); + setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic")); + saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK)); saveAsItem.addActionListener(saveAsButtonAction); fileMenu.add(saveAsItem); final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem")); - exitItem.setMnemonic(Integer.parseInt(R("PEExitMenuItemMnemonic"))); - exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.ALT_MASK)); + setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic")); + exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); exitItem.addActionListener(closeButtonAction); fileMenu.add(exitItem); menuBar.add(fileMenu); final JMenu viewMenu = new JMenu(R("PEViewMenu")); - viewMenu.setMnemonic(Integer.parseInt(R("PEViewMenuMnemonic"))); + setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic")); final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem")); - customPermissionsItem.setMnemonic(Integer.parseInt(R("PECustomPermissionsItemMnemonic"))); + setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic")); customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK)); customPermissionsItem.addActionListener(viewCustomButtonAction); @@ -668,34 +730,40 @@ addCodebaseButtonConstraints.fill = GridBagConstraints.HORIZONTAL; addCodebaseButtonConstraints.gridx = 0; addCodebaseButtonConstraints.gridy = listConstraints.gridy + listConstraints.gridheight + 1; - addCodebaseButton.setMnemonic(Integer.parseInt(R("PEAddCodebaseMnemonic"))); + setComponentMnemonic(addCodebaseButton, R("PEAddCodebaseMnemonic")); add(addCodebaseButton, addCodebaseButtonConstraints); final GridBagConstraints removeCodebaseButtonConstraints = new GridBagConstraints(); removeCodebaseButtonConstraints.fill = GridBagConstraints.HORIZONTAL; removeCodebaseButtonConstraints.gridx = addCodebaseButtonConstraints.gridx + 1; removeCodebaseButtonConstraints.gridy = addCodebaseButtonConstraints.gridy; - removeCodebaseButton.setMnemonic(Integer.parseInt(R("PERemoveCodebaseMnemonic"))); + setComponentMnemonic(removeCodebaseButton, R("PERemoveCodebaseMnemonic")); add(removeCodebaseButton, removeCodebaseButtonConstraints); final GridBagConstraints okButtonConstraints = new GridBagConstraints(); okButtonConstraints.fill = GridBagConstraints.HORIZONTAL; okButtonConstraints.gridx = removeCodebaseButtonConstraints.gridx + 2; okButtonConstraints.gridy = removeCodebaseButtonConstraints.gridy; - okButton.setMnemonic(Integer.parseInt(R("PEOkButtonMnemonic"))); + setComponentMnemonic(okButton, R("PEOkButtonMnemonic")); add(okButton, okButtonConstraints); final GridBagConstraints cancelButtonConstraints = new GridBagConstraints(); cancelButtonConstraints.fill = GridBagConstraints.HORIZONTAL; cancelButtonConstraints.gridx = okButtonConstraints.gridx + 1; cancelButtonConstraints.gridy = okButtonConstraints.gridy; - closeButton.setMnemonic(Integer.parseInt(R("PECancelButtonMnemonic"))); + setComponentMnemonic(closeButton, R("PECancelButtonMnemonic")); add(closeButton, cancelButtonConstraints); setMinimumSize(getPreferredSize()); pack(); } + /** + * Update the custom permissions map. Used by the Custom Policy Viewer to update its parent + * PolicyEditor to changes it has made + * @param codebase the codebase for which changes were made + * @param permissions the permissions granted to this codebase + */ void updateCustomPermissions(final String codebase, final Collection permissions) { changesMade = true; customPermissionsMap.get(codebase).clear(); @@ -710,9 +778,17 @@ new Thread() { @Override public void run() { - OpenFileResult ofr = FileUtils.testFilePermissions(new File(filePath)); - if (ofr == null) { - FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), filePath); + if (!file.exists()) { + try { + file.createNewFile(); + } catch (final IOException e) { + OutputController.getLogger().log(e); + // If this fails we'll end up handling it a few lines down anyway. + } + } + OpenFileResult ofr = FileUtils.testFilePermissions(file); + if (ofr == OpenFileResult.FAILURE || ofr == OpenFileResult.NOT_FILE) { + FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), file.getPath()); return; } if (ofr == OpenFileResult.CANT_WRITE) { @@ -720,24 +796,25 @@ } final String contents; try { - contents = FileUtils.loadFileAsString(new File(filePath)); + contents = FileUtils.loadFileAsString(file); } catch (final IOException e) { From aazores at icedtea.classpath.org Mon Mar 10 16:29:58 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 10 Mar 2014 16:29:58 +0000 Subject: /hg/icedtea-web: Fix PolicyEditor unit tests after refactor Message-ID: changeset 483ab446ea4c in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=483ab446ea4c author: Andrew Azores date: Mon Mar 10 12:29:47 2014 -0400 Fix PolicyEditor unit tests after refactor * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java: (testActionsRegex, testTargetRegex, testRegexesAgainstBadPermissionNames): update after moving regexes from PolicyEditorPermissions into CustomPermission diffstat: ChangeLog | 7 + tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java | 38 +++++----- 2 files changed, 26 insertions(+), 19 deletions(-) diffs (74 lines): diff -r 17c6e5a59602 -r 483ab446ea4c ChangeLog --- a/ChangeLog Mon Mar 10 12:17:56 2014 -0400 +++ b/ChangeLog Mon Mar 10 12:29:47 2014 -0400 @@ -1,3 +1,10 @@ +2014-03-10 Andrew Azores + + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java: + (testActionsRegex, testTargetRegex, testRegexesAgainstBadPermissionNames): + update after moving regexes from PolicyEditorPermissions into + CustomPermission + 2014-03-10 Andrew Azores PolicyEditor parsing enhancements, new tests, and bugfixes diff -r 17c6e5a59602 -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java Mon Mar 10 12:17:56 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java Mon Mar 10 12:29:47 2014 -0400 @@ -71,37 +71,37 @@ @Test public void testActionsRegex() throws Exception { - final Pattern pattern = PolicyEditorPermissions.ACTIONS_PERMISSION; + final Pattern pattern = CustomPermission.ACTIONS_PERMISSION; - final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";"; - final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";"; - final String badPermission = "permission java.io.FilePermission user.home read;"; + final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";"; + final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";"; + final String badPermission = "permission java.io.FilePermission user.home read;"; - assertTrue(actionsPermission + " should match", pattern.matcher(actionsPermission).matches()); - assertFalse(targetPermission + " should not match", pattern.matcher(targetPermission).matches()); - assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches()); + assertTrue(actionsPermission + " should match", pattern.matcher(actionsPermission).matches()); + assertFalse(targetPermission + " should not match", pattern.matcher(targetPermission).matches()); + assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches()); } @Test public void testTargetRegex() throws Exception { - final Pattern pattern = PolicyEditorPermissions.TARGET_PERMISSION; + final Pattern pattern = CustomPermission.TARGET_PERMISSION; - final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";"; - final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";"; - final String badPermission = "permission java.io.FilePermission user.home read;"; + final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";"; + final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";"; + final String badPermission = "permission java.io.FilePermission user.home read;"; - assertFalse(actionsPermission + " should not match", pattern.matcher(actionsPermission).matches()); - assertTrue(targetPermission + " should match", pattern.matcher(targetPermission).matches()); - assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches()); + assertFalse(actionsPermission + " should not match", pattern.matcher(actionsPermission).matches()); + assertTrue(targetPermission + " should match", pattern.matcher(targetPermission).matches()); + assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches()); } @Test public void testRegexesAgainstBadPermissionNames() throws Exception { - final Pattern targetPattern = PolicyEditorPermissions.TARGET_PERMISSION; - final Pattern actionsPattern = PolicyEditorPermissions.ACTIONS_PERMISSION; - final String badPermission = "permission abc123^$% \"target\", \"actions\""; + final Pattern targetPattern = CustomPermission.TARGET_PERMISSION; + final Pattern actionsPattern = CustomPermission.ACTIONS_PERMISSION; + final String badPermission = "permission abc123^$% \"target\", \"actions\""; - assertFalse(badPermission + " should not match", targetPattern.matcher(badPermission).matches()); - assertFalse(badPermission + " should not match", actionsPattern.matcher(badPermission).matches()); + assertFalse(badPermission + " should not match", targetPattern.matcher(badPermission).matches()); + assertFalse(badPermission + " should not match", actionsPattern.matcher(badPermission).matches()); } } From aazores at redhat.com Mon Mar 10 18:28:23 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 14:28:23 -0400 Subject: [rfc][icedtea-web] MD5SumWatcher util Message-ID: <531E0447.2000005@redhat.com> Hi, This adds a small utility class that makes it easy to check when a file's contents on disk have been changed. This needs to be custom built here because we don't have access to nio2 yet, and pulling in an Apache lib dependency just for this is overkill. The motivation is to add this kind of checking functionality into PolicyEditor so that a dialog can be shown and the user prompted on what to do if the policy file is modified both by PolicyEditor and externally. ChangeLog: Added MD5SumWatcher utility class to detect when a file's contents have been changed on disk. * netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new function * netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class * tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new tests for MD5SumWatcher Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: md5sumwatcher.patch Type: text/x-patch Size: 11242 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 10 18:42:42 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 10 Mar 2014 19:42:42 +0100 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <531740F3.2040102@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> <5317331A.90405@redhat.com> <531740F3.2040102@redhat.com> Message-ID: <531E07A2.8060200@redhat.com> All should be fixed. Thanx! There are some deeper changes caused by moving from Boolean->enum. Also I found few crippled test by (already previous version of ) this patch. So those are fixed Thanx, J. On 03/05/2014 04:21 PM, Andrew Azores wrote: > On 03/05/2014 09:22 AM, Jiri Vanek wrote: >> On 03/04/2014 11:22 PM, Andrew Azores wrote: >>> On 02/25/2014 12:16 PM, Jiri Vanek wrote: >>>> AIS >>>> >>>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions >>>> >>>> Please, any reviewer, read the specification. It appeared to be tricky to transform its spoken language to algorithm... Well at least default was specified without fog :( >>>> >>>> Thanx for any comments! >>>> J. >>>> >>>> not sure how with unittests, but reproducers are on the way... >>> >>> Are you just looking for additional help figuring out what the spec is trying to define? Or was a patch forgotten here? >>> >> >> Crap. Sorry. Forgot to attach aptch :( > > Messages.properties: >> +# missing permissions dialogue >> +MissingPermissionsMainTitle=Application {0} \ >> +form codebase {1} is missing the permissions attribute. \ >> +Applications without this attribute should not be trusted. Do you allow this application to run? > "Do you want to run this application?" or "Do you wish to allow this application to run?" >> +MissingPermissionsInfo=For more information you can visit:
\ >> + \ >> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
\ >> +and
\ >> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html > > > JNLPClassLoader: >> + Boolean permissions = file.getManifestsAttributes().isSandboxForced(); > > I'm not liking the use of the boxed type here... true/false/null is kind of ugly. Can an enum be made for the three states, rather than actually using null as an acceptable value? I know this isn't directly relevant to this patch, though. > >> + throw new LaunchException("Your Extended applets security is at 'Very high', and this applicationis missing the 'permissions' attribute in manifest. This is fatal"); >> + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); > > "applicationis" - missing a space. Should this go in Messages.properties? > > And please consider moving this method into the new SecurityDelegate as well (which is newer than this patch, I know) > > > > SecurityDialogs: >> + public static int showMissingPermissionsAttributeDialogue(String title, URL codeBase) { >> + >> + if (!shouldPromptUser()) { >> + return 1; >> + } >> + >> + SecurityDialogMessage message = new SecurityDialogMessage(); >> + message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING; >> + message.extras = new Object[]{title, codeBase.toExternalForm()}; >> + Object selectedValue = getUserResponse(message); >> + >> + // result 0 = Yes, 1 = No >> + if (selectedValue instanceof Integer) { >> + // If the selected value can be cast to Integer, use that value >> + return ((Integer) selectedValue).intValue(); >> + } else { >> + // Otherwise default to "cancel" >> + return 1; >> + } >> + } > > As in the ALAC review, return a boolean or AppletAction here instead please. > > Thanks, > > -- > Andrew A > -------------- next part -------------- A non-text attachment was scrubbed... Name: permissionAttribute_02.patch Type: text/x-patch Size: 27610 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 10 18:46:38 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 14:46:38 -0400 Subject: [rfc][icedtea-web] MD5SumWatcher util In-Reply-To: <531E0447.2000005@redhat.com> References: <531E0447.2000005@redhat.com> Message-ID: <20140310184638.GG2011@redhat.com> * Andrew Azores [2014-03-10 14:29]: > This adds a small utility class that makes it easy to check when a > file's contents on disk have been changed. This needs to be custom > built here because we don't have access to nio2 yet, and pulling in > an Apache lib dependency just for this is overkill. Nice patch! > +++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java > + public int updateWithDialog(final JFrame parent) throws FileNotFoundException, IOException { > + final boolean changed = update(); > + if (changed) { > + return showFileChangeWhileLoadedDialog(parent, watchedFile.getCanonicalPath()); > + } > + return JOptionPane.NO_OPTION; > + } > + private static int showFileChangeWhileLoadedDialog(final JFrame frame, final String filePath) { > + return JOptionPane.showConfirmDialog(frame, R("RFileModifiedWhileLoadedDetail", filePath), > + R("RFileModifiedWhileLoaded"), JOptionPane.YES_NO_CANCEL_OPTION); > + } Unless there is a strong reason to, I would recommend keeping GUI out of this class. > +++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java Nice tests! > + @Before > + public void createNewFile() throws Exception { > + file = File.createTempFile("md5sumwatchertest", "tmp"); > + file.deleteOnExit(); Personally, I would have removed the file in an @After block. That way, the file is removed after each test, not just on VM exit. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Mon Mar 10 18:58:26 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 14:58:26 -0400 Subject: [rfc][icedtea-web] MD5SumWatcher util In-Reply-To: <20140310184638.GG2011@redhat.com> References: <531E0447.2000005@redhat.com> <20140310184638.GG2011@redhat.com> Message-ID: <531E0B52.70709@redhat.com> On 03/10/2014 02:46 PM, Omair Majid wrote: > * Andrew Azores [2014-03-10 14:29]: >> This adds a small utility class that makes it easy to check when a >> file's contents on disk have been changed. This needs to be custom >> built here because we don't have access to nio2 yet, and pulling in >> an Apache lib dependency just for this is overkill. > Nice patch! > >> +++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java >> + public int updateWithDialog(final JFrame parent) throws FileNotFoundException, IOException { >> + final boolean changed = update(); >> + if (changed) { >> + return showFileChangeWhileLoadedDialog(parent, watchedFile.getCanonicalPath()); >> + } >> + return JOptionPane.NO_OPTION; >> + } >> + private static int showFileChangeWhileLoadedDialog(final JFrame frame, final String filePath) { >> + return JOptionPane.showConfirmDialog(frame, R("RFileModifiedWhileLoadedDetail", filePath), >> + R("RFileModifiedWhileLoaded"), JOptionPane.YES_NO_CANCEL_OPTION); >> + } > Unless there is a strong reason to, I would recommend keeping GUI out of > this class. Fair enough. I'll move it all into the PolicyEditor patch to come then. > >> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java > Nice tests! > >> + @Before >> + public void createNewFile() throws Exception { >> + file = File.createTempFile("md5sumwatchertest", "tmp"); >> + file.deleteOnExit(); > Personally, I would have removed the file in an @After block. That way, > the file is removed after each test, not just on VM exit. > > Thanks, > Omair > Sounds reasonable to me. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: md5sumwatcher2.patch Type: text/x-patch Size: 10028 bytes Desc: not available URL: From aazores at redhat.com Mon Mar 10 19:11:15 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 15:11:15 -0400 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <531E07A2.8060200@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> <5317331A.90405@redhat.com> <531740F3.2040102@redhat.com> <531E07A2.8060200@redhat.com> Message-ID: <531E0E53.1090707@redhat.com> On 03/10/2014 02:42 PM, Jiri Vanek wrote: > All should be fixed. Thanx! > > There are some deeper changes caused by moving from Boolean->enum. > > Also I found few crippled test by (already previous version of ) this > patch. So those are fixed > > Thanx, > J. > Just a few fairly minor nits left. > + public String permissionsToString() { > + String s = getAttribute(PERMISSIONS); > + if (s == null) { > + return "Not defined"; > + } else if (s.trim().equalsIgnoreCase("sandbox")) { > + return s.trim(); > + } else if (s.trim().equalsIgnoreCase("all-permissions")) { > + return s.trim(); > + } else { > + return "illegal"; > + } > + > + > + } Kill the extra whitespace at the end of the method please. > + if (permissions == ManifestBoolean.UNDEFINED) { > + if (level == AppletSecurityLevel.DENY_UNSIGNED) { > + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); > + } > + if (level == AppletSecurityLevel.ASK_UNSIGNED) { > + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); > + if (!a) { > + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); > + } > + } > + //default for missing is sandbox > + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { > + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); > + } > + } else { > + if (permissions == ManifestBoolean.TRUE) { > + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { > + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); > + } else { > + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); > + } > + } else { > + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { > + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); > + } else { > + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); > + } > + } > + } Rather than: if (UNDEFINED) { } else { if (TRUE) { } else { // implicit FALSE } } could you change this to if TRUE/else if FALSE/else if UNDEFINED/else? Or a switch? > + public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) { You have two spaces after 'boolean' ;) > + // result 0 = Yes, 1 = No > + if (selectedValue instanceof Integer) { > + // If the selected value can be cast to Integer, use that value > + int i = ((Integer) selectedValue).intValue(); > + if (i == 0) { > + return true; > + } else { > + return false; > + } > + } else { > + // Otherwise default to "cancel" > + return false; > + } SecurityDialogs.getIntegerResponseAsBoolean(Object) already does this for you. > diff -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java > --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 12:29:47 2014 -0400 > +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 19:38:27 2014 +0100 > @@ -53,12 +53,29 @@ > import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader; > import net.sourceforge.jnlp.annotations.Bug; > import net.sourceforge.jnlp.annotations.Remote; > +import net.sourceforge.jnlp.config.DeploymentConfiguration; > +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; > +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; > +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; > import org.junit.AfterClass; > import org.junit.Assert; > +import org.junit.BeforeClass; > > import org.junit.Test; > > -public class CodeBaseClassLoaderTest { > +public class CodeBaseClassLoaderTest extends NoStdOutErrTest { > + > + private static AppletSecurityLevel level; > + > + @BeforeClass > + public static void setPermissions(){ > + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); > + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); > + } > + @AfterClass > + public static void resetPermissions(){ > + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); > + } Fix indentation please, also add spaces between () and {. > public class JNLPFileTest extends NoStdOutErrTest { > > + > + private static AppletSecurityLevel level; > + > + @BeforeClass > + public static void setPermissions(){ > + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); > + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); > + } > + @AfterClass > + public static void resetPermissions(){ > + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); > + } Same. Thanks, -- Andrew A From omajid at redhat.com Mon Mar 10 19:35:43 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 15:35:43 -0400 Subject: [rfc][icedtea-web] MD5SumWatcher util In-Reply-To: <531E0B52.70709@redhat.com> References: <531E0447.2000005@redhat.com> <20140310184638.GG2011@redhat.com> <531E0B52.70709@redhat.com> Message-ID: <20140310193543.GH2011@redhat.com> * Andrew Azores [2014-03-10 14:58]: > Fair enough. I'll move it all into the PolicyEditor patch to come then. This new patch looks fine. Cheers, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at icedtea.classpath.org Mon Mar 10 19:40:07 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 10 Mar 2014 19:40:07 +0000 Subject: /hg/icedtea-web: Added MD5SumWatcher utility class Message-ID: changeset f6336bc81da8 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f6336bc81da8 author: Andrew Azores date: Mon Mar 10 15:39:56 2014 -0400 Added MD5SumWatcher utility class Added MD5SumWatcher utility class to detect when a file's contents have been changed on disk. * netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new function * netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class * tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new tests for MD5SumWatcher diffstat: ChangeLog | 10 + netx/net/sourceforge/jnlp/util/FileUtils.java | 27 ++ netx/net/sourceforge/jnlp/util/MD5SumWatcher.java | 104 +++++++++ tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java | 113 ++++++++++ 4 files changed, 254 insertions(+), 0 deletions(-) diffs (286 lines): diff -r 483ab446ea4c -r f6336bc81da8 ChangeLog --- a/ChangeLog Mon Mar 10 12:29:47 2014 -0400 +++ b/ChangeLog Mon Mar 10 15:39:56 2014 -0400 @@ -1,3 +1,13 @@ +2014-03-10 Andrew Azores + + Added MD5SumWatcher utility class to detect when a file's contents have been + changed on disk. + * netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new + function + * netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class + * tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new + tests for MD5SumWatcher + 2014-03-10 Andrew Azores * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java: diff -r 483ab446ea4c -r f6336bc81da8 netx/net/sourceforge/jnlp/util/FileUtils.java --- a/netx/net/sourceforge/jnlp/util/FileUtils.java Mon Mar 10 12:29:47 2014 -0400 +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java Mon Mar 10 15:39:56 2014 -0400 @@ -30,8 +30,12 @@ import java.io.OutputStreamWriter; import java.io.RandomAccessFile; import java.io.Writer; +import java.nio.ByteBuffer; import java.nio.channels.FileChannel; import java.nio.channels.FileLock; +import java.security.DigestInputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.List; @@ -587,4 +591,27 @@ public static String loadFileAsString(File f, String encoding) throws IOException { return getContentOfStream(new FileInputStream(f), encoding); } + + public static byte[] getFileMD5Sum(final File file, final String algorithm) throws NoSuchAlgorithmException, + FileNotFoundException, IOException { + final MessageDigest md5; + InputStream is = null; + DigestInputStream dis = null; + try { + md5 = MessageDigest.getInstance(algorithm); + is = new FileInputStream(file); + dis = new DigestInputStream(is, md5); + + md5.update(getContentOfStream(dis).getBytes()); + } finally { + if (is != null) { + is.close(); + } + if (dis != null) { + dis.close(); + } + } + + return md5.digest(); + } } diff -r 483ab446ea4c -r f6336bc81da8 netx/net/sourceforge/jnlp/util/MD5SumWatcher.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java Mon Mar 10 15:39:56 2014 -0400 @@ -0,0 +1,104 @@ +/*Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.util; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.util.Arrays; + +import javax.swing.JFrame; +import javax.swing.JOptionPane; + +import net.sourceforge.jnlp.util.logging.OutputController; + +public class MD5SumWatcher { + + private final File watchedFile; + private byte[] md5sum; + + /** + * Create a new MD5SumWatcher instance + * @param watchedFile the file to watch + */ + public MD5SumWatcher(final File watchedFile) { + this.watchedFile = watchedFile; + try { + this.md5sum = getSum(); + } catch (final IOException ioe) { + OutputController.getLogger().log(ioe); + this.md5sum = null; + } + } + + /** + * Get the current MD5 sum of the watched file + * @return a byte array of the MD5 sum + * @throws FileNotFoundException if the watched file does not exist + * @throws IOException if the file cannot be read + */ + public byte[] getSum() throws FileNotFoundException, IOException { + update(); + return md5sum; + } + + /** + * Detect if the file's MD5 has changed and track its new sum if so + * @return if the file's MD5 has changed since the last update + * @throws FileNotFoundException if the watched file does not exist + * @throws IOException if the file cannot be read + */ + public boolean update() throws FileNotFoundException, IOException { + byte[] newSum; + try { + newSum = FileUtils.getFileMD5Sum(watchedFile, "MD5"); + } catch (final NoSuchAlgorithmException e) { + // There definitely should be an MD5 algorithm, but if not, all we can do is fail. + // This really, really is not expected to happen, so rethrow as RuntimeException + // to avoid having to check for NoSuchAlgorithmExceptions all the time + OutputController.getLogger().log(e); + throw new RuntimeException(e); + } + final boolean changed = !Arrays.equals(newSum, md5sum); + md5sum = newSum; + return changed; + } + +} diff -r 483ab446ea4c -r f6336bc81da8 tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java Mon Mar 10 15:39:56 2014 -0400 @@ -0,0 +1,113 @@ +/*Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.util; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.io.File; +import java.io.FileNotFoundException; +import java.util.Arrays; + +import org.junit.After; +import org.junit.Before; +import org.junit.Test; + +public class MD5SumWatcherTest { + + private File file; + private MD5SumWatcher watcher; + + @Before + public void createNewFile() throws Exception { + file = File.createTempFile("md5sumwatchertest", "tmp"); + file.deleteOnExit(); + watcher = new MD5SumWatcher(file); + } + + @After + public void deleteTempFile() throws Exception { + if (file.exists()) { + file.delete(); + } + } + + @Test + public void testNonExistentFile() { + file.delete(); + file.mkdirs(); + watcher = new MD5SumWatcher(file); + boolean gotException = false; + try { + watcher.update(); + } catch (final Exception e) { + gotException = true; + assertTrue("Should have received FileNotFoundException", e instanceof FileNotFoundException); + } + assertTrue("Should have received FileNotFoundException", gotException); + } + + @Test + public void testNoFileChangeGivesSameMd5() throws Exception { + byte[] sum = watcher.getSum(); + byte[] sum2 = watcher.getSum(); + assertTrue("MD5 sums should be the same. first: " + Arrays.toString(sum) + ", second: " + Arrays.toString(sum2), + Arrays.equals(sum, sum2)); + } + + @Test + public void testSavingToFileChangesMd5() throws Exception { + byte[] original = watcher.getSum(); + FileUtils.saveFile("some test content\n", file); + byte[] changed = watcher.getSum(); + assertFalse("MD5 sum should have changed, but was constant as " + Arrays.toString(original), + Arrays.equals(original, changed)); + } + + @Test + public void testUnchangedContentUpdate() throws Exception { + assertFalse("update() should return false", watcher.update()); + } + + @Test + public void testChangedContentUpdate() throws Exception { + FileUtils.saveFile("some test content\n", file); + final boolean changed = watcher.update(); + assertTrue("update() should return true", changed); + } + +} From aazores at redhat.com Mon Mar 10 19:21:13 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 15:21:13 -0400 Subject: [icedtea-web] RFC: man page for itweb-settings In-Reply-To: <20140310160056.GE2011@redhat.com> References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com> <20140310160056.GE2011@redhat.com> Message-ID: <531E10A9.4040509@redhat.com> On 03/10/2014 12:00 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-10 08:55]: >> On 03/08/2014 01:28 AM, Omair Majid wrote: >>> This is a very simple man page for itweb-settings. Okay to push? >> So I would: >> - not confuse with "--" but say just >> +.TP 12 >> +help > Done. > >> - Also It would be probably good to mention that anything (not just "help") will print info. > I think this is pretty common convention, no? If a program sees an > argument it doesn't recognize, it complains and prints help info. I > haven't added it yet, but I can if you still think this is worth > mentioning explicitly. > >> ALso "Shows some helpful information about the program" hmhmh do not .. well sound :) >> Maybe Prints out general information about supported program, commands and basic usage. > Should be fixed now. > >> Also: >> +.SH EXAMPLES >> >> Cna contains exmaple ot two :) > Now it has an all of 2 examples :) > >> Feel free to push as it is or with anything above fixed. I'm insists >> only on not confusing with "--". > Pushed: http://icedtea.classpath.org/hg/icedtea-web/rev/2157f0e06002 > > Thanks, > Omair > Didn't notice this one until I actually opened the page with man, but: > +.SH SYNOPSYS > +.B itweb-settings Spelling error, should be "synopsis". Thanks, -- Andrew A From omajid at icedtea.classpath.org Mon Mar 10 19:49:47 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Mon, 10 Mar 2014 19:49:47 +0000 Subject: /hg/icedtea-web: Fix typo in man page and add to NEWS Message-ID: changeset bd7ce0fce548 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bd7ce0fce548 author: Omair Majid date: Mon Mar 10 15:44:51 2014 -0400 Fix typo in man page and add to NEWS 2014-03-10 Omair Majid * netx/javaws.1, * netx/itweb-settings.1: Change "SYNOPSYS" to "SYNOPSIS". * NEWS: Add itweb-setings man page. diffstat: ChangeLog | 6 ++++++ NEWS | 1 + netx/itweb-settings.1 | 2 +- netx/javaws.1 | 2 +- 4 files changed, 9 insertions(+), 2 deletions(-) diffs (48 lines): diff -r f6336bc81da8 -r bd7ce0fce548 ChangeLog --- a/ChangeLog Mon Mar 10 15:39:56 2014 -0400 +++ b/ChangeLog Mon Mar 10 15:44:51 2014 -0400 @@ -1,3 +1,9 @@ +2014-03-10 Omair Majid + + * netx/javaws.1, + * netx/itweb-settings.1: Change "SYNOPSYS" to "SYNOPSIS". + * NEWS: Add itweb-setings man page. + 2014-03-10 Andrew Azores Added MD5SumWatcher utility class to detect when a file's contents have been diff -r f6336bc81da8 -r bd7ce0fce548 NEWS --- a/NEWS Mon Mar 10 15:39:56 2014 -0400 +++ b/NEWS Mon Mar 10 15:44:51 2014 -0400 @@ -39,6 +39,7 @@ - RH1010958: insecure temporary file use flaw in LiveConnect implementation * Common - PR1474: Can't get javaws to use SOCKS proxy + - Man page for itweb-settings * Security Updates - CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet diff -r f6336bc81da8 -r bd7ce0fce548 netx/itweb-settings.1 --- a/netx/itweb-settings.1 Mon Mar 10 15:39:56 2014 -0400 +++ b/netx/itweb-settings.1 Mon Mar 10 15:44:51 2014 -0400 @@ -7,7 +7,7 @@ javaws and the browser plugin -.SH SYNOPSYS +.SH SYNOPSIS .B itweb-settings .br diff -r f6336bc81da8 -r bd7ce0fce548 netx/javaws.1 --- a/netx/javaws.1 Mon Mar 10 15:39:56 2014 -0400 +++ b/netx/javaws.1 Mon Mar 10 15:44:51 2014 -0400 @@ -1,7 +1,7 @@ .TH javaws 1 "9 Sep 2010" .SH NAME javaws - a Java Web Start client -.SH SYNOPSYS +.SH SYNOPSIS .B javaws [-run-options] jnlp-file .br From aazores at redhat.com Mon Mar 10 19:57:37 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 15:57:37 -0400 Subject: [rfc][icedtea-web][policyeditor] File Changed check Message-ID: <531E1931.2020904@redhat.com> Hi, As promised, here's a patch that lets PolicyEditor detect when the policy file has been externally modified since it was opened, using MD5SumWatcher. ChangeLog: Added check for external file modification to PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified, PEFileModifiedDetail) new messages * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use MD5SumWatcher to detect when the policy file has been externally modified. (updateMd5WithDialog) new method * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: all URLs changed to example.com Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: filechanged-check.patch Type: text/x-patch Size: 12256 bytes Desc: not available URL: From aazores at redhat.com Mon Mar 10 20:17:59 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 10 Mar 2014 16:17:59 -0400 Subject: [rfc][icedtea-web][policyeditor] man page for PolicyEditor Message-ID: <531E1DF7.9060601@redhat.com> Hi, As in subject, a simple man page for the PolicyEditor command. ChangeLog: Add man page for PolicyEditor * Makefile.am: (install-data-local, uninstall-local): added policyeditor.1 man page * netx/policyeditor.1: new man page for PolicyEditor Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-manpage.patch Type: text/x-patch Size: 2786 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 10 20:26:29 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 16:26:29 -0400 Subject: [rfc][icedtea-web][policyeditor] man page for PolicyEditor In-Reply-To: <531E1DF7.9060601@redhat.com> References: <531E1DF7.9060601@redhat.com> Message-ID: <20140310202625.GK2011@redhat.com> * Andrew Azores [2014-03-10 16:18]: > diff --git a/Makefile.am b/Makefile.am > + rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1 Thanks for fixing this. Patch looks fine to me. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at icedtea.classpath.org Mon Mar 10 20:30:55 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 10 Mar 2014 20:30:55 +0000 Subject: /hg/icedtea-web: Add man page for PolicyEditor Message-ID: changeset f58e426ca958 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958 author: Andrew Azores date: Mon Mar 10 16:30:44 2014 -0400 Add man page for PolicyEditor * Makefile.am: (install-data-local, uninstall-local): added policyeditor.1 man page * netx/policyeditor.1: new man page for PolicyEditor diffstat: Makefile.am | 3 ++ netx/policyeditor.1 | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 0 deletions(-) diffs (93 lines): diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am --- a/Makefile.am Mon Mar 10 15:44:51 2014 -0400 +++ b/Makefile.am Mon Mar 10 16:30:44 2014 -0400 @@ -257,6 +257,7 @@ ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1 ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1 ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1 + ${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 $(DESTDIR)$(mandir)/man1 if ENABLE_DOCS ${mkinstalldirs} $(DESTDIR)$(htmldir) (cd ${abs_top_builddir}/docs/netx; \ @@ -278,6 +279,8 @@ rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar rm -f $(DESTDIR)$(mandir)/man1/javaws.1 + rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1 + rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1 rm -f $(DESTDIR)$(bindir)/$(javaws) rm -f $(DESTDIR)$(bindir)/$(itweb_settings) rm -f $(DESTDIR)$(bindir)/$(policyeditor) diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 @@ -0,0 +1,69 @@ +.TH policyeditor 1 "10 Mar 2014" + +.SH NAME + +policyeditor - view and modify security policy settings for +.B javaws +and the browser plugin + +.SH SYNOPSIS + +.B policyeditor +.br +.B policyeditor [-file] +policy_file +.SH DESCRIPTION +.B policyeditor +is a command line program to view and edit applet security policy settings +used by the icedtea-web implementation of +.B javaws +and the browser plugin. It is intended as a simpler, easier to use, and more +accessible alternative to the standard JDK Policy Tool. Administrators and +power users who need fine grained control over policy files should probably +use Policy Tool instead of PolicyEditor. + +If executed without any arguments, no file is opened, and saving the file will +result in a prompt on where to save it. Otherwise, if a file path is given as +a command line argument, then that file path will be opened and parsed as a +policy file. + + +.SH OPTIONS + +.TP +-file +Specifies a policy file path to open. If this is not given as an argument, the +first argument given is interpreted as a file path to open anyway. This switch +exists mostly for compatibility with Policy Tool. + +.SH EXAMPLES + +.TP +policyeditor +Show the GUI editor + +.TP +policyeditor -file $HOME/.config/icedtea-web/security/java.policy +Opens the default user-level policy file location + + +.SH FILES + +$HOME/.config/icedtea-web/security/java.policy the default user-level policy file location + +.SH BUGS + +There aren't any known bugs. If you come across one, please file it at + http://icedtea.classpath.org/bugzilla/ + +.SH AUTHOR + +Written and maintained by the IcedTea contributors. + +.SH SEE ALSO + +.BR policytool (1), +.BR javaws (1), +.BR java (1) +.br +http://icedtea.classpath.org/wiki/IcedTea-Web From omajid at redhat.com Mon Mar 10 19:50:17 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 10 Mar 2014 15:50:17 -0400 Subject: [icedtea-web] RFC: man page for itweb-settings In-Reply-To: <531E10A9.4040509@redhat.com> References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com> <20140310160056.GE2011@redhat.com> <531E10A9.4040509@redhat.com> Message-ID: <20140310195017.GI2011@redhat.com> * Andrew Azores [2014-03-10 15:21]: > Didn't notice this one until I actually opened the page with man, but: > > >+.SH SYNOPSYS > >+.B itweb-settings > > Spelling error, should be "synopsis". Nice catch! Fixed in javaws.1 and itweb-settings.1: http://icedtea.classpath.org/hg/icedtea-web/rev/bd7ce0fce548 Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Tue Mar 11 09:03:04 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 10:03:04 +0100 Subject: /hg/icedtea-web: Add man page for PolicyEditor In-Reply-To: References: Message-ID: <531ED148.7010101@redhat.com> Is small fix possible? diff -r f58e426ca958 netx/policyeditor.1 --- a/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/policyeditor.1 Tue Mar 11 10:01:14 2014 +0100 @@ -14,7 +14,7 @@ policy_file .SH DESCRIPTION .B policyeditor -is a command line program to view and edit applet security policy settings +is a GUI application with small command line support to view and edit applet security policy settings used by the icedtea-web implementation of .B javaws and the browser plugin. It is intended as a simpler, easier to use, and more I think the "command line program" is a bit misleading... J. On 03/10/2014 09:30 PM, aazores at icedtea.classpath.org wrote: > changeset f58e426ca958 in /hg/icedtea-web > details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958 > author: Andrew Azores > date: Mon Mar 10 16:30:44 2014 -0400 > > Add man page for PolicyEditor > > * Makefile.am: (install-data-local, uninstall-local): added policyeditor.1 > man page > * netx/policyeditor.1: new man page for PolicyEditor > > > diffstat: > > Makefile.am | 3 ++ > netx/policyeditor.1 | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 72 insertions(+), 0 deletions(-) > > diffs (93 lines): > > diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am > --- a/Makefile.am Mon Mar 10 15:44:51 2014 -0400 > +++ b/Makefile.am Mon Mar 10 16:30:44 2014 -0400 > @@ -257,6 +257,7 @@ > ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1 > ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1 > ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1 > + ${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 $(DESTDIR)$(mandir)/man1 > if ENABLE_DOCS > ${mkinstalldirs} $(DESTDIR)$(htmldir) > (cd ${abs_top_builddir}/docs/netx; \ > @@ -278,6 +279,8 @@ > rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar > rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar > rm -f $(DESTDIR)$(mandir)/man1/javaws.1 > + rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1 > + rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1 > rm -f $(DESTDIR)$(bindir)/$(javaws) > rm -f $(DESTDIR)$(bindir)/$(itweb_settings) > rm -f $(DESTDIR)$(bindir)/$(policyeditor) > diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1 > --- /dev/null Thu Jan 01 00:00:00 1970 +0000 > +++ b/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 > @@ -0,0 +1,69 @@ > +.TH policyeditor 1 "10 Mar 2014" > + > +.SH NAME > + > +policyeditor - view and modify security policy settings for > +.B javaws > +and the browser plugin > + > +.SH SYNOPSIS > + > +.B policyeditor > +.br > +.B policyeditor [-file] > +policy_file > +.SH DESCRIPTION > +.B policyeditor > +is a command line program to view and edit applet security policy settings > +used by the icedtea-web implementation of > +.B javaws > +and the browser plugin. It is intended as a simpler, easier to use, and more > +accessible alternative to the standard JDK Policy Tool. Administrators and > +power users who need fine grained control over policy files should probably > +use Policy Tool instead of PolicyEditor. > + > +If executed without any arguments, no file is opened, and saving the file will > +result in a prompt on where to save it. Otherwise, if a file path is given as > +a command line argument, then that file path will be opened and parsed as a > +policy file. > + > + > +.SH OPTIONS > + > +.TP > +-file > +Specifies a policy file path to open. If this is not given as an argument, the > +first argument given is interpreted as a file path to open anyway. This switch > +exists mostly for compatibility with Policy Tool. > + > +.SH EXAMPLES > + > +.TP > +policyeditor > +Show the GUI editor > + > +.TP > +policyeditor -file $HOME/.config/icedtea-web/security/java.policy > +Opens the default user-level policy file location > + > + > +.SH FILES > + > +$HOME/.config/icedtea-web/security/java.policy the default user-level policy file location > + > +.SH BUGS > + > +There aren't any known bugs. If you come across one, please file it at > + http://icedtea.classpath.org/bugzilla/ > + > +.SH AUTHOR > + > +Written and maintained by the IcedTea contributors. > + > +.SH SEE ALSO > + > +.BR policytool (1), > +.BR javaws (1), > +.BR java (1) > +.br > +http://icedtea.classpath.org/wiki/IcedTea-Web -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor.1.patch Type: text/x-patch Size: 531 bytes Desc: not available URL: From ptisnovs at icedtea.classpath.org Tue Mar 11 09:52:09 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 11 Mar 2014 09:52:09 +0000 Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamNegativeT... Message-ID: changeset 808d23256e54 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=808d23256e54 author: Pavel Tisnovsky date: Tue Mar 11 10:52:47 2014 +0100 Added new test testGetResourceAsStreamNegativeTest into CompiledScriptClassTest. diffstat: ChangeLog | 6 ++ src/org/RhinoTests/CompiledScriptClassTest.java | 61 +++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 0 deletions(-) diffs (84 lines): diff -r 3452613adb44 -r 808d23256e54 ChangeLog --- a/ChangeLog Mon Mar 10 11:29:46 2014 +0100 +++ b/ChangeLog Tue Mar 11 10:52:47 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-11 Pavel Tisnovsky + + * src/org/RhinoTests/CompiledScriptClassTest.java: + Added new test testGetResourceAsStreamNegativeTest into + CompiledScriptClassTest. + 2014-03-10 Pavel Tisnovsky * src/org/RhinoTests/CompiledScriptClassTest.java: diff -r 3452613adb44 -r 808d23256e54 src/org/RhinoTests/CompiledScriptClassTest.java --- a/src/org/RhinoTests/CompiledScriptClassTest.java Mon Mar 10 11:29:46 2014 +0100 +++ b/src/org/RhinoTests/CompiledScriptClassTest.java Tue Mar 11 10:52:47 2014 +0100 @@ -2005,6 +2005,67 @@ } /** + * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamNegativeTest() + */ + protected void testGetResourceAsStreamNegativeTest() { + Object stream = null; + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/Constants.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + + /** * Test for instanceof operator applied to a class javax.script.CompiledScript */ @SuppressWarnings("cast") From ptisnovs at icedtea.classpath.org Tue Mar 11 09:54:57 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 11 Mar 2014 09:54:57 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBltUsingBgColor test s... Message-ID: changeset d56fab3af6d3 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=d56fab3af6d3 author: Pavel Tisnovsky date: Tue Mar 11 10:55:38 2014 +0100 Ten new tests added into BitBltUsingBgColor test suite. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltUsingBgColor.java | 150 +++++++++++++++++++++ 2 files changed, 155 insertions(+), 0 deletions(-) diffs (172 lines): diff -r 6c11c8263a23 -r d56fab3af6d3 ChangeLog --- a/ChangeLog Mon Mar 10 11:23:57 2014 +0100 +++ b/ChangeLog Tue Mar 11 10:55:38 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-11 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: + Ten new tests added into BitBltUsingBgColor test suite. + 2014-03-10 Pavel Tisnovsky * src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java: diff -r 6c11c8263a23 -r d56fab3af6d3 src/org/gfxtest/testsuites/BitBltUsingBgColor.java --- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Mon Mar 10 11:23:57 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Tue Mar 11 10:55:38 2014 +0100 @@ -5672,6 +5672,156 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.cyan. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundCyan(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.cyan); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.red. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundRed(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.red); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.magenta. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundMagenta(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.magenta); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.yellow. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundYellow(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.yellow); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB. + * Background color is set to Color.white. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundWhite(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.white); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * Background color is set to Color.black. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundBlack(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.black); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.blue. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundBlue(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.blue); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.green. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundGreen(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.green); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.cyan. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundCyan(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.cyan); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.red. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundRed(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.red); + } + + /** * Entry point to the test suite. * * @param args not used in this case From jvanek at redhat.com Tue Mar 11 11:16:37 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 12:16:37 +0100 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <531E0E53.1090707@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> <5317331A.90405@redhat.com> <531740F3.2040102@redhat.com> <531E07A2.8060200@redhat.com> <531E0E53.1090707@redhat.com> Message-ID: <531EF095.3080001@redhat.com> hrere we go. Thanx! 2014-03-11 Jiri Vanek Implemented Permissions manifest entry handling. * NEWS: mentioned Permissions attribute * netx/net/sourceforge/jnlp/JNLPFile.java: new enum (ManifestBoolean) introduced to replace true/false/null by TRUE/FALSE/UNDEFFINED. (isTrustedOnly), (isTrustedLibrary), (isSandboxForced) and (processBooleanAttribute) moved to use ManifestBoolean. * netx/net/sourceforge/jnlp/resources/Messages.properties: Added (ButYes) (ButNo) (MissingPermissionsMainTitle) and (MissingPermissionsInfo) keys * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: is now checking (checkPermissionsAttribute) in (init). Implemented new (checkPermissionsAttribute) method to handle Permissions attribute * netx/net/sourceforge/jnlp/security/SecurityDialog.java: can handle (UNSIGNED_EAS_NO_PERMISSIONS_WARNING) * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: defined (UNSIGNED_EAS_NO_PERMISSIONS_WARNING ) and (showMissingPermissionsAttributeDialogue) * netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java: new class, implementation of missing permissions attribute panel. * netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: changed (initialFocusComponent) from package private to descendant visible * tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java: and * tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: adapted to (ManifestBoolean) and to Permissions attribute handling at all. On 03/10/2014 08:11 PM, Andrew Azores wrote: > On 03/10/2014 02:42 PM, Jiri Vanek wrote: >> All should be fixed. Thanx! >> >> There are some deeper changes caused by moving from Boolean->enum. >> >> Also I found few crippled test by (already previous version of ) this patch. So those are fixed >> >> Thanx, >> J. >> > > Just a few fairly minor nits left. > >> + public String permissionsToString() { >> + String s = getAttribute(PERMISSIONS); >> + if (s == null) { >> + return "Not defined"; >> + } else if (s.trim().equalsIgnoreCase("sandbox")) { >> + return s.trim(); >> + } else if (s.trim().equalsIgnoreCase("all-permissions")) { >> + return s.trim(); >> + } else { >> + return "illegal"; >> + } >> + >> + >> + } > > Kill the extra whitespace at the end of the method please. > >> + if (permissions == ManifestBoolean.UNDEFINED) { >> + if (level == AppletSecurityLevel.DENY_UNSIGNED) { >> + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); >> + } >> + if (level == AppletSecurityLevel.ASK_UNSIGNED) { >> + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); >> + if (!a) { >> + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); >> + } >> + } >> + //default for missing is sandbox >> + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { >> + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); >> + } >> + } else { >> + if (permissions == ManifestBoolean.TRUE) { >> + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { >> + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); >> + } else { >> + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); >> + } >> + } else { >> + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { >> + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); >> + } else { >> + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); >> + } >> + } >> + } > > Rather than: > > if (UNDEFINED) { > } else { > if (TRUE) { > } else { // implicit FALSE > } > } > > could you change this to if TRUE/else if FALSE/else if UNDEFINED/else? Or a switch? > >> + public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) { > > You have two spaces after 'boolean' ;) > >> + // result 0 = Yes, 1 = No >> + if (selectedValue instanceof Integer) { >> + // If the selected value can be cast to Integer, use that value >> + int i = ((Integer) selectedValue).intValue(); >> + if (i == 0) { >> + return true; >> + } else { >> + return false; >> + } >> + } else { >> + // Otherwise default to "cancel" >> + return false; >> + } > > SecurityDialogs.getIntegerResponseAsBoolean(Object) already does this for you. > >> diff -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java >> --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 12:29:47 2014 -0400 >> +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 19:38:27 2014 +0100 >> @@ -53,12 +53,29 @@ >> import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader; >> import net.sourceforge.jnlp.annotations.Bug; >> import net.sourceforge.jnlp.annotations.Remote; >> +import net.sourceforge.jnlp.config.DeploymentConfiguration; >> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; >> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; >> +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; >> import org.junit.AfterClass; >> import org.junit.Assert; >> +import org.junit.BeforeClass; >> import org.junit.Test; >> -public class CodeBaseClassLoaderTest { >> +public class CodeBaseClassLoaderTest extends NoStdOutErrTest { >> + >> + private static AppletSecurityLevel level; >> + >> + @BeforeClass >> + public static void setPermissions(){ >> + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); >> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); >> + } >> + @AfterClass >> + public static void resetPermissions(){ >> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); >> + } > > Fix indentation please, also add spaces between () and {. > >> public class JNLPFileTest extends NoStdOutErrTest { >> + >> + private static AppletSecurityLevel level; >> + >> + @BeforeClass >> + public static void setPermissions(){ >> + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); >> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); >> + } >> + @AfterClass >> + public static void resetPermissions(){ >> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); >> + } > > Same. > > Thanks, > -------------- next part -------------- A non-text attachment was scrubbed... Name: permissionAttribute_04.patch Type: text/x-patch Size: 28218 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 11 13:06:46 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 09:06:46 -0400 Subject: /hg/icedtea-web: Add man page for PolicyEditor In-Reply-To: <531ED148.7010101@redhat.com> References: <531ED148.7010101@redhat.com> Message-ID: <531F0A66.6010906@redhat.com> On 03/11/2014 05:03 AM, Jiri Vanek wrote: > Is small fix possible? > > diff -r f58e426ca958 netx/policyeditor.1 > --- a/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 > +++ b/netx/policyeditor.1 Tue Mar 11 10:01:14 2014 +0100 > @@ -14,7 +14,7 @@ > policy_file > .SH DESCRIPTION > .B policyeditor > -is a command line program to view and edit applet security policy > settings > +is a GUI application with small command line support to view and edit > applet security policy settings > used by the icedtea-web implementation of > .B javaws > and the browser plugin. It is intended as a simpler, easier to use, > and more > > I think the "command line program" is a bit misleading... > > J. D'oh :) wow. Thanks for catching that. Feel free to push. > On 03/10/2014 09:30 PM, aazores at icedtea.classpath.org wrote: >> changeset f58e426ca958 in /hg/icedtea-web >> details: >> http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958 >> author: Andrew Azores >> date: Mon Mar 10 16:30:44 2014 -0400 >> >> Add man page for PolicyEditor >> >> * Makefile.am: (install-data-local, uninstall-local): added >> policyeditor.1 >> man page >> * netx/policyeditor.1: new man page for PolicyEditor >> >> >> diffstat: >> >> Makefile.am | 3 ++ >> netx/policyeditor.1 | 69 >> +++++++++++++++++++++++++++++++++++++++++++++++++++++ >> 2 files changed, 72 insertions(+), 0 deletions(-) >> >> diffs (93 lines): >> >> diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am >> --- a/Makefile.am Mon Mar 10 15:44:51 2014 -0400 >> +++ b/Makefile.am Mon Mar 10 16:30:44 2014 -0400 >> @@ -257,6 +257,7 @@ >> ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1 >> ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1 >> ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 >> $(DESTDIR)$(mandir)/man1 >> + ${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 >> $(DESTDIR)$(mandir)/man1 >> if ENABLE_DOCS >> ${mkinstalldirs} $(DESTDIR)$(htmldir) >> (cd ${abs_top_builddir}/docs/netx; \ >> @@ -278,6 +279,8 @@ >> rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar >> rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar >> rm -f $(DESTDIR)$(mandir)/man1/javaws.1 >> + rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1 >> + rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1 >> rm -f $(DESTDIR)$(bindir)/$(javaws) >> rm -f $(DESTDIR)$(bindir)/$(itweb_settings) >> rm -f $(DESTDIR)$(bindir)/$(policyeditor) >> diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1 >> --- /dev/null Thu Jan 01 00:00:00 1970 +0000 >> +++ b/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 >> @@ -0,0 +1,69 @@ >> +.TH policyeditor 1 "10 Mar 2014" >> + >> +.SH NAME >> + >> +policyeditor - view and modify security policy settings for >> +.B javaws >> +and the browser plugin >> + >> +.SH SYNOPSIS >> + >> +.B policyeditor >> +.br >> +.B policyeditor [-file] >> +policy_file >> +.SH DESCRIPTION >> +.B policyeditor >> +is a command line program to view and edit applet security policy >> settings >> +used by the icedtea-web implementation of >> +.B javaws >> +and the browser plugin. It is intended as a simpler, easier to use, >> and more >> +accessible alternative to the standard JDK Policy Tool. >> Administrators and >> +power users who need fine grained control over policy files should >> probably >> +use Policy Tool instead of PolicyEditor. >> + >> +If executed without any arguments, no file is opened, and saving the >> file will >> +result in a prompt on where to save it. Otherwise, if a file path is >> given as >> +a command line argument, then that file path will be opened and >> parsed as a >> +policy file. >> + >> + >> +.SH OPTIONS >> + >> +.TP >> +-file >> +Specifies a policy file path to open. If this is not given as an >> argument, the >> +first argument given is interpreted as a file path to open anyway. >> This switch >> +exists mostly for compatibility with Policy Tool. >> + >> +.SH EXAMPLES >> + >> +.TP >> +policyeditor >> +Show the GUI editor >> + >> +.TP >> +policyeditor -file $HOME/.config/icedtea-web/security/java.policy >> +Opens the default user-level policy file location >> + >> + >> +.SH FILES >> + >> +$HOME/.config/icedtea-web/security/java.policy the default >> user-level policy file location >> + >> +.SH BUGS >> + >> +There aren't any known bugs. If you come across one, please file it at >> + http://icedtea.classpath.org/bugzilla/ >> + >> +.SH AUTHOR >> + >> +Written and maintained by the IcedTea contributors. >> + >> +.SH SEE ALSO >> + >> +.BR policytool (1), >> +.BR javaws (1), >> +.BR java (1) >> +.br >> +http://icedtea.classpath.org/wiki/IcedTea-Web > Thanks, -- Andrew A From aazores at redhat.com Tue Mar 11 13:12:25 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 09:12:25 -0400 Subject: [rfc][icedtea-web] following permissions attribute In-Reply-To: <531EF095.3080001@redhat.com> References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com> <5317331A.90405@redhat.com> <531740F3.2040102@redhat.com> <531E07A2.8060200@redhat.com> <531E0E53.1090707@redhat.com> <531EF095.3080001@redhat.com> Message-ID: <531F0BB9.7050500@redhat.com> On 03/11/2014 07:16 AM, Jiri Vanek wrote: > hrere we go. > > > Thanx! > > Looks good to me. Thanks, -- Andrew A From jvanek at redhat.com Tue Mar 11 13:29:03 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 14:29:03 +0100 Subject: [rfc][icedtea-web] clean button for console Message-ID: <531F0F9F.1040902@redhat.com> 2014-03-11 Jiri Vanek * netx/net/sourceforge/jnlp/resources/Messages.properties: added (ButClean) key for new button * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: (update) method enhanced for possibility to force refresh * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added ButClean button. (updateModel) overlaoded with force attribute. -------------- next part -------------- A non-text attachment was scrubbed... Name: cleanButonForConsole.patch Type: text/x-patch Size: 2386 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 11 13:56:20 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 09:56:20 -0400 Subject: [rfc][icedtea-web] clean button for console In-Reply-To: <531F0F9F.1040902@redhat.com> References: <531F0F9F.1040902@redhat.com> Message-ID: <531F1604.5000407@redhat.com> On 03/11/2014 09:29 AM, Jiri Vanek wrote: > 2014-03-11 Jiri Vanek > > * netx/net/sourceforge/jnlp/resources/Messages.properties: added > (ButClean) > key for new button > * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: > (update) > method enhanced for possibility to force refresh > * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added > ButClean > button. (updateModel) overlaoded with force attribute. Seems generally okay. One thing: > + if ( arg!= null && arg instanceof Boolean && ((Boolean)arg).booleanValue()) { "arg instanceof Boolean" will already give false if arg == null, so the arg != null check isn't really necessary. But you can keep it if you find it more readable leaving it in place. Thanks, -- Andrew A From jvanek at redhat.com Tue Mar 11 14:14:06 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 15:14:06 +0100 Subject: [rfc][icedtea-web] localised new console Message-ID: <531F1A2E.2090800@redhat.com> With small tweek ala doing rawdata final, and renaming of testing console to cconsole tonot hide an field... Long prommised localisable console... :( J. -------------- next part -------------- A non-text attachment was scrubbed... Name: consoleTweekAndTransaltion.patch Type: text/x-patch Size: 13514 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 11 14:24:02 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 10:24:02 -0400 Subject: [rfc][icedtea-web] localised new console In-Reply-To: <531F1A2E.2090800@redhat.com> References: <531F1A2E.2090800@redhat.com> Message-ID: <531F1C82.2000700@redhat.com> On 03/11/2014 10:14 AM, Jiri Vanek wrote: > With small tweek ala doing rawdata final, and renaming of testing > console to cconsole tonot hide an field... > Long prommised localisable console... > > > :( > > J. Assuming all the replaced messages match up properly, looks good. Style comment: Why use Translator.R instead of doing import static so you can call it simply as R? Thanks, -- Andrew A From jvanek at icedtea.classpath.org Tue Mar 11 17:06:57 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Tue, 11 Mar 2014 17:06:57 +0000 Subject: /hg/icedtea-web: 2 new changesets Message-ID: changeset 7487d725b294 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7487d725b294 author: Jiri Vanek date: Tue Mar 11 12:24:46 2014 +0100 Implemented Permissions manifest entry handling. changeset f0ffdf45c4dc in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f0ffdf45c4dc author: Jiri Vanek date: Tue Mar 11 12:26:10 2014 +0100 netx/policyeditor.1: Mentioned that it is more GUI then commandline tool diffstat: ChangeLog | 29 + NEWS | 2 +- netx/net/sourceforge/jnlp/JNLPFile.java | 45 ++- netx/net/sourceforge/jnlp/resources/Messages.properties | 12 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 49 +++ netx/net/sourceforge/jnlp/security/SecurityDialog.java | 3 + netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 14 + netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java | 152 ++++++++++ netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java | 2 +- netx/policyeditor.1 | 2 +- tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java | 20 +- tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java | 50 ++- 12 files changed, 351 insertions(+), 29 deletions(-) diffs (truncated from 613 to 500 lines): diff -r f58e426ca958 -r f0ffdf45c4dc ChangeLog --- a/ChangeLog Mon Mar 10 16:30:44 2014 -0400 +++ b/ChangeLog Tue Mar 11 12:26:10 2014 +0100 @@ -1,3 +1,32 @@ +2014-03-11 Jiri Vanek + + * netx/policyeditor.1: Mentioned that it is more GUI then commandline tool + +2014-03-11 Jiri Vanek + + Implemented Permissions manifest entry handling. + * NEWS: mentioned Permissions attribute + * netx/net/sourceforge/jnlp/JNLPFile.java: new enum (ManifestBoolean) introduced + to replace true/false/null by TRUE/FALSE/UNDEFFINED. (isTrustedOnly), + (isTrustedLibrary), (isSandboxForced) and (processBooleanAttribute) moved + to use ManifestBoolean. + * netx/net/sourceforge/jnlp/resources/Messages.properties: Added (ButYes) (ButNo) + (MissingPermissionsMainTitle) and (MissingPermissionsInfo) keys + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: is now checking + (checkPermissionsAttribute) in (init). Implemented new (checkPermissionsAttribute) + method to handle Permissions attribute + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: can handle + (UNSIGNED_EAS_NO_PERMISSIONS_WARNING) + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: defined + (UNSIGNED_EAS_NO_PERMISSIONS_WARNING ) and (showMissingPermissionsAttributeDialogue) + * netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java: + new class, implementation of missing permissions attribute panel. + * netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: changed + (initialFocusComponent) from package private to descendant visible + * tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java: and + * tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: adapted to + (ManifestBoolean) and to Permissions attribute handling at all. + 2014-03-10 Omair Majid * netx/javaws.1, diff -r f58e426ca958 -r f0ffdf45c4dc NEWS --- a/NEWS Mon Mar 10 16:30:44 2014 -0400 +++ b/NEWS Tue Mar 11 12:26:10 2014 +0100 @@ -14,7 +14,7 @@ * IcedTea-Web is now following XDG .config and .cache specification(RH947647) * A console for debugging plugin and javaws * Dialogs center on screen before becoming visible -* Support for u45 and u51 new manifest attributes (Application-Name, Codebase) +* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions) * Custom applet permission policies panel in itweb-settings control panel * javaws -version flag * New PolicyEditor for easily adding/removing permissions to individual applets diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/JNLPFile.java --- a/netx/net/sourceforge/jnlp/JNLPFile.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/JNLPFile.java Tue Mar 11 12:26:10 2014 +0100 @@ -57,6 +57,10 @@ * @version $Revision: 1.21 $ */ public class JNLPFile { + + public static enum ManifestBoolean { + TRUE, FALSE, UNDEFINED; + } // todo: save the update policy, then if file was not updated @@ -936,7 +940,7 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_only */ - public Boolean isTrustedOnly() { + public ManifestBoolean isTrustedOnly() { return processBooleanAttribute(TRUSTED_ONLY); } @@ -944,7 +948,7 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library */ - public Boolean isTrustedLibrary() { + public ManifestBoolean isTrustedLibrary() { return processBooleanAttribute(TRUSTED_LIBRARY); } @@ -952,20 +956,35 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions */ - public Boolean isSandboxForced() { + public ManifestBoolean isSandboxForced() { String s = getAttribute(PERMISSIONS); if (s == null) { - return null; + return ManifestBoolean.UNDEFINED; } else if (s.trim().equalsIgnoreCase("sandbox")) { - return true; + return ManifestBoolean.TRUE; } else if (s.trim().equalsIgnoreCase("all-permissions")) { - return false; + return ManifestBoolean.FALSE; } else { throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected sandbox or all-permissions"); } } + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions + */ + public String permissionsToString() { + String s = getAttribute(PERMISSIONS); + if (s == null) { + return "Not defined"; + } else if (s.trim().equalsIgnoreCase("sandbox")) { + return s.trim(); + } else if (s.trim().equalsIgnoreCase("all-permissions")) { + return s.trim(); + } else { + return "illegal"; + } + } /** * get custom attribute. @@ -997,16 +1016,16 @@ return ClasspathMatcher.ClasspathMatchers.compile(s); } - private Boolean processBooleanAttribute(String id) throws IllegalArgumentException { + private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException { String s = getAttribute(id); if (s == null) { - return null; + return ManifestBoolean.UNDEFINED; } else { - s = s.trim(); - if (s.equalsIgnoreCase("true") || s.equalsIgnoreCase("false")) { - //the Boolean is working like below, thats why the condition - //return ((name != null) && name.equalsIgnoreCase("true")); - return Boolean.parseBoolean(s); + s = s.toLowerCase().trim(); + if (s.equals("true")) { + return ManifestBoolean.TRUE; + } else if (s.equals("false")) { + return ManifestBoolean.FALSE; } else { throw new IllegalArgumentException("Unknown value of " + id + " attribute " + s + ". Expected true or false"); } diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 11 12:26:10 2014 +0100 @@ -17,6 +17,8 @@ ButDone=Done ButShowDetails=Show Details ButHideDetails=Hide Details +ButYes=Yes +ButNo=No CertWarnRunTip=Trust this applet and run with full permissions CertWarnSandboxTip=Do not trust this applet and run with restricted permissions @@ -46,6 +48,16 @@ AboutDialogueTabNews=News AboutDialogueTabGPLv2=GPLv2 +# missing permissions dialogue +MissingPermissionsMainTitle=Application {0} \ +form codebase {1} is missing the permissions attribute. \ +Applications without this attribute should not be trusted. Do you wish to allow this application to run? +MissingPermissionsInfo=For more information you can visit:
\ + \ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
\ +and
\ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html + # LS - Severity LSMinor=Minor LSFatal=Fatal diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Mar 11 12:26:10 2014 +0100 @@ -15,6 +15,7 @@ package net.sourceforge.jnlp.runtime; +import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; import static net.sourceforge.jnlp.runtime.Translator.R; import java.io.File; @@ -289,6 +290,8 @@ checkCodebaseAttribute(); + checkPermissionsAttribute(); + installShutdownHooks(); @@ -2442,6 +2445,52 @@ } } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions + */ + public void checkPermissionsAttribute() throws LaunchException { + final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); + AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + if (level == AppletSecurityLevel.ALLOW_UNSIGNED) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing"); + return; + } + switch (permissions) { + case UNDEFINED: { + if (level == AppletSecurityLevel.DENY_UNSIGNED) { + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); + } + if (level == AppletSecurityLevel.ASK_UNSIGNED) { + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); + if (!a) { + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); + } else { + OutputController.getLogger().log("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it."); + } + } + //default for missing is sandbox + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); + } + break; + } + case TRUE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } else { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); + } + } + case FALSE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); + } else { + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } + } + } + } /* * Helper class to expose protected URLClassLoader methods. diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Tue Mar 11 12:26:10 2014 +0100 @@ -37,6 +37,7 @@ package net.sourceforge.jnlp.security; +import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel; import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane; @@ -317,6 +318,8 @@ panel = new UnsignedAppletTrustWarningDialog(this, file); else if (dialogType == DialogType.AUTHENTICATION) panel = new PasswordAuthenticationPane(this, extras); + else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING) + panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]); add(panel, BorderLayout.CENTER); } diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Tue Mar 11 12:26:10 2014 +0100 @@ -41,6 +41,7 @@ import java.awt.event.WindowAdapter; import java.awt.event.WindowEvent; import java.net.NetPermission; +import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.concurrent.Semaphore; @@ -79,6 +80,7 @@ UNSIGNED_WARNING, /* requires confirmation with 'high-security' setting */ APPLET_WARNING, AUTHENTICATION, + UNSIGNED_EAS_NO_PERMISSIONS_WARNING /* when Extended applet security is at High Security and no permission attribute is find, */ } /** The types of access which may need user permission. */ @@ -286,6 +288,18 @@ } } + public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) { + + if (!shouldPromptUser()) { + return false; + } + + SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING; + message.extras = new Object[]{title, codeBase.toExternalForm()}; + Object selectedValue = getUserResponse(message); + return SecurityDialogs.getIntegerResponseAsBoolean(selectedValue); + } /** * Posts the message to the SecurityThread and gets the response. Blocks * until a response has been recieved. It's safe to call this from an diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java Tue Mar 11 12:26:10 2014 +0100 @@ -0,0 +1,152 @@ +/* AppletWarningPane.java + Copyright (C) 2008 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Desktop; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.Image; +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URL; +import javax.imageio.ImageIO; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; +import javax.swing.event.HyperlinkEvent; +import javax.swing.event.HyperlinkListener; +import net.sourceforge.jnlp.runtime.Translator; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.util.logging.OutputController; + +public class MissingPermissionsAttributePanel extends SecurityDialogPanel { + + public MissingPermissionsAttributePanel(SecurityDialog x, String title, String codebase) { + super(x); + try { + addComponents(title, codebase); + } catch (Exception ex) { + throw new RuntimeException(ex); + } + if (x != null) { + x.setMinimumSize(new Dimension(400, 300)); + } + } + + protected final void addComponents(String title, String codebase) throws IOException { + + URL imgUrl = this.getClass().getResource("/net/sourceforge/jnlp/resources/warning.png"); + ImageIcon icon = null; + Image img = ImageIO.read(imgUrl); + icon = new ImageIcon(img); + String topLabelText = Translator.R("MissingPermissionsMainTitle", title, codebase); + String bottomLabelText = Translator.R("MissingPermissionsInfo"); + + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.CENTER); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(400, 80)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JEditorPane bottomLabel = new JEditorPane("text/html", htmlWrap(bottomLabelText)); + bottomLabel.setEditable(false); + bottomLabel.addHyperlinkListener(new HyperlinkListener() { + @Override + public void hyperlinkUpdate(HyperlinkEvent e) { + try { + if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) { + Desktop.getDesktop().browse(e.getURL().toURI()); + } + } catch (IOException ex) { + OutputController.getLogger().log(ex); + } catch (URISyntaxException ex) { + OutputController.getLogger().log(ex); + } + } + }); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(bottomLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(400, 80)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + bottomLabel.setBackground(infoPanel.getBackground()); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton yes = new JButton(Translator.R("ButYes")); + JButton no = new JButton(Translator.R("ButNo")); + int buttonWidth = yes.getMinimumSize().width; + int buttonHeight = yes.getMinimumSize().height; + Dimension d = new Dimension(buttonWidth, buttonHeight); + yes.setPreferredSize(d); + no.setPreferredSize(d); + yes.addActionListener(createSetValueListener(parent, 0)); + no.addActionListener(createSetValueListener(parent, 1)); + initialFocusComponent = no; + buttonPanel.add(yes); + buttonPanel.add(no); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + } + + public static void main(String[] args) { + MissingPermissionsAttributePanel w = new MissingPermissionsAttributePanel(null, "HelloWorld", "http://nbblah.url"); + JFrame f = new JFrame(); + f.setSize(400, 300); + f.add(w, BorderLayout.CENTER); + f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + f.setVisible(true); + } +} diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java --- a/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java Tue Mar 11 12:26:10 2014 +0100 @@ -53,7 +53,7 @@ protected SecurityDialog parent; - JComponent initialFocusComponent = null; + protected JComponent initialFocusComponent = null; CertVerifier certVerifier = null; diff -r f58e426ca958 -r f0ffdf45c4dc netx/policyeditor.1 --- a/netx/policyeditor.1 Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/policyeditor.1 Tue Mar 11 12:26:10 2014 +0100 @@ -14,7 +14,7 @@ policy_file .SH DESCRIPTION .B policyeditor -is a command line program to view and edit applet security policy settings +is a GUI application with small command line support to view and edit applet security policy settings used by the icedtea-web implementation of .B javaws and the browser plugin. It is intended as a simpler, easier to use, and more diff -r f58e426ca958 -r f0ffdf45c4dc tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 16:30:44 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Tue Mar 11 12:26:10 2014 +0100 @@ -53,12 +53,30 @@ import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader; import net.sourceforge.jnlp.annotations.Bug; import net.sourceforge.jnlp.annotations.Remote; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; From aazores at redhat.com Tue Mar 11 17:07:01 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 13:07:01 -0400 Subject: [rfc][icedtea-web][policyeditor] Wrong permission target for tmpdir Message-ID: <531F42B5.9070106@redhat.com> Hi, The system property for tmpdir (eg /tmp) is java.io.tmpdir, not simply io.tmpdir as PolicyEditor had it. Just fixing this. Thanks, Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-io-tmpdir.patch Type: text/x-patch Size: 576 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 11 17:24:13 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 13:24:13 -0400 Subject: [rfc][icedtea-web][policyeditor] Duplicate visual codebases Message-ID: <531F46BD.2040204@redhat.com> Hi, PolicyEditor already guards against having multiple entries for the same codebase in its permission maps, but there's a bug that still allows the left side list view to display multiple of the same codebase. This patch fixes it so that duplicate codebases really can't be added. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-duplicate-codebase.patch Type: text/x-patch Size: 2114 bytes Desc: not available URL: From jvanek at redhat.com Tue Mar 11 17:32:48 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 18:32:48 +0100 Subject: [rfc][icedtea-web] localised new console In-Reply-To: <531F1C82.2000700@redhat.com> References: <531F1A2E.2090800@redhat.com> <531F1C82.2000700@redhat.com> Message-ID: <531F48C0.6050903@redhat.com> On 03/11/2014 03:24 PM, Andrew Azores wrote: > On 03/11/2014 10:14 AM, Jiri Vanek wrote: >> With small tweek ala doing rawdata final, and renaming of testing console to cconsole tonot hide an field... >> Long prommised localisable console... >> >> >> :( >> >> J. > > Assuming all the replaced messages match up properly, looks good. > > Style comment: Why use Translator.R instead of doing import static so you can call it simply as R? In case of our "R" I dont liek static import. It is hard for me to see it. Thanx for quick check. Pushed. > > Thanks, > From jvanek at icedtea.classpath.org Tue Mar 11 17:29:56 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Tue, 11 Mar 2014 17:29:56 +0000 Subject: /hg/icedtea-web: 2 new changesets Message-ID: changeset 7467c864c3c2 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7467c864c3c2 author: Jiri Vanek date: Tue Mar 11 18:30:34 2014 +0100 Added clean button for Java Console changeset 4d2b8cbf5259 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=4d2b8cbf5259 author: Jiri Vanek date: Tue Mar 11 18:37:55 2014 +0100 New java console made localizable diffstat: ChangeLog | 19 + netx/net/sourceforge/jnlp/resources/Messages.properties | 44 ++++ netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java | 110 +++++---- netx/net/sourceforge/jnlp/util/logging/JavaConsole.java | 30 ++- 4 files changed, 149 insertions(+), 54 deletions(-) diffs (433 lines): diff -r f0ffdf45c4dc -r 4d2b8cbf5259 ChangeLog --- a/ChangeLog Tue Mar 11 12:26:10 2014 +0100 +++ b/ChangeLog Tue Mar 11 18:37:55 2014 +0100 @@ -1,3 +1,22 @@ +2014-03-11 Jiri Vanek + + New java console made localizable. + *netx/net/sourceforge/jnlp/resources/Messages.properties: added new family of + keys (COP) for new console + *netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: where reasonable, + strings replaced by records in properties. + * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: (rawData) and + (outputs) made final. + +2014-03-11 Jiri Vanek + + * netx/net/sourceforge/jnlp/resources/Messages.properties: added (CONSOLEClean) + key for new button + * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: (update) + method enhanced for possibility to force refresh + * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added ButClean + button. (updateModel) overlaoded with force attribute. + 2014-03-11 Jiri Vanek * netx/policyeditor.1: Mentioned that it is more GUI then commandline tool diff -r f0ffdf45c4dc -r 4d2b8cbf5259 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 11 12:26:10 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 11 18:37:55 2014 +0100 @@ -551,6 +551,50 @@ CONSOLEmemoryMax = Max Memory CONSOLEmemoryTotal = Total Memory CONSOLEmemoryFree = Free Memory +CONSOLEClean=Clean all + +#console output pane labels +COPsortCopyAllDate=sort copy all by date +COPshowHeaders=Show headers: +COPuser=user +COPorigin=origin +COPlevel=level +COPdate=date +COPthread1=thread 1 +COPthread2=thread 2 +COPShowMessages=Show messages +COPstdOut=std. Out +COPstdErr=std. Err +COPjava=java +COPplugin=plugin +COPpreInit=pre-init +COPpluginOnly=plugin only +COPSortBy=Sort by +COPregex=Regular expression filter +COPAsArrived=As arrived (no sort) +COPcode=code +COPmessage=message +COPSearch=Search +COPautoRefresh=auto refresh +COPrefresh=refresh +COPApply=Apply +COPmark=mark +COPCopyAllPlain=Copy all (plain) +COPCopyAllRich=Copy all (rich) +COPnext=next>>> +COPprevious=<<>>"); + next.setText(Translator.R("COPnext")); next.addActionListener(new java.awt.event.ActionListener() { @Override @@ -399,7 +417,7 @@ } }); - previous.setText("<< rawData = Collections.synchronizedList(new ArrayList()); - private List outputs = new ArrayList(); + final private List rawData = Collections.synchronizedList(new ArrayList()); + final private List outputs = new ArrayList(); private void refreshOutputs() { refreshOutputs(outputsPanel, (Integer)numberOfOutputs.getValue()); @@ -354,6 +352,19 @@ } }); + JButton cleanButton = new JButton(R("CONSOLEClean")); + buttonPanel.add(cleanButton); + cleanButton.addActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + synchronized (rawData){ + rawData.clear(); + updateModel(true); + } + } + }); + initialized = true; } @@ -463,7 +474,7 @@ public static void main(String[] args) { - final JavaConsole console = new JavaConsole(); + final JavaConsole cconsole = new JavaConsole(); boolean toShowConsole = true; @@ -474,7 +485,7 @@ } if (toShowConsole) { - console.showConsoleLater(); + cconsole.showConsoleLater(); } } @@ -484,10 +495,13 @@ rawData.add(m); updateModel(); } - + private synchronized void updateModel() { + updateModel(null); + } + private synchronized void updateModel(Boolean force) { observable.setChanged(); - observable.notifyObservers(); + observable.notifyObservers(force); } From jvanek at redhat.com Tue Mar 11 17:38:56 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 18:38:56 +0100 Subject: [rfc][icedtea-web][policyeditor] Wrong permission target for tmpdir In-Reply-To: <531F42B5.9070106@redhat.com> References: <531F42B5.9070106@redhat.com> Message-ID: <531F4A30.6020900@redhat.com> On 03/11/2014 06:07 PM, Andrew Azores wrote: > Hi, > > The system property for tmpdir (eg /tmp) is java.io.tmpdir, not simply io.tmpdir as PolicyEditor had it. Just fixing this. > > Thanks, > > Thanks, > go on. Thanx. From aazores at icedtea.classpath.org Tue Mar 11 17:59:18 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Tue, 11 Mar 2014 17:59:18 +0000 Subject: /hg/icedtea-web: Fixed PolicyEditor tmpdir permission property v... Message-ID: changeset db8627ef75f2 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=db8627ef75f2 author: Andrew Azores date: Tue Mar 11 13:59:10 2014 -0400 Fixed PolicyEditor tmpdir permission property value diffstat: ChangeLog | 5 +++++ netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-) diffs (24 lines): diff -r 4d2b8cbf5259 -r db8627ef75f2 ChangeLog --- a/ChangeLog Tue Mar 11 18:37:55 2014 +0100 +++ b/ChangeLog Tue Mar 11 13:59:10 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-11 Andrew Azores + + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: + (TMPDIR) is java.io.tmpdir, not io.tmpdir + 2014-03-11 Jiri Vanek New java console made localizable. diff -r 4d2b8cbf5259 -r db8627ef75f2 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java Tue Mar 11 18:37:55 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java Tue Mar 11 13:59:10 2014 -0400 @@ -44,7 +44,7 @@ NONE(""), ALL("*"), USER_HOME("${user.home}${/}*"), - TMPDIR("${io.tmpdir}${/}*"), + TMPDIR("${java.io.tmpdir}${/}*"), CLIPBOARD("accessClipboard"), PRINT("queuePrintJob"), PLAY("play"); From jvanek at redhat.com Tue Mar 11 19:25:35 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 11 Mar 2014 20:25:35 +0100 Subject: [rfc][icedtea-web] implemented Application-Library-Allowable-Codebase Attribute In-Reply-To: <53173C78.5050204@redhat.com> References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com> Message-ID: <531F632F.1000005@redhat.com> All your nits have been fixed. However: I'm still not using the AppTrustWarningPanel, so rember button is useless. It will come as another changeset (if ever) - this patch broke elluminate - one of the deadly throws is probably redundant and should be repalced by security prompt. - jsut hint - download indicator is broken - elluminat works, but freaze to, same as http://www.walter-fendt.de/ph14e/resultant.htm I guess all above are older issues not related to this patch. J. On 03/05/2014 04:02 PM, Andrew Azores wrote: > On 02/27/2014 12:11 PM, Jiri Vanek wrote: >> hi! >> >> Implementation of - Application-Library-Allowable-Codebase Attribute. Well it grow a bit. >> >> The implementation itself, is as straightforward as terrible "specification" allowed (please reviwer, study the specification too:( ) >> >> However, many workarounds were needed: >> >> * netx/net/sourceforge/jnlp/JNLPFile.java and netx/net/sourceforge/jnlp/util/ClasspathMatcher.java : It appeared, that this attribute honors path in pattern. Luckily the matcher was prepared for it, and now it is just conditionally enabled. >> >> * dialogues - still the same with one detail - the remember option do not work. I'm not sure if I wont to use already implemented whitelist from Extended Applets Security... Well why not? Becasue all alowed appelts will be able to run rmeote context...But well.. why not? If I will reuse it, then MatchingALACAttributePanel will be reworked. > > Are you talking about using AppTrustWarningPanel? ;) > >> >> * netx/net/sourceforge/jnlp/util/UrlUtils.java - this was most unlucky - two new utility methods - to remove name filename from url path, and to compare urls no meter if there is tailing slash. >> - the exctraction of name is for puposes to find the uri of its location, which is then matched against attribute >> - the comparison without tailing slash is not so clear - There is only one suecase of it : >> >> + if (usedUrls.size() == 1) { >> + if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], codebase) >> + && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], documentBase)) { >> + //all resoources are from codebase or document base. it is ok to proceeed. >> + OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[]{})[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); >> + return; >> + } >> + } >> >> >> It happened that different applications have or have not the trailing slash On codebase and so the implementation of removeFileName was burdened by keep trailing slash or not. This is workarround. >> >> > > Nit here: why "new URL[]{}" ? Why not "new URL[0]" ? > >> >> *however* I'm a hesitating how to deal with it in Matcher. I adapted it (if compare of paths is true) that some.url/some/path matches both some.url/some/path/ and some.url/some/path, but some.url/some/path/ do not match some.url/some/path (matches only some.url/some/path/) >> I consider it as lowest evil....:( >> >> All should be unittested as much as possible. >> I'm still taking deep breath before doing reproducers for both this and permissions. >> >> >> Thanx in advance, >> J. > > Rest of comments here: > > Messages.properties: >> # missing Application-Library-Allowable-Codebase dialogue >> ALACAMissingMainTitle=Application {0} \ >> form codebase {1} is missing the Application-Library-Allowable-Codebase attribute. \ >> The resources this applications is opening are from remote locations:
{2}
Are you sure to run this application to? > "This application uses resources from the following remote locations: {2} Are you sure you want to run this application?" >> ALACAMissingInfo=For more information you can visit:
\ >> \ >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
\ >> and
\ >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html >> # matching Application-Library-Allowable-Codebase dialogue >> ALACAMatchingMainTitle=Application {0} \ >> form codebase {1} is requiring valid resources from different locations:
{2}
\ >> Those resources are expected to be loaded. Do you agree to run this application? >> ALACAMatchingInfo=For more information you can visit:
\ >> \ >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
\ >> and
\ >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html > > JNLPClassLoader: >> //do this check for unsigned apps? imho yes >> //if (security.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)){ >> // return; /*when app isnot signed, then skip this check*/ >> //} > Why should we do this check for unsigned? The spec specifies it's for "signed RIAs", and I don't think it's necessary to enforce it for unsigned. Partially signed is questionable. Anyway, this check would be better if it used the "signing" field instead, which has type SigningState and is meant for exactly this kind of check. There's also the new SecurityDelegate inner class (which was added after you sent this patch, I know), and maybe this whole method or at least large parts of it should be inside there instead. >> + URL documentBase = null; >> + if (file instanceof PluginBridge) { >> + documentBase = ((PluginBridge) file).getSourceLocation(); >> + } >> + if (documentBase == null) { >> + documentBase = file.getCodeBase(); >> + } > > URL documentBase; > if (file instanceof PluginBridge) { > documentBase = ((PluginBridge) file).getSourceLocation(); > } else { > documentBase = file.getCodeBase(); > } > > This would be preferable, no? > >> + for (int i = 0; i < resourcesDescs.length; i++) { >> + ResourcesDesc resourcesDesc = resourcesDescs[i]; >> + for (int j = 0; j < ex.length; j++) { >> + ExtensionDesc extensionDesc = ex[j]; >> + for (int k = 0; k < jars.length; k++) { >> + JARDesc jarDesc = jars[k]; > > Why not use for-each loops? > >> + ExtensionDesc[] ex = resourcesDesc.getExtensions(); >> + if (ex != null) { >> + JARDesc[] jars = resourcesDesc.getJARs(); >> + if (jars != null) { > > I think the null checks here are over-defensive. These methods appear to be designed to return empty arrays if there is no matching resource, not null. > >> + if (att == null) { >> + int a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); >> + if (a != 0) { > > I'll come back to this later... > >> + throw new LaunchException("The application is using resources from elsewhere then its base is, have missing Application-Library-Allowable-Codebase attribute and you forbifd it to run"); > > "The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user" > Should these new LaunchException explanations not go in Messages.properties? > >> + throw new LaunchException("The resource from " + foundUrl + " do not have any match in Application-Library-Allowable-Codebase Attribute " + att + ". Thats fatal"); > > "The resource from " + foundUrl + " does not match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running." > >> + throw new LaunchException("The application is using resources from elsewhere then its base is which are matching Application-Library-Allowable-Codebase attribute but you forbifd it to run"); > > "The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." > > > MatchingALACAttributePanel and MissingALACAttributePanel: > > Why do these need main methods? Can you make an abstract parent class and have them subclass it? It seems like most of the code is shared. > > > SecurityDialogs: >> + public static int showMissingALACAttributePanel(String title, URL codeBase, Set remoteUrls) { >> + >> + if (!shouldPromptUser()) { >> + return 1; >> + } >> + >> + SecurityDialogMessage message = new SecurityDialogMessage(); >> + message.dialogType = DialogType.MISSING_ALACA; >> + message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; >> + Object selectedValue = getUserResponse(message); >> + >> + // result 0 = Yes, 1 = No >> + if (selectedValue instanceof Integer) { >> + // If the selected value can be cast to Integer, use that value >> + return ((Integer) selectedValue).intValue(); >> + } else { >> + // Otherwise default to "no" >> + return 1; >> + } >> + } >> + >> + public static int showMatchingALACAttributePanel(String title, URL codeBase, Set remoteUrls) { >> + >> + if (!shouldPromptUser()) { >> + return 1; >> + } >> + >> + SecurityDialogMessage message = new SecurityDialogMessage(); >> + message.dialogType = DialogType.MATCHING_ALACA; >> + message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; >> + Object selectedValue = getUserResponse(message); >> + >> + // result 0 = Yes, 1 = No >> + if (selectedValue instanceof Integer) { >> + // If the selected value can be cast to Integer, use that value >> + return ((Integer) selectedValue).intValue(); >> + } else { >> + // Otherwise default to "no" >> + return 1; >> + } >> + } > > Please use either getIntegerResponseAsBoolean or getIntegerResponseAsAppletAction rather than returning 0/1 as ints for yes/no. > > > Thanks, > > -- > Andrew A > -------------- next part -------------- A non-text attachment was scrubbed... Name: alaca_02.patch Type: text/x-patch Size: 47416 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 11 19:19:43 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 11 Mar 2014 19:19:43 +0000 Subject: [Bug 1697] New: Eclipse crash on Linux Mint Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1697 Bug ID: 1697 Summary: Eclipse crash on Linux Mint Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: major Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: bugzilla at cdunne.org.uk CC: unassigned at icedtea.classpath.org I'm trying to complete a Futurelearn Android course (https://www.futurelearn.com/courses/begin-programming-2014) and am getting problems with Eclipse crashing. I was using my phone (a Samsung Galaxy S3) to run the code but have today tried the emulator and the same thing happens. I've tried running Eclipse from the console and get the following: http://pastebin.com/yW3gAZ1b I've pasted the error report to: http://pastebin.com/MQyBM3Ed As you can imagine this is very annoying, sometimes it runs fine for multiple minutes but sometimes it crashes instantly. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Tue Mar 11 20:13:15 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 11 Mar 2014 16:13:15 -0400 Subject: [rfc][icedtea-web][policyeditor] man page update Message-ID: <531F6E5B.3020808@redhat.com> Hi, I forgot about the -codebase and -help switches before when I made the initial man page for policyeditor. I also realized that the -help switch didn't document the -codebase switch, either. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-man-page-update.patch Type: text/x-patch Size: 3000 bytes Desc: not available URL: From jvanek at redhat.com Wed Mar 12 09:12:41 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 10:12:41 +0100 Subject: [rfc][icedtea-web][policyeditor] man page update In-Reply-To: <531F6E5B.3020808@redhat.com> References: <531F6E5B.3020808@redhat.com> Message-ID: <53202509.6090103@redhat.com> On 03/11/2014 09:13 PM, Andrew Azores wrote: > Hi, > > I forgot about the -codebase and -help switches before when I made the initial man page for > policyeditor. I also realized that the -help switch didn't document the -codebase switch, either. > > Thanks, > Thanx. Looks good. J. From jvanek at redhat.com Wed Mar 12 10:04:49 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 11:04:49 +0100 Subject: [rfc][icedtea-web][policyeditor] File Changed check In-Reply-To: <531E1931.2020904@redhat.com> References: <531E1931.2020904@redhat.com> Message-ID: <53203141.3060302@redhat.com> On 03/10/2014 08:57 PM, Andrew Azores wrote: > Hi, > > As promised, here's a patch that lets PolicyEditor detect when the policy file has been externally > modified since it was opened, using MD5SumWatcher. > > ChangeLog: > Added check for external file modification to PolicyEditor > * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified, > PEFileModifiedDetail) new messages > * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: > (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use > MD5SumWatcher to detect when the policy file has been externally modified. > (updateMd5WithDialog) new method > * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: > all URLs changed to example.com > > Thanks, > final int response = updateMd5WithDialog(); + switch (response) { + case JOptionPane.YES_OPTION: + openAndParsePolicyFile(); + return; + case JOptionPane.NO_OPTION: + break; + case JOptionPane.CANCEL_OPTION: + return; + default: + break; + } What happens with gui in case of yes? eg - I have something selected, click save, md5 warning jump out, I click reload, underlyiing policy file reload, and my gui? Will the selected boxes/ceodebases whatever remain as I have selected, or as it in new file? Not sure what is better here - but probably to rest gui to match new file. Does it openAndParsePolicyFile ? If so ok to head.. Otherwise probbaly ok to head after answer. J. From ptisnovs at icedtea.classpath.org Wed Mar 12 11:37:07 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 12 Mar 2014 11:37:07 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBitAffineIdentityTrans... Message-ID: changeset 3db247628ff9 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3db247628ff9 author: Pavel Tisnovsky date: Wed Mar 12 12:37:42 2014 +0100 Ten new tests added into BitBitAffineIdentityTransformOp.java. diffstat: ChangeLog | 7 +- src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java | 140 ++++++++++ 2 files changed, 146 insertions(+), 1 deletions(-) diffs (171 lines): diff -r d56fab3af6d3 -r 3db247628ff9 ChangeLog --- a/ChangeLog Tue Mar 11 10:55:38 2014 +0100 +++ b/ChangeLog Wed Mar 12 12:37:42 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-12 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: + Ten new tests added into BitBitAffineIdentityTransformOp.java. + 2014-03-11 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: @@ -21,7 +26,7 @@ 2014-03-03 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: - Eight new tests added into BitBitAffineIdentityTransformOp.java: + Eight new tests added into BitBitAffineIdentityTransformOp.java. 2014-02-28 Pavel Tisnovsky diff -r d56fab3af6d3 -r 3db247628ff9 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Tue Mar 11 10:55:38 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Wed Mar 12 12:37:42 2014 +0100 @@ -3487,6 +3487,146 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp3); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp4); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp5); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp6); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp1); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp2); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp3); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp4); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp5); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp6); + } + + /** * Entry point to the test suite. * * @param args not used in this case From ptisnovs at icedtea.classpath.org Wed Mar 12 11:41:34 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 12 Mar 2014 11:41:34 +0000 Subject: /hg/rhino-tests: Enhancements of various tests in InvocableClass... Message-ID: changeset bdfcaa390fb9 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=bdfcaa390fb9 author: Pavel Tisnovsky date: Wed Mar 12 12:42:16 2014 +0100 Enhancements of various tests in InvocableClassTest. diffstat: ChangeLog | 5 + src/org/RhinoTests/InvocableClassTest.java | 76 ++++++++++++++++++++++++++++- 2 files changed, 78 insertions(+), 3 deletions(-) diffs (153 lines): diff -r 808d23256e54 -r bdfcaa390fb9 ChangeLog --- a/ChangeLog Tue Mar 11 10:52:47 2014 +0100 +++ b/ChangeLog Wed Mar 12 12:42:16 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-12 Pavel Tisnovsky + + * src/org/RhinoTests/InvocableClassTest.java: + Enhancements of various tests in InvocableClassTest. + 2014-03-11 Pavel Tisnovsky * src/org/RhinoTests/CompiledScriptClassTest.java: diff -r 808d23256e54 -r bdfcaa390fb9 src/org/RhinoTests/InvocableClassTest.java --- a/src/org/RhinoTests/InvocableClassTest.java Tue Mar 11 10:52:47 2014 +0100 +++ b/src/org/RhinoTests/InvocableClassTest.java Wed Mar 12 12:42:16 2014 +0100 @@ -1,7 +1,7 @@ /* Rhino test framework - Copyright (C) 2011, 2012, 2013 Red Hat + Copyright (C) 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. @@ -1530,6 +1530,14 @@ } try { + this.invocableClass.cast(Character.valueOf('a')); + throw new AssertionError("Class.cast(Character.valueOf('a')) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(Byte.valueOf((byte)42)); throw new AssertionError("Class.cast(Byte.valueOf((byte)42)) does not throw any exception"); } @@ -1586,6 +1594,14 @@ } try { + this.invocableClass.cast(new Throwable("xyzzy")); + throw new AssertionError("Class.cast(new Throwable(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(new RuntimeException()); throw new AssertionError("Class.cast(new RuntimeException()) does not throw any exception"); } @@ -1594,6 +1610,14 @@ } try { + this.invocableClass.cast(new RuntimeException("xyzzy")); + throw new AssertionError("Class.cast(new RuntimeException(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(new Error()); throw new AssertionError("Class.cast(new Error()) does not throw any exception"); } @@ -1602,6 +1626,22 @@ } try { + this.invocableClass.cast(new Error("xyzzy")); + throw new AssertionError("Class.cast(new Error(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.invocableClass.cast(new java.io.File("xyzzy")); + throw new AssertionError("Class.cast(new java.io.File(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(new java.lang.String()); throw new AssertionError("Class.cast(new java.lang.String()) does not throw any exception"); } @@ -1650,6 +1690,30 @@ } try { + this.invocableClass.cast(new java.awt.Label()); + throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.invocableClass.cast(new java.awt.Label(new String())); + throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.invocableClass.cast(new java.awt.Label("xyzzy")); + throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(new javax.swing.JLabel()); throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception"); } @@ -1666,13 +1730,20 @@ } try { + this.invocableClass.cast(new javax.swing.JLabel("xyzzy")); + throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.invocableClass.cast(new javax.swing.JPanel()); throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception"); } catch (Exception e) { // expected exception } - } /** @@ -1689,7 +1760,6 @@ catch (IllegalAccessException e) { // expected exception } - } /** From jvanek at redhat.com Wed Mar 12 11:57:54 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 12:57:54 +0100 Subject: [rfc][icedtea-web][policyeditor] Duplicate visual codebases In-Reply-To: <531F46BD.2040204@redhat.com> References: <531F46BD.2040204@redhat.com> Message-ID: <53204BC2.9070507@redhat.com> On 03/11/2014 06:24 PM, Andrew Azores wrote: > Hi, > > PolicyEditor already guards against having multiple entries for the same codebase in its permission > maps, but there's a bug that still allows the left side list view to display multiple of the same > codebase. This patch fixes it so that duplicate codebases really can't be added. > > Thanks, > Although I have no idea what it is supposed to do, it give sense... J. From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 13:11:13 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:11:13 +0000 Subject: [Bug 1698] New: [TRACKER] IcedTea 2.6.0 Release Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698 Bug ID: 1698 Summary: [TRACKER] IcedTea 2.6.0 Release Product: IcedTea Version: 7-hg Hardware: all OS: All Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org Tracker for IcedTea 2.6.0 major release. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 13:12:48 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:12:48 +0000 Subject: [Bug 1698] [TRACKER] IcedTea 2.6.0 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Target Milestone|--- |2.6.0 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 13:14:14 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:14:14 +0000 Subject: [Bug 1285] [IcedTea7] Use XML for AUTHORS/NEWS to ensure reliable formatting for producing e.g. release notes In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1285 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|1284 |1698 --- Comment #2 from Andrew John Hughes --- Target 2.6.0 release. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 13:14:14 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:14:14 +0000 Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|1285 | -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 13:14:14 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:14:14 +0000 Subject: [Bug 1698] [TRACKER] IcedTea 2.6.0 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |1285 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at icedtea.classpath.org Wed Mar 12 13:36:10 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:36:10 +0000 Subject: /hg/icedtea-web: Updated policyeditor documentation Message-ID: changeset 78f6e65ed7b3 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=78f6e65ed7b3 author: Andrew Azores date: Wed Mar 12 09:35:48 2014 -0400 Updated policyeditor documentation * netx/net/sourceforge/jnlp/resources/Messages.properties: (PECodebaseFlag) new message for policyeditor -help * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (HELP_MESSAGE) added -codebase flag * netx/policyeditor.1: updated -file and added -codebase and -help diffstat: ChangeLog | 8 +++ netx/net/sourceforge/jnlp/resources/Messages.properties | 1 + netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 3 +- netx/policyeditor.1 | 24 ++++++++- 4 files changed, 31 insertions(+), 5 deletions(-) diffs (80 lines): diff -r db8627ef75f2 -r 78f6e65ed7b3 ChangeLog --- a/ChangeLog Tue Mar 11 13:59:10 2014 -0400 +++ b/ChangeLog Wed Mar 12 09:35:48 2014 -0400 @@ -1,3 +1,11 @@ +2014-03-12 Andrew Azores + + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (PECodebaseFlag) new message for policyeditor -help + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (HELP_MESSAGE) added -codebase flag + * netx/policyeditor.1: updated -file and added -codebase and -help + 2014-03-11 Andrew Azores * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 11 13:59:10 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 12 09:35:48 2014 -0400 @@ -464,6 +464,7 @@ PEUsage=policyeditor [-file policyfile] PEHelpFlag=Print this message and exit PEFileFlag=Specify a policyfile path to open +PECodebaseFlag=Specify (a) codebase URL(s) to add and/or focus in the editor PETitle=Policy Editor PEReadProps=Read system properties PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Tue Mar 11 13:59:10 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 12 09:35:48 2014 -0400 @@ -144,7 +144,8 @@ private static final String HELP_MESSAGE = "Usage:\t" + R("PEUsage") + "\n\n" + " " + HELP_FLAG + "\t\t\t" + R("PEHelpFlag") + "\n" - + " " + FILE_FLAG + "\t\t\t" + R("PEFileFlag") + "\n"; + + " " + FILE_FLAG + "\t\t\t" + R("PEFileFlag") + "\n" + + " " + CODEBASE_FLAG + "\t\t" + R("PECodebaseFlag") + "\n"; private static final String AUTOGENERATED_NOTICE = "/* DO NOT MODIFY! AUTO-GENERATED */"; diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/policyeditor.1 --- a/netx/policyeditor.1 Tue Mar 11 13:59:10 2014 -0400 +++ b/netx/policyeditor.1 Wed Mar 12 09:35:48 2014 -0400 @@ -12,6 +12,8 @@ .br .B policyeditor [-file] policy_file +.B [-codebase] +url .SH DESCRIPTION .B policyeditor is a GUI application with small command line support to view and edit applet security policy settings @@ -31,10 +33,24 @@ .SH OPTIONS .TP --file -Specifies a policy file path to open. If this is not given as an argument, the -first argument given is interpreted as a file path to open anyway. This switch -exists mostly for compatibility with Policy Tool. +-help +Prints a short help text and exits. + +.TP +-file policy_file +Specifies a policy file path to open. If exactly one argument is given, and it +is not this flag, it is interpreted as a file path to open, as if this flag +was given first. This flag exists mostly for compatibility with Policy Tool, +but is also needed when opening a policy file and also using the -codebase flag. + +.TP +-codebase url +Specifies an applet codebase URL. If the specified codebase already exists in +the policy file (if any), then it will be selected when the editor opens. If +it is a new codebase then it will be added and selected. Multiple URLs may also +be given with a single -codebase flag by separating them with spaces. In this +case, the last codebase given will be selected, and all will be added. If this +flag is given more than once, only the first is used. .SH EXAMPLES From aazores at redhat.com Wed Mar 12 13:38:33 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 12 Mar 2014 09:38:33 -0400 Subject: [rfc][icedtea-web][policyeditor] File Changed check In-Reply-To: <53203141.3060302@redhat.com> References: <531E1931.2020904@redhat.com> <53203141.3060302@redhat.com> Message-ID: <53206359.2000604@redhat.com> On 03/12/2014 06:04 AM, Jiri Vanek wrote: > On 03/10/2014 08:57 PM, Andrew Azores wrote: >> Hi, >> >> As promised, here's a patch that lets PolicyEditor detect when the >> policy file has been externally >> modified since it was opened, using MD5SumWatcher. >> >> ChangeLog: >> Added check for external file modification to PolicyEditor >> * netx/net/sourceforge/jnlp/resources/Messages.properties: >> (PEFileModified, >> PEFileModifiedDetail) new messages >> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: >> (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, >> savePolicyFile) use >> MD5SumWatcher to detect when the policy file has been externally >> modified. >> (updateMd5WithDialog) new method >> * >> tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: >> all URLs changed to example.com >> >> Thanks, >> > > final int response = updateMd5WithDialog(); > + switch (response) { > + case JOptionPane.YES_OPTION: > + openAndParsePolicyFile(); > + return; > + case JOptionPane.NO_OPTION: > + break; > + case JOptionPane.CANCEL_OPTION: > + return; > + default: > + break; > + } > > What happens with gui in case of yes? > > eg - I have something selected, click save, md5 warning jump out, I > click reload, underlyiing policy file reload, and my gui? Will the > selected boxes/ceodebases whatever remain as I have selected, or as it > in new file? Not sure what is better here - but probably to rest gui > to match new file. > Does it openAndParsePolicyFile ? > > If so ok to head.. > > Otherwise probbaly ok to head after answer. > > J. Yep, if you click "Yes to Reload", then the GUI (and internal representations) update to match what was read in the file. openAndParsePolicyFile() also updates the GUI as it goes along with parsing. "No" writes your current changes into the file without re-parsing the new file contents first, and "Cancel" just does nothing, so you can decide if you want to throw away your changes, or maybe save somewhere else, or whatever. Thanks, -- Andrew A From aazores at icedtea.classpath.org Wed Mar 12 13:43:46 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:43:46 +0000 Subject: /hg/icedtea-web: PolicyEditor external file change checking Message-ID: changeset 932c096d423c in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=932c096d423c author: Andrew Azores date: Wed Mar 12 09:43:36 2014 -0400 PolicyEditor external file change checking * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified, PEFileModifiedDetail) new messages * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (fileWatcher, openAndParsePolicyFile, savePolicyFile) update to use MD5SumWatcher to check if the file has changed externally since being opened * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: URLs changed to example.com diffstat: ChangeLog | 11 + netx/net/sourceforge/jnlp/resources/Messages.properties | 2 + netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 68 +++++++++- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java | 22 +- 4 files changed, 89 insertions(+), 14 deletions(-) diffs (247 lines): diff -r 78f6e65ed7b3 -r 932c096d423c ChangeLog --- a/ChangeLog Wed Mar 12 09:35:48 2014 -0400 +++ b/ChangeLog Wed Mar 12 09:43:36 2014 -0400 @@ -1,3 +1,14 @@ +2014-03-12 Andrew Azores + + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (PEFileModified, PEFileModifiedDetail) new messages + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (fileWatcher, openAndParsePolicyFile, savePolicyFile) update to use + MD5SumWatcher to check if the file has changed externally since being + opened + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: + URLs changed to example.com + 2014-03-12 Andrew Azores * netx/net/sourceforge/jnlp/resources/Messages.properties: diff -r 78f6e65ed7b3 -r 932c096d423c netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 12 09:35:48 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 12 09:43:36 2014 -0400 @@ -503,6 +503,8 @@ PEExitMenuItem=Exit PEViewMenu=View PECustomPermissionsItem=Custom Permissions... +PEFileModified=File Modification Warning +PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving? # Policy Editor CustomPolicyViewer PECPTitle=Custom Policy Viewer diff -r 78f6e65ed7b3 -r 932c096d423c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 12 09:35:48 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 12 09:43:36 2014 -0400 @@ -94,6 +94,7 @@ import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.FileUtils.OpenFileResult; +import net.sourceforge.jnlp.util.MD5SumWatcher; import net.sourceforge.jnlp.util.logging.OutputController; /** @@ -164,6 +165,7 @@ private final JFileChooser fileChooser; private CustomPolicyViewer cpViewer = null; private final WeakReference weakThis = new WeakReference(this); + private MD5SumWatcher fileWatcher; private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction, removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction; @@ -593,12 +595,25 @@ for (final ActionListener l : box.getActionListeners()) { box.removeActionListener(l); } - box.setSelected(codebasePermissionsMap.get(codebase).get(perm)); + initializeMapForCodebase(codebase); + final Map map = codebasePermissionsMap.get(codebase); + final boolean state; + if (map != null) { + final Boolean s = map.get(perm); + if (s != null) { + state = s; + } else { + state = false; + } + } else { + state = false; + } + box.setSelected(state); box.addActionListener(new ActionListener() { @Override public void actionPerformed(final ActionEvent e) { changesMade = true; - codebasePermissionsMap.get(codebase).put(perm, box.isSelected()); + map.put(perm, box.isSelected()); } }); } @@ -797,6 +812,10 @@ } final String contents; try { + fileWatcher = new MD5SumWatcher(file); + fileWatcher.update(); + // User-level policy files are expected to be short enough that loading them in as a String + // should not actually be *too* bad, and it's easy to work with. contents = FileUtils.loadFileAsString(file); } catch (final IOException e) { OutputController.getLogger().log(e); @@ -804,10 +823,12 @@ FileUtils.showCouldNotOpenDialog(weakThis.get(), R("PECouldNotOpen")); return; } + codebasePermissionsMap.clear(); + customPermissionsMap.clear(); // Split on newlines, both \r\n and \n style, for platform-independence final String[] lines = contents.split("\\r?\\n+"); String codebase = ""; - FileLock fileLock = null; + final FileLock fileLock; try { fileLock = FileUtils.getFileLock(file.getAbsolutePath(), false, true); } catch (final FileNotFoundException e) { @@ -828,13 +849,16 @@ openBlock = true; } + // Matches '};', the closing block delimiter, with any amount of whitespace on either side boolean commentLine = false; if (line.matches("\\s*\\};\\s*")) { openBlock = false; } + // Matches '/*', the start of a block comment if (line.matches(".*/\\*.*")) { commentBlock = true; } + // Matches '*/', the end of a block comment, and '//', a single-line comment if (line.matches(".*\\*/.*")) { commentBlock = false; } @@ -899,6 +923,28 @@ new Thread() { @Override public void run() { + try { + final int response = updateMd5WithDialog(); + switch (response) { + case JOptionPane.YES_OPTION: + openAndParsePolicyFile(); + return; + case JOptionPane.NO_OPTION: + break; + case JOptionPane.CANCEL_OPTION: + return; + default: + break; + } + } catch (final FileNotFoundException e) { + // File on disk has been somehow removed since we first checked. Attempt to save to it + // anyway then. If we can't, then the failure simply occurs later in this method + OutputController.getLogger().log(e); + } catch (final IOException e) { + OutputController.getLogger().log(e); + showCouldNotSaveDialog(); + return; + } final StringBuilder sb = new StringBuilder(); sb.append(AUTOGENERATED_NOTICE); sb.append("\n/* Generated by PolicyEditor at " + new SimpleDateFormat("yyyy-MM-dd HH:mm:ss") @@ -929,6 +975,7 @@ try { FileUtils.saveFile(sb.toString(), file); + fileWatcher.update(); changesMade = false; showChangesSavedDialog(); } catch (final IOException e) { @@ -964,6 +1011,21 @@ } /** + * Detect if the file's MD5 has changed. If so, track its new sum, and prompt the user on how to proceed + * @return the user's choice (Yes/No/Cancel - see JOptionPane constants). "No" if the file hasn't changed. + * @throws FileNotFoundException if the watched file does not exist + * @throws IOException if the file cannot be read + */ + public int updateMd5WithDialog() throws FileNotFoundException, IOException { + final boolean changed = fileWatcher.update(); + if (changed) { + return JOptionPane.showConfirmDialog(weakThis.get(), R("PEFileModifiedDetail", file.getCanonicalPath()), + R("PEFileModified"), JOptionPane.YES_NO_CANCEL_OPTION); + } + return JOptionPane.NO_OPTION; + } + + /** * Start a Policy Editor instance. * @param args "-file $FILENAME" and/or "-codebase $CODEBASE" are accepted flag/value pairs. * -file specifies a file path to be opened by the editor. If none is provided, the default diff -r 78f6e65ed7b3 -r 932c096d423c tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java Wed Mar 12 09:35:48 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java Wed Mar 12 09:43:36 2014 -0400 @@ -69,18 +69,18 @@ @Test public void testAddCodebase() throws Exception { - final String redHatUrlString = "http://redhat.com"; - editor.addNewCodebase(redHatUrlString); + final String urlString = "http://example.com"; + editor.addNewCodebase(urlString); final Collection codebases = editor.getCodebases(); assertTrue("Editor should have default codebase", codebases.contains("")); - assertTrue("Editor should have http://redhat.com", codebases.contains(redHatUrlString)); + assertTrue("Editor should have http://example.com", codebases.contains(urlString)); assertTrue("Editor should only have two codebases", codebases.size() == 2); } @Test public void addMultipleCodebases() throws Exception { final Set toAdd = new HashSet(); - toAdd.add("http://redhat.com"); + toAdd.add("http://example.com"); toAdd.add("http://icedtea.classpath.org"); editor.addNewCodebases(toAdd); final Collection codebases = editor.getCodebases(); @@ -132,8 +132,8 @@ @Test public void testDefaultPermissionsAllFalse() throws Exception { final Map defaultMap = editor.getPermissions(""); - editor.addNewCodebase("http://redhat.com"); - final Map addedMap = editor.getPermissions("http://redhat.com"); + editor.addNewCodebase("http://example.com"); + final Map addedMap = editor.getPermissions("http://example.com"); for (final Map.Entry entry : defaultMap.entrySet()) { assertFalse("Permission " + entry.getKey() + " should be false", entry.getValue()); } @@ -145,8 +145,8 @@ @Test public void testAllPermissionsRepresented() throws Exception { final Map defaultMap = editor.getPermissions(""); - editor.addNewCodebase("http://redhat.com"); - final Map addedMap = editor.getPermissions("http://redhat.com"); + editor.addNewCodebase("http://example.com"); + final Map addedMap = editor.getPermissions("http://example.com"); assertTrue("Default codebase permissions keyset should be the same size as enum values set", defaultMap.keySet().size() == PolicyEditorPermissions.values().length); assertTrue("Added codebase permissions keyset should be the same size as enum values set", @@ -175,7 +175,7 @@ @Test public void testArgsToMap() throws Exception { final String[] args = new String[] { - "-codebase", "http://redhat.com http://icedtea.classpath.org", + "-codebase", "http://example.com http://icedtea.classpath.org", "-file", "/tmp/some-policy-file.tmp", "-help" }; @@ -187,8 +187,8 @@ assertTrue("Value for -file should be /tmp/some-policy-file.tmp but was " + map.get("-file"), map.get("-file").equals("/tmp/some-policy-file.tmp")); assertTrue("Args map should contain codebase flag", map.containsKey("-codebase")); - assertTrue("Value for codebase flag should be \"http://redhat.com http://icedtea.classpath.org\" but was " + map.get("-codebase"), - map.get("-codebase").equals("http://redhat.com http://icedtea.classpath.org")); + assertTrue("Value for codebase flag should be \"http://example.com http://icedtea.classpath.org\" but was " + map.get("-codebase"), + map.get("-codebase").equals("http://example.com http://icedtea.classpath.org")); } } \ No newline at end of file From aazores at icedtea.classpath.org Wed Mar 12 13:47:07 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 12 Mar 2014 13:47:07 +0000 Subject: /hg/icedtea-web: PolicyEditor does not add duplicate visual code... Message-ID: changeset 9417633d1f86 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=9417633d1f86 author: Andrew Azores date: Wed Mar 12 09:46:59 2014 -0400 PolicyEditor does not add duplicate visual codebases * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (initializeMapForCodebase) returns boolean indicating if the given codebase already existed. (addNewCodebase) do not add codebases if they already exist diffstat: ChangeLog | 7 ++++ netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 17 +++++++-- 2 files changed, 20 insertions(+), 4 deletions(-) diffs (63 lines): diff -r 932c096d423c -r 9417633d1f86 ChangeLog --- a/ChangeLog Wed Mar 12 09:43:36 2014 -0400 +++ b/ChangeLog Wed Mar 12 09:46:59 2014 -0400 @@ -1,3 +1,10 @@ +2014-03-12 Andrew Azores + + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (initializeMapForCodebase) returns boolean indicating if the given + codebase already existed. (addNewCodebase) do not add codebases if they + already exist + 2014-03-12 Andrew Azores * netx/net/sourceforge/jnlp/resources/Messages.properties: diff -r 932c096d423c -r 9417633d1f86 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 12 09:43:36 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 12 09:46:59 2014 -0400 @@ -470,16 +470,18 @@ OutputController.getLogger().log(mfue); return; } - initializeMapForCodebase(codebase); + final boolean existingCodebase = initializeMapForCodebase(codebase); final String model; if (codebase.isEmpty()) { model = R("PEGlobalSettings"); } else { model = codebase; } - listModel.addElement(model); + if (!existingCodebase) { + listModel.addElement(model); + changesMade = true; + } list.setSelectedValue(model, true); - changesMade = true; } /** @@ -897,8 +899,13 @@ * Ensure that the model contains a specified mapping. No action is taken * if there already is a map with this key * @param codebase for which a permissions mapping is required + * @return true iff there was already an entry for this codebase */ - private void initializeMapForCodebase(final String codebase) { + private boolean initializeMapForCodebase(final String codebase) { + if (codebasePermissionsMap.containsKey(codebase) || customPermissionsMap.containsKey(codebase)) { + return true; + } + if (codebasePermissionsMap.get(codebase) == null) { final Map map = new HashMap(); for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { @@ -911,6 +918,8 @@ final Set set = new HashSet(); customPermissionsMap.put(codebase, set); } + + return false; } /** From ptisnovs at redhat.com Wed Mar 12 14:08:07 2014 From: ptisnovs at redhat.com (Pavel Tisnovsky) Date: Wed, 12 Mar 2014 10:08:07 -0400 (EDT) Subject: [rfc][icedtea-web] /bin/bash check for configure time Re: [rfc][icedtea-web] have bash in shebang instead of sh or get rid of bashism In-Reply-To: <5319A495.7090601@redhat.com> References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com> <531734B5.9040105@redhat.com> <5319A495.7090601@redhat.com> Message-ID: <1580005764.18810616.1394633287615.JavaMail.zimbra@redhat.com> Hi Jiri, looks good (at least at this moment :), ok for head. Thank you, Pavel ----- Jiri Vanek wrote: > On 03/05/2014 03:29 PM, Jiri Vanek wrote: > > On 03/04/2014 11:22 PM, Andrew Azores wrote: > >> On 02/26/2014 10:47 AM, Jiri Vanek wrote: > >>> After short discussion with Omair, we agreed that this > >>> > >>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 > >>> > >>> IS probably better then get rid of bashism completely. > >>> > >>> So I would like to forward-port this patch to head. > >>> > >>> ok? > >> > >> Fine by me. > >> > >> Thanks, > >> > > > > Thanx. Pushed. > > > > The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect > > windows. Actually I have no idea how windows are building ITW :( > > > > J. > > > > Well /bin/bash is used also for generation of htmls. So this is really needed. > > J. > From aazores at redhat.com Wed Mar 12 15:29:07 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 12 Mar 2014 11:29:07 -0400 Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy Message-ID: <53207D43.8030806@redhat.com> Hi, This patch adds a method to JNLPRuntime to allow the Policy object to be refreshed, and adds logic to the JNLPPolicy class (of which the runtime's Policy reference is an instance) to: 1) be able to refresh its permissions from the user's policy file 2) read from the policy file on a per-codebase basis, not only per applet JAR location It also adds logic to JNLPClassLoader.SecurityDelegate to call the new JNLPRuntime method when the applet is to be run sandboxed, to ensure that this is done with the current policy, not an older cached copy in case there have been changes since the JVM was started. These changes are in support of later patches which will add a way to launch PolicyEditor from the fully and partially signed applet warning dialogs. Without the ability to refresh, the JVM needs to be restarted before those changes can take effect, which is not good for usability (users have to restart their browser). Without the ability to actually check by codebase rather than full JAR url, the user policy files will be much more complex than planned, and for users to set custom permission levels per-applet will be much more difficult to use. Manual testing: (with patch applied) 1) Ensure your policy file is either empty or at least does not contain an entry to match the test applet 2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed 3) Verify that the applet may not print nor save. Close the applet but do not exit the browser. 4) Add the following to your policy file: grant codeBase "http://caff.de/applettest/" { permission java.lang.RuntimePermission "queuePrintJob"; permission java.util.PropertyPermission "*", "read"; }; 5) Without closing your browser, restart the applet (refresh the page, or open a new tab and visit again) 6) Verify that the applet may now cause a print dialog to appear, but still cannot save files With patch not applied, granting the applet codebase these permissions does not work, so grant the same permissions but to all applets. Check that making this change to the policy file without restarting the JVM does not actually grant the permissions to the applet, and restarting the JVM does grant them. Automated testing: Working on it, but not sure if it's actually doable. I need a way to keep the JVM running between runs of an applet, which I don't know if we can do. Any ideas? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: runtime-policy-refresh.patch Type: text/x-patch Size: 3214 bytes Desc: not available URL: From jvanek at redhat.com Wed Mar 12 15:34:38 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 16:34:38 +0100 Subject: [rfc][icedtea-web][policyeditor] File Changed check In-Reply-To: <53206359.2000604@redhat.com> References: <531E1931.2020904@redhat.com> <53203141.3060302@redhat.com> <53206359.2000604@redhat.com> Message-ID: <53207E8E.2050602@redhat.com> On 03/12/2014 02:38 PM, Andrew Azores wrote: > On 03/12/2014 06:04 AM, Jiri Vanek wrote: >> On 03/10/2014 08:57 PM, Andrew Azores wrote: >>> Hi, >>> >>> As promised, here's a patch that lets PolicyEditor detect when the policy file has been externally >>> modified since it was opened, using MD5SumWatcher. >>> >>> ChangeLog: >>> Added check for external file modification to PolicyEditor >>> * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified, >>> PEFileModifiedDetail) new messages >>> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: >>> (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use >>> MD5SumWatcher to detect when the policy file has been externally modified. >>> (updateMd5WithDialog) new method >>> * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java: >>> all URLs changed to example.com >>> >>> Thanks, >>> >> >> final int response = updateMd5WithDialog(); >> + switch (response) { >> + case JOptionPane.YES_OPTION: >> + openAndParsePolicyFile(); >> + return; >> + case JOptionPane.NO_OPTION: >> + break; >> + case JOptionPane.CANCEL_OPTION: >> + return; >> + default: >> + break; >> + } >> >> What happens with gui in case of yes? >> >> eg - I have something selected, click save, md5 warning jump out, I click reload, underlyiing >> policy file reload, and my gui? Will the selected boxes/ceodebases whatever remain as I have >> selected, or as it in new file? Not sure what is better here - but probably to rest gui to match >> new file. >> Does it openAndParsePolicyFile ? >> >> If so ok to head.. >> >> Otherwise probbaly ok to head after answer. >> >> J. > > Yep, if you click "Yes to Reload", then the GUI (and internal representations) update to match what > was read in the file. openAndParsePolicyFile() also updates the GUI as it goes along with parsing. > "No" writes your current changes into the file without re-parsing the new file contents first, and > "Cancel" just does nothing, so you can decide if you want to throw away your changes, or maybe save > somewhere else, or whatever. > > Thanks, > Keep it simple. ook to go. From aazores at redhat.com Wed Mar 12 15:36:57 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 12 Mar 2014 11:36:57 -0400 Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check Message-ID: <53207F19.7000903@redhat.com> Hi, Just noticed that there are conditions where an NPE will occur due to the new filechanged check. Steps to reproduce: 1) launch policyeditor with no arguments 2) create some set of permissions, eg Print Documents only, doesn't really matter so long as you make at least one change 3) press Apply 4) attempt to save the policy file to any location eg $HOME/test.policy 5) NPE will occur because there is no MD5SumWatcher reference, since no policy file was ever opened first 5b) file fails to save With the patch applied, 5/5b does not occur, and instead the flow completes as expected with a "Changes saved" message, and the file can be verified as written to disk. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-filechanged-npe.patch Type: text/x-patch Size: 1234 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:46:16 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:46:16 +0000 Subject: [Bug 1699] New: [IcedTea7] Supporting building the SunEC provider with system NSS Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699 Bug ID: 1699 Summary: [IcedTea7] Supporting building the SunEC provider with system NSS Product: IcedTea Version: 7-hg Hardware: all OS: All Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org The SunEC provider contains code duplicated from NSS. The OpenJDK build should allow this to be replaced by the system installation. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:47:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:47:05 +0000 Subject: [Bug 1699] [IcedTea7] Supporting building the SunEC provider with system NSS In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Blocks| |1284 Target Milestone|--- |2.5.0 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:47:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:47:05 +0000 Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |1699 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:47:51 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:47:51 +0000 Subject: [Bug 1286] [IcedTea7] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1286 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |LATER --- Comment #2 from Andrew John Hughes --- Memory leaks make this currently unfeasible: http://bugs.sun.com/view_bug.do?bug_id=6913047 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:47:53 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:47:53 +0000 Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284 Bug 1284 depends on bug 1286, which changed state. Bug 1286 Summary: [IcedTea7] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1286 What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |LATER -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:48:43 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:48:43 +0000 Subject: [Bug 1287] [IcedTea8] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1287 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |LATER --- Comment #2 from Andrew John Hughes --- Memory leaks make this currently unfeasible: http://bugs.sun.com/view_bug.do?bug_id=6913047 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 12 15:48:44 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 12 Mar 2014 15:48:44 +0000 Subject: [Bug 1282] [TRACKER] IcedTea 3.0.0pre1 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1282 Bug 1282 depends on bug 1287, which changed state. Bug 1287 Summary: [IcedTea8] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1287 What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |LATER -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From stefan.reich.maker.of.eye at googlemail.com Wed Mar 12 15:52:33 2014 From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich) Date: Wed, 12 Mar 2014 16:52:33 +0100 Subject: How to have WebStart create start menu items (on Linux)? In-Reply-To: References: Message-ID: OK, nobody knows... oh well ^^ Nevermind... Cheers, Stefan On Sun, Mar 9, 2014 at 4:03 PM, Stefan Reich < stefan.reich.maker.of.eye at googlemail.com> wrote: > I have successfully deployed a WebStart app on both Windows and IcedTea. > > Just about the only thing I'm missing (- apart from a certificate from a > CA that I can afford - ) is to place entries in the start menu. > > It's Peppermint Linux, so the application in question is lxpanel I believe. > > I have always found the way that lxpanel collects its applications to be > intellectually quite unpenetrable. > > But anyways - WebStart/IcedTea should be able to do it, right? I am > getting a desktop short cut alright, just none in the start menu. > > Here's my JNLP file: http://tinybrain.de:8080/webstart/webstart.jnlp > > Many greetings, > Stefan > > And here's a copy: > > > > spec="6.0+" > codebase="http://tinybrain.de:8080/webstart" > href="webstart.jnlp"> > > TinyBrain - a brain for your computer > TinyBrain.de (Stefan Reich) > > A brain for your computer that can talk. > > > > > > > > > > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From omajid at redhat.com Wed Mar 12 16:04:30 2014 From: omajid at redhat.com (Omair Majid) Date: Wed, 12 Mar 2014 12:04:30 -0400 Subject: How to have WebStart create start menu items (on Linux)? In-Reply-To: References: Message-ID: <20140312160430.GG2062@redhat.com> Hi, * Stefan Reich [2014-03-09 11:13]: > I have successfully deployed a WebStart app on both Windows and IcedTea. Good to hear! > Just about the only thing I'm missing (- apart from a certificate from a CA > that I can afford - ) is to place entries in the start menu. > > But anyways - WebStart/IcedTea should be able to do it, right? I am getting a > desktop short cut alright, just none in the start menu. I think this feature is currently un-implemented [1]. If you can provide patches, I am sure we will try and incorporate them. The implementation of menus is described in the Desktop Menu Specification [2]. Thanks, Omair [1] http://icedtea.classpath.org/hg/icedtea-web/file/9417633d1f86/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java#l164 [2] http://standards.freedesktop.org/menu-spec/menu-spec-1.0.html -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at icedtea.classpath.org Wed Mar 12 16:34:32 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Wed, 12 Mar 2014 16:34:32 +0000 Subject: /hg/icedtea-web: added configure check for /bin/bash Message-ID: changeset e53adc254895 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=e53adc254895 author: Jiri Vanek date: Wed Mar 12 17:34:10 2014 +0100 added configure check for /bin/bash diffstat: ChangeLog | 4 ++++ configure.ac | 5 +++++ netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java | 1 + 3 files changed, 10 insertions(+), 0 deletions(-) diffs (37 lines): diff -r 9417633d1f86 -r e53adc254895 ChangeLog --- a/ChangeLog Wed Mar 12 09:46:59 2014 -0400 +++ b/ChangeLog Wed Mar 12 17:34:10 2014 +0100 @@ -1,3 +1,7 @@ +2014-03-12 Jiri Vanek + + * configure.ac: added check for /bin/bash + 2014-03-12 Andrew Azores * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: diff -r 9417633d1f86 -r e53adc254895 configure.ac --- a/configure.ac Wed Mar 12 09:46:59 2014 -0400 +++ b/configure.ac Wed Mar 12 17:34:10 2014 +0100 @@ -27,6 +27,11 @@ AM_CONDITIONAL([ENABLE_DOCS], [test x$ENABLE_DOCS = xyes]) AC_MSG_RESULT(${ENABLE_DOCS}) +AC_PATH_PROG([BIN_BASH], [bash],, [/bin]) +if test x"$BIN_BASH" = x ; then + AC_MSG_ERROR([/bin/bash is used in runtime and for about generation. Dying sooner rather then later]) +fi + IT_CHECK_WITH_GCJ FIND_TOOL([ZIP], [zip]) FIND_JAVAC diff -r 9417633d1f86 -r e53adc254895 netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java --- a/netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java Wed Mar 12 09:46:59 2014 -0400 +++ b/netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java Wed Mar 12 17:34:10 2014 +0100 @@ -112,6 +112,7 @@ if (resources != null) { for (URL url : resources) { result.addProgressPanel(url, null); + } } From aph at redhat.com Wed Mar 12 16:42:40 2014 From: aph at redhat.com (Andrew Haley) Date: Wed, 12 Mar 2014 16:42:40 +0000 Subject: AArch64: We have a release Message-ID: <53208E80.3090008@redhat.com> We at the AArch64 Port Project are pleased to announce the first release of OpenJDK on the Linux/AArch64 platform. It is the first implementation of the Java platform to be made available for this processor architecture. For those who haven't heard: AArch64 is the latest architecture from ARM. It is an entirely new instruction set, not compatible with the earlier generation of 32-bit ARM processors, so we need a new OpenJDK port for it. This is a complete port, with template interpreter and client and server JIT compilers. We have JDK8 and JDK7 versions available for download now. It will shortly be included in Fedora for AArch64. It is, of course, entirely free software, available under the GPL. Source bundles are available from http://icedtea.wildebeest.org/download/source/aarch64-port-jdk7u60-aarch64-831-b04.tar.xz http://icedtea.wildebeest.org/download/source/aarch64-port-jdk8-aarch64-992-b128.tar.xz We will now to make plans to integrate this port with the main OpenJDK project. Credit where credit is due: We started this work at Red Hat almost two years ago with two Red Hat engineers, Andrew Haley and Andrew Dinn. It became an OpenJDK project and we were joined by Linaro, who have been extremely helpful with testing, bug fixing, and keeping up with OpenJDK's continuous updates. Many people have helped, but in particular I'd like to thank Edward Nevill for his support and tireless work. Of course the work will go on: there is performance tuning to be done on real hardware and we need to do a lot more real-world testing. In particular, we haven't yet done work to optimize HotSpot for the Advanced SIMD and Cryptography units. If you are interested in working on this exciting project or if you just want to chat about it, come over to aarch64-port-dev at openjdk.java.net . Andrew Haley OpenJDK AArch64 port Project Lead From jvanek at redhat.com Wed Mar 12 17:42:22 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 18:42:22 +0100 Subject: AArch64: We have a release In-Reply-To: <53208E80.3090008@redhat.com> References: <53208E80.3090008@redhat.com> Message-ID: <53209C7E.4040602@redhat.com> Hi All! I wont to add, that RPMS for fedora are built and downloadable on http://icedtea.wildebeest.org/download/fedora/ They have a bit strange name, but basically they are built on same tags as below source tarballs. Those are also pushed in fedora (rawhide) git (with sources in cache) so you can rebuild. *java-1.7.0-openjdk* http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-1.7.0.60-2.5.0.10.pre02.sa1.1.src.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-accessibility-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-debuginfo-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-demo-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-devel-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-headless-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-src-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm *java-1.8.0-openjdk* http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-1.8.0.0-0.34.b132.sa1.1.src.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-accessibility-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-debuginfo-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-demo-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-devel-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-headless-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-src-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm J. On 03/12/2014 05:42 PM, Andrew Haley wrote: > We at the AArch64 Port Project are pleased to announce the first > release of OpenJDK on the Linux/AArch64 platform. It is the first > implementation of the Java platform to be made available for this > processor architecture. > > For those who haven't heard: AArch64 is the latest architecture from > ARM. It is an entirely new instruction set, not compatible with the > earlier generation of 32-bit ARM processors, so we need a new OpenJDK > port for it. > > This is a complete port, with template interpreter and client and > server JIT compilers. We have JDK8 and JDK7 versions available for > download now. It will shortly be included in Fedora for AArch64. > It is, of course, entirely free software, available under the GPL. > > Source bundles are available from > http://icedtea.wildebeest.org/download/source/aarch64-port-jdk7u60-aarch64-831-b04.tar.xz > http://icedtea.wildebeest.org/download/source/aarch64-port-jdk8-aarch64-992-b128.tar.xz > > We will now to make plans to integrate this port with the main OpenJDK > project. > > Credit where credit is due: > > We started this work at Red Hat almost two years ago with two Red Hat > engineers, Andrew Haley and Andrew Dinn. It became an OpenJDK project > and we were joined by Linaro, who have been extremely helpful with > testing, bug fixing, and keeping up with OpenJDK's continuous updates. > Many people have helped, but in particular I'd like to thank Edward > Nevill for his support and tireless work. > > Of course the work will go on: there is performance tuning to be done > on real hardware and we need to do a lot more real-world testing. In > particular, we haven't yet done work to optimize HotSpot for the > Advanced SIMD and Cryptography units. If you are interested in > working on this exciting project or if you just want to chat about it, > come over to aarch64-port-dev at openjdk.java.net . > > Andrew Haley > OpenJDK AArch64 port Project Lead > From jvanek at redhat.com Wed Mar 12 18:02:47 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 12 Mar 2014 19:02:47 +0100 Subject: [rfc][icedtea-web] fixing downlaod inidcator Message-ID: <5320A147.1070505@redhat.com> hi! I noted that push 832 have make download indicator not show-able. On eof those small patches does fix it. One is worse, but harmless. Second is probably right but is affecting a lot. Generally speaking - calling get attribute is blocking until the jar is downloaded. So well the setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do. Non of those fixes is breaking unittest. The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: doNotUseGetTitleuseGetTitleFromJnlpRather.patch Type: text/x-patch Size: 898 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: setForAttributesLoaderAfterResourcesInitialise.patch Type: text/x-patch Size: 780 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: tests.patch Type: text/x-patch Size: 2183 bytes Desc: not available URL: From aazores at redhat.com Wed Mar 12 18:34:37 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 12 Mar 2014 14:34:37 -0400 (EDT) Subject: [rfc][icedtea-web] fixing downlaod inidcator In-Reply-To: <5320A147.1070505@redhat.com> References: <5320A147.1070505@redhat.com> Message-ID: <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com> What is "a lot" being affected by the second patch? Anyway, patches look fine I think. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "IcedTea Distro List" Sent: Wednesday, March 12, 2014 2:02:47 PM Subject: [rfc][icedtea-web] fixing downlaod inidcator hi! I noted that push 832 have make download indicator not show-able. On eof those small patches does fix it. One is worse, but harmless. Second is probably right but is affecting a lot. Generally speaking - calling get attribute is blocking until the jar is downloaded. So well the setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do. Non of those fixes is breaking unittest. The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry. J. From jvanek at redhat.com Thu Mar 13 07:10:04 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 08:10:04 +0100 Subject: [rfc][icedtea-web] fixing downlaod inidcator In-Reply-To: <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com> References: <5320A147.1070505@redhat.com> <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com> Message-ID: <532159CC.8080406@redhat.com> On 03/12/2014 07:34 PM, Andrew Azores wrote: > What is "a lot" being affected by the second patch? Anyway, patches look fine I think. > Bad wording. It mean that all calls to get manifests' attributes before the resources are initialised will return "undefined". But thats probably the right thing anyway. > Thanks, > > Andrew A > > ----- Original Message ----- > From: "Jiri Vanek" > To: "IcedTea Distro List" > Sent: Wednesday, March 12, 2014 2:02:47 PM > Subject: [rfc][icedtea-web] fixing downlaod inidcator > > hi! > > I noted that push 832 have make download indicator not show-able. > > On eof those small patches does fix it. > > One is worse, but harmless. Second is probably right but is affecting a lot. > > > Generally speaking - calling get attribute is blocking until the jar is downloaded. So well the > setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do. > > > Non of those fixes is breaking unittest. > The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry. > > J. > From jvanek at redhat.com Thu Mar 13 07:11:52 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 08:11:52 +0100 Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check In-Reply-To: <53207F19.7000903@redhat.com> References: <53207F19.7000903@redhat.com> Message-ID: <53215A38.5080801@redhat.com> On 03/12/2014 04:36 PM, Andrew Azores wrote: > Hi, > > Just noticed that there are conditions where an NPE will occur due to the new filechanged check. > Steps to reproduce: > 1) launch policyeditor with no arguments > 2) create some set of permissions, eg Print Documents only, doesn't really matter so long as you > make at least one change > 3) press Apply > 4) attempt to save the policy file to any location eg $HOME/test.policy > 5) NPE will occur because there is no MD5SumWatcher reference, since no policy file was ever opened > first > 5b) file fails to save > > With the patch applied, 5/5b does not occur, and instead the flow completes as expected with a > "Changes saved" message, and the file can be verified as written to disk. > > Thanks, I'm missing the creation of fileWatcher *after* the file is saved now. J. From jvanek at redhat.com Thu Mar 13 07:29:07 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 08:29:07 +0100 Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy In-Reply-To: <53207D43.8030806@redhat.com> References: <53207D43.8030806@redhat.com> Message-ID: <53215E43.80703@redhat.com> On 03/12/2014 04:29 PM, Andrew Azores wrote: The idea and code looks ok, but I have an fault in mind: When some applet is already running - and have some permissions already. You visit new applet, set different permissions for it and you reload the permissions, will not the running applet be affected by those new too? When they do not share match in codebases, that probably do not hurt, but if they do? The possible fix may be permissions per classloader. It would be probably right thing, but it scares me. > Hi, > > This patch adds a method to JNLPRuntime to allow the Policy object to be refreshed, and adds logic > to the JNLPPolicy class (of which the runtime's Policy reference is an instance) to: > 1) be able to refresh its permissions from the user's policy file > 2) read from the policy file on a per-codebase basis, not only per applet JAR location > > It also adds logic to JNLPClassLoader.SecurityDelegate to call the new JNLPRuntime method when the > applet is to be run sandboxed, to ensure that this is done with the current policy, not an older > cached copy in case there have been changes since the JVM was started. > > These changes are in support of later patches which will add a way to launch PolicyEditor from the > fully and partially signed applet warning dialogs. Without the ability to refresh, the JVM needs to > be restarted before those changes can take effect, which is not good for usability (users have to > restart their browser). Without the ability to actually check by codebase rather than full JAR url, > the user policy files will be much more complex than planned, and for users to set custom permission > levels per-applet will be much more difficult to use. > > Manual testing: > > (with patch applied) > 1) Ensure your policy file is either empty or at least does not contain an entry to match the test > applet > 2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed > 3) Verify that the applet may not print nor save. Close the applet but do not exit the browser. > 4) Add the following to your policy file: > > grant codeBase "http://caff.de/applettest/" { > permission java.lang.RuntimePermission "queuePrintJob"; > permission java.util.PropertyPermission "*", "read"; > }; > > 5) Without closing your browser, restart the applet (refresh the page, or open a new tab and visit > again) > 6) Verify that the applet may now cause a print dialog to appear, but still cannot save files > > With patch not applied, granting the applet codebase these permissions does not work, so grant the > same permissions but to all applets. Check that making this change to the policy file without > restarting the JVM does not actually grant the permissions to the applet, and restarting the JVM > does grant them. > > Automated testing: > Working on it, but not sure if it's actually doable. I need a way to keep the JVM running between > runs of an applet, which I don't know if we can do. Any ideas? > > Thanks, > From jvanek at redhat.com Thu Mar 13 08:21:24 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 09:21:24 +0100 Subject: [rfc][icedtea-web] remove rare deadlock in logging console Message-ID: <53216A84.4090701@redhat.com> I think this synchronisation is redundant. If not, then maybe invokeLater should become invokeAndWait? But it is locking too... Also, the importList is synchronized in only model-touching block[1]. So this really should be ok to go. Only case where I have seen the deadlock occur is in elluminate with CONSOLE ON and VISIBLE, It appeared in aprox 1/3 of cases. It did not appeared after the fix. Anyway - anybody who is running head - may you try to run apps (and elluminat wit/without fix) with cosnole on and visibele for a while? J [0]here is whole block: /** * when various threads update (and it can be)underlying jeditorpane * simultanouskly, then it can lead to unpredictible issues synchroisation * is doen in invoe later */ private AtomicBoolean done = new AtomicBoolean(true); private synchronized void updatePane(final boolean reset) { if (!done.get()) { return; } done.set(false); java.awt.EventQueue.invokeLater(new Runnable() { @Override public void run() { try { refreshPaneBody(reset); } catch (Exception ex) { OutputController.getLogger().log(ex); } finally { done.set(true); } } }); } private void refreshPaneBody(final boolean reset) throws BadLocationException, IOException { if (reset) { jEditorPane1.setText(model.importList(0)); } else { .... [1] String importList(boolean mark, int start, int sortByLocal) { int added = start; StringBuilder sb = new StringBuilder(); if (mark) { sb.append("
"); } List sortedList; synchronized (dataProvider.getData()) { if (start == 0) { sortedList = preSort(dataProvider.getData(), sortByLocal); } else { sortedList = preSort(Collections.synchronizedList(dataProvider.getData().subList(start, dataProvider.getData().size())), sortByLocal); } } .... -------------- next part -------------- A non-text attachment was scrubbed... Name: removePotentialDeadlock.patch Type: text/x-patch Size: 628 bytes Desc: not available URL: From ptisnovs at icedtea.classpath.org Thu Mar 13 08:49:58 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 13 Mar 2014 08:49:58 +0000 Subject: /hg/rhino-tests: Enhancements of various tests in ScriptEngineFa... Message-ID: changeset 7a653bbdeeec in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=7a653bbdeeec author: Pavel Tisnovsky date: Thu Mar 13 09:50:36 2014 +0100 Enhancements of various tests in ScriptEngineFactoryClassTest. diffstat: ChangeLog | 5 + src/org/RhinoTests/ScriptEngineFactoryClassTest.java | 72 ++++++++++++++++++++ 2 files changed, 77 insertions(+), 0 deletions(-) diffs (129 lines): diff -r bdfcaa390fb9 -r 7a653bbdeeec ChangeLog --- a/ChangeLog Wed Mar 12 12:42:16 2014 +0100 +++ b/ChangeLog Thu Mar 13 09:50:36 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-13 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: + Enhancements of various tests in ScriptEngineFactoryClassTest. + 2014-03-12 Pavel Tisnovsky * src/org/RhinoTests/InvocableClassTest.java: diff -r bdfcaa390fb9 -r 7a653bbdeeec src/org/RhinoTests/ScriptEngineFactoryClassTest.java --- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Wed Mar 12 12:42:16 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Thu Mar 13 09:50:36 2014 +0100 @@ -1624,6 +1624,14 @@ } try { + this.scriptEngineFactoryClass.cast(Character.valueOf('a')); + throw new AssertionError("Class.cast(Character.valueOf('a')) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(Byte.valueOf((byte)42)); throw new AssertionError("Class.cast(Byte.valueOf((byte)42)) does not throw any exception"); } @@ -1680,6 +1688,14 @@ } try { + this.scriptEngineFactoryClass.cast(new Throwable("xyzzy")); + throw new AssertionError("Class.cast(new Throwable(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(new RuntimeException()); throw new AssertionError("Class.cast(new RuntimeException()) does not throw any exception"); } @@ -1688,6 +1704,14 @@ } try { + this.scriptEngineFactoryClass.cast(new RuntimeException("xyzzy")); + throw new AssertionError("Class.cast(new RuntimeException(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(new Error()); throw new AssertionError("Class.cast(new Error()) does not throw any exception"); } @@ -1696,6 +1720,22 @@ } try { + this.scriptEngineFactoryClass.cast(new Error("xyzzy")); + throw new AssertionError("Class.cast(new Error(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptEngineFactoryClass.cast(new java.io.File("xyzzy")); + throw new AssertionError("Class.cast(new java.io.File(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(new java.lang.String()); throw new AssertionError("Class.cast(new java.lang.String()) does not throw any exception"); } @@ -1744,6 +1784,30 @@ } try { + this.scriptEngineFactoryClass.cast(new java.awt.Label()); + throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptEngineFactoryClass.cast(new java.awt.Label(new String())); + throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptEngineFactoryClass.cast(new java.awt.Label("xyzzy")); + throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(new javax.swing.JLabel()); throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception"); } @@ -1760,6 +1824,14 @@ } try { + this.scriptEngineFactoryClass.cast(new javax.swing.JLabel("xyzzy")); + throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineFactoryClass.cast(new javax.swing.JPanel()); throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception"); } From ptisnovs at icedtea.classpath.org Thu Mar 13 08:52:12 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 13 Mar 2014 08:52:12 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBltAffineQuadrantRotat... Message-ID: changeset 402bff2be904 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=402bff2be904 author: Pavel Tisnovsky date: Thu Mar 13 09:52:52 2014 +0100 Ten new tests added into BitBltAffineQuadrantRotateTransformOp.java. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java | 112 ++++++++++ 2 files changed, 117 insertions(+), 0 deletions(-) diffs (134 lines): diff -r 3db247628ff9 -r 402bff2be904 ChangeLog --- a/ChangeLog Wed Mar 12 12:37:42 2014 +0100 +++ b/ChangeLog Thu Mar 13 09:52:52 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-13 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: + Ten new tests added into BitBltAffineQuadrantRotateTransformOp.java. + 2014-03-12 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: diff -r 3db247628ff9 -r 402bff2be904 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Wed Mar 12 12:37:42 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Thu Mar 13 09:52:52 2014 +0100 @@ -781,6 +781,118 @@ } /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR. * * @param image From aazores at redhat.com Thu Mar 13 13:49:19 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 09:49:19 -0400 Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy In-Reply-To: <53215E43.80703@redhat.com> References: <53207D43.8030806@redhat.com> <53215E43.80703@redhat.com> Message-ID: <5321B75F.4090002@redhat.com> On 03/13/2014 03:29 AM, Jiri Vanek wrote: > On 03/12/2014 04:29 PM, Andrew Azores wrote: > > The idea and code looks ok, but I have an fault in mind: > > When some applet is already running - and have some permissions > already. You visit new applet, set different permissions for it and > you reload the permissions, will not the running applet be affected by > those new too? > > When they do not share match in codebases, that probably do not hurt, > but if they do? > > The possible fix may be permissions per classloader. It would be > probably right thing, but it scares me. This doesn't sound so bad to me. The next time you restart your already running applet it will have those permissions anyway, unless you're trying to be tricky and set the permissions for the second applet only while it runs, and want to leave the long-running one alone. But this sounds like the user is just asking for trouble at that point. Besides, the JNLPPolicy also does work with applet JAR URLs, so if you really are in this situation for some reason, you can use that mechanism to provide control over the second shorter lived applet as well. You just can't use PolicyEditor to do it. > >> >> Manual testing: >> >> (with patch applied) >> 1) Ensure your policy file is either empty or at least does not >> contain an entry to match the test >> applet >> 2) Visit http://caff.de/applettest/Signed.html and run the applet >> sandboxed >> 3) Verify that the applet may not print nor save. Close the applet >> but do not exit the browser. >> 4) Add the following to your policy file: >> >> grant codeBase "http://caff.de/applettest/" { >> permission java.lang.RuntimePermission "queuePrintJob"; >> permission java.util.PropertyPermission "*", "read"; >> }; >> >> 5) Without closing your browser, restart the applet (refresh the >> page, or open a new tab and visit >> again) >> 6) Verify that the applet may now cause a print dialog to appear, but >> still cannot save files >> Also forgot to mention here - you need extended security set to Low. Forcing Sandbox sets the classloader security to Sandbox, but the applet is correctly requesting All-permissions. Any security level above Low will create a LaunchException because of this, due to checkPermissionsAttribute(). IMO this seems like fairly reasonable behaviour, although maybe there could also be a check in checkPermissionsAttribute() for this - if classloader's security level is Sandbox, it's only fatal if the SecurityDelegate does not say that we are running in sandbox on purpose? Need your input since permissions attribute is your work. This is only tangentially related though, perhaps it deserves its own new discussion thread. Thanks, -- Andrew A From aazores at redhat.com Thu Mar 13 13:52:16 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 09:52:16 -0400 Subject: [rfc][icedtea-web] fixing downlaod inidcator In-Reply-To: <532159CC.8080406@redhat.com> References: <5320A147.1070505@redhat.com> <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com> <532159CC.8080406@redhat.com> Message-ID: <5321B810.8050801@redhat.com> On 03/13/2014 03:10 AM, Jiri Vanek wrote: > On 03/12/2014 07:34 PM, Andrew Azores wrote: >> What is "a lot" being affected by the second patch? Anyway, patches >> look fine I think. >> > > Bad wording. It mean that all calls to get manifests' attributes > before the resources are initialised will return "undefined". > > But thats probably the right thing anyway. > > That sounds correct to me. OK to push then. Thanks, -- Andrew A From aazores at redhat.com Thu Mar 13 13:58:54 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 09:58:54 -0400 Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check In-Reply-To: <53215A38.5080801@redhat.com> References: <53207F19.7000903@redhat.com> <53215A38.5080801@redhat.com> Message-ID: <5321B99E.6000405@redhat.com> On 03/13/2014 03:11 AM, Jiri Vanek wrote: > On 03/12/2014 04:36 PM, Andrew Azores wrote: >> Hi, >> >> Just noticed that there are conditions where an NPE will occur due to >> the new filechanged check. >> Steps to reproduce: >> 1) launch policyeditor with no arguments >> 2) create some set of permissions, eg Print Documents only, doesn't >> really matter so long as you >> make at least one change >> 3) press Apply >> 4) attempt to save the policy file to any location eg $HOME/test.policy >> 5) NPE will occur because there is no MD5SumWatcher reference, since >> no policy file was ever opened >> first >> 5b) file fails to save >> >> With the patch applied, 5/5b does not occur, and instead the flow >> completes as expected with a >> "Changes saved" message, and the file can be verified as written to >> disk. >> >> Thanks, > > I'm missing the creation of fileWatcher *after* the file is saved now. > > > J. > Thanks for catching that. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-filechanged-npe-2.patch Type: text/x-patch Size: 1307 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Thu Mar 13 14:08:45 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 13 Mar 2014 14:08:45 +0000 Subject: [Bug 1498] Allow Root to attach to all VMs In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1498 Severin Gehwolf changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|1460 | -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Thu Mar 13 14:54:09 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 10:54:09 -0400 Subject: [rfc][icedtea-web] remove rare deadlock in logging console In-Reply-To: <53216A84.4090701@redhat.com> References: <53216A84.4090701@redhat.com> Message-ID: <5321C691.7010004@redhat.com> On 03/13/2014 04:21 AM, Jiri Vanek wrote: > I think this synchronisation is redundant. > If not, then maybe invokeLater should become invokeAndWait? But it is > locking too... > Also, the importList is synchronized in only model-touching block[1]. > > So this really should be ok to go. > > > Only case where I have seen the deadlock occur is in elluminate with > CONSOLE ON and VISIBLE, It appeared in aprox 1/3 of cases. > It did not appeared after the fix. Anyway - anybody who is running > head - may you try to run apps (and elluminat wit/without fix) with > cosnole on and visibele for a while? > > J > Makes sense to me, and using elluminate as a test case seems to show that this does fix the deadlock. OK to push. Thanks, -- Andrew A From jvanek at icedtea.classpath.org Thu Mar 13 15:44:11 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Thu, 13 Mar 2014 15:44:11 +0000 Subject: /hg/icedtea-web: 3 new changesets Message-ID: changeset c20c689ba9ff in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=c20c689ba9ff author: Jiri Vanek date: Thu Mar 13 16:34:01 2014 +0100 JNLPClassLoader.java: (init) attributes are alowed to access jars only once all resources are downloaded changeset fdcb91be0d58 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fdcb91be0d58 author: Jiri Vanek date: Thu Mar 13 16:39:04 2014 +0100 Fixing rear deadlock issue ConsoleOutputPane.java: removed (probably) unnecessary synchronization of (refreshPaneBody). changeset 71a87178ff7e in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=71a87178ff7e author: Jiri Vanek date: Thu Mar 13 16:43:45 2014 +0100 JNLPClassLoaderTest.java: adapted to permissions attribute diffstat: ChangeLog | 17 +++++ netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 4 +- netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java | 2 +- tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java | 29 ++++++++++ 4 files changed, 49 insertions(+), 3 deletions(-) diffs (105 lines): diff -r e53adc254895 -r 71a87178ff7e ChangeLog --- a/ChangeLog Wed Mar 12 17:34:10 2014 +0100 +++ b/ChangeLog Thu Mar 13 16:43:45 2014 +0100 @@ -1,3 +1,20 @@ +2014-03-13 Jiri Vanek + + * tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java: adapted + to permissions attribute + +2014-03-13 Jiri Vanek + + Fixing rear deadlock issue + * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: removed + (probably) unnecessary synchronization of (refreshPaneBody). + +2014-03-13 Jiri Vanek + + Fixed appearance of download indicator + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (init) attributes + are allowed to access jars only once all resources are downloaded + 2014-03-12 Jiri Vanek * configure.ac: added check for /bin/bash diff -r e53adc254895 -r 71a87178ff7e netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Wed Mar 12 17:34:10 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 16:43:45 2014 +0100 @@ -258,8 +258,6 @@ this.enableCodeBase = enableCodeBase; - //as it is harmless, we can set is as soon as possible. - file.getManifestsAttributes().setLoader(this); AppVerifier verifier; @@ -282,6 +280,8 @@ initializeResources(); + //loading mainfests before resources are initialised may cause waiting for resources + file.getManifestsAttributes().setLoader(this); // initialize permissions initializePermissions(); diff -r e53adc254895 -r 71a87178ff7e netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java --- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java Wed Mar 12 17:34:10 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java Thu Mar 13 16:43:45 2014 +0100 @@ -217,7 +217,7 @@ }); } - private synchronized void refreshPaneBody(final boolean reset) throws BadLocationException, IOException { + private void refreshPaneBody(final boolean reset) throws BadLocationException, IOException { if (reset) { jEditorPane1.setText(model.importList(0)); } else { diff -r e53adc254895 -r 71a87178ff7e tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java Wed Mar 12 17:34:10 2014 +0100 +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java Thu Mar 13 16:43:45 2014 +0100 @@ -48,15 +48,44 @@ import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.cache.UpdatePolicy; +import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; import net.sourceforge.jnlp.util.FileTestUtils; import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; +import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; public class JNLPClassLoaderTest extends NoStdOutErrTest{ + private static AppletSecurityLevel level; + public static String askUser; + + + @BeforeClass + public static void setPermissions() { + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); + } + + @AfterClass + public static void resetPermissions() { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); + } + @BeforeClass + public static void noDialogs(){ + askUser = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER); + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, Boolean.toString(false)); + } + + @AfterClass + public static void restoreDialogs(){ + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, askUser); + } /* Note: Only does file leak testing for now. */ @Test public void constructorFileLeakTest() throws Exception { From jvanek at redhat.com Thu Mar 13 15:46:17 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 16:46:17 +0100 Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check In-Reply-To: <5321B99E.6000405@redhat.com> References: <53207F19.7000903@redhat.com> <53215A38.5080801@redhat.com> <5321B99E.6000405@redhat.com> Message-ID: <5321D2C9.6020602@redhat.com> Ok. then. J. On 03/13/2014 02:58 PM, Andrew Azores wrote: > On 03/13/2014 03:11 AM, Jiri Vanek wrote: >> On 03/12/2014 04:36 PM, Andrew Azores wrote: >>> Hi, >>> >>> Just noticed that there are conditions where an NPE will occur due to the new filechanged check. >>> Steps to reproduce: >>> 1) launch policyeditor with no arguments >>> 2) create some set of permissions, eg Print Documents only, doesn't really matter so long as you >>> make at least one change >>> 3) press Apply >>> 4) attempt to save the policy file to any location eg $HOME/test.policy >>> 5) NPE will occur because there is no MD5SumWatcher reference, since no policy file was ever opened >>> first >>> 5b) file fails to save >>> >>> With the patch applied, 5/5b does not occur, and instead the flow completes as expected with a >>> "Changes saved" message, and the file can be verified as written to disk. >>> >>> Thanks, >> >> I'm missing the creation of fileWatcher *after* the file is saved now. >> >> >> J. >> > > Thanks for catching that. > > Thanks, > From aazores at icedtea.classpath.org Thu Mar 13 15:52:22 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 13 Mar 2014 15:52:22 +0000 Subject: /hg/icedtea-web: PolicyEditor: avoid NPE when saving to a new file Message-ID: changeset abec2ce76cdb in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=abec2ce76cdb author: Andrew Azores date: Thu Mar 13 11:52:14 2014 -0400 PolicyEditor: avoid NPE when saving to a new file * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (savePolicyFile, updateMd5WithDialog) avoid NPE when saving to a new file diffstat: ChangeLog | 5 +++++ netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 9 +++++++++ 2 files changed, 14 insertions(+), 0 deletions(-) diffs (38 lines): diff -r 71a87178ff7e -r abec2ce76cdb ChangeLog --- a/ChangeLog Thu Mar 13 16:43:45 2014 +0100 +++ b/ChangeLog Thu Mar 13 11:52:14 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-13 Andrew Azores + + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (savePolicyFile, updateMd5WithDialog) avoid NPE when saving to a new file + 2014-03-13 Jiri Vanek * tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java: adapted diff -r 71a87178ff7e -r abec2ce76cdb netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Thu Mar 13 16:43:45 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Thu Mar 13 11:52:14 2014 -0400 @@ -984,6 +984,9 @@ try { FileUtils.saveFile(sb.toString(), file); + if (fileWatcher == null) { + fileWatcher = new MD5SumWatcher(file); + } fileWatcher.update(); changesMade = false; showChangesSavedDialog(); @@ -1026,6 +1029,12 @@ * @throws IOException if the file cannot be read */ public int updateMd5WithDialog() throws FileNotFoundException, IOException { + if (fileWatcher == null) { + if (file != null) { + fileWatcher = new MD5SumWatcher(file); + } + return JOptionPane.NO_OPTION; + } final boolean changed = fileWatcher.update(); if (changed) { return JOptionPane.showConfirmDialog(weakThis.get(), R("PEFileModifiedDetail", file.getCanonicalPath()), From jvanek at redhat.com Thu Mar 13 16:26:36 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 13 Mar 2014 17:26:36 +0100 Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy In-Reply-To: <53207D43.8030806@redhat.com> References: <53207D43.8030806@redhat.com> Message-ID: <5321DC3C.8080507@redhat.com> On 03/12/2014 04:29 PM, Andrew Azores wrote: > Hi, > > This patch adds a method to JNLPRuntime to allow the Policy object to be refreshed, and adds logic > to the JNLPPolicy class (of which the runtime's Policy reference is an instance) to: > 1) be able to refresh its permissions from the user's policy file > 2) read from the policy file on a per-codebase basis, not only per applet JAR location > > It also adds logic to JNLPClassLoader.SecurityDelegate to call the new JNLPRuntime method when the > applet is to be run sandboxed, to ensure that this is done with the current policy, not an older > cached copy in case there have been changes since the JVM was started. > > These changes are in support of later patches which will add a way to launch PolicyEditor from the > fully and partially signed applet warning dialogs. Without the ability to refresh, the JVM needs to > be restarted before those changes can take effect, which is not good for usability (users have to > restart their browser). Without the ability to actually check by codebase rather than full JAR url, > the user policy files will be much more complex than planned, and for users to set custom permission > levels per-applet will be much more difficult to use. > > Manual testing: > > (with patch applied) > 1) Ensure your policy file is either empty or at least does not contain an entry to match the test > applet > 2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed > 3) Verify that the applet may not print nor save. Close the applet but do not exit the browser. > 4) Add the following to your policy file: > > grant codeBase "http://caff.de/applettest/" { > permission java.lang.RuntimePermission "queuePrintJob"; > permission java.util.PropertyPermission "*", "read"; > }; > > 5) Without closing your browser, restart the applet (refresh the page, or open a new tab and visit > again) > 6) Verify that the applet may now cause a print dialog to appear, but still cannot save files > > With patch not applied, granting the applet codebase these permissions does not work, so grant the > same permissions but to all applets. Check that making this change to the policy file without > restarting the JVM does not actually grant the permissions to the applet, and restarting the JVM > does grant them. > > Automated testing: > Working on it, but not sure if it's actually doable. I need a way to keep the JVM running between > runs of an applet, which I don't know if we can do. Any ideas? > > Thanks, > based on IRC discussion - ok to go. J. From aazores at icedtea.classpath.org Thu Mar 13 17:48:08 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 13 Mar 2014 17:48:08 +0000 Subject: /hg/icedtea-web: Runtime policies refresh and per-codebase polic... Message-ID: changeset dfc27d4d55d5 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dfc27d4d55d5 author: Andrew Azores date: Thu Mar 13 13:48:00 2014 -0400 Runtime policies refresh and per-codebase policy entries Added ability to reload user level policy file contents without restarting the JVM. Also allow per-codebase policy entries. * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate#setRunInSandbox) call JNLPRuntime.reloadPolicy * netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java: (refresh) refresh user policy file. (getPermissions) check for per-codebase entries in user policy file * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: (reloadPolicy) new method. diffstat: netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 1 + netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java | 19 ++++++++++++++--- netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 4 +++ 3 files changed, 20 insertions(+), 4 deletions(-) diffs (73 lines): diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 11:52:14 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 13:48:00 2014 -0400 @@ -2432,6 +2432,7 @@ throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCInit"), R("LRunInSandboxError"), R("LRunInSandboxErrorInfo")); } + JNLPRuntime.reloadPolicy(); // ensure that we have the most up-to-date custom policy loaded this.promptedForSandbox = true; this.runInSandbox = true; } diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java Thu Mar 13 11:52:14 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java Thu Mar 13 13:48:00 2014 -0400 @@ -91,21 +91,30 @@ // systempolicy permissions need to be accounted for as well e = systemPolicy.getPermissions(appletCS).elements(); - while (e.hasMoreElements()) + while (e.hasMoreElements()) { clPermissions.add(e.nextElement()); + } // and so do permissions from the jnlp-specific system policy if (systemJnlpPolicy != null) { e = systemJnlpPolicy.getPermissions(appletCS).elements(); - while (e.hasMoreElements()) + while (e.hasMoreElements()) { clPermissions.add(e.nextElement()); + } } // and permissiosn from jnlp-specific user policy too if (userJnlpPolicy != null) { e = userJnlpPolicy.getPermissions(appletCS).elements(); - while (e.hasMoreElements()) + while (e.hasMoreElements()) { clPermissions.add(e.nextElement()); + } + + CodeSource appletCodebaseSource = new CodeSource(JNLPRuntime.getApplication().getJNLPFile().getCodeBase(), (java.security.cert.Certificate[]) null); + e = userJnlpPolicy.getPermissions(appletCodebaseSource).elements(); + while (e.hasMoreElements()) { + clPermissions.add(e.nextElement()); + } } return clPermissions; @@ -120,7 +129,9 @@ * Refresh. */ public void refresh() { - // no op + if (userJnlpPolicy != null) { + userJnlpPolicy.refresh(); + } } /** diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Mar 13 11:52:14 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Mar 13 13:48:00 2014 -0400 @@ -292,6 +292,10 @@ } + public static void reloadPolicy() { + policy.refresh(); + } + /** * Returns a TrustManager ideal for the running VM. * From aazores at redhat.com Thu Mar 13 18:43:34 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 14:43:34 -0400 Subject: [rfc][icedtea-web] implemented Application-Library-Allowable-Codebase Attribute In-Reply-To: <531F632F.1000005@redhat.com> References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com> <531F632F.1000005@redhat.com> Message-ID: <5321FC56.3070606@redhat.com> On 03/11/2014 03:25 PM, Jiri Vanek wrote: > All your nits have been fixed. However: > > I'm still not using the AppTrustWarningPanel, so rember button is > useless. It will come as another changeset (if ever) > - this patch broke elluminate - one of the deadly throws is probably > redundant and should be repalced by security prompt. Not okay to push if elluminate is broken by this... have you figured out what to do about it? > - jsut hint - download indicator is broken > - elluminat works, but freaze to, same as > http://www.walter-fendt.de/ph14e/resultant.htm > > I guess all above are older issues not related to this patch. > > > J. > Thanks, -- Andrew A From aazores at redhat.com Thu Mar 13 19:05:37 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 15:05:37 -0400 Subject: [rfc][icedtea-web] implemented Application-Library-Allowable-Codebase Attribute In-Reply-To: <5321FC56.3070606@redhat.com> References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com> <531F632F.1000005@redhat.com> <5321FC56.3070606@redhat.com> Message-ID: <53220181.4050603@redhat.com> On 03/13/2014 02:43 PM, Andrew Azores wrote: > On 03/11/2014 03:25 PM, Jiri Vanek wrote: >> All your nits have been fixed. However: >> >> I'm still not using the AppTrustWarningPanel, so rember button is >> useless. It will come as another changeset (if ever) >> - this patch broke elluminate - one of the deadly throws is probably >> redundant and should be repalced by security prompt. > > Not okay to push if elluminate is broken by this... have you figured > out what to do about it? > >> - jsut hint - download indicator is broken >> - elluminat works, but freaze to, same as >> http://www.walter-fendt.de/ph14e/resultant.htm >> >> I guess all above are older issues not related to this patch. >> >> >> J. >> > > Thanks, > Apparently it was just a broken cache problem. Elluminate does work. One nit was left unfixed: > + URL documentBase = null; > + if (file instanceof PluginBridge) { > + documentBase = ((PluginBridge) file).getSourceLocation(); > + } > + if (documentBase == null) { > + documentBase = file.getCodeBase(); > + } Good to go otherwise, I think. Thanks, -- Andrew A From aazores at redhat.com Thu Mar 13 19:08:05 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 15:08:05 -0400 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane Message-ID: <53220215.60301@redhat.com> Hi, This patch adds a button which summons a popup menu, currently with only one item, allowing the user to launch PolicyEditor directly from the warning dialog. The editor appears with the current applet's codebase added (if necessary) and pre-selected. This, along with the sandbox button and earlier patch allowing JNLPPolicy to use per-codebase policy entries and to reload at runtime, allows for easy configuration of fine grained permissions granted to an applet. Feedback/recommendations on the UI here are definitely welcome. At a later point, extra items will be added to the popup menu to allow for "this run only" temporary permissions to be granted to the applet. These choices will have to use a different mechanism for adding the permissions, however, since it won't be automatically handled by the JNLPPolicy/automatically reloaded by SecurityDelegate, as the policy file permissions are. (note the conspicuous lack of any code here to actually force a policy reload - this is already handled by the sandbox button and SecurityDelegate) Note that there is a visual bug with PolicyEditor where the checkboxes may not be updated correctly, and will be incorrectly blank when the currently selected codebase actually does have permissions assigned. This will be addressed separately. As a workaround, simply switch to "All applets" codebase, then back to the applet-specific one. The checkboxes will then correctly update. http://caff.de/applettest/Signed.html can serve as a test applet again. ChangeLog: Add button with popup menu to launch PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: (ButPolicyEditorDropdown, CertWarnPolicyTip, CertWarnPolicyEditorItem): new messages * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (addComponents, setTextAndLabels, addButtons) refactored and split methods. (createPolicyPermissionsMenu) new method. (PolicyEditorLaunchListener) new ActionListener for advancedOptions button Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-in-dialog-4.patch Type: text/x-patch Size: 14327 bytes Desc: not available URL: From aazores at redhat.com Thu Mar 13 19:30:23 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 15:30:23 -0400 Subject: [rfc][icedtea-web][policyeditor] Checkboxes not updating Message-ID: <5322074F.9030703@redhat.com> Hi, This patch ensures that operations which should be done by the EDT are actually done by it, and also ensures that when a new codebase is added/selected, that the checkboxes properly update the first time around, without needing to select a different codebase and go back. ChangeLog: * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (addNewCodebase) ensure that checkboxes update. (removeCodebase, updateCheckboxes) ensure UI updates are done on EDT. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-checkboxes.patch Type: text/x-patch Size: 4310 bytes Desc: not available URL: From aazores at redhat.com Thu Mar 13 19:41:54 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 15:41:54 -0400 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <53220215.60301@redhat.com> References: <53220215.60301@redhat.com> Message-ID: <53220A02.7090506@redhat.com> On 03/13/2014 03:08 PM, Andrew Azores wrote: > Hi, > > This patch adds a button which summons a popup menu, currently with > only one item, allowing the user to launch PolicyEditor directly from > the warning dialog. The editor appears with the current applet's > codebase added (if necessary) and pre-selected. This, along with the > sandbox button and earlier patch allowing JNLPPolicy to use > per-codebase policy entries and to reload at runtime, allows for easy > configuration of fine grained permissions granted to an applet. > > Feedback/recommendations on the UI here are definitely welcome. At a > later point, extra items will be added to the popup menu to allow for > "this run only" temporary permissions to be granted to the applet. > These choices will have to use a different mechanism for adding the > permissions, however, since it won't be automatically handled by the > JNLPPolicy/automatically reloaded by SecurityDelegate, as the policy > file permissions are. (note the conspicuous lack of any code here to > actually force a policy reload - this is already handled by the > sandbox button and SecurityDelegate) > > Note that there is a visual bug with PolicyEditor where the checkboxes > may not be updated correctly, and will be incorrectly blank when the > currently selected codebase actually does have permissions assigned. > This will be addressed separately. As a workaround, simply switch to > "All applets" codebase, then back to the applet-specific one. The > checkboxes will then correctly update. > > http://caff.de/applettest/Signed.html can serve as a test applet again. > > ChangeLog: > Add button with popup menu to launch PolicyEditor > * netx/net/sourceforge/jnlp/resources/Messages.properties: > (ButPolicyEditorDropdown, CertWarnPolicyTip, > CertWarnPolicyEditorItem): new messages > * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: > (addComponents, setTextAndLabels, addButtons) refactored and split > methods. (createPolicyPermissionsMenu) new method. > (PolicyEditorLaunchListener) new ActionListener for advancedOptions > button > > Thanks, > Sorry, tiny update here. I noticed that there was a small "deadspot" in the middle of the new button, which was apparently the popupmenu component, as clicking it caused PolicyEditor to appear. It seems this was because the menu was added as a child component of the button. Adding the component to the pane itself, which is the only change between this new patch and the previous one, resolves this. The popup menu still appears in the same place and works fine as far as I can tell. Is there some better way to handle JPopupMenus? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-in-dialog-4.patch Type: text/x-patch Size: 14355 bytes Desc: not available URL: From aazores at redhat.com Thu Mar 13 20:43:32 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 13 Mar 2014 16:43:32 -0400 Subject: [rfc][icedtea-web] SecurityDelegate addPermission and reference for CertWarningPane Message-ID: <53221874.3030302@redhat.com> Hi, The smaller of these two patches simply exposes JNLPClassLoader#addPermission(Permission) through three new SecurityDelegate methods: #addPermission(Permission), #addPermissions(PermissionCollection), and #addPermissions(Collection). The larger patch passes a SecurityDelegate reference through the security dialog system so that the delegate is available to CertWarningPane. This is in preparation for a patch that will add "this run only" temporary permission options to the CertWarningPane, achieved by "injecting" these permissions directly into the classloader via the delegate. These extra options are not included because they are blocked on "Launching PolicyEditor from CertWarningPane", but this infrastructure work doesn't depend on that patch. These two patches apply cleanly together, but certwarning-securitydelegate will have a small and easily resolvable conflict with policyeditor-in-dialog-4 if they are used together. (securitydelegate-addpermission) ChangeLog: * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, addPermissions) implement previous. (certwarning-securitydelegate) ChangeLog: * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate reference from extras into CertWarningPane constructor * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) added SecurityDelegate parameter, add to extras array. * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) pass null for SecurityDelegate reference * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) added SecurityDelegate constructor parameter and (securityDelegate) field Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: securitydelegate-addpermission.patch Type: text/x-patch Size: 1351 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: certwarning-securitydelegate.patch Type: text/x-patch Size: 8058 bytes Desc: not available URL: From ptisnovs at icedtea.classpath.org Fri Mar 14 12:14:24 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 14 Mar 2014 12:14:24 +0000 Subject: /hg/rhino-tests: Enhancements of various tests in ScriptContextC... Message-ID: changeset 39b90cb1bd47 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=39b90cb1bd47 author: Pavel Tisnovsky date: Fri Mar 14 13:14:58 2014 +0100 Enhancements of various tests in ScriptContextClassTest. diffstat: ChangeLog | 5 ++++ src/org/RhinoTests/ScriptContextClassTest.java | 32 ++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 0 deletions(-) diffs (61 lines): diff -r 7a653bbdeeec -r 39b90cb1bd47 ChangeLog --- a/ChangeLog Thu Mar 13 09:50:36 2014 +0100 +++ b/ChangeLog Fri Mar 14 13:14:58 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-14 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptContextClassTest.java: + Enhancements of various tests in ScriptContextClassTest. + 2014-03-13 Pavel Tisnovsky * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: diff -r 7a653bbdeeec -r 39b90cb1bd47 src/org/RhinoTests/ScriptContextClassTest.java --- a/src/org/RhinoTests/ScriptContextClassTest.java Thu Mar 13 09:50:36 2014 +0100 +++ b/src/org/RhinoTests/ScriptContextClassTest.java Fri Mar 14 13:14:58 2014 +0100 @@ -1832,6 +1832,30 @@ } try { + this.scriptContextClass.cast(new java.awt.Label()); + throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptContextClass.cast(new java.awt.Label(new String())); + throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptContextClass.cast(new java.awt.Label("xyzzy")); + throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptContextClass.cast(new javax.swing.JLabel()); throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception"); } @@ -1848,6 +1872,14 @@ } try { + this.scriptContextClass.cast(new javax.swing.JLabel("xyzzy")); + throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptContextClass.cast(new javax.swing.JPanel()); throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception"); } From ptisnovs at icedtea.classpath.org Fri Mar 14 12:28:55 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 14 Mar 2014 12:28:55 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBltUsingBgColor test s... Message-ID: changeset 2ffb2f873ec8 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=2ffb2f873ec8 author: Pavel Tisnovsky date: Fri Mar 14 13:29:36 2014 +0100 Ten new tests added into BitBltUsingBgColor test suite. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltUsingBgColor.java | 150 +++++++++++++++++++++ 2 files changed, 155 insertions(+), 0 deletions(-) diffs (172 lines): diff -r 402bff2be904 -r 2ffb2f873ec8 ChangeLog --- a/ChangeLog Thu Mar 13 09:52:52 2014 +0100 +++ b/ChangeLog Fri Mar 14 13:29:36 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-14 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: + Ten new tests added into BitBltUsingBgColor test suite. + 2014-03-13 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: diff -r 402bff2be904 -r 2ffb2f873ec8 src/org/gfxtest/testsuites/BitBltUsingBgColor.java --- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Thu Mar 13 09:52:52 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java Fri Mar 14 13:29:36 2014 +0100 @@ -5822,6 +5822,156 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.magenta. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundMagenta(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.magenta); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.yellow. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundYellow(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.yellow); + } + + /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY. + * Background color is set to Color.white. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundWhite(TestImage image, Graphics2D graphics2d) + { + return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.white); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.black. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundBlack(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.black); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.blue. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundBlue(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.blue); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.green. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundGreen(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.green); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.cyan. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundCyan(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.cyan); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.red. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundRed(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.red); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.magenta. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundMagenta(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.magenta); + } + + /** + * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. + * Background color is set to Color.yellow. + * + * @param image + * image to be used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundYellow(TestImage image, Graphics2D graphics2d) + { + return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.yellow); + } + + /** * Entry point to the test suite. * * @param args not used in this case From jvanek at icedtea.classpath.org Fri Mar 14 12:40:34 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Fri, 14 Mar 2014 12:40:34 +0000 Subject: /hg/icedtea-web: Base implementation of Application-Library-Allo... Message-ID: changeset aba4c18c4c64 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=aba4c18c4c64 author: Jiri Vanek date: Fri Mar 14 13:06:03 2014 +0100 Base implementation of Application-Library-Allowable-Codebase. Remember button not yet working. diffstat: ChangeLog | 33 ++ netx/net/sourceforge/jnlp/JNLPFile.java | 14 +- netx/net/sourceforge/jnlp/resources/Messages.properties | 19 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 93 +++++ netx/net/sourceforge/jnlp/security/SecurityDialog.java | 6 + netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 34 +- netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java | 165 ++++++++++ netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java | 162 +++++++++ netx/net/sourceforge/jnlp/util/ClasspathMatcher.java | 30 +- netx/net/sourceforge/jnlp/util/UrlUtils.java | 105 ++++++ tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java | 98 +++++ tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java | 107 ++++++ 12 files changed, 846 insertions(+), 20 deletions(-) diffs (truncated from 1090 to 500 lines): diff -r dfc27d4d55d5 -r aba4c18c4c64 ChangeLog --- a/ChangeLog Thu Mar 13 13:48:00 2014 -0400 +++ b/ChangeLog Fri Mar 14 13:06:03 2014 +0100 @@ -1,3 +1,36 @@ +2014-03-14 Jiri Vanek + + Base implementation of Application-Library-Allowable-Codebase. Remember + button not yet working. + * netx/net/sourceforge/jnlp/JNLPFile.java: (ClasspathMatchers) + (getApplicationLibraryAllowableCodebase) (getCodebase) (getCodeBaseMatchersAttribute) + (getCodeBaseMatchersAttribute) (getCodeBaseMatchersAttribute) changed signature + to include/not include path in returned matcher. + * netx/net/sourceforge/jnlp/resources/Messages.properties: Added keys + (ALACAMissingMainTitle) (ALACAMissingInfo) (ALACAMatchingMainTitle) + (ALACAMatchingInfo) for new dialogs. + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Implemented + (checkApplicationLibraryAllowableCodebaseAttribute). Used in (init) + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: made aware of + new constants (MISSING_ALACA) and (MATCHING_ALACA) + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: new constants + (MISSING_ALACA) and (MATCHING_ALACA). Implemented (showMissingALACAttributePanel) + and (showMatchingALACAttributePanel) + * netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java + new dialog for Matching attribute + * netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java: + new dialog for Missing attribute. + * netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: allowing user to + choose whether to include paths in matching or not. + * netx/net/sourceforge/jnlp/util/UrlUtils.java: new util methods (removeFileName) + (setOfUrlsToHtmlList) (sanitizeLastSlash) and (equalsIgnoreLastSlash) to + strip filename from url, toString for iterable of urls to string, and + for operations with URLs independently on last slash + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: added + tests for paths + * tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java: added tests + for new methods + 2014-03-13 Andrew Azores * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/JNLPFile.java --- a/netx/net/sourceforge/jnlp/JNLPFile.java Thu Mar 13 13:48:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/JNLPFile.java Fri Mar 14 13:06:03 2014 +0100 @@ -920,21 +920,21 @@ * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#caller_allowable */ public ClasspathMatcher.ClasspathMatchers getCallerAllowableCodebase() { - return getCodeBaseMatchersAttribute(CALLER_ALLOWABLE); + return getCodeBaseMatchersAttribute(CALLER_ALLOWABLE, false); } /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#app_library */ public ClasspathMatcher.ClasspathMatchers getApplicationLibraryAllowableCodebase() { - return getCodeBaseMatchersAttribute(APP_LIBRARY_ALLOWABLE); + return getCodeBaseMatchersAttribute(APP_LIBRARY_ALLOWABLE, true); } /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase */ public ClasspathMatcher.ClasspathMatchers getCodebase() { - return getCodeBaseMatchersAttribute(CODEBASE); + return getCodeBaseMatchersAttribute(CODEBASE, false); } /** @@ -1004,16 +1004,16 @@ return loader.checkForAttributeInJars(Arrays.asList(getResources().getJARs()), name); } - public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(String s) { - return getCodeBaseMatchersAttribute(new Attributes.Name(s)); + public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(String s, boolean includePath) { + return getCodeBaseMatchersAttribute(new Attributes.Name(s), includePath); } - public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(Attributes.Name name) { + public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(Attributes.Name name, boolean includePath) { String s = getAttribute(name); if (s == null) { return null; } - return ClasspathMatcher.ClasspathMatchers.compile(s); + return ClasspathMatcher.ClasspathMatchers.compile(s, includePath); } private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException { diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 13 13:48:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Fri Mar 14 13:06:03 2014 +0100 @@ -58,6 +58,25 @@ and
\ http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +# missing Application-Library-Allowable-Codebase dialogue +ALACAMissingMainTitle=Application {0} \ +form codebase {1} is missing the Application-Library-Allowable-Codebase attribute. \ +This application uses resources from the following remote locations:
{2} Are you sure you want to run this application? +ALACAMissingInfo=For more information you can visit:
\ + \ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
\ +and
\ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +# matching Application-Library-Allowable-Codebase dialogue +ALACAMatchingMainTitle=Application {0} \ +form codebase {1} is requiring valid resources from different locations:
{2}
\ +Those resources are expected to be loaded. Do you agree to run this application? +ALACAMatchingInfo=For more information you can visit:
\ + \ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
\ +and
\ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html + # LS - Severity LSMinor=Minor LSFatal=Fatal diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 13 13:48:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Fri Mar 14 13:06:03 2014 +0100 @@ -92,6 +92,7 @@ import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers; import net.sourceforge.jnlp.util.JarFile; import net.sourceforge.jnlp.util.StreamUtils; +import net.sourceforge.jnlp.util.UrlUtils; import net.sourceforge.jnlp.util.logging.OutputController; import sun.misc.JarIndex; @@ -292,6 +293,8 @@ checkPermissionsAttribute(); + checkApplicationLibraryAllowableCodebaseAttribute(); + installShutdownHooks(); @@ -2324,6 +2327,96 @@ public boolean getRunInSandbox(); } + private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException { + if (signing == SigningState.NONE){ + return; /*when app is not signed at all, then skip this check*/ + } + //conditions + URL codebase = file.getCodeBase(); + URL documentBase = null; + if (file instanceof PluginBridge) { + documentBase = ((PluginBridge) file).getSourceLocation(); + } + if (documentBase == null) { + documentBase = file.getCodeBase(); + } + + //cases + Set usedUrls = new HashSet(); + URL sourceLocation = file.getSourceLocation(); + ResourcesDesc[] resourcesDescs = file.getResourcesDescs(); + if (sourceLocation != null) { + usedUrls.add(UrlUtils.removeFileName(sourceLocation)); + } + for (ResourcesDesc resourcesDesc: resourcesDescs) { + ExtensionDesc[] ex = resourcesDesc.getExtensions(); + if (ex != null) { + for ( ExtensionDesc extensionDesc: ex) { + if (extensionDesc != null) { + usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation())); + } + } + } + JARDesc[] jars = resourcesDesc.getJARs(); + if (jars != null) { + for (JARDesc jarDesc: jars) { + if (jarDesc != null) { + usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation())); + } + } + } + JNLPFile jnlp = resourcesDesc.getJNLPFile(); + if (jnlp != null) { + usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation())); + } + + } + OutputController.getLogger().log("Found alaca URLs to be verified"); + for (URL url : usedUrls) { + OutputController.getLogger().log(" - " + url.toExternalForm()); + } + if (usedUrls.isEmpty()) { + //I hope this is the case, when the resources is/are + //only codebase classes. Then it should be safe to return. + OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + + if (usedUrls.size() == 1) { + if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase) + && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) { + //all resoources are from codebase or document base. it is ok to proceeed. + OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + } + ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); + + if (att == null) { + boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!a) { + throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"); + } else { + OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user"); + return; + } + } else { + for (URL foundUrl : usedUrls) { + if (!att.matches(foundUrl)) { + throw new LaunchException("The resource from " + foundUrl + " does not match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running."); + } else { + OutputController.getLogger().log("The resource from " + foundUrl + " does match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing."); + } + } + } + boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!a) { + throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." ); + } else { + OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user." ); + } + } + /** * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign * to JARs. diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Thu Mar 13 13:48:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Fri Mar 14 13:06:03 2014 +0100 @@ -37,6 +37,8 @@ package net.sourceforge.jnlp.security; +import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel; +import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel; import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel; import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; @@ -320,6 +322,10 @@ panel = new PasswordAuthenticationPane(this, extras); else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING) panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]); + else if (dialogType == DialogType.MISSING_ALACA) + panel = new MissingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]); + else if (dialogType == DialogType.MATCHING_ALACA) + panel = new MatchingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]); add(panel, BorderLayout.CENTER); } diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Mar 13 13:48:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Fri Mar 14 13:06:03 2014 +0100 @@ -44,6 +44,7 @@ import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; +import java.util.Set; import java.util.concurrent.Semaphore; import javax.swing.JDialog; @@ -52,6 +53,7 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; +import net.sourceforge.jnlp.util.UrlUtils; import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; @@ -80,7 +82,9 @@ UNSIGNED_WARNING, /* requires confirmation with 'high-security' setting */ APPLET_WARNING, AUTHENTICATION, - UNSIGNED_EAS_NO_PERMISSIONS_WARNING /* when Extended applet security is at High Security and no permission attribute is find, */ + UNSIGNED_EAS_NO_PERMISSIONS_WARNING, /* when Extended applet security is at High Security and no permission attribute is find, */ + MISSING_ALACA, /*alaca - Application-Library-Allowable-Codebase Attribute*/ + MATCHING_ALACA } /** The types of access which may need user permission. */ @@ -263,6 +267,32 @@ return (Object[]) response; } + public static boolean showMissingALACAttributePanel(String title, URL codeBase, Set remoteUrls) { + + if (!shouldPromptUser()) { + return false; + } + + SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.MISSING_ALACA; + message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; + Object selectedValue = getUserResponse(message); + return getIntegerResponseAsBoolean(selectedValue); + } + + public static boolean showMatchingALACAttributePanel(String title, URL codeBase, Set remoteUrls) { + + if (!shouldPromptUser()) { + return false; + } + + SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.MATCHING_ALACA; + message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)}; + Object selectedValue = getUserResponse(message); + return getIntegerResponseAsBoolean(selectedValue); + } + /** * FIXME This is unused. Remove it? * @return (0, 1, 2) => (Yes, No, Cancel) @@ -417,5 +447,5 @@ } }); } - + } diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java Fri Mar 14 13:06:03 2014 +0100 @@ -0,0 +1,165 @@ +/* + Copyright (C) 2008 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Desktop; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.Image; +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URISyntaxException; +import java.net.URL; +import java.util.HashSet; +import java.util.Set; +import javax.imageio.ImageIO; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; +import javax.swing.event.HyperlinkEvent; +import javax.swing.event.HyperlinkListener; +import net.sourceforge.jnlp.runtime.Translator; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.util.UrlUtils; +import net.sourceforge.jnlp.util.logging.OutputController; + +/** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library + */ +public class MatchingALACAttributePanel extends SecurityDialogPanel { + + public MatchingALACAttributePanel(SecurityDialog x, String title, String codebase, String remoteUrls) { + super(x); + try { + addComponents(title, codebase, remoteUrls); + } catch (Exception ex) { + throw new RuntimeException(ex); + } + if (x != null) { + x.setMinimumSize(new Dimension(600, 400)); + } + } + + protected final void addComponents(String title, String codebase, String remoteUrls) throws IOException { + + URL imgUrl = this.getClass().getResource("/net/sourceforge/jnlp/resources/question.png"); + ImageIcon icon; + Image img = ImageIO.read(imgUrl); + icon = new ImageIcon(img); + String topLabelText = Translator.R("ALACAMatchingMainTitle", title, codebase, remoteUrls); + String bottomLabelText = Translator.R("ALACAMatchingInfo"); + + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.CENTER); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(400, 80)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JEditorPane bottomLabel = new JEditorPane("text/html", htmlWrap(bottomLabelText)); + bottomLabel.setEditable(false); + bottomLabel.addHyperlinkListener(new HyperlinkListener() { + @Override + public void hyperlinkUpdate(HyperlinkEvent e) { + try { + if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) { + Desktop.getDesktop().browse(e.getURL().toURI()); + } + } catch (IOException ex) { + OutputController.getLogger().log(ex); + } catch (URISyntaxException ex) { + OutputController.getLogger().log(ex); + } + } + }); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(bottomLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(400, 80)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + bottomLabel.setBackground(infoPanel.getBackground()); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton yes = new JButton(Translator.R("ButYes")); + JButton no = new JButton(Translator.R("ButNo")); + JCheckBox remeber = new JCheckBox(htmlWrap(Translator.R("SRememberOption"))); + int buttonWidth = yes.getMinimumSize().width; + int buttonHeight = yes.getMinimumSize().height; + Dimension d = new Dimension(buttonWidth, buttonHeight); + yes.setPreferredSize(d); + no.setPreferredSize(d); + yes.addActionListener(createSetValueListener(parent, 0)); + no.addActionListener(createSetValueListener(parent, 1)); + initialFocusComponent = no; + buttonPanel.add(remeber); + buttonPanel.add(yes); + buttonPanel.add(no); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + } + + public static void main(String[] args) throws MalformedURLException { + Set s = new HashSet(); + s.add(new URL("http:/blah.com/blah")); + s.add(new URL("http:/blah.com/blah/blah")); + MatchingALACAttributePanel w = new MatchingALACAttributePanel(null, "HelloWorld", "http://nbblah.url", UrlUtils.setOfUrlsToHtmlList(s)); + JFrame f = new JFrame(); + f.setSize(600, 400); + f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + f.add(w, BorderLayout.CENTER); + f.setVisible(true); + } +} diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java Fri Mar 14 13:06:03 2014 +0100 From jvanek at redhat.com Fri Mar 14 13:24:06 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 14 Mar 2014 14:24:06 +0100 Subject: [rfc][icedtea-web] implemented Application-Library-Allowable-Codebase Attribute In-Reply-To: <53220181.4050603@redhat.com> References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com> <531F632F.1000005@redhat.com> <5321FC56.3070606@redhat.com> <53220181.4050603@redhat.com> Message-ID: <532302F6.7050200@redhat.com> On 03/13/2014 08:05 PM, Andrew Azores wrote: > On 03/13/2014 02:43 PM, Andrew Azores wrote: >> On 03/11/2014 03:25 PM, Jiri Vanek wrote: >>> All your nits have been fixed. However: >>> >>> I'm still not using the AppTrustWarningPanel, so rember button is useless. It will come as >>> another changeset (if ever) >>> - this patch broke elluminate - one of the deadly throws is probably redundant and should be >>> repalced by security prompt. >> >> Not okay to push if elluminate is broken by this... have you figured out what to do about it? >> >>> - jsut hint - download indicator is broken >>> - elluminat works, but freaze to, same as http://www.walter-fendt.de/ph14e/resultant.htm >>> >>> I guess all above are older issues not related to this patch. >>> >>> >>> J. >>> >> >> Thanks, >> > > Apparently it was just a broken cache problem. Elluminate does work. > > One nit was left unfixed: > >> + URL documentBase = null; >> + if (file instanceof PluginBridge) { >> + documentBase = ((PluginBridge) file).getSourceLocation(); >> + } >> + if (documentBase == null) { >> + documentBase = file.getCodeBase(); >> + } > I have kept it as it was. I think there can be state, when (PluginBridge) file).getSourceLocation() will really remian null. But codebase is never null. J. From jvanek at redhat.com Fri Mar 14 13:33:49 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 14 Mar 2014 14:33:49 +0100 Subject: [rfc][icedtea-web][policyeditor] Checkboxes not updating In-Reply-To: <5322074F.9030703@redhat.com> References: <5322074F.9030703@redhat.com> Message-ID: <5323053D.3040607@redhat.com> On 03/13/2014 08:30 PM, Andrew Azores wrote: > Hi, > > This patch ensures that operations which should be done by the EDT are actually done by it, and also > ensures that when a new codebase is added/selected, that the checkboxes properly update the first > time around, without needing to select a different codebase and go back. > > ChangeLog: > * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (addNewCodebase) ensure that > checkboxes update. (removeCodebase, updateCheckboxes) ensure UI updates are done on EDT. > > Thanks, > This should be ok to go. J. From aazores at icedtea.classpath.org Fri Mar 14 13:40:06 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Fri, 14 Mar 2014 13:40:06 +0000 Subject: /hg/icedtea-web: PolicyEditor fix checkbox UI updating on open Message-ID: changeset fdff61a60cc1 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fdff61a60cc1 author: Andrew Azores date: Fri Mar 14 09:39:56 2014 -0400 PolicyEditor fix checkbox UI updating on open * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (addNewCodebase) ensure that checkboxes update. (removeCodebase, updateCheckboxes) ensure UI updates are done on EDT. diffstat: ChangeLog | 6 + netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 83 ++++++--- 2 files changed, 59 insertions(+), 30 deletions(-) diffs (123 lines): diff -r aba4c18c4c64 -r fdff61a60cc1 ChangeLog --- a/ChangeLog Fri Mar 14 13:06:03 2014 +0100 +++ b/ChangeLog Fri Mar 14 09:39:56 2014 -0400 @@ -1,3 +1,9 @@ +2014-03-14 Andrew Azores + + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (addNewCodebase) ensure that checkboxes update. (removeCodebase, + updateCheckboxes) ensure UI updates are done on EDT. + 2014-03-14 Jiri Vanek Base implementation of Application-Library-Allowable-Codebase. Remember diff -r aba4c18c4c64 -r fdff61a60cc1 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Fri Mar 14 13:06:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Fri Mar 14 09:39:56 2014 -0400 @@ -478,10 +478,21 @@ model = codebase; } if (!existingCodebase) { - listModel.addElement(model); + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + listModel.addElement(model); + } + }); changesMade = true; } - list.setSelectedValue(model, true); + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + list.setSelectedValue(model, true); + updateCheckboxes(codebase); + } + }); } /** @@ -545,8 +556,14 @@ previousIndex = 0; } codebasePermissionsMap.remove(codebase); - listModel.removeElement(codebase); - list.setSelectedIndex(previousIndex); + final int fIndex = previousIndex; + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + listModel.removeElement(codebase); + list.setSelectedIndex(fIndex); + } + }); changesMade = true; } @@ -592,33 +609,39 @@ * @param codebase whose permissions to display */ private void updateCheckboxes(final String codebase) { - for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { - final JCheckBox box = checkboxMap.get(perm); - for (final ActionListener l : box.getActionListeners()) { - box.removeActionListener(l); + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { + final JCheckBox box = checkboxMap.get(perm); + for (final ActionListener l : box.getActionListeners()) { + box.removeActionListener(l); + } + initializeMapForCodebase(codebase); + final Map map = codebasePermissionsMap.get(codebase); + final boolean state; + if (map != null) { + final Boolean s = map.get(perm); + if (s != null) { + state = s; + } else { + state = false; + } + } else { + state = false; + } + box.setSelected(state); + box.addActionListener(new ActionListener() { + @Override + public void actionPerformed(final ActionEvent e) { + changesMade = true; + map.put(perm, box.isSelected()); + } + }); + } } - initializeMapForCodebase(codebase); - final Map map = codebasePermissionsMap.get(codebase); - final boolean state; - if (map != null) { - final Boolean s = map.get(perm); - if (s != null) { - state = s; - } else { - state = false; - } - } else { - state = false; - } - box.setSelected(state); - box.addActionListener(new ActionListener() { - @Override - public void actionPerformed(final ActionEvent e) { - changesMade = true; - map.put(perm, box.isSelected()); - } - }); - } + }); + } /** From jvanek at redhat.com Fri Mar 14 14:34:06 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 14 Mar 2014 15:34:06 +0100 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <53220A02.7090506@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> Message-ID: <5323135E.6070700@redhat.com> On 03/13/2014 08:41 PM, Andrew Azores wrote: > On 03/13/2014 03:08 PM, Andrew Azores wrote: >> Hi, >> >> This patch adds a button which summons a popup menu, currently with only one item, allowing the >> user to launch PolicyEditor directly from the warning dialog. The editor appears with the current >> applet's codebase added (if necessary) and pre-selected. This, along with the sandbox button and >> earlier patch allowing JNLPPolicy to use per-codebase policy entries and to reload at runtime, >> allows for easy configuration of fine grained permissions granted to an applet. >> >> Feedback/recommendations on the UI here are definitely welcome. At a later point, extra items will >> be added to the popup menu to allow for "this run only" temporary permissions to be granted to the >> applet. These choices will have to use a different mechanism for adding the permissions, however, >> since it won't be automatically handled by the JNLPPolicy/automatically reloaded by >> SecurityDelegate, as the policy file permissions are. (note the conspicuous lack of any code here >> to actually force a policy reload - this is already handled by the sandbox button and >> SecurityDelegate) >> >> Note that there is a visual bug with PolicyEditor where the checkboxes may not be updated >> correctly, and will be incorrectly blank when the currently selected codebase actually does have >> permissions assigned. This will be addressed separately. As a workaround, simply switch to "All >> applets" codebase, then back to the applet-specific one. The checkboxes will then correctly update. >> >> http://caff.de/applettest/Signed.html can serve as a test applet again. >> >> ChangeLog: >> Add button with popup menu to launch PolicyEditor >> * netx/net/sourceforge/jnlp/resources/Messages.properties: (ButPolicyEditorDropdown, >> CertWarnPolicyTip, CertWarnPolicyEditorItem): new messages >> * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (addComponents, >> setTextAndLabels, addButtons) refactored and split methods. (createPolicyPermissionsMenu) new >> method. (PolicyEditorLaunchListener) new ActionListener for advancedOptions button >> >> Thanks, >> > > Sorry, tiny update here. I noticed that there was a small "deadspot" in the middle of the new > button, which was apparently the popupmenu component, as clicking it caused PolicyEditor to appear. > It seems this was because the menu was added as a child component of the button. Adding the > component to the pane itself, which is the only change between this new patch and the previous one, > resolves this. The popup menu still appears in the same place and works fine as far as I can tell. > > Is there some better way to handle JPopupMenus? > > Thanks, > many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. I gave up an code a bit O:). So user experience: popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd. Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu on this pposition. Should work like charm. I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather? Interesting state - dialog appeared , I clicked "V" clicked show policy editor, it apeared, I clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal How does it behave for yes/no/cancel/close of policy editor? - small nit - other codebases in editor are confusing. Thanx! J. From jvanek at redhat.com Fri Mar 14 14:34:43 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 14 Mar 2014 15:34:43 +0100 Subject: [rfc][icedtea-web] New PartiallySigned Dialog In-Reply-To: <531DE32B.90300@redhat.com> References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com> <531DE32B.90300@redhat.com> Message-ID: <53231383.2050402@redhat.com> On 03/10/2014 05:07 PM, Andrew Azores wrote: > On 03/06/2014 11:19 AM, Jiri Vanek wrote: >> On 03/04/2014 11:07 PM, Andrew Azores wrote: >>> Hi, >>> >>> This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new >>> dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it >>> uses the same remembered action storage and has the same general look and feel. This dialog also >>> has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which >>> allows partially signed ones to also be run with only sandbox permissions. Some more security >>> info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a >>> new Help text for this dialog, but this can be written up separately IMO. Right now it will just >>> display the same Help as the Unsigned dialog. >>> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. I gave up an code a bit O:). And user experience is quite good. Will this get custom policies too? Othervise ok to go. From aazores at redhat.com Fri Mar 14 14:41:07 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 14 Mar 2014 10:41:07 -0400 (EDT) Subject: [rfc][icedtea-web] New PartiallySigned Dialog In-Reply-To: <53231383.2050402@redhat.com> References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com> <531DE32B.90300@redhat.com> <53231383.2050402@redhat.com> Message-ID: <635654798.4133357.1394808067678.JavaMail.zimbra@redhat.com> Yes, a custom policy button will be coming too. Thanks, Andrew A ----- Original Message ----- From: "Jiri Vanek" To: "Andrew Azores" Cc: "IcedTea" Sent: Friday, March 14, 2014 10:34:43 AM Subject: Re: [rfc][icedtea-web] New PartiallySigned Dialog On 03/10/2014 05:07 PM, Andrew Azores wrote: > On 03/06/2014 11:19 AM, Jiri Vanek wrote: >> On 03/04/2014 11:07 PM, Andrew Azores wrote: >>> Hi, >>> >>> This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new >>> dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it >>> uses the same remembered action storage and has the same general look and feel. This dialog also >>> has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which >>> allows partially signed ones to also be run with only sandbox permissions. Some more security >>> info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a >>> new Help text for this dialog, but this can be written up separately IMO. Right now it will just >>> display the same Help as the Unsigned dialog. >>> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. I gave up an code a bit O:). And user experience is quite good. Will this get custom policies too? Othervise ok to go. From aazores at icedtea.classpath.org Fri Mar 14 14:50:38 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Fri, 14 Mar 2014 14:50:38 +0000 Subject: /hg/icedtea-web: New PartiallySigned Dialog Message-ID: changeset 15bbdf43c1e7 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=15bbdf43c1e7 author: Andrew Azores date: Fri Mar 14 10:50:15 2014 -0400 New PartiallySigned Dialog Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. Also includes a Sandbox button. * netx/net/sourceforge/jnlp/resources/Messages.properties: (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet, LPartiallySignedAppletUserDenied) new messages. (SNotAllSignedSummary, SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially* * netx/net/sourceforge/jnlp/resources/Messages_cs.properties: (SNotAllSignedSummary, SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially* * netx/net/sourceforge/jnlp/resources/Messages_de.properties: same * netx/net/sourceforge/jnlp/resources/Messages_pl.properties: same * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Logic added for displaying new PartiallySigned dialog. (showNotAllSignedDialog) removed. (getSigningState) new method. (promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for SecurityDelegate. * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: (partiallySigned) new method * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java: (chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet title made overrideable by subclasses * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING) renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING) renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed. (showPartiallySignedWarningDialog) new method * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: Added Sandbox action * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: (checkPartiallySignedWithUserIfRequired) new method * tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java: test now passes since dialog will not appear if applet security is set to Low. KnownToFail removed. * tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java: same * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: new class * netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: deleted in favour of PartiallySignedAppTrustWarningPanel diffstat: ChangeLog | 41 ++ netx/net/sourceforge/jnlp/resources/Messages.properties | 9 +- netx/net/sourceforge/jnlp/resources/Messages_cs.properties | 6 +- netx/net/sourceforge/jnlp/resources/Messages_de.properties | 6 +- netx/net/sourceforge/jnlp/resources/Messages_pl.properties | 6 +- netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 53 ++- netx/net/sourceforge/jnlp/security/SecurityDialog.java | 55 +-- netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 43 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java | 8 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java | 50 +++ netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java | 115 -------- netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java | 6 + netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java | 27 +- netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java | 140 ++++++++++ tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java | 3 - tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java | 3 - 16 files changed, 350 insertions(+), 221 deletions(-) diffs (truncated from 919 to 500 lines): diff -r fdff61a60cc1 -r 15bbdf43c1e7 ChangeLog --- a/ChangeLog Fri Mar 14 09:39:56 2014 -0400 +++ b/ChangeLog Fri Mar 14 10:50:15 2014 -0400 @@ -1,3 +1,44 @@ +2014-03-14 Andrew Azores + + Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. + Also includes a Sandbox button. + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet, + LPartiallySignedAppletUserDenied) new messages. (SNotAllSignedSummary, + SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially* + * netx/net/sourceforge/jnlp/resources/Messages_cs.properties: (SNotAllSignedSummary, + SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially* + * netx/net/sourceforge/jnlp/resources/Messages_de.properties: same + * netx/net/sourceforge/jnlp/resources/Messages_pl.properties: same + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: + Logic added for displaying new PartiallySigned dialog. + (showNotAllSignedDialog) removed. (getSigningState) new method. + (promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for + SecurityDelegate. + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: + (partiallySigned) new method + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java: + (chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet + title made overrideable by subclasses + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING) + renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING) + renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed. + (showPartiallySignedWarningDialog) new method + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java: + Added Sandbox action + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: + (checkPartiallySignedWithUserIfRequired) new method + * tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java: + test now passes since dialog will not appear if applet security is set to Low. + KnownToFail removed. + * tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java: + same + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: + new class + * netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: deleted + in favour of PartiallySignedAppTrustWarningPanel + 2014-03-14 Andrew Azores * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Fri Mar 14 10:50:15 2014 -0400 @@ -127,6 +127,8 @@ LUnsignedApplet=The applet was unsigned. LUnsignedAppletPolicyDenied=The applet was unsigned, and the security policy prevented it from running. LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted. +LPartiallySignedApplet=The applet was partially signed. +LPartiallySignedAppletUserDenied=The applet was partially signed, and the user did not trust it. LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars. LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't. LRunInSandboxError=Run in Sandbox call performed too late. @@ -291,9 +293,9 @@ SUnsignedAllowedBefore=You have accepted this applet previously. SUnsignedRejectedBefore=You have rejected this applet previously. SUnsignedQuestion=Allow the applet to run? -SNotAllSignedSummary=Only parts of this application code are signed. -SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control. -SNotAllSignedQuestion=Do you wish to proceed and run this application anyway? +SPartiallySignedSummary=Only parts of this application code are signed. +SPartiallySignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control. +SPartiallySignedQuestion=Do you wish to proceed and run this application anyway? SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}" SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. SAppletTitle=Applet title: {0} @@ -755,6 +757,7 @@ APPEXTSECunsignedAppletActionAlways=Always trust this (matching) applet(s) APPEXTSECunsignedAppletActionNever=Never trust this (matching) applet(s) APPEXTSECunsignedAppletActionYes=This applet was visited and allowed +APPEXTSecunsignedAppletActionSandbox=This applet was visited and allowed to run with restricted privileges APPEXTSECunsignedAppletActionNo=This applet was visited and denied APPEXTSECControlPanelExtendedAppletSecurityTitle=Extended applet security APPEXTSECguiTableModelTableColumnAction=Action diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_cs.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Fri Mar 14 10:50:15 2014 -0400 @@ -232,9 +232,9 @@ SUnsignedAllowedBefore=Tento applet jste ji\u017e d\u0159\u00edve povolili. SUnsignedRejectedBefore=Tento applet jste ji\u017e d\u0159\u00edve odm\u00edtli. SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed appletu? -SNotAllSignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace. -SNotAllSignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele. -SNotAllSignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci? +SPartiallySignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace. +SPartiallySignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele. +SPartiallySignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci? SAuthenticationPrompt=Server {0} na adrese {1} vy\u017eaduje ov\u011b\u0159en\u00ed. Zpr\u00e1va: \u201e{2}\u201c SJNLPFileIsNotSigned=Tato aplikace obsahuje digit\u00e1ln\u00ed podpis, v r\u00e1mci kter\u00e9ho v\u0161ak nen\u00ed podeps\u00e1n spou\u0161t\u011bn\u00fd soubor JNLP. diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_de.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_de.properties Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages_de.properties Fri Mar 14 10:50:15 2014 -0400 @@ -244,9 +244,9 @@ SUnsignedAllowedBefore=Dieses Applet wurde bereits akzeptiert. SUnsignedRejectedBefore=Dieses Applet wurde bereits abgelehnt. SUnsignedQuestion=Soll dem Applet die Ausf\u00fchrung erlaubt werden? -SNotAllSignedSummary=Nur Teile des Anwendungscodes sind signiert. -SNotAllSignedDetail=Diese Anwendung enth\u00e4lt sowohl signierten als auch nicht signierten Code. W\u00e4hrend signierter Code sicher ist, wenn Sie dem Anbieter vertrauen, kann nicht signierter Code sich \u00fcber Code erstrecken, der sich der Kontrolle des Anbieters entzieht. -SNotAllSignedQuestion=Soll fortgefahren und diese Anwendung dennoch zur Ausf\u00fchrung gebracht werden? +SPartiallySignedSummary=Nur Teile des Anwendungscodes sind signiert. +SPartiallySignedDetail=Diese Anwendung enth\u00e4lt sowohl signierten als auch nicht signierten Code. W\u00e4hrend signierter Code sicher ist, wenn Sie dem Anbieter vertrauen, kann nicht signierter Code sich \u00fcber Code erstrecken, der sich der Kontrolle des Anbieters entzieht. +SPartiallySignedQuestion=Soll fortgefahren und diese Anwendung dennoch zur Ausf\u00fchrung gebracht werden? SAuthenticationPrompt=Der Server {0} von {1} fordert Authentifizierung an. Er sagt: \u201e{2}\u201c SJNLPFileIsNotSigned=Die Anwendung enth\u00e4lt eine digitale Signatur in der, die startende JNLP-Datei nicht signiert ist. diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_pl.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Fri Mar 14 10:50:15 2014 -0400 @@ -244,9 +244,9 @@ SUnsignedAllowedBefore=Zaakceptowa\u0142e\u015b ten applet poprzednio. SUnsignedRejectedBefore=Odrzuci\u0142e\u015b ten applet poprzednio. SUnsignedQuestion=Czy chcesz zezwoli\u0107 temu applet-owi na uruchomienie? -SNotAllSignedSummary=Zaledwie cz\u0119\u015bci kodu tej aplikacji s\u0105 podpisane. -SNotAllSignedDetail=Ta aplikacja zawiera zar\u00f3wno podpisany jak i niepodpisany kod. Cho\u0107 kod, kt\u00f3ry jest podpisany przez zaufanego dostawc\u0119 jest bezpieczny, niepodpisany kod mo\u017ce poci\u0105ga\u0107 za sob\u0105 kod, kt\u00f3ry jest poza kontrolnym zasi\u0119giem zaufanego dostawcy. -SNotAllSignedQuestion=Czy chcesz kontynuowa\u0107 i mimo to uruchomi\u0107 t\u0105 aplikacj\u0119? +SPartiallySignedSummary=Zaledwie cz\u0119\u015bci kodu tej aplikacji s\u0105 podpisane. +SPartiallySignedDetail=Ta aplikacja zawiera zar\u00f3wno podpisany jak i niepodpisany kod. Cho\u0107 kod, kt\u00f3ry jest podpisany przez zaufanego dostawc\u0119 jest bezpieczny, niepodpisany kod mo\u017ce poci\u0105ga\u0107 za sob\u0105 kod, kt\u00f3ry jest poza kontrolnym zasi\u0119giem zaufanego dostawcy. +SPartiallySignedQuestion=Czy chcesz kontynuowa\u0107 i mimo to uruchomi\u0107 t\u0105 aplikacj\u0119? SAuthenticationPrompt=Serwer {0} w \u201e{1}\u201d \u017c\u0105da uwierzytelnienia. Podaje komunikat: \u201e{2}\u201d SJNLPFileIsNotSigned=Ta aplikacja zawiera podpis cyfrowy, jednak startowany plik JNLP jest bez podpisu. diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Fri Mar 14 10:50:15 2014 -0400 @@ -15,7 +15,6 @@ package net.sourceforge.jnlp.runtime; -import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; import static net.sourceforge.jnlp.runtime.Translator.R; import java.io.File; @@ -65,6 +64,7 @@ import net.sourceforge.jnlp.ExtensionDesc; import net.sourceforge.jnlp.JARDesc; import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; import net.sourceforge.jnlp.JNLPMatcher; import net.sourceforge.jnlp.JNLPMatcherException; import net.sourceforge.jnlp.LaunchDesc; @@ -365,7 +365,9 @@ // the user was already shown a CertWarning dialog and has chosen to run the applet sandboxed. // This means they've already agreed to running the applet and have specified with which // permission level to do it! - if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) { + if (loader.getSigningState() == SigningState.PARTIAL) { + loader.securityDelegate.promptUserOnPartialSigning(); + } else if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) { UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file); } @@ -374,10 +376,9 @@ JNLPClassLoader extLoader = uniqueKeyToLoader.get(uniqueKey); if (extLoader != null && extLoader != loader) { - if (loader.getSigning() && !extLoader.getSigning()) - if (!SecurityDialogs.showNotAllSignedWarningDialog(file)) - throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo")); - + if (loader.getSigning() != extLoader.getSigning()) { + loader.securityDelegate.promptUserOnPartialSigning(); + } loader.merge(extLoader); extLoader.decrementLoaderUseCount(); // loader urls have been merged, ext loader is no longer used } @@ -1055,7 +1056,7 @@ return; } - if (jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) { + if (getSigningState() == SigningState.FULL && jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) { jcv.checkTrustWithUser(securityDelegate, file); } } @@ -1077,21 +1078,6 @@ } /** - * Display a dialog prompting the user to proceed on applets with mixed signing. - * @param file the JNLPFile or PluginBridge describing the applet/application to be launched - * @throws LaunchException if the user does not approve the prompt - */ - private void showNotAllSignedDialog(JNLPFile file) throws LaunchException { - if (JNLPRuntime.isTrustAll()) { - return; - } - - if (!SecurityDialogs.showNotAllSignedWarningDialog(file)) { - throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo")); - } - } - - /** * Add applet's codebase URL. This allows compatibility with * applets that load resources from their codebase instead of * through JARs, but can slow down resource loading. Resources @@ -1921,7 +1907,7 @@ if (signing == SigningState.FULL && JNLPRuntime.isVerifying()) { signing = SigningState.PARTIAL; try { - showNotAllSignedDialog(this.file); + securityDelegate.promptUserOnPartialSigning(); } catch (LaunchException e) { throw new RuntimeException("The signed applet required loading of unsigned code from the codebase, " + "which the user refused", e); @@ -1929,6 +1915,10 @@ } } + public SigningState getSigningState() { + return signing; + } + protected SecurityDesc getSecurity() { return security; } @@ -2314,6 +2304,8 @@ public static interface SecurityDelegate { public boolean isPluginApplet(); + public boolean userPromptedForPartialSigning(); + public boolean userPromptedForSandbox(); public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost); @@ -2322,6 +2314,8 @@ public SecurityDesc getJarPermissions(final String codebaseHost); + public void promptUserOnPartialSigning() throws LaunchException; + public void setRunInSandbox() throws LaunchException; public boolean getRunInSandbox(); @@ -2424,6 +2418,7 @@ public static class SecurityDelegateImpl implements SecurityDelegate { private final JNLPClassLoader classLoader; private boolean runInSandbox; + private boolean promptedForPartialSigning; private boolean promptedForSandbox; public SecurityDelegateImpl(final JNLPClassLoader classLoader) { @@ -2530,10 +2525,22 @@ this.runInSandbox = true; } + public void promptUserOnPartialSigning() throws LaunchException { + if (promptedForPartialSigning || JNLPRuntime.isTrustAll()) { + return; + } + promptedForPartialSigning = true; + UnsignedAppletTrustConfirmation.checkPartiallySignedWithUserIfRequired(this, classLoader.file, classLoader.jcv); + } + public boolean getRunInSandbox() { return this.runInSandbox; } + public boolean userPromptedForPartialSigning() { + return this.promptedForPartialSigning; + } + public boolean userPromptedForSandbox() { return this.promptedForSandbox; } diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Fri Mar 14 10:50:15 2014 -0400 @@ -37,35 +37,34 @@ package net.sourceforge.jnlp.security; -import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel; -import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel; -import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel; -import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; -import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; -import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane; -import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.UnsignedAppletTrustWarningDialog; -import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane; -import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel; -import net.sourceforge.jnlp.security.dialogs.CertWarningPane; -import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane; -import net.sourceforge.jnlp.security.dialogs.CertsInfoPane; -import net.sourceforge.jnlp.security.dialogs.MoreInfoPane; +import java.awt.BorderLayout; +import java.awt.event.ActionListener; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; +import java.security.cert.X509Certificate; +import java.util.List; +import java.util.concurrent.CopyOnWriteArrayList; + +import javax.swing.JDialog; + import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; +import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; +import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; +import net.sourceforge.jnlp.security.dialogs.CertWarningPane; +import net.sourceforge.jnlp.security.dialogs.CertsInfoPane; +import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel; +import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel; +import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel; +import net.sourceforge.jnlp.security.dialogs.MoreInfoPane; +import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane; +import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel; +import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningDialog; import net.sourceforge.jnlp.util.ImageResources; - -import java.awt.*; - -import javax.swing.*; - -import java.awt.event.*; -import java.security.cert.X509Certificate; -import java.util.concurrent.CopyOnWriteArrayList; - -import java.util.List; +import net.sourceforge.jnlp.util.ScreenFinder; import net.sourceforge.jnlp.util.logging.OutputController; -import net.sourceforge.jnlp.util.ScreenFinder; /** * Provides methods for showing security warning dialogs for a wide range of @@ -241,7 +240,7 @@ dialogTitle = "Security Warning"; else if (dialogType == DialogType.APPLET_WARNING) dialogTitle = "Applet Warning"; - else if (dialogType == DialogType.NOTALLSIGNED_WARNING) + else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING) dialogTitle = "Security Warning"; else if (dialogType == DialogType.AUTHENTICATION) dialogTitle = "Authentication Required"; @@ -314,10 +313,10 @@ panel = new AccessWarningPane(this, extras, this.certVerifier); else if (dialogType == DialogType.APPLET_WARNING) panel = new AppletWarningPane(this, this.certVerifier); - else if (dialogType == DialogType.NOTALLSIGNED_WARNING) - panel = new NotAllSignedWarningPane(this); + else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING) + panel = AppTrustWarningDialog.partiallySigned(this, file); else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above - panel = new UnsignedAppletTrustWarningDialog(this, file); + panel = AppTrustWarningDialog.unsigned(this, file); else if (dialogType == DialogType.AUTHENTICATION) panel = new PasswordAuthenticationPane(this, extras); else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING) diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Fri Mar 14 10:50:15 2014 -0400 @@ -78,7 +78,7 @@ CERT_INFO, SINGLE_CERT_INFO, ACCESS_WARNING, - NOTALLSIGNED_WARNING, + PARTIALLYSIGNED_WARNING, UNSIGNED_WARNING, /* requires confirmation with 'high-security' setting */ APPLET_WARNING, AUTHENTICATION, @@ -98,7 +98,7 @@ NETWORK, VERIFIED, UNVERIFIED, - NOTALLSIGNED, + PARTIALLYSIGNED, UNSIGNED, /* requires confirmation with 'high-security' setting */ SIGNING_ERROR } @@ -163,29 +163,6 @@ } /** - * Shows a warning dialog for when the main application jars are signed, - * but extensions aren't - * - * @return true if permission was granted by the user, false otherwise. - */ - public static boolean showNotAllSignedWarningDialog(JNLPFile file) { - - if (!shouldPromptUser()) { - return false; - } - - final SecurityDialogMessage message = new SecurityDialogMessage(); - message.dialogType = DialogType.NOTALLSIGNED_WARNING; - message.accessType = AccessType.NOTALLSIGNED; - message.file = file; - message.extras = new Object[0]; - - Object selectedValue = getUserResponse(message); - - return getIntegerResponseAsBoolean(selectedValue); - } - - /** * Shows a warning dialog for when a plugin applet is unsigned. * This is used with 'high-security' setting. * @@ -238,6 +215,22 @@ } /** + * Shows a warning dialog for when an applet or application is partially signed. + * + * @return true if permission was granted by the user, false otherwise. + */ + public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier) { + + final SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.PARTIALLYSIGNED_WARNING; + message.accessType = AccessType.PARTIALLYSIGNED; + message.file = file; + message.certVerifier = certVerifier; + + return (AppSigningWarningAction) getUserResponse(message); + } + + /** * Present a dialog to the user asking them for authentication information, * and returns the user's response. The caller must have * NetPermission("requestPasswordAuthentication") for this to work. diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java --- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java Fri Mar 14 10:50:15 2014 -0400 @@ -39,7 +39,7 @@ public enum ExecuteAppletAction { - ALWAYS, NEVER, YES, NO; + ALWAYS, NEVER, YES, SANDBOX, NO; public String toChar() { switch (this) { @@ -49,6 +49,8 @@ return "N"; case YES: return "y"; + case SANDBOX: + return "s"; case NO: return "n"; } @@ -63,6 +65,8 @@ return Translator.R("APPEXTSECunsignedAppletActionNever"); case YES: return Translator.R("APPEXTSECunsignedAppletActionYes"); + case SANDBOX: + return Translator.R("APPEXTSECunsignedAppletActionSandbox"); case NO: return Translator.R("APPEXTSECunsignedAppletActionNo"); } @@ -76,6 +80,8 @@ return ExecuteAppletAction.NEVER; } else if (s.startsWith("y")) { return ExecuteAppletAction.YES; + } else if (s.startsWith("s")) { + return ExecuteAppletAction.SANDBOX; } else if (s.startsWith("n")) { return ExecuteAppletAction.NO; } else { diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java --- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Fri Mar 14 09:39:56 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Fri Mar 14 10:50:15 2014 -0400 @@ -48,6 +48,8 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.runtime.JNLPRuntime; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; import net.sourceforge.jnlp.security.CertVerifier; import net.sourceforge.jnlp.security.SecurityDialogs; @@ -212,4 +214,52 @@ } + public static void checkPartiallySignedWithUserIfRequired(SecurityDelegate securityDelegate, JNLPFile file, + CertVerifier certVerifier) throws LaunchException { + + if (JNLPRuntime.isTrustNone()) { + OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " with only Sandbox permissions due to -Xtrustnone flag"); + securityDelegate.setRunInSandbox(); + return; + } + + if (!unsignedConfirmationIsRequired()) { + OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " does not require confirmation according to security policy."); + return; + } From stefan.reich.maker.of.eye at googlemail.com Fri Mar 14 15:52:52 2014 From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich) Date: Fri, 14 Mar 2014 16:52:52 +0100 Subject: How to have WebStart create start menu items (on Linux)? In-Reply-To: <20140312160430.GG2062@redhat.com> References: <20140312160430.GG2062@redhat.com> Message-ID: Hi Omair! On Wed, Mar 12, 2014 at 5:04 PM, Omair Majid wrote: > Hi, > > * Stefan Reich [2014-03-09 > 11:13]: > > I have successfully deployed a WebStart app on both Windows and IcedTea. > > Good to hear! > Yes... it's a very important milestone! I want to conquer desktops all over the world :-) Build trust and such! > > > Just about the only thing I'm missing (- apart from a certificate from a > CA > > that I can afford - ) is to place entries in the start menu. > > > > But anyways - WebStart/IcedTea should be able to do it, right? I am > getting a > > desktop short cut alright, just none in the start menu. > > I think this feature is currently un-implemented [1]. If you can provide > patches, I am sure we will try and incorporate them. > Oh. Yeah it looks unimplemented anyway. > > The implementation of menus is described in the Desktop Menu > Specification [2]. > It looks... daunting :/ I'd love to do it, but I think I'll need to write an AI to solve this. Hah :-) Many greetings, Stefan -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Fri Mar 14 16:00:28 2014 From: aazores at redhat.com (Andrew Azores) Date: Fri, 14 Mar 2014 12:00:28 -0400 (EDT) Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <5323135E.6070700@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> Message-ID: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> > many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. > > I gave up an code a bit O:). So user experience: > > > popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd. > Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu > on this pposition. Should work like charm. This seems to work well, thanks for the tip. > > I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather? I tried using an image now but wasn't really happy with the results. I've changed it instead to a unicode character that looks like the three horizontal line overflow menu icon that's being used by iOS and Android. I think it's pretty nice although the button is still a bit wide. > > Interesting state - dialog appeared , I clicked "V" clicked show policy editor, it apeared, I > clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it as a modal dialog? > > How does it behave for yes/no/cancel/close of policy editor? The CertWarningPane doesn't know about this at all. All it knows about is if it has a PolicyEditor reference, and if it does, if the editor is still open or has been closed. > - small nit - other codebases in editor are confusing. > > > Thanx! > J. > I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase when there are also others present in the policy file. Thanks, Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-in-dialog-5.patch Type: text/x-patch Size: 14236 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Sat Mar 15 01:07:21 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 15 Mar 2014 01:07:21 +0000 Subject: [Bug 1699] [IcedTea7] Support building the SunEC provider with system NSS In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|[IcedTea7] Supporting |[IcedTea7] Support building |building the SunEC provider |the SunEC provider with |with system NSS |system NSS -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Sat Mar 15 09:51:24 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 15 Mar 2014 09:51:24 +0000 Subject: [Bug 1699] [IcedTea7] Support building the SunEC provider with system NSS In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea7-forest/jdk?cmd=changeset;node=9341cc31ced6 author: andrew date: Sat Mar 15 01:07:27 2014 +0000 PR1699: Support building the SunEC provider with system NSS -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ptisnovs at icedtea.classpath.org Mon Mar 17 10:47:15 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 17 Mar 2014 10:47:15 +0000 Subject: /hg/gfx-test: Eight helper methods added into CommonBitmapOperat... Message-ID: changeset e459010f5534 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=e459010f5534 author: Pavel Tisnovsky date: Mon Mar 17 11:47:56 2014 +0100 Eight helper methods added into CommonBitmapOperations. diffstat: ChangeLog | 5 + src/org/gfxtest/framework/CommonBitmapOperations.java | 218 +++++++++++++++++- 2 files changed, 222 insertions(+), 1 deletions(-) diffs (296 lines): diff -r 2ffb2f873ec8 -r e459010f5534 ChangeLog --- a/ChangeLog Fri Mar 14 13:29:36 2014 +0100 +++ b/ChangeLog Mon Mar 17 11:47:56 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-17 Pavel Tisnovsky + + * src/org/gfxtest/framework/CommonBitmapOperations.java: + Eight helper methods added into CommonBitmapOperations. + 2014-03-14 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltUsingBgColor.java: diff -r 2ffb2f873ec8 -r e459010f5534 src/org/gfxtest/framework/CommonBitmapOperations.java --- a/src/org/gfxtest/framework/CommonBitmapOperations.java Fri Mar 14 13:29:36 2014 +0100 +++ b/src/org/gfxtest/framework/CommonBitmapOperations.java Mon Mar 17 11:47:56 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2010, 2011, 2012, 2013 Red Hat + Copyright (C) 2010, 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. @@ -1668,6 +1668,33 @@ } /** + * Create new buffered image containing horizontal grayscale gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithHorizontalGrayscaleGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createHorizontalGrayscaleGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing vertical grayscale gradient and then perform basic BitBlt test. * * @param image @@ -1720,6 +1747,33 @@ } /** + * Create new buffered image containing vertical grayscale gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithVerticalGrayscaleGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createVerticalGrayscaleGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing horizontal red gradient and then perform basic BitBlt test. * * @param image @@ -1772,6 +1826,33 @@ } /** + * Create new buffered image containing horizontal red gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithHorizontalRedGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createHorizontalRedGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing vertical red gradient and then perform basic BitBlt test. * * @param image @@ -1824,6 +1905,33 @@ } /** + * Create new buffered image containing vertical red gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithVerticalRedGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createVerticalRedGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing horizontal blue gradient and then perform basic BitBlt test. * * @param image @@ -1876,6 +1984,33 @@ } /** + * Create new buffered image containing horizontal blue gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithHorizontalBlueGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createHorizontalBlueGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing vertical blue gradient and then perform basic BitBlt test. * * @param image @@ -1928,6 +2063,33 @@ } /** + * Create new buffered image containing vertical blue gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithVerticalBlueGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createVerticalBlueGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing horizontal green gradient and then perform basic BitBlt test. * * @param image @@ -1980,6 +2142,33 @@ } /** + * Create new buffered image containing horizontal green gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithHorizontalGreenGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createHorizontalGreenGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing vertical green gradient and then perform basic BitBlt test. * * @param image @@ -2032,6 +2221,33 @@ } /** + * Create new buffered image containing vertical green gradient and then perform + * basic BitBlt test. + * + * @param image + * image to which another image is to be drawn + * @param graphics2d + * graphics canvas + * @param imageType + * type of the created image + * @param rop + * selected raster operation + */ + public static TestResult doBitBltTestWithVerticalGreenGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop) + { + // create new buffered bitmap with given type + // bitmap should contains checker pattern + BufferedImage bufferedImage = ImageFactory.createVerticalGreenGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType); + // basic check if buffered image was created + if (bufferedImage == null) + { + return TestResult.FAILED; + } + // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp + return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED; + } + + /** * Create new buffered image containing horizontal yellow gradient and then perform basic BitBlt test. * * @param image From ptisnovs at icedtea.classpath.org Mon Mar 17 10:54:07 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 17 Mar 2014 10:54:07 +0000 Subject: /hg/rhino-tests: Two new tests added into CompiledScriptClassTes... Message-ID: changeset e21fefd231df in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=e21fefd231df author: Pavel Tisnovsky date: Mon Mar 17 11:54:49 2014 +0100 Two new tests added into CompiledScriptClassTest test suite. diffstat: ChangeLog | 5 +++++ src/org/RhinoTests/CompiledScriptClassTest.java | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+), 0 deletions(-) diffs (40 lines): diff -r 39b90cb1bd47 -r e21fefd231df ChangeLog --- a/ChangeLog Fri Mar 14 13:14:58 2014 +0100 +++ b/ChangeLog Mon Mar 17 11:54:49 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-17 Pavel Tisnovsky + + * src/org/RhinoTests/CompiledScriptClassTest.java: + Two new tests added into CompiledScriptClassTest test suite. + 2014-03-14 Pavel Tisnovsky * src/org/RhinoTests/ScriptContextClassTest.java: diff -r 39b90cb1bd47 -r e21fefd231df src/org/RhinoTests/CompiledScriptClassTest.java --- a/src/org/RhinoTests/CompiledScriptClassTest.java Fri Mar 14 13:14:58 2014 +0100 +++ b/src/org/RhinoTests/CompiledScriptClassTest.java Mon Mar 17 11:54:49 2014 +0100 @@ -2066,6 +2066,24 @@ } /** + * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.CompiledScript.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.compiledScriptClass.toString(); + assertEquals("class javax.script.CompiledScript", asString, "wrong toString() return value"); + } + + /** * Test for instanceof operator applied to a class javax.script.CompiledScript */ @SuppressWarnings("cast") From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 10:54:31 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 10:54:31 +0000 Subject: [Bug 1467] Java emits Concurrency Exception when PulseAudio is called to emit sound In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1467 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/heapstats?cmd=changeset;node=48dc7c3ceee5 author: Yasumasa Suenaga date: Mon Mar 17 19:52:20 2014 +0900 Bug 1467: Full mode log archiving does not work when using fifo pipe for gc log reviewed-by: ykubota, shintak -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 10:54:53 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 10:54:53 +0000 Subject: [Bug 1467] Java emits Concurrency Exception when PulseAudio is called to emit sound In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1467 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/heapstats-1.1?cmd=changeset;node=6086194b2867 author: Yasumasa Suenaga date: Mon Mar 17 19:52:45 2014 +0900 Bug 1467: Full mode log archiving does not work when using fifo pipe for gc log reviewed-by: ykubota, shintak -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:19:02 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:19:02 +0000 Subject: [Bug 1710] New: Crash SIGSEGV in C2 Compilerthread when compiling one specific method Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 Bug ID: 1710 Summary: Crash SIGSEGV in C2 Compilerthread when compiling one specific method Product: IcedTea Version: 6-1.13.1 Hardware: x86_64 OS: Linux Status: NEW Severity: major Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: stefan at huehner.org CC: unassigned at icedtea.classpath.org Since a openjdk/icedtea update in an ubuntu 10.04 instance from version 6b27-1.12.6-1ubuntu0.10.04.4 to version 6b30-1.13.1-1ubuntu2~0.10.04.1 we are seeing a jvm crash always when exporting one specific JasperReports report with some dataset to HTMl. Attached is a extracted small code which reliably triggers the crash. The crash can be observed on: Ubuntu 10.04 (6b30-1.13.1-1ubuntu2~0.10.04.1 ) OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1ubuntu2~0.10.04.1) Ubuntu 12.04 OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1ubuntu2~0.12.04.1) Debian/unstable OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1) OpenJDK Runtime Environment (IcedTea 2.4.5) (7u51-2.4.5-2) Java(TM) SE Runtime Environment (build 1.7.0_51-b13) (oracle binary jdk) Using the following versions the crash cannot be triggered with the code below: OpenJDK Runtime Environment (IcedTea6 1.12.6) (6b27-1.12.6-1ubuntu0.10.04.4) OpenJDK Runtime Environment (IcedTea6 1.12.6) (6b27-1.12.6-1ubuntu0.12.04.4) Also the crash can be worked around by specifying the following extra parameter for the jvm: -XX:CompileCommand=exclude,net/sf/jasperreports/engine/export/JRGridLayout,horizontallyMergeEmptyCells As the jvm internal c++ stacktrace is a bit different in those cases crash logs of each case are attached below. How to call reproducer: java -cp lib/runtime/*:build/classes/ org.openbravo.JasperC2CompilerCrash The triggering method net.sf.jasperreports.engine.export.JRGridLayout::horizontallyMergeEmptyCells is inside the jasperreports library. The sourcecode for that library (if needed) can be downloaded here: net.sf.jasperreports.engine.export.JRGridLayout::horizontallyMergeEmptyCells -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:21:36 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:21:36 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #1 from Stefan Huehner --- Created attachment 1046 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1046&action=edit Crashlog: ubuntu 10.04 openjdk6, 6b30, 1.13.1 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:22:00 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:22:00 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #2 from Stefan Huehner --- Created attachment 1047 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1047&action=edit Crashlog: ubuntu 12.04 openjdk6, 6b30, 1.13.1 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:22:38 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:22:38 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #3 from Stefan Huehner --- Created attachment 1048 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1048&action=edit Crashlog: debian/unstable openjdk6, 6b30, 1.13.1 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:23:15 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:23:15 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #4 from Stefan Huehner --- Created attachment 1049 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1049&action=edit Crashlog: debian/unstable openjdk7, 7u51-2.4.5 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:23:42 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:23:42 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #5 from Stefan Huehner --- Created attachment 1050 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1050&action=edit Crashlog: debian/unstable oracle-binary jdk 7u51 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:25:54 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:25:54 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 Stefan Huehner changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |http://huehner.org/temp/ice | |dtea-bug-1710/bugreport-rep | |roducer.tar.gz --- Comment #6 from Stefan Huehner --- Reproducer contains copy of binary jar of jasperreports as it too big (3.4MB) for an attachment here. Find it at this url : http://huehner.org/temp/icedtea-bug-1710/bugreport-reproducer.tar.gz -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aph at redhat.com Mon Mar 17 11:42:11 2014 From: aph at redhat.com (Andrew Haley) Date: Mon, 17 Mar 2014 11:42:11 +0000 Subject: Re-enable ARM32 JIT compiler Message-ID: <5326DF93.7080003@redhat.com> The bug was actually in the asm interpreter, but it broke the JIT. Here: @@ -870,7 +873,7 @@ SLOW_ENTRY empty_entry: - ldrh r3, [r0, #42] + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] This code adjusts the stack pointer after an empty method is called. 42 is wrong: it should be the field offset of methodOopDesc::_size_of_parameters. While I was at it I found a couple more literals and changed them to symbolic names. I also took the opportunity to fix a few bugs. I made the tracing code more robust, and commented out some debugging calls that slow down the interpreter. I also fixed a bug in the helper routines that were using a static local to hold the address of the card table base: this is pointlessly slower than using a non-static local. Andrew. # HG changeset patch # User aph # Date 1395056000 0 # Node ID 2de808a5820a68b390d05ab56934dbca8dbd9dcf # Parent 720c95f2266397040d878e255015b638d63c8c56 Re-enable ARM32 JIT compiler. Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. Fix trace code not to dereference null pointers. Correct Helper_aputfield and helper_aastore not to use static _byte_map_base. Comment-out calls to TRACE. Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when JITting fails. diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/asm_helper.cpp --- a/src/cpu/zero/vm/asm_helper.cpp Thu Feb 20 15:02:19 2014 +0000 +++ b/src/cpu/zero/vm/asm_helper.cpp Mon Mar 17 11:33:20 2014 +0000 @@ -378,22 +378,16 @@ goto handle_exception; } } - oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)); - // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)) = value; - *elem_loc = value; - // Mark the card - BarrierSet* bs = Universe::heap()->barrier_set(); - static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); - OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >> CardTableModRefBS::card_shift], 0); + ((objArrayOopDesc *) arrayref)->obj_at_put(index, value); } handle_exception: return istate->thread()->pending_exception(); } -extern "C" void Helper_aputfield(oop obj) +extern "C" void Helper_aputfield(oop obj, oop val, int offset) { BarrierSet* bs = Universe::heap()->barrier_set(); - static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); + jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base); OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >> CardTableModRefBS::card_shift], 0); } diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/cppInterpreter_arm.S --- a/src/cpu/zero/vm/cppInterpreter_arm.S Thu Feb 20 15:02:19 2014 +0000 +++ b/src/cpu/zero/vm/cppInterpreter_arm.S Mon Mar 17 11:33:20 2014 +0000 @@ -526,10 +526,13 @@ mrs r4, cpsr mov r0, jpc ldr r1, [thread, #THREAD_TOP_ZERO_FRAME] + cmp r1, #0 sub r1, r1, #ISTATE_NEXT_FRAME + beq 0f + DECACHE_JPC ldr r2, =my_trace blx r2 - msr cpsr, r4 +0: msr cpsr, r4 ldmfd sp!, {r0, r1, r2, r3, r4, ip, lr} .endm @@ -551,7 +554,7 @@ .elseif dispatch_state == 4 DISPATCH_4 .endif - TRACE +@ TRACE moveq pc, ip ldrb r1, [jpc, lr] bic ip, ip, #7 @@ -561,7 +564,7 @@ .endm .macro DISPATCH_BYTECODE - TRACE +@ TRACE @ ldrb r1, [jpc, #2] ldr ip, [dispatch, r0, lsl #2] ldrb r2, [jpc, #1] @@ -870,7 +873,7 @@ SLOW_ENTRY empty_entry: - ldrh r3, [r0, #42] + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] ldr r1, [r2, #THREAD_JAVA_SP] add r1, r1, r3, lsl #2 str r1, [r2, #THREAD_JAVA_SP] @@ -879,7 +882,7 @@ FAST_ENTRY fast_empty_entry: - ldrh r3, [r0, #42] + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] ldr r1, [thread, #THREAD_JAVA_SP] add r1, r1, r3, lsl #2 str r1, [thread, #THREAD_JAVA_SP] @@ -1081,7 +1084,7 @@ ldr r1, [thread, #THREAD_STACK_SIZE] ldr r3, [thread, #THREAD_STACK_BASE] - add r0, r9, #72 + add r0, r9, #ISTATE_NEXT_FRAME rsb r3, r1, r3 rsb r3, r3, arm_sp @@ -1104,7 +1107,7 @@ str r5, [thread, #THREAD_LAST_JAVA_FP] ldr r5, [thread, #THREAD_JAVA_SP] str r5, [thread, #THREAD_LAST_JAVA_SP] - ldr r11, [r11, #-72 + ISTATE_METHOD] + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] cmp r1, #0 bne .fast_native_entry_exception ldr r5, [r11, #METHOD_SIGNATUREHANDLER] @@ -1127,7 +1130,7 @@ ldr r11, [thread, #THREAD_TOP_ZERO_FRAME] ldr r1, [thread, #THREAD_PENDING_EXC] mov r3, #0 - ldr r11, [r11, #-72 + ISTATE_METHOD] + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] cmp r1, #0 str r3, [thread, #THREAD_LAST_JAVA_SP] str r3, [thread, #THREAD_LAST_JAVA_FP] @@ -3353,12 +3356,12 @@ str locals, [istate, #ISTATE_LOCALS] USEC cmp r3, lr str constpool, [istate, #ISTATE_CONSTANTS] + str tmp1, [istate, #ISTATE_METHOD] + str istate, [istate, #ISTATE_SELF_LINK] USEC bcs method_entry_freq_count_overflow DISPATCH_NEXT DISPATCH_NEXT DISPATCH_NEXT - str tmp1, [istate, #ISTATE_METHOD] - str istate, [istate, #ISTATE_SELF_LINK] @ mov lr, #0 @ str lr, [istate, #ISTATE_PREV_LINK] @ str lr, [istate, #ISTATE_CALLEE] From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 11:46:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 11:46:05 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 --- Comment #7 from Stefan Huehner --- The following jdk8 early access build does NOT trigger the crash with the attached reproducer /opt/jvm/jdk1.8.0_b132/bin/java -version java version "1.8.0" Java(TM) SE Runtime Environment (build 1.8.0-b132) Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode) -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 12:00:35 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 12:00:35 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 Andrew Haley changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aph at redhat.com Assignee|gnu.andrew at redhat.com |aph at redhat.com -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnu.andrew at redhat.com Mon Mar 17 12:31:38 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Mon, 17 Mar 2014 08:31:38 -0400 (EDT) Subject: Re-enable ARM32 JIT compiler In-Reply-To: <5326DF93.7080003@redhat.com> References: <5326DF93.7080003@redhat.com> Message-ID: <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com> ----- Original Message ----- > The bug was actually in the asm interpreter, but it broke the JIT. > Here: > > @@ -870,7 +873,7 @@ > > SLOW_ENTRY > empty_entry: > - ldrh r3, [r0, #42] > + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] > > This code adjusts the stack pointer after an empty method is called. > 42 is wrong: it should be the field offset of > methodOopDesc::_size_of_parameters. While I was at it I found a > couple more literals and changed them to symbolic names. > > I also took the opportunity to fix a few bugs. I made the tracing > code more robust, and commented out some debugging calls that slow > down the interpreter. I also fixed a bug in the helper routines that > were using a static local to hold the address of the card table base: > this is pointlessly slower than using a non-static local. > > Andrew. > > > # HG changeset patch > # User aph > # Date 1395056000 0 > # Node ID 2de808a5820a68b390d05ab56934dbca8dbd9dcf > # Parent 720c95f2266397040d878e255015b638d63c8c56 > Re-enable ARM32 JIT compiler. > > Replace literal offsets for METHOD_SIZEOFPARAMETERS and > ISTATE_NEXT_FRAME with correct symbolic names. > Fix trace code not to dereference null pointers. > Correct Helper_aputfield and helper_aastore not to use static > _byte_map_base. > Comment-out calls to TRACE. > Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when > JITting fails. > > diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/asm_helper.cpp > --- a/src/cpu/zero/vm/asm_helper.cpp Thu Feb 20 15:02:19 2014 +0000 > +++ b/src/cpu/zero/vm/asm_helper.cpp Mon Mar 17 11:33:20 2014 +0000 > @@ -378,22 +378,16 @@ > goto handle_exception; > } > } > - oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index * > sizeof(oop)); > - // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)) > = value; > - *elem_loc = value; > - // Mark the card > - BarrierSet* bs = Universe::heap()->barrier_set(); > - static volatile jbyte* _byte_map_base = (volatile > jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); > - OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >> > CardTableModRefBS::card_shift], 0); > + ((objArrayOopDesc *) arrayref)->obj_at_put(index, value); > } > handle_exception: > return istate->thread()->pending_exception(); > } > > -extern "C" void Helper_aputfield(oop obj) > +extern "C" void Helper_aputfield(oop obj, oop val, int offset) > { > BarrierSet* bs = Universe::heap()->barrier_set(); > - static volatile jbyte* _byte_map_base = (volatile > jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); > + jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base); > OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >> > CardTableModRefBS::card_shift], 0); > } > > diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/cppInterpreter_arm.S > --- a/src/cpu/zero/vm/cppInterpreter_arm.S Thu Feb 20 15:02:19 2014 +0000 > +++ b/src/cpu/zero/vm/cppInterpreter_arm.S Mon Mar 17 11:33:20 2014 +0000 > @@ -526,10 +526,13 @@ > mrs r4, cpsr > mov r0, jpc > ldr r1, [thread, #THREAD_TOP_ZERO_FRAME] > + cmp r1, #0 > sub r1, r1, #ISTATE_NEXT_FRAME > + beq 0f > + DECACHE_JPC > ldr r2, =my_trace > blx r2 > - msr cpsr, r4 > +0: msr cpsr, r4 > ldmfd sp!, {r0, r1, r2, r3, r4, ip, lr} > .endm > > @@ -551,7 +554,7 @@ > .elseif dispatch_state == 4 > DISPATCH_4 > .endif > - TRACE > +@ TRACE > moveq pc, ip > ldrb r1, [jpc, lr] > bic ip, ip, #7 > @@ -561,7 +564,7 @@ > .endm > > .macro DISPATCH_BYTECODE > - TRACE > +@ TRACE > @ ldrb r1, [jpc, #2] > ldr ip, [dispatch, r0, lsl #2] > ldrb r2, [jpc, #1] > @@ -870,7 +873,7 @@ > > SLOW_ENTRY > empty_entry: > - ldrh r3, [r0, #42] > + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] > ldr r1, [r2, #THREAD_JAVA_SP] > add r1, r1, r3, lsl #2 > str r1, [r2, #THREAD_JAVA_SP] > @@ -879,7 +882,7 @@ > > FAST_ENTRY > fast_empty_entry: > - ldrh r3, [r0, #42] > + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] > ldr r1, [thread, #THREAD_JAVA_SP] > add r1, r1, r3, lsl #2 > str r1, [thread, #THREAD_JAVA_SP] > @@ -1081,7 +1084,7 @@ > > ldr r1, [thread, #THREAD_STACK_SIZE] > ldr r3, [thread, #THREAD_STACK_BASE] > - add r0, r9, #72 > + add r0, r9, #ISTATE_NEXT_FRAME > > rsb r3, r1, r3 > rsb r3, r3, arm_sp > @@ -1104,7 +1107,7 @@ > str r5, [thread, #THREAD_LAST_JAVA_FP] > ldr r5, [thread, #THREAD_JAVA_SP] > str r5, [thread, #THREAD_LAST_JAVA_SP] > - ldr r11, [r11, #-72 + ISTATE_METHOD] > + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] > cmp r1, #0 > bne .fast_native_entry_exception > ldr r5, [r11, #METHOD_SIGNATUREHANDLER] > @@ -1127,7 +1130,7 @@ > ldr r11, [thread, #THREAD_TOP_ZERO_FRAME] > ldr r1, [thread, #THREAD_PENDING_EXC] > mov r3, #0 > - ldr r11, [r11, #-72 + ISTATE_METHOD] > + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] > cmp r1, #0 > str r3, [thread, #THREAD_LAST_JAVA_SP] > str r3, [thread, #THREAD_LAST_JAVA_FP] > @@ -3353,12 +3356,12 @@ > str locals, [istate, #ISTATE_LOCALS] > USEC cmp r3, lr > str constpool, [istate, #ISTATE_CONSTANTS] > + str tmp1, [istate, #ISTATE_METHOD] > + str istate, [istate, #ISTATE_SELF_LINK] > USEC bcs method_entry_freq_count_overflow > DISPATCH_NEXT > DISPATCH_NEXT > DISPATCH_NEXT > - str tmp1, [istate, #ISTATE_METHOD] > - str istate, [istate, #ISTATE_SELF_LINK] > @ mov lr, #0 > @ str lr, [istate, #ISTATE_PREV_LINK] > @ str lr, [istate, #ISTATE_CALLEE] > Committed: http://icedtea.classpath.org/hg/icedtea7-forest/hotspot/rev/ee50fa9e8791 For some reason, this came through inline, so I had to manually copy and paste it over. It also didn't apply cleanly, but the code seems identical, from manual examination. I didn't spot that the longer Changelog had got missed until later. Sorry. I'll make sure to include it in the release notes instead, so it isn't lost. Thanks for fixing this, -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From aph at redhat.com Mon Mar 17 12:48:30 2014 From: aph at redhat.com (Andrew Haley) Date: Mon, 17 Mar 2014 12:48:30 +0000 Subject: Re-enable ARM32 JIT compiler In-Reply-To: <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com> References: <5326DF93.7080003@redhat.com> <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com> Message-ID: <5326EF1E.2050408@redhat.com> On 03/17/2014 12:31 PM, Andrew Hughes wrote: > I didn't spot that the longer Changelog had got missed until later. Sorry. I'll > make sure to include it in the release notes instead, so it isn't lost. Can't you just roll it back and commit it properly? Andrew. From gnu.andrew at redhat.com Mon Mar 17 13:16:00 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Mon, 17 Mar 2014 09:16:00 -0400 (EDT) Subject: Re-enable ARM32 JIT compiler In-Reply-To: <5326EF1E.2050408@redhat.com> References: <5326DF93.7080003@redhat.com> <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com> <5326EF1E.2050408@redhat.com> Message-ID: <792746557.508835.1395062160216.JavaMail.zimbra@redhat.com> ----- Original Message ----- > On 03/17/2014 12:31 PM, Andrew Hughes wrote: > > I didn't spot that the longer Changelog had got missed until later. Sorry. > > I'll > > make sure to include it in the release notes instead, so it isn't lost. > > Can't you just roll it back and commit it properly? > > Andrew. > > Sure. Done: http://icedtea.classpath.org/hg/icedtea7-forest/hotspot/rev/e34b923512cc -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 13:29:11 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 13:29:11 +0000 Subject: [Bug 1584] Commvault console fails to start due to error in JNLP file In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1584 Simone Lazzaris changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |simone.lazzaris at qcom.it Version|unspecified |1.4 --- Comment #2 from Simone Lazzaris --- I'm experiencing the very same problem, with the same application (commvault console). My platform is a Linux (archlinux) 64bit. The oracle jre works fine on the same machine. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Mon Mar 17 14:25:55 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:25:55 +0000 Subject: /hg/release/icedtea7-forest-2.4: PR1679: Allow OpenJDK to build ... Message-ID: changeset b028e58c1b77 in /hg/release/icedtea7-forest-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=b028e58c1b77 author: andrew date: Wed Feb 19 21:07:59 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels diffstat: make/Defs-internal.gmk | 14 +++++++++++++- 1 files changed, 13 insertions(+), 1 deletions(-) diffs (31 lines): diff -r 0af208754134 -r b028e58c1b77 make/Defs-internal.gmk --- a/make/Defs-internal.gmk Wed Jan 29 10:01:15 2014 +0000 +++ b/make/Defs-internal.gmk Wed Feb 19 21:07:59 2014 +0000 @@ -303,6 +303,16 @@ ABS_JAXWS_DIST = $(JAXWS_OUTPUTDIR)/dist endif +# Command to PaX mark the VM +ifndef PAX_COMMAND + PAX_COMMAND = /usr/sbin/paxmark.sh +endif +ifeq ($(ARCH), i586) + PAX_COMMAND_ARGS="-msp" +else + PAX_COMMAND_ARGS="-m" +endif + # Common make arguments (supplied to all component builds) COMMON_BUILD_ARGUMENTS = \ JDK_TOPDIR=$(ABS_JDK_TOPDIR) \ @@ -323,7 +333,9 @@ PREVIOUS_MAJOR_VERSION=$(PREVIOUS_MAJOR_VERSION) \ PREVIOUS_MINOR_VERSION=$(PREVIOUS_MINOR_VERSION) \ PREVIOUS_MICRO_VERSION=$(PREVIOUS_MICRO_VERSION) \ - STATIC_CXX=$(STATIC_CXX) + STATIC_CXX=$(STATIC_CXX) \ + PAX_COMMAND=$(PAX_COMMAND) \ + PAX_COMMAND_ARGS=$(PAX_COMMAND_ARGS) ifdef ARCH_DATA_MODEL COMMON_BUILD_ARGUMENTS += ARCH_DATA_MODEL=$(ARCH_DATA_MODEL) From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 14:26:01 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:26:01 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #4 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4?cmd=changeset;node=b028e58c1b77 author: andrew date: Wed Feb 19 21:07:59 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Mon Mar 17 14:26:32 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:26:32 +0000 Subject: /hg/release/icedtea7-forest-2.4/hotspot: 46 new changesets Message-ID: changeset 5ad2c8650812 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=5ad2c8650812 author: dsamersoff date: Thu Aug 29 21:48:23 2013 +0400 8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 Summary: don't re-evaluate stack bounds for main thread before install guard page Reviewed-by: coleenp, dholmes, dlong changeset 195056251b69 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=195056251b69 author: aph date: Thu Mar 15 07:56:24 2012 -0400 Add patches/arm.patch from IcedTea 6 changeset 8f0c2e1287f5 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8f0c2e1287f5 author: aph date: Thu Mar 15 07:57:19 2012 -0400 Add patches/arm-debug.patch from IcedTea 6 changeset 1053216103e0 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1053216103e0 author: andrew date: Fri Jul 12 20:03:52 2013 +0100 Add patches/arm-hsdis.patch from IcedTea 6 changeset 3dc977fbd5d1 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=3dc977fbd5d1 author: aph date: Thu Mar 15 07:53:52 2012 -0400 Add arm_port from IcedTea 6 changeset b7beff851ea6 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=b7beff851ea6 author: aph date: Thu Mar 15 08:54:12 2012 -0400 Move arm-port files to the correct place changeset 2e40cd792106 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=2e40cd792106 author: aph date: Fri Jul 12 20:10:45 2013 +0100 Changes for HSX22 changeset 1998ca2209d4 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1998ca2209d4 author: aph date: Fri Mar 16 08:36:04 2012 -0400 Use unified syntax for thumb code. 2012-03-16 Andrew Haley * hotspot/src/cpu/zero/vm/arm_cas.S: Use unified syntax for thumb code. changeset de4a0e6323f9 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=de4a0e6323f9 author: aph date: Tue Mar 27 09:40:08 2012 -0400 ARM: First cut of invokedynamic changeset aa1f60fceb35 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=aa1f60fceb35 author: aph date: Fri Mar 30 11:53:01 2012 -0400 invokedynamic and aldc for JIT changeset 7c433abda0ff in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=7c433abda0ff author: aph date: Fri Mar 30 13:34:30 2012 -0400 ARM: JIT-compilation of ldc methodHandle changeset aad627c854be in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=aad627c854be author: aph date: Tue Apr 10 12:22:01 2012 -0400 Tidy up, minor comment changes. changeset 0cfce4cddb95 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=0cfce4cddb95 author: aph date: Wed Apr 11 09:22:39 2012 -0400 Minor review cleanups. changeset 31c0b70bdafe in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=31c0b70bdafe author: adinn date: Fri Jul 12 20:17:38 2013 +0100 added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler changeset 5952f579380f in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=5952f579380f author: adinn date: Fri Jul 12 20:20:10 2013 +0100 patched method handle adapter code to deal with failures in TCK changeset f056bda687ee in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f056bda687ee author: adinn date: Wed May 16 11:21:07 2012 +0100 modified safepoint check to rely on memory protect signal instead of polling changeset 185c8d8de125 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=185c8d8de125 author: aph date: Thu May 17 13:45:50 2012 -0400 RTC Thumb2 JIT enhancements. 2012-05-16 Andrew Haley * src/cpu/zero/vm/thumb2.cpp: Throughout: T2EE_PRINT_* renamed to T2_PRINT_*. Route all debug info to stderr. We now do frameless compilation, so do all frame accesses relative to SP. Remove zombie detection pass. Remove dead code. Add OSPACE option. (H_LDC_W) (H_INVOKESTATIC_RESOLVED, H_INVOKESPECIAL_RESOLVED) (H_INVOKEVIRTUAL_RESOLVED, H_INVOKEVFINAL, H_MONITORENTER) (H_MONITOREXIT): New. (T2_* macros): Rename from T2EE_*. (SLOW_ENTRY_OFFSET, FAST_ENTRY_OFFSET): New. (THUMB2_CODEBUF_SIZE): Make this depend on PRODUCT. (H_GETSTATIC, H_PUTSTATIC, H_JSR, H_ZOMBIE, H_MONITOR): Delete. (H_DEADCODE, H_LDC_W, H_INVOKESTATIC_RESOLVED) (H_INVOKESPECIAL_RESOLVED, H_INVOKEVIRTUAL_RESOLVED) (H_INVOKEVFINAL): New. (DebugSwitch): New. (JAZ_V6): New local register. (Thumb2_pass1): Count reads and writes for register allocator. Delete zombie detection pass. (Thumb2_RegAlloc): New. (out_align, out_align_offset, nop_16, nop_32): New. (fullBarrier, storeBarrier): Chaeck for an MP OS. (load_local, store_local): Check for an istate reg. (load_istate, store_istate): New. (Thumb2_Load, Thumb2_LoadX2): Remove monitor stack adj. (Thumb2_Store, Thumb2_StoreX2): Likewise. (Debug): New. (Thumb2_save_locals, Thumb2_restore_locals, Thumb2_invoke_save) (Thumb2_invoke_restore, Thumb2_Exit): Remove monitor stackdepth adj. Move here from below. (Thumb2_Accessor): Rewrite for new method header layout. (Thumb2_Enter): Likewise. Do frameless setup. (Thumb2_load_long): Use a single ldrexd instruction. (Thumb2_codegen): Align branches. Call Debug if we're about to enter a synchronized method. (opc_jsr) Add handler. (opc_monitorenter, opc_monitorexit): Call handler instead of generating code. (Thumb2_Initialize): Disassmble ARM and Thumb code separately. * src/cpu/zero/vm/cppInterpreter_arm.S: Throughout: the thread pointer is now in a register, so use it everywhere. Set the thread pointer register at every entry point to the interpreter. Throughout: use the macros SLOW_ENTRY and FAST_ENTRY rather than ALIGN_CODE. Throughout: register tmp2 is no longer available, use other registers as appropriate. (T2JIT): Rename from THUMB2EE. (call_thumb2): Load all the thumb2 registers that have been allocated to locals. (accessor_entry): Check for stack overflow. (.fast_accessor_*): Delete dead code. (LOAD_FRAME): New. (Thumb2_invokevfinalresolved_stub) (Thumb2_invokevirtualresolved_stub): New. (Thumb2_invokestaticresolved_stub): New. (Thumb2_invokespecialresolved_stub): New. (Thumb2 stubs): Use FRAME_* rather than ISTATE_*; the frame pointer is no longer in a fixed register. (JAZ_REGSET, JAZ_*): Move delaration of JAZ registers here. (Thumb2_monitorenter): New. (normal_entry_synchronized): Rearrange so that we can load the thread pointer without exceeding the number of instructions that we can fit into the gap between SLOW_ENTRY and FAST_ENTRY. (normal_entry): Likewise. (MP_COMPILE_THRESHOLD, UP_COMPILE_THRESHOLD): Adjust. (TBIT): New. (FRAME_METHOD, FRAME_CONSTANTS, FRAME_BCP, FRAME_STACK_LIMIT) (FRAME_LOCALS, FRAME_STACK): New. (SLOW_ENTRY, FAST_ENTRY, SLOW_ENTRY_OFFSET, FAST_ENTRY_OFFSET): New. (LOAD_ISTATE): New. (DECACHE_STACK_USING_FRAME, DECACHE_JPC_USING_FRAME): New. (TRACE): Save and restore IP. Pass istate to my_trace(). (Opcode monitorenter): Remove all the assembler code and replace it with a call to Helper_monitorenter. * src/cpu/zero/vm/bytecodes_arm.def: Throughout: register tmp2 is no longer available, use other registers as appropriate. (lgetfield): Use ldrexd to load a jlong rather than an ldrexd/strexd loop. * src/cpu/zero/vm/asm_helper.cpp (ARCH_THUMB2): Renamed from ARCH_THUMBEE. (my_trace): New. (Helper_monitorenter): New. (Helper_monitorexit): New. changeset d77793023b14 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=d77793023b14 author: aph date: Mon May 28 08:01:18 2012 -0400 Use ldrexd for atomic reads on ARMv7. 2012-05-28 Andrew Haley * os_linux_zero.hpp (atomic_copy64): Use ldrexd for atomic reads on ARMv7. changeset 4888872c21be in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4888872c21be author: aph date: Mon May 28 08:48:42 2012 -0400 Adjust saved SP when safepointing. 2012-05-28 Andrew Haley * thumb2.cpp (Thumb2_Safepoint): Adjust saved SP when safepointing. changeset 76900149f3f0 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=76900149f3f0 author: aph date: Tue May 29 10:11:11 2012 -0400 Phase 1 changeset 3bb197ceab24 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=3bb197ceab24 author: aph date: Tue May 29 11:06:21 2012 -0400 Phase 2 changeset f8dd5ae19039 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f8dd5ae19039 author: aph date: Fri Jul 12 20:26:41 2013 +0100 Don't save locals at a return. changeset a644c3ec2b16 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=a644c3ec2b16 author: aph date: Fri Jul 12 20:27:35 2013 +0100 Back out mistaken checkin of debug code. changeset 70e201bcbb24 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=70e201bcbb24 author: adinn date: Thu Jun 07 17:49:46 2012 +0100 corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2 changeset a214ebebbdcb in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=a214ebebbdcb author: aph date: Wed Jun 06 10:09:22 2012 -0400 Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged 2012-06-06 Andrew Haley * thumb2.cpp (Thumb2_Compile): Ask the CompilerOracle if we should compile this method. (Thumb2_iOp): Use a temporary to hold the shift count. changeset 16446d9fa65e in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=16446d9fa65e author: aph date: Fri Jun 08 09:11:52 2012 -0400 ARM: Rename a bunch of misleadingly-named functions 2012-06-08 Andrew Haley * thumb2.cpp: Rename some functions: Thumb2_save_locals -> Thumb2_save_local_refs Thumb2_restore_locals -> Thumb2_restore_local_refs Thumb2_invoke_save -> Thumb2_save_all_locals Thumb2_invoke_restore -> Thumb2_restore_all_locals changeset 1ee2f45db8bc in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1ee2f45db8bc author: aph date: Fri Jun 08 10:25:37 2012 -0400 Fix call to handle_special_method(). Fix compareAndSwapLong. 2012-06-08 Andrew Haley * thumb2.cpp (Thumb2_codegen): Move call to handle_special_method() outside test. (handle_special_method: _compareAndSwapLong): Save/restore all locals, not just locals of ref type. changeset ce4008a48588 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=ce4008a48588 author: chrisphi date: Thu Aug 30 11:53:27 2012 -0400 ARM: Fix trashed thread ptr after recursive re-entry from asm jit. changeset 92d450da7626 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=92d450da7626 author: chrisphi date: Thu Mar 21 11:17:13 2013 -0400 PR1363: Fedora 19 / rawhide FTBFS SIGILL Changed thumb2 PUSH & POP to inline functions, Added detection of reg alloc failure, fails compile of method. changeset 521adb51d083 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=521adb51d083 author: andrew date: Wed Aug 29 17:23:23 2012 +0100 PR1101: Undefined symbols on GNU/Linux SPARC changeset f541c1d41ba7 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f541c1d41ba7 author: Xerxes Ranby date: Tue May 28 19:43:58 2013 +0200 PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel Summary: The POPF1 macro used wrong destination register r0 instead of r1 on ARM armel causing issues with the frem bytecode. The frem bytecode was the only bytecode using the defect macro. changeset fef21600239c in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=fef21600239c author: chrisphi date: Fri Jul 12 20:56:23 2013 +0100 Changes for HSX23 changeset 60dbdc6b0859 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=60dbdc6b0859 author: andrew date: Fri Jul 12 21:41:06 2013 +0100 Remove fragment from method that has been removed changeset 297a0304a568 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=297a0304a568 author: andrew date: Wed Jul 17 13:52:07 2013 +0100 Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags changeset d54091fd1092 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=d54091fd1092 author: andrew date: Wed Jul 17 17:30:04 2013 +0100 Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make. changeset 1ad36c6cff31 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1ad36c6cff31 author: andrew date: Wed Jul 17 19:14:46 2013 +0100 Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present. changeset 4a989c763452 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4a989c763452 author: andrew date: Thu Dec 26 19:52:09 2013 +0000 Add Shark definitions from 8003868 changeset 4049b8278e88 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4049b8278e88 author: andrew date: Thu Dec 26 19:52:45 2013 +0000 Drop compile_method argument removed in 7083786 from sharkCompiler.cpp changeset e9721d827f31 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=e9721d827f31 author: simonis date: Mon Mar 17 13:40:34 2014 +0000 Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. The 'gamma' launcher only works with HotSpot based bootstrap JDKs because it uses the freshly build libjvm.so in the context and together with the class library of the boot JDK which was used to build it. This combination will not work for other JDKs. changeset 9b1cdb2b44fa in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=9b1cdb2b44fa author: andrew date: Mon Mar 17 13:43:56 2014 +0000 Backout earlier RH1015432 fix changeset 9600c7d61f8f in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=9600c7d61f8f author: andrew date: Fri Jan 31 21:14:06 2014 +0000 RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) Contributed-by: chphilli at redhat.com changeset 78628ff1b2a8 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=78628ff1b2a8 author: chrisphi date: Tue Feb 18 20:45:28 2014 +0000 ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. changeset 8e7b2661433e in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8e7b2661433e author: andrew date: Wed Feb 19 21:08:04 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels changeset eff103ee6cbe in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=eff103ee6cbe author: andrew date: Thu Feb 20 03:38:40 2014 +0000 Override automatic detection of source language for bytecodes_arm.def changeset c200cfd0bd8d in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=c200cfd0bd8d author: andrew date: Fri Jul 26 11:31:42 2013 +0100 Include $(CFLAGS) in assembler stage changeset 00478c5bf5e9 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=00478c5bf5e9 author: aph date: Mon Mar 17 13:15:25 2014 +0000 Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. Fix trace code not to dereference null pointers. Correct Helper_aputfield and helper_aastore not to use static _byte_map_base. Comment-out calls to TRACE. Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when JITting fails. diffstat: make/linux/makefiles/buildtree.make | 16 + make/linux/makefiles/gcc.make | 2 + make/linux/makefiles/rules.make | 5 +- make/linux/makefiles/vm.make | 2 +- make/linux/makefiles/zeroshark.make | 37 + src/cpu/zero/vm/arm_cas.S | 31 + src/cpu/zero/vm/asm_helper.cpp | 745 + src/cpu/zero/vm/bytecodes_arm.def | 7850 ++++++++++++++++ src/cpu/zero/vm/bytecodes_zero.cpp | 52 +- src/cpu/zero/vm/bytecodes_zero.hpp | 41 +- src/cpu/zero/vm/cppInterpreter_arm.S | 7384 +++++++++++++++ src/cpu/zero/vm/cppInterpreter_zero.cpp | 49 + src/cpu/zero/vm/cppInterpreter_zero.hpp | 2 + src/cpu/zero/vm/methodHandles_zero.hpp | 6 +- src/cpu/zero/vm/thumb2.cpp | 7985 +++++++++++++++++ src/cpu/zero/vm/vm_version_zero.hpp | 11 + src/os/linux/vm/os_linux.cpp | 131 +- src/os_cpu/linux_sparc/vm/os_linux_sparc.cpp | 31 +- src/os_cpu/linux_zero/vm/atomic_linux_zero.inline.hpp | 14 + src/os_cpu/linux_zero/vm/os_linux_zero.cpp | 47 +- src/os_cpu/linux_zero/vm/os_linux_zero.hpp | 6 + src/share/tools/hsdis/Makefile | 10 +- src/share/tools/hsdis/hsdis.c | 5 + src/share/vm/prims/jvmtiExport.cpp | 41 + src/share/vm/prims/jvmtiExport.hpp | 7 + src/share/vm/runtime/os.cpp | 38 - src/share/vm/runtime/os.hpp | 4 - src/share/vm/shark/sharkCompiler.cpp | 1 - src/share/vm/shark/shark_globals.hpp | 10 + src/share/vm/utilities/vmError.cpp | 13 + src/share/vm/utilities/vmError.hpp | 8 + test/runtime/InitialThreadOverflow/DoOverflow.java | 41 + test/runtime/InitialThreadOverflow/invoke.cxx | 70 + test/runtime/InitialThreadOverflow/testme.sh | 73 + tools/mkbc.c | 607 + 35 files changed, 25245 insertions(+), 130 deletions(-) diffs (truncated from 25866 to 500 lines): diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/buildtree.make --- a/make/linux/makefiles/buildtree.make Wed Jan 29 10:01:21 2014 +0000 +++ b/make/linux/makefiles/buildtree.make Mon Mar 17 13:15:25 2014 +0000 @@ -408,6 +408,7 @@ DATA_MODE/sparcv9 = 64 DATA_MODE/amd64 = 64 DATA_MODE/ia64 = 64 +DATA_MODE/ppc64 = 64 DATA_MODE/zero = $(ARCH_DATA_MODEL) JAVA_FLAG/32 = -d32 @@ -416,6 +417,9 @@ WRONG_DATA_MODE_MSG = \ echo "JAVA_HOME must point to a $(DATA_MODE)-bit OpenJDK." +WRONG_JDK_MSG = \ + echo "JAVA_HOME must point to a HotSpot based JDK \\\(genuine Sun/Oracle or OpenJDK\\\)." + CROSS_COMPILING_MSG = \ echo "Cross compiling for ARCH $(CROSS_COMPILE_ARCH), skipping gamma run." @@ -452,6 +456,14 @@ echo " exit 0"; \ echo "fi"; \ echo ""; \ + echo "# 'gamma' only runs with HotSpot based JDKs (genuine Sun/Oracle or OpenJDK)"; \ + echo ""; \ + echo "\$${JAVA_HOME}/bin/java $(JAVA_FLAG) -version 2>&1 | grep -E 'OpenJDK|HotSpot' > /dev/null"; \ + echo "if [ \$$? -ne 0 ]; then "; \ + echo " $(WRONG_JDK_MSG)"; \ + echo " exit 0"; \ + echo "fi"; \ + echo ""; \ echo "# Use gamma_g if it exists"; \ echo ""; \ echo "GAMMA_PROG=gamma"; \ @@ -459,6 +471,10 @@ echo " GAMMA_PROG=gamma_g"; \ echo "fi"; \ echo ""; \ + echo "if [ -x \"$(PAX_COMMAND)\" ]; then "; \ + echo " $(PAX_COMMAND) $(PAX_COMMAND_ARGS) ./\$${GAMMA_PROG}"; \ + echo "fi"; \ + echo ""; \ echo "if [ \"$(OS_VENDOR)\" = \"Darwin\" ]; then "; \ echo " # Ensure architecture for gamma and JAVA_HOME is the same."; \ echo " # NOTE: gamma assumes the OpenJDK directory layout."; \ diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/gcc.make --- a/make/linux/makefiles/gcc.make Wed Jan 29 10:01:21 2014 +0000 +++ b/make/linux/makefiles/gcc.make Mon Mar 17 13:15:25 2014 +0000 @@ -241,6 +241,7 @@ FASTDEBUG_CFLAGS/amd64 = -g FASTDEBUG_CFLAGS/arm = -g FASTDEBUG_CFLAGS/ppc = -g + FASTDEBUG_CFLAGS/zero = -g FASTDEBUG_CFLAGS += $(DEBUG_CFLAGS/$(BUILDARCH)) ifeq ($(FASTDEBUG_CFLAGS/$(BUILDARCH)),) FASTDEBUG_CFLAGS += -gstabs @@ -250,6 +251,7 @@ OPT_CFLAGS/amd64 = -g OPT_CFLAGS/arm = -g OPT_CFLAGS/ppc = -g + OPT_CFLAGS/zero = -g OPT_CFLAGS += $(OPT_CFLAGS/$(BUILDARCH)) ifeq ($(OPT_CFLAGS/$(BUILDARCH)),) OPT_CFLAGS += -gstabs diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/rules.make --- a/make/linux/makefiles/rules.make Wed Jan 29 10:01:21 2014 +0000 +++ b/make/linux/makefiles/rules.make Mon Mar 17 13:15:25 2014 +0000 @@ -31,7 +31,10 @@ DEMANGLE = $(DEMANGLER) < $@ > .$@ && mv -f .$@ $@ # $(CC) is the c compiler (cc/gcc), $(CXX) is the c++ compiler (CC/g++). -CC_COMPILE = $(CC) $(CXXFLAGS) $(CFLAGS) +# FIXME: $(CXXFLAGS) currently only includes preprocessor flags while +# $(CFLAGS) includes C and C++ flags. Ideally, there should be three +# variables: $(CFLAGS), $(CXXFLAGS) and $(CPPFLAGS). +CC_COMPILE = $(CC) $(CXXFLAGS) CXX_COMPILE = $(CXX) $(CXXFLAGS) $(CFLAGS) AS.S = $(AS) $(ASFLAGS) diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/vm.make --- a/make/linux/makefiles/vm.make Wed Jan 29 10:01:21 2014 +0000 +++ b/make/linux/makefiles/vm.make Mon Mar 17 13:15:25 2014 +0000 @@ -226,7 +226,7 @@ # Locate all source files in the given directory, excluding files in Src_Files_EXCLUDE. define findsrc $(notdir $(shell find $(1)/. ! -name . -prune \ - -a \( -name \*.c -o -name \*.cpp -o -name \*.s \) \ + -a \( -name \*.c -o -name \*.cpp -o -name \*.s -o -name \*.S \) \ -a ! \( -name DUMMY $(addprefix -o -name ,$(Src_Files_EXCLUDE)) \))) endef diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/zeroshark.make --- a/make/linux/makefiles/zeroshark.make Wed Jan 29 10:01:21 2014 +0000 +++ b/make/linux/makefiles/zeroshark.make Mon Mar 17 13:15:25 2014 +0000 @@ -25,6 +25,43 @@ # Setup common to Zero (non-Shark) and Shark versions of VM +ifeq ($(ZERO_LIBARCH),arm) +# check to see if we are building the assembler jit or just zero. +ifeq ($(ARM32JIT),true) +Obj_Files += asm_helper.o +Obj_Files += cppInterpreter_arm.o +Obj_Files += thumb2.o + +CFLAGS += -DHOTSPOT_ASM + +cppInterpreter_arm.o: offsets_arm.s bytecodes_arm.s +thumb2.o: offsets_arm.s + +offsets_arm.s: mkoffsets + @echo Generating assembler offsets + ./mkoffsets > $@ + +bytecodes_arm.s: bytecodes_arm.def mkbc + @echo Generating ARM assembler bytecode sequences + $(CXX_COMPILE) -E -x c++ - < $< | ./mkbc - $@ $(COMPILE_DONE) + +mkbc: $(GAMMADIR)/tools/mkbc.c + @echo Compiling mkbc tool + $(CC_COMPILE) -o $@ $< $(COMPILE_DONE) + +mkoffsets: asm_helper.cpp + @echo Compiling offset generator + $(QUIETLY) $(REMOVE_TARGET) + $(CXX_COMPILE) -DSTATIC_OFFSETS -o $@ $< $(COMPILE_DONE) + +endif +endif + +%.o: %.S + @echo Assembling $< + $(QUIETLY) $(REMOVE_TARGET) + $(COMPILE.CC) $(CFLAGS) -o $@ $< $(COMPILE_DONE) + # The copied fdlibm routines in sharedRuntimeTrig.o must not be optimized OPT_CFLAGS/sharedRuntimeTrig.o = $(OPT_CFLAGS/NOOPT) # The copied fdlibm routines in sharedRuntimeTrans.o must not be optimized diff -r 2c97070e5af4 -r 00478c5bf5e9 src/cpu/zero/vm/arm_cas.S --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/cpu/zero/vm/arm_cas.S Mon Mar 17 13:15:25 2014 +0000 @@ -0,0 +1,31 @@ +#ifdef __ARM_ARCH_7A__ +@ jlong +@ arm_val_compare_and_swap_long(volatile void *ptr, +@ jlong oldval, +@ jlong newval) { + .pushsection .text + .global arm_val_compare_and_swap_long +#ifdef __thumb__ + .syntax unified + .thumb_func +#endif + .type arm_val_compare_and_swap_long, %function +arm_val_compare_and_swap_long: + stmfd sp!, {r4, r5, r6, r7} + ldrd r4, [sp, #16] + dmb sy +0: ldrexd r6, [r0] + cmp r6, r2 + it eq + cmpeq r7, r3 + bne 1f + strexd r1, r4, [r0] + cmp r1, #0 + bne 0b + dmb sy +1: mov r0, r6 + mov r1, r7 + ldmfd sp!, {r4, r5, r6, r7} + bx lr + .popsection +#endif // __ARM_ARCH_7A__ diff -r 2c97070e5af4 -r 00478c5bf5e9 src/cpu/zero/vm/asm_helper.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/cpu/zero/vm/asm_helper.cpp Mon Mar 17 13:15:25 2014 +0000 @@ -0,0 +1,745 @@ +/* + * Copyright 2009, 2010 Edward Nevill + * Copyright 2011, Red Hat + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifdef __arm__ + +#define ARCH_THUMB2 (1<<16) +#define ARCH_VFP (1<<17) +#define ARCH_CLZ (1<<18) + +/* A workaround for private and protected fields */ +#define private public +#define protected public + +#include "precompiled.hpp" +#include "asm/assembler.hpp" +#include "interp_masm_zero.hpp" +#include "interpreter/bytecodeInterpreter.hpp" +#include "interpreter/bytecodeInterpreter.inline.hpp" +#include "interpreter/interpreter.hpp" +#include "interpreter/interpreterRuntime.hpp" +#include "oops/methodDataOop.hpp" +#include "oops/methodOop.hpp" +#include "oops/oop.inline.hpp" +#include "oops/klassOop.hpp" +#include "prims/jvmtiExport.hpp" +#include "prims/jvmtiThreadState.hpp" +#include "runtime/frame.hpp" +#include "runtime/deoptimization.hpp" +#include "runtime/frame.inline.hpp" +#include "runtime/sharedRuntime.hpp" +#include "runtime/stubRoutines.hpp" +#include "runtime/synchronizer.hpp" +#include "runtime/vframeArray.hpp" +#include "utilities/debug.hpp" + + +#ifndef STATIC_OFFSETS + +#include +#include + +#define VECBUFF_SIZE 64 + +static char valuebuf[128]; + +// Return the name of the current method. Not multi-thread safe. +extern "C" char* +meth(interpreterState istate) { + istate->method()->name_and_sig_as_C_string(valuebuf, sizeof valuebuf); + char *p = valuebuf + strlen(valuebuf); + sprintf(p, ": " PTR_FORMAT " (bci %d)", + (intptr_t) istate->bcp(), + istate->method()->bci_from(istate->bcp())); + return valuebuf; +} + +// Used for debugging the interpreter. The macro TRACE in +// cppInterpreter_arm.S calls this routine, and you can trap on a +// particular method. +#define NAME1 "sun.nio.ch.FileChannelImpl$Unmapper.run()V" +#define EQ(S1, S2) (S1 && (strncmp(S1, S2, strlen(S2)) == 0)) +extern "C" void my_trace(void *jpc, interpreterState istate) +{ + JavaThread *jt = istate->thread(); + if (jt->zero_stack()->sp() && jt->top_zero_frame()) { + bool has_last_Java_frame = jt->has_last_Java_frame(); + if (!has_last_Java_frame) + jt->set_last_Java_frame(); + + StackFrameStream sfs(jt); + for(int i = 0; !sfs.is_done(); sfs.next(), i++) { + } + + // Reset the frame anchor if necessary + if (!has_last_Java_frame) + jt->reset_last_Java_frame(); + } +} + +extern "C" unsigned hwcap(void) +{ + int fd; + unsigned vecs[VECBUFF_SIZE]; + unsigned *p; + int i, n; + unsigned rc = 0; + unsigned arch = 4; + + fd = open("/proc/self/auxv", O_RDONLY); + if (fd < 0) return 0; + do { + n = read(fd, vecs, VECBUFF_SIZE * sizeof(unsigned)); + p = vecs; + i = n/8; + while (--i >= 0) { + unsigned tag = *p++; + unsigned value = *p++; + if (tag == 0) goto fini; + if (tag == AT_HWCAP) { + if (value & HWCAP_THUMBEE) rc |= ARCH_THUMB2; + if (value & HWCAP_VFP) rc |= ARCH_VFP; + } else if (tag == AT_PLATFORM) { + const char *s = (const char *)value; + int c; + + if (*s++ == 'v') { + arch = 0; + while ((isdigit)(c = *s++)) arch = arch * 10 + c - '0'; + } + } + } + } while (n == VECBUFF_SIZE * sizeof(unsigned)); +fini: + close(fd); +// printf("arch = %d, rc = 0x%08x\n", arch, rc); + if (arch >= 5) rc |= ARCH_CLZ; + if (arch >= 7) rc |= ARCH_THUMB2; + return rc | (1<is_lock_owned(r1); +} + +extern "C" HeapWord **CollectedHeap_top_addr(CollectedHeap *r0) +{ + return r0->top_addr(); +} + +extern "C" HeapWord **CollectedHeap_end_addr(CollectedHeap *r0) +{ + return r0->end_addr(); +} + +extern "C" char *SharedRuntime_generate_class_cast_message(const char *name, const char *klass) +{ + return SharedRuntime::generate_class_cast_message(name, klass); +} + +#define HELPER_THROW(thread, name, msg) Exceptions::_throw_msg(thread, __FILE__, __LINE__, name, msg) + +class VMStructs { +public: + static inline klassOop klass_at_addr(constantPoolOop constants, u2 index) { + return (klassOop) *constants->obj_at_addr_raw(index); + } +}; + +extern "C" oop Helper_new(interpreterState istate, unsigned index) +{ + JavaThread *thread = istate->thread(); + + constantPoolOop constants = istate->method()->constants(); + oop result = NULL; + if (!constants->tag_at(index).is_unresolved_klass()) { + // Make sure klass is initialized and doesn't have a finalizer + oop entry = VMStructs::klass_at_addr(constants, index); + klassOop k_entry = (klassOop) entry; + instanceKlass* ik = (instanceKlass*) k_entry->klass_part(); + if ( ik->is_initialized() && ik->can_be_fastpath_allocated() ) { + size_t obj_size = ik->size_helper(); + // If the TLAB isn't pre-zeroed then we'll have to do it + bool need_zero = !ZeroTLAB; + if (UseTLAB) { + result = (oop) thread->tlab().allocate(obj_size); + } + if (result == NULL && !CMSIncrementalMode) { + need_zero = true; + // Try allocate in shared eden + retry: + HeapWord* compare_to = *Universe::heap()->top_addr(); + HeapWord* new_top = compare_to + obj_size; + if (new_top <= *Universe::heap()->end_addr()) { + if (Atomic::cmpxchg_ptr(new_top, Universe::heap()->top_addr(), compare_to) != compare_to) { + goto retry; + } + result = (oop) compare_to; + } + } + if (result != NULL) { + // Initialize object (if nonzero size and need) and then the header + if (need_zero ) { + HeapWord* to_zero = (HeapWord*) result + sizeof(oopDesc) / oopSize; + obj_size -= sizeof(oopDesc) / oopSize; + if (obj_size > 0 ) { + memset(to_zero, 0, obj_size * HeapWordSize); + } + } + if (UseBiasedLocking) { + result->set_mark(ik->prototype_header()); + } else { + result->set_mark(markOopDesc::prototype()); + } + result->set_klass_gap(0); + result->set_klass(k_entry); + return result; + } + } + } + // Slow case allocation + InterpreterRuntime::_new(thread, istate->method()->constants(), index); + result = thread->vm_result(); + thread->set_vm_result(NULL); + return result; +} + +extern "C" int Helper_instanceof(interpreterState istate, unsigned index, oop tos) +{ + if (tos == NULL) return 0; + + // Constant pool may have actual klass or unresolved klass. If it is + // unresolved we must resolve it + if (istate->method()->constants()->tag_at(index).is_unresolved_klass()) { + InterpreterRuntime::quicken_io_cc(istate->thread()); + if (istate->thread()->has_pending_exception()) return 0; + } + klassOop klassOf = VMStructs::klass_at_addr(istate->method()->constants(), index); + klassOop objKlassOop = tos->klass(); + // + // Check for compatibilty. This check must not GC!! + // Seems way more expensive now that we must dispatch + // + return objKlassOop == klassOf || objKlassOop->klass_part()->is_subtype_of(klassOf); +} + +extern "C" oop Helper_checkcast(interpreterState istate, unsigned index, oop tos) +{ + if (tos == NULL) return NULL; + + // Constant pool may have actual klass or unresolved klass. If it is + // unresolved we must resolve it + if (istate->method()->constants()->tag_at(index).is_unresolved_klass()) { + oop except_oop; + InterpreterRuntime::quicken_io_cc(istate->thread()); + if (except_oop = istate->thread()->pending_exception()) return except_oop; + } + klassOop klassOf = VMStructs::klass_at_addr(istate->method()->constants(), index); + klassOop objKlassOop = tos->klass(); //ebx + // + // Check for compatibilty. This check must not GC!! + // Seems way more expensive now that we must dispatch + // + if (objKlassOop != klassOf && !objKlassOop->klass_part()->is_subtype_of(klassOf)) { + ResourceMark rm(istate->thread()); + const char* objName = Klass::cast(objKlassOop)->external_name(); + const char* klassName = Klass::cast(klassOf)->external_name(); + char* message = SharedRuntime::generate_class_cast_message(objName, klassName); + ThreadInVMfromJava trans(istate->thread()); + HELPER_THROW(istate->thread(), vmSymbols::java_lang_ClassCastException(), message); + } + return istate->thread()->pending_exception(); +} + +extern "C" oop Helper_monitorenter(interpreterState istate, oop lockee) +{ + BasicObjectLock* limit = istate->monitor_base(); + BasicObjectLock* most_recent = (BasicObjectLock*) istate->stack_base(); + BasicObjectLock* entry = NULL; + markOop displaced; + JavaThread *thread = istate->thread(); + + if (lockee == NULL) { + HELPER_THROW(istate->thread(), vmSymbols::java_lang_NullPointerException(), ""); + goto handle_exception; + } + while (most_recent != limit ) { + if (most_recent->obj() == NULL) entry = most_recent; + else if (most_recent->obj() == lockee) break; + most_recent++; + } + if (entry == NULL) { + int monitor_words = frame::interpreter_frame_monitor_size(); + ZeroStack *stack = thread->zero_stack(); + + if (monitor_words > stack->available_words()) { + InterpreterRuntime::throw_StackOverflowError(thread); + goto handle_exception; + } else { + stack->alloc(monitor_words * wordSize); + + for (intptr_t *p = istate->stack() + 1; p < istate->stack_base(); p++) + *(p - monitor_words) = *p; + + istate->set_stack_limit(istate->stack_limit() - monitor_words); + istate->set_stack(istate->stack() - monitor_words); + istate->set_stack_base(istate->stack_base() - monitor_words); + + entry = (BasicObjectLock *) istate->stack_base(); + } + } + entry->set_obj(lockee); + displaced = lockee->mark()->set_unlocked(); + entry->lock()->set_displaced_header(displaced); + if (Atomic::cmpxchg_ptr(entry, lockee->mark_addr(), displaced) != displaced) { + // Is it simple recursive case? + if (thread->is_lock_owned((address) displaced->clear_lock_bits())) { + entry->lock()->set_displaced_header(NULL); + } else { + InterpreterRuntime::monitorenter(thread, entry); + } From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 14:26:40 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:26:40 +0000 Subject: [Bug 1363] [IcedTea7] Fedora 19 / rawhide FTBFS SIGILL In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1363 --- Comment #5 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=92d450da7626 author: chrisphi date: Thu Mar 21 11:17:13 2013 -0400 PR1363: Fedora 19 / rawhide FTBFS SIGILL Changed thumb2 PUSH & POP to inline functions, Added detection of reg alloc failure, fails compile of method. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 14:27:08 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:27:08 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #5 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8e7b2661433e author: andrew date: Wed Feb 19 21:08:04 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Mon Mar 17 14:27:17 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:27:17 +0000 Subject: /hg/release/icedtea7-forest-2.4/jdk: 2 new changesets Message-ID: changeset a2c172404305 in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=a2c172404305 author: andrew date: Wed Feb 05 11:24:21 2014 +0000 Link against $(LIBDL) if SYSTEM_CUPS is not true changeset f582aad1fce8 in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=f582aad1fce8 author: andrew date: Wed Feb 19 21:08:02 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels diffstat: make/com/sun/jmx/Makefile | 10 ++++++++-- make/sun/awt/mawt.gmk | 3 ++- 2 files changed, 10 insertions(+), 3 deletions(-) diffs (45 lines): diff -r e44a1aa00614 -r f582aad1fce8 make/com/sun/jmx/Makefile --- a/make/com/sun/jmx/Makefile Mon Feb 03 14:10:39 2014 +0900 +++ b/make/com/sun/jmx/Makefile Wed Feb 19 21:08:02 2014 +0000 @@ -114,13 +114,19 @@ endif ifeq ($(CROSS_COMPILE_ARCH),) -RMIC = $(RMIC_JAVA) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main +RMIC_VM = $(RMIC_JAVA) else -RMIC = $(BOOT_JAVA_CMD) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main +RMIC_VM = $(BOOT_JAVA_CMD) endif +RMIC = $(RMIC_VM) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class $(prep-target) + if [ -x $(PAX_COMMAND) ] ; then \ + if [ -w $(RMIC_VM) ] ; then \ + $(PAX_COMMAND) $(PAX_COMMAND_ARGS) $(RMIC_VM) ; \ + fi ; \ + fi $(RMIC) -classpath "$(CLASSDESTDIR)" \ -d $(CLASSDESTDIR) \ -v1.2 \ diff -r e44a1aa00614 -r f582aad1fce8 make/sun/awt/mawt.gmk --- a/make/sun/awt/mawt.gmk Mon Feb 03 14:10:39 2014 +0900 +++ b/make/sun/awt/mawt.gmk Wed Feb 19 21:08:02 2014 +0000 @@ -192,6 +192,8 @@ ifdef USE_SYSTEM_CUPS OTHER_LDLIBS += $(CUPS_LIBS) +else + OTHER_LDLIBS += $(LIBDL) endif ifdef USE_SYSTEM_FONTCONFIG @@ -219,7 +221,6 @@ ifdef USE_SYSTEM_CUPS CPPFLAGS += -DUSE_SYSTEM_CUPS - LDFLAGS += $(CUPS_LIBS) else CPPFLAGS += -I$(PLATFORM_SRC)/native/common/deps endif From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 14:27:24 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 14:27:24 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #6 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=f582aad1fce8 author: andrew date: Wed Feb 19 21:08:02 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 15:21:23 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 15:21:23 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 Andrew Haley changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aph at redhat.com --- Comment #7 from Andrew Haley --- Shouldn't this patch be upstream? -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 15:39:34 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 15:39:34 +0000 Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one specific method In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710 Andrew Haley changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #8 from Andrew Haley --- It looks to me like this is going to require a HosSpot update. The code in question has been substantially rewritten, so there's no easy way to pick out a bug fix. I have rasied this issue at jdk7u-dev at openjdk.java.net. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From stefan.reich.maker.of.eye at googlemail.com Mon Mar 17 16:29:12 2014 From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich) Date: Mon, 17 Mar 2014 17:29:12 +0100 Subject: EXTREME weirdness - applet writing without permissions Message-ID: Hi folks, here is something really really weird. I have this applet: http://tinybrain.de:8080/tb-applet/chat-applet.php with this source code (you can verify!):
Clearly, all-permissions is just a comment. I also get no security dialog or anything, so it's a SANDBOXED applet. However, I can clearly see it accessing my disk. I enter "hello" in the chat field, and instantly, a file in ~/.tinybrain is created on my partition. By an untrusted applet. How's it possible? Process dump: stefan 746 32001 0 17:22 ? 00:00:00 /usr/lib/firefox/plugin-container /usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 32001 true plugin stefan 754 746 1 17:22 ? 00:00:04 /usr/lib/jvm/java-7-openjdk-i386/bin/java -Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar -classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar sun.applet.PluginMain /tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer /tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin Note: I also use signed applets, using the same .jar, on other pages. Maybe that slips through to this applet? But still, it's totally out of spec that this applet can write stuff to disk, or is it? Cheers, Stefan -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Mon Mar 17 16:40:44 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:40:44 +0000 Subject: /hg/release/icedtea7-forest-2.4: Added tag icedtea-2.4.6pre01 fo... Message-ID: changeset 2307419e6c4c in /hg/release/icedtea7-forest-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=2307419e6c4c author: andrew date: Mon Mar 17 16:37:10 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset b028e58c1b77 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r b028e58c1b77 -r 2307419e6c4c .hgtags --- a/.hgtags Wed Feb 19 21:07:59 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:10 2014 +0000 @@ -409,3 +409,4 @@ df53ec7eb789e7dec375a685dce1fa5cf63618b4 jdk7u51-b12 6c778574d87336a2e55156544af92ce2de799696 jdk7u51-b13 410eb7fef869645524ebb08293da1ba6215e5ce9 icedtea-2.4.5 +b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:40:51 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:40:51 +0000 Subject: /hg/release/icedtea7-forest-2.4/corba: Added tag icedtea-2.4.6pr... Message-ID: changeset 3cf2158dd79b in /hg/release/icedtea7-forest-2.4/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/corba?cmd=changeset;node=3cf2158dd79b author: andrew date: Mon Mar 17 16:37:11 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset 48ef1bb6d120 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 48ef1bb6d120 -r 3cf2158dd79b .hgtags --- a/.hgtags Wed Jan 29 10:01:16 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:11 2014 +0000 @@ -411,3 +411,4 @@ 55a509ccc0e4ed49e311c7ecf2ed29a908bc1d6b jdk7u51-b12 e2f0036f712aa636cfd55334ac21ea7ca2587a7b jdk7u51-b13 3594dbde270d68920afc5ee862d10f14c2a87dc8 icedtea-2.4.5 +48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:40:57 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:40:57 +0000 Subject: /hg/release/icedtea7-forest-2.4/jaxp: Added tag icedtea-2.4.6pre... Message-ID: changeset 729a01a39169 in /hg/release/icedtea7-forest-2.4/jaxp details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxp?cmd=changeset;node=729a01a39169 author: andrew date: Mon Mar 17 16:37:13 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset e0ba4b9a8b91 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r e0ba4b9a8b91 -r 729a01a39169 .hgtags --- a/.hgtags Wed Jan 29 10:01:17 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:13 2014 +0000 @@ -411,3 +411,4 @@ 807946db29f42477e8d8390be01c7e27280bc85c jdk7u51-b12 114654a331e2f97a048d7ed43d06d7512e20e2c1 jdk7u51-b13 8fe156ad49e2db0e5034ffda4649e801b9c315da icedtea-2.4.5 +e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:41:03 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:41:03 +0000 Subject: /hg/release/icedtea7-forest-2.4/jaxws: Added tag icedtea-2.4.6pr... Message-ID: changeset d64584236d69 in /hg/release/icedtea7-forest-2.4/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxws?cmd=changeset;node=d64584236d69 author: andrew date: Mon Mar 17 16:37:13 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset 4bd947cd146b diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 4bd947cd146b -r d64584236d69 .hgtags --- a/.hgtags Wed Jan 29 10:01:18 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:13 2014 +0000 @@ -411,3 +411,4 @@ 7c7c2ea4b6808d0abf7fd48d11440d75b0c08d3a jdk7u51-b12 81a1b110f70c37d2c2f0de7c0ef3bd2d04aba475 jdk7u51-b13 32ea8b1ed91a12ac4633d596f0713c2c67930874 icedtea-2.4.5 +4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:41:11 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:41:11 +0000 Subject: /hg/release/icedtea7-forest-2.4/langtools: Added tag icedtea-2.4... Message-ID: changeset f1982814ebb6 in /hg/release/icedtea7-forest-2.4/langtools details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/langtools?cmd=changeset;node=f1982814ebb6 author: andrew date: Mon Mar 17 16:37:14 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset 06eeb77dac24 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 06eeb77dac24 -r f1982814ebb6 .hgtags --- a/.hgtags Wed Jan 29 10:01:19 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:14 2014 +0000 @@ -411,3 +411,4 @@ 5b44df2114e466da85c3816627bfcd1b59c6499d jdk7u51-b12 4d0807934c302f2e35e6a5acc6cdc720c82b5671 jdk7u51-b13 dabd37b7e2950b42c1c9550caea26522348cd7b4 icedtea-2.4.5 +06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:41:18 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:41:18 +0000 Subject: /hg/release/icedtea7-forest-2.4/hotspot: Added tag icedtea-2.4.6... Message-ID: changeset 490de178ae72 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=490de178ae72 author: andrew date: Mon Mar 17 16:37:17 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset 00478c5bf5e9 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 00478c5bf5e9 -r 490de178ae72 .hgtags --- a/.hgtags Mon Mar 17 13:15:25 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:17 2014 +0000 @@ -624,3 +624,4 @@ dee2a38ef6b26534c44c550ef4da2c3146c612c2 jdk7u51-b12 6c6a2299029ad02fa2820b8ff8c61c2bbcae799c jdk7u51-b13 2cb58882dac3bf8b186ef15f847be926772bbf98 icedtea-2.4.5 +00478c5bf5e93892b40bac1c293f8540d5be58ab icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:41:28 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:41:28 +0000 Subject: /hg/release/icedtea7-forest-2.4/jdk: Added tag icedtea-2.4.6pre0... Message-ID: changeset cf842ff5dba2 in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=cf842ff5dba2 author: andrew date: Mon Mar 17 16:37:23 2014 +0000 Added tag icedtea-2.4.6pre01 for changeset f582aad1fce8 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r f582aad1fce8 -r cf842ff5dba2 .hgtags --- a/.hgtags Wed Feb 19 21:08:02 2014 +0000 +++ b/.hgtags Mon Mar 17 16:37:23 2014 +0000 @@ -402,3 +402,4 @@ f5eee4f1d5b4a1e19febc9c26c863ae853ed6d2e jdk7u51-b12 d19a89fdfb9b959b8638441d9d396685d6c7ab7b jdk7u51-b13 9db88c18e114006dc242d1ba31683cbdb6151a5d icedtea-2.4.5 +f582aad1fce8fe3410728dd40778dbde12f63beb icedtea-2.4.6pre01 From andrew at icedtea.classpath.org Mon Mar 17 16:42:55 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:42:55 +0000 Subject: /hg/release/icedtea7-2.4: 2 new changesets Message-ID: changeset e21f201c2d68 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=e21f201c2d68 author: Andrew John Hughes date: Mon Mar 17 14:58:18 2014 +0000 PR1677: Update PaX support to detect running PaX kernel and use newer tools 2014-02-19 Andrew John Hughes PR1677: Update PaX support to detect running PaX kernel and use newer tools * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. changeset a03874670653 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=a03874670653 author: Andrew John Hughes date: Mon Mar 17 16:42:38 2014 +0000 Update to icedtea-2.4.6pre01 forest tag. 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, * patches/pax-mark-rmic-java.patch, * patches/test_gamma.patch: Removed. * INSTALL: Document ARM32 JIT and --enable-arm32-jit option. * Makefile.am: (CORBA_CHANGESET): Update to icedtea-2.4.6pre01 tag. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (LANGTOOLS_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (LANGTOOLS_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. (ICEDTEA_PATCHES): Remove PaX patches. (ICEDTEA_BOOT_PATCHES): Remove test_gamma patch (fixed by detection of non-Oracle JDK addition from PPC port) (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. (ICEDTEA_ENV): Pass ARM32JIT and PAX_COMMAND to OpenJDK build. * NEWS: Updated with latest changes, including PaX ARM32 and Shark changes. * acinclude.m4: (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be enabled. * configure.ac: Run IT_ENABLE_ARM32JIT macro. * hotspot.map: Update to icedtea-2.4.6pre01 tag. diffstat: ChangeLog | 49 ++++++++++++++ INSTALL | 5 + Makefile.am | 44 ++++++------ NEWS | 52 +++++++++++++++ acinclude.m4 | 116 +++++++++++++++++++++++++--------- configure.ac | 1 + hotspot.map | 2 +- patches/boot/test_gamma.patch | 47 -------------- patches/cacao/arm-arch-defines.patch | 18 ----- patches/pax-mark-rmic-java.patch | 10 --- patches/test_gamma.patch | 47 -------------- 11 files changed, 215 insertions(+), 176 deletions(-) diffs (truncated from 518 to 500 lines): diff -r d9cd6461e22c -r a03874670653 ChangeLog --- a/ChangeLog Thu Jan 30 14:33:10 2014 +0000 +++ b/ChangeLog Mon Mar 17 16:42:38 2014 +0000 @@ -1,3 +1,52 @@ +2014-02-19 Andrew John Hughes + + * patches/boot/test_gamma.patch, + * patches/pax-mark-rmic-java.patch, + * patches/test_gamma.patch: + Removed. + * INSTALL: + Document ARM32 JIT and --enable-arm32-jit option. + * Makefile.am: + (CORBA_CHANGESET): Update to icedtea-2.4.6pre01 tag. + (JAXP_CHANGESET): Likewise. + (JAXWS_CHANGESET): Likewise. + (JDK_CHANGESET): Likewise. + (LANGTOOLS_CHANGESET): Likewise. + (OPENJDK_CHANGESET): Likewise. + (CORBA_SHA256SUM): Likewise. + (JAXP_SHA256SUM): Likewise. + (JAXWS_SHA256SUM): Likewise. + (JDK_SHA256SUM): Likewise. + (LANGTOOLS_SHA256SUM): Likewise. + (OPENJDK_SHA256SUM): Likewise. + (ICEDTEA_PATCHES): Remove PaX patches. + (ICEDTEA_BOOT_PATCHES): Remove test_gamma + patch (fixed by detection of non-Oracle JDK + addition from PPC port) + (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. + (ICEDTEA_ENV): Pass ARM32JIT and PAX_COMMAND to + OpenJDK build. + * NEWS: Updated with latest changes, including PaX + ARM32 and Shark changes. + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be + enabled. + * configure.ac: Run IT_ENABLE_ARM32JIT macro. + * hotspot.map: Update to icedtea-2.4.6pre01 tag. + +2014-02-19 Andrew John Hughes + + PR1677: Update PaX support to detect running PaX + kernel and use newer tools + * NEWS: Updated. + * acinclude.m4: + (IT_HAS_PAX): New macro to detect whether the running + kernel uses PaX. + (IT_WITH_PAX): Rewritten to search for PaX tools - + currently paxmark.sh, paxctl-ng, chpax and paxctl - + and fail if a tool isn't found and a PaX kernel is + being used. + 2014-01-28 Andrew John Hughes * configure.ac: Bump to 2.4.6pre01. diff -r d9cd6461e22c -r a03874670653 INSTALL --- a/INSTALL Thu Jan 30 14:33:10 2014 +0000 +++ b/INSTALL Mon Mar 17 16:42:38 2014 +0000 @@ -204,6 +204,7 @@ * --enable-system-kerberos: Link against the system Kerberos library and query it at runtime to obtain the cache location, rather than using a hardcoded value. +* --enable-arm32-jit: Build the ARM32 JIT. Testing ======= @@ -301,6 +302,10 @@ --enable-shark to configure. Please note that Shark is still in development and builds are still likely to fail at present. +On ARM32, there is also a native JIT port built on top of Zero. This +still has issues and is thus not enabled by default. To enable it, +pass --enable-arm32-jit to configure. + Support for Different Versions of HotSpot ========================================= diff -r d9cd6461e22c -r a03874670653 Makefile.am --- a/Makefile.am Thu Jan 30 14:33:10 2014 +0000 +++ b/Makefile.am Mon Mar 17 16:42:38 2014 +0000 @@ -4,19 +4,19 @@ BUILD_VERSION = b31 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(BUILD_VERSION) -CORBA_CHANGESET = 3594dbde270d -JAXP_CHANGESET = 8fe156ad49e2 -JAXWS_CHANGESET = 32ea8b1ed91a -JDK_CHANGESET = 9db88c18e114 -LANGTOOLS_CHANGESET = dabd37b7e295 -OPENJDK_CHANGESET = 410eb7fef869 +CORBA_CHANGESET = 48ef1bb6d120 +JAXP_CHANGESET = e0ba4b9a8b91 +JAXWS_CHANGESET = 4bd947cd146b +JDK_CHANGESET = f582aad1fce8 +LANGTOOLS_CHANGESET = 06eeb77dac24 +OPENJDK_CHANGESET = b028e58c1b77 -CORBA_SHA256SUM = d1f97e143fe94ae3a56b45bb5a90f8ab10ec2be4ff770a788f0a1ac677e27a7d -JAXP_SHA256SUM = 0a2a40186cedfbeb8f87b0bc86bea2830943943081d4289fc74f7a783b2e1af3 -JAXWS_SHA256SUM = 08a169b6b02883759ec7a412aa91aa3e37480761cb50b95d092dbcdb2fc9a3d0 -JDK_SHA256SUM = 285e5b8ccbb29f3f9f9ea9ea7856d1ed97465c57d091fbcd9b2e55a1ffbb543e -LANGTOOLS_SHA256SUM = 86cb370ce2084c4b699d8c002ebe6c026e86206ffa82a2f3d7906aadb94ed79f -OPENJDK_SHA256SUM = 2de151c7275d91ef082e63fcc0957c5f9290404ec6e20ecfa1e752e16bfab707 +CORBA_SHA256SUM = 2fcfe699797154da8b4ba5242e32468b2f3f42a0cb17039915bfb1f84887a5b6 +JAXP_SHA256SUM = e7014057721b8392676bd24760c3f7b3dd40548abb3c8dfbe8df2fa04d7c1fca +JAXWS_SHA256SUM = 17ed5278872ad0c9ec3a849caf1480e5942b714e35c9a4a949d09daac4b34c5a +JDK_SHA256SUM = 17410212d856da9f52f87a6289d3937d3748992855d53bb5e1496fe7879e27cd +LANGTOOLS_SHA256SUM = a67e62618c70ef9190b2aef2b49be9d79624be9363bda258828b17494e092477 +OPENJDK_SHA256SUM = e6be030ac5934781d9682dc3108980fa7d2330c32da3cea4ae74df11fbaa92f2 CACAO_VERSION = e215e36be9fc CACAO_SHA256SUM = 4966514c72ee7ed108b882d9b6e65c3adf8a8f9c2dccb029f971b3c8cb4870ab @@ -297,12 +297,6 @@ ICEDTEA_PATCHES += patches/nss-config.patch endif -if WITH_PAX -ICEDTEA_PATCHES += \ - patches/test_gamma.patch \ - patches/pax-mark-rmic-java.patch -endif - ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) # Bootstrapping patches @@ -352,10 +346,6 @@ patches/boot/xbootclasspath.patch endif -if !WITH_PAX -ICEDTEA_BOOT_PATCHES += patches/boot/test_gamma.patch -endif - if CP39408_JAVAH ICEDTEA_BOOT_PATCHES += patches/boot/pr39408.patch endif @@ -435,6 +425,12 @@ WERROR_STATUS=false endif +if ENABLE_ARM32JIT +ARM32JIT_STATUS=true +else +ARM32JIT_STATUS=false +endif + ICEDTEA_ENV = \ ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \ ANT="$(ANT)" \ @@ -487,7 +483,9 @@ STRIP_POLICY=no_strip \ JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \ COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \ - UNLIMITED_CRYPTO="true" + UNLIMITED_CRYPTO="true" \ + ARM32JIT="${ARM32JIT_STATUS}" \ + PAX_COMMAND="${PAX_COMMAND}" if ENABLE_CACAO ICEDTEA_ENV += \ diff -r d9cd6461e22c -r a03874670653 NEWS --- a/NEWS Thu Jan 30 14:33:10 2014 +0000 +++ b/NEWS Mon Mar 17 16:42:38 2014 +0000 @@ -14,6 +14,58 @@ New in release 2.4.6 (2014-04-XX): +* Backports + - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 + - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. +* Bug fixes + - PR1101: Undefined symbols on GNU/Linux SPARC + - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set + - PR1677: Update PaX support to detect running PaX kernel and use newer tools + - PR1679: Allow OpenJDK to build on PaX-enabled kernels + - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) + - Link against $(LIBDL) if SYSTEM_CUPS is not true +* ARM port + - Add arm_port from IcedTea 6 + - Add patches/arm.patch from IcedTea 6 + - Add patches/arm-debug.patch from IcedTea 6 + - Add patches/arm-hsdis.patch from IcedTea 6 + - added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler + - Adjust saved SP when safepointing. + - First cut of invokedynamic + - Fix trashed thread ptr after recursive re-entry from asm JIT. + - JIT-compilation of ldc methodHandle + - Rename a bunch of misleadingly-named functions + - Changes for HSX22 + - Rename a bunch of misleadingly-named functions + - Patched method handle adapter code to deal with failures in TCK + - Phase 1 + - Phase 2 + - RTC Thumb2 JIT enhancements. + - Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo. + - Use ldrexd for atomic reads on ARMv7. + - Use unified syntax for thumb code. + - Corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2 + - Don't save locals at a return. + - Fix call to handle_special_method(). Fix compareAndSwapLong. + - Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged + - invokedynamic and aldc for JIT + - Modified safepoint check to rely on memory protect signal instead of polling + - Minor review cleanups. + - PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel + - PR1363: Fedora 19 / rawhide FTBFS SIGILL + - Changes for HSX23 + - Remove fragment from method that has been removed + - Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make. + - Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags + - Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present. + - Override automatic detection of source language for bytecodes_arm.def + - Include $(CFLAGS) in assembler stage + - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. + - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. +* Shark + - Add Shark definitions from 8003868 + - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp + New in release 2.4.5 (2014-01-29): * Backports diff -r d9cd6461e22c -r a03874670653 acinclude.m4 --- a/acinclude.m4 Thu Jan 30 14:33:10 2014 +0000 +++ b/acinclude.m4 Mon Mar 17 16:42:38 2014 +0000 @@ -2299,45 +2299,79 @@ AC_SUBST([enable_downloading]) ]) +AC_DEFUN_ONCE([IT_HAS_PAX], +[ + AC_MSG_CHECKING([if a PaX kernel is in use]) + if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then + pax_active=yes; + else + pax_active=no; + fi + AC_MSG_RESULT([${pax_active}]) + AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes") +]) + AC_DEFUN_ONCE([IT_WITH_PAX], [ - AC_MSG_CHECKING([for pax utility to use]) + AC_REQUIRE([IT_HAS_PAX]) + PAX_DEFAULT=/usr/sbin/paxmark.sh + AC_MSG_CHECKING([if a PaX utility was specified]) AC_ARG_WITH([pax], [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)], [ - PAX_COMMAND=${withval} + if test "x${withval}" = "xyes"; then + PAX_COMMAND=no + else + PAX_COMMAND="${withval}" + fi ], [ + PAX_COMMAND=no + ]) + AC_MSG_RESULT(${PAX_COMMAND}) + if test "x${PAX_COMMAND}" == "xno"; then + PAX_COMMAND=${PAX_DEFAULT} + fi + AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file]) + if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PAX_COMMAND="" + AC_PATH_PROG(PAX_COMMAND, "paxmark.sh") + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl-ng") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "chpax") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl") + fi + if test -z "${PAX_COMMAND}"; then + if test "x${pax_active}" = "xyes"; then + AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.") + else + AC_MSG_WARN("No PaX utility found.") + fi + fi + fi + if test -z "${PAX_COMMAND}"; then PAX_COMMAND="not specified" - ]) - case "x${PAX_COMMAND}" in - xchpax) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - xpaxctl) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - *) - PAX_COMMAND="not specified" - PAX_COMMAND_ARGS="not specified" - ;; - esac + PAX_COMMAND_ARGS="not specified" + else + AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}]) + case "${host_cpu}" in + i?86) + PAX_COMMAND_ARGS="-msp" + ;; + *) + PAX_COMMAND_ARGS="-m" + ;; + esac + AC_MSG_RESULT(${PAX_COMMAND_ARGS}) + fi AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified") - AC_MSG_RESULT(${PAX_COMMAND}) AC_SUBST(PAX_COMMAND) AC_SUBST(PAX_COMMAND_ARGS) ]) @@ -2589,3 +2623,25 @@ AC_PROVIDE([$0])dnl AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes") ]) + +AC_DEFUN([IT_ENABLE_ARM32JIT], +[ + AC_MSG_CHECKING([whether to enable the ARM32 JIT]) + AC_ARG_ENABLE([arm32-jit], + [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])], + [ + case "${enableval}" in + yes) + enable_arm32jit=yes + ;; + *) + enable_arm32jit=no + ;; + esac + ], + [ + enable_arm32jit=no + ]) + AC_MSG_RESULT([$enable_arm32jit]) + AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") +]) diff -r d9cd6461e22c -r a03874670653 configure.ac --- a/configure.ac Thu Jan 30 14:33:10 2014 +0000 +++ b/configure.ac Mon Mar 17 16:42:38 2014 +0000 @@ -176,6 +176,7 @@ IT_ENABLE_JAR_COMPRESSION IT_SET_SHARK_BUILD IT_CHECK_ADDITIONAL_VMS +IT_ENABLE_ARM32JIT IT_WITH_VERSION_SUFFIX IT_WITH_PROJECT diff -r d9cd6461e22c -r a03874670653 hotspot.map --- a/hotspot.map Thu Jan 30 14:33:10 2014 +0000 +++ b/hotspot.map Mon Mar 17 16:42:38 2014 +0000 @@ -1,2 +1,2 @@ # version url changeset sha256sum -default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 2cb58882dac3 d8c1681ae76e660c1888065933cedbbc1309869c7a2fb98f07c424716d5ebaf9 +default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760 diff -r d9cd6461e22c -r a03874670653 patches/boot/test_gamma.patch --- a/patches/boot/test_gamma.patch Thu Jan 30 14:33:10 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,47 +0,0 @@ -diff -Nru ../openjdk.orig/openjdk-boot/hotspot/make/linux/Makefile openjdk-boot/hotspot/make/linux/Makefile ---- ../openjdk.orig/openjdk-boot/hotspot/make/linux/Makefile 2009-10-30 17:37:07.000000000 +0000 -+++ openjdk-boot/hotspot/make/linux/Makefile 2009-10-30 17:45:40.000000000 +0000 -@@ -287,42 +287,36 @@ - - $(TARGETS_C2): $(SUBDIRS_C2) - cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_TIERED): $(SUBDIRS_TIERED) - cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_C1): $(SUBDIRS_C1) - cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_CORE): $(SUBDIRS_CORE) - cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_ZERO): $(SUBDIRS_ZERO) - cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_SHARK): $(SUBDIRS_SHARK) - cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && $(MAKE) $(MFLAGS) install - endif - diff -r d9cd6461e22c -r a03874670653 patches/cacao/arm-arch-defines.patch --- a/patches/cacao/arm-arch-defines.patch Thu Jan 30 14:33:10 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,18 +0,0 @@ -diff -Nru cacao.orig/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h cacao/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h ---- cacao.orig/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h 2010-05-19 12:14:46.000000000 +0100 -+++ cacao/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h 2010-06-21 18:35:53.000000000 +0100 -@@ -33,7 +33,13 @@ - - /* NEC LE-IT: gcc has no way to easily check the arm architecture - * but defines only one of __ARM_ARCH_x__ to be true */ --#if defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_7__) -+#if defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \ -+ || defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6Z__) \ -+ || defined(__ARM_ARCH_6ZK__) || defined(__ARM_ARCH_6T2__) \ -+ || defined(__ARM_ARCH_6M__) \ -+ || defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \ -+ || defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) -+ - AO_INLINE void - AO_nop_full() - { diff -r d9cd6461e22c -r a03874670653 patches/pax-mark-rmic-java.patch --- a/patches/pax-mark-rmic-java.patch Thu Jan 30 14:33:10 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,10 +0,0 @@ ---- openjdk/jdk/make/com/sun/jmx/Makefile -+++ openjdk/jdk/make/com/sun/jmx/Makefile -@@ -119,6 +119,7 @@ - - $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class - $(prep-target) -+ "$(TOPDIR)"/../../pax-mark-vm "$(OUTPUTDIR)" - $(RMIC) -classpath "$(CLASSDESTDIR)" \ - -d $(CLASSDESTDIR) \ - -v1.2 \ diff -r d9cd6461e22c -r a03874670653 patches/test_gamma.patch --- a/patches/test_gamma.patch Thu Jan 30 14:33:10 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,47 +0,0 @@ -diff -Nru ../openjdk.orig/openjdk/hotspot/make/linux/Makefile openjdk/hotspot/make/linux/Makefile ---- ../openjdk.orig/openjdk/hotspot/make/linux/Makefile 2009-10-30 17:37:07.000000000 +0000 -+++ openjdk/hotspot/make/linux/Makefile 2009-10-30 17:45:40.000000000 +0000 -@@ -287,42 +287,36 @@ - - $(TARGETS_C2): $(SUBDIRS_C2) - cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_TIERED): $(SUBDIRS_TIERED) - cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_C1): $(SUBDIRS_C1) - cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && ./test_gamma - ifdef INSTALL - cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) install - endif - - $(TARGETS_CORE): $(SUBDIRS_CORE) - cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS) -- cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && ./test_gamma From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 16:43:02 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 16:43:02 +0000 Subject: [Bug 1677] [IcedTea7] Update PaX support to detect running PaX kernel and use newer tools In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1677 --- Comment #5 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=e21f201c2d68 author: Andrew John Hughes date: Mon Mar 17 14:58:18 2014 +0000 PR1677: Update PaX support to detect running PaX kernel and use newer tools 2014-02-19 Andrew John Hughes PR1677: Update PaX support to detect running PaX kernel and use newer tools * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Mon Mar 17 16:58:05 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 17 Mar 2014 12:58:05 -0400 (EDT) Subject: EXTREME weirdness - applet writing without permissions In-Reply-To: References: Message-ID: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com> >Hi folks, > >here is something really really weird. I have this applet: >http://tinybrain.de:8080/tb-applet/chat-applet.php > >with this source code (you can verify!): > >width="100%" height="300" alt="Java Applet" archive="magic.jar?3195969"> > > > > >Clearly, all-permissions is just a comment. I also get no security dialog >or anything, so it's a SANDBOXED applet. How are you determining that it's sandboxed? What version of ITW are you running, and what are your settings in Extended Applet Security (check with itweb-settings)? When I run your applet, I get a dialog informing me that it's a signed applet but that it couldn't be verified - but signed, nonetheless. As far as I can tell based on what I'm seeing in the setup of your applet, this is correct. > >However, I can clearly see it accessing my disk. I enter "hello" in the >chat field, and instantly, a file in ~/.tinybrain is created on my >partition. > >By an untrusted applet. > >How's it possible? > >Process dump: > >stefan 746 32001 0 17:22 ? 00:00:00 >/usr/lib/firefox/plugin-container >/usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni >/usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir >/usr/lib/firefox/browser 32001 true plugin >stefan 754 746 1 17:22 ? 00:00:04 >/usr/lib/jvm/java-7-openjdk-i386/bin/java >-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar >-classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar >sun.applet.PluginMain >/tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer >/tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin > >Note: I also use signed applets, using the same .jar, on other pages. Maybe >that slips through to this applet? But still, it's totally out of spec that >this applet can write stuff to disk, or is it? This sounds to me like the root of the confusion here. If your applet resides within a signed JAR, it is treated as if it is signed, unless your applet tag in the HTML specifies that it should be sandboxed anyway [0]. ``If the permissions parameter is not present, signed applets default to "all-permissions" and unsigned applets default to "sandbox".'' If you want this applet to only be able to run with sandbox permissions, without having to specify this in the html, then you need to put it in its own unsigned JAR. > >Cheers, >Stefan [0] http://docs.oracle.com/javase/tutorial/deployment/applet/html.html Thanks, Andrew A From stefan.reich.maker.of.eye at googlemail.com Mon Mar 17 17:06:44 2014 From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich) Date: Mon, 17 Mar 2014 18:06:44 +0100 Subject: EXTREME weirdness - applet writing without permissions In-Reply-To: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com> References: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com> Message-ID: Oh... OK. So I misunderstood (mis-guessed) the spec. I see! So I'll have to put an unsigned applet there to have it sandboxed. Thanks for investigating, Stefan On Mon, Mar 17, 2014 at 5:58 PM, Andrew Azores wrote: > >Hi folks, > > > >here is something really really weird. I have this applet: > >http://tinybrain.de:8080/tb-applet/chat-applet.php > > > >with this source code (you can verify!): > > > > >width="100%" height="300" alt="Java Applet" archive="magic.jar?3195969"> > > > > > > > > > >Clearly, all-permissions is just a comment. I also get no security dialog > >or anything, so it's a SANDBOXED applet. > > How are you determining that it's sandboxed? What version of ITW are you > running, and what are your settings in Extended Applet Security (check with > itweb-settings)? When I run your applet, I get a dialog informing me that > it's a signed applet but that it couldn't be verified - but signed, > nonetheless. As far as I can tell based on what I'm seeing in the setup of > your applet, this is correct. > > > > >However, I can clearly see it accessing my disk. I enter "hello" in the > >chat field, and instantly, a file in ~/.tinybrain is created on my > >partition. > > > >By an untrusted applet. > > > >How's it possible? > > > >Process dump: > > > >stefan 746 32001 0 17:22 ? 00:00:00 > >/usr/lib/firefox/plugin-container > >/usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni > >/usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir > >/usr/lib/firefox/browser 32001 true plugin > >stefan 754 746 1 17:22 ? 00:00:04 > >/usr/lib/jvm/java-7-openjdk-i386/bin/java > > >-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar > >-classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar > >sun.applet.PluginMain > >/tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer > >/tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin > > > >Note: I also use signed applets, using the same .jar, on other pages. > Maybe > >that slips through to this applet? But still, it's totally out of spec > that > >this applet can write stuff to disk, or is it? > > This sounds to me like the root of the confusion here. If your applet > resides within a signed JAR, it is treated as if it is signed, unless your > applet tag in the HTML specifies that it should be sandboxed anyway [0]. > ``If the permissions parameter is not present, signed applets default to > "all-permissions" and unsigned applets default to "sandbox".'' If you want > this applet to only be able to run with sandbox permissions, without having > to specify this in the html, then you need to put it in its own unsigned > JAR. > > > > >Cheers, > >Stefan > > [0] http://docs.oracle.com/javase/tutorial/deployment/applet/html.html > > Thanks, > > Andrew A > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Mon Mar 17 17:10:40 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 17 Mar 2014 13:10:40 -0400 (EDT) Subject: EXTREME weirdness - applet writing without permissions In-Reply-To: References: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com> Message-ID: <1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com> > Oh... OK. So I misunderstood (mis-guessed) the spec. I see! > So I'll have to put an unsigned applet there to have it sandboxed. > Thanks for investigating, > Stefan Well, you could alternatively just specify sandbox permissions in the applet tag. But simply splitting it into its own separate unsigned JAR will also work. Up to you. Bonus points if you test both and confirm that it comes out with sandbox-only permissions either way :) Thanks, Andrew A -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Mon Mar 17 17:27:55 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 17 Mar 2014 13:27:55 -0400 (EDT) Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> Message-ID: <907296202.650981.1395077275435.JavaMail.zimbra@redhat.com> This patch adds the exact same button to the new Partially Signed dialog. The patch is nearly identical, so I think reviewing them together makes sense. Maybe eventually CertWarningPane can be made into an AppTrustWarningPanel as well, which will allow some elimination of duplicate code here. Thanks, Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: partially-signed-policyeditor.patch Type: text/x-patch Size: 6130 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 23:26:32 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 23:26:32 +0000 Subject: [Bug 1712] New: [IcedTea6] Allow -Werror to be turned off in the HotSpot build Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712 Bug ID: 1712 Summary: [IcedTea6] Allow -Werror to be turned off in the HotSpot build Product: IcedTea Version: 6-1.13.1 Hardware: x86_64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org IcedTea 1.13.x already incorporates the HotSpot portion of PR1095. We should make use of it. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 23:27:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 23:27:05 +0000 Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Blocks| |1503 Depends on| |1095 Target Milestone|--- |6-1.13.2 Severity|enhancement |normal -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 23:27:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 23:27:05 +0000 Subject: [Bug 1503] [TRACKER] IcedTea6 1.14 Release In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1503 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |1712 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 17 23:28:42 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 17 Mar 2014 23:28:42 +0000 Subject: [Bug 1651] jvm crash In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1651 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Version|unspecified |6-1.12.7 Severity|critical |normal --- Comment #1 from Andrew John Hughes --- Please provide information on how to reproduce this. As this is a failure in system code, not the JDK, this looks like a bug elsewhere. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rt.ydwd at gmail.com Tue Mar 18 07:58:03 2014 From: rt.ydwd at gmail.com (rt) Date: Tue, 18 Mar 2014 13:28:03 +0530 Subject: [Bug 1656] New: PulseAudioSourceDataLine.stop() hangs intermittently Message-ID: Hi, I am using icedtea6-1.12.7 which packages pulse-java.jar, for pulseaudio support. I have installed this on linux platform. I got a java level deadlock in pulseaudio with logs as below : Found one Java-level deadlock: ============================= "pool-1-thread-483": waiting to lock monitor 0x0884fd08 (object 0x951abe90, a java.lang.Object), which is held by "PulseAudio Eventloop Thread" "PulseAudio Eventloop Thread": waiting to lock monitor 0x0884fd6c (object 0x94f39108, a org.classpath.icedtea.pulseaudio.PulseAudioSourceDataLine), which is held by "Thread-353" "Thread-353": waiting to lock monitor 0x0884fd08 (object 0x951abe90, a java.lang.Object), which is held by "PulseAudio Eventloop Thread" It is similar to the bug [ Bug 1656 ] reported by Sascha Baumeister. http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1656 I am not a java programmer. When can I expect this bug to be fixed? Can you provide any patch or any fixes for this? Thanks in Advance. Regards, Arati Yadawad -------------- next part -------------- An HTML attachment was scrubbed... URL: From aph at redhat.com Tue Mar 18 09:44:33 2014 From: aph at redhat.com (Andrew Haley) Date: Tue, 18 Mar 2014 09:44:33 +0000 Subject: AArch64 updates for icedtea7-forest Message-ID: <53281581.60005@redhat.com> All pretty straightforward, and hopefully uncontroversial. Andrew. -------------- next part -------------- comparing with ssh://icedtea.classpath.org/hg/icedtea7-forest/jdk searching for changes changeset: 7369:d6953869315d user: aph date: Mon Mar 17 17:17:43 2014 +0000 summary: Set flags and defines for Aarch64. diff -r 9341cc31ced6 -r d6953869315d make/common/shared/Platform.gmk --- a/make/common/shared/Platform.gmk Sat Mar 15 01:07:27 2014 +0000 +++ b/make/common/shared/Platform.gmk Mon Mar 17 17:17:43 2014 +0000 @@ -224,6 +224,9 @@ ifeq ($(ARCH), sh) ARCH_DATA_MODEL=32 endif + ifeq ($(ARCH), aarch64) + ARCH_DATA_MODEL=64 + endif endif endif diff -r 9341cc31ced6 -r d6953869315d make/javax/sound/SoundDefs.gmk --- a/make/javax/sound/SoundDefs.gmk Sat Mar 15 01:07:27 2014 +0000 +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 @@ -74,6 +74,10 @@ CPPFLAGS += -DX_ARCH=X_AMD64 endif # ARCH amd64 + ifeq ($(ARCH), aarch64) + CPPFLAGS += -DX_ARCH=X_AARCH64 + endif # ARCH amd64 + ifeq ($(ARCH), arm) CPPFLAGS += -DX_ARCH=X_ARM endif # ARCH arm changeset: 7370:90cda5cd2340 user: aph date: Mon Mar 17 17:56:51 2014 +0000 summary: build system changes to enable aarch64 build diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk --- a/make/common/shared/Platform.gmk Mon Mar 17 17:17:43 2014 +0000 +++ b/make/common/shared/Platform.gmk Mon Mar 17 17:56:51 2014 +0000 @@ -227,6 +227,9 @@ ifeq ($(ARCH), aarch64) ARCH_DATA_MODEL=64 endif + ifeq ($(ARCH), aarch64) + ARCH_DATA_MODEL=64 + endif endif endif diff -r d6953869315d -r 90cda5cd2340 make/java/main/java/mapfile-aarch64 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/make/java/main/java/mapfile-aarch64 Mon Mar 17 17:56:51 2014 +0000 @@ -0,0 +1,39 @@ +# +# Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# +# +# Specify what global symbols we export. Note that we're not really +# interested in declaring a version, simply scoping the file is sufficient. +# + +SUNWprivate_1.1 { + global: + main; # Provides basic adb symbol offsets + environ; # Public symbols and required by Java run time + _environ; + __environ_lock; + + local: + *; +}; diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 @@ -134,6 +134,10 @@ CPPFLAGS += -DX_ARCH=X_AMD64 endif # ARCH amd64 + ifeq ($(ARCH), aarch64) + CPPFLAGS += -DX_ARCH=X_AARCH64 + endif # ARCH amd64 + ifeq ($(ARCH), arm) CPPFLAGS += -DX_ARCH=X_ARM endif # ARCH arm diff -r d6953869315d -r 90cda5cd2340 src/solaris/bin/aarch64/jvm.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/solaris/bin/aarch64/jvm.cfg Mon Mar 17 17:56:51 2014 +0000 @@ -0,0 +1,36 @@ +# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# +# List of JVMs that can be used as an option to java, javac, etc. +# Order is important -- first in this list is the default JVM. +# NOTE that this both this file and its format are UNSUPPORTED and +# WILL GO AWAY in a future release. +# +# You may also select a JVM in an arbitrary location with the +# "-XXaltjvm=" option, but that too is unsupported +# and may not be available in a future release. +# +# n.b. server must be first so it is used as the default +-server KNOWN +-client ALIASED_TO -server +-minimal ERROR changeset: 7371:3fb69cddcafa tag: tip user: aph date: Mon Mar 17 14:45:30 2014 -0400 summary: CFLAGS_REQUIRED for aarch64. diff -r 90cda5cd2340 -r 3fb69cddcafa make/common/Defs-linux.gmk --- a/make/common/Defs-linux.gmk Mon Mar 17 17:56:51 2014 +0000 +++ b/make/common/Defs-linux.gmk Mon Mar 17 14:45:30 2014 -0400 @@ -202,6 +202,7 @@ LDFLAGS_COMMON_ppc64 += -m64 -L/lib64 -Wl,-melf64ppc CFLAGS_REQUIRED_s390 += CFLAGS_REQUIRED_s390x += -m64 +CFLAGS_REQUIRED_aarch64 += -fno-omit-frame-pointer -fsigned-char -D_LITTLE_ENDIAN CFLAGS_REQUIRED_sparcv9 += -m64 -mcpu=v9 LDFLAGS_COMMON_sparcv9 += -m64 -mcpu=v9 CFLAGS_REQUIRED_sparc += -m32 -mcpu=v9 From omajid at redhat.com Tue Mar 18 10:49:23 2014 From: omajid at redhat.com (Omair Majid) Date: Tue, 18 Mar 2014 06:49:23 -0400 Subject: [Bug 1656] New: PulseAudioSourceDataLine.stop() hangs intermittently In-Reply-To: References: Message-ID: <20140318104921.GA1977@redhat.com> Hi, * rt [2014-03-18 03:58]: > I am using icedtea6-1.12.7 which packages pulse-java.jar, for > pulseaudio support. I have installed this on linux platform. pulse-java.jar is mostly obsolete at this point. Java should be able to make use of the userspace ALSA API which should transparently pass through to PulseAudio (if your distribution configures PulseAudio correctly): Java -> ALSA (userspace) -> PulseAudio -> ALSA (kernel) Can you try and remove pulse-java.jar and/or comment out the relevant bits in the sound.properties file in the JRE? To comment out the relevant parts in sound.properties file, just put a '#' at the beginning of any line in that mentions 'org.classpath.icedtea.pulseaudio'. > I got a java level deadlock in pulseaudio with logs as below : Thanks for the info. I will take a look, but it wont be any time soon. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From ptisnovs at icedtea.classpath.org Tue Mar 18 11:06:59 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 18 Mar 2014 11:06:59 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBltBasicTests. Message-ID: changeset 3a59e3b162a9 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3a59e3b162a9 author: Pavel Tisnovsky date: Tue Mar 18 12:07:31 2014 +0100 Ten new tests added into BitBltBasicTests. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltBasicTests.java | 152 ++++++++++++++++++++++- 2 files changed, 156 insertions(+), 1 deletions(-) diffs (244 lines): diff -r e459010f5534 -r 3a59e3b162a9 ChangeLog --- a/ChangeLog Mon Mar 17 11:47:56 2014 +0100 +++ b/ChangeLog Tue Mar 18 12:07:31 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-18 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltBasicTests.java: + Ten new tests added into BitBltBasicTests. + 2014-03-17 Pavel Tisnovsky * src/org/gfxtest/framework/CommonBitmapOperations.java: diff -r e459010f5534 -r 3a59e3b162a9 src/org/gfxtest/testsuites/BitBltBasicTests.java --- a/src/org/gfxtest/testsuites/BitBltBasicTests.java Mon Mar 17 11:47:56 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltBasicTests.java Tue Mar 18 12:07:31 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2010, 2011, 2012, 2013 Red Hat + Copyright (C) 2010, 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. @@ -274,6 +274,21 @@ } /** + * Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithEmptyImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -469,6 +484,21 @@ } /** + * Test basic BitBlt operation for checker buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltCheckerBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithCheckerImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -664,6 +694,21 @@ } /** + * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalCheckerBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithDiagonalCheckerImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -859,6 +904,21 @@ } /** + * Test basic BitBlt operation for grid buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltGridBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithGridImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for diagonal grid buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -1055,6 +1115,21 @@ } /** + * Test basic BitBlt operation for diagonal grid buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalGridBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithDiagonalGridImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for horizontal stripes buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -1251,6 +1326,21 @@ } /** + * Test basic BitBlt operation for horizontal stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltHorizontalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for vertical stripes buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -1447,6 +1537,21 @@ } /** + * Test basic BitBlt operation for vertical stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltVerticalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithVerticalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for diagonal stripes buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -1643,6 +1748,21 @@ } /** + * Test basic BitBlt operation for diagonal stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithDiagonalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for horizontal color stripes buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -1840,6 +1960,21 @@ } /** + * Test basic BitBlt operation for horizontal color stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltHorizontalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithHorizontalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for vertical color stripes buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -2036,6 +2171,21 @@ } /** + * Test basic BitBlt operation for vertical color stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltVerticalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithVerticalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for diagonal color stripes buffered image with type TYPE_3BYTE_BGR. * * @param image From ptisnovs at icedtea.classpath.org Tue Mar 18 11:10:09 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 18 Mar 2014 11:10:09 +0000 Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamNegativeT... Message-ID: changeset 5ec49b1ba6af in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=5ec49b1ba6af author: Pavel Tisnovsky date: Tue Mar 18 12:10:50 2014 +0100 Added new test testGetResourceAsStreamNegativeTest into ScriptContextClassTest. diffstat: ChangeLog | 6 ++ src/org/RhinoTests/ScriptContextClassTest.java | 63 +++++++++++++++++++++++++- 2 files changed, 68 insertions(+), 1 deletions(-) diffs (93 lines): diff -r e21fefd231df -r 5ec49b1ba6af ChangeLog --- a/ChangeLog Mon Mar 17 11:54:49 2014 +0100 +++ b/ChangeLog Tue Mar 18 12:10:50 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-18 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptContextClassTest.java: + Added new test testGetResourceAsStreamNegativeTest into + ScriptContextClassTest. + 2014-03-17 Pavel Tisnovsky * src/org/RhinoTests/CompiledScriptClassTest.java: diff -r e21fefd231df -r 5ec49b1ba6af src/org/RhinoTests/ScriptContextClassTest.java --- a/src/org/RhinoTests/ScriptContextClassTest.java Mon Mar 17 11:54:49 2014 +0100 +++ b/src/org/RhinoTests/ScriptContextClassTest.java Tue Mar 18 12:10:50 2014 +0100 @@ -1,7 +1,7 @@ /* Rhino test framework - Copyright (C) 2011, 2012, 2013 Red Hat + Copyright (C) 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. @@ -2002,6 +2002,67 @@ } /** + * Test for method javax.script.ScriptContext.getClass().getResourceAsStreamNegativeTest() + */ + protected void testGetResourceAsStreamNegativeTest() { + Object stream = null; + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/Constants.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + + /** * Test for instanceof operator applied to a class javax.script.ScriptContext */ @SuppressWarnings("cast") From adinn at redhat.com Tue Mar 18 11:30:58 2014 From: adinn at redhat.com (Andrew Dinn) Date: Tue, 18 Mar 2014 11:30:58 +0000 Subject: AArch64 updates for icedtea7-forest In-Reply-To: <53281581.60005@redhat.com> References: <53281581.60005@redhat.com> Message-ID: <53282E72.9020209@redhat.com> On 18/03/14 09:44, Andrew Haley wrote: > All pretty straightforward, and hopefully uncontroversial. Looks good. In fact looks very like what I did to the jdk7u60 tree :-) regards, Andrew Dinn ----------- From gnu.andrew at redhat.com Tue Mar 18 16:09:24 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Tue, 18 Mar 2014 12:09:24 -0400 (EDT) Subject: AArch64 updates for icedtea7-forest In-Reply-To: <53281581.60005@redhat.com> References: <53281581.60005@redhat.com> Message-ID: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> ----- Original Message ----- > All pretty straightforward, and hopefully uncontroversial. > > Andrew. > > How did you generate this file? There's some clear duplication here: diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk --- a/make/common/shared/Platform.gmk Mon Mar 17 17:17:43 2014 +0000 +++ b/make/common/shared/Platform.gmk Mon Mar 17 17:56:51 2014 +0000 @@ -227,6 +227,9 @@ ifeq ($(ARCH), aarch64) ARCH_DATA_MODEL=64 endif + ifeq ($(ARCH), aarch64) + ARCH_DATA_MODEL=64 + endif endif endif repeating what was done earlier in the patch. Also: diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 @@ -134,6 +134,10 @@ CPPFLAGS += -DX_ARCH=X_AMD64 endif # ARCH amd64 + ifeq ($(ARCH), aarch64) + CPPFLAGS += -DX_ARCH=X_AARCH64 + endif # ARCH amd64 + ifeq ($(ARCH), arm) CPPFLAGS += -DX_ARCH=X_ARM endif # ARCH arm was already added by PR1551: Add build support for Zero AArch64. It's not clear why this is 3 separate changesets when one would suffice. -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From aph at redhat.com Tue Mar 18 16:11:13 2014 From: aph at redhat.com (Andrew Haley) Date: Tue, 18 Mar 2014 16:11:13 +0000 Subject: AArch64 updates for icedtea7-forest In-Reply-To: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> Message-ID: <53287021.2090802@redhat.com> On 03/18/2014 04:09 PM, Andrew Hughes wrote: > ----- Original Message ----- >> All pretty straightforward, and hopefully uncontroversial. >> >> Andrew. >> >> > > How did you generate this file? > > There's some clear duplication here: > > diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk > --- a/make/common/shared/Platform.gmk Mon Mar 17 17:17:43 2014 +0000 > +++ b/make/common/shared/Platform.gmk Mon Mar 17 17:56:51 2014 +0000 > @@ -227,6 +227,9 @@ > ifeq ($(ARCH), aarch64) > ARCH_DATA_MODEL=64 > endif > + ifeq ($(ARCH), aarch64) > + ARCH_DATA_MODEL=64 > + endif > endif > endif > > repeating what was done earlier in the patch. Strange. I'll have another look. > Also: > > diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk > --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 > +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 > @@ -134,6 +134,10 @@ > CPPFLAGS += -DX_ARCH=X_AMD64 > endif # ARCH amd64 > > + ifeq ($(ARCH), aarch64) > + CPPFLAGS += -DX_ARCH=X_AARCH64 > + endif # ARCH amd64 > + > ifeq ($(ARCH), arm) > CPPFLAGS += -DX_ARCH=X_ARM > endif # ARCH arm > > was already added by PR1551: Add build support for Zero AArch64. Even stranger. > It's not clear why this is 3 separate changesets when one would suffice. It's a workflow thing: these are separate patches from upstream, written at different times. I'll have a look and adjust as appropriate. Andrew. From aph at redhat.com Tue Mar 18 16:20:49 2014 From: aph at redhat.com (Andrew Haley) Date: Tue, 18 Mar 2014 16:20:49 +0000 Subject: AArch64 updates for icedtea7-forest In-Reply-To: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> Message-ID: <53287261.2080706@redhat.com> On 03/18/2014 04:09 PM, Andrew Hughes wrote: > diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk > --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 > +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 > @@ -134,6 +134,10 @@ > CPPFLAGS += -DX_ARCH=X_AMD64 > endif # ARCH amd64 > > + ifeq ($(ARCH), aarch64) > + CPPFLAGS += -DX_ARCH=X_AARCH64 > + endif # ARCH amd64 > + > ifeq ($(ARCH), arm) > CPPFLAGS += -DX_ARCH=X_ARM > endif # ARCH arm > > was already added by PR1551: Add build support for Zero AArch64. That files seems to be a bit mad, with duplicate entries for AMD64. I'll remove the duplicated AArch64 entries. Andrew. From bugzilla-daemon at icedtea.classpath.org Tue Mar 18 16:22:49 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 18 Mar 2014 16:22:49 +0000 Subject: [Bug 1713] New: [IcedTea7] Support AArch64 Port Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 Bug ID: 1713 Summary: [IcedTea7] Support AArch64 Port Product: IcedTea Version: 7-hg Hardware: aarch64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org Add necessary JDK changes to IcedTea tree to build the AArch64 port, and provide the aarch64 HotSpot as a build option. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnu.andrew at redhat.com Tue Mar 18 16:29:02 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Tue, 18 Mar 2014 12:29:02 -0400 (EDT) Subject: AArch64 updates for icedtea7-forest In-Reply-To: <53287261.2080706@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> <53287261.2080706@redhat.com> Message-ID: <1499782363.1131897.1395160142472.JavaMail.zimbra@redhat.com> ----- Original Message ----- > On 03/18/2014 04:09 PM, Andrew Hughes wrote: > > diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk > > --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 > > +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 > > @@ -134,6 +134,10 @@ > > CPPFLAGS += -DX_ARCH=X_AMD64 > > endif # ARCH amd64 > > > > + ifeq ($(ARCH), aarch64) > > + CPPFLAGS += -DX_ARCH=X_AARCH64 > > + endif # ARCH amd64 > > + > > ifeq ($(ARCH), arm) > > CPPFLAGS += -DX_ARCH=X_ARM > > endif # ARCH arm > > > > was already added by PR1551: Add build support for Zero AArch64. > > That files seems to be a bit mad, with duplicate entries for AMD64. > > I'll remove the duplicated AArch64 entries. > > Andrew. > > It's ok. Just about to push a cleanup of this. -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From adinn at redhat.com Tue Mar 18 16:42:36 2014 From: adinn at redhat.com (Andrew Dinn) Date: Tue, 18 Mar 2014 16:42:36 +0000 Subject: AArch64 updates for icedtea7-forest In-Reply-To: <53287261.2080706@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> <53287261.2080706@redhat.com> Message-ID: <5328777C.3080806@redhat.com> On 18/03/14 16:20, Andrew Haley wrote: > On 03/18/2014 04:09 PM, Andrew Hughes wrote: >> diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk >> --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:17:43 2014 +0000 >> +++ b/make/javax/sound/SoundDefs.gmk Mon Mar 17 17:56:51 2014 +0000 >> @@ -134,6 +134,10 @@ >> CPPFLAGS += -DX_ARCH=X_AMD64 >> endif # ARCH amd64 >> >> + ifeq ($(ARCH), aarch64) >> + CPPFLAGS += -DX_ARCH=X_AARCH64 >> + endif # ARCH amd64 >> + >> ifeq ($(ARCH), arm) >> CPPFLAGS += -DX_ARCH=X_ARM >> endif # ARCH arm >> >> was already added by PR1551: Add build support for Zero AArch64. > > That files seems to be a bit mad, with duplicate entries for AMD64. > > I'll remove the duplicated AArch64 entries. Hmm, I was assuming that adding support for our AArch64 JVM would break support for Zero AArch64. That's maybe not a bad thing but is it intended? regards, Andrew Dinn ----------- From aph at redhat.com Tue Mar 18 16:45:03 2014 From: aph at redhat.com (Andrew Haley) Date: Tue, 18 Mar 2014 16:45:03 +0000 Subject: AArch64 updates for icedtea7-forest In-Reply-To: <5328777C.3080806@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> <53287261.2080706@redhat.com> <5328777C.3080806@redhat.com> Message-ID: <5328780F.4000608@redhat.com> On 03/18/2014 04:42 PM, Andrew Dinn wrote: > Hmm, I was assuming that adding support for our AArch64 JVM would break > support for Zero AArch64. That's maybe not a bad thing but is it intended? Does anyone care? It might, I suppose, but ATM can't see why it would. Andrew. From bugzilla-daemon at icedtea.classpath.org Tue Mar 18 16:46:47 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 18 Mar 2014 16:46:47 +0000 Subject: [Bug 1714] New: [IcedTea6] Update PaX support to detect running PaX kernel and use newer tools Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714 Bug ID: 1714 Summary: [IcedTea6] Update PaX support to detect running PaX kernel and use newer tools Product: IcedTea Version: 7-hg Hardware: all OS: All Status: NEW Severity: normal Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org Clone of PR1677 for IcedTea 1.x. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 18 16:47:03 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 18 Mar 2014 16:47:03 +0000 Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX kernel and use newer tools In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Version|7-hg |6-hg Target Milestone|--- |6-1.13.2 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 18 16:53:32 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 18 Mar 2014 16:53:32 +0000 Subject: [Bug 1713] [IcedTea7] Support AArch64 Port In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea7-forest/jdk?cmd=changeset;node=b7b1a66665ce author: andrew date: Tue Mar 18 16:51:52 2014 +0000 PR1713: Support AArch64 Port Summary: Cleanup settings in SoundDefs.gmk, Platform.gmk and Defs-linux.gmk. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From naaman at heroku.com Tue Mar 18 16:54:14 2014 From: naaman at heroku.com (Naaman Newbold) Date: Tue, 18 Mar 2014 09:54:14 -0700 Subject: IcedTea for Java 8 Message-ID: Pardon the interruption, but are there plans for IcedTea support for Java 8? -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnu.andrew at redhat.com Tue Mar 18 17:00:49 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Tue, 18 Mar 2014 13:00:49 -0400 (EDT) Subject: AArch64 updates for icedtea7-forest In-Reply-To: <5328780F.4000608@redhat.com> References: <53281581.60005@redhat.com> <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com> <53287261.2080706@redhat.com> <5328777C.3080806@redhat.com> <5328780F.4000608@redhat.com> Message-ID: <715242145.1143376.1395162049091.JavaMail.zimbra@redhat.com> ----- Original Message ----- > On 03/18/2014 04:42 PM, Andrew Dinn wrote: > > Hmm, I was assuming that adding support for our AArch64 JVM would break > > support for Zero AArch64. That's maybe not a bad thing but is it intended? > > Does anyone care? It might, I suppose, but ATM can't see why it would. > I can't see why it would. x86 & amd64 already work for both Zero and non-Zero builds. As you can see in the cleanup I just pushed: http://icedtea.classpath.org/hg/icedtea7-forest/jdk/rev/b7b1a66665ce Most of the changes are duplicated by Zero AArch64 support; the Platform.gmk & SoundDefs.gmk changes were already present so I've removed them and also reordered things so they are again listed alphabetically. The only changes specific to the AArch64 port are the new jvm.cfg and mapfile, as well as the CFLAGS (Zero sets its own): ifeq ($(ZERO_BUILD), true) CFLAGS_REQUIRED = $(ZERO_ARCHFLAG) ifeq ($(ZERO_ENDIANNESS), little) CFLAGS_REQUIRED += -D_LITTLE_ENDIAN endif LDFLAGS_COMMON += $(ZERO_ARCHFLAG) else CFLAGS_REQUIRED = $(CFLAGS_REQUIRED_$(ARCH)) LDFLAGS_COMMON += $(LDFLAGS_COMMON_$(ARCH)) endif So I don't see how the AArch64 port changes will have any effect on Zero. > Andrew. > > -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From xerxes at zafena.se Tue Mar 18 17:19:27 2014 From: xerxes at zafena.se (=?ISO-8859-1?Q?Xerxes_R=E5nby?=) Date: Tue, 18 Mar 2014 18:19:27 +0100 Subject: IcedTea for Java 8 In-Reply-To: References: Message-ID: <5328801F.2000409@zafena.se> 2014-03-18 17:54, Naaman Newbold skrev: > Pardon the interruption, but are there plans for IcedTea support for Java 8? The following hg currently builds OpenJDK 8 using IcedTea 3. http://icedtea.classpath.org/hg/icedtea/ IcedTea 3 with OpenJDK 8 support is still unreleased. Cheers Xerxes From gnu.andrew at redhat.com Tue Mar 18 17:32:31 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Tue, 18 Mar 2014 13:32:31 -0400 (EDT) Subject: IcedTea for Java 8 In-Reply-To: <5328801F.2000409@zafena.se> References: <5328801F.2000409@zafena.se> Message-ID: <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com> ----- Original Message ----- > 2014-03-18 17:54, Naaman Newbold skrev: > > Pardon the interruption, but are there plans for IcedTea support for Java > > 8? > > > The following hg currently builds OpenJDK 8 using IcedTea 3. > http://icedtea.classpath.org/hg/icedtea/ > > IcedTea 3 with OpenJDK 8 support is still unreleased. > > Cheers > Xerxes > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently, 6 & 7 occupy most of our time as this is what people are actively using. We do plan to scale back 6 & 7 support soon to allow more resources for 8; more on this to come. -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From andrew at icedtea.classpath.org Tue Mar 18 17:34:13 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Tue, 18 Mar 2014 17:34:13 +0000 Subject: /hg/release/icedtea7-forest-2.4/jdk: PR1713: Support AArch64 Port Message-ID: changeset 1e3bd243269a in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=1e3bd243269a author: aph date: Tue Mar 18 17:10:07 2014 +0000 PR1713: Support AArch64 Port Summary: CFLAGS_REQUIRED and build system changes for AArch64 port. diffstat: make/common/Defs-linux.gmk | 9 +++---- make/java/main/java/mapfile-aarch64 | 39 +++++++++++++++++++++++++++++++++++++ make/javax/sound/SoundDefs.gmk | 28 +++++++------------------ src/solaris/bin/aarch64/jvm.cfg | 36 ++++++++++++++++++++++++++++++++++ 4 files changed, 87 insertions(+), 25 deletions(-) diffs (169 lines): diff -r cf842ff5dba2 -r 1e3bd243269a make/common/Defs-linux.gmk --- a/make/common/Defs-linux.gmk Mon Mar 17 16:37:23 2014 +0000 +++ b/make/common/Defs-linux.gmk Tue Mar 18 17:10:07 2014 +0000 @@ -188,26 +188,25 @@ # We need this frame pointer to make it easy to walk the stacks. # This should be the default on X86, but ia64 and amd64 may not have this # as the default. +CFLAGS_REQUIRED_aarch64 += -fno-omit-frame-pointer -fsigned-char -D_LITTLE_ENDIAN CFLAGS_REQUIRED_alpha += -mieee -D_LITTLE_ENDIAN CFLAGS_REQUIRED_amd64 += -fno-omit-frame-pointer -D_LITTLE_ENDIAN -CFLAGS_REQUIRED_arm += -D_LITTLE_ENDIAN +CFLAGS_REQUIRED_arm += -D_LITTLE_ENDIAN -fsigned-char -D_LITTLE_ENDIAN CFLAGS_REQUIRED_hppa += CFLAGS_REQUIRED_i586 += -fno-omit-frame-pointer -D_LITTLE_ENDIAN CFLAGS_REQUIRED_ia64 += -fno-omit-frame-pointer -D_LITTLE_ENDIAN CFLAGS_REQUIRED_m68k += CFLAGS_REQUIRED_mips += CFLAGS_REQUIRED_mipsel += -D_LITTLE_ENDIAN -CFLAGS_REQUIRED_ppc += -m32 +CFLAGS_REQUIRED_ppc += -m32 -fsigned-char -D_BIG_ENDIAN CFLAGS_REQUIRED_ppc64 += -m64 CFLAGS_REQUIRED_s390 += CFLAGS_REQUIRED_s390x += -m64 +CFLAGS_REQUIRED_sh += -mieee CFLAGS_REQUIRED_sparcv9 += -m64 -mcpu=v9 LDFLAGS_COMMON_sparcv9 += -m64 -mcpu=v9 CFLAGS_REQUIRED_sparc += -m32 -mcpu=v9 LDFLAGS_COMMON_sparc += -m32 -mcpu=v9 -CFLAGS_REQUIRED_arm += -fsigned-char -D_LITTLE_ENDIAN -CFLAGS_REQUIRED_ppc += -fsigned-char -D_BIG_ENDIAN -CFLAGS_REQUIRED_sh += -mieee ifeq ($(ZERO_BUILD), true) CFLAGS_REQUIRED = $(ZERO_ARCHFLAG) ifeq ($(ZERO_ENDIANNESS), little) diff -r cf842ff5dba2 -r 1e3bd243269a make/java/main/java/mapfile-aarch64 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/make/java/main/java/mapfile-aarch64 Tue Mar 18 17:10:07 2014 +0000 @@ -0,0 +1,39 @@ +# +# Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# +# +# Specify what global symbols we export. Note that we're not really +# interested in declaring a version, simply scoping the file is sufficient. +# + +SUNWprivate_1.1 { + global: + main; # Provides basic adb symbol offsets + environ; # Public symbols and required by Java run time + _environ; + __environ_lock; + + local: + *; +}; diff -r cf842ff5dba2 -r 1e3bd243269a make/javax/sound/SoundDefs.gmk --- a/make/javax/sound/SoundDefs.gmk Mon Mar 17 16:37:23 2014 +0000 +++ b/make/javax/sound/SoundDefs.gmk Tue Mar 18 17:10:07 2014 +0000 @@ -62,6 +62,10 @@ ifeq ($(ZERO_BUILD), true) CPPFLAGS += -DX_ARCH=X_ZERO else + ifeq ($(ARCH), aarch64) + CPPFLAGS += -DX_ARCH=X_AARCH64 + endif # ARCH amd64 + ifeq ($(ARCH), alpha) CPPFLAGS += -DX_ARCH=X_ALPHA endif # ARCH alpha @@ -110,6 +114,10 @@ CPPFLAGS += -DX_ARCH=X_S390X endif # ARCH s390x + ifeq ($(ARCH), sh) + CPPFLAGS += -DX_ARCH=X_SH + endif # ARCH Renesas SuperH(sh) + ifeq ($(ARCH), sparc) CPPFLAGS += -DX_ARCH=X_SPARC endif # ARCH sparc @@ -118,26 +126,6 @@ CPPFLAGS += -DX_ARCH=X_SPARCV9 endif # ARCH sparcv9 - ifeq ($(ARCH), aarch64) - CPPFLAGS += -DX_ARCH=X_AARCH64 - endif # ARCH aarch64 - - ifeq ($(ARCH), amd64) - CPPFLAGS += -DX_ARCH=X_AMD64 - endif # ARCH amd64 - - ifeq ($(ARCH), arm) - CPPFLAGS += -DX_ARCH=X_ARM - endif # ARCH arm - - ifeq ($(ARCH), ppc) - CPPFLAGS += -DX_ARCH=X_PPC - endif # ARCH ppc - - ifeq ($(ARCH), sh) - CPPFLAGS += -DX_ARCH=X_SH - endif # ARCH Renesas SuperH(sh) - endif diff -r cf842ff5dba2 -r 1e3bd243269a src/solaris/bin/aarch64/jvm.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/solaris/bin/aarch64/jvm.cfg Tue Mar 18 17:10:07 2014 +0000 @@ -0,0 +1,36 @@ +# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# +# List of JVMs that can be used as an option to java, javac, etc. +# Order is important -- first in this list is the default JVM. +# NOTE that this both this file and its format are UNSUPPORTED and +# WILL GO AWAY in a future release. +# +# You may also select a JVM in an arbitrary location with the +# "-XXaltjvm=" option, but that too is unsupported +# and may not be available in a future release. +# +# n.b. server must be first so it is used as the default +-server KNOWN +-client ALIASED_TO -server +-minimal ERROR From bugzilla-daemon at icedtea.classpath.org Tue Mar 18 17:34:21 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 18 Mar 2014 17:34:21 +0000 Subject: [Bug 1713] [IcedTea7] Support AArch64 Port In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=1e3bd243269a author: aph date: Tue Mar 18 17:10:07 2014 +0000 PR1713: Support AArch64 Port Summary: CFLAGS_REQUIRED and build system changes for AArch64 port. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hsn at sanatana.filez.com Tue Mar 18 20:12:27 2014 From: hsn at sanatana.filez.com (Radim Kolar) Date: Tue, 18 Mar 2014 21:12:27 +0100 Subject: revive hg tags Message-ID: <5328A8AB.8020604@sanatana.filez.com> can you continue to make tags in hg marking release points like it used to be in icedtea 1.x? From gnu.andrew at redhat.com Tue Mar 18 23:43:16 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Tue, 18 Mar 2014 19:43:16 -0400 (EDT) Subject: revive hg tags In-Reply-To: <5328A8AB.8020604@sanatana.filez.com> References: <5328A8AB.8020604@sanatana.filez.com> Message-ID: <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> ----- Original Message ----- > can you continue to make tags in hg marking release points like it used > to be in icedtea 1.x? > Err... there are such tags... e.g. http://icedtea.classpath.org/hg/release/icedtea7-2.4/rev/7449e5c8ae77 -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From bugzilla-daemon at icedtea.classpath.org Wed Mar 19 03:00:06 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 19 Mar 2014 03:00:06 +0000 Subject: [Bug 1205] Plugin crashes with java.lang.NullPointerException with AUSkey software In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1205 Damon Smith changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |damon.default at gmail.com --- Comment #2 from Damon Smith --- The AUSKey applet works for me now, I'm using: OpenJDK: 1.7.0_51 IcedTea: 1.4-3ubuntu2.1 on Ubuntu 13.10 amd64. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hsn at sanatana.filez.com Wed Mar 19 09:28:38 2014 From: hsn at sanatana.filez.com (Radim Kolar) Date: Wed, 19 Mar 2014 10:28:38 +0100 Subject: revive hg tags In-Reply-To: <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> Message-ID: <53296346.6010203@sanatana.filez.com> > Err... there are such tags... > > http://icedtea.classpath.org/hg/release/icedtea7-2.4/rev/7449e5c8ae77 i do not see them in hg tags command. I am missing something? (hsn at sanatana:pts/3):~/live/icedtea7% hg incoming comparing with http://icedtea.classpath.org/hg/icedtea7 searching for changes no changes found (hsn at sanatana:pts/3):~/live/icedtea7% hg tags tip 2697:7c7dba98193f icedtea-2.4-branchpoint 2646:d0b14be8cbf8 icedtea-2.3-branchpoint 2586:60c41b88775a icedtea-2.2-branchpoint 2545:2917541bbda4 icedtea-2.1-branchpoint 2507:d35c742babc0 icedtea-2.0-branchpoint 2485:e4c9d9bd4a99 icedtea-1.14 2438:1b47f8cc8c75 icedtea-1.13 2334:13b9a6c00673 icedtea-1.12 2054:d96a0228b792 icedtea-1.11 1970:df574d432c00 icedtea-1.10 1853:9729b3a51305 icedtea-1.9 1766:db666234267c icedtea6-1.4 1596:2b1c03c1e9fa icedtea6-1.4pre 1594:6c02b699206d icedtea-1.8 1437:3ced1c5f1403 icedtea6-1.3.1 1369:be368b1e3c7d icedtea6-1.3 1305:3ef9c9c4e70b icedtea-1.7 1037:8bbc4ffe2c7c icedtea6-1.2 1023:871b70407a13 icedtea6-1.1 906:a5c32475a2e8 icedtea6-1.0 761:38e6eb354632 icedtea-1.6 604:bb3929528d3e icedtea-1.5 430:5ca86e9ca405 icedtea-1.4 252:cb78e0fccf14 icedtea-1.3 170:8ea2619c21cf icedtea-1.2 130:1ce086327b07 icedtea-1.1 83:b639d73581e3 icedtea-1.0 6:96e1bdfed80e From stefan at complang.tuwien.ac.at Wed Mar 19 09:52:05 2014 From: stefan at complang.tuwien.ac.at (Stefan Ring) Date: Wed, 19 Mar 2014 10:52:05 +0100 Subject: revive hg tags In-Reply-To: <53296346.6010203@sanatana.filez.com> References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> Message-ID: > i do not see them in hg tags command. I am missing something? > > (hsn at sanatana:pts/3):~/live/icedtea7% hg incoming > comparing with http://icedtea.classpath.org/hg/icedtea7 > searching for changes > no changes found > (hsn at sanatana:pts/3):~/live/icedtea7% hg tags > tip 2697:7c7dba98193f > icedtea-2.4-branchpoint 2646:d0b14be8cbf8 > icedtea-2.3-branchpoint 2586:60c41b88775a > icedtea-2.2-branchpoint 2545:2917541bbda4 > icedtea-2.1-branchpoint 2507:d35c742babc0 > icedtea-2.0-branchpoint 2485:e4c9d9bd4a99 > icedtea-1.14 2438:1b47f8cc8c75 > icedtea-1.13 2334:13b9a6c00673 > icedtea-1.12 2054:d96a0228b792 > icedtea-1.11 1970:df574d432c00 > icedtea-1.10 1853:9729b3a51305 > icedtea-1.9 1766:db666234267c > icedtea6-1.4 1596:2b1c03c1e9fa > icedtea6-1.4pre 1594:6c02b699206d > icedtea-1.8 1437:3ced1c5f1403 > icedtea6-1.3.1 1369:be368b1e3c7d > icedtea6-1.3 1305:3ef9c9c4e70b > icedtea-1.7 1037:8bbc4ffe2c7c > icedtea6-1.2 1023:871b70407a13 > icedtea6-1.1 906:a5c32475a2e8 > icedtea6-1.0 761:38e6eb354632 > icedtea-1.6 604:bb3929528d3e > icedtea-1.5 430:5ca86e9ca405 > icedtea-1.4 252:cb78e0fccf14 > icedtea-1.3 170:8ea2619c21cf > icedtea-1.2 130:1ce086327b07 > icedtea-1.1 83:b639d73581e3 > icedtea-1.0 6:96e1bdfed80e Strange and definitely a problem on your side of things. There is a .hg/cache/tags file, which you could try to delete. While you're at it, just remove the entire .hg/cache directory. That might be the culprit, although I've never experienced a problem with it in many years of Mercurial usage. From ptisnovs at icedtea.classpath.org Wed Mar 19 09:58:26 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 19 Mar 2014 09:58:26 +0000 Subject: /hg/gfx-test: Fixed a lot of typos in BitBltAffineIdentityTransf... Message-ID: changeset 117344d3f5e1 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=117344d3f5e1 author: Pavel Tisnovsky date: Wed Mar 19 10:59:00 2014 +0100 Fixed a lot of typos in BitBltAffineIdentityTransformOp. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java | 1038 +++++----- 2 files changed, 524 insertions(+), 519 deletions(-) diffs (truncated from 3090 to 500 lines): diff -r 3a59e3b162a9 -r 117344d3f5e1 ChangeLog --- a/ChangeLog Tue Mar 18 12:07:31 2014 +0100 +++ b/ChangeLog Wed Mar 19 10:59:00 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-19 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: + Fixed a lot of typos in BitBltAffineIdentityTransformOp. + 2014-03-18 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltBasicTests.java: diff -r 3a59e3b162a9 -r 117344d3f5e1 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Tue Mar 18 12:07:31 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java Wed Mar 19 10:59:00 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2013 Red Hat + Copyright (C) 2013, 2014 Red Hat This file is part of IcedTea. @@ -73,13 +73,13 @@ { private static final AffineTransform IdentifyTransformation = new AffineTransform(); - private static final AffineTransformOp IdentifyTranspormationOp1; - private static final AffineTransformOp IdentifyTranspormationOp2; - private static final AffineTransformOp IdentifyTranspormationOp3; - - private static final AffineTransformOp IdentifyTranspormationOp4; - private static final AffineTransformOp IdentifyTranspormationOp5; - private static final AffineTransformOp IdentifyTranspormationOp6; + private static final AffineTransformOp IdentifyTransformationOp1; + private static final AffineTransformOp IdentifyTransformationOp2; + private static final AffineTransformOp IdentifyTransformationOp3; + + private static final AffineTransformOp IdentifyTransformationOp4; + private static final AffineTransformOp IdentifyTransformationOp5; + private static final AffineTransformOp IdentifyTransformationOp6; private static final RenderingHints RenderingHintsNearestNeighbor; private static final RenderingHints RenderingHintsBilinear; @@ -90,13 +90,13 @@ RenderingHintsBilinear = new RenderingHints(RenderingHints.KEY_INTERPOLATION, RenderingHints.VALUE_INTERPOLATION_BILINEAR); RenderingHintsBicubic = new RenderingHints(RenderingHints.KEY_INTERPOLATION, RenderingHints.VALUE_INTERPOLATION_BICUBIC); - IdentifyTranspormationOp1 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_NEAREST_NEIGHBOR); - IdentifyTranspormationOp2 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BILINEAR); - IdentifyTranspormationOp3 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BICUBIC); - - IdentifyTranspormationOp4 = new AffineTransformOp(IdentifyTransformation, RenderingHintsNearestNeighbor); - IdentifyTranspormationOp5 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBilinear); - IdentifyTranspormationOp6 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBicubic); + IdentifyTransformationOp1 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_NEAREST_NEIGHBOR); + IdentifyTransformationOp2 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BILINEAR); + IdentifyTransformationOp3 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BICUBIC); + + IdentifyTransformationOp4 = new AffineTransformOp(IdentifyTransformation, RenderingHintsNearestNeighbor); + IdentifyTransformationOp5 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBilinear); + IdentifyTransformationOp6 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBicubic); } /** @@ -108,9 +108,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp1); } /** @@ -122,9 +122,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp2); } /** @@ -136,9 +136,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp3); } /** @@ -150,9 +150,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp4); } /** @@ -164,9 +164,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp5); } /** @@ -178,9 +178,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp6); } /** @@ -192,9 +192,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp1); } /** @@ -206,9 +206,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp2); } /** @@ -220,9 +220,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp3); } /** @@ -234,9 +234,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp4); } /** @@ -248,9 +248,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp5); } /** @@ -262,9 +262,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp6); } /** @@ -276,9 +276,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp1); } /** @@ -290,9 +290,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp2); } /** @@ -304,9 +304,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp3); } /** @@ -318,9 +318,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp4); } /** @@ -332,9 +332,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp5); } /** @@ -346,9 +346,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp6); } /** @@ -360,9 +360,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp1); } /** @@ -374,9 +374,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp2); } /** @@ -388,9 +388,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp3); } /** @@ -402,9 +402,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp4); } /** @@ -416,9 +416,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp5); } /** @@ -430,9 +430,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp6); } /** @@ -444,9 +444,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp1); } /** @@ -458,9 +458,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp2); } /** @@ -472,9 +472,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp3); } /** @@ -486,9 +486,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp4); } /** @@ -500,9 +500,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp5); } /** @@ -514,9 +514,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp6); } /** @@ -528,9 +528,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp1); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp1); } /** @@ -542,9 +542,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp2); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp2); } /** @@ -556,9 +556,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp3); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp3); } /** @@ -570,9 +570,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp4); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp4); } /** @@ -584,9 +584,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp5); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp5); } /** @@ -598,9 +598,9 @@ * graphics canvas * @return test result status - PASSED, FAILED or ERROR */ - public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d) + public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d) { - return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp6); + return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp6); } /** @@ -612,9 +612,9 @@ * graphics canvas From ptisnovs at icedtea.classpath.org Wed Mar 19 10:00:43 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 19 Mar 2014 10:00:43 +0000 Subject: /hg/rhino-tests: Enhancements of various tests in InvocableClass... Message-ID: changeset 5a1fcd8c099d in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=5a1fcd8c099d author: Pavel Tisnovsky date: Wed Mar 19 11:01:26 2014 +0100 Enhancements of various tests in InvocableClassTest. diffstat: ChangeLog | 5 +++++ src/org/RhinoTests/InvocableClassTest.java | 20 ++++++++++++++++++++ 2 files changed, 25 insertions(+), 0 deletions(-) diffs (56 lines): diff -r 5ec49b1ba6af -r 5a1fcd8c099d ChangeLog --- a/ChangeLog Tue Mar 18 12:10:50 2014 +0100 +++ b/ChangeLog Wed Mar 19 11:01:26 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-19 Pavel Tisnovsky + + * src/org/RhinoTests/InvocableClassTest.java: + Enhancements of various tests in InvocableClassTest. + 2014-03-18 Pavel Tisnovsky * src/org/RhinoTests/ScriptContextClassTest.java: diff -r 5ec49b1ba6af -r 5a1fcd8c099d src/org/RhinoTests/InvocableClassTest.java --- a/src/org/RhinoTests/InvocableClassTest.java Tue Mar 18 12:10:50 2014 +0100 +++ b/src/org/RhinoTests/InvocableClassTest.java Wed Mar 19 11:01:26 2014 +0100 @@ -1744,6 +1744,7 @@ catch (Exception e) { // expected exception } + } /** @@ -1760,6 +1761,7 @@ catch (IllegalAccessException e) { // expected exception } + } /** @@ -1919,6 +1921,24 @@ } /** + * Test for method javax.script.Invocable.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.invocableClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.Invocable.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.invocableClass.toString(); + assertEquals("interface javax.script.Invocable", asString, "wrong toString() return value"); + } + + /** * Test for instanceof operator applied to a class javax.script.Invocable */ @SuppressWarnings("cast") From hsn at sanatana.filez.com Wed Mar 19 12:10:34 2014 From: hsn at sanatana.filez.com (Radim Kolar) Date: Wed, 19 Mar 2014 13:10:34 +0100 Subject: revive hg tags In-Reply-To: References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> Message-ID: <5329893A.5000001@sanatana.filez.com> i am new to hg here is what it did to fetch repo: Mercurial Distributed SCM (version 2.9.1) (hsn at sanatana:pts/2):/tmp% hg clone http://icedtea.classpath.org/hg/icedtea7 destination directory: icedtea7 requesting all changes adding changesets adding manifests adding file changes added 2694 changesets with 15458 changes to 5271 files updating to branch default 2014 files updated, 0 files merged, 0 files removed, 0 files unresolved (hsn at sanatana:pts/2):/tmp% cd icedtea7/ (hsn at sanatana:pts/2):/tmp/icedtea7% hg tags tip 2693:b1043cc0cd82 icedtea-2.4-branchpoint 2646:d0b14be8cbf8 icedtea-2.3-branchpoint 2586:60c41b88775a icedtea-2.2-branchpoint 2545:2917541bbda4 icedtea-2.1-branchpoint 2507:d35c742babc0 icedtea-2.0-branchpoint 2485:e4c9d9bd4a99 icedtea-1.14 2438:1b47f8cc8c75 icedtea-1.13 2334:13b9a6c00673 icedtea-1.12 2054:d96a0228b792 icedtea-1.11 1970:df574d432c00 icedtea-1.10 1853:9729b3a51305 icedtea-1.9 1766:db666234267c icedtea6-1.4 1596:2b1c03c1e9fa icedtea6-1.4pre 1594:6c02b699206d icedtea-1.8 1437:3ced1c5f1403 icedtea6-1.3.1 1369:be368b1e3c7d icedtea6-1.3 1305:3ef9c9c4e70b icedtea-1.7 1037:8bbc4ffe2c7c icedtea6-1.2 1023:871b70407a13 icedtea6-1.1 906:a5c32475a2e8 icedtea6-1.0 761:38e6eb354632 icedtea-1.6 604:bb3929528d3e icedtea-1.5 430:5ca86e9ca405 icedtea-1.4 252:cb78e0fccf14 icedtea-1.3 170:8ea2619c21cf icedtea-1.2 130:1ce086327b07 icedtea-1.1 83:b639d73581e3 icedtea-1.0 6:96e1bdfed80e i checked out wrong repo? From stefan at complang.tuwien.ac.at Wed Mar 19 12:26:24 2014 From: stefan at complang.tuwien.ac.at (Stefan Ring) Date: Wed, 19 Mar 2014 13:26:24 +0100 Subject: revive hg tags In-Reply-To: <5329893A.5000001@sanatana.filez.com> References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> <5329893A.5000001@sanatana.filez.com> Message-ID: On Wed, Mar 19, 2014 at 1:10 PM, Radim Kolar wrote: > i am new to hg here is what it did to fetch repo: > > Mercurial Distributed SCM (version 2.9.1) > (hsn at sanatana:pts/2):/tmp% hg clone http://icedtea.classpath.org/hg/icedtea7 > i checked out wrong repo? Oops, I get it now. Yes. The 2.4.x releases live in . From gnu.andrew at redhat.com Wed Mar 19 14:54:57 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Wed, 19 Mar 2014 10:54:57 -0400 (EDT) Subject: revive hg tags In-Reply-To: References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> <5329893A.5000001@sanatana.filez.com> Message-ID: <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com> ----- Original Message ----- > On Wed, Mar 19, 2014 at 1:10 PM, Radim Kolar wrote: > > i am new to hg here is what it did to fetch repo: > > > > Mercurial Distributed SCM (version 2.9.1) > > (hsn at sanatana:pts/2):/tmp% hg clone > > http://icedtea.classpath.org/hg/icedtea7 > > > i checked out wrong repo? > > Oops, I get it now. Yes. The 2.4.x releases live in > . > Yeah, this is also true of the later 1.x releases; at a certain point, they are forked into their own repository (e.g. icedtea-2.x-branchpoint) and then HEAD (the repository you checked out) becomes the next 2.(x + 1) release, while 2.x.y releases occur on the branch. What is it you're looking for? For releases, we provide tarballs so you don't need to check out the repositories unless you intend to submit a patch for a later release. -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From hsn at sanatana.filez.com Wed Mar 19 15:27:59 2014 From: hsn at sanatana.filez.com (Radim Kolar) Date: Wed, 19 Mar 2014 16:27:59 +0100 Subject: revive hg tags In-Reply-To: <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com> References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> <5329893A.5000001@sanatana.filez.com> <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com> Message-ID: <5329B77F.7010805@sanatana.filez.com> > What is it you're looking for? For releases, we provide tarballs so you don't > need to check out the repositories unless you intend to submit a patch for a later > release. I am researching what it takes to make it run on BSD. From gnu.andrew at redhat.com Wed Mar 19 15:38:59 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Wed, 19 Mar 2014 11:38:59 -0400 (EDT) Subject: revive hg tags In-Reply-To: <5329B77F.7010805@sanatana.filez.com> References: <5328A8AB.8020604@sanatana.filez.com> <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com> <53296346.6010203@sanatana.filez.com> <5329893A.5000001@sanatana.filez.com> <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com> <5329B77F.7010805@sanatana.filez.com> Message-ID: <212143309.1687663.1395243539441.JavaMail.zimbra@redhat.com> ----- Original Message ----- > > > What is it you're looking for? For releases, we provide tarballs so you > > don't > > need to check out the repositories unless you intend to submit a patch for > > a later > > release. > I am researching what it takes to make it run on BSD. > Oh, I'd be very interested in that. Let me know how it goes or if there are any changes needed. Thanks, -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From bugzilla-daemon at icedtea.classpath.org Wed Mar 19 17:31:27 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 19 Mar 2014 17:31:27 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #8 from Andrew John Hughes --- Eventually, yes. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Wed Mar 19 17:33:49 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Wed, 19 Mar 2014 17:33:49 +0000 Subject: /hg/icedtea6: 2 new changesets Message-ID: changeset 7d844153dc95 in /hg/icedtea6 details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=7d844153dc95 author: Andrew John Hughes date: Tue Mar 18 12:32:37 2014 +0000 S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory() S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages S8026887: Make issues due to failed large pages allocations easier to debug 2014-03-17 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add new patches. * NEWS: Updated. * patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch, * patches/openjdk/8013057-detect_mmap_commit_failures.patch, * patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch: Backports to improve mmap failure output. changeset 975cb4907b2e in /hg/icedtea6 details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=975cb4907b2e author: Andrew John Hughes date: Wed Mar 19 17:33:09 2014 +0000 PR1714: Update PaX support to detect running PaX kernel and use newer tools 2014-02-19 Andrew John Hughes PR1714: Update PaX support to detect running PaX kernel and use newer tools * Makefile.am: (clean-local): Remove clean-icedtea, clean-icedtea-debug and clean-icedtea-ecj; pulled in by dependents. (.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug and clean-runnable-icedtea-ecj. (runnable-icedtea): Depend on icedtea and pax-mark-vm. (clean-runnable-icedtea): Clean stamp. (icedtea-against-icedtea): Depend on runnable-icedtea rather than icedtea and pax-mark-vm. (clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea rather than clean-pax-mark-vm. (runnable-icedtea-debug): Depend on icedtea-debug and pax-mark-vm-debug. (clean-runnable-icedtea-debug): Clean stamp. (icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug rather than icedtea-debug and pax-mark-vm-debug. (clean-icedtea-debug-against-icedtea): Depend on clean-runnable-icedtea-debug rather than clean-pax-mark-vm. (add-archive): Depend on runnable-icedtea as the target executes java. (add-archive-debug): Likewise with runnable-icedtea-debug. (check-crypto): Depend on runnable-icedtea as the target executes java. (check-crypto-debug): Likewise with runnable-icedtea-debug. (runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj. (clean-runnable-icedtea-ecj): Clean stamp. (icedtea-against-ecj): Depend on runnable-icedtea-ecj rather than icedtea-ecj and pax-mark-vm-ecj. (clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj rather than clean-pax-mark-vm. (add-archive-ecj): Depend on runnable-icedtea-ecj as the target executes java. (check-crypto-boot): Depend on runnable-icedtea-ecj as the target executes java. * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. diffstat: ChangeLog | 52 + Makefile.am | 66 +- NEWS | 7 + acinclude.m4 | 95 +- patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch | 29 + patches/openjdk/8013057-detect_mmap_commit_failures.patch | 867 ++++++++++ patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch | 81 + 7 files changed, 1144 insertions(+), 53 deletions(-) diffs (truncated from 1348 to 500 lines): diff -r 963a9ab43d7f -r 975cb4907b2e ChangeLog --- a/ChangeLog Thu Jan 30 21:38:08 2014 +0000 +++ b/ChangeLog Wed Mar 19 17:33:09 2014 +0000 @@ -1,3 +1,55 @@ +2014-02-19 Andrew John Hughes + + PR1714: Update PaX support to detect running PaX + kernel and use newer tools + * Makefile.am: + (clean-local): Remove clean-icedtea, clean-icedtea-debug + and clean-icedtea-ecj; pulled in by dependents. + (.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug + and clean-runnable-icedtea-ecj. + (runnable-icedtea): Depend on icedtea and pax-mark-vm. + (clean-runnable-icedtea): Clean stamp. + (icedtea-against-icedtea): Depend on runnable-icedtea rather + than icedtea and pax-mark-vm. + (clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea rather + than clean-pax-mark-vm. + (runnable-icedtea-debug): Depend on icedtea-debug and pax-mark-vm-debug. + (clean-runnable-icedtea-debug): Clean stamp. + (icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug rather + than icedtea-debug and pax-mark-vm-debug. + (clean-icedtea-debug-against-icedtea): Depend on clean-runnable-icedtea-debug + rather than clean-pax-mark-vm. + (add-archive): Depend on runnable-icedtea as the target executes java. + (add-archive-debug): Likewise with runnable-icedtea-debug. + (check-crypto): Depend on runnable-icedtea as the target executes java. + (check-crypto-debug): Likewise with runnable-icedtea-debug. + (runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj. + (clean-runnable-icedtea-ecj): Clean stamp. + (icedtea-against-ecj): Depend on runnable-icedtea-ecj rather + than icedtea-ecj and pax-mark-vm-ecj. + (clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj + rather than clean-pax-mark-vm. + (add-archive-ecj): Depend on runnable-icedtea-ecj as the target executes java. + (check-crypto-boot): Depend on runnable-icedtea-ecj as the target executes java. + * NEWS: Updated. + * acinclude.m4: + (IT_HAS_PAX): New macro to detect whether the running + kernel uses PaX. + (IT_WITH_PAX): Rewritten to search for PaX tools - + currently paxmark.sh, paxctl-ng, chpax and paxctl - + and fail if a tool isn't found and a PaX kernel is + being used. + +2014-03-17 Andrew John Hughes + + * Makefile.am: + (ICEDTEA_PATCHES): Add new patches. + * NEWS: Updated. + * patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch, + * patches/openjdk/8013057-detect_mmap_commit_failures.patch, + * patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch: + Backports to improve mmap failure output. + 2014-01-30 Andrew John Hughes * NEWS: Add 1.11.15 release notes. diff -r 963a9ab43d7f -r 975cb4907b2e Makefile.am --- a/Makefile.am Thu Jan 30 21:38:08 2014 +0000 +++ b/Makefile.am Wed Mar 19 17:33:09 2014 +0000 @@ -630,7 +630,10 @@ patches/windows-jdk-sizecalc.patch \ patches/shark_fixes_from_8003868.patch \ patches/8003992_support_6.patch \ - patches/shark-drop_compile_method_arg_following_7083786.patch + patches/shark-drop_compile_method_arg_following_7083786.patch \ + patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch \ + patches/openjdk/8013057-detect_mmap_commit_failures.patch \ + patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch if WITH_RHINO ICEDTEA_PATCHES += \ @@ -966,8 +969,8 @@ fi clean-local: clean-tests $(PULSE_JAVA_CLEAN_TARGET) \ - clean-icedtea clean-icedtea-debug clean-icedtea-ecj clean-extract clean-ports \ - clean-overlay clean-native-ecj clean-icedtea-against-icedtea clean-icedtea-debug-against-icedtea \ + clean-extract clean-ports clean-overlay clean-native-ecj \ + clean-icedtea-against-icedtea clean-icedtea-debug-against-icedtea \ clean-icedtea-against-ecj clean-extract-ecj clean-generated clean-replace-hotspot \ clean-rewriter clean-rewrite-rhino clean-rt clean-bootstrap-directory \ clean-bootstrap-directory-ecj clean-bootstrap-directory-symlink \ @@ -1011,7 +1014,8 @@ clean-add-pulseaudio-ecj clean-add-nss-ecj clean-add-tzdata-support-ecj clean-fonts \ clean-download-hotspot clean-tests clean-tapset-report jtregcheck clean-pax-mark-vm \ clean-pax-mark-vm-debug clean-pax-mark-vm-ecj clean-check-crypto clean-check-crypto-debug \ - clean-check-crypto-boot clean-cryptocheck + clean-check-crypto-boot clean-cryptocheck clean-runnable-icedtea clean-runnable-icedtea-debug \ + clean-runnable-icedtea-ecj env: @echo 'unset JAVA_HOME' @@ -1720,31 +1724,44 @@ rm -rf $(DEBUG_BUILD_OUTPUT_DIR) rm -f stamps/icedtea-debug.stamp -stamps/icedtea-against-icedtea.stamp: stamps/icedtea.stamp \ +stamps/runnable-icedtea.stamp: stamps/icedtea.stamp stamps/pax-mark-vm.stamp + mkdir -p stamps + touch $@ + +clean-runnable-icedtea: clean-icedtea clean-pax-mark-vm + rm -f stamps/runnable-icedtea.stamp + +stamps/icedtea-against-icedtea.stamp: stamps/runnable-icedtea.stamp \ stamps/add-jamvm.stamp stamps/add-cacao.stamp stamps/add-zero.stamp \ stamps/add-systemtap.stamp stamps/add-pulseaudio.stamp stamps/add-nss.stamp \ - stamps/add-tzdata-support.stamp stamps/add-archive.stamp stamps/pax-mark-vm.stamp \ - stamps/check-crypto.stamp + stamps/add-tzdata-support.stamp stamps/add-archive.stamp stamps/check-crypto.stamp mkdir -p stamps touch $@ clean-icedtea-against-icedtea: clean-add-jamvm clean-add-zero clean-add-cacao \ clean-add-systemtap clean-add-pulseaudio clean-add-nss clean-add-tzdata-support \ - clean-add-archive clean-pax-mark-vm clean-check-crypto + clean-add-archive clean-check-crypto clean-runnable-icedtea rm -f stamps/icedtea-against-icedtea.stamp -stamps/icedtea-debug-against-icedtea.stamp: stamps/icedtea-debug.stamp \ +stamps/runnable-icedtea-debug.stamp: stamps/icedtea-debug.stamp stamps/pax-mark-vm-debug.stamp + mkdir -p stamps + touch $@ + +clean-runnable-icedtea-debug: clean-icedtea-debug clean-pax-mark-vm-debug + rm -f stamps/runnable-icedtea-debug.stamp + +stamps/icedtea-debug-against-icedtea.stamp: stamps/runnable-icedtea-debug.stamp \ stamps/add-jamvm-debug.stamp stamps/add-cacao-debug.stamp \ stamps/add-zero-debug.stamp stamps/add-systemtap-debug.stamp stamps/add-pulseaudio-debug.stamp \ stamps/add-nss-debug.stamp stamps/add-tzdata-support-debug.stamp stamps/add-archive-debug.stamp \ - stamps/pax-mark-vm-debug.stamp stamps/check-crypto-debug.stamp + stamps/check-crypto-debug.stamp mkdir -p stamps touch $@ clean-icedtea-debug-against-icedtea: clean-add-zero-debug \ clean-add-jamvm-debug clean-add-cacao-debug clean-add-systemtap-debug \ clean-add-pulseaudio-debug clean-add-nss-debug clean-add-tzdata-support-debug \ - clean-add-archive-debug clean-pax-mark-vm-debug clean-check-crypto-debug + clean-add-archive-debug clean-runnable-icedtea-debug clean-check-crypto-debug rm -f stamps/icedtea-debug-against-icedtea.stamp stamps/add-systemtap.stamp: stamps/icedtea.stamp @@ -1986,7 +2003,7 @@ fi rm -f stamps/add-tzdata-support-debug.stamp -stamps/add-archive.stamp: stamps/icedtea.stamp +stamps/add-archive.stamp: stamps/runnable-icedtea.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2002,7 +2019,7 @@ rm -vf $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/$(INSTALL_ARCH_DIR)/*/*.jsa rm -f stamps/add-archive.stamp -stamps/add-archive-debug.stamp: stamps/icedtea-debug.stamp +stamps/add-archive-debug.stamp: stamps/runnable-icedtea-debug.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2036,7 +2053,7 @@ clean-pax-mark-vm-debug: rm -f stamps/pax-mark-vm-debug.stamp -stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/icedtea.stamp +stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea.stamp if [ -e $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi @@ -2046,7 +2063,7 @@ clean-check-crypto: rm -f stamps/check-crypto.stamp -stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/icedtea-debug.stamp +stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea-debug.stamp if [ -e $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi @@ -2075,14 +2092,21 @@ rm -rf $(ECJ_BUILD_OUTPUT_DIR) rm -f stamps/icedtea-ecj.stamp -stamps/icedtea-against-ecj.stamp: stamps/icedtea-ecj.stamp stamps/add-systemtap-ecj.stamp \ - stamps/add-pulseaudio-ecj.stamp stamps/add-nss-ecj.stamp stamps/add-tzdata-support-ecj.stamp \ - stamps/add-archive-ecj.stamp stamps/pax-mark-vm-ecj.stamp stamps/check-crypto-boot.stamp +stamps/runnable-icedtea-ecj.stamp: stamps/icedtea-ecj.stamp stamps/pax-mark-vm-ecj.stamp mkdir -p stamps touch $@ +clean-runnable-icedtea-ecj: clean-icedtea-ecj clean-pax-mark-vm-ecj + rm -f stamps/runnable-icedtea-ecj.stamp + +stamps/icedtea-against-ecj.stamp: stamps/runnable-icedtea-ecj.stamp stamps/add-systemtap-ecj.stamp \ + stamps/add-pulseaudio-ecj.stamp stamps/add-nss-ecj.stamp stamps/add-tzdata-support-ecj.stamp \ + stamps/add-archive-ecj.stamp stamps/check-crypto-boot.stamp + mkdir -p stamps + touch $@ + clean-icedtea-against-ecj: clean-add-systemtap-ecj clean-add-pulseaudio-ecj clean-add-nss-ecj \ - clean-add-tzdata-support-ecj clean-add-archive-ecj clean-pax-mark-vm-ecj clean-check-crypto-boot + clean-add-tzdata-support-ecj clean-add-archive-ecj clean-runnable-icedtea-ecj clean-check-crypto-boot rm -f stamps/icedtea-against-ecj.stamp stamps/add-systemtap-ecj.stamp: stamps/icedtea-ecj.stamp @@ -2205,7 +2229,7 @@ fi rm -f stamps/add-tzdata-support-ecj.stamp -stamps/add-archive-ecj.stamp: stamps/icedtea-ecj.stamp +stamps/add-archive-ecj.stamp: stamps/runnable-icedtea-ecj.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2230,7 +2254,7 @@ clean-pax-mark-vm-ecj: rm -f stamps/pax-mark-vm-ecj.stamp -stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/icedtea-ecj.stamp +stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea-ecj.stamp if [ -e $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi diff -r 963a9ab43d7f -r 975cb4907b2e NEWS --- a/NEWS Thu Jan 30 21:38:08 2014 +0000 +++ b/NEWS Wed Mar 19 17:33:09 2014 +0000 @@ -14,6 +14,13 @@ New in release 1.14.0 (201X-XX-XX): +* Backports + - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages + - S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory() + - S8026887: Make issues due to failed large pages allocations easier to debug +* Bug fixes + - PR1714: Update PaX support to detect running PaX kernel and use newer tools + New in release 1.11.15 (2014-01-21): * Security fixes diff -r 963a9ab43d7f -r 975cb4907b2e acinclude.m4 --- a/acinclude.m4 Thu Jan 30 21:38:08 2014 +0000 +++ b/acinclude.m4 Wed Mar 19 17:33:09 2014 +0000 @@ -2139,48 +2139,79 @@ AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes") ]) +AC_DEFUN_ONCE([IT_HAS_PAX], +[ + AC_MSG_CHECKING([if a PaX kernel is in use]) + if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then + pax_active=yes; + else + pax_active=no; + fi + AC_MSG_RESULT([${pax_active}]) + AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes") +]) + AC_DEFUN_ONCE([IT_WITH_PAX], [ - AC_MSG_CHECKING([for pax utility to use]) + AC_REQUIRE([IT_HAS_PAX]) + PAX_DEFAULT=/usr/sbin/paxmark.sh + AC_MSG_CHECKING([if a PaX utility was specified]) AC_ARG_WITH([pax], [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)], [ - PAX_COMMAND=${withval} - if test "x${PAX_COMMAND}" = "xno"; then - PAX_COMMAND="not specified" + if test "x${withval}" = "xyes"; then + PAX_COMMAND=no + else + PAX_COMMAND="${withval}" fi ], [ + PAX_COMMAND=no + ]) + AC_MSG_RESULT(${PAX_COMMAND}) + if test "x${PAX_COMMAND}" == "xno"; then + PAX_COMMAND=${PAX_DEFAULT} + fi + AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file]) + if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PAX_COMMAND="" + AC_PATH_PROG(PAX_COMMAND, "paxmark.sh") + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl-ng") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "chpax") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl") + fi + if test -z "${PAX_COMMAND}"; then + if test "x${pax_active}" = "xyes"; then + AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.") + else + AC_MSG_WARN("No PaX utility found.") + fi + fi + fi + if test -z "${PAX_COMMAND}"; then PAX_COMMAND="not specified" - ]) - case "x${PAX_COMMAND}" in - xchpax) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - xpaxctl) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - *) - PAX_COMMAND="not specified" - PAX_COMMAND_ARGS="not specified" - ;; - esac + PAX_COMMAND_ARGS="not specified" + else + AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}]) + case "${host_cpu}" in + i?86) + PAX_COMMAND_ARGS="-msp" + ;; + *) + PAX_COMMAND_ARGS="-m" + ;; + esac + AC_MSG_RESULT(${PAX_COMMAND_ARGS}) + fi AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified") - AC_MSG_RESULT(${PAX_COMMAND}) AC_SUBST(PAX_COMMAND) AC_SUBST(PAX_COMMAND_ARGS) ]) diff -r 963a9ab43d7f -r 975cb4907b2e patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch Wed Mar 19 17:33:09 2014 +0000 @@ -0,0 +1,29 @@ +# HG changeset patch +# User iveresov +# Date 1331583127 25200 +# Mon Mar 12 13:12:07 2012 -0700 +# Node ID 3f0dff7a9cf590ef3e5d7f2dcf6c8247b65c9d10 +# Parent 3442eb7ef2d216d6bf655d537929a2d31a76a321 +7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages +Summary: Don't attempt to uncommit SHM-based large pages +Reviewed-by: kvn + +diff -r 3442eb7ef2d2 -r 3f0dff7a9cf5 src/os/linux/vm/os_linux.cpp +--- openjdk/hotspot/src/os/linux/vm/os_linux.cpp Tue Jan 14 20:24:44 2014 -0500 ++++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp Mon Mar 12 13:12:07 2012 -0700 +@@ -2568,7 +2568,14 @@ + } + + void os::free_memory(char *addr, size_t bytes, size_t alignment_hint) { +- commit_memory(addr, bytes, alignment_hint, false); ++ // This method works by doing an mmap over an existing mmaping and effectively discarding ++ // the existing pages. However it won't work for SHM-based large pages that cannot be ++ // uncommitted at all. We don't do anything in this case to avoid creating a segment with ++ // small pages on top of the SHM segment. This method always works for small pages, so we ++ // allow that in any case. ++ if (alignment_hint <= (size_t)os::vm_page_size() || !UseSHM) { ++ commit_memory(addr, bytes, alignment_hint, false); ++ } + } + + void os::numa_make_global(char *addr, size_t bytes) { diff -r 963a9ab43d7f -r 975cb4907b2e patches/openjdk/8013057-detect_mmap_commit_failures.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/8013057-detect_mmap_commit_failures.patch Wed Mar 19 17:33:09 2014 +0000 @@ -0,0 +1,867 @@ +# HG changeset patch +# User dcubed +# Date 1394474985 0 +# Mon Mar 10 18:09:45 2014 +0000 +# Node ID cbdd11a54b82eb7731d16abbc6df3c9b4d42c78b +# Parent 3f0dff7a9cf590ef3e5d7f2dcf6c8247b65c9d10 +8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint +Summary: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory(). Add os::commit_memory_or_exit(). Also tidy up some NMT accounting and some mmap() return value checking. +Reviewed-by: zgu, stefank, dholmes, dsamersoff + +diff -r 3f0dff7a9cf5 -r cbdd11a54b82 src/os/bsd/vm/os_bsd.cpp +--- openjdk/hotspot/src/os/bsd/vm/os_bsd.cpp Mon Mar 12 13:12:07 2012 -0700 ++++ openjdk/hotspot/src/os/bsd/vm/os_bsd.cpp Mon Mar 10 18:09:45 2014 +0000 +@@ -2762,6 +2762,13 @@ + } + } + ++static void warn_fail_commit_memory(char* addr, size_t size, bool exec, ++ int err) { ++ warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT ++ ", %d) failed; error='%s' (errno=%d)", addr, size, exec, ++ strerror(err), err); ++} ++ + // NOTE: Bsd kernel does not really reserve the pages for us. + // All it does is to check if there are enough free pages + // left at the time of mmap(). This could be a potential +@@ -2770,12 +2777,22 @@ + int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE; + #ifdef __OpenBSD__ + // XXX: Work-around mmap/MAP_FIXED bug temporarily on OpenBSD +- return ::mprotect(addr, size, prot) == 0; ++ if (::mprotect(addr, size, prot) == 0) { ++ return true; ++ } + #else + uintptr_t res = (uintptr_t) ::mmap(addr, size, prot, + MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0); +- return res != (uintptr_t) MAP_FAILED; ++ if (res != (uintptr_t) MAP_FAILED) { ++ return true; ++ } + #endif ++ ++ // Warn about any commit errors we see in non-product builds just ++ // in case mmap() doesn't work as described on the man page. ++ NOT_PRODUCT(warn_fail_commit_memory(addr, size, exec, errno);) ++ ++ return false; + } + + #ifndef _ALLBSD_SOURCE +@@ -2803,9 +2820,27 @@ + } + #endif + ++ // alignment_hint is ignored on this OS + return commit_memory(addr, size, exec); + } + ++void os::commit_memory_or_exit(char* addr, size_t size, bool exec, ++ const char* mesg) { ++ assert(mesg != NULL, "mesg must be specified"); ++ if (!pd_commit_memory(addr, size, exec)) { ++ // add extra info in product mode for vm_exit_out_of_memory(): ++ PRODUCT_ONLY(warn_fail_commit_memory(addr, size, exec, errno);) ++ vm_exit_out_of_memory(size, mesg); ++ } ++} ++ ++void os::commit_memory_or_exit(char* addr, size_t size, ++ size_t alignment_hint, bool exec, ++ const char* mesg) { ++ // alignment_hint is ignored on this OS ++ pd_commit_memory_or_exit(addr, size, exec, mesg); ++} ++ + void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) { + #ifndef _ALLBSD_SOURCE + if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) { +@@ -2970,7 +3005,7 @@ + } + + bool os::create_stack_guard_pages(char* addr, size_t size) { +- return os::commit_memory(addr, size); ++ return os::commit_memory(addr, size, !ExecMem); + } + + // If this is a growable mapping, remove the guard pages entirely by +@@ -4467,7 +4502,7 @@ + + if (!UseMembar) { + address mem_serialize_page = (address) ::mmap(NULL, Bsd::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); +- guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page"); ++ guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page"); + os::set_memory_serialize_page( mem_serialize_page ); + + #ifndef PRODUCT +diff -r 3f0dff7a9cf5 -r cbdd11a54b82 src/os/bsd/vm/perfMemory_bsd.cpp +--- openjdk/hotspot/src/os/bsd/vm/perfMemory_bsd.cpp Mon Mar 12 13:12:07 2012 -0700 ++++ openjdk/hotspot/src/os/bsd/vm/perfMemory_bsd.cpp Mon Mar 10 18:09:45 2014 +0000 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved. From bugzilla-daemon at icedtea.classpath.org Wed Mar 19 17:34:14 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 19 Mar 2014 17:34:14 +0000 Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX kernel and use newer tools In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea6?cmd=changeset;node=975cb4907b2e author: Andrew John Hughes date: Wed Mar 19 17:33:09 2014 +0000 PR1714: Update PaX support to detect running PaX kernel and use newer tools 2014-02-19 Andrew John Hughes PR1714: Update PaX support to detect running PaX kernel and use newer tools * Makefile.am: (clean-local): Remove clean-icedtea, clean-icedtea-debug and clean-icedtea-ecj; pulled in by dependents. (.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug and clean-runnable-icedtea-ecj. (runnable-icedtea): Depend on icedtea and pax-mark-vm. (clean-runnable-icedtea): Clean stamp. (icedtea-against-icedtea): Depend on runnable-icedtea rather than icedtea and pax-mark-vm. (clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea rather than clean-pax-mark-vm. (runnable-icedtea-debug): Depend on icedtea-debug and pax-mark-vm-debug. (clean-runnable-icedtea-debug): Clean stamp. (icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug rather than icedtea-debug and pax-mark-vm-debug. (clean-icedtea-debug-against-icedtea): Depend on clean-runnable-icedtea-debug rather than clean-pax-mark-vm. (add-archive): Depend on runnable-icedtea as the target executes java. (add-archive-debug): Likewise with runnable-icedtea-debug. (check-crypto): Depend on runnable-icedtea as the target executes java. (check-crypto-debug): Likewise with runnable-icedtea-debug. (runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj. (clean-runnable-icedtea-ecj): Clean stamp. (icedtea-against-ecj): Depend on runnable-icedtea-ecj rather than icedtea-ecj and pax-mark-vm-ecj. (clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj rather than clean-pax-mark-vm. (add-archive-ecj): Depend on runnable-icedtea-ecj as the target executes java. (check-crypto-boot): Depend on runnable-icedtea-ecj as the target executes java. * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Thu Mar 20 00:34:29 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 20 Mar 2014 00:34:29 +0000 Subject: [Bug 1665] /opt/icedtea-2.4.5/generated.build/sun/misc/Version.java.temp /bin/sed: -e expression #5, char 21: unknown option to `s' In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1665 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID Severity|blocker |normal --- Comment #1 from Andrew John Hughes --- Your problem here is: 's/@@distro_name@@/n/a/g' with the 'n/a' value resulting in an extra / which confuses sed. The 'n/a' value comes from $(DISTRO_NAME) which is set by the IcedTea build to $(DIST_NAME), a value set from the result of lsb_release. So, the problem here is what lsb_release -is returns on your system. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Thu Mar 20 00:37:01 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 20 Mar 2014 00:37:01 +0000 Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |https://bugs.gentoo.org/sho | |w_bug.cgi?id=455426 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hsn at sanatana.filez.com Thu Mar 20 00:53:28 2014 From: hsn at sanatana.filez.com (Radim Kolar) Date: Thu, 20 Mar 2014 01:53:28 +0100 Subject: build with bsd userland Message-ID: <532A3C08.6090803@sanatana.filez.com> on bsd systems, gnu versions of utils are installed with g prefix, such as gsed instead of sed. this patch adds checking for such versions and uses them if found in path. With this patch it bootrap icedtea build system correctly on fbsd 10. it still does not build openjdk out of box with patch, fails on: gmake[1]: Entering directory `/home/hsn/live/icedtea7/openjdk-boot' jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of ARCH cannot be empty, will use ''" jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of PLATFORM cannot be empty, will use ''" jdk/make/common/shared/Defs.gmk:397: jdk/make/common/shared/Defs-.gmk: No such file or directory jdk/make/common/shared/Defs.gmk:674: jdk/make/common/shared/Compiler-.gmk: No such file or directory gmake[1]: *** No rule to make target `jdk/make/common/shared/Compiler-.gmk'. Stop. I did not discovered where these variables are supposed to be set, after setting this manually to linux, it crosscompiles major portion of JDK. -------------- next part -------------- diff -r b1043cc0cd82 Makefile.am --- a/Makefile.am Sat Mar 08 18:06:34 2014 +0000 +++ b/Makefile.am Thu Mar 20 01:46:41 2014 +0100 @@ -1141,7 +1141,7 @@ *.zip) $(UNZIP) -q $(OPENJDK_SRC_ZIP) ;; \ *.tar.*) $(TAR) xf $(OPENJDK_SRC_ZIP) ;; \ esac; \ - mv `echo $(ICEDTEA_PREFIX)|sed 's#\.#-#'`-$(OPENJDK_CHANGESET) openjdk ; \ + mv `echo $(ICEDTEA_PREFIX)|$(SED) 's#\.#-#'`-$(OPENJDK_CHANGESET) openjdk ; \ else \ echo "ERROR: Couldn't extract OpenJDK"; \ false; \ @@ -1486,7 +1486,7 @@ if test x"$(VERSION_SUFFIX)" != "x"; then \ ver_suffix="-$(VERSION_SUFFIX)"; \ fi ; \ - sed -i "s#BUILD_VARIANT_RELEASE)#BUILD_VARIANT_RELEASE)$${proj_suffix}$${ver_suffix}#" \ + $(SED) -i "s#BUILD_VARIANT_RELEASE)#BUILD_VARIANT_RELEASE)$${proj_suffix}$${ver_suffix}#" \ openjdk/jdk/make/common/shared/Defs.gmk; mkdir -p stamps touch $@ @@ -1718,13 +1718,13 @@ mkdir -p $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \ grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \ if test $$? -eq 0; then \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot.stp \ > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_jni.stp \ > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_gc.stp \ > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \ else \ @@ -1854,13 +1854,13 @@ mkdir -p $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \ grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \ if test $$? -eq 0; then \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot.stp \ > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_jni.stp \ > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_gc.stp \ > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \ else \ @@ -1991,13 +1991,13 @@ mkdir -p $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \ grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \ if test $$? -eq 0; then \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot.stp \ > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_jni.stp \ > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \ - sed -e '/\/client\/libjvm.so/d' \ + $(SED) -e '/\/client\/libjvm.so/d' \ < $(abs_top_builddir)/tapset/hotspot_gc.stp \ > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \ else \ @@ -2215,10 +2215,10 @@ org.mozilla sun.org.mozilla && \ (cd rhino/rhino.old && \ for files in `find -type f -not -name '*.class'` ; do \ - new_file=../rhino.new/`echo $$files|sed -e 's#org#sun/org#'` ; \ + new_file=../rhino.new/`echo $$files|$(SED) -e 's#org#sun/org#'` ; \ mkdir -p `dirname $$new_file` ; \ cp -v $$files $$new_file ; \ - sed -ie 's#org\.mozilla#sun.org.mozilla#g' $$new_file ; \ + $(SED) -ie 's#org\.mozilla#sun.org.mozilla#g' $$new_file ; \ done \ ) && \ (cd rhino/rhino.new && \ @@ -2274,7 +2274,7 @@ clean-add-jamvm: rm -rf $(BUILD_JRE_ARCH_DIR)/jamvm if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-jamvm.stamp @@ -2292,7 +2292,7 @@ clean-add-jamvm-debug: rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/jamvm if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-jamvm-debug.stamp @@ -2345,7 +2345,7 @@ clean-add-cacao: rm -rf $(BUILD_JRE_ARCH_DIR)/cacao if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-cacao.stamp @@ -2367,7 +2367,7 @@ clean-add-cacao-debug: rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/cacao if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-cacao-debug.stamp @@ -2435,8 +2435,8 @@ rm -rf $(BUILD_JRE_ARCH_DIR)/shark rm -rf zerovm if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ - sed -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-zero.stamp @@ -2474,8 +2474,8 @@ rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/shark rm -rf zerovm if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \ - sed -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ - sed -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ + $(SED) -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \ fi rm -f stamps/add-zero-debug.stamp @@ -2553,7 +2553,7 @@ # FIXME: this might need some adjustment for other OS than Linux jtreg_processes = ps x -ww -o pid,ppid,args \ | awk '$$2 == 1 && $$3 ~ /^$(subst /,\/,/scratch)/' \ - | sed 's,$(CURDIR)/$(sdkimg),,g;s,$(CURDIR),,g' + | $(SED) 's,$(CURDIR)/$(sdkimg),,g;s,$(CURDIR),,g' jtreg_pids = ps x --no-headers -ww -o pid,ppid,args \ | awk '$$2 == 1 && $$3 ~ /^$(subst /,\/,$(CURDIR)/$(sdkimg))/ {print $$1}' @@ -2634,7 +2634,7 @@ cd lib/rt ; \ for dirs in $(ICEDTEA_BOOTSTRAP_RESOURCES) ; \ do \ - destpath=`echo $$dirs|sed -e 's#$(LANGTOOLS)/##' -e 's#$(SHARE)/##'` ; \ + destpath=`echo $$dirs|$(SED) -e 's#$(LANGTOOLS)/##' -e 's#$(SHARE)/##'` ; \ mkdir -p `dirname $$destpath` ; \ cp -a ../../$$dirs $$destpath ; \ done ; \ diff -r b1043cc0cd82 acinclude.m4 --- a/acinclude.m4 Sat Mar 08 18:06:34 2014 +0000 +++ b/acinclude.m4 Thu Mar 20 01:46:41 2014 +0100 @@ -657,6 +657,14 @@ AC_SUBST([$1]) ]) +AC_DEFUN([IT_FIND_TOOLS], +[AC_PATH_PROGS([$1],[$2]) + if test x"$$1" = x ; then + AC_MSG_ERROR([none program of $2 was found]) + fi + AC_SUBST([$1]) +]) + AC_DEFUN_ONCE([IT_ENABLE_ZERO_BUILD], [ AC_REQUIRE([IT_SET_ARCH_SETTINGS]) diff -r b1043cc0cd82 configure.ac --- a/configure.ac Sat Mar 08 18:06:34 2014 +0000 +++ b/configure.ac Thu Mar 20 01:46:41 2014 +0100 @@ -18,24 +18,21 @@ AC_PROG_CC AC_PROG_CXX -IT_FIND_TOOL([MAKE], [make]) +IT_FIND_TOOLS([MAKE], [gmake make]) IT_FIND_TOOL([GZIP], [gzip]) IT_FIND_TOOL([ANT], [ant]) -IT_FIND_TOOL([FIND], [find]) -IT_FIND_TOOL([PATCH], [patch]) -IT_FIND_TOOL([TAR], [tar]) +IT_FIND_TOOLS([FIND], [gfind find]) +IT_FIND_TOOLS([PATCH], [gpatch patch]) +IT_FIND_TOOLS([TAR], [gtar tar]) IT_FIND_TOOL([CHMOD], [chmod]) -IT_FIND_TOOL([SHA256SUM], [sha256sum]) +IT_FIND_TOOLS([SHA256SUM], [gsha256sum sha256sum]) IT_FIND_TOOL([WGET], [wget]) IT_FIND_TOOL([ZIP], [zip]) IT_FIND_TOOL([UNZIP], [unzip]) IT_FIND_TOOL([CPIO], [cpio]) IT_FIND_TOOL([FILE], [file]) -AC_CHECK_TOOLS([FASTJAR], [fastjar jar]) -if test "x$FASTJAR" = x; then - AC_MSG_ERROR([Can't find fastjar or jar]) -fi -AC_SUBST([FASTJAR]) +IT_FIND_TOOLS([FASTJAR], [fastjar jar]) +IT_FIND_TOOLS([SED],[gsed sed]) AC_CHECK_TOOL([LDD], [ldd]) dnl OpenJDK's README-builds.html lists gawk as a build dependency so we dnl check for it explicitly rather than using AC_PROG_AWK. From andrew at icedtea.classpath.org Thu Mar 20 02:06:31 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 20 Mar 2014 02:06:31 +0000 Subject: /hg/icedtea6: PR1712: Allow -Werror to be turned off in the HotS... Message-ID: changeset 9ace699eb46a in /hg/icedtea6 details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=9ace699eb46a author: Andrew John Hughes date: Thu Mar 20 02:06:20 2014 +0000 PR1712: Allow -Werror to be turned off in the HotSpot build 2012-08-16 Andrew John Hughes PR1712: Allow -Werror to be turned off in the HotSpot build * Makefile.am: (WERROR_STATUS): Set to true or false depending on if ENABLE_WERROR is set or not. (ICEDTEA_ENV): Use WERROR_STATUS to set COMPILER_WARNINGS_FATAL. * acinclude.m4: (IT_ENABLE_WERROR): New macro to enable -Werror. This is disabled by default. * configure.ac: Call IT_ENABLE_WERROR. * javac.in: Handle stripping of arguments which take parameters, specifically -Xmaxwarns. * NEWS: Updated. diffstat: ChangeLog | 17 +++++++++++++++++ Makefile.am | 9 ++++++++- NEWS | 1 + acinclude.m4 | 22 ++++++++++++++++++++++ configure.ac | 1 + javac.in | 11 +++++++++-- 6 files changed, 58 insertions(+), 3 deletions(-) diffs (134 lines): diff -r 975cb4907b2e -r 9ace699eb46a ChangeLog --- a/ChangeLog Wed Mar 19 17:33:09 2014 +0000 +++ b/ChangeLog Thu Mar 20 02:06:20 2014 +0000 @@ -1,3 +1,20 @@ +2012-08-16 Andrew John Hughes + + PR1712: Allow -Werror to be turned off in the + HotSpot build + * Makefile.am: + (WERROR_STATUS): Set to true or false + depending on if ENABLE_WERROR is set or not. + (ICEDTEA_ENV): Use WERROR_STATUS to set + COMPILER_WARNINGS_FATAL. + * acinclude.m4: + (IT_ENABLE_WERROR): New macro to enable -Werror. + This is disabled by default. + * configure.ac: Call IT_ENABLE_WERROR. + * javac.in: Handle stripping of arguments which + take parameters, specifically -Xmaxwarns. + * NEWS: Updated. + 2014-02-19 Andrew John Hughes PR1714: Update PaX support to detect running PaX diff -r 975cb4907b2e -r 9ace699eb46a Makefile.am --- a/Makefile.am Wed Mar 19 17:33:09 2014 +0000 +++ b/Makefile.am Thu Mar 20 02:06:20 2014 +0000 @@ -778,6 +778,12 @@ ICEDTEA_PKG = $(EMPTY) (${PKGVERSION}) endif +if ENABLE_WERROR +WERROR_STATUS=true +else +WERROR_STATUS=false +endif + ICEDTEA_ENV = \ ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \ ANT="$(ANT)" \ @@ -820,7 +826,8 @@ ALT_OUTPUTDIR="$(BUILD_OUTPUT_DIR)" \ STATIC_CXX="false" \ BUILD_GCC=gcc$(GCC_SUFFIX) \ - BUILD_CXX=g++$(GCC_SUFFIX) + BUILD_CXX=g++$(GCC_SUFFIX) \ + COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" if ENABLE_CACAO ICEDTEA_ENV += \ diff -r 975cb4907b2e -r 9ace699eb46a NEWS --- a/NEWS Wed Mar 19 17:33:09 2014 +0000 +++ b/NEWS Thu Mar 20 02:06:20 2014 +0000 @@ -20,6 +20,7 @@ - S8026887: Make issues due to failed large pages allocations easier to debug * Bug fixes - PR1714: Update PaX support to detect running PaX kernel and use newer tools + - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build New in release 1.11.15 (2014-01-21): diff -r 975cb4907b2e -r 9ace699eb46a acinclude.m4 --- a/acinclude.m4 Wed Mar 19 17:33:09 2014 +0000 +++ b/acinclude.m4 Thu Mar 20 02:06:20 2014 +0000 @@ -2295,3 +2295,25 @@ AC_MSG_RESULT([$enable_jar_compression]) AM_CONDITIONAL([ENABLE_JAR_COMPRESSION], test x"${enable_jar_compression}" = "xyes") ]) + +AC_DEFUN([IT_ENABLE_WERROR], +[ + AC_MSG_CHECKING([whether to enable -Werror]) + AC_ARG_ENABLE([Werror], + [AS_HELP_STRING(--enable-Werror,build with -Werror [[default=no]])], + [ + case "${enableval}" in + yes) + enable_werror=yes + ;; + *) + enable_werror=no + ;; + esac + ], + [ + enable_werror=no + ]) + AC_MSG_RESULT([$enable_werror]) + AM_CONDITIONAL([ENABLE_WERROR], test x"${enable_werror}" = "xyes") +]) diff -r 975cb4907b2e -r 9ace699eb46a configure.ac --- a/configure.ac Wed Mar 19 17:33:09 2014 +0000 +++ b/configure.ac Thu Mar 20 02:06:20 2014 +0000 @@ -283,6 +283,7 @@ IT_WITH_JAMVM_SRC_ZIP IT_DISABLE_OPTIMIZATIONS +IT_ENABLE_WERROR IT_ENABLE_JAR_COMPRESSION IT_SET_SHARK_BUILD IT_ENABLE_ZERO_BUILD diff -r 975cb4907b2e -r 9ace699eb46a javac.in --- a/javac.in Wed Mar 19 17:33:09 2014 +0000 +++ b/javac.in Thu Mar 20 02:06:20 2014 +0000 @@ -1,7 +1,8 @@ #!/usr/bin/perl -w use strict; use constant NO_DUP_ARGS => qw(-source -target -d -encoding); -use constant STRIP_ARGS => qw(-Werror -implicit:none -J-Xbootclasspath/p:); +use constant STRIP_ARGS_1 => qw(-Werror -implicit:none -J-Xbootclasspath/p:); +use constant STRIP_ARGS_2 => qw(-Xmaxwarns); my $ECJ_WARNINGS="-nowarn"; my $JAVAC_WARNINGS="-nowarn"; @@ -49,12 +50,18 @@ } } - for my $opt (STRIP_ARGS) + for my $opt (STRIP_ARGS_1) { my @indices = reverse grep {$new_args[$_] eq $opt} 0..$#new_args; splice @new_args, $_, 1 for @indices; } + for my $opt (STRIP_ARGS_2) + { + my @indices = reverse grep {$new_args[$_] eq $opt} 0..$#new_args; + splice @new_args, $_, 2 for @indices; + } + return \@new_args; } From bugzilla-daemon at icedtea.classpath.org Thu Mar 20 02:06:41 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 20 Mar 2014 02:06:41 +0000 Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712 --- Comment #1 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea6?cmd=changeset;node=9ace699eb46a author: Andrew John Hughes date: Thu Mar 20 02:06:20 2014 +0000 PR1712: Allow -Werror to be turned off in the HotSpot build 2012-08-16 Andrew John Hughes PR1712: Allow -Werror to be turned off in the HotSpot build * Makefile.am: (WERROR_STATUS): Set to true or false depending on if ENABLE_WERROR is set or not. (ICEDTEA_ENV): Use WERROR_STATUS to set COMPILER_WARNINGS_FATAL. * acinclude.m4: (IT_ENABLE_WERROR): New macro to enable -Werror. This is disabled by default. * configure.ac: Call IT_ENABLE_WERROR. * javac.in: Handle stripping of arguments which take parameters, specifically -Xmaxwarns. * NEWS: Updated. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ptisnovs at icedtea.classpath.org Thu Mar 20 08:33:33 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 20 Mar 2014 08:33:33 +0000 Subject: /hg/rhino-tests: Added two new tests into ScriptExceptionClassTest. Message-ID: changeset 6c88fa309557 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=6c88fa309557 author: Pavel Tisnovsky date: Thu Mar 20 09:34:13 2014 +0100 Added two new tests into ScriptExceptionClassTest. diffstat: ChangeLog | 5 + src/org/RhinoTests/ScriptExceptionClassTest.java | 73 ++++++++++++++++++++++++ 2 files changed, 78 insertions(+), 0 deletions(-) diffs (95 lines): diff -r 5a1fcd8c099d -r 6c88fa309557 ChangeLog --- a/ChangeLog Wed Mar 19 11:01:26 2014 +0100 +++ b/ChangeLog Thu Mar 20 09:34:13 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-20 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptExceptionClassTest.java: + Added two new tests into ScriptExceptionClassTest. + 2014-03-19 Pavel Tisnovsky * src/org/RhinoTests/InvocableClassTest.java: diff -r 5a1fcd8c099d -r 6c88fa309557 src/org/RhinoTests/ScriptExceptionClassTest.java --- a/src/org/RhinoTests/ScriptExceptionClassTest.java Wed Mar 19 11:01:26 2014 +0100 +++ b/src/org/RhinoTests/ScriptExceptionClassTest.java Thu Mar 20 09:34:13 2014 +0100 @@ -2073,6 +2073,79 @@ } /** + * Test for method javax.script.ScriptException.getClass().getResourceAsStreamNPETest() + */ + protected void testGetResourceAsStreamNPETest() { + try { + Object resource = this.scriptExceptionClass.getResourceAsStream(null); + throw new AssertionError("NullPointerException expected!"); + } + catch (NullPointerException e) { + //This is OK OK + } + } + + /** + * Test for method javax.script.ScriptException.getClass().getResourceAsStreamNegativeTest() + */ + protected void testGetResourceAsStreamNegativeTest() { + Object stream = null; + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/Constants.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + /** * Test for instanceof operator applied to a class javax.script.ScriptException */ @SuppressWarnings("cast") From ptisnovs at icedtea.classpath.org Thu Mar 20 08:36:06 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 20 Mar 2014 08:36:06 +0000 Subject: /hg/gfx-test: Eight new common test methods added into BitBltBuf... Message-ID: changeset bcdf88e32236 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=bcdf88e32236 author: Pavel Tisnovsky date: Thu Mar 20 09:36:49 2014 +0100 Eight new common test methods added into BitBltBufferedImageOp. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltBufferedImageOp.java | 162 +++++++++++++++++- 2 files changed, 166 insertions(+), 1 deletions(-) diffs (191 lines): diff -r 117344d3f5e1 -r bcdf88e32236 ChangeLog --- a/ChangeLog Wed Mar 19 10:59:00 2014 +0100 +++ b/ChangeLog Thu Mar 20 09:36:49 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-20 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltBufferedImageOp.java: + Eight new common test methods added into BitBltBufferedImageOp. + 2014-03-19 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java: diff -r 117344d3f5e1 -r bcdf88e32236 src/org/gfxtest/testsuites/BitBltBufferedImageOp.java --- a/src/org/gfxtest/testsuites/BitBltBufferedImageOp.java Wed Mar 19 10:59:00 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltBufferedImageOp.java Thu Mar 20 09:36:49 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2012, 2013 Red Hat + Copyright (C) 2012, 2013, 2014 Red Hat This file is part of IcedTea. @@ -1281,6 +1281,166 @@ } /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_3BYTE_BGR}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesType3ByteBGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_3BYTE_BGR, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_4BYTE_ABGR}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesType4ByteABGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_4BYTE_ABGR, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_4BYTE_ABGR_PRE}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesType4ByteABGR_Pre(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_4BYTE_ABGR_PRE, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_BINARY}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeByteBinary(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_BINARY, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_INDEXED}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeByteIndexed(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_INDEXED, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_GRAY}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeByteGray(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_GRAY, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_BGR}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeIntBGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_BGR, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_RGB}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeIntRGB(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_RGB, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_ARGB}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeIntARGB(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_ARGB, rasterOp); + } + + /** + * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_ARGB_PRE}. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @param rasterOp + * selected raster operation + * @return test result status - PASSED, FAILED or ERROR + */ + protected TestResult doBitBltHorizontalStripesTypeIntARGB_Pre(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp) + { + return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_ARGB_PRE, rasterOp); + } + + /** * Entry point to the test suite. * * @param args not used in this case From jvanek at redhat.com Thu Mar 20 07:49:58 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 08:49:58 +0100 Subject: EXTREME weirdness - applet writing without permissions In-Reply-To: <1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com> References: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com> <1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com> Message-ID: <532A9DA6.8040200@redhat.com> On 03/17/2014 06:10 PM, Andrew Azores wrote: > **> Oh... OK. So I misunderstood (mis-guessed) the spec. I see! > > So I'll have to put an unsigned applet there to have it sandboxed. > > Thanks for investigating, > > Stefan > > Well, you could alternatively just specify sandbox permissions in the applet tag. But simply splitting it into its own separate unsigned JAR will also work. Up to you. Bonus points if you test both and confirm that it comes out with sandbox-only permissions either way :) > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions for similar purposes, this may come handy later .... J. From jvanek at redhat.com Thu Mar 20 14:32:42 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 15:32:42 +0100 Subject: [rfc][icedtea-web] cache tweeks Message-ID: <532AFC0A.5040501@redhat.com> releaseLock is bug, found thanx to tweeksToCache work. releaseLock is releasing the never released lock. It is not 100% fix but for deeper fixing this needs to wait for cache revisite. ntil now it was invisible, because jvm always terminated after clean-cache. The tweeksToCache is doing the only thing - making clear cache more visible. Righ ntnow it exists only as cmd switch, and as feature in itw-settings->cache->view Fiels->delete on by one. Now one can itw-settings->cache->view Files->delete all. Delete all is also presented on error dialogs - with tooltip why. Motivation? - tired to close bugs by "clear cache first please" "how" "...:x..." "It started to work" Thanx! J. -------------- next part -------------- A non-text attachment was scrubbed... Name: releaseLock.patch Type: text/x-patch Size: 1643 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: tweeksToCache.patch Type: text/x-patch Size: 14219 bytes Desc: not available URL: From jvanek at redhat.com Thu Mar 20 15:05:31 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 16:05:31 +0100 Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate Class Message-ID: <532B03BB.6050001@redhat.com> Pure refactroing as in subject. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: manifestsValidationMovedToSeparateClass.diff Type: text/x-patch Size: 27685 bytes Desc: not available URL: From aazores at redhat.com Thu Mar 20 15:13:18 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 11:13:18 -0400 Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate Class In-Reply-To: <532B03BB.6050001@redhat.com> References: <532B03BB.6050001@redhat.com> Message-ID: <532B058E.7000005@redhat.com> On 03/20/2014 11:05 AM, Jiri Vanek wrote: > Pure refactroing as in subject. > > J. Looks good to me. Thanks, -- Andrew A From jvanek at icedtea.classpath.org Thu Mar 20 15:21:45 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Thu, 20 Mar 2014 15:21:45 +0000 Subject: /hg/icedtea-web: Methods validating manifests' attributes moved ... Message-ID: changeset d133c4ebfe24 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d133c4ebfe24 author: Jiri Vanek date: Thu Mar 20 16:29:46 2014 +0100 Methods validating manifests' attributes moved to separate class. diffstat: ChangeLog | 12 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 202 +------- netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java | 242 ++++++++++ netx/net/sourceforge/jnlp/util/UrlUtils.java | 11 + 4 files changed, 274 insertions(+), 193 deletions(-) diffs (truncated from 547 to 500 lines): diff -r 15bbdf43c1e7 -r d133c4ebfe24 ChangeLog --- a/ChangeLog Fri Mar 14 10:50:15 2014 -0400 +++ b/ChangeLog Thu Mar 20 16:29:46 2014 +0100 @@ -1,3 +1,15 @@ +2014-03-20 Jiri Vanek + + Methods validating manifests' attributes moved to separate class. + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Cleaned imports. + At (init) methods (checkCodebaseAttribute), (checkPermissionsAttribute) and + (checkApplicationLibraryAllowableCodebaseAttribute) moved to + ManifestsAttributesValidator. (guessCodeBase) generalized in UrlUtils. + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + new class. Contains logic to validate manifests'attributes. + * netx/net/sourceforge/jnlp/util/UrlUtils.java: added method (guessCodeBase) + as generalization of JNLPClassLoader's guessCodeBase method. + 2014-03-14 Andrew Azores Added new PartiallySigned Dialog to replace NotAllSignedWarningPane. diff -r 15bbdf43c1e7 -r d133c4ebfe24 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Fri Mar 14 10:50:15 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 16:29:46 2014 +0100 @@ -64,7 +64,6 @@ import net.sourceforge.jnlp.ExtensionDesc; import net.sourceforge.jnlp.JARDesc; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; import net.sourceforge.jnlp.JNLPMatcher; import net.sourceforge.jnlp.JNLPMatcherException; import net.sourceforge.jnlp.LaunchDesc; @@ -84,12 +83,8 @@ import net.sourceforge.jnlp.security.AppVerifier; import net.sourceforge.jnlp.security.JNLPAppVerifier; import net.sourceforge.jnlp.security.PluginAppVerifier; -import net.sourceforge.jnlp.security.SecurityDialogs; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; import net.sourceforge.jnlp.tools.JarCertVerifier; -import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers; import net.sourceforge.jnlp.util.JarFile; import net.sourceforge.jnlp.util.StreamUtils; import net.sourceforge.jnlp.util.UrlUtils; @@ -288,12 +283,11 @@ initializePermissions(); setSecurity(); - - checkCodebaseAttribute(); - - checkPermissionsAttribute(); - - checkApplicationLibraryAllowableCodebaseAttribute(); + + ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing); + mav.checkCodebaseAttribute(); + mav.checkPermissionsAttribute(); + mav.checkApplicationLibraryAllowableCodebaseAttribute(); installShutdownHooks(); @@ -319,7 +313,7 @@ } private void setSecurity() throws LaunchException { - URL codebase = guessCodeBase(); + URL codebase = UrlUtils.guessCodeBase(file); this.security = securityDelegate.getClassLoaderSecurity(codebase.getHost()); } @@ -2246,52 +2240,9 @@ return mainClass; } - private URL guessCodeBase() { - if (file.getCodeBase() != null) { - return file.getCodeBase(); - } else { - //Fixme: codebase should be the codebase of the Main Jar not - //the location. Although, it still works in the current state. - return file.getResources().getMainJAR().getLocation(); - } - } - - /** - * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase - */ - private void checkCodebaseAttribute() throws LaunchException { - if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile")); - return; - } - final Object securityType = security.getSecurityType(); - final URL codebase = guessCodeBase(); - final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase(); - if (codebaseAtt == null) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry")); - return; - } - if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { - if (codebaseAtt.matches(codebase)) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass")); - } else { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail")); - } - } else { - if (codebaseAtt.matches(codebase)) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk")); - } else { - if (file instanceof PluginBridge) { - throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase)); - } else { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail")); - } - } - } - - } - - /** + + + /** * SecurityDelegate, in real usage, relies on having a "parent" JNLPClassLoader instance. * However, JNLPClassLoaders are very large, heavyweight, difficult-to-mock objects, which * means that unit testing on anything that uses a SecurityDelegate can become very difficult. @@ -2321,96 +2272,6 @@ public boolean getRunInSandbox(); } - private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException { - if (signing == SigningState.NONE){ - return; /*when app is not signed at all, then skip this check*/ - } - //conditions - URL codebase = file.getCodeBase(); - URL documentBase = null; - if (file instanceof PluginBridge) { - documentBase = ((PluginBridge) file).getSourceLocation(); - } - if (documentBase == null) { - documentBase = file.getCodeBase(); - } - - //cases - Set usedUrls = new HashSet(); - URL sourceLocation = file.getSourceLocation(); - ResourcesDesc[] resourcesDescs = file.getResourcesDescs(); - if (sourceLocation != null) { - usedUrls.add(UrlUtils.removeFileName(sourceLocation)); - } - for (ResourcesDesc resourcesDesc: resourcesDescs) { - ExtensionDesc[] ex = resourcesDesc.getExtensions(); - if (ex != null) { - for ( ExtensionDesc extensionDesc: ex) { - if (extensionDesc != null) { - usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation())); - } - } - } - JARDesc[] jars = resourcesDesc.getJARs(); - if (jars != null) { - for (JARDesc jarDesc: jars) { - if (jarDesc != null) { - usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation())); - } - } - } - JNLPFile jnlp = resourcesDesc.getJNLPFile(); - if (jnlp != null) { - usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation())); - } - - } - OutputController.getLogger().log("Found alaca URLs to be verified"); - for (URL url : usedUrls) { - OutputController.getLogger().log(" - " + url.toExternalForm()); - } - if (usedUrls.isEmpty()) { - //I hope this is the case, when the resources is/are - //only codebase classes. Then it should be safe to return. - OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check."); - return; - } - - if (usedUrls.size() == 1) { - if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase) - && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) { - //all resoources are from codebase or document base. it is ok to proceeed. - OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); - return; - } - } - ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); - - if (att == null) { - boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); - if (!a) { - throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"); - } else { - OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user"); - return; - } - } else { - for (URL foundUrl : usedUrls) { - if (!att.matches(foundUrl)) { - throw new LaunchException("The resource from " + foundUrl + " does not match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running."); - } else { - OutputController.getLogger().log("The resource from " + foundUrl + " does match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing."); - } - } - } - boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls); - if (!a) { - throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." ); - } else { - OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user." ); - } - } - /** * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign * to JARs. @@ -2547,51 +2408,6 @@ } - /** - * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions - */ - public void checkPermissionsAttribute() throws LaunchException { - final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); - AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); - if (level == AppletSecurityLevel.ALLOW_UNSIGNED) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing"); - return; - } - switch (permissions) { - case UNDEFINED: { - if (level == AppletSecurityLevel.DENY_UNSIGNED) { - throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); - } - if (level == AppletSecurityLevel.ASK_UNSIGNED) { - boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); - if (!a) { - throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); - } else { - OutputController.getLogger().log("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it."); - } - } - //default for missing is sandbox - if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { - throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); - } - break; - } - case TRUE: { - if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { - OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); - } else { - throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); - } - } - case FALSE: { - if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { - throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); - } else { - OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); - } - } - } - } /* * Helper class to expose protected URLClassLoader methods. diff -r 15bbdf43c1e7 -r d133c4ebfe24 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 16:29:46 2014 +0100 @@ -0,0 +1,242 @@ +/* +Copyright (C) 2011 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ +package net.sourceforge.jnlp.runtime; + +import java.net.URL; +import java.util.HashSet; +import java.util.Set; +import net.sourceforge.jnlp.ExtensionDesc; +import net.sourceforge.jnlp.JARDesc; +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; +import net.sourceforge.jnlp.LaunchException; +import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.ResourcesDesc; +import net.sourceforge.jnlp.SecurityDesc; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState; +import net.sourceforge.jnlp.security.SecurityDialogs; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; +import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers; +import net.sourceforge.jnlp.util.UrlUtils; +import net.sourceforge.jnlp.util.logging.OutputController; + +public class ManifestsAttributesValidator { + + private final SecurityDesc security; + private final JNLPFile file; + private final SigningState signing; + + public ManifestsAttributesValidator(SecurityDesc security, JNLPFile file, SigningState signing) { + this.security = security; + this.file = file; + this.signing = signing; + } + + + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase + */ + void checkCodebaseAttribute() throws LaunchException { + if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile")); + return; + } + final Object securityType = security.getSecurityType(); + final URL codebase = UrlUtils.guessCodeBase(file); + final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase(); + if (codebaseAtt == null) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry")); + return; + } + if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { + if (codebaseAtt.matches(codebase)) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass")); + } else { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail")); + } + } else { + if (codebaseAtt.matches(codebase)) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk")); + } else { + if (file instanceof PluginBridge) { + throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase)); + } else { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail")); + } + } + } + + } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions + */ + void checkPermissionsAttribute() throws LaunchException { + final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); + AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + if (level == AppletSecurityLevel.ALLOW_UNSIGNED) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing"); + return; + } + switch (permissions) { + case UNDEFINED: { + if (level == AppletSecurityLevel.DENY_UNSIGNED) { + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); + } + if (level == AppletSecurityLevel.ASK_UNSIGNED) { + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); + if (!a) { + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); + } else { + OutputController.getLogger().log("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it."); + } + } + //default for missing is sandbox + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); + } + break; + } + case TRUE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } else { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); + } + } + case FALSE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); + } else { + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } + } + } + } + + void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException { + if (signing == SigningState.NONE) { + return; /*when app is not signed at all, then skip this check*/ + } + //conditions + URL codebase = file.getCodeBase(); + URL documentBase = null; + if (file instanceof PluginBridge) { + documentBase = ((PluginBridge) file).getSourceLocation(); + } + if (documentBase == null) { + documentBase = file.getCodeBase(); + } + + //cases + Set usedUrls = new HashSet(); + URL sourceLocation = file.getSourceLocation(); + ResourcesDesc[] resourcesDescs = file.getResourcesDescs(); + if (sourceLocation != null) { + usedUrls.add(UrlUtils.removeFileName(sourceLocation)); + } + for (ResourcesDesc resourcesDesc : resourcesDescs) { + ExtensionDesc[] ex = resourcesDesc.getExtensions(); + if (ex != null) { + for (ExtensionDesc extensionDesc : ex) { + if (extensionDesc != null) { + usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation())); + } + } + } + JARDesc[] jars = resourcesDesc.getJARs(); + if (jars != null) { + for (JARDesc jarDesc : jars) { + if (jarDesc != null) { + usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation())); + } + } + } + JNLPFile jnlp = resourcesDesc.getJNLPFile(); + if (jnlp != null) { + usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation())); + } + + } + OutputController.getLogger().log("Found alaca URLs to be verified"); + for (URL url : usedUrls) { + OutputController.getLogger().log(" - " + url.toExternalForm()); + } + if (usedUrls.isEmpty()) { + //I hope this is the case, when the resources is/are + //only codebase classes. Then it should be safe to return. + OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + + if (usedUrls.size() == 1) { + if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase) + && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) { + //all resoources are from codebase or document base. it is ok to proceeed. + OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + } + ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); + + if (att == null) { + boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!a) { + throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"); From aazores at redhat.com Thu Mar 20 15:23:40 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 11:23:40 -0400 Subject: [rfc][icedtea-web] cache tweeks In-Reply-To: <532AFC0A.5040501@redhat.com> References: <532AFC0A.5040501@redhat.com> Message-ID: <532B07FC.3050401@redhat.com> On 03/20/2014 10:32 AM, Jiri Vanek wrote: > releaseLock is bug, found thanx to tweeksToCache work. > releaseLock is releasing the never released lock. It is not 100% fix > but for deeper fixing this needs to wait for cache revisite. ntil now > it was invisible, because jvm always terminated after clean-cache. > > The tweeksToCache is doing the only thing - making clear cache more > visible. Righ ntnow it exists only as cmd switch, and as feature in > itw-settings->cache->view Fiels->delete on by one. > Now one can itw-settings->cache->view Files->delete all. > Delete all is also presented on error dialogs - with tooltip why. > > Motivation? - tired to close bugs by "clear cache first please" "how" > "...:x..." "It started to work" > > Thanx! > J. There's some weird formatting going on in the cache tweaks patch. invokeLaterDeleteAll, disableButtons, restoreDisabled, and visualCleanCache all have various indentation issues. Otherwise I think this is okay. Thanks, -- Andrew A From gnu.andrew at redhat.com Thu Mar 20 15:32:52 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Thu, 20 Mar 2014 11:32:52 -0400 (EDT) Subject: build with bsd userland In-Reply-To: <532A3C08.6090803@sanatana.filez.com> References: <532A3C08.6090803@sanatana.filez.com> Message-ID: <8057175.275897.1395329572686.JavaMail.zimbra@redhat.com> ----- Original Message ----- > on bsd systems, gnu versions of utils are installed with g prefix, such > as gsed instead of sed. > > this patch adds checking for such versions and uses them if found in > path. With this patch it bootrap icedtea build system correctly on fbsd 10. > This looks sane. I'll get it applied to HEAD. I should have said, following your e-mail the other day, that the repository you were using was the right one to work on. Patches should initially be applied to HEAD and then backported to branches as necessary. We don't want to end up in a situation where patches are only on a release branch (effectively, a dead end). > it still does not build openjdk out of box with patch, fails on: > > gmake[1]: Entering directory `/home/hsn/live/icedtea7/openjdk-boot' > jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of ARCH cannot be > empty, will use ''" > jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of PLATFORM cannot > be empty, will use ''" > jdk/make/common/shared/Defs.gmk:397: jdk/make/common/shared/Defs-.gmk: > No such file or directory > jdk/make/common/shared/Defs.gmk:674: > jdk/make/common/shared/Compiler-.gmk: No such file or directory > gmake[1]: *** No rule to make target > `jdk/make/common/shared/Compiler-.gmk'. Stop. > Ah, I think the problem here is there's only aix, linux, macosx, solaris and windows in that directory. HotSpot, however, has BSD... It seems some of the BSD port has been included upstream but not all. Let me see if I can bring in an appropriate file from the BSD tree. > I did not discovered where these variables are supposed to be set, after > setting this manually to linux, it crosscompiles major portion of JDK. > -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From aazores at redhat.com Thu Mar 20 15:33:13 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 11:33:13 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute Message-ID: <532B0A39.6060102@redhat.com> Hi, This implements the Trusted-only manifest attribute [0]. It's quite a simple check compared to some of the other new ones. A test case is included that verifies that specifying the attribute in the manifest, for a signed applet, without specifying the applet security in the applet HTML tag, is not allowed. More test cases will come later on. [0] http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute.patch Type: text/x-patch Size: 4170 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute-tests.patch Type: text/x-patch Size: 9195 bytes Desc: not available URL: From jvanek at icedtea.classpath.org Thu Mar 20 15:47:01 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Thu, 20 Mar 2014 15:47:01 +0000 Subject: /hg/icedtea-web: Clear cache function made more visible. Message-ID: changeset cea32875903d in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=cea32875903d author: Jiri Vanek date: Thu Mar 20 16:55:12 2014 +0100 Clear cache function made more visible. diffstat: ChangeLog | 16 + netx/net/sourceforge/jnlp/cache/CacheUtil.java | 16 +- netx/net/sourceforge/jnlp/controlpanel/CachePane.java | 105 +++++++-- netx/net/sourceforge/jnlp/resources/Messages.properties | 2 + netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java | 5 + netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java | 56 ++++- 6 files changed, 163 insertions(+), 37 deletions(-) diffs (391 lines): diff -r d133c4ebfe24 -r cea32875903d ChangeLog --- a/ChangeLog Thu Mar 20 16:29:46 2014 +0100 +++ b/ChangeLog Thu Mar 20 16:55:12 2014 +0100 @@ -1,3 +1,19 @@ +2014-03-20 Jiri Vanek + + Clear cache function made more visible. + * netx/net/sourceforge/jnlp/cache/CacheUtil.java: (okToClearCache) released + never released lock. (clearCache) now recriated directory after cleaning. + * netx/net/sourceforge/jnlp/controlpanel/CachePane.java: Added delete + all button. (restoreDisabled) and (disableButtons) are containing duplicated + code. (invokeLaterDeleteAll) and (visualCleanCache) utility methods accessing + CacheUtil.clearCache. + * netx/net/sourceforge/jnlp/resources/Messages.properties: added (CVCPCleanCache) + and (CVCPCleanCacheTip) keys + * netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java: + added (cacheButton) + * netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java: also added (cacheButton) + but also included some layout refactoring to have buttons in row. + 2014-03-20 Jiri Vanek Methods validating manifests' attributes moved to separate class. diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/cache/CacheUtil.java --- a/netx/net/sourceforge/jnlp/cache/CacheUtil.java Thu Mar 20 16:29:46 2014 +0100 +++ b/netx/net/sourceforge/jnlp/cache/CacheUtil.java Thu Mar 20 16:55:12 2014 +0100 @@ -191,6 +191,7 @@ try { cacheDir = cacheDir.getCanonicalFile(); FileUtils.recursiveDelete(cacheDir, cacheDir); + cacheDir.mkdir(); } catch (IOException e) { throw new RuntimeException(e); } @@ -202,14 +203,15 @@ * @return true if the cache can be cleared at this time without problems */ private static boolean okToClearCache() { - File otherJavawsRunning = new File(JNLPRuntime.getConfiguration() - .getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE)); + File otherJavawsRunning = new File(JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE)); + FileLock locking = null; try { if (otherJavawsRunning.isFile()) { FileOutputStream fis = new FileOutputStream(otherJavawsRunning); FileChannel channel = fis.getChannel(); - if (channel.tryLock() == null) { + locking = channel.tryLock(); + if (locking == null) { OutputController.getLogger().log("Other instances of netx are running"); return false; } @@ -222,6 +224,14 @@ } } catch (IOException e) { return false; + } finally { + if (locking != null) { + try { + locking.release(); + } catch (IOException ex) { + OutputController.getLogger().log(ex); + } + } } } diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/controlpanel/CachePane.java --- a/netx/net/sourceforge/jnlp/controlpanel/CachePane.java Thu Mar 20 16:29:46 2014 +0100 +++ b/netx/net/sourceforge/jnlp/controlpanel/CachePane.java Thu Mar 20 16:55:12 2014 +0100 @@ -46,6 +46,7 @@ import javax.swing.JButton; import javax.swing.JComponent; import javax.swing.JDialog; +import javax.swing.JOptionPane; import javax.swing.JPanel; import javax.swing.JScrollPane; import javax.swing.JTable; @@ -58,6 +59,7 @@ import net.sourceforge.jnlp.cache.CacheDirectory; import net.sourceforge.jnlp.cache.CacheLRUWrapper; +import net.sourceforge.jnlp.cache.CacheUtil; import net.sourceforge.jnlp.cache.DirectoryNode; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.Translator; @@ -80,7 +82,7 @@ Translator.R("CVCPColSize"), Translator.R("CVCPColLastModified") }; JTable cacheTable; - private JButton deleteButton, refreshButton, doneButton; + private JButton deleteButton, refreshButton, doneButton, cleanAll; /** * Creates a new instance of the CachePane. @@ -192,12 +194,7 @@ deleteButton.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - // Deleting may take a while, so indicate busy by cursor - parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR)); - // Disable dialog and buttons while deleting - deleteButton.setEnabled(false); - refreshButton.setEnabled(false); - doneButton.setEnabled(false); + disableButtons(); // Delete on AWT thread after this action has been performed // in order to allow the cache viewer to update itself invokeLaterDelete(); @@ -206,14 +203,24 @@ deleteButton.setEnabled(false); buttons.add(deleteButton); + this.cleanAll = new JButton(Translator.R("CVCPCleanCache")); + cleanAll.addActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + disableButtons(); + // Delete on AWT thread after this action has been performed + // in order to allow the cache viewer to update itself + invokeLaterDeleteAll(); + } + }); + buttons.add(cleanAll); + this.refreshButton = new JButton(Translator.R("CVCPButRefresh")); refreshButton.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - // Disable all its controls when performing cacheTable refresh (populating) - deleteButton.setEnabled(false); - refreshButton.setEnabled(false); - doneButton.setEnabled(false); + disableButtons(); // Populate cacheTable on AWT thread after this action event has been performed invokeLaterPopulateTable(); } @@ -259,7 +266,7 @@ * {@link CacheViewer} have been instantiated and painted. * @see CachePane#cacheTable */ - private final void invokeLaterDelete() { + private void invokeLaterDelete() { EventQueue.invokeLater(new Runnable() { @Override public void run() { @@ -283,6 +290,7 @@ int row = cacheTable.getSelectedRow(); try { if (fl == null) { + JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache")); return; } int modelRow = cacheTable.convertRowIndexToModel(row); @@ -310,21 +318,7 @@ } catch (Exception exception) { OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception); } finally { - // If nothing selected then keep deleteButton disabled - if (!cacheTable.getSelectionModel().isSelectionEmpty()) { - deleteButton.setEnabled(true); - } - // Enable buttons - refreshButton.setEnabled(true); - doneButton.setEnabled(true); - // If cacheTable is empty disable it and set background - // color to indicate being disabled - if (cacheTable.getModel().getRowCount() == 0) { - cacheTable.setEnabled(false); - cacheTable.setBackground(SystemColor.control); - } - // Reset cursor - parent.getContentPane().setCursor(Cursor.getDefaultCursor()); + restoreDisabled(); } } @@ -344,6 +338,23 @@ }); } + private void invokeLaterDeleteAll() { + EventQueue.invokeLater(new Runnable() { + + @Override + public void run() { + try { + visualCleanCache(parent); + populateTable(); + } catch (Exception exception) { + OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception); + } finally { + restoreDisabled(); + } + } + }); + } + /** * Posts an event to the event queue to populate the * {@link CachePane#cacheTable} after the {@code CachePane} and @@ -371,6 +382,7 @@ } finally { refreshButton.setEnabled(true); doneButton.setEnabled(true); + cleanAll.setEnabled(true); } } }); @@ -439,4 +451,43 @@ defaultFocusComponent.requestFocusInWindow(); } } + + public void disableButtons() { + // may take a while, so indicate busy by cursor + parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR)); + // Disable dialog and buttons while operating + deleteButton.setEnabled(false); + refreshButton.setEnabled(false); + doneButton.setEnabled(false); + cleanAll.setEnabled(false); + } + + public void restoreDisabled() { + cleanAll.setEnabled(true); + // If nothing selected then keep deleteButton disabled + if (!cacheTable.getSelectionModel().isSelectionEmpty()) { + deleteButton.setEnabled(true); + } + // Enable buttons + refreshButton.setEnabled(true); + doneButton.setEnabled(true); + // If cacheTable is empty disable it and set background + // color to indicate being disabled + if (cacheTable.getModel().getRowCount() == 0) { + cacheTable.setEnabled(false); + cacheTable.setBackground(SystemColor.control); + } + // Reset cursor + parent.getContentPane().setCursor(Cursor.getDefaultCursor()); + } + + public static boolean visualCleanCache(Component parent) { + boolean success = CacheUtil.clearCache(); + if (!success) { + JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache")); + } + return success; + } } + + diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 20 16:29:46 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 20 16:55:12 2014 +0100 @@ -679,6 +679,8 @@ CVCPDialogTitle=Cache Viewer CVCPButRefresh=Refresh CVCPButDelete=Delete +CVCPCleanCache=Clean all cache +CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. CVCPColLastModified=Last Modified CVCPColSize=Size (Bytes) CVCPColDomain=Domain diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java --- a/netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java Thu Mar 20 16:29:46 2014 +0100 +++ b/netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java Thu Mar 20 16:55:12 2014 +0100 @@ -74,6 +74,7 @@ private JButton homeButton; private JButton aboutButton; private JButton consoleButton; + private JButton cacheButton; private JEditorPane htmlErrorAndHelpPanel; private JLabel exceptionLabel; private JLabel iconLabel; @@ -143,6 +144,7 @@ homeButton = new JButton(); aboutButton = new JButton(); consoleButton = BasicExceptionDialog.getShowButton(JEditorPaneBasedExceptionDialog.this); + cacheButton = BasicExceptionDialog.getClearCacheButton(JEditorPaneBasedExceptionDialog.this); setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); @@ -174,6 +176,8 @@ .addContainerGap() .addComponent(aboutButton) .addContainerGap() + .addComponent(cacheButton) + .addContainerGap() .addComponent(consoleButton) .addPreferredGap(LayoutStyle.ComponentPlacement.RELATED, 314, Short.MAX_VALUE) .addComponent(closeAndCopyButton) @@ -185,6 +189,7 @@ .addGroup(jPanel2Layout.createParallelGroup(GroupLayout.Alignment.BASELINE) .addComponent(closeButton) .addComponent(aboutButton) + .addComponent(cacheButton) .addComponent(consoleButton) .addComponent(closeAndCopyButton)) .addContainerGap())); diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java --- a/netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java Thu Mar 20 16:29:46 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java Thu Mar 20 16:55:12 2014 +0100 @@ -56,6 +56,8 @@ import javax.swing.JPanel; import javax.swing.JScrollPane; import javax.swing.JTextArea; +import javax.swing.SwingUtilities; +import net.sourceforge.jnlp.controlpanel.CachePane; import net.sourceforge.jnlp.util.logging.JavaConsole; /** @@ -79,23 +81,39 @@ final JDialog errorDialog = optionPane.createDialog(R("Error")); errorDialog.setIconImages(ImageResources.INSTANCE.getApplicationImages()); - final JPanel quickInfoPanel = new JPanel(); - BoxLayout layout = new BoxLayout(quickInfoPanel, BoxLayout.Y_AXIS); - quickInfoPanel.setLayout(layout); - mainPanel.add(quickInfoPanel, BorderLayout.PAGE_START); + final JPanel quickInfoPanelAll = new JPanel(); + final JPanel quickInfoPanelMessage = new JPanel(); + final JPanel quickInfoPanelButtons = new JPanel(); + BoxLayout layoutAll = new BoxLayout(quickInfoPanelAll, BoxLayout.Y_AXIS); + BoxLayout layoutMessage = new BoxLayout(quickInfoPanelMessage, BoxLayout.X_AXIS); + BoxLayout layoutButtons = new BoxLayout(quickInfoPanelButtons, BoxLayout.X_AXIS); + quickInfoPanelAll.setLayout(layoutAll); + quickInfoPanelMessage.setLayout(layoutMessage); + quickInfoPanelButtons.setLayout(layoutButtons); + mainPanel.add(quickInfoPanelAll, BorderLayout.PAGE_START); + quickInfoPanelAll.add(quickInfoPanelMessage); + quickInfoPanelAll.add(quickInfoPanelButtons); JLabel errorLabel = new JLabel(exception.getMessage()); errorLabel.setAlignmentY(JComponent.LEFT_ALIGNMENT); - quickInfoPanel.add(errorLabel); + quickInfoPanelMessage.add(errorLabel); final JButton viewDetails = new JButton(R("ButShowDetails")); viewDetails.setAlignmentY(JComponent.LEFT_ALIGNMENT); viewDetails.setActionCommand("show"); - quickInfoPanel.add(viewDetails); + quickInfoPanelButtons.add(viewDetails); + + final JButton cacheButton = getClearCacheButton(errorDialog); + cacheButton.setAlignmentY(JComponent.LEFT_ALIGNMENT); + quickInfoPanelButtons.add(cacheButton); final JButton consoleButton = getShowButton(errorDialog); consoleButton.setAlignmentY(JComponent.LEFT_ALIGNMENT); - quickInfoPanel.add(consoleButton); + quickInfoPanelButtons.add(consoleButton); + + final JPanel fillRest = new JPanel(); + fillRest.setAlignmentY(JComponent.LEFT_ALIGNMENT); + quickInfoPanelButtons.add(fillRest); JTextArea textArea = new JTextArea(); textArea.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); @@ -149,4 +167,28 @@ } return consoleButton; } + + public static JButton getClearCacheButton(final Component parent) { + JButton clearAllButton = new JButton(); + clearAllButton.setText(R("CVCPCleanCache")); + clearAllButton.setToolTipText(R("CVCPCleanCacheTip")); + clearAllButton.addActionListener(new java.awt.event.ActionListener() { + + @Override + public void actionPerformed(java.awt.event.ActionEvent evt) { + SwingUtilities.invokeLater(new Runnable() { + + @Override + public void run() { + try { + CachePane.visualCleanCache(parent); + } catch (Exception ex) { + OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, ex); + } + } + }); + } + }); + return clearAllButton; + } } From jvanek at redhat.com Thu Mar 20 16:23:10 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 17:23:10 +0100 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B0A39.6060102@redhat.com> References: <532B0A39.6060102@redhat.com> Message-ID: <532B15EE.10508@redhat.com> On 03/20/2014 04:33 PM, Andrew Azores wrote: > Hi, > > This implements the Trusted-only manifest attribute [0]. It's quite a simple check compared to some of the other new ones. A test case is included that verifies that specifying the attribute in the manifest, for a signed applet, without specifying the applet security in the applet HTML tag, is not allowed. More test cases will come later on. > > [0] http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only Thanx for prompt work! Few nits: + ... file.getManifestsAttributes().getAttribute(JNLPFile.ManifestsAttributes.TRUSTED_ONLY); You do not need to bother with this. There is method for you in file.getManifestsAttributes() which returns ManifestBoolean (TRUE, FALSE, UNDEFINED) for you. It will affect also + if (!trustedOnly.equalsIgnoreCase("true")) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Trusted Only manifest attribute is not recognized. Continuing anyway."); + return; + } Instead of this your code will recieve IllegalArgumentException, And I 'm in favour to let it be thrown. Instead of MESSAGE_ALL please go on with MESSAGE_DEBUG for those two messages + if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, + "Trusted Only manifest attribute is \"true\". Applet is fully signed? " + isFullySigned + + ". Applet is requesting permission level: " + securityType + ". This is fatal."); + throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", Boolean.toString(isFullySigned), securityType)); + } I would like to have the OutputController.getLogger().log(OutputController.Level.ERROR_ALL, as MESSAFE_DEBUG and *before* the if itself. Also the essafe is bit wierd :) "Trusted Only manifest attribute is " + trustedOnly + ". Applet's signing is " + signing + ". Applet is requesting permission level: " + securityType + "."); Or similar.. moreover everything iexcept the "Applet is fully signed?" :) Also the LaunchException itself - Ithink the Boolean.toString(isFullySigned) nor securityType is necessary. All is known in this state. So just throw exception with explanation without variables (thay may be in only one state or not? isFullySigned==true and desc!=SecurityDesc.ALL_PERMISSIONS) ) Also maybe different value for null and for "rest" in case of securityType string. The reproducer is missing javaws parts and is missing correct case. Minimalistical reproducer should be - applet signed trusted-only=false - applet signed trusted-only=true - applet signed trusted-only=illegal - applet mixed signatures trusted-only=false - applet mixed signatures trusted-only=false - applet mixed signatures trusted-only=illegal - applet not signed trusted-only=false - applet not signed trusted-only=true - applet not signed trusted-only=illegal - javaws signed trusted-only=false - javaws signed trusted-only=true - javaws signed trusted-only=illegal - javaws not signed trusted-only=false - javaws not signed trusted-only=true - javaws not signed trusted-only=illegal However it is to much work. In long-term it would be nice to have them. For now, just extends your: applet not signed trusted-only=true by: javaws not signed trusted-only=true Also youu do not need custom reproducer for this! Unsigned applet with manifest is classical simple reproducer :) thanx! J. From aazores at redhat.com Thu Mar 20 16:42:13 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 12:42:13 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B15EE.10508@redhat.com> References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com> Message-ID: <532B1A65.8070504@redhat.com> On 03/20/2014 12:23 PM, Jiri Vanek wrote: > On 03/20/2014 04:33 PM, Andrew Azores wrote: >> Hi, >> >> This implements the Trusted-only manifest attribute [0]. It's quite a >> simple check compared to some of the other new ones. A test case is >> included that verifies that specifying the attribute in the manifest, >> for a signed applet, without specifying the applet security in the >> applet HTML tag, is not allowed. More test cases will come later on. >> >> [0] >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only > > Thanx for prompt work! > > Few nits: > > + ... > file.getManifestsAttributes().getAttribute(JNLPFile.ManifestsAttributes.TRUSTED_ONLY); > > You do not need to bother with this. There is method for you in > file.getManifestsAttributes() which returns ManifestBoolean (TRUE, > FALSE, UNDEFINED) for you. > > It will affect also > > + if (!trustedOnly.equalsIgnoreCase("true")) { > + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, > "Trusted Only manifest attribute is not recognized. Continuing anyway."); > + return; > + } > > Instead of this your code will recieve IllegalArgumentException, And I > 'm in favour to let it be thrown. > > Instead of MESSAGE_ALL please go on with MESSAGE_DEBUG for those two > messages All above fixed. > > + if (!(isFullySigned && > SecurityDesc.ALL_PERMISSIONS.equals(desc))) { > + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, > + "Trusted Only manifest attribute is \"true\". > Applet is fully signed? " + isFullySigned > + + ". Applet is requesting permission > level: " + securityType + ". This is fatal."); > + throw new > LaunchException(Translator.R("STrustedOnlyAttributeFailure", > Boolean.toString(isFullySigned), securityType)); > + } > > > I would like to have the > OutputController.getLogger().log(OutputController.Level.ERROR_ALL, as > MESSAFE_DEBUG and *before* the if itself. Sure. > > Also the essafe is bit wierd :) Yea... ;) > > "Trusted Only manifest attribute is " + trustedOnly + ". Applet's > signing is " + signing + ". Applet is requesting permission level: " + > securityType + "."); > > Or similar.. moreover everything iexcept the "Applet is fully signed?" :) Better now? > > Also the LaunchException itself - Ithink the > Boolean.toString(isFullySigned) nor securityType is necessary. All is > known in this state. > So just throw exception with explanation without variables (thay may > be in only one state or not? isFullySigned==true and > desc!=SecurityDesc.ALL_PERMISSIONS) ) If Trusted-only is true, having either desc != ALL_PERMISSIONS *or* signing != SigningState.FULL will cause a failure. I'd like to be able to have it distinguish between these two cases, rather than just saying "one of these things went wrong", especially because both of those have several possible values. > > > Also maybe different value for null and for "rest" in case of > securityType string. Done. > > > The reproducer is missing javaws parts and is missing correct case. > Minimalistical reproducer should be > - applet signed trusted-only=false > - applet signed trusted-only=true > - applet signed trusted-only=illegal > - applet mixed signatures trusted-only=false > - applet mixed signatures trusted-only=false > - applet mixed signatures trusted-only=illegal > - applet not signed trusted-only=false > - applet not signed trusted-only=true > - applet not signed trusted-only=illegal > - javaws signed trusted-only=false > - javaws signed trusted-only=true > - javaws signed trusted-only=illegal > - javaws not signed trusted-only=false > - javaws not signed trusted-only=true > - javaws not signed trusted-only=illegal > > However it is to much work. In long-term it would be nice to have > them. For now, just extends your: > applet not signed trusted-only=true > by: > javaws not signed trusted-only=true It's: applet signed trusted-only=true right now. But yes. JNLP version of the same added. > > > Also youu do not need custom reproducer for this! Unsigned applet > with manifest is classical simple reproducer :) > > thanx! > J. It will need to be custom eventually for the mixed signatures, though. I was intending to use just one custom reproducer to build and test all of the different cases (eventually). Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute.patch Type: text/x-patch Size: 4013 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute-tests.patch Type: text/x-patch Size: 12125 bytes Desc: not available URL: From jvanek at redhat.com Thu Mar 20 17:32:30 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 18:32:30 +0100 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B1A65.8070504@redhat.com> References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com> <532B1A65.8070504@redhat.com> Message-ID: <532B262E.9080806@redhat.com> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, + "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); Please, do it MESSAGE_DEBUG On 03/20/2014 05:42 PM, Andrew Azores wrote: > On 03/20/2014 12:23 PM, Jiri Vanek wrote: >> On 03/20/2014 04:33 PM, Andrew Azores wrote: > >> ... >> >> >> The reproducer is missing javaws parts and is missing correct case. Minimalistical reproducer should be >> - applet signed trusted-only=false >> - applet signed trusted-only=true >> - applet signed trusted-only=illegal >> - applet mixed signatures trusted-only=false >> - applet mixed signatures trusted-only=false >> - applet mixed signatures trusted-only=illegal >> - applet not signed trusted-only=false >> - applet not signed trusted-only=true >> - applet not signed trusted-only=illegal >> - javaws signed trusted-only=false >> - javaws signed trusted-only=true >> - javaws signed trusted-only=illegal >> - javaws not signed trusted-only=false >> - javaws not signed trusted-only=true >> - javaws not signed trusted-only=illegal the specifying x not specifying all security is doubling the actual work on this :( >> >> However it is to much work. In long-term it would be nice to have them. For now, just extends your: >> applet not signed trusted-only=true >> by: >> javaws not signed trusted-only=true > > It's: > applet signed trusted-only=true > right now. But yes. JNLP version of the same added. > It will need to be custom eventually for the mixed signatures, though. I was intending to use just one custom reproducer to build and test all of the different cases (eventually). I see. Than please add the unsigned + trusted-only=true (it should be one line in makefile and two more tests in testcase) Also maybe add the Assert for presence of " System.out.println("TrustedOnlyAttribute applet running");" ? Also please add one html and one jnlp file witch will request the all permissions. (So the only "passing" pair of tests) and one html and one jnlp file witch will request the all permissions, but will not be signed. Assuming those eight reproducers behave corrctly ( signed + requesting, signed + not requesting, not signed + requesting, notsigned + not requesting)*(jnlp+html), all trusted-only=true and above MESSAGE_DEBUG fixed. Go on and push! From jvanek at redhat.com Thu Mar 20 17:52:11 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 18:52:11 +0100 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> Message-ID: <532B2ACB.3010509@redhat.com> On 03/14/2014 05:00 PM, Andrew Azores wrote: >> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. >> >> I gave up an code a bit O:). So user experience: >> >> >> popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd. >> Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu >> on this pposition. Should work like charm. > > This seems to work well, thanks for the tip. > >> >> I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather? > > I tried using an image now but wasn't really happy with the results. I've changed it instead to a unicode character that looks like the three horizontal line overflow menu icon that's being used by iOS and Android. I think it's pretty nice although the button is still a bit wide. > >> >> Interesting state - dialog appeared , I clicked "V" clicked show policy editor, it apeared, I >> clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal > > Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it as a modal dialog? > >> >> How does it behave for yes/no/cancel/close of policy editor? > > The CertWarningPane doesn't know about this at all. All it knows about is if it has a PolicyEditor reference, and if it does, if the editor is still open or has been closed. > >> - small nit - other codebases in editor are confusing. >> >> >> Thanx! >> J. >> > > I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase when there are also others present in the policy file. Then maybe it can be added? I think simple filter on shown list? And in this case the filter will be pre setup to show only new/edited codebase. This is also enough as next changeset (however... necessary....) Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? This may be as another changeset, but should be fixed.... Eg two containers - dialog an frame with same pannel..... Well one possible stop-show: geogebra do not start with : net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize application. The application has not been initialized, for more information execute javaws from the command line. at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute is 'all-permissions' but security is' Sandbox'. This is fatal at net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) at net.sourceforge.jnlp.runtime.JNLPClassLoader. (JNLPClassLoader.java:289) at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) ... 2 more I think it is wrong. The run-in-sandbox should skip this check or otherwise handdle it. J. From jvanek at redhat.com Thu Mar 20 18:45:31 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 19:45:31 +0100 Subject: [rfc][icedtea-web] SecurityDelegate addPermission and reference for CertWarningPane In-Reply-To: <53221874.3030302@redhat.com> References: <53221874.3030302@redhat.com> Message-ID: <532B374B.6000203@redhat.com> On 03/13/2014 09:43 PM, Andrew Azores wrote: > Hi, > > The smaller of these two patches simply exposes JNLPClassLoader#addPermission(Permission) through three new SecurityDelegate methods: #addPermission(Permission), #addPermissions(PermissionCollection), and #addPermissions(Collection). The larger patch passes a SecurityDelegate reference through the security dialog system so that the delegate is available to CertWarningPane. This is in preparation for a patch that will add "this run only" temporary permission options to the CertWarningPane, achieved by "injecting" these permissions directly into the classloader via the delegate. These extra options are not included because they are blocked on "Launching PolicyEditor from CertWarningPane", but this > infrastructure work doesn't depend on that patch. > > These two patches apply cleanly together, but certwarning-securitydelegate will have a small and easily resolvable conflict with policyeditor-in-dialog-4 if they are used together. > > (securitydelegate-addpermission) > ChangeLog: > * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, addPermissions) implement previous. > > (certwarning-securitydelegate) > ChangeLog: > * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog > * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same > * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate reference from extras into CertWarningPane constructor > * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) added SecurityDelegate parameter, add to extras array. > * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) pass null for SecurityDelegate reference > * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) added SecurityDelegate constructor parameter and (securityDelegate) field > > Thanks, > Yup. I would say ok to go. J. From aazores at redhat.com Thu Mar 20 19:08:54 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 15:08:54 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B262E.9080806@redhat.com> References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com> <532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com> Message-ID: <532B3CC6.6030309@redhat.com> On 03/20/2014 01:32 PM, Jiri Vanek wrote: > + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, > + "Trusted Only manifest attribute is \"true\". " + > signedMsg + " and requests permission level: " + securityType); > > Please, do it MESSAGE_DEBUG > > > > On 03/20/2014 05:42 PM, Andrew Azores wrote: >> On 03/20/2014 12:23 PM, Jiri Vanek wrote: >>> On 03/20/2014 04:33 PM, Andrew Azores wrote: >> >>> > ... >>> >>> >>> The reproducer is missing javaws parts and is missing correct case. >>> Minimalistical reproducer should be >>> - applet signed trusted-only=false >>> - applet signed trusted-only=true >>> - applet signed trusted-only=illegal >>> - applet mixed signatures trusted-only=false >>> - applet mixed signatures trusted-only=false >>> - applet mixed signatures trusted-only=illegal >>> - applet not signed trusted-only=false >>> - applet not signed trusted-only=true >>> - applet not signed trusted-only=illegal >>> - javaws signed trusted-only=false >>> - javaws signed trusted-only=true >>> - javaws signed trusted-only=illegal >>> - javaws not signed trusted-only=false >>> - javaws not signed trusted-only=true >>> - javaws not signed trusted-only=illegal > > the specifying x not specifying all security is doubling the actual > work on this :( >>> >>> However it is to much work. In long-term it would be nice to have >>> them. For now, just extends your: >>> applet not signed trusted-only=true >>> by: >>> javaws not signed trusted-only=true >> >> It's: >> applet signed trusted-only=true >> right now. But yes. JNLP version of the same added. > > It will need to be custom eventually for the mixed signatures, > though. I was intending to use just one custom reproducer to build and > test all of the different cases (eventually). > > > I see. Than please add the unsigned + trusted-only=true (it should > be one line in makefile and two more tests in testcase) > > Also maybe add the Assert for presence of " > System.out.println("TrustedOnlyAttribute applet running");" ? > > Also please add one html and one jnlp file witch will request the all > permissions. (So the only "passing" pair of tests) > and one html and one jnlp file witch will request the all > permissions, but will not be signed. > > Assuming those eight reproducers behave corrctly ( signed + > requesting, signed + not requesting, not signed + requesting, > notsigned + not requesting)*(jnlp+html), all trusted-only=true > and above MESSAGE_DEBUG fixed. Go on and push! > > Hmm, seems like checking for the SecurityDesc of plugin applets is not very useful. I've cut it down to 6 test cases here (all specifying Trusted-only: true), which I think is probably okay for now. The actual attribute check changed a little because I ran into an NPE and did a very very small refactor as well. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute.patch Type: text/x-patch Size: 4029 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: trusted-only-attribute-tests.patch Type: text/x-patch Size: 24841 bytes Desc: not available URL: From aazores at redhat.com Thu Mar 20 19:16:57 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 15:16:57 -0400 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <532B2ACB.3010509@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> <532B2ACB.3010509@redhat.com> Message-ID: <532B3EA9.3090702@redhat.com> On 03/20/2014 01:52 PM, Jiri Vanek wrote: > On 03/14/2014 05:00 PM, Andrew Azores wrote: >>> many import issues. Invaid(how comae? My wrong I guess) and >>> especially unused imports. >>> >>> I gave up an code a bit O:). So user experience: >>> >>> >>> popupmenu - best handling is NOT to add as component. And do not >>> show them in actionPerforemd. >>> Show them *without* parent, in mause Clicked - it have >>> positionOnScreen, and you show the poup menu >>> on this pposition. Should work like charm. >> >> This seems to work well, thanks for the tip. >> >>> >>> I would excude this "V" from pproperties. Also the button s quote >>> wide. Maybe use image rather? >> >> I tried using an image now but wasn't really happy with the results. >> I've changed it instead to a unicode character that looks like the >> three horizontal line overflow menu icon that's being used by iOS and >> Android. I think it's pretty nice although the button is still a bit >> wide. >> >>> >>> Interesting state - dialog appeared , I clicked "V" clicked show >>> policy editor, it apeared, I >>> clicked cancel in mian dilog/or ok in main dialog.. The editro >>> should be modal >> >> Hmm, well it's a JFrame, so I can't easily make it modal I don't >> think. Maybe as a separate changeset PolicyEditor can be made into a >> JDialog and CertWarningPane can then be made to use it as a modal >> dialog? >> >>> >>> How does it behave for yes/no/cancel/close of policy editor? >> >> The CertWarningPane doesn't know about this at all. All it knows >> about is if it has a PolicyEditor reference, and if it does, if the >> editor is still open or has been closed. >> >>> - small nit - other codebases in editor are confusing. >>> >>> >>> Thanx! >>> J. >>> >> >> I suppose, but PolicyEditor doesn't have any mechanism right now to >> display only one codebase when there are also others present in the >> policy file. > > Then maybe it can be added? I think simple filter on shown list? And > in this case the filter will be pre setup to show only new/edited > codebase. This is also enough as next changeset (however... > necessary....) > > Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? > This may be as another changeset, but should be fixed.... > > Eg two containers - dialog an frame with same pannel..... > Yes, both of these can/should be fixed, but as a different changeset I think. > > Well one possible stop-show: > > geogebra do not start with : > net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: > Could not initialize application. The application has not been > initialized, for more information execute javaws from the command > line. at > net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at > net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at > net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused > by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute > is 'all-permissions' but security is' Sandbox'. This is fatal at > net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) > at net.sourceforge.jnlp.runtime.JNLPClassLoader. > (JNLPClassLoader.java:289) at > net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) > at > net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) > at > net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) > at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) > ... 2 more > > I think it is wrong. The run-in-sandbox should skip this check or > otherwise handdle it. > > > J. I've added a check in checkPermissionsAttribute to skip the check if the SecurityDelegate indicates that the user has decided specifically to run the applet sandboxed. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-dialogs.patch Type: text/x-patch Size: 24689 bytes Desc: not available URL: From aazores at icedtea.classpath.org Thu Mar 20 19:23:51 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 20 Mar 2014 19:23:51 +0000 Subject: /hg/icedtea-web: 2 new changesets Message-ID: changeset 674128ef4394 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=674128ef4394 author: Andrew Azores date: Thu Mar 20 15:20:58 2014 -0400 SecurityDelegate addPermission * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, addPermissions) implement previous. changeset fb2309dfa598 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fb2309dfa598 author: Andrew Azores date: Thu Mar 20 15:23:33 2014 -0400 CertWarningPane SecurityDelegate reference Passing a reference to SecurityDelegate to CertWarningPane, so that UI elements can be added later to allow the applet to be run Sandboxed + some temporary permissions * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate reference from extras into CertWarningPane constructor * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) added SecurityDelegate parameter, add to extras array. * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) pass null for SecurityDelegate reference * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) added SecurityDelegate constructor parameter and (securityDelegate) field diffstat: ChangeLog | 25 ++++++++++ netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 23 +++++++++ netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java | 2 +- netx/net/sourceforge/jnlp/security/PluginAppVerifier.java | 2 +- netx/net/sourceforge/jnlp/security/SecurityDialog.java | 3 +- netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 8 ++- netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java | 2 +- netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 5 +- 8 files changed, 62 insertions(+), 8 deletions(-) diffs (187 lines): diff -r cea32875903d -r fb2309dfa598 ChangeLog --- a/ChangeLog Thu Mar 20 16:55:12 2014 +0100 +++ b/ChangeLog Thu Mar 20 15:23:33 2014 -0400 @@ -1,3 +1,28 @@ +2014-03-20 Andrew Azores + + Passing a reference to SecurityDelegate to CertWarningPane, so that UI + elements can be added later to allow the applet to be run Sandboxed + some + temporary permissions + * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) + pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog + * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate + reference from extras into CertWarningPane constructor + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) + added SecurityDelegate parameter, add to extras array. + * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) + pass null for SecurityDelegate reference + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) + added SecurityDelegate constructor parameter and (securityDelegate) field + +2014-03-20 Andrew Azores + + SecurityDelegate can be used to add permissions to JNLPClassLoader during + run. This is useful for adding temporary extra permissions to an applet. + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate + addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, + addPermissions) implement previous. + 2014-03-20 Jiri Vanek Clear cache function made more visible. diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 15:23:33 2014 -0400 @@ -2270,6 +2270,12 @@ public void setRunInSandbox() throws LaunchException; public boolean getRunInSandbox(); + + public void addPermission(final Permission perm); + + public void addPermissions(final PermissionCollection perms); + + public void addPermissions(final Collection perms); } /** @@ -2406,6 +2412,23 @@ return this.promptedForSandbox; } + public void addPermission(final Permission perm) { + classLoader.addPermission(perm); + } + + public void addPermissions(final PermissionCollection perms) { + Enumeration e = perms.elements(); + while (e.hasMoreElements()) { + addPermission(e.nextElement()); + } + } + + public void addPermissions(final Collection perms) { + for (final Permission perm : perms) { + addPermission(perm); + } + } + } diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java --- a/netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java Thu Mar 20 15:23:33 2014 -0400 @@ -121,7 +121,7 @@ } AppletAction action = SecurityDialogs.showCertWarningDialog( - dialogType, file, jcv); + dialogType, file, jcv, securityDelegate); if (action != AppletAction.CANCEL) { if (action == AppletAction.SANDBOX) { securityDelegate.setRunInSandbox(); diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/PluginAppVerifier.java --- a/netx/net/sourceforge/jnlp/security/PluginAppVerifier.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/PluginAppVerifier.java Thu Mar 20 15:23:33 2014 -0400 @@ -168,7 +168,7 @@ } AppletAction action = SecurityDialogs.showCertWarningDialog( - dialogType, file, jcv); + dialogType, file, jcv, securityDelegate); if (action != AppletAction.CANCEL) { if (action == AppletAction.SANDBOX) { securityDelegate.setRunInSandbox(); diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Thu Mar 20 15:23:33 2014 -0400 @@ -48,6 +48,7 @@ import javax.swing.JDialog; import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; @@ -302,7 +303,7 @@ private void installPanel() { if (dialogType == DialogType.CERT_WARNING) - panel = new CertWarningPane(this, this.certVerifier); + panel = new CertWarningPane(this, this.certVerifier, (SecurityDelegate) extras[0]); else if (dialogType == DialogType.MORE_INFO) panel = new MoreInfoPane(this, this.certVerifier); else if (dialogType == DialogType.CERT_INFO) diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Mar 20 15:23:33 2014 -0400 @@ -52,10 +52,11 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.runtime.JNLPRuntime; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; import net.sourceforge.jnlp.util.UrlUtils; -import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; /** *

@@ -197,7 +198,7 @@ * user did not accept running the applet */ public static AppletAction showCertWarningDialog(AccessType accessType, - JNLPFile file, CertVerifier certVerifier) { + JNLPFile file, CertVerifier certVerifier, SecurityDelegate securityDelegate) { if (!shouldPromptUser()) { return AppletAction.CANCEL; @@ -208,6 +209,7 @@ message.accessType = accessType; message.file = file; message.certVerifier = certVerifier; + message.extras = new Object[] { securityDelegate }; Object selectedValue = getUserResponse(message); diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java --- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Thu Mar 20 15:23:33 2014 -0400 @@ -425,7 +425,7 @@ AccessType.UNVERIFIED, null, new HttpsCertVerifier(chain, authType, isTrusted, hostMatched, - hostName)) == AppletAction.RUN; + hostName), null) == AppletAction.RUN; } }); } diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java --- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Thu Mar 20 16:55:12 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Thu Mar 20 15:23:33 2014 -0400 @@ -65,6 +65,7 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.security.CertVerifier; import net.sourceforge.jnlp.security.CertificateUtils; import net.sourceforge.jnlp.security.HttpsCertVerifier; @@ -89,10 +90,12 @@ JCheckBox alwaysTrust; CertVerifier certVerifier; + SecurityDelegate securityDelegate; - public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) { + public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) { super(x, certVerifier); this.certVerifier = certVerifier; + this.securityDelegate = securityDelegate; addComponents(); } From jvanek at redhat.com Thu Mar 20 19:41:50 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 20 Mar 2014 20:41:50 +0100 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B3CC6.6030309@redhat.com> References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com> <532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com> <532B3CC6.6030309@redhat.com> Message-ID: <532B447E.50307@redhat.com> On 03/20/2014 08:08 PM, Andrew Azores wrote: > On 03/20/2014 01:32 PM, Jiri Vanek wrote: >> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, >> + "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); >> >> Please, do it MESSAGE_DEBUG >> >> >> >> On 03/20/2014 05:42 PM, Andrew Azores wrote: >>> On 03/20/2014 12:23 PM, Jiri Vanek wrote: >>>> On 03/20/2014 04:33 PM, Andrew Azores wrote: >>> >>>> >> ... >>>> >>>> >>>> The reproducer is missing javaws parts and is missing correct case. Minimalistical reproducer should be >>>> - applet signed trusted-only=false >>>> - applet signed trusted-only=true >>>> - applet signed trusted-only=illegal >>>> - applet mixed signatures trusted-only=false >>>> - applet mixed signatures trusted-only=false >>>> - applet mixed signatures trusted-only=illegal >>>> - applet not signed trusted-only=false >>>> - applet not signed trusted-only=true >>>> - applet not signed trusted-only=illegal >>>> - javaws signed trusted-only=false >>>> - javaws signed trusted-only=true >>>> - javaws signed trusted-only=illegal >>>> - javaws not signed trusted-only=false >>>> - javaws not signed trusted-only=true >>>> - javaws not signed trusted-only=illegal >> >> the specifying x not specifying all security is doubling the actual work on this :( >>>> >>>> However it is to much work. In long-term it would be nice to have them. For now, just extends your: >>>> applet not signed trusted-only=true >>>> by: >>>> javaws not signed trusted-only=true >>> >>> It's: >>> applet signed trusted-only=true >>> right now. But yes. JNLP version of the same added. >> > It will need to be custom eventually for the mixed signatures, though. I was intending to use just one custom reproducer to build and test all of the different cases (eventually). >> >> >> I see. Than please add the unsigned + trusted-only=true (it should be one line in makefile and two more tests in testcase) >> >> Also maybe add the Assert for presence of " System.out.println("TrustedOnlyAttribute applet running");" ? >> >> Also please add one html and one jnlp file witch will request the all permissions. (So the only "passing" pair of tests) >> and one html and one jnlp file witch will request the all permissions, but will not be signed. >> >> Assuming those eight reproducers behave corrctly ( signed + requesting, signed + not requesting, not signed + requesting, notsigned + not requesting)*(jnlp+html), all trusted-only=true >> and above MESSAGE_DEBUG fixed. Go on and push! >> >> > > Hmm, seems like checking for the SecurityDesc of plugin applets is not very useful. I've cut it down to 6 test cases here (all specifying Trusted-only: true), which I think is probably okay for now. Is not?-) I was wondering from where the initial idea come.... > > The actual attribute check changed a little because I ran into an NPE and did a very very small refactor as well. > > Thanks, > What about the issue with sandbox - the same as in case of permissions att. Or not? as another changeset this should be somehow fixed. + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, => please MESSAGE_DEBUG otherwise ok to go:) From aazores at redhat.com Thu Mar 20 19:39:20 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 15:39:20 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B447E.50307@redhat.com> References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com> <532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com> <532B3CC6.6030309@redhat.com> <532B447E.50307@redhat.com> Message-ID: <532B43E8.7060904@redhat.com> On 03/20/2014 03:41 PM, Jiri Vanek wrote: > On 03/20/2014 08:08 PM, Andrew Azores wrote: >> On 03/20/2014 01:32 PM, Jiri Vanek wrote: >>> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, >>> + "Trusted Only manifest attribute is \"true\". " + signedMsg + " >>> and requests permission level: " + securityType); >>> >>> Please, do it MESSAGE_DEBUG >>> >>> >>> >>> On 03/20/2014 05:42 PM, Andrew Azores wrote: >>>> On 03/20/2014 12:23 PM, Jiri Vanek wrote: >>>>> On 03/20/2014 04:33 PM, Andrew Azores wrote: >>>> >>>>> >>> ... >>>>> >>>>> >>>>> The reproducer is missing javaws parts and is missing correct >>>>> case. Minimalistical reproducer should be >>>>> - applet signed trusted-only=false >>>>> - applet signed trusted-only=true >>>>> - applet signed trusted-only=illegal >>>>> - applet mixed signatures trusted-only=false >>>>> - applet mixed signatures trusted-only=false >>>>> - applet mixed signatures trusted-only=illegal >>>>> - applet not signed trusted-only=false >>>>> - applet not signed trusted-only=true >>>>> - applet not signed trusted-only=illegal >>>>> - javaws signed trusted-only=false >>>>> - javaws signed trusted-only=true >>>>> - javaws signed trusted-only=illegal >>>>> - javaws not signed trusted-only=false >>>>> - javaws not signed trusted-only=true >>>>> - javaws not signed trusted-only=illegal >>> >>> the specifying x not specifying all security is doubling the actual >>> work on this :( >>>>> >>>>> However it is to much work. In long-term it would be nice to have >>>>> them. For now, just extends your: >>>>> applet not signed trusted-only=true >>>>> by: >>>>> javaws not signed trusted-only=true >>>> >>>> It's: >>>> applet signed trusted-only=true >>>> right now. But yes. JNLP version of the same added. >>> > It will need to be custom eventually for the mixed signatures, >>> though. I was intending to use just one custom reproducer to build >>> and test all of the different cases (eventually). >>> >>> >>> I see. Than please add the unsigned + trusted-only=true (it should >>> be one line in makefile and two more tests in testcase) >>> >>> Also maybe add the Assert for presence of " >>> System.out.println("TrustedOnlyAttribute applet running");" ? >>> >>> Also please add one html and one jnlp file witch will request the >>> all permissions. (So the only "passing" pair of tests) >>> and one html and one jnlp file witch will request the all >>> permissions, but will not be signed. >>> >>> Assuming those eight reproducers behave corrctly ( signed + >>> requesting, signed + not requesting, not signed + requesting, >>> notsigned + not requesting)*(jnlp+html), all trusted-only=true >>> and above MESSAGE_DEBUG fixed. Go on and push! >>> >>> >> >> Hmm, seems like checking for the SecurityDesc of plugin applets is >> not very useful. I've cut it down to 6 test cases here (all >> specifying Trusted-only: true), which I think is probably okay for now. > Is not?-) I was wondering from where the initial idea come.... > >> >> The actual attribute check changed a little because I ran into an NPE >> and did a very very small refactor as well. >> >> Thanks, >> > > What about the issue with sandbox - the same as in case of permissions > att. Or not? Yea. It should be sufficient to just add that condition for the isFullySigned variable. Either the applet is actually fully signed, or it's partially signed and the SecurityDelegate says the user manually chose to run in sandbox. > > as another changeset this should be somehow fixed. > > + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, > => please MESSAGE_DEBUG > > otherwise ok to go:) Crap :) I was using this for myself for debugging the tests, and forgot to put it back. Sorry! Thanks, -- Andrew A From aazores at icedtea.classpath.org Thu Mar 20 19:45:39 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 20 Mar 2014 19:45:39 +0000 Subject: /hg/icedtea-web: Trusted-only manifest attribute implementation Message-ID: changeset 022f56ff692f in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=022f56ff692f author: Andrew Azores date: Thu Mar 20 15:45:13 2014 -0400 Trusted-only manifest attribute implementation Trusted-only manifest attribute implementation * netx/net/sourceforge/jnlp/resources/Messages.properties: (STrustedOnlyAttributeFailure) new message * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: added ManifestsAttributesValidator#checkTrustedOnlyAttribute() to constructor * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: (checkTrustedOnlyAttribute) new method * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp: new tests for Trusted-only attribute * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html * tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF * tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile * tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java * tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java diffstat: ChangeLog | 21 ++ netx/net/sourceforge/jnlp/resources/Messages.properties | 1 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 1 + netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java | 46 ++++- tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp | 58 +++++ tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp | 61 +++++ tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html | 49 ++++ tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp | 58 +++++ tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp | 61 +++++ tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html | 49 ++++ tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF | 1 + tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile | 29 ++ tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java | 50 ++++ tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java | 102 ++++++++++ 14 files changed, 585 insertions(+), 2 deletions(-) diffs (truncated from 664 to 500 lines): diff -r fb2309dfa598 -r 022f56ff692f ChangeLog --- a/ChangeLog Thu Mar 20 15:23:33 2014 -0400 +++ b/ChangeLog Thu Mar 20 15:45:13 2014 -0400 @@ -1,3 +1,24 @@ +2014-03-20 Andrew Azores + + Trusted-only manifest attribute implementation + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (STrustedOnlyAttributeFailure) new message + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: added + ManifestsAttributesValidator#checkTrustedOnlyAttribute() to constructor + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + (checkTrustedOnlyAttribute) new method + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp: + new tests for Trusted-only attribute + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp + * tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html + * tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF + * tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile + * tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java + * tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java + 2014-03-20 Andrew Azores Passing a reference to SecurityDelegate to CertWarningPane, so that UI diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 20 15:23:33 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 20 15:45:13 2014 -0400 @@ -299,6 +299,7 @@ SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}" SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. SAppletTitle=Applet title: {0} +STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed. # Security - used for the More Information dialog SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 15:23:33 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 15:45:13 2014 -0400 @@ -285,6 +285,7 @@ setSecurity(); ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing); + mav.checkTrustedOnlyAttribute(); mav.checkCodebaseAttribute(); mav.checkPermissionsAttribute(); mav.checkApplicationLibraryAllowableCodebaseAttribute(); diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 15:23:33 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 15:45:13 2014 -0400 @@ -66,8 +66,50 @@ this.file = file; this.signing = signing; } - - + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only + */ + void checkTrustedOnlyAttribute() throws LaunchException { + final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly(); + if (trustedOnly == ManifestBoolean.UNDEFINED) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing."); + return; + } + + if (trustedOnly == ManifestBoolean.FALSE) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing."); + return; + } + + final Object desc = security.getSecurityType(); + + final String securityType; + if (desc == null) { + securityType = "Not Specified"; + } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) { + securityType = "All-Permission"; + } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { + securityType = "Sandbox"; + } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) { + securityType = "J2EE"; + } else { + securityType = "Unknown"; + } + + final boolean isFullySigned = signing == SigningState.FULL; + final String signedMsg; + if (isFullySigned) { + signedMsg = "The applet is fully signed"; + } else { + signedMsg = "The applet is not fully signed"; + } + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, + "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); + if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) { + throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType)); + } + } /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,58 @@ + + + + + + TrustedOnlyAttribute + IcedTea + + Trusted-only Manifest Attribute Test + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,61 @@ + + + + + + TrustedOnlyAttribute + IcedTea + + Trusted-only Manifest Attribute Test + + + + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,49 @@ + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,58 @@ + + + + + + TrustedOnlyAttribute + IcedTea + + Trusted-only Manifest Attribute Test + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,61 @@ + + + + + + TrustedOnlyAttribute + IcedTea + + Trusted-only Manifest Attribute Test + + + + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,49 @@ + + + + + + + + + diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,1 @@ +Trusted-only: true diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile Thu Mar 20 15:45:13 2014 -0400 @@ -0,0 +1,29 @@ +TESTNAME=TrustedOnlyAttribute + +JARSIGNER=$(BOOT_DIR)/bin/jarsigner +JAVAC=$(BOOT_DIR)/bin/javac +JAR=$(BOOT_DIR)/bin/jar + +TMPDIR:=$(shell mktemp -d) + +prepare-reproducer: + echo PREPARING REPRODUCER $(TESTNAME) in $(TMPDIR) + + cp MANIFEST.MF $(TMPDIR) ; \ + $(JAVAC) -d $(TMPDIR) $(TESTNAME).java ; \ + + cd $(TMPDIR) ; \ + $(JAR) cvfm $(TESTNAME)Signed.jar MANIFEST.MF $(TESTNAME).class ; \ + $(JAR) cvfm $(TESTNAME)Unsigned.jar MANIFEST.MF $(TESTNAME).class ; \ + $(BOOT_DIR)/bin/jarsigner -keystore $(TOP_BUILD_DIR)/$(PRIVATE_KEYSTORE_NAME) -storepass $(PRIVATE_KEYSTORE_PASS) \ + -keypass $(PRIVATE_KEYSTORE_PASS) "$(TMPDIR)/$(TESTNAME)Signed.jar" $(TEST_CERT_ALIAS)_signed ; \ + + cd $(TMPDIR); \ + mv $(TESTNAME)Signed.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \ + mv $(TESTNAME)Unsigned.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \ + + echo PREPARED REPRODUCER $(TESTNAME), removing $(TMPDIR) From aazores at redhat.com Thu Mar 20 19:57:00 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 20 Mar 2014 15:57:00 -0400 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <532B3EA9.3090702@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> <532B2ACB.3010509@redhat.com> <532B3EA9.3090702@redhat.com> Message-ID: <532B480C.4070304@redhat.com> On 03/20/2014 03:16 PM, Andrew Azores wrote: > On 03/20/2014 01:52 PM, Jiri Vanek wrote: >> On 03/14/2014 05:00 PM, Andrew Azores wrote: >>>> many import issues. Invaid(how comae? My wrong I guess) and >>>> especially unused imports. >>>> >>>> I gave up an code a bit O:). So user experience: >>>> >>>> >>>> popupmenu - best handling is NOT to add as component. And do not >>>> show them in actionPerforemd. >>>> Show them *without* parent, in mause Clicked - it have >>>> positionOnScreen, and you show the poup menu >>>> on this pposition. Should work like charm. >>> >>> This seems to work well, thanks for the tip. >>> >>>> >>>> I would excude this "V" from pproperties. Also the button s quote >>>> wide. Maybe use image rather? >>> >>> I tried using an image now but wasn't really happy with the results. >>> I've changed it instead to a unicode character that looks like the >>> three horizontal line overflow menu icon that's being used by iOS >>> and Android. I think it's pretty nice although the button is still a >>> bit wide. >>> >>>> >>>> Interesting state - dialog appeared , I clicked "V" clicked show >>>> policy editor, it apeared, I >>>> clicked cancel in mian dilog/or ok in main dialog.. The editro >>>> should be modal >>> >>> Hmm, well it's a JFrame, so I can't easily make it modal I don't >>> think. Maybe as a separate changeset PolicyEditor can be made into a >>> JDialog and CertWarningPane can then be made to use it as a modal >>> dialog? >>> >>>> >>>> How does it behave for yes/no/cancel/close of policy editor? >>> >>> The CertWarningPane doesn't know about this at all. All it knows >>> about is if it has a PolicyEditor reference, and if it does, if the >>> editor is still open or has been closed. >>> >>>> - small nit - other codebases in editor are confusing. >>>> >>>> >>>> Thanx! >>>> J. >>>> >>> >>> I suppose, but PolicyEditor doesn't have any mechanism right now to >>> display only one codebase when there are also others present in the >>> policy file. >> >> Then maybe it can be added? I think simple filter on shown list? And >> in this case the filter will be pre setup to show only new/edited >> codebase. This is also enough as next changeset (however... >> necessary....) >> >> Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? >> This may be as another changeset, but should be fixed.... >> >> Eg two containers - dialog an frame with same pannel..... >> > > Yes, both of these can/should be fixed, but as a different changeset I > think. > >> >> Well one possible stop-show: >> >> geogebra do not start with : >> net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: >> Could not initialize application. The application has not been >> initialized, for more information execute javaws from the command >> line. at >> net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at >> net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at >> net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused >> by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute >> is 'all-permissions' but security is' Sandbox'. This is fatal at >> net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) >> at net.sourceforge.jnlp.runtime.JNLPClassLoader. >> (JNLPClassLoader.java:289) at >> net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) >> at >> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) >> at >> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) >> at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) >> ... 2 more >> >> I think it is wrong. The run-in-sandbox should skip this check or >> otherwise handdle it. >> >> >> J. > > I've added a check in checkPermissionsAttribute to skip the check if > the SecurityDelegate indicates that the user has decided specifically > to run the applet sandboxed. > > Thanks, > Tiny update, cleanly applies on new HEAD (with Trusted-only). Also threw in the one-line fix for Trusted-only and Sandbox. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-dialogs-2.patch Type: text/x-patch Size: 25448 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Thu Mar 20 20:42:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 20 Mar 2014 20:42:05 +0000 Subject: [Bug 1719] New: A fatal error has been detected by the Java Runtime Environment Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719 Bug ID: 1719 Summary: A fatal error has been detected by the Java Runtime Environment Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: critical Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: g.u.siegenthaler at kabelbw.de CC: unassigned at icedtea.classpath.org Created attachment 1054 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1054&action=edit See hs_error.log! Having opened oowriter (part of LibreOffice) on a terminal the application crashed when I tried to store the text. The following error message appeared: ibs at linux:~> oowriter & [1] 5834 ibs at linux:~> # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x00007fc8d2e6b270, pid=5849, tid=140500596140608 # # JRE version: OpenJDK Runtime Environment (7.0_51) (build 1.7.0_51-b00) # Java VM: OpenJDK 64-Bit Server VM (24.45-b08 mixed mode linux-amd64 compressed oops) # Problematic frame: # C [libgobject-2.0.so.0+0x33270] g_type_check_instance_cast+0x10 # # Core dump written. Default location: /home/ibs/core or core.5849 # # An error report file with more information is saved as: # /tmp/jvm-5849/hs_error.log # # If you would like to submit a bug report, please include # instructions on how to reproduce the bug and visit: # http://icedtea.classpath.org/bugzilla # [error occurred during error reporting , id 0xb] I try to add the error report file to the attachment -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 09:02:40 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 09:02:40 +0000 Subject: [Bug 1425] Improve plugin.xml authoring support In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1425 Severin Gehwolf changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |sgehwolf at redhat.com Blocks|1415 |1700 Assignee|unassigned at icedtea.classpat |omajid at redhat.com |h.org | --- Comment #1 from Severin Gehwolf --- Moving bug to more appropriate tracker. -- You are receiving this mail because: You are the assignee for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 09:04:09 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 09:04:09 +0000 Subject: [Bug 1424] Bring eclipse plugin to feature-parity with the swing gui In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1424 Severin Gehwolf changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |sgehwolf at redhat.com Resolution|--- |WONTFIX --- Comment #1 from Severin Gehwolf --- Unfortunately we can't maintain the eclipse based client any longer, lest bring it up to feature parity due to lack of resources. Closing as won't fix. -- You are receiving this mail because: You are the assignee for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ptisnovs at icedtea.classpath.org Fri Mar 21 10:21:13 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 21 Mar 2014 10:21:13 +0000 Subject: /hg/gfx-test: Added new tests into CAGOperationsOnTwoTouchingCir... Message-ID: changeset 842891bb6f30 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=842891bb6f30 author: Pavel Tisnovsky date: Fri Mar 21 11:21:55 2014 +0100 Added new tests into CAGOperationsOnTwoTouchingCircles test suite. Updated (c) year. diffstat: ChangeLog | 9 + src/org/gfxtest/testsuites/BitBltMirrorImage.java | 2 +- src/org/gfxtest/testsuites/BitBltRotateImage.java | 2 +- src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java | 125 ++++++++++ 4 files changed, 136 insertions(+), 2 deletions(-) diffs (175 lines): diff -r bcdf88e32236 -r 842891bb6f30 ChangeLog --- a/ChangeLog Thu Mar 20 09:36:49 2014 +0100 +++ b/ChangeLog Fri Mar 21 11:21:55 2014 +0100 @@ -1,3 +1,12 @@ +2014-03-21 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltMirrorImage.java: + Updated (c) year. + * src/org/gfxtest/testsuites/BitBltRotateImage.java: + Updated (c) year. + * src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java: + Added new tests into CAGOperationsOnTwoTouchingCircles test suite. + 2014-03-20 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltBufferedImageOp.java: diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/BitBltMirrorImage.java --- a/src/org/gfxtest/testsuites/BitBltMirrorImage.java Thu Mar 20 09:36:49 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltMirrorImage.java Fri Mar 21 11:21:55 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2010, 2011, 2012 Red Hat + Copyright (C) 2010, 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/BitBltRotateImage.java --- a/src/org/gfxtest/testsuites/BitBltRotateImage.java Thu Mar 20 09:36:49 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltRotateImage.java Fri Mar 21 11:21:55 2014 +0100 @@ -1,7 +1,7 @@ /* Java gfx-test framework - Copyright (C) 2010, 2011, 2012 Red Hat + Copyright (C) 2010, 2011, 2012, 2013, 2014 Red Hat This file is part of IcedTea. diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java --- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Thu Mar 20 09:36:49 2014 +0100 +++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Fri Mar 21 11:21:55 2014 +0100 @@ -1607,6 +1607,131 @@ return TestResult.PASSED; } + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using inverse subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testInverseSubtractTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d); + // create area using inverse subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Intersect operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testIntersectTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d); + // create area using Intersect operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Xor operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d); + // create area using Xor operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using union operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + // create area using union operator Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); // draw the area From ptisnovs at icedtea.classpath.org Fri Mar 21 10:41:37 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 21 Mar 2014 10:41:37 +0000 Subject: /hg/rhino-tests: Enhancements of various tests in ScriptEngineCl... Message-ID: changeset c4c9da65a928 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=c4c9da65a928 author: Pavel Tisnovsky date: Fri Mar 21 11:42:16 2014 +0100 Enhancements of various tests in ScriptEngineClassTest. diffstat: ChangeLog | 5 ++++ src/org/RhinoTests/ScriptEngineClassTest.java | 32 +++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 0 deletions(-) diffs (61 lines): diff -r 6c88fa309557 -r c4c9da65a928 ChangeLog --- a/ChangeLog Thu Mar 20 09:34:13 2014 +0100 +++ b/ChangeLog Fri Mar 21 11:42:16 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-21 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineClassTest.java: + Enhancements of various tests in ScriptEngineClassTest. + 2014-03-20 Pavel Tisnovsky * src/org/RhinoTests/ScriptExceptionClassTest.java: diff -r 6c88fa309557 -r c4c9da65a928 src/org/RhinoTests/ScriptEngineClassTest.java --- a/src/org/RhinoTests/ScriptEngineClassTest.java Thu Mar 20 09:34:13 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineClassTest.java Fri Mar 21 11:42:16 2014 +0100 @@ -1891,6 +1891,30 @@ } try { + this.scriptEngineClass.cast(new java.awt.Label()); + throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptEngineClass.cast(new java.awt.Label(new String())); + throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { + this.scriptEngineClass.cast(new java.awt.Label("xyzzy")); + throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineClass.cast(new javax.swing.JLabel()); throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception"); } @@ -1907,6 +1931,14 @@ } try { + this.scriptEngineClass.cast(new javax.swing.JLabel("xyzzy")); + throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception"); + } + catch (Exception e) { + // expected exception + } + + try { this.scriptEngineClass.cast(new javax.swing.JPanel()); throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception"); } From omajid at redhat.com Fri Mar 21 14:51:43 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 21 Mar 2014 10:51:43 -0400 Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate Class In-Reply-To: <532B03BB.6050001@redhat.com> References: <532B03BB.6050001@redhat.com> Message-ID: <20140321145143.GB6449@redhat.com> * Jiri Vanek [2014-03-20 11:01]: > +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 16:04:20 2014 +0100 > +public class ManifestsAttributesValidator { Can you please add a unit test for this class? It's nice to 'document' the behaviour using a test. > + public static URL guessCodeBase(JNLPFile file) { > + if (file.getCodeBase() != null) { > + return file.getCodeBase(); > + } else { > + //Fixme: codebase should be the codebase of the Main Jar not > + //the location. Although, it still works in the current state. > + return file.getResources().getMainJAR().getLocation(); > + } I am not sure if UrlUtils is the right place to move this method. It has very little to do with manipulating URLs (which is what the rest of the methods in this class do). Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Fri Mar 21 15:06:30 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 21 Mar 2014 16:06:30 +0100 Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate Class In-Reply-To: <20140321145143.GB6449@redhat.com> References: <532B03BB.6050001@redhat.com> <20140321145143.GB6449@redhat.com> Message-ID: <532C5576.5010206@redhat.com> On 03/21/2014 03:51 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-20 11:01]: >> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 16:04:20 2014 +0100 > >> +public class ManifestsAttributesValidator { > > Can you please add a unit test for this class? It's nice to 'document' > the behaviour using a test. > >> + public static URL guessCodeBase(JNLPFile file) { >> + if (file.getCodeBase() != null) { >> + return file.getCodeBase(); >> + } else { >> + //Fixme: codebase should be the codebase of the Main Jar not >> + //the location. Although, it still works in the current state. >> + return file.getResources().getMainJAR().getLocation(); >> + } > > I am not sure if UrlUtils is the right place to move this method. It has > very little to do with manipulating URLs (which is what the rest of the > methods in this class do). > > Thanks, > Omair > uff... This is already pushed, and right now there is really lack of time for unittest. As this class is inherently tested by JNLPFile test, I would rather not insists. As for guessCodeBase - where to move it? As I told. I wold rather skipp both suggestions rightnow :( J. From omajid at redhat.com Fri Mar 21 15:16:39 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 21 Mar 2014 11:16:39 -0400 Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate Class In-Reply-To: <532C5576.5010206@redhat.com> References: <532B03BB.6050001@redhat.com> <20140321145143.GB6449@redhat.com> <532C5576.5010206@redhat.com> Message-ID: <20140321151639.GD6449@redhat.com> * Jiri Vanek [2014-03-21 11:06]: > uff... This is already pushed, and right now there is really lack of time for unittest. Can I ask for features to be considered 'incomplete' without unit tests? You know (more than me) about benefits of testing :) > As this class is inherently tested by JNLPFile test, I would rather not insists. Okay, but unit tests are nice to have as documentation too. Also, if JNLPFile tests are unit tests, they really should be testing just JNLPFile only and not another class. > As for guessCodeBase - where to move it? I don't have a good idea about where to put it. If this is only called from one place, I would leave it as a private method for now. If it's called from multiple places, please leave it where it is currently. This is not the cleanest solution, but I think it's a good idea to demarcate clean libraries as 'clean' and not allow things-we-are-unsure-about or methods-that-dont-quite-fit-the-abstraction in there. > As I told. I wold rather skipp both suggestions rightnow :( As maintainer, it's your call. I would urge you to reconsider, though. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From omajid at redhat.com Fri Mar 21 14:56:39 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 21 Mar 2014 10:56:39 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532B0A39.6060102@redhat.com> References: <532B0A39.6060102@redhat.com> Message-ID: <20140321145639.GC6449@redhat.com> * Andrew Azores [2014-03-20 11:35]: > +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java > + void checkTrustedOnlyAttribute() throws LaunchException { A stylistic nit: if you ask me to use a class named *Validator, I will look for the validate* method as the first thing. If the class is named *Checker, then maybe a check* method makes more sense. What do you think? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Fri Mar 21 15:27:12 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 21 Mar 2014 16:27:12 +0100 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <20140321145639.GC6449@redhat.com> References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com> Message-ID: <532C5A50.6060400@redhat.com> On 03/21/2014 03:56 PM, Omair Majid wrote: > * Andrew Azores [2014-03-20 11:35]: >> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java > >> + void checkTrustedOnlyAttribute() throws LaunchException { > > A stylistic nit: if you ask me to use a class named *Validator, I will > look for the validate* method as the first thing. If the class is named > *Checker, then maybe a check* method makes more sense. > > What do you think? > > Thanks, > Omair > the small refactoring ManifestsAttributesValidator -> ManifestsAttributesChecker and all its current methods started with check is probably worthy to do... J. From jvanek at redhat.com Fri Mar 21 15:30:10 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 21 Mar 2014 16:30:10 +0100 Subject: [rfc][icedtea-web] cache tweeks In-Reply-To: <532B07FC.3050401@redhat.com> References: <532AFC0A.5040501@redhat.com> <532B07FC.3050401@redhat.com> Message-ID: <532C5B02.5020108@redhat.com> On 03/20/2014 04:23 PM, Andrew Azores wrote: > On 03/20/2014 10:32 AM, Jiri Vanek wrote: >> releaseLock is bug, found thanx to tweeksToCache work. >> releaseLock is releasing the never released lock. It is not 100% fix but for deeper fixing this >> needs to wait for cache revisite. ntil now it was invisible, because jvm always terminated after >> clean-cache. >> >> The tweeksToCache is doing the only thing - making clear cache more visible. Righ ntnow it exists >> only as cmd switch, and as feature in itw-settings->cache->view Fiels->delete on by one. >> Now one can itw-settings->cache->view Files->delete all. >> Delete all is also presented on error dialogs - with tooltip why. >> >> Motivation? - tired to close bugs by "clear cache first please" "how" "...:x..." "It started to work" >> >> Thanx! >> J. > > There's some weird formatting going on in the cache tweaks patch. invokeLaterDeleteAll, > disableButtons, restoreDisabled, and visualCleanCache all have various indentation issues. > > Otherwise I think this is okay. > > Thanks, > Few more nits to this topic. - improved messages - exception shown to user as "what to do now" J. -------------- next part -------------- A non-text attachment was scrubbed... Name: minorClearCacheFix.patch Type: text/x-patch Size: 2983 bytes Desc: not available URL: From jvanek at redhat.com Fri Mar 21 15:48:53 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Fri, 21 Mar 2014 16:48:53 +0100 Subject: [rfc][icedtea-web] Reprint of application logs to console Message-ID: <532C5F65.8080709@redhat.com> If application is calling system.out/err.print(ln) for some kind of debugging, then it is *maybe* good to show it in our debug console. With its powerful features it may be usefull debugging tool for developers. tbh, I'm not sure if this is wonted feature, but I somehow think it should be there. I also think previous console did it. So should new. And ... it really looks cool :) The suspicious code is: private void copyRichActionPerformed(java.awt.event.ActionEvent evt) { and private void copyPlainActionPerformed(java.awt.event.ActionEvent evt) { + if (canChange) { + showApp.setSelected(false); + refreshAction(); + canChange = false; + } fillClipBoard(false, sortCopyAll.isSelected()); } What I wont to do is, to have it shown b default, but not include it in first copy-all. Reason is, that copy all should be the most natural way to report bug. And in this the application logs should not occur. But maybe sometimes may be usefull, so not inclusion is done only once time. J. -------------- next part -------------- A non-text attachment was scrubbed... Name: allCopiedStdOuts.patch Type: text/x-patch Size: 21900 bytes Desc: not available URL: From omajid at redhat.com Fri Mar 21 15:57:52 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 21 Mar 2014 11:57:52 -0400 Subject: [rfc][icedtea-web] Reprint of application logs to console In-Reply-To: <532C5F65.8080709@redhat.com> References: <532C5F65.8080709@redhat.com> Message-ID: <20140321155752.GE6449@redhat.com> Hi I haven't reviewed the patch, but just wanted to comment on something. * Jiri Vanek [2014-03-21 11:51]: > If application is calling system.out/err.print(ln) for some kind of > debugging, then it is *maybe* good to show it in our debug console. > With its powerful features it may be usefull debugging tool for > developers. I would replace 'maybe' with 'definitely'. > tbh, I'm not sure if this is wonted feature, but I somehow think it > should be there. I also think previous console did it. So should > new. And ... it really looks cool :) I think this is definitely worth having. And yes, I implemented this in the older console. The console that is part of the proprietary plugin does this too. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From andrew at icedtea.classpath.org Fri Mar 21 17:39:48 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 17:39:48 +0000 Subject: /hg/release/icedtea7-2.4: 3 new changesets Message-ID: changeset f59e4269da38 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=f59e4269da38 author: Andrew John Hughes date: Fri Feb 21 22:04:31 2014 +0000 Avoid giving PAX_COMMAND a value if no PaX utility is available. 2014-02-21 Andrew John Hughes * acinclude.m4: (IT_WITH_PAX): Leave PAX_COMMAND with the empty string rather than "not specified" to avoid build failures. * pax-mark-vm.in: Update PAX_COMMAND check. changeset 5c3c415fa3ef in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=5c3c415fa3ef author: Andrew John Hughes date: Fri Mar 21 17:38:41 2014 +0000 PR1684: Build fails with empty PAX_COMMAND 2014-02-24 Andrew John Hughes PR1684: Build fails with empty PAX_COMMAND * Makefile.am: (ICEDTEA_ENV): Only add PAX_COMMAND when defined. * NEWS: Updated. changeset 45b209e92979 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=45b209e92979 author: Andrew John Hughes date: Fri Mar 21 17:39:17 2014 +0000 Add Gentoo bug reference for PaX update. 2014-02-24 Andrew John Hughes * NEWS: Add Gentoo bug reference for PaX update. diffstat: ChangeLog | 20 ++++++++++++++++++++ Makefile.am | 8 ++++++-- NEWS | 3 ++- acinclude.m4 | 7 ++----- pax-mark-vm.in | 2 +- 5 files changed, 31 insertions(+), 9 deletions(-) diffs (102 lines): diff -r a03874670653 -r 45b209e92979 ChangeLog --- a/ChangeLog Mon Mar 17 16:42:38 2014 +0000 +++ b/ChangeLog Fri Mar 21 17:39:17 2014 +0000 @@ -1,3 +1,23 @@ +2014-02-24 Andrew John Hughes + + * NEWS: Add Gentoo bug reference for + PaX update. + +2014-02-24 Andrew John Hughes + + PR1684: Build fails with empty PAX_COMMAND + * Makefile.am: + (ICEDTEA_ENV): Only add PAX_COMMAND when defined. + * NEWS: Updated. + +2014-02-21 Andrew John Hughes + + * acinclude.m4: + (IT_WITH_PAX): Leave PAX_COMMAND with the empty + string rather than "not specified" to avoid build + failures. + * pax-mark-vm.in: Update PAX_COMMAND check. + 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, diff -r a03874670653 -r 45b209e92979 Makefile.am --- a/Makefile.am Mon Mar 17 16:42:38 2014 +0000 +++ b/Makefile.am Fri Mar 21 17:39:17 2014 +0000 @@ -484,8 +484,7 @@ JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \ COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \ UNLIMITED_CRYPTO="true" \ - ARM32JIT="${ARM32JIT_STATUS}" \ - PAX_COMMAND="${PAX_COMMAND}" + ARM32JIT="${ARM32JIT_STATUS}" if ENABLE_CACAO ICEDTEA_ENV += \ @@ -596,6 +595,11 @@ KRB5_CFLAGS="${KRB5_CFLAGS}" endif +if WITH_PAX +ICEDTEA_ENV += \ + PAX_COMMAND="${PAX_COMMAND}" +endif + # OpenJDK boot build environment. ICEDTEA_ENV_BOOT = $(ICEDTEA_ENV) \ BOOTCLASSPATH_CLS_RT="-bootclasspath $(CLS_DIR_BOOT):$(RUNTIME)" \ diff -r a03874670653 -r 45b209e92979 NEWS --- a/NEWS Mon Mar 17 16:42:38 2014 +0000 +++ b/NEWS Fri Mar 21 17:39:17 2014 +0000 @@ -20,8 +20,9 @@ * Bug fixes - PR1101: Undefined symbols on GNU/Linux SPARC - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set - - PR1677: Update PaX support to detect running PaX kernel and use newer tools + - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1679: Allow OpenJDK to build on PaX-enabled kernels + - PR1684: Build fails with empty PAX_COMMAND - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - Link against $(LIBDL) if SYSTEM_CUPS is not true * ARM port diff -r a03874670653 -r 45b209e92979 acinclude.m4 --- a/acinclude.m4 Mon Mar 17 16:42:38 2014 +0000 +++ b/acinclude.m4 Fri Mar 21 17:39:17 2014 +0000 @@ -2356,10 +2356,7 @@ fi fi fi - if test -z "${PAX_COMMAND}"; then - PAX_COMMAND="not specified" - PAX_COMMAND_ARGS="not specified" - else + if test -n "${PAX_COMMAND}"; then AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}]) case "${host_cpu}" in i?86) @@ -2371,7 +2368,7 @@ esac AC_MSG_RESULT(${PAX_COMMAND_ARGS}) fi - AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified") + AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "x") AC_SUBST(PAX_COMMAND) AC_SUBST(PAX_COMMAND_ARGS) ]) diff -r a03874670653 -r 45b209e92979 pax-mark-vm.in --- a/pax-mark-vm.in Mon Mar 17 16:42:38 2014 +0000 +++ b/pax-mark-vm.in Fri Mar 21 17:39:17 2014 +0000 @@ -5,7 +5,7 @@ file "$@" 2> /dev/null | grep -E 'ELF.*(executable|shared object)' | sed -e 's/: .*$//' } -if test "@PAX_COMMAND@" != "not specified"; then +if test "x at PAX_COMMAND@" != "x"; then for paxable in `list_paxables "${1}"/bin/* "${1}"/jre/bin/*`; do echo "PaX mark @PAX_COMMAND_ARGS@ ${paxable}" @PAX_COMMAND@ @PAX_COMMAND_ARGS@ "${paxable}" From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 17:39:56 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 17:39:56 +0000 Subject: [Bug 1684] [IcedTea7] Build fails with empty PAX_COMMAND In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1684 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=5c3c415fa3ef author: Andrew John Hughes date: Fri Mar 21 17:38:41 2014 +0000 PR1684: Build fails with empty PAX_COMMAND 2014-02-24 Andrew John Hughes PR1684: Build fails with empty PAX_COMMAND * Makefile.am: (ICEDTEA_ENV): Only add PAX_COMMAND when defined. * NEWS: Updated. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 17:49:07 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 17:49:07 +0000 Subject: /hg/release/icedtea7-forest-2.4/jdk: Turn ARM32 JIT on by default Message-ID: changeset b5282042aae0 in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=b5282042aae0 author: andrew date: Fri Mar 21 17:48:59 2014 +0000 Turn ARM32 JIT on by default diffstat: make/jdk_generic_profile.sh | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 1e3bd243269a -r b5282042aae0 make/jdk_generic_profile.sh --- a/make/jdk_generic_profile.sh Tue Mar 18 17:10:07 2014 +0000 +++ b/make/jdk_generic_profile.sh Fri Mar 21 17:48:59 2014 +0000 @@ -481,3 +481,7 @@ export USE_SYSTEM_PNG=true export USE_SYSTEM_GIF=true export SYSTEM_KRB5=true + +# IcedTea default; turn on the ARM32 JIT +export ARM32JIT=true + From andrew at icedtea.classpath.org Fri Mar 21 17:50:40 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 17:50:40 +0000 Subject: /hg/release/icedtea7-2.4: Turn ARM32 JIT on by default. Message-ID: changeset ec74d72298dd in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=ec74d72298dd author: Andrew John Hughes date: Fri Mar 21 17:50:28 2014 +0000 Turn ARM32 JIT on by default. 2014-03-21 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ARM32JIT): Turn JIT on by default. diffstat: ChangeLog | 5 +++++ acinclude.m4 | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-) diffs (24 lines): diff -r 45b209e92979 -r ec74d72298dd ChangeLog --- a/ChangeLog Fri Mar 21 17:39:17 2014 +0000 +++ b/ChangeLog Fri Mar 21 17:50:28 2014 +0000 @@ -1,3 +1,8 @@ +2014-03-21 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Turn JIT on by default. + 2014-02-24 Andrew John Hughes * NEWS: Add Gentoo bug reference for diff -r 45b209e92979 -r ec74d72298dd acinclude.m4 --- a/acinclude.m4 Fri Mar 21 17:39:17 2014 +0000 +++ b/acinclude.m4 Fri Mar 21 17:50:28 2014 +0000 @@ -2637,7 +2637,7 @@ esac ], [ - enable_arm32jit=no + enable_arm32jit=yes ]) AC_MSG_RESULT([$enable_arm32jit]) AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") From andrew at icedtea.classpath.org Fri Mar 21 17:52:33 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 17:52:33 +0000 Subject: /hg/icedtea7: Turn ARM32 JIT on by default. Message-ID: changeset f4920229fa73 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=f4920229fa73 author: Andrew John Hughes date: Fri Mar 21 17:50:28 2014 +0000 Turn ARM32 JIT on by default. 2014-03-21 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ARM32JIT): Turn JIT on by default. diffstat: ChangeLog | 7 ++++++- acinclude.m4 | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diffs (26 lines): diff -r b1043cc0cd82 -r f4920229fa73 ChangeLog --- a/ChangeLog Sat Mar 08 18:06:34 2014 +0000 +++ b/ChangeLog Fri Mar 21 17:50:28 2014 +0000 @@ -1,4 +1,9 @@ -2014-03-07 Andrew John Hughes +2014-03-21 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Turn JIT on by default. + +2014-03-08 Andrew John Hughes * acinclude: (IT_CHECK_FOR_PCSC): Default to off. diff -r b1043cc0cd82 -r f4920229fa73 acinclude.m4 --- a/acinclude.m4 Sat Mar 08 18:06:34 2014 +0000 +++ b/acinclude.m4 Fri Mar 21 17:50:28 2014 +0000 @@ -2669,7 +2669,7 @@ esac ], [ - enable_arm32jit=no + enable_arm32jit=yes ]) AC_MSG_RESULT([$enable_arm32jit]) AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:02:20 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:02:20 +0000 Subject: [Bug 1720] New: Crashes when attempting to build uPortal Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720 Bug ID: 1720 Summary: Crashes when attempting to build uPortal Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: critical Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: lst_manage at webengineer.com CC: unassigned at icedtea.classpath.org During uPortal build: [artifact:mvn] # [artifact:mvn] # A fatal error has been detected by the Java Runtime Environment: [artifact:mvn] # [artifact:mvn] # SIGSEGV (0xb) at pc=0x00007f314501f73d, pid=25892, tid=139849734035200 [artifact:mvn] # [artifact:mvn] # JRE version: OpenJDK Runtime Environment (7.0_51-b31) (build 1.7.0_51-mockbuild_2014_01_31_16_21-b00) [artifact:mvn] # Java VM: OpenJDK 64-Bit Server VM (24.51-b03 mixed mode linux-amd64 compressed oops) [artifact:mvn] # Problematic frame: [artifact:mvn] # j org.hsqldb.HsqlException.equals(Ljava/lang/Object;)Z+0 [artifact:mvn] # [artifact:mvn] # Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again [artifact:mvn] # [artifact:mvn] # An error report file with more information is saved as: [artifact:mvn] # /tmp/jvm-25892/hs_error.log [artifact:mvn] # [artifact:mvn] # If you would like to submit a bug report, please include [artifact:mvn] # instructions on how to reproduce the bug and visit: [artifact:mvn] # http://icedtea.classpath.org/bugzilla [artifact:mvn] # [artifact:mvn] /bin/sh: line 1: 25892 Aborted (core dumped) /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/bin/java -Xmx512m -XX:MaxPermSize=512m -Duser.timezone=UTC -jar /var/dev/uPortal/uportal-war/target/surefire/surefirebooter3244118299594093194.jar /var/dev/uPortal/uportal-war/target/surefire/surefire7605222826761257030tmp /var/dev/uPortal/uportal-war/target/surefire/surefire_01983721144067998535tmp -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:08:33 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:08:33 +0000 Subject: [Bug 1720] Crashes when attempting to build uPortal In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720 Emmett Culley changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lst_manage at webengineer.com --- Comment #1 from Emmett Culley --- Created attachment 1056 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1056&action=edit hs_error.log -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 19:38:32 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:38:32 +0000 Subject: /hg/release/icedtea7-forest-2.3: PR1679: Allow OpenJDK to build ... Message-ID: changeset 14181eb6c00d in /hg/release/icedtea7-forest-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3?cmd=changeset;node=14181eb6c00d author: andrew date: Wed Feb 19 21:07:59 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels diffstat: make/Defs-internal.gmk | 14 +++++++++++++- 1 files changed, 13 insertions(+), 1 deletions(-) diffs (31 lines): diff -r 66eecafe5565 -r 14181eb6c00d make/Defs-internal.gmk --- a/make/Defs-internal.gmk Tue Jan 14 20:24:44 2014 -0500 +++ b/make/Defs-internal.gmk Wed Feb 19 21:07:59 2014 +0000 @@ -303,6 +303,16 @@ ABS_JAXWS_DIST = $(JAXWS_OUTPUTDIR)/dist endif +# Command to PaX mark the VM +ifndef PAX_COMMAND + PAX_COMMAND = /usr/sbin/paxmark.sh +endif +ifeq ($(ARCH), i586) + PAX_COMMAND_ARGS="-msp" +else + PAX_COMMAND_ARGS="-m" +endif + # Common make arguments (supplied to all component builds) COMMON_BUILD_ARGUMENTS = \ JDK_TOPDIR=$(ABS_JDK_TOPDIR) \ @@ -323,7 +333,9 @@ PREVIOUS_MAJOR_VERSION=$(PREVIOUS_MAJOR_VERSION) \ PREVIOUS_MINOR_VERSION=$(PREVIOUS_MINOR_VERSION) \ PREVIOUS_MICRO_VERSION=$(PREVIOUS_MICRO_VERSION) \ - STATIC_CXX=$(STATIC_CXX) + STATIC_CXX=$(STATIC_CXX) \ + PAX_COMMAND=$(PAX_COMMAND) \ + PAX_COMMAND_ARGS=$(PAX_COMMAND_ARGS) ifdef ARCH_DATA_MODEL COMMON_BUILD_ARGUMENTS += ARCH_DATA_MODEL=$(ARCH_DATA_MODEL) From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:38:39 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:38:39 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #9 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3?cmd=changeset;node=14181eb6c00d author: andrew date: Wed Feb 19 21:07:59 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 19:38:47 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:38:47 +0000 Subject: /hg/release/icedtea7-forest-2.3/corba: 5 new changesets Message-ID: changeset ed7f12eb2661 in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=ed7f12eb2661 author: coffeys date: Mon Nov 11 15:52:11 2013 +0000 8027837: JDK-8021257 causes CORBA build failure on emdedded platforms Reviewed-by: dholmes changeset c73c14092b63 in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c73c14092b63 author: mchung date: Thu Nov 07 20:48:38 2013 -0800 8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45 Reviewed-by: msheppar, alanb, lancea changeset 3a85dfaf63d8 in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=3a85dfaf63d8 author: msheppar date: Sun Nov 24 13:09:01 2013 +0000 8028215: ORB.init fails with SecurityException if properties select the JDK default ORB Summary: check for default ORBImpl and ORBSingleton set via properties or System properties Reviewed-by: alanb, coffeys, mchung changeset b181263f727f in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=b181263f727f author: andrew date: Thu Jan 23 22:40:30 2014 +0000 PR1653: Support ppc64le via Zero changeset c7d0b72f704f in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c7d0b72f704f author: andrew date: Thu Jan 23 23:19:18 2014 +0000 PR1654: ppc32 needs a larger ThreadStackSize to build diffstat: make/Makefile | 2 +- make/common/shared/Defs-java.gmk | 6 ++++- make/common/shared/Platform.gmk | 2 +- src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java | 2 + src/share/classes/org/omg/CORBA/ORB.java | 11 ++++++--- 5 files changed, 16 insertions(+), 7 deletions(-) diffs (90 lines): diff -r f12e1c039846 -r c7d0b72f704f make/Makefile --- a/make/Makefile Tue Jan 14 20:24:44 2014 -0500 +++ b/make/Makefile Thu Jan 23 23:19:18 2014 +0000 @@ -160,7 +160,7 @@ # # CORBA # -SUBDIRS = tools javax org sun com +SUBDIRS = tools sun/rmi javax org sun com build: $(SUBDIRS-loop) diff -r f12e1c039846 -r c7d0b72f704f make/common/shared/Defs-java.gmk --- a/make/common/shared/Defs-java.gmk Tue Jan 14 20:24:44 2014 -0500 +++ b/make/common/shared/Defs-java.gmk Thu Jan 23 23:19:18 2014 +0000 @@ -79,7 +79,11 @@ # 64-bit builds require a larger thread stack size. ifeq ($(ARCH_DATA_MODEL), 32) - JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=768 + ifeq ($(ARCH), ppc) + JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=1152 + else + JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=768 + endif else JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=1664 endif diff -r f12e1c039846 -r c7d0b72f704f make/common/shared/Platform.gmk --- a/make/common/shared/Platform.gmk Tue Jan 14 20:24:44 2014 -0500 +++ b/make/common/shared/Platform.gmk Thu Jan 23 23:19:18 2014 +0000 @@ -154,7 +154,7 @@ # Arch and OS name/version mach := $(shell uname -m) ifneq (,$(wildcard /usr/bin/dpkg-architecture)) - mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/') + mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/;s/ppc64el/ppc64le/') endif archExpr = case "$(mach)" in \ i[3-9]86) \ diff -r f12e1c039846 -r c7d0b72f704f src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java --- a/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java Tue Jan 14 20:24:44 2014 -0500 +++ b/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java Thu Jan 23 23:19:18 2014 +0000 @@ -89,4 +89,6 @@ sm.checkPermission(perm); } } + + private static final long serialVersionUID = 4571178305984833743L; } diff -r f12e1c039846 -r c7d0b72f704f src/share/classes/org/omg/CORBA/ORB.java --- a/src/share/classes/org/omg/CORBA/ORB.java Tue Jan 14 20:24:44 2014 -0500 +++ b/src/share/classes/org/omg/CORBA/ORB.java Thu Jan 23 23:19:18 2014 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -285,7 +285,8 @@ String className = getSystemProperty(ORBSingletonClassKey); if (className == null) className = getPropertyFromFile(ORBSingletonClassKey); - if (className == null) { + if ((className == null) || + (className.equals("com.sun.corba.se.impl.orb.ORBSingleton"))) { singleton = new com.sun.corba.se.impl.orb.ORBSingleton(); } else { singleton = create_impl(className); @@ -339,7 +340,8 @@ className = getSystemProperty(ORBClassKey); if (className == null) className = getPropertyFromFile(ORBClassKey); - if (className == null) { + if ((className == null) || + (className.equals("com.sun.corba.se.impl.orb.ORBImpl"))) { orb = new com.sun.corba.se.impl.orb.ORBImpl(); } else { orb = create_impl(className); @@ -369,7 +371,8 @@ className = getSystemProperty(ORBClassKey); if (className == null) className = getPropertyFromFile(ORBClassKey); - if (className == null) { + if ((className == null) || + (className.equals("com.sun.corba.se.impl.orb.ORBImpl"))) { orb = new com.sun.corba.se.impl.orb.ORBImpl(); } else { orb = create_impl(className); From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:38:53 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:38:53 +0000 Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653 --- Comment #10 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=b181263f727f author: andrew date: Thu Jan 23 22:40:30 2014 +0000 PR1653: Support ppc64le via Zero -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:39:02 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:02 +0000 Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654 --- Comment #8 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c7d0b72f704f author: andrew date: Thu Jan 23 23:19:18 2014 +0000 PR1654: ppc32 needs a larger ThreadStackSize to build -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 19:39:09 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:09 +0000 Subject: /hg/release/icedtea7-forest-2.3/jaxp: 2 new changesets Message-ID: changeset 87860ab06231 in /hg/release/icedtea7-forest-2.3/jaxp details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=87860ab06231 author: coffeys date: Fri Mar 21 18:33:01 2014 +0000 8028111: XML readers share the same entity expansion counter Reviewed-by: joehw, robm changeset 0eb202593710 in /hg/release/icedtea7-forest-2.3/jaxp details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=0eb202593710 author: coffeys date: Fri Mar 21 19:37:44 2014 +0000 8029038: Revise fix for XML readers share the same entity expansion counter Reviewed-by: joehw, mbankal diffstat: src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java | 24 ++- src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java | 80 ++++----- src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java | 2 + src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java | 14 +- src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java | 2 +- src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java | 6 +- src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java | 45 +--- src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java | 2 + 8 files changed, 82 insertions(+), 93 deletions(-) diffs (446 lines): diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java --- a/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java Fri Mar 21 19:37:44 2014 +0000 @@ -44,6 +44,7 @@ import com.sun.org.apache.xerces.internal.impl.XMLErrorReporter; import com.sun.org.apache.xerces.internal.impl.XMLEntityHandler; import com.sun.org.apache.xerces.internal.impl.Constants; +import com.sun.org.apache.xerces.internal.utils.XMLLimitAnalyzer; import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager; import com.sun.xml.internal.stream.Entity; @@ -262,6 +263,11 @@ fEntityManager.startDTDEntity(inputSource); } // setInputSource(XMLInputSource) + + public void setLimitAnalyzer(XMLLimitAnalyzer limitAnalyzer) { + fLimitAnalyzer = limitAnalyzer; + } + /** * Scans the external subset of the document. * @@ -1625,10 +1631,10 @@ XMLString literal = fString; XMLString literal2 = fString; int countChar = 0; - if (fLimitAnalyzer == null && fSecurityManager != null) { - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); + if (fLimitAnalyzer == null ) { + fLimitAnalyzer = new XMLLimitAnalyzer(); + } fLimitAnalyzer.startEntity(entityName); - } if (fEntityScanner.scanLiteral(quote, fString) != quote) { fStringBuffer.clear(); @@ -2145,6 +2151,8 @@ // set starting state setScannerState(SCANNER_STATE_TEXT_DECL); //new SymbolTable()); + + fLimitAnalyzer = new XMLLimitAnalyzer(); } /** @@ -2164,18 +2172,18 @@ */ private void checkLimit(String entityName, int len) { if (fLimitAnalyzer == null) { - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); + fLimitAnalyzer = new XMLLimitAnalyzer(); } fLimitAnalyzer.addValue(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT, entityName, len); - if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT)) { - fSecurityManager.debugPrint(); + if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) { + fSecurityManager.debugPrint(fLimitAnalyzer); reportFatalError("MaxEntitySizeLimit", new Object[]{entityName, fLimitAnalyzer.getValue(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT), fSecurityManager.getLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT), fSecurityManager.getStateLiteral(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT)}); } - if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT)) { - fSecurityManager.debugPrint(); + if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) { + fSecurityManager.debugPrint(fLimitAnalyzer); reportFatalError("TotalEntitySizeLimit", new Object[]{fLimitAnalyzer.getTotalValue(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT), fSecurityManager.getLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT), diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java --- a/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Fri Mar 21 19:37:44 2014 +0000 @@ -550,32 +550,13 @@ // xerces features fReportCdataEvent = componentManager.getFeature(Constants.STAX_REPORT_CDATA_EVENT, true); - fSecurityManager = (XMLSecurityManager)componentManager.getProperty(Constants.SECURITY_MANAGER, null); - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); - - fElementAttributeLimit = (fSecurityManager != null)? - fSecurityManager.getLimit(XMLSecurityManager.Limit.ELEMENT_ATTRIBUTE_LIMIT):0; - fNotifyBuiltInRefs = componentManager.getFeature(NOTIFY_BUILTIN_REFS, false); Object resolver = componentManager.getProperty(ENTITY_RESOLVER, null); fExternalSubsetResolver = (resolver instanceof ExternalSubsetResolver) ? (ExternalSubsetResolver) resolver : null; - // initialize vars - fMarkupDepth = 0; - fCurrentElement = null; - fElementStack.clear(); - fHasExternalDTD = false; - fStandaloneSet = false; - fStandalone = false; - fInScanContent = false; - //skipping algorithm - fShouldSkip = false; - fAdd = false; - fSkip = false; - //attribute fReadingAttributes = false; //xxx: external entities are supported in Xerces @@ -587,11 +568,9 @@ // setup Driver setScannerState(SCANNER_STATE_CONTENT); setDriver(fContentDriver); - fEntityStore = fEntityManager.getEntityStore(); - - dtdGrammarUtil = null; - - + + + resetCommon(); //fEntityManager.test(); } // reset(XMLComponentManager) @@ -605,17 +584,7 @@ fNamespaces = ((Boolean)propertyManager.getProperty(XMLInputFactory.IS_NAMESPACE_AWARE)).booleanValue(); fNotifyBuiltInRefs = false ; - // initialize vars - fMarkupDepth = 0; - fCurrentElement = null; - fShouldSkip = false; - fAdd = false; - fSkip = false; - fElementStack.clear(); //fElementStack2.clear(); - fHasExternalDTD = false; - fStandaloneSet = false; - fStandalone = false; //fReplaceEntityReferences = true; //fSupportExternalEntities = true; Boolean bo = (Boolean)propertyManager.getProperty(XMLInputFactoryImpl.IS_REPLACING_ENTITY_REFERENCES); @@ -636,14 +605,37 @@ //we dont need to do this -- nb. //setScannerState(SCANNER_STATE_CONTENT); //setDriver(fContentDriver); + //fEntityManager.test(); + + fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(Constants.SECURITY_MANAGER); + resetCommon(); + } // reset(XMLComponentManager) + + void resetCommon() { + // initialize vars + fMarkupDepth = 0; + fCurrentElement = null; + fElementStack.clear(); + fHasExternalDTD = false; + fStandaloneSet = false; + fStandalone = false; + fInScanContent = false; + //skipping algorithm + fShouldSkip = false; + fAdd = false; + fSkip = false; + fEntityStore = fEntityManager.getEntityStore(); - //fEntityManager.test(); - dtdGrammarUtil = null; - fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(Constants.SECURITY_MANAGER); - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); - } // reset(XMLComponentManager) + if (fSecurityManager != null) { + fElementAttributeLimit = fSecurityManager.getLimit(XMLSecurityManager.Limit.ELEMENT_ATTRIBUTE_LIMIT); + } else { + fElementAttributeLimit = 0; + } + fLimitAnalyzer = new XMLLimitAnalyzer(); + fEntityManager.setLimitAnalyzer(fLimitAnalyzer); + } /** * Returns a list of feature identifiers that are recognized by @@ -1289,7 +1281,7 @@ fAttributes.getLength() > fElementAttributeLimit){ fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN, "ElementAttributeLimit", - new Object[]{rawname, new Integer(fAttributes.getLength()) }, + new Object[]{rawname, fElementAttributeLimit }, XMLErrorReporter.SEVERITY_FATAL_ERROR ); } @@ -3110,15 +3102,15 @@ protected void checkLimit(XMLStringBuffer buffer) { if (fLimitAnalyzer.isTracking(fCurrentEntityName)) { fLimitAnalyzer.addValue(Limit.GENEAL_ENTITY_SIZE_LIMIT, fCurrentEntityName, buffer.length); - if (fSecurityManager.isOverLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT)) { - fSecurityManager.debugPrint(); + if (fSecurityManager.isOverLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) { + fSecurityManager.debugPrint(fLimitAnalyzer); reportFatalError("MaxEntitySizeLimit", new Object[]{fCurrentEntityName, fLimitAnalyzer.getValue(Limit.GENEAL_ENTITY_SIZE_LIMIT), fSecurityManager.getLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT), fSecurityManager.getStateLiteral(Limit.GENEAL_ENTITY_SIZE_LIMIT)}); } - if (fSecurityManager.isOverLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT)) { - fSecurityManager.debugPrint(); + if (fSecurityManager.isOverLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) { + fSecurityManager.debugPrint(fLimitAnalyzer); reportFatalError("TotalEntitySizeLimit", new Object[]{fLimitAnalyzer.getTotalValue(Limit.TOTAL_ENTITY_SIZE_LIMIT), fSecurityManager.getLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT), diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java --- a/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java Fri Mar 21 19:37:44 2014 +0000 @@ -1089,6 +1089,8 @@ ((XMLDTDScannerImpl)fDTDScanner).reset(fPropertyManager); } + + fDTDScanner.setLimitAnalyzer(fLimitAnalyzer); do { again = false; switch (fScannerState) { diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java --- a/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java Fri Mar 21 19:37:44 2014 +0000 @@ -1281,8 +1281,8 @@ if(fLimitAnalyzer != null) { fLimitAnalyzer.addValue(entityExpansionIndex, name, 1); } - if( fSecurityManager != null && fSecurityManager.isOverLimit(entityExpansionIndex)){ - fSecurityManager.debugPrint(); + if( fSecurityManager != null && fSecurityManager.isOverLimit(entityExpansionIndex, fLimitAnalyzer)){ + fSecurityManager.debugPrint(fLimitAnalyzer); fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,"EntityExpansionLimitExceeded", new Object[]{fSecurityManager.getLimitValueByIndex(entityExpansionIndex)}, XMLErrorReporter.SEVERITY_FATAL_ERROR ); @@ -1351,7 +1351,7 @@ if (fLimitAnalyzer != null) { fLimitAnalyzer.endEntity(XMLSecurityManager.Limit.GENEAL_ENTITY_SIZE_LIMIT, fCurrentEntity.name); if (fCurrentEntity.name.equals("[xml]")) { - fSecurityManager.debugPrint(); + fSecurityManager.debugPrint(fLimitAnalyzer); } } fCurrentEntity.close(); @@ -1413,7 +1413,6 @@ } fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(SECURITY_MANAGER); - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); // initialize state //fStandalone = false; @@ -1476,7 +1475,6 @@ fStaxEntityResolver = (StaxEntityResolverWrapper)componentManager.getProperty(STAX_ENTITY_RESOLVER, null); fValidationManager = (ValidationManager)componentManager.getProperty(VALIDATION_MANAGER, null); fSecurityManager = (XMLSecurityManager)componentManager.getProperty(SECURITY_MANAGER, null); - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); entityExpansionIndex = fSecurityManager.getIndex(Constants.JDK_ENTITY_EXPANSION_LIMIT); //reset general state @@ -1622,12 +1620,16 @@ if (suffixLength == Constants.SECURITY_MANAGER_PROPERTY.length() && propertyId.endsWith(Constants.SECURITY_MANAGER_PROPERTY)) { fSecurityManager = (XMLSecurityManager)value; - fLimitAnalyzer = fSecurityManager.getLimitAnalyzer(); } } } + + public void setLimitAnalyzer(XMLLimitAnalyzer fLimitAnalyzer) { + this.fLimitAnalyzer = fLimitAnalyzer; + } + /** * Returns a list of property identifiers that are recognized by * this component. This method may return null if no properties diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java --- a/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Fri Mar 21 19:37:44 2014 +0000 @@ -256,7 +256,7 @@ fAttributes.getLength() > fElementAttributeLimit){ fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN, "ElementAttributeLimit", - new Object[]{rawname, new Integer(fAttributes.getLength()) }, + new Object[]{rawname, fElementAttributeLimit }, XMLErrorReporter.SEVERITY_FATAL_ERROR ); } diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java --- a/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java Fri Mar 21 19:37:44 2014 +0000 @@ -77,7 +77,6 @@ } } - private XMLSecurityManager securityManager; /** * Max value accumulated for each property */ @@ -101,8 +100,7 @@ * Default constructor. Establishes default values for known security * vulnerabilities. */ - public XMLLimitAnalyzer(XMLSecurityManager securityManager) { - this.securityManager = securityManager; + public XMLLimitAnalyzer() { values = new int[Limit.values().length]; totalValue = new int[Limit.values().length]; names = new String[Limit.values().length]; @@ -221,7 +219,7 @@ } } - public void debugPrint() { + public void debugPrint(XMLSecurityManager securityManager) { Formatter formatter = new Formatter(); System.out.println(formatter.format("%30s %15s %15s %15s %30s", "Property","Limit","Total size","Size","Entity Name")); diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java --- a/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java Fri Mar 21 19:37:44 2014 +0000 @@ -148,7 +148,6 @@ private boolean[] isSet; - private XMLLimitAnalyzer limitAnalyzer; /** * Index of the special entityCountInfo property */ @@ -169,7 +168,6 @@ * @param secureProcessing */ public XMLSecurityManager(boolean secureProcessing) { - limitAnalyzer = new XMLLimitAnalyzer(this); values = new int[Limit.values().length]; states = new State[Limit.values().length]; isSet = new boolean[Limit.values().length]; @@ -249,13 +247,15 @@ if (index == indexEntityCountInfo) { printEntityCountInfo = (String)value; } else { - int temp = 0; - try { + int temp; + if (Integer.class.isAssignableFrom(value.getClass())) { + temp = ((Integer)value).intValue(); + } else { temp = Integer.parseInt((String) value); if (temp < 0) { temp = 0; } - } catch (NumberFormatException e) {} + } setLimit(index, state, temp); } } @@ -387,8 +387,9 @@ * @param size the size (count or length) of the entity * @return true if the size is over the limit, false otherwise */ - public boolean isOverLimit(Limit limit, String entityName, int size) { - return isOverLimit(limit.ordinal(), entityName, size); + public boolean isOverLimit(Limit limit, String entityName, int size, + XMLLimitAnalyzer limitAnalyzer) { + return isOverLimit(limit.ordinal(), entityName, size, limitAnalyzer); } /** @@ -400,7 +401,8 @@ * @param size the size (count or length) of the entity * @return true if the size is over the limit, false otherwise */ - public boolean isOverLimit(int index, String entityName, int size) { + public boolean isOverLimit(int index, String entityName, int size, + XMLLimitAnalyzer limitAnalyzer) { if (values[index] == NO_LIMIT) { return false; } @@ -418,11 +420,11 @@ * @param size the size (count or length) of the entity * @return true if the size is over the limit, false otherwise */ - public boolean isOverLimit(Limit limit) { - return isOverLimit(limit.ordinal()); + public boolean isOverLimit(Limit limit, XMLLimitAnalyzer limitAnalyzer) { + return isOverLimit(limit.ordinal(), limitAnalyzer); } - public boolean isOverLimit(int index) { + public boolean isOverLimit(int index, XMLLimitAnalyzer limitAnalyzer) { if (values[index] == NO_LIMIT) { return false; } @@ -436,29 +438,12 @@ } } - public void debugPrint() { + public void debugPrint(XMLLimitAnalyzer limitAnalyzer) { if (printEntityCountInfo.equals(Constants.JDK_YES)) { - limitAnalyzer.debugPrint(); + limitAnalyzer.debugPrint(this); } } - /** - * Return the limit analyzer - * - * @return the limit analyzer - */ - public XMLLimitAnalyzer getLimitAnalyzer() { - return limitAnalyzer; - } - - /** - * Set limit analyzer - * - * @param analyzer a limit analyzer - */ - public void setLimitAnalyzer(XMLLimitAnalyzer analyzer) { - limitAnalyzer = analyzer; - } /** * Indicate if a property is set explicitly diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java --- a/src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java Fri Mar 21 19:37:44 2014 +0000 @@ -20,6 +20,7 @@ package com.sun.org.apache.xerces.internal.xni.parser; +import com.sun.org.apache.xerces.internal.utils.XMLLimitAnalyzer; import java.io.IOException; import com.sun.org.apache.xerces.internal.xni.XNIException; @@ -95,4 +96,5 @@ public boolean scanDTDExternalSubset(boolean complete) throws IOException, XNIException; + public void setLimitAnalyzer(XMLLimitAnalyzer limitAnalyzer); } // interface XMLDTDScanner From andrew at icedtea.classpath.org Fri Mar 21 19:39:16 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:16 +0000 Subject: /hg/release/icedtea7-forest-2.3/jaxws: 3 new changesets Message-ID: changeset cd3d3cf45c6e in /hg/release/icedtea7-forest-2.3/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=cd3d3cf45c6e author: mkos date: Fri Nov 08 20:15:52 2013 +0100 8027224: test regression - ClassNotFoundException Summary: test regression; fix also reviewed by Filipp Zkinkin, Iaroslav Savytskyi, Alexander Fomin Reviewed-by: mgrebac changeset 7d297f4939bf in /hg/release/icedtea7-forest-2.3/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=7d297f4939bf author: mkos date: Thu Mar 20 16:23:27 2014 +0000 8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04 Summary: test regression; fix also reviewed by Maxim Soloviev, Alexander Fomin Reviewed-by: mgrebac changeset 482a3f64a8ea in /hg/release/icedtea7-forest-2.3/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=482a3f64a8ea author: mkos date: Thu Nov 21 11:15:32 2013 +0100 8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147 Summary: test regression; fix also reviewed by Iaroslav Savytskyi, Alexander Fomin Reviewed-by: mchung diffstat: src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java | 28 +----- src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java | 46 ++++++++- 2 files changed, 42 insertions(+), 32 deletions(-) diffs (150 lines): diff -r 1067e01a4e0e -r 482a3f64a8ea src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java --- a/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java Thu Nov 21 11:15:32 2013 +0100 @@ -58,7 +58,6 @@ // --------------------------------------- public Class getSuperClass(Class clazz) { - checkPackageAccess(clazz.getName()); if (clazz == Object.class) { return null; } @@ -266,12 +265,10 @@ } public Collection getDeclaredFields(Class clazz) { - checkPackageAccess(clazz.getName()); return Arrays.asList(clazz.getDeclaredFields()); } public Field getDeclaredField(Class clazz, String fieldName) { - checkPackageAccess(clazz.getName()); try { return clazz.getDeclaredField(fieldName); } catch (NoSuchFieldException e) { @@ -280,7 +277,6 @@ } public Collection getDeclaredMethods(Class clazz) { - checkPackageAccess(clazz.getName()); return Arrays.asList(clazz.getDeclaredMethods()); } @@ -525,7 +521,6 @@ } public Field[] getEnumConstants(Class clazz) { - checkPackageAccess(clazz.getName()); try { Object[] values = clazz.getEnumConstants(); Field[] fields = new Field[values.length]; @@ -556,7 +551,6 @@ @Override public Class loadObjectFactory(Class referencePoint, String pkg) { String clName = pkg + ".ObjectFactory"; - checkPackageAccess(clName); ClassLoader cl = referencePoint.getClassLoader(); if (cl == null) cl = ClassLoader.getSystemClassLoader(); @@ -581,7 +575,7 @@ // class Base { // T getX() { ... } // } - // to be overrided. Handling this correctly needs a careful implementation + // to be overriden. Handling this correctly needs a careful implementation String name = method.getName(); Class[] params = method.getParameterTypes(); @@ -632,24 +626,4 @@ return t; } - - /** - * Checking if current thread can access class. - * - * @param clName name of the class to be checked - * @throws SecurityException is thrown if thread doesn't have privileges - */ - static void checkPackageAccess(String clName) { - SecurityManager sm = System.getSecurityManager(); - if (sm == null) - return; - if (clName.startsWith("[")) { // array - int nameStart = clName.lastIndexOf('[') + 2; - if (nameStart > 1 && nameStart < clName.length()) - clName = clName.substring(nameStart); - } - int packageEnd = clName.lastIndexOf('.'); - if (packageEnd != -1) - sm.checkPackageAccess(clName.substring(0, packageEnd)); - } } diff -r 1067e01a4e0e -r 482a3f64a8ea src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java --- a/src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java Tue Jan 14 20:24:45 2014 -0500 +++ b/src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java Thu Nov 21 11:15:32 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,6 +59,12 @@ import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.Method; +import java.lang.reflect.ReflectPermission; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.Permissions; +import java.security.PrivilegedAction; +import java.security.ProtectionDomain; import java.util.Iterator; import java.util.Map; import java.util.logging.Level; @@ -546,10 +552,40 @@ // ignore } - try { - JAXB_CONTEXT = (JAXBRIContext)JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class); - } catch (JAXBException e) { - throw new Error(e); // this must be a bug in our code + JAXB_CONTEXT = createJAXBContext(); + } + + private static JAXBRIContext createJAXBContext() { + + // in jdk runtime doPrivileged is necessary since JAX-WS internal classes are in restricted packages + if (isJDKRuntime()) { + Permissions permissions = new Permissions(); + permissions.add(new RuntimePermission("accessClassInPackage.com.sun." + "xml.internal.ws.fault")); + permissions.add(new ReflectPermission("suppressAccessChecks")); + return AccessController.doPrivileged( + new PrivilegedAction() { + @Override + public JAXBRIContext run() { + try { + return (JAXBRIContext) JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class); + } catch (JAXBException e) { + throw new Error(e); + } + } + }, + new AccessControlContext(new ProtectionDomain[]{new ProtectionDomain(null, permissions)}) + ); + + } else { + try { + return (JAXBRIContext) JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class); + } catch (JAXBException e) { + throw new Error(e); + } } } + + private static boolean isJDKRuntime() { + return SOAPFaultBuilder.class.getName().contains("internal"); + } } From andrew at icedtea.classpath.org Fri Mar 21 19:39:28 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:28 +0000 Subject: /hg/release/icedtea7-forest-2.3/hotspot: 8 new changesets Message-ID: changeset 3f0dff7a9cf5 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3f0dff7a9cf5 author: iveresov date: Mon Mar 12 13:12:07 2012 -0700 7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages Summary: Don't attempt to uncommit SHM-based large pages Reviewed-by: kvn changeset cbdd11a54b82 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=cbdd11a54b82 author: dcubed date: Mon Mar 10 18:09:45 2014 +0000 8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint Summary: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory(). Add os::commit_memory_or_exit(). Also tidy up some NMT accounting and some mmap() return value checking. Reviewed-by: zgu, stefank, dholmes, dsamersoff changeset 24391b7e49b5 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=24391b7e49b5 author: aeriksso date: Mon Mar 10 18:48:19 2014 +0000 8026887: Make issues due to failed large pages allocations easier to debug Reviewed-by: stefank, mcastegr, poonam changeset 3b188862d691 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3b188862d691 author: andrew date: Wed Feb 19 21:08:04 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels changeset 99ed2a7d2f87 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=99ed2a7d2f87 author: dsamersoff date: Mon Mar 10 22:26:05 2014 +0000 8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 Summary: don't re-evaluate stack bounds for main thread before install guard page Reviewed-by: coleenp, dholmes, dlong changeset adf1821ed249 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=adf1821ed249 author: chrisphi date: Fri Mar 14 16:53:01 2014 +0000 Allow ARM32 JIT to be disabled changeset fba9303068df in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=fba9303068df author: andrew date: Thu Jan 23 22:41:21 2014 +0000 PR1653: Support ppc64le via Zero changeset 383082077d46 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=383082077d46 author: andrew date: Fri Jan 31 21:14:06 2014 +0000 RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) Contributed-by: chphilli at redhat.com diffstat: make/linux/makefiles/buildtree.make | 4 + make/linux/makefiles/zeroshark.make | 4 +- src/os/bsd/vm/os_bsd.cpp | 43 +- src/os/bsd/vm/perfMemory_bsd.cpp | 4 +- src/os/linux/vm/os_linux.cpp | 265 +++++++-- src/os/linux/vm/os_linux.hpp | 8 +- src/os/linux/vm/perfMemory_linux.cpp | 4 +- src/os/solaris/vm/os_solaris.cpp | 101 +++- src/os/solaris/vm/os_solaris.hpp | 5 +- src/os/solaris/vm/perfMemory_solaris.cpp | 4 +- src/os/windows/vm/os_windows.cpp | 57 +- src/os/windows/vm/perfMemory_windows.cpp | 4 +- src/os_cpu/linux_zero/vm/globals_linux_zero.hpp | 6 +- src/os_cpu/linux_zero/vm/os_linux_zero.cpp | 10 +- src/share/vm/gc_implementation/parallelScavenge/cardTableExtension.cpp | 10 +- src/share/vm/gc_implementation/parallelScavenge/psVirtualspace.cpp | 12 +- src/share/vm/memory/cardTableModRefBS.cpp | 17 +- src/share/vm/runtime/os.cpp | 39 +- src/share/vm/runtime/os.hpp | 22 +- src/share/vm/runtime/virtualspace.cpp | 17 +- src/share/vm/utilities/vmError.cpp | 12 + 21 files changed, 471 insertions(+), 177 deletions(-) diffs (truncated from 1188 to 500 lines): diff -r 3442eb7ef2d2 -r 383082077d46 make/linux/makefiles/buildtree.make --- a/make/linux/makefiles/buildtree.make Tue Jan 14 20:24:44 2014 -0500 +++ b/make/linux/makefiles/buildtree.make Fri Jan 31 21:14:06 2014 +0000 @@ -435,6 +435,10 @@ echo " GAMMA_PROG=gamma_g"; \ echo "fi"; \ echo ""; \ + echo "if [ -x \"$(PAX_COMMAND)\" ]; then "; \ + echo " $(PAX_COMMAND) $(PAX_COMMAND_ARGS) ./\$${GAMMA_PROG}"; \ + echo "fi"; \ + echo ""; \ echo "if [ \"$(OS_VENDOR)\" = \"Darwin\" ]; then "; \ echo " # Ensure architecture for gamma and JAVA_HOME is the same."; \ echo " # NOTE: gamma assumes the OpenJDK directory layout."; \ diff -r 3442eb7ef2d2 -r 383082077d46 make/linux/makefiles/zeroshark.make --- a/make/linux/makefiles/zeroshark.make Tue Jan 14 20:24:44 2014 -0500 +++ b/make/linux/makefiles/zeroshark.make Fri Jan 31 21:14:06 2014 +0000 @@ -26,7 +26,8 @@ # Setup common to Zero (non-Shark) and Shark versions of VM ifeq ($(ZERO_LIBARCH),arm) - +# check to see if we are building the assembler jit or just zero. +ifeq ($(ARM32JIT),true) Obj_Files += asm_helper.o Obj_Files += cppInterpreter_arm.o Obj_Files += thumb2.o @@ -54,6 +55,7 @@ $(CC_COMPILE) $(CFLAGS) -DSTATIC_OFFSETS -o $@ $< $(COMPILE_DONE) endif +endif %.o: %.S @echo Assembling $< diff -r 3442eb7ef2d2 -r 383082077d46 src/os/bsd/vm/os_bsd.cpp --- a/src/os/bsd/vm/os_bsd.cpp Tue Jan 14 20:24:44 2014 -0500 +++ b/src/os/bsd/vm/os_bsd.cpp Fri Jan 31 21:14:06 2014 +0000 @@ -2762,6 +2762,13 @@ } } +static void warn_fail_commit_memory(char* addr, size_t size, bool exec, + int err) { + warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT + ", %d) failed; error='%s' (errno=%d)", addr, size, exec, + strerror(err), err); +} + // NOTE: Bsd kernel does not really reserve the pages for us. // All it does is to check if there are enough free pages // left at the time of mmap(). This could be a potential @@ -2770,12 +2777,22 @@ int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE; #ifdef __OpenBSD__ // XXX: Work-around mmap/MAP_FIXED bug temporarily on OpenBSD - return ::mprotect(addr, size, prot) == 0; + if (::mprotect(addr, size, prot) == 0) { + return true; + } #else uintptr_t res = (uintptr_t) ::mmap(addr, size, prot, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0); - return res != (uintptr_t) MAP_FAILED; + if (res != (uintptr_t) MAP_FAILED) { + return true; + } #endif + + // Warn about any commit errors we see in non-product builds just + // in case mmap() doesn't work as described on the man page. + NOT_PRODUCT(warn_fail_commit_memory(addr, size, exec, errno);) + + return false; } #ifndef _ALLBSD_SOURCE @@ -2803,9 +2820,27 @@ } #endif + // alignment_hint is ignored on this OS return commit_memory(addr, size, exec); } +void os::commit_memory_or_exit(char* addr, size_t size, bool exec, + const char* mesg) { + assert(mesg != NULL, "mesg must be specified"); + if (!pd_commit_memory(addr, size, exec)) { + // add extra info in product mode for vm_exit_out_of_memory(): + PRODUCT_ONLY(warn_fail_commit_memory(addr, size, exec, errno);) + vm_exit_out_of_memory(size, mesg); + } +} + +void os::commit_memory_or_exit(char* addr, size_t size, + size_t alignment_hint, bool exec, + const char* mesg) { + // alignment_hint is ignored on this OS + pd_commit_memory_or_exit(addr, size, exec, mesg); +} + void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) { #ifndef _ALLBSD_SOURCE if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) { @@ -2970,7 +3005,7 @@ } bool os::create_stack_guard_pages(char* addr, size_t size) { - return os::commit_memory(addr, size); + return os::commit_memory(addr, size, !ExecMem); } // If this is a growable mapping, remove the guard pages entirely by @@ -4467,7 +4502,7 @@ if (!UseMembar) { address mem_serialize_page = (address) ::mmap(NULL, Bsd::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); - guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page"); + guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page"); os::set_memory_serialize_page( mem_serialize_page ); #ifndef PRODUCT diff -r 3442eb7ef2d2 -r 383082077d46 src/os/bsd/vm/perfMemory_bsd.cpp --- a/src/os/bsd/vm/perfMemory_bsd.cpp Tue Jan 14 20:24:44 2014 -0500 +++ b/src/os/bsd/vm/perfMemory_bsd.cpp Fri Jan 31 21:14:06 2014 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,7 +59,7 @@ } // commit memory - if (!os::commit_memory(mapAddress, size)) { + if (!os::commit_memory(mapAddress, size, !ExecMem)) { if (PrintMiscellaneous && Verbose) { warning("Could not commit PerfData memory\n"); } diff -r 3442eb7ef2d2 -r 383082077d46 src/os/linux/vm/os_linux.cpp --- a/src/os/linux/vm/os_linux.cpp Tue Jan 14 20:24:44 2014 -0500 +++ b/src/os/linux/vm/os_linux.cpp Fri Jan 31 21:14:06 2014 +0000 @@ -2508,11 +2508,57 @@ } } +static bool recoverable_mmap_error(int err) { + // See if the error is one we can let the caller handle. This + // list of errno values comes from JBS-6843484. I can't find a + // Linux man page that documents this specific set of errno + // values so while this list currently matches Solaris, it may + // change as we gain experience with this failure mode. + switch (err) { + case EBADF: + case EINVAL: + case ENOTSUP: + // let the caller deal with these errors + return true; + + default: + // Any remaining errors on this OS can cause our reserved mapping + // to be lost. That can cause confusion where different data + // structures think they have the same memory mapped. The worst + // scenario is if both the VM and a library think they have the + // same memory mapped. + return false; + } +} + +static void warn_fail_commit_memory(char* addr, size_t size, bool exec, + int err) { + warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT + ", %d) failed; error='%s' (errno=%d)", addr, size, exec, + strerror(err), err); +} + +static void warn_fail_commit_memory(char* addr, size_t size, + size_t alignment_hint, bool exec, + int err) { + warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT + ", " SIZE_FORMAT ", %d) failed; error='%s' (errno=%d)", addr, size, + alignment_hint, exec, strerror(err), err); +} + +static void warn_fail_commit_memory(char* addr, size_t size, + size_t alignment_hint, bool exec, + int err, const char* msg) { + warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT + ", " SIZE_FORMAT ", %d) failed; error='%s' (errno=%d); %s", addr, size, + alignment_hint, exec, strerror(err), err, msg); +} + // NOTE: Linux kernel does not really reserve the pages for us. // All it does is to check if there are enough free pages // left at the time of mmap(). This could be a potential // problem. -bool os::commit_memory(char* addr, size_t size, bool exec) { +int os::Linux::commit_memory_impl(char* addr, size_t size, bool exec) { int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE; uintptr_t res = (uintptr_t) ::mmap(addr, size, prot, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0); @@ -2520,9 +2566,32 @@ if (UseNUMAInterleaving) { numa_make_global(addr, size); } - return true; - } - return false; + return 0; + } + + int err = errno; // save errno from mmap() call above + + if (!recoverable_mmap_error(err)) { + warn_fail_commit_memory(addr, size, exec, err); + vm_exit_out_of_memory(size, "committing reserved memory."); + } + + return err; +} + +bool os::commit_memory(char* addr, size_t size, bool exec) { + return os::Linux::commit_memory_impl(addr, size, exec) == 0; +} + +void os::commit_memory_or_exit(char* addr, size_t size, bool exec, + const char* mesg) { + assert(mesg != NULL, "mesg must be specified"); + int err = os::Linux::commit_memory_impl(addr, size, exec); + if (err != 0) { + // the caller wants all commit errors to exit with the specified mesg: + warn_fail_commit_memory(addr, size, exec, err); + vm_exit_out_of_memory(size, mesg); + } } // Define MAP_HUGETLB here so we can build HotSpot on old systems. @@ -2535,8 +2604,11 @@ #define MADV_HUGEPAGE 14 #endif -bool os::commit_memory(char* addr, size_t size, size_t alignment_hint, - bool exec) { +volatile jint os::Linux::num_largepage_commit_fails = 0; + +int os::Linux::commit_memory_impl(char* addr, size_t size, + size_t alignment_hint, bool exec) { + int err; if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) { int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE; uintptr_t res = @@ -2547,16 +2619,47 @@ if (UseNUMAInterleaving) { numa_make_global(addr, size); } - return true; + return 0; + } + + err = errno; // save errno from mmap() call above + + if (!recoverable_mmap_error(err)) { + // However, it is not clear that this loss of our reserved mapping + // happens with large pages on Linux or that we cannot recover + // from the loss. For now, we just issue a warning and we don't + // call vm_exit_out_of_memory(). This issue is being tracked by + // JBS-8007074. + Atomic::inc(&os::Linux::num_largepage_commit_fails); + warn_fail_commit_memory(addr, size, alignment_hint, exec, err, + "Cannot allocate large pages, falling back to regular pages"); +// vm_exit_out_of_memory(size, "committing reserved memory."); } // Fall through and try to use small pages } - if (commit_memory(addr, size, exec)) { + err = os::Linux::commit_memory_impl(addr, size, exec); + if (err == 0) { realign_memory(addr, size, alignment_hint); - return true; - } - return false; + } + return err; +} + +bool os::commit_memory(char* addr, size_t size, size_t alignment_hint, + bool exec) { + return os::Linux::commit_memory_impl(addr, size, alignment_hint, exec) == 0; +} + +void os::commit_memory_or_exit(char* addr, size_t size, + size_t alignment_hint, bool exec, + const char* mesg) { + assert(mesg != NULL, "mesg must be specified"); + int err = os::Linux::commit_memory_impl(addr, size, alignment_hint, exec); + if (err != 0) { + // the caller wants all commit errors to exit with the specified mesg: + warn_fail_commit_memory(addr, size, alignment_hint, exec, err); + vm_exit_out_of_memory(size, mesg); + } } void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) { @@ -2568,7 +2671,14 @@ } void os::free_memory(char *addr, size_t bytes, size_t alignment_hint) { - commit_memory(addr, bytes, alignment_hint, false); + // This method works by doing an mmap over an existing mmaping and effectively discarding + // the existing pages. However it won't work for SHM-based large pages that cannot be + // uncommitted at all. We don't do anything in this case to avoid creating a segment with + // small pages on top of the SHM segment. This method always works for small pages, so we + // allow that in any case. + if (alignment_hint <= (size_t)os::vm_page_size() || !UseSHM) { + commit_memory(addr, bytes, alignment_hint, !ExecMem); + } } void os::numa_make_global(char *addr, size_t bytes) { @@ -2751,6 +2861,53 @@ return res != (uintptr_t) MAP_FAILED; } +static +address get_stack_commited_bottom(address bottom, size_t size) { + address nbot = bottom; + address ntop = bottom + size; + + size_t page_sz = os::vm_page_size(); + unsigned pages = size / page_sz; + + unsigned char vec[1]; + unsigned imin = 1, imax = pages + 1, imid; + int mincore_return_value; + + while (imin < imax) { + imid = (imax + imin) / 2; + nbot = ntop - (imid * page_sz); + + // Use a trick with mincore to check whether the page is mapped or not. + // mincore sets vec to 1 if page resides in memory and to 0 if page + // is swapped output but if page we are asking for is unmapped + // it returns -1,ENOMEM + mincore_return_value = mincore(nbot, page_sz, vec); + + if (mincore_return_value == -1) { + // Page is not mapped go up + // to find first mapped page + if (errno != EAGAIN) { + assert(errno == ENOMEM, "Unexpected mincore errno"); + imax = imid; + } + } else { + // Page is mapped go down + // to find first not mapped page + imin = imid + 1; + } + } + + nbot = nbot + page_sz; + + // Adjust stack bottom one page up if last checked page is not mapped + if (mincore_return_value == -1) { + nbot = nbot + page_sz; + } + + return nbot; +} + + // Linux uses a growable mapping for the stack, and if the mapping for // the stack guard pages is not removed when we detach a thread the // stack cannot grow beyond the pages where the stack guard was @@ -2765,74 +2922,52 @@ // So, we need to know the extent of the stack mapping when // create_stack_guard_pages() is called. -// Find the bounds of the stack mapping. Return true for success. -// // We only need this for stacks that are growable: at the time of // writing thread stacks don't use growable mappings (i.e. those // creeated with MAP_GROWSDOWN), and aren't marked "[stack]", so this // only applies to the main thread. -static -bool get_stack_bounds(uintptr_t *bottom, uintptr_t *top) { - - char buf[128]; - int fd, sz; - - if ((fd = ::open("/proc/self/maps", O_RDONLY)) < 0) { - return false; - } - - const char kw[] = "[stack]"; - const int kwlen = sizeof(kw)-1; - - // Address part of /proc/self/maps couldn't be more than 128 bytes - while ((sz = os::get_line_chars(fd, buf, sizeof(buf))) > 0) { - if (sz > kwlen && ::memcmp(buf+sz-kwlen, kw, kwlen) == 0) { - // Extract addresses - if (sscanf(buf, "%" SCNxPTR "-%" SCNxPTR, bottom, top) == 2) { - uintptr_t sp = (uintptr_t) __builtin_frame_address(0); - if (sp >= *bottom && sp <= *top) { - ::close(fd); - return true; - } - } - } - } - - ::close(fd); - return false; -} - - // If the (growable) stack mapping already extends beyond the point // where we're going to put our guard pages, truncate the mapping at // that point by munmap()ping it. This ensures that when we later // munmap() the guard pages we don't leave a hole in the stack -// mapping. This only affects the main/initial thread, but guard -// against future OS changes +// mapping. This only affects the main/initial thread + bool os::create_stack_guard_pages(char* addr, size_t size) { - uintptr_t stack_extent, stack_base; - bool chk_bounds = NOT_DEBUG(os::Linux::is_initial_thread()) DEBUG_ONLY(true); - if (chk_bounds && get_stack_bounds(&stack_extent, &stack_base)) { - assert(os::Linux::is_initial_thread(), - "growable stack in non-initial thread"); - if (stack_extent < (uintptr_t)addr) - ::munmap((void*)stack_extent, (uintptr_t)addr - stack_extent); - } - - return os::commit_memory(addr, size); + + if (os::Linux::is_initial_thread()) { + // As we manually grow stack up to bottom inside create_attached_thread(), + // it's likely that os::Linux::initial_thread_stack_bottom is mapped and + // we don't need to do anything special. + // Check it first, before calling heavy function. + uintptr_t stack_extent = (uintptr_t) os::Linux::initial_thread_stack_bottom(); + unsigned char vec[1]; + + if (mincore((address)stack_extent, os::vm_page_size(), vec) == -1) { + // Fallback to slow path on all errors, including EAGAIN + stack_extent = (uintptr_t) get_stack_commited_bottom( + os::Linux::initial_thread_stack_bottom(), + (size_t)addr - stack_extent); + } + + if (stack_extent < (uintptr_t)addr) { + ::munmap((void*)stack_extent, (uintptr_t)(addr - stack_extent)); + } + } + + return os::commit_memory(addr, size, !ExecMem); } // If this is a growable mapping, remove the guard pages entirely by // munmap()ping them. If not, just call uncommit_memory(). This only // affects the main/initial thread, but guard against future OS changes +// It's safe to always unmap guard pages for initial thread because we +// always place it right after end of the mapped region + bool os::remove_stack_guard_pages(char* addr, size_t size) { uintptr_t stack_extent, stack_base; - bool chk_bounds = NOT_DEBUG(os::Linux::is_initial_thread()) DEBUG_ONLY(true); - if (chk_bounds && get_stack_bounds(&stack_extent, &stack_base)) { - assert(os::Linux::is_initial_thread(), - "growable stack in non-initial thread"); - + + if (os::Linux::is_initial_thread()) { return ::munmap(addr, size) == 0; } @@ -2941,7 +3076,7 @@ MAP_ANONYMOUS|MAP_PRIVATE|MAP_HUGETLB, -1, 0); - if (p != (void *) -1) { + if (p != MAP_FAILED) { // We don't know if this really is a huge page or not. FILE *fp = fopen("/proc/self/maps", "r"); if (fp) { @@ -4218,7 +4353,7 @@ if (!UseMembar) { address mem_serialize_page = (address) ::mmap(NULL, Linux::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); - guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page"); + guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page"); os::set_memory_serialize_page( mem_serialize_page ); #ifndef PRODUCT diff -r 3442eb7ef2d2 -r 383082077d46 src/os/linux/vm/os_linux.hpp From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:39:34 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:34 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #10 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3b188862d691 author: andrew date: Wed Feb 19 21:08:04 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:39:39 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:39 +0000 Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653 --- Comment #11 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=fba9303068df author: andrew date: Thu Jan 23 22:41:21 2014 +0000 PR1653: Support ppc64le via Zero -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 19:39:54 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:39:54 +0000 Subject: /hg/release/icedtea7-forest-2.3/jdk: 24 new changesets Message-ID: changeset 6612728b5191 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=6612728b5191 author: kshefov date: Fri Jun 21 17:53:00 2013 +0400 8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions Reviewed-by: coffeys, alanb changeset 02cc213008c4 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=02cc213008c4 author: coffeys date: Thu Nov 21 13:39:01 2013 +0000 8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option Reviewed-by: sundar changeset 5d89c18a26b8 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=5d89c18a26b8 author: mcherkas date: Thu Oct 03 17:32:01 2013 +0400 8023310: Thread contention in the method Beans.IsDesignTime() Reviewed-by: alexp, malenkov changeset 694eb83ef613 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=694eb83ef613 author: jchen date: Wed Oct 16 15:16:21 2013 -0700 8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test Reviewed-by: prr, vadim, serb changeset 3125559a0cde in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=3125559a0cde author: weijun date: Wed Mar 05 15:44:02 2014 +0000 8024302: Clarify jar verifications 8023338: Update jarsigner to encourage timestamping Reviewed-by: mullan, ahgross changeset 0a7ecd74f1b8 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=0a7ecd74f1b8 author: weijun date: Wed Oct 09 18:58:16 2013 +0800 8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris Reviewed-by: chegar Contributed-by: Artem Smotrakov changeset 481aef7d12c4 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=481aef7d12c4 author: weijun date: Sat Oct 12 10:22:43 2013 +0800 8026304: jarsigner output bad grammar Reviewed-by: chegar, coffeys Contributed-by: Artem Smotrakov changeset 09c86e9065c7 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=09c86e9065c7 author: aefimov date: Thu Oct 24 17:14:18 2013 +0400 8025255: (tz) Support tzdata2013g 8026772: test/sun/util/resources/TimeZone/Bug6317929.java failing Reviewed-by: okutsu, mfang changeset 15090e20b767 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=15090e20b767 author: andrew date: Wed Feb 19 21:08:02 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels changeset ef183875fcc6 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ef183875fcc6 author: xuelei date: Thu Oct 24 10:07:51 2013 -0700 8027204: Revise the update of 8026204 and 8025758 Summary: Rivise the update to use system class loader with null TCCL. Also reviewed by Alexander Fomin Reviewed-by: weijun, mchung, ahgross changeset 579913f11d3d in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=579913f11d3d author: aefimov date: Fri Nov 15 13:31:41 2013 +0400 8027370: Support tzdata2013h Reviewed-by: sherman, coffeys changeset 1724fd827e84 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=1724fd827e84 author: zhangshj date: Fri Sep 09 17:44:11 2011 +0400 7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f Reviewed-by: rupashka changeset be864a4084aa in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=be864a4084aa author: littlee date: Fri Jul 20 10:59:26 2012 +0100 7032018: The file list in JFileChooser does not have an accessible name Reviewed-by: rupashka, coffeys changeset 8d49fb9cf06f in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8d49fb9cf06f author: zhangshj date: Thu Sep 20 12:06:50 2012 +0100 7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics Reviewed-by: alexp, coffeys changeset ccce271ada82 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ccce271ada82 author: mfang date: Wed Feb 27 19:47:13 2013 -0800 8008764: 7uX l10n resource file translation update Reviewed-by: naoto changeset f2d9cd7125ee in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=f2d9cd7125ee author: rgallard date: Fri Nov 08 13:50:04 2013 -0800 8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications Reviewed-by: weijun changeset e188d774fbc9 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e188d774fbc9 author: andrew date: Fri Mar 21 17:48:59 2014 +0000 Turn ARM32 JIT on by default changeset 624af7638fc2 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=624af7638fc2 author: msheppar date: Sun Nov 24 13:08:16 2013 +0000 8028215: ORB.init fails with SecurityException if properties select the JDK default ORB Summary: check for default ORBImpl and ORBSingleton set via properties or System properties Reviewed-by: alanb, coffeys, mchung changeset 41d13007af23 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=41d13007af23 author: michaelm date: Fri Mar 21 18:39:16 2014 +0000 8028293: Check local configuration for actual ephemeral port range Reviewed-by: alanb, chegar, smarks changeset e8880637efd1 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e8880637efd1 author: michaelm date: Wed Nov 20 15:28:54 2013 +0000 8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win) Reviewed-by: alanb, chegar changeset 39d92df0fe75 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=39d92df0fe75 author: michaelm date: Fri Nov 22 01:15:32 2013 +0000 8028823: java/net/Makefile tabs converted to spaces Reviewed-by: mduigou changeset 610f6895ab64 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=610f6895ab64 author: andrew date: Thu Jan 23 22:41:14 2014 +0000 PR1653: Support ppc64le via Zero changeset 8fcf23c12a55 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8fcf23c12a55 author: andrew date: Thu Jan 23 23:19:20 2014 +0000 PR1654: ppc32 needs a larger ThreadStackSize to build changeset 2906d76a7086 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=2906d76a7086 author: andrew date: Tue Jan 28 18:02:26 2014 +0000 RH910107: fail to load PC/SC library Contributed-by: sgehwolf at redhat.com diffstat: make/com/sun/jmx/Makefile | 10 +- make/common/shared/Defs-java.gmk | 6 +- make/common/shared/Platform.gmk | 6 +- make/java/net/FILES_c.gmk | 29 +- make/java/net/Makefile | 3 +- make/java/net/mapfile-vers | 156 +- make/jdk_generic_profile.sh | 11 +- make/sun/javazic/tzdata/VERSION | 2 +- make/sun/javazic/tzdata/africa | 108 +- make/sun/javazic/tzdata/antarctica | 35 +- make/sun/javazic/tzdata/asia | 99 +- make/sun/javazic/tzdata/australasia | 39 +- make/sun/javazic/tzdata/backward | 20 +- make/sun/javazic/tzdata/etcetera | 12 +- make/sun/javazic/tzdata/europe | 134 +- make/sun/javazic/tzdata/factory | 8 +- make/sun/javazic/tzdata/iso3166.tab | 18 +- make/sun/javazic/tzdata/leapseconds | 78 +- make/sun/javazic/tzdata/northamerica | 150 +- make/sun/javazic/tzdata/pacificnew | 8 +- make/sun/javazic/tzdata/solar87 | 8 +- make/sun/javazic/tzdata/solar88 | 8 +- make/sun/javazic/tzdata/solar89 | 8 +- make/sun/javazic/tzdata/southamerica | 80 +- make/sun/javazic/tzdata/systemv | 8 +- make/sun/javazic/tzdata/zone.tab | 43 +- make/sun/net/FILES_java.gmk | 1 + src/bsd/doc/man/jarsigner.1 | 2468 +++------ src/linux/doc/man/jarsigner.1 | 2470 +++------ src/share/classes/com/sun/java/swing/plaf/motif/MotifFileChooserUI.java | 16 +- src/share/classes/com/sun/java/swing/plaf/motif/MotifLookAndFeel.java | 5 - src/share/classes/com/sun/java/swing/plaf/motif/resources/motif.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_de.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_es.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_fr.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_it.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ja.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ko.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_pt_BR.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_sv.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_CN.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_TW.properties | 10 +- src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java | 12 +- src/share/classes/com/sun/java/swing/plaf/windows/WindowsLookAndFeel.java | 3 - src/share/classes/com/sun/java/swing/plaf/windows/resources/windows.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_de.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_es.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_fr.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_it.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ja.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ko.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_pt_BR.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties | 8 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_CN.properties | 14 +- src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_TW.properties | 8 +- src/share/classes/com/sun/naming/internal/FactoryEnumeration.java | 1 - src/share/classes/com/sun/naming/internal/VersionHelper12.java | 63 +- src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic.properties | 373 +- src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_de.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_es.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_fr.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_it.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_ja.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_ko.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_pt_BR.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_sv.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_zh_CN.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_zh_TW.properties | 3 + src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_de.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_es.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_fr.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_it.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ja.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ko.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_pt_BR.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_sv.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_CN.properties | 14 +- src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_TW.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_de.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_es.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_fr.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_it.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ja.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ko.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_pt_BR.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_sv.properties | 8 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_CN.properties | 14 +- src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_TW.properties | 8 +- src/share/classes/com/sun/tools/example/debug/tty/TTYResources_ja.java | 2 +- src/share/classes/com/sun/tools/example/debug/tty/TTYResources_zh_CN.java | 2 +- src/share/classes/java/beans/ThreadGroupContext.java | 18 +- src/share/classes/java/beans/WeakIdentityMap.java | 139 +- src/share/classes/java/net/SocketPermission.java | 13 +- src/share/classes/javax/security/auth/login/LoginContext.java | 62 +- src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java | 12 +- src/share/classes/javax/swing/plaf/metal/MetalLookAndFeel.java | 3 - src/share/classes/sun/applet/resources/MsgAppletViewer_de.java | 6 +- src/share/classes/sun/launcher/resources/launcher_de.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_es.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_fr.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_it.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_ja.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_ko.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_pt_BR.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_sv.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_zh_CN.properties | 15 +- src/share/classes/sun/launcher/resources/launcher_zh_TW.properties | 15 +- src/share/classes/sun/management/resources/agent_de.properties | 6 +- src/share/classes/sun/rmi/registry/RegistryImpl.java | 5 +- src/share/classes/sun/security/tools/JarSignerResources.java | 4 +- src/share/classes/sun/security/tools/JarSignerResources_ja.java | 2 +- src/share/classes/sun/swing/FilePane.java | 12 + src/share/classes/sun/tools/jar/resources/jar_de.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_es.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_fr.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_it.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_ja.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_ko.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_pt_BR.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_sv.properties | 4 +- src/share/classes/sun/tools/jar/resources/jar_zh_CN.properties | 6 +- src/share/classes/sun/tools/jar/resources/jar_zh_TW.properties | 4 +- src/share/classes/sun/util/logging/resources/logging_sv.properties | 2 +- src/share/classes/sun/util/resources/TimeZoneNames.java | 28 +- src/share/classes/sun/util/resources/TimeZoneNames_de.java | 74 +- src/share/classes/sun/util/resources/TimeZoneNames_es.java | 54 +- src/share/classes/sun/util/resources/TimeZoneNames_fr.java | 66 +- src/share/classes/sun/util/resources/TimeZoneNames_it.java | 70 +- src/share/classes/sun/util/resources/TimeZoneNames_ja.java | 84 +- src/share/classes/sun/util/resources/TimeZoneNames_ko.java | 84 +- src/share/classes/sun/util/resources/TimeZoneNames_pt_BR.java | 84 +- src/share/classes/sun/util/resources/TimeZoneNames_sv.java | 82 +- src/share/classes/sun/util/resources/TimeZoneNames_zh_CN.java | 84 +- src/share/classes/sun/util/resources/TimeZoneNames_zh_TW.java | 84 +- src/share/demo/jfc/Notepad/resources/Notepad_ja.properties | 2 +- src/share/lib/security/java.security | 16 - src/share/lib/security/java.security-macosx | 19 - src/share/lib/security/java.security-solaris | 18 - src/share/lib/security/java.security-windows | 17 - src/share/native/sun/java2d/opengl/OGLBlitLoops.c | 7 +- src/solaris/classes/sun/security/smartcardio/PlatformPCSC.java | 4 +- src/solaris/doc/sun/man/man1/jarsigner.1 | 2470 +++------ src/solaris/native/java/net/net_util_md.c | 9 +- src/solaris/native/java/net/net_util_md.h | 3 + src/windows/classes/sun/nio/ch/WindowsAsynchronousSocketChannelImpl.java | 23 +- test/ProblemList.txt | 3 + test/com/sun/corba/se/impl/orb/SetDefaultORBTest.java | 61 + test/java/awt/DataFlavor/MissedHtmlAndRtfBug/MissedHtmlAndRtfBug.html | 8 +- test/java/awt/DataFlavor/MissedHtmlAndRtfBug/MissedHtmlAndRtfBug.java | 15 +- test/java/awt/event/KeyEvent/KeyReleasedInAppletTest/KeyReleasedInAppletTest.java | 11 +- test/java/rmi/activation/rmidViaInheritedChannel/RmidViaInheritedChannel.java | 11 + test/java/rmi/registry/readTest/readTest.sh | 24 +- test/java/rmi/testlibrary/TestLibrary.java | 14 +- test/javax/script/GetInterfaceTest.java | 4 +- test/sun/security/tools/jarsigner/TimestampCheck.java | 22 +- test/sun/security/tools/jarsigner/concise_jarsigner.sh | 4 - test/sun/security/tools/jarsigner/ts.sh | 4 +- test/sun/security/tools/jarsigner/warnings.sh | 119 + test/sun/util/resources/TimeZone/Bug6317929.java | 44 +- 161 files changed, 4826 insertions(+), 6301 deletions(-) diffs (truncated from 16107 to 500 lines): diff -r bad5e0686160 -r 2906d76a7086 make/com/sun/jmx/Makefile --- a/make/com/sun/jmx/Makefile Tue Jan 14 20:24:45 2014 -0500 +++ b/make/com/sun/jmx/Makefile Tue Jan 28 18:02:26 2014 +0000 @@ -114,13 +114,19 @@ endif ifeq ($(CROSS_COMPILE_ARCH),) -RMIC = $(RMIC_JAVA) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main +RMIC_VM = $(RMIC_JAVA) else -RMIC = $(BOOT_JAVA_CMD) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main +RMIC_VM = $(BOOT_JAVA_CMD) endif +RMIC = $(RMIC_VM) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class $(prep-target) + if [ -x $(PAX_COMMAND) ] ; then \ + if [ -w $(RMIC_VM) ] ; then \ + $(PAX_COMMAND) $(PAX_COMMAND_ARGS) $(RMIC_VM) ; \ + fi ; \ + fi $(RMIC) -classpath "$(CLASSDESTDIR)" \ -d $(CLASSDESTDIR) \ -v1.2 \ diff -r bad5e0686160 -r 2906d76a7086 make/common/shared/Defs-java.gmk --- a/make/common/shared/Defs-java.gmk Tue Jan 14 20:24:45 2014 -0500 +++ b/make/common/shared/Defs-java.gmk Tue Jan 28 18:02:26 2014 +0000 @@ -88,7 +88,11 @@ # 64-bit builds require a larger thread stack size. ifeq ($(ARCH_DATA_MODEL), 32) - JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=768 + ifeq ($(ARCH), ppc) + JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=1152 + else + JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=768 + endif else JAVAC_JVM_FLAGS += -J-XX:ThreadStackSize=1664 endif diff -r bad5e0686160 -r 2906d76a7086 make/common/shared/Platform.gmk --- a/make/common/shared/Platform.gmk Tue Jan 14 20:24:45 2014 -0500 +++ b/make/common/shared/Platform.gmk Tue Jan 28 18:02:26 2014 +0000 @@ -161,7 +161,7 @@ mach := $(shell uname -m) endif ifneq (,$(wildcard /usr/bin/dpkg-architecture)) - mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/') + mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/;s/ppc64el/ppc64le/') endif archExpr = case "$(mach)" in \ i[3-9]86) \ @@ -205,10 +205,10 @@ # Most archs are 32-bit ifndef ARCH_DATA_MODEL ARCH_DATA_MODEL=32 - ifeq ($(ARCH), amd64) + ifneq (,$(findstring 64,$(ARCH))) ARCH_DATA_MODEL=64 endif - ifeq ($(ARCH), ia64) + ifeq ($(ARCH), s390x) ARCH_DATA_MODEL=64 endif ifeq ($(ARCH), sh) diff -r bad5e0686160 -r 2906d76a7086 make/java/net/FILES_c.gmk --- a/make/java/net/FILES_c.gmk Tue Jan 14 20:24:45 2014 -0500 +++ b/make/java/net/FILES_c.gmk Tue Jan 28 18:02:26 2014 +0000 @@ -24,20 +24,21 @@ # FILES_c = \ - DatagramPacket.c \ - InetAddress.c \ - Inet4Address.c \ - Inet6Address.c \ - NetworkInterface.c \ - InetAddressImplFactory.c \ - Inet4AddressImpl.c \ - Inet6AddressImpl.c \ - SocketInputStream.c \ - SocketOutputStream.c \ - net_util.c \ - net_util_md.c \ - ResolverConfigurationImpl.c \ - DefaultProxySelector.c + DatagramPacket.c \ + InetAddress.c \ + Inet4Address.c \ + Inet6Address.c \ + NetworkInterface.c \ + InetAddressImplFactory.c \ + Inet4AddressImpl.c \ + Inet6AddressImpl.c \ + SocketInputStream.c \ + SocketOutputStream.c \ + net_util.c \ + net_util_md.c \ + portconfig.c \ + ResolverConfigurationImpl.c \ + DefaultProxySelector.c ifeq ($(PLATFORM), linux) FILES_c += linux_close.c diff -r bad5e0686160 -r 2906d76a7086 make/java/net/Makefile --- a/make/java/net/Makefile Tue Jan 14 20:24:45 2014 -0500 +++ b/make/java/net/Makefile Tue Jan 28 18:02:26 2014 +0000 @@ -83,7 +83,8 @@ # Find platform specific native code # vpath %.c $(PLATFORM_SRC)/native/sun/net/dns $(PLATFORM_SRC)/native/sun/net/www/protocol/http/ntlm \ - $(PLATFORM_SRC)/native/sun/net/sdp $(PLATFORM_SRC)/native/sun/net/spi + $(PLATFORM_SRC)/native/sun/net/sdp $(PLATFORM_SRC)/native/sun/net/spi \ + $(PLATFORM_SRC)/native/sun/net ifndef USE_SYSTEM_GCONF vpath %.c $(PLATFORM_SRC)/native/common/deps/gconf2 diff -r bad5e0686160 -r 2906d76a7086 make/java/net/mapfile-vers --- a/make/java/net/mapfile-vers Tue Jan 14 20:24:45 2014 -0500 +++ b/make/java/net/mapfile-vers Tue Jan 28 18:02:26 2014 +0000 @@ -26,84 +26,86 @@ # Define public interface. SUNWprivate_1.1 { - global: - JNI_OnLoad; - Java_java_net_PlainSocketImpl_socketListen; - Java_java_net_PlainDatagramSocketImpl_getTTL; - Java_java_net_PlainDatagramSocketImpl_init; - Java_java_net_SocketOutputStream_socketWrite0; - Java_java_net_PlainSocketImpl_socketCreate; - Java_java_net_PlainSocketImpl_socketAvailable; - Java_java_net_PlainDatagramSocketImpl_join; - Java_java_net_PlainDatagramSocketImpl_socketGetOption; - Java_java_net_InetAddress_init; - Java_java_net_Inet4Address_init; - Java_java_net_Inet6Address_init; - Java_java_net_PlainDatagramSocketImpl_setTTL; - Java_java_net_PlainDatagramSocketImpl_socketSetOption; - Java_java_net_PlainDatagramSocketImpl_bind0; - Java_java_net_PlainSocketImpl_socketAccept; - Java_java_net_DatagramPacket_init; - Java_java_net_PlainDatagramSocketImpl_leave; - Java_java_net_SocketInputStream_socketRead0; - Java_java_net_InetAddressImplFactory_isIPv6Supported; - Java_java_net_Inet4AddressImpl_getLocalHostName; - Java_java_net_Inet4AddressImpl_lookupAllHostAddr; - Java_java_net_Inet4AddressImpl_getHostByAddr; - Java_java_net_Inet4AddressImpl_isReachable0; - Java_java_net_Inet6AddressImpl_getLocalHostName; - Java_java_net_Inet6AddressImpl_lookupAllHostAddr; - Java_java_net_Inet6AddressImpl_getHostByAddr; - Java_java_net_Inet6AddressImpl_isReachable0; - Java_java_net_NetworkInterface_init; - Java_java_net_NetworkInterface_getByName0; - Java_java_net_NetworkInterface_getByIndex0; - Java_java_net_NetworkInterface_getByInetAddress0; - Java_java_net_NetworkInterface_getAll; - Java_java_net_NetworkInterface_isUp0; - Java_java_net_NetworkInterface_isLoopback0; - Java_java_net_NetworkInterface_isP2P0; - Java_java_net_NetworkInterface_supportsMulticast0; - Java_java_net_NetworkInterface_getMacAddr0; - Java_java_net_NetworkInterface_getMTU0; - Java_java_net_PlainDatagramSocketImpl_send; - Java_java_net_PlainSocketImpl_socketClose0; - Java_java_net_SocketOutputStream_init; - Java_java_net_PlainDatagramSocketImpl_peek; - Java_java_net_PlainDatagramSocketImpl_peekData; - Java_java_net_PlainSocketImpl_socketSetOption; - Java_java_net_PlainSocketImpl_socketSendUrgentData; - Java_java_net_PlainDatagramSocketImpl_datagramSocketCreate; - Java_java_net_PlainSocketImpl_socketGetOption; - Java_java_net_PlainDatagramSocketImpl_receive0; - Java_java_net_PlainDatagramSocketImpl_connect0; - Java_java_net_PlainDatagramSocketImpl_disconnect0; - Java_java_net_PlainDatagramSocketImpl_datagramSocketClose; - Java_java_net_PlainSocketImpl_initProto; - Java_java_net_PlainSocketImpl_socketBind; - Java_java_net_PlainSocketImpl_socketShutdown; - Java_java_net_SocketInputStream_init; - Java_java_net_PlainSocketImpl_socketConnect; - Java_java_net_PlainDatagramSocketImpl_getTimeToLive; - Java_java_net_PlainDatagramSocketImpl_setTimeToLive; - Java_sun_net_dns_ResolverConfigurationImpl_localDomain0; - Java_sun_net_dns_ResolverConfigurationImpl_fallbackDomain0; - Java_sun_net_sdp_SdpSupport_convert0; - Java_sun_net_sdp_SdpSupport_create0; - Java_sun_net_spi_DefaultProxySelector_init; - Java_sun_net_spi_DefaultProxySelector_getSystemProxy; - NET_AllocSockaddr; - NET_SockaddrToInetAddress; + global: + JNI_OnLoad; + Java_java_net_PlainSocketImpl_socketListen; + Java_java_net_PlainDatagramSocketImpl_getTTL; + Java_java_net_PlainDatagramSocketImpl_init; + Java_java_net_SocketOutputStream_socketWrite0; + Java_java_net_PlainSocketImpl_socketCreate; + Java_java_net_PlainSocketImpl_socketAvailable; + Java_java_net_PlainDatagramSocketImpl_join; + Java_java_net_PlainDatagramSocketImpl_socketGetOption; + Java_java_net_InetAddress_init; + Java_java_net_Inet4Address_init; + Java_java_net_Inet6Address_init; + Java_java_net_PlainDatagramSocketImpl_setTTL; + Java_java_net_PlainDatagramSocketImpl_socketSetOption; + Java_java_net_PlainDatagramSocketImpl_bind0; + Java_java_net_PlainSocketImpl_socketAccept; + Java_java_net_DatagramPacket_init; + Java_java_net_PlainDatagramSocketImpl_leave; + Java_java_net_SocketInputStream_socketRead0; + Java_java_net_InetAddressImplFactory_isIPv6Supported; + Java_java_net_Inet4AddressImpl_getLocalHostName; + Java_java_net_Inet4AddressImpl_lookupAllHostAddr; + Java_java_net_Inet4AddressImpl_getHostByAddr; + Java_java_net_Inet4AddressImpl_isReachable0; + Java_java_net_Inet6AddressImpl_getLocalHostName; + Java_java_net_Inet6AddressImpl_lookupAllHostAddr; + Java_java_net_Inet6AddressImpl_getHostByAddr; + Java_java_net_Inet6AddressImpl_isReachable0; + Java_java_net_NetworkInterface_init; + Java_java_net_NetworkInterface_getByName0; + Java_java_net_NetworkInterface_getByIndex0; + Java_java_net_NetworkInterface_getByInetAddress0; + Java_java_net_NetworkInterface_getAll; + Java_java_net_NetworkInterface_isUp0; + Java_java_net_NetworkInterface_isLoopback0; + Java_java_net_NetworkInterface_isP2P0; + Java_java_net_NetworkInterface_supportsMulticast0; + Java_java_net_NetworkInterface_getMacAddr0; + Java_java_net_NetworkInterface_getMTU0; + Java_java_net_PlainDatagramSocketImpl_send; + Java_java_net_PlainSocketImpl_socketClose0; + Java_java_net_SocketOutputStream_init; + Java_java_net_PlainDatagramSocketImpl_peek; + Java_java_net_PlainDatagramSocketImpl_peekData; + Java_java_net_PlainSocketImpl_socketSetOption; + Java_java_net_PlainSocketImpl_socketSendUrgentData; + Java_java_net_PlainDatagramSocketImpl_datagramSocketCreate; + Java_java_net_PlainSocketImpl_socketGetOption; + Java_java_net_PlainDatagramSocketImpl_receive0; + Java_java_net_PlainDatagramSocketImpl_connect0; + Java_java_net_PlainDatagramSocketImpl_disconnect0; + Java_java_net_PlainDatagramSocketImpl_datagramSocketClose; + Java_java_net_PlainSocketImpl_initProto; + Java_java_net_PlainSocketImpl_socketBind; + Java_java_net_PlainSocketImpl_socketShutdown; + Java_java_net_SocketInputStream_init; + Java_java_net_PlainSocketImpl_socketConnect; + Java_java_net_PlainDatagramSocketImpl_getTimeToLive; + Java_java_net_PlainDatagramSocketImpl_setTimeToLive; + Java_sun_net_PortConfig_getLower0; + Java_sun_net_PortConfig_getUpper0; + Java_sun_net_dns_ResolverConfigurationImpl_localDomain0; + Java_sun_net_dns_ResolverConfigurationImpl_fallbackDomain0; + Java_sun_net_sdp_SdpSupport_convert0; + Java_sun_net_sdp_SdpSupport_create0; + Java_sun_net_spi_DefaultProxySelector_init; + Java_sun_net_spi_DefaultProxySelector_getSystemProxy; + NET_AllocSockaddr; + NET_SockaddrToInetAddress; NET_SockaddrEqualsInetAddress; - NET_InetAddressToSockaddr; - NET_GetPortFromSockaddr; - NET_SetSockOpt; - NET_GetSockOpt; - NET_Bind; - NET_MapSocketOption; - NET_Wait; + NET_InetAddressToSockaddr; + NET_GetPortFromSockaddr; + NET_SetSockOpt; + NET_GetSockOpt; + NET_Bind; + NET_MapSocketOption; + NET_Wait; ipv6_available; - local: - *; + local: + *; }; diff -r bad5e0686160 -r 2906d76a7086 make/jdk_generic_profile.sh --- a/make/jdk_generic_profile.sh Tue Jan 14 20:24:45 2014 -0500 +++ b/make/jdk_generic_profile.sh Tue Jan 28 18:02:26 2014 +0000 @@ -260,6 +260,7 @@ sparc64) ZERO_LIBARCH=sparcv9 ;; arm*) ZERO_LIBARCH=arm ;; sh*) ZERO_LIBARCH=sh ;; + ppc64le) ZERO_LIBARCH=ppc64le ;; *) ZERO_LIBARCH="$(arch)" esac export ZERO_LIBARCH @@ -269,7 +270,7 @@ arm|i386|ppc|s390|sh|sparc) ARCH_DATA_MODEL=32 ;; - aarch64|alpha|amd64|ia64|ppc64|s390x|sparcv9) + aarch64|alpha|amd64|ia64|ppc64*|s390x|sparcv9) ARCH_DATA_MODEL=64 ;; *) @@ -280,7 +281,7 @@ # ZERO_ENDIANNESS is the endianness of the processor case "${ZERO_LIBARCH}" in - arm|aarch64|amd64|i386|ia64|mipsel) + arm|aarch64|amd64|i386|ia64|mipsel|ppc64le) ZERO_ENDIANNESS=little ;; ppc*|s390*|sparc*|alpha) @@ -307,7 +308,7 @@ s390) ZERO_ARCHFLAG="-m31" ;; - arm|aarch64) + arm|aarch64|ppc64le) ZERO_ARCHFLAG="-D_LITTLE_ENDIAN" ;; *) @@ -469,3 +470,7 @@ export USE_SYSTEM_PNG=true export USE_SYSTEM_GIF=true export SYSTEM_KRB5=true + +# IcedTea default; turn on the ARM32 JIT +export ARM32JIT=true + diff -r bad5e0686160 -r 2906d76a7086 make/sun/javazic/tzdata/VERSION --- a/make/sun/javazic/tzdata/VERSION Tue Jan 14 20:24:45 2014 -0500 +++ b/make/sun/javazic/tzdata/VERSION Tue Jan 28 18:02:26 2014 +0000 @@ -21,4 +21,4 @@ # or visit www.oracle.com if you need additional information or have any # questions. # -tzdata2013d +tzdata2013h diff -r bad5e0686160 -r 2906d76a7086 make/sun/javazic/tzdata/africa --- a/make/sun/javazic/tzdata/africa Tue Jan 14 20:24:45 2014 -0500 +++ b/make/sun/javazic/tzdata/africa Tue Jan 28 18:02:26 2014 +0000 @@ -1,22 +1,22 @@ # # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -# +# # This code is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License version 2 only, as # published by the Free Software Foundation. Oracle designates this # particular file as subject to the "Classpath" exception as provided # by Oracle in the LICENSE file that accompanied this code. -# +# # This code is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # version 2 for more details (a copy is included in the LICENSE file that # accompanied this code). -# +# # You should have received a copy of the GNU General Public License version # 2 along with this work; if not, write to the Free Software Foundation, # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# +# # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA # or visit www.oracle.com if you need additional information or have any # questions. @@ -474,6 +474,14 @@ # (either two days before them or five days after them, so as to fall on # lastFri instead of lastSun). +# From Even Scharning (2013-10-25): +# The scheduled end of DST in Libya on Friday, October 25, 2013 was +# cancelled yesterday.... +# http://www.libyaherald.com/2013/10/24/correction-no-time-change-tomorrow/ +# +# From Paul Eggert (2013-10-25): +# For now, assume they're reverting to the pre-2012 rules of permanent UTC+2. + # Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S Rule Libya 1951 only - Oct 14 2:00 1:00 S Rule Libya 1952 only - Jan 1 0:00 0 - @@ -490,19 +498,21 @@ Rule Libya 1987 1989 - Oct 1 0:00 0 - Rule Libya 1997 only - Apr 4 0:00 1:00 S Rule Libya 1997 only - Oct 4 0:00 0 - -Rule Libya 2013 max - Mar lastFri 1:00 1:00 S -Rule Libya 2013 max - Oct lastFri 2:00 0 - +Rule Libya 2013 only - Mar lastFri 1:00 1:00 S +Rule Libya 2013 only - Oct lastFri 2:00 0 - + +# The 1996 and 1997 entries are from Shanks & Pottenger; +# the IATA SSIM data contain some obvious errors. # Zone NAME GMTOFF RULES FORMAT [UNTIL] Zone Africa/Tripoli 0:52:44 - LMT 1920 1:00 Libya CE%sT 1959 2:00 - EET 1982 1:00 Libya CE%sT 1990 May 4 -# The 1996 and 1997 entries are from Shanks & Pottenger; -# the IATA SSIM data contain some obvious errors. 2:00 - EET 1996 Sep 30 1:00 Libya CE%sT 1997 Oct 4 2:00 - EET 2012 Nov 10 2:00 - 1:00 Libya CE%sT + 1:00 Libya CE%sT 2013 Oct 25 2:00 + 2:00 - EET # Madagascar # Zone NAME GMTOFF RULES FORMAT [UNTIL] @@ -707,15 +717,6 @@ # http://www.google.com/search?hl=en&q=Conseil+de+gouvernement+maroc+heure+avance&btnG=Search # -# From Alex Krivenyshev (2008-05-09): -# Is Western Sahara (part which administrated by Morocco) going to follow -# Morocco DST changes? Any information? What about other part of -# Western Sahara - under administration of POLISARIO Front (also named -# SADR Saharawi Arab Democratic Republic)? - -# From Arthur David Olson (2008-05-09): -# XXX--guess that it is only Morocco for now; guess only 2008 for now. - # From Steffen Thorsen (2008-08-27): # Morocco will change the clocks back on the midnight between August 31 # and September 1. They originally planned to observe DST to near the end @@ -881,13 +882,23 @@ # transitions would be 2013-07-07 and 2013-08-10; see: # http://www.maroc.ma/en/news/morocco-suspends-daylight-saving-time-july-7-aug10 -# From Paul Eggert (2013-07-03): +# From Steffen Thorsen (2013-09-28): +# Morocco extends DST by one month, on very short notice, just 1 day +# before it was going to end. There is a new decree (2.13.781) for +# this, where DST from now on goes from last Sunday of March at 02:00 +# to last Sunday of October at 03:00, similar to EU rules. Official +# source (French): +# http://www.maroc.gov.ma/fr/actualites/lhoraire-dete-gmt1-maintenu-jusquau-27-octobre-2013 +# Another source (specifying the time for start and end in the decree): +# http://www.lemag.ma/Heure-d-ete-au-Maroc-jusqu-au-27-octobre_a75620.html + +# From Paul Eggert (2013-10-03): # To estimate what the Moroccan government will do in future years, -# transition dates for 2014 through 2021 were determined by running +# transition dates for 2014 through 2038 were determined by running # the following program under GNU Emacs 24.3: # # (let ((islamic-year 1435)) -# (while (< islamic-year 1444) +# (while (< islamic-year 1461) # (let ((a # (calendar-gregorian-from-absolute # (calendar-islamic-to-absolute (list 9 1 islamic-year)))) @@ -902,13 +913,18 @@ # (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b))))) # (setq islamic-year (+ 1 islamic-year)))) # -# with the results hand-edited for 2020-2022, when the normal spring-forward -# date falls during the estimated Ramadan. -# -# From 2023 through 2038 Ramadan is not predicted to overlap with -# daylight saving time. Starting in 2039 there will be overlap again, -# but 32-bit time_t values roll around in 2038 so for now do not worry -# about dates after 2038. +# with spring-forward transitions removed for 2023-2025, when the +# normal spring-forward date falls during the estimated Ramadan; with +# all transitions removed for 2026-2035, where the estimated Ramadan +# falls entirely outside daylight-saving time; and with fall-back +# transitions removed for 2036-2037, where the normal fall-back +# date falls during the estimated Ramadan. Normally, the table would +# stop after 2037 because 32-bit time_t values roll around early in 2038, +# but that would imply a prediction of perpetual DST after March 2038 +# due to the year-2037 glitches. So, this table instead stops after +# 2038, the first non-glitchy year after the 32-bit rollover. +# An advantage of stopping after 2038 is that it lets zic guess +# TZ='WET0WEST,M3.5.0,M10.5.0/3' for time stamps far in the future. # RULE NAME FROM TO TYPE IN ON AT SAVE LETTER/S @@ -935,12 +951,14 @@ Rule Morocco 2010 only - Aug 8 0:00 0 - Rule Morocco 2011 only - Apr 3 0:00 1:00 S Rule Morocco 2011 only - Jul 31 0 0 - -Rule Morocco 2012 2019 - Apr lastSun 2:00 1:00 S -Rule Morocco 2012 max - Sep lastSun 3:00 0 - +Rule Morocco 2012 2013 - Apr lastSun 2:00 1:00 S +Rule Morocco 2012 only - Sep 30 3:00 0 - Rule Morocco 2012 only - Jul 20 3:00 0 - Rule Morocco 2012 only - Aug 20 2:00 1:00 S Rule Morocco 2013 only - Jul 7 3:00 0 - Rule Morocco 2013 only - Aug 10 2:00 1:00 S +Rule Morocco 2013 2035 - Oct lastSun 3:00 0 - +Rule Morocco 2014 2022 - Mar lastSun 2:00 1:00 S Rule Morocco 2014 only - Jun 29 3:00 0 - Rule Morocco 2014 only - Jul 29 2:00 1:00 S Rule Morocco 2015 only - Jun 18 3:00 0 - @@ -953,20 +971,42 @@ Rule Morocco 2018 only - Jun 15 2:00 1:00 S From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:40:02 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:40:02 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #11 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=15090e20b767 author: andrew date: Wed Feb 19 21:08:02 2014 +0000 PR1679: Allow OpenJDK to build on PaX-enabled kernels -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:40:08 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:40:08 +0000 Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653 --- Comment #12 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=610f6895ab64 author: andrew date: Thu Jan 23 22:41:14 2014 +0000 PR1653: Support ppc64le via Zero -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 21 19:40:13 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 21 Mar 2014 19:40:13 +0000 Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654 --- Comment #9 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8fcf23c12a55 author: andrew date: Thu Jan 23 23:19:20 2014 +0000 PR1654: ppc32 needs a larger ThreadStackSize to build -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 21 21:18:35 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 21 Mar 2014 21:18:35 +0000 Subject: /hg/release/icedtea7-forest-2.3/hotspot: 4 new changesets Message-ID: changeset 79284ed240e2 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=79284ed240e2 author: andrew date: Thu Dec 26 19:52:09 2013 +0000 Add Shark definitions from 8003868 changeset 2fbc5b8d63b3 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=2fbc5b8d63b3 author: andrew date: Thu Dec 26 19:52:45 2013 +0000 Drop compile_method argument removed in 7083786 from sharkCompiler.cpp changeset 71fc00fc11be in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=71fc00fc11be author: simonis date: Mon Mar 17 13:40:34 2014 +0000 Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. The 'gamma' launcher only works with HotSpot based bootstrap JDKs because it uses the freshly build libjvm.so in the context and together with the class library of the boot JDK which was used to build it. This combination will not work for other JDKs. changeset 9747f83d7a38 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=9747f83d7a38 author: aph date: Fri Mar 21 20:57:28 2014 +0000 Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. Fix trace code not to dereference null pointers. Correct Helper_aputfield and helper_aastore not to use static _byte_map_base. Comment-out calls to TRACE. Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when JITting fails. diffstat: make/linux/makefiles/buildtree.make | 12 ++++++++++++ src/cpu/zero/vm/asm_helper.cpp | 12 +++--------- src/cpu/zero/vm/cppInterpreter_arm.S | 19 +++++++++++-------- src/share/vm/shark/sharkCompiler.cpp | 1 - src/share/vm/shark/shark_globals.hpp | 10 ++++++++++ 5 files changed, 36 insertions(+), 18 deletions(-) diffs (181 lines): diff -r 383082077d46 -r 9747f83d7a38 make/linux/makefiles/buildtree.make --- a/make/linux/makefiles/buildtree.make Fri Jan 31 21:14:06 2014 +0000 +++ b/make/linux/makefiles/buildtree.make Fri Mar 21 20:57:28 2014 +0000 @@ -384,6 +384,7 @@ DATA_MODE/sparcv9 = 64 DATA_MODE/amd64 = 64 DATA_MODE/ia64 = 64 +DATA_MODE/ppc64 = 64 DATA_MODE/zero = $(ARCH_DATA_MODEL) JAVA_FLAG/32 = -d32 @@ -392,6 +393,9 @@ WRONG_DATA_MODE_MSG = \ echo "JAVA_HOME must point to a $(DATA_MODE)-bit OpenJDK." +WRONG_JDK_MSG = \ + echo "JAVA_HOME must point to a HotSpot based JDK \\\(genuine Sun/Oracle or OpenJDK\\\)." + CROSS_COMPILING_MSG = \ echo "Cross compiling for ARCH $(CROSS_COMPILE_ARCH), skipping gamma run." @@ -428,6 +432,14 @@ echo " exit 0"; \ echo "fi"; \ echo ""; \ + echo "# 'gamma' only runs with HotSpot based JDKs (genuine Sun/Oracle or OpenJDK)"; \ + echo ""; \ + echo "\$${JAVA_HOME}/bin/java $(JAVA_FLAG) -version 2>&1 | grep -E 'OpenJDK|HotSpot' > /dev/null"; \ + echo "if [ \$$? -ne 0 ]; then "; \ + echo " $(WRONG_JDK_MSG)"; \ + echo " exit 0"; \ + echo "fi"; \ + echo ""; \ echo "# Use gamma_g if it exists"; \ echo ""; \ echo "GAMMA_PROG=gamma"; \ diff -r 383082077d46 -r 9747f83d7a38 src/cpu/zero/vm/asm_helper.cpp --- a/src/cpu/zero/vm/asm_helper.cpp Fri Jan 31 21:14:06 2014 +0000 +++ b/src/cpu/zero/vm/asm_helper.cpp Fri Mar 21 20:57:28 2014 +0000 @@ -360,22 +360,16 @@ goto handle_exception; } } - oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)); - // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)) = value; - *elem_loc = value; - // Mark the card - BarrierSet* bs = Universe::heap()->barrier_set(); - static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); - OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >> CardTableModRefBS::card_shift], 0); + ((objArrayOopDesc *) arrayref)->obj_at_put(index, value); } handle_exception: return istate->thread()->pending_exception(); } -extern "C" void Helper_aputfield(oop obj) +extern "C" void Helper_aputfield(oop obj, oop val, int offset) { BarrierSet* bs = Universe::heap()->barrier_set(); - static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base); + jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base); OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >> CardTableModRefBS::card_shift], 0); } diff -r 383082077d46 -r 9747f83d7a38 src/cpu/zero/vm/cppInterpreter_arm.S --- a/src/cpu/zero/vm/cppInterpreter_arm.S Fri Jan 31 21:14:06 2014 +0000 +++ b/src/cpu/zero/vm/cppInterpreter_arm.S Fri Mar 21 20:57:28 2014 +0000 @@ -526,10 +526,13 @@ mrs r4, cpsr mov r0, jpc ldr r1, [thread, #THREAD_TOP_ZERO_FRAME] + cmp r1, #0 sub r1, r1, #ISTATE_NEXT_FRAME + beq 0f + DECACHE_JPC ldr r2, =my_trace blx r2 - msr cpsr, r4 +0: msr cpsr, r4 ldmfd sp!, {r0, r1, r2, r3, r4, lr, ip} .endm @@ -861,7 +864,7 @@ SLOW_ENTRY empty_entry: - ldrh r3, [r0, #42] + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] ldr r1, [r2, #THREAD_JAVA_SP] add r1, r1, r3, lsl #2 str r1, [r2, #THREAD_JAVA_SP] @@ -870,7 +873,7 @@ FAST_ENTRY fast_empty_entry: - ldrh r3, [r0, #42] + ldrh r3, [r0, #METHOD_SIZEOFPARAMETERS] ldr r1, [thread, #THREAD_JAVA_SP] add r1, r1, r3, lsl #2 str r1, [thread, #THREAD_JAVA_SP] @@ -1072,7 +1075,7 @@ ldr r1, [thread, #THREAD_STACK_SIZE] ldr r3, [thread, #THREAD_STACK_BASE] - add r0, r9, #72 + add r0, r9, #ISTATE_NEXT_FRAME rsb r3, r1, r3 rsb r3, r3, arm_sp @@ -1095,7 +1098,7 @@ str r5, [thread, #THREAD_LAST_JAVA_FP] ldr r5, [thread, #THREAD_JAVA_SP] str r5, [thread, #THREAD_LAST_JAVA_SP] - ldr r11, [r11, #-72 + ISTATE_METHOD] + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] cmp r1, #0 bne .fast_native_entry_exception ldr r5, [r11, #METHOD_SIGNATUREHANDLER] @@ -1118,7 +1121,7 @@ ldr r11, [thread, #THREAD_TOP_ZERO_FRAME] ldr r1, [thread, #THREAD_PENDING_EXC] mov r3, #0 - ldr r11, [r11, #-72 + ISTATE_METHOD] + ldr r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD] cmp r1, #0 str r3, [thread, #THREAD_LAST_JAVA_SP] str r3, [thread, #THREAD_LAST_JAVA_FP] @@ -3340,12 +3343,12 @@ str locals, [istate, #ISTATE_LOCALS] USEC cmp r3, lr str constpool, [istate, #ISTATE_CONSTANTS] + str tmp1, [istate, #ISTATE_METHOD] + str istate, [istate, #ISTATE_SELF_LINK] USEC bcs method_entry_freq_count_overflow DISPATCH_NEXT DISPATCH_NEXT DISPATCH_NEXT - str tmp1, [istate, #ISTATE_METHOD] - str istate, [istate, #ISTATE_SELF_LINK] @ mov lr, #0 @ str lr, [istate, #ISTATE_PREV_LINK] @ str lr, [istate, #ISTATE_CALLEE] diff -r 383082077d46 -r 9747f83d7a38 src/share/vm/shark/sharkCompiler.cpp --- a/src/share/vm/shark/sharkCompiler.cpp Fri Jan 31 21:14:06 2014 +0000 +++ b/src/share/vm/shark/sharkCompiler.cpp Fri Mar 21 20:57:28 2014 +0000 @@ -212,7 +212,6 @@ &inc_table, this, env->comp_level(), - false, false); } diff -r 383082077d46 -r 9747f83d7a38 src/share/vm/shark/shark_globals.hpp --- a/src/share/vm/shark/shark_globals.hpp Fri Jan 31 21:14:06 2014 +0000 +++ b/src/share/vm/shark/shark_globals.hpp Fri Mar 21 20:57:28 2014 +0000 @@ -40,6 +40,12 @@ product(intx, SharkMaxInlineSize, 32, \ "Maximum bytecode size of methods to inline when using Shark") \ \ + product(bool, EliminateNestedLocks, true, \ + "Eliminate nested locks of the same object when possible") \ + \ + product(ccstr, SharkOptimizationLevel, "Default", \ + "The optimization level passed to LLVM, possible values: None, Less, Default and Agressive") \ + \ /* compiler debugging */ \ develop(ccstr, SharkPrintTypeflowOf, NULL, \ "Print the typeflow of the specified method") \ @@ -58,6 +64,10 @@ \ diagnostic(bool, SharkPerformanceWarnings, false, \ "Warn about things that could be made faster") \ + \ + develop(ccstr, SharkVerifyFunction, NULL, \ + "Runs LLVM verify over LLVM IR") \ + SHARK_FLAGS(DECLARE_DEVELOPER_FLAG, DECLARE_PD_DEVELOPER_FLAG, DECLARE_PRODUCT_FLAG, DECLARE_PD_PRODUCT_FLAG, DECLARE_DIAGNOSTIC_FLAG, DECLARE_NOTPRODUCT_FLAG) From bugzilla-daemon at icedtea.classpath.org Sat Mar 22 17:24:56 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 22 Mar 2014 17:24:56 +0000 Subject: [Bug 1719] A fatal error has been detected by the Java Runtime Environment In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719 cycliste_urbain at yahoo.fr changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cycliste_urbain at yahoo.fr --- Comment #1 from cycliste_urbain at yahoo.fr --- I also detect this bug ( explained in French here: https://www.alionet.org/showthread.php?30778-Crash-de-LibreOffice-sous-KDE-lors-de-la-sauvegarde-d-un-fichier ) I resume the various data from this french forum: - Java options in LibreOffice are : Oracle Corporation 1.7.0_51 (/usr/lib64/jvm/java-1.7.0-openjdk-1.7.0/jre). Other options are not checked. - LibreOffice : 4.1.5.3 Build ID : 410m (Build:3) - KDE : 4.11.5 - openSUSE : 13.1 x86-64 The bug disappears if I select the option "Use dialog box in LibreOffice" (translation from what I see in French: "Utiliser les bo?tes de dialogue de LibreOffice") from the menu Tools -> Options -> General If this option is not selected and I run the command from a terminal: OOO_FORCE_DESKTOP=kde4 libreoffice I see these two messages just when the dialog box to save the file pops up: Object::connect: No such signal org::freedesktop::UPower::DeviceAdded(QDBusObjectPath) Object::connect: No such signal org::freedesktop::UPower::DeviceRemoved(QDBusObjectPath) When the option is selected, running the same command from a terminal and saving a file does not show the two messages. Finally, the bug is not seen under XFCE. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Sat Mar 22 18:02:12 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 22 Mar 2014 18:02:12 +0000 Subject: [Bug 1719] A fatal error has been detected by the Java Runtime Environment In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719 --- Comment #2 from cycliste_urbain at yahoo.fr --- More precisions: If I select the option "Use dialog box in LibreOffice" (translation from what I see in French: "Utiliser les bo?tes de dialogue de LibreOffice") from the menu Tools -> Options -> General and I run the command from a terminal: OOO_FORCE_DESKTOP=gnome libreoffice, the dialog box pops up when saving a file and all is fine. If the option is not selected and I run the same command, the bug appears when trying to save a file. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Sun Mar 23 12:37:51 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sun, 23 Mar 2014 12:37:51 +0000 Subject: [Bug 1721] New: Error reported on applet cancellation Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721 Bug ID: 1721 Summary: Error reported on applet cancellation Product: IcedTea-Web Version: 1.4 Hardware: x86 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Plugin Assignee: dbhole at redhat.com Reporter: jpsinthemix at verizon.net CC: unassigned at icedtea.classpath.org Created attachment 1057 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1057&action=edit gui traceback, followed by plugin.log, followed by java.stderr Hi, If I run the oracle 'test' applet at https://www.java.com/en/download/installed.jsp, I get a Security Approval Required popup giving me the choice to run or cancel the applet. If I click on 'run' all is OK; but, if I click on 'cancel' or simply close the popup I get an Error shown (and from the command line, a java traceback). It seems strange that I should get an applet initialization error in this case since I have simply cancelled running it. I have attached a log from ICEDTEAPLUGIN_DEBUG=true firefox 2>&1 | tee plugin.log plus ~/.icedtea/log/java.stderr (~/.icedtea/log/java.stdout is empty), and also the traceback from the gui. The logs are combined into one attached file, marked as follows: ==== gui.traceback: .. ==== plugin.log: .. ==== java.stderr: .. This problem occurs with icedtea-web versions 1.4.2, 1.4.3pre and 1.5pre. Note that I'm using openjdk-1.8.0, as well. This is probably related to an old/unresolved bug 1515 thanks much for your time, John -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From joachim.geiger at ipp.mpg.de Mon Mar 24 08:26:43 2014 From: joachim.geiger at ipp.mpg.de (Joachim Geiger) Date: Mon, 24 Mar 2014 08:26:43 +0000 (UTC) Subject: [Bug 1719] A fatal error has been detected by the Java =?utf-8?b?UnVudGltZQlFbnZpcm9ubWVudA==?= References: Message-ID: writes: > > > > > > Comment # 2 > on bug 1719 > from cycliste_urbain yahoo.fr > > More precisions: > > If I select the option "Use dialog box in LibreOffice" (translation from what I > see in French: "Utiliser les bo?tes de dialogue de LibreOffice") from the menu > Tools -> Options -> General and I run the command from a terminal: > OOO_FORCE_DESKTOP=gnome libreoffice, the dialog box pops up when saving a file > and all is fine. > > If the option is not selected and I run the same command, the bug appears when > trying to save a file. > > > You are receiving this mail because: > > > You are on the CC list for the bug. > > Hi, I can confirm the behavior as well as the remedy (check the box "Use libreoffic Dialogs" in Tools > Options > General - translation french to english: "de" means "of"). I am using opensuse 13.1 and encountered the problem also with kde and with lxde. Didn't check with xfce. I am grateful to have a workaround and have libreoffice running again!. Best regards, Joachim From ptisnovs at icedtea.classpath.org Mon Mar 24 10:05:39 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 24 Mar 2014 10:05:39 +0000 Subject: /hg/gfx-test: Ten new tests added into CAGOperationsOnTwoTouchin... Message-ID: changeset 6c229eda647a in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=6c229eda647a author: Pavel Tisnovsky date: Mon Mar 24 11:06:19 2014 +0100 Ten new tests added into CAGOperationsOnTwoTouchingCircles. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java | 250 ++++++++++ 2 files changed, 255 insertions(+), 0 deletions(-) diffs (272 lines): diff -r 842891bb6f30 -r 6c229eda647a ChangeLog --- a/ChangeLog Fri Mar 21 11:21:55 2014 +0100 +++ b/ChangeLog Mon Mar 24 11:06:19 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-24 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java: + Ten new tests added into CAGOperationsOnTwoTouchingCircles. + 2014-03-21 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltMirrorImage.java: diff -r 842891bb6f30 -r 6c229eda647a src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java --- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Fri Mar 21 11:21:55 2014 +0100 +++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java Mon Mar 24 11:06:19 2014 +0100 @@ -1732,6 +1732,256 @@ return TestResult.PASSED; } + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using inverse subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testInverseSubtractTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d); + // create area using inverse subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Intersect operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testIntersectTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d); + // create area using Intersect operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Xor operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d); + // create area using Xor operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using union operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using inverse subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testInverseSubtractTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d); + // create area using inverse subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Intersect operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testIntersectTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d); + // create area using Intersect operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using Xor operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d); + // create area using Xor operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using union operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionTextureFillUsingHorizontalColorStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalColorStripesTexture(image, graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two touching circles using subtract operator. The shape is rendered + * using texture paint (fill). + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractTextureFillUsingHorizontalColorStripesTexture(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set fill color + CommonRenderingStyles.setTextureFillUsingHorizontalColorStripesTexture(image, graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image); + // draw the area + graphics2d.fill(area); + // test result + return TestResult.PASSED; + } + // create area using union operator Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image); // draw the area From ptisnovs at icedtea.classpath.org Mon Mar 24 10:12:26 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 24 Mar 2014 10:12:26 +0000 Subject: /hg/rhino-tests: Two new tests added into ScriptExceptionClassTest. Message-ID: changeset a925ed2c4086 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=a925ed2c4086 author: Pavel Tisnovsky date: Mon Mar 24 11:13:09 2014 +0100 Two new tests added into ScriptExceptionClassTest. diffstat: ChangeLog | 5 +++++ src/org/RhinoTests/ScriptExceptionClassTest.java | 19 +++++++++++++++++++ 2 files changed, 24 insertions(+), 0 deletions(-) diffs (41 lines): diff -r c4c9da65a928 -r a925ed2c4086 ChangeLog --- a/ChangeLog Fri Mar 21 11:42:16 2014 +0100 +++ b/ChangeLog Mon Mar 24 11:13:09 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-24 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptExceptionClassTest.java: + Two new tests added into ScriptExceptionClassTest. + 2014-03-21 Pavel Tisnovsky * src/org/RhinoTests/ScriptEngineClassTest.java: diff -r c4c9da65a928 -r a925ed2c4086 src/org/RhinoTests/ScriptExceptionClassTest.java --- a/src/org/RhinoTests/ScriptExceptionClassTest.java Fri Mar 21 11:42:16 2014 +0100 +++ b/src/org/RhinoTests/ScriptExceptionClassTest.java Mon Mar 24 11:13:09 2014 +0100 @@ -2145,6 +2145,25 @@ stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); } + + /** + * Test for method javax.script.ScriptException.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.ScriptException.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.scriptExceptionClass.toString(); + assertEquals("class javax.script.ScriptException", asString, "wrong toString() return value"); + } + /** * Test for instanceof operator applied to a class javax.script.ScriptException */ From jvanek at redhat.com Mon Mar 24 10:34:27 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 11:34:27 +0100 Subject: [rfc][icedtea-web] Reprint of application logs to console In-Reply-To: <20140321155752.GE6449@redhat.com> References: <532C5F65.8080709@redhat.com> <20140321155752.GE6449@redhat.com> Message-ID: <53300A33.2010801@redhat.com> On 03/21/2014 04:57 PM, Omair Majid wrote: > Hi > > I haven't reviewed the patch, but just wanted to comment on something. > > * Jiri Vanek [2014-03-21 11:51]: >> If application is calling system.out/err.print(ln) for some kind of >> debugging, then it is *maybe* good to show it in our debug console. >> With its powerful features it may be usefull debugging tool for >> developers. > > I would replace 'maybe' with 'definitely'. Thanx for support! > >> tbh, I'm not sure if this is wonted feature, but I somehow think it >> should be there. I also think previous console did it. So should >> new. And ... it really looks cool :) > > I think this is definitely worth having. And yes, I implemented this in > the older console. The console that is part of the proprietary plugin > does this too. > In this case I would like to push it to head asap, as the code is perfect as usually, can I consider it as "ok for head" ? :) J. From jvanek at redhat.com Mon Mar 24 12:16:34 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 13:16:34 +0100 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <532B480C.4070304@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> <532B2ACB.3010509@redhat.com> <532B3EA9.3090702@redhat.com> <532B480C.4070304@redhat.com> Message-ID: <53302222.3060902@redhat.com> Looks ok to go. Few feature works - with only one item the submenu donot have much sense, but it will greow (? :) ) so ok if finished in 1.5.1 - the modality and filter needs to be fixed until 1.5 - when there are already stored items in policies, the first one is selected, and user would like actually edit the *newly* added. Probably not only filter, but be sure that the newly add/currnelty-should-be-edited item is really selected. Please push the tweeks for attributevalidator as separate changeset and add trusted-only to news during commit please. ty! J. On 03/20/2014 08:57 PM, Andrew Azores wrote: > On 03/20/2014 03:16 PM, Andrew Azores wrote: >> On 03/20/2014 01:52 PM, Jiri Vanek wrote: >>> On 03/14/2014 05:00 PM, Andrew Azores wrote: >>>>> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports. >>>>> >>>>> I gave up an code a bit O:). So user experience: >>>>> >>>>> >>>>> popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd. >>>>> Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup >>>>> menu >>>>> on this pposition. Should work like charm. >>>> >>>> This seems to work well, thanks for the tip. >>>> >>>>> >>>>> I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather? >>>> >>>> I tried using an image now but wasn't really happy with the results. I've changed it instead to >>>> a unicode character that looks like the three horizontal line overflow menu icon that's being >>>> used by iOS and Android. I think it's pretty nice although the button is still a bit wide. >>>> >>>>> >>>>> Interesting state - dialog appeared , I clicked "V" clicked show policy editor, it apeared, I >>>>> clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal >>>> >>>> Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate >>>> changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it >>>> as a modal dialog? >>>> >>>>> >>>>> How does it behave for yes/no/cancel/close of policy editor? >>>> >>>> The CertWarningPane doesn't know about this at all. All it knows about is if it has a >>>> PolicyEditor reference, and if it does, if the editor is still open or has been closed. >>>> >>>>> - small nit - other codebases in editor are confusing. >>>>> >>>>> >>>>> Thanx! >>>>> J. >>>>> >>>> >>>> I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase >>>> when there are also others present in the policy file. >>> >>> Then maybe it can be added? I think simple filter on shown list? And in this case the filter will >>> be pre setup to show only new/edited codebase. This is also enough as next changeset (however... >>> necessary....) >>> >>> Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? This may be as another >>> changeset, but should be fixed.... >>> >>> Eg two containers - dialog an frame with same pannel..... >>> >> >> Yes, both of these can/should be fixed, but as a different changeset I think. >> >>> >>> Well one possible stop-show: >>> >>> geogebra do not start with : >>> net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize >>> application. The application has not been initialized, for more information execute javaws from >>> the command line. at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at >>> net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at >>> net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused by: >>> net.sourceforge.jnlp.LaunchException: The 'permissions' attribute is 'all-permissions' but >>> security is' Sandbox'. This is fatal at >>> net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) >>> at net.sourceforge.jnlp.runtime.JNLPClassLoader. (JNLPClassLoader.java:289) at >>> net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) at >>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) at >>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) at >>> net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) ... 2 more >>> >>> I think it is wrong. The run-in-sandbox should skip this check or otherwise handdle it. >>> >>> >>> J. >> >> I've added a check in checkPermissionsAttribute to skip the check if the SecurityDelegate >> indicates that the user has decided specifically to run the applet sandboxed. >> >> Thanks, >> > > Tiny update, cleanly applies on new HEAD (with Trusted-only). Also threw in the one-line fix for > Trusted-only and Sandbox. > > Thanks, > From aazores at redhat.com Mon Mar 24 13:07:28 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 09:07:28 -0400 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <532C5A50.6060400@redhat.com> References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com> <532C5A50.6060400@redhat.com> Message-ID: <53302E10.1060000@redhat.com> On 03/21/2014 11:27 AM, Jiri Vanek wrote: > On 03/21/2014 03:56 PM, Omair Majid wrote: >> * Andrew Azores [2014-03-20 11:35]: >>> +++ >>> b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java >> >>> + void checkTrustedOnlyAttribute() throws LaunchException { >> >> A stylistic nit: if you ask me to use a class named *Validator, I will >> look for the validate* method as the first thing. If the class is named >> *Checker, then maybe a check* method makes more sense. >> >> What do you think? >> >> Thanks, >> Omair >> > > > the small refactoring > > ManifestsAttributesValidator -> ManifestsAttributesChecker > > and all its current methods started with check > > is probably worthy to do... > > J. Just this? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: manifest-attributes-checker-rename.patch Type: text/x-patch Size: 31708 bytes Desc: not available URL: From aazores at icedtea.classpath.org Mon Mar 24 13:20:34 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 24 Mar 2014 13:20:34 +0000 Subject: /hg/icedtea-web: 3 new changesets Message-ID: changeset 48f3658a7efd in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=48f3658a7efd author: Andrew Azores date: Mon Mar 24 09:14:04 2014 -0400 ManifestsAttributeValidator works with RunInSandbox * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: pass SecurityDelegate to ManifestsAttributesValidator * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: (securityDelegate) new field, added to constructor. (checkTrustedOnlyAttribute, checkPermissionsAttribute) works with RunInSandbox. changeset a958ecb160f6 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=a958ecb160f6 author: Andrew Azores date: Mon Mar 24 09:18:45 2014 -0400 Added PolicyEditor launch button to security prompts Added ability to launch PolicyEditor from security prompts, with the current applet's codebase pre-selected in the editor. * netx/net/sourceforge/jnlp/resources/Messages.properties: (CertWarnPolicyTip, CertWarnPolicyEditor): new messages * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: can launch PolicyEditor from new options overflow button * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: same changeset 6bdbe6b2694b in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=6bdbe6b2694b author: Andrew Azores date: Mon Mar 24 09:20:18 2014 -0400 Mention Trusted-only in NEWS diffstat: ChangeLog | 24 + NEWS | 2 +- netx/net/sourceforge/jnlp/resources/Messages.properties | 2 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 2 +- netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java | 14 +- netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 169 +++++++-- netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java | 100 +++++- 7 files changed, 258 insertions(+), 55 deletions(-) diffs (truncated from 611 to 500 lines): diff -r 022f56ff692f -r 6bdbe6b2694b ChangeLog --- a/ChangeLog Thu Mar 20 15:45:13 2014 -0400 +++ b/ChangeLog Mon Mar 24 09:20:18 2014 -0400 @@ -1,3 +1,27 @@ +2014-03-24 Andrew Azores + + * NEWS: added mention of Trusted-only manifest attribute + +2014-03-24 Andrew Azores + + Added ability to launch PolicyEditor from security prompts, with the + current applet's codebase pre-selected in the editor. + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (CertWarnPolicyTip, CertWarnPolicyEditor): new messages + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: can + launch PolicyEditor from new options overflow button + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: + same + +2014-03-24 Andrew Azores + + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: pass + SecurityDelegate to ManifestsAttributesValidator + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + (securityDelegate) new field, added to constructor. + (checkTrustedOnlyAttribute, checkPermissionsAttribute) works with + RunInSandbox. + 2014-03-20 Andrew Azores Trusted-only manifest attribute implementation diff -r 022f56ff692f -r 6bdbe6b2694b NEWS --- a/NEWS Thu Mar 20 15:45:13 2014 -0400 +++ b/NEWS Mon Mar 24 09:20:18 2014 -0400 @@ -14,7 +14,7 @@ * IcedTea-Web is now following XDG .config and .cache specification(RH947647) * A console for debugging plugin and javaws * Dialogs center on screen before becoming visible -* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions) +* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions, Trusted-only) * Custom applet permission policies panel in itweb-settings control panel * javaws -version flag * New PolicyEditor for easily adding/removing permissions to individual applets diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 20 15:45:13 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 09:20:18 2014 -0400 @@ -23,6 +23,8 @@ CertWarnRunTip=Trust this applet and run with full permissions CertWarnSandboxTip=Do not trust this applet and run with restricted permissions CertWarnCancelTip=Do not run this applet +CertWarnPolicyTip=Advanced sandbox settings +CertWarnPolicyEditorItem=Launch PolicyEditor AFileOnTheMachine=a file on the machine AlwaysAllowAction=Always allow this action diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Mar 20 15:45:13 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Mon Mar 24 09:20:18 2014 -0400 @@ -284,7 +284,7 @@ setSecurity(); - ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing); + ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing, securityDelegate); mav.checkTrustedOnlyAttribute(); mav.checkCodebaseAttribute(); mav.checkPermissionsAttribute(); diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Thu Mar 20 15:45:13 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 09:20:18 2014 -0400 @@ -39,6 +39,7 @@ import java.net.URL; import java.util.HashSet; import java.util.Set; + import net.sourceforge.jnlp.ExtensionDesc; import net.sourceforge.jnlp.JARDesc; import net.sourceforge.jnlp.JNLPFile; @@ -47,6 +48,7 @@ import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.ResourcesDesc; import net.sourceforge.jnlp.SecurityDesc; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState; import net.sourceforge.jnlp.security.SecurityDialogs; import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; @@ -60,11 +62,14 @@ private final SecurityDesc security; private final JNLPFile file; private final SigningState signing; + private final SecurityDelegate securityDelegate; - public ManifestsAttributesValidator(SecurityDesc security, JNLPFile file, SigningState signing) { + public ManifestsAttributesValidator(final SecurityDesc security, final JNLPFile file, + final SigningState signing, final SecurityDelegate securityDelegate) { this.security = security; this.file = file; this.signing = signing; + this.securityDelegate = securityDelegate; } /** @@ -97,7 +102,7 @@ securityType = "Unknown"; } - final boolean isFullySigned = signing == SigningState.FULL; + final boolean isFullySigned = signing == SigningState.FULL || (signing == SigningState.PARTIAL && securityDelegate.getRunInSandbox()); final String signedMsg; if (isFullySigned) { signedMsg = "The applet is fully signed"; @@ -152,8 +157,9 @@ void checkPermissionsAttribute() throws LaunchException { final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); - if (level == AppletSecurityLevel.ALLOW_UNSIGNED) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing"); + if (level == AppletSecurityLevel.ALLOW_UNSIGNED || securityDelegate.getRunInSandbox()) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + + "' Your Extended applets security is at 'low', or you have specifically chosen to run the applet Sandboxed. Continuing"); return; } switch (permissions) { diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java --- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Thu Mar 20 15:45:13 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Mon Mar 24 09:20:18 2014 -0400 @@ -47,9 +47,13 @@ import java.awt.GridLayout; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; +import java.awt.event.MouseEvent; +import java.awt.event.MouseListener; import java.io.File; import java.io.FileOutputStream; import java.io.OutputStream; +import java.net.MalformedURLException; +import java.net.URL; import java.security.KeyStore; import java.security.cert.Certificate; import java.security.cert.X509Certificate; @@ -60,12 +64,16 @@ import javax.swing.JButton; import javax.swing.JCheckBox; import javax.swing.JLabel; +import javax.swing.JMenuItem; import javax.swing.JPanel; +import javax.swing.JPopupMenu; import javax.swing.SwingConstants; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; +import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.CertVerifier; import net.sourceforge.jnlp.security.CertificateUtils; import net.sourceforge.jnlp.security.HttpsCertVerifier; @@ -75,6 +83,7 @@ import net.sourceforge.jnlp.security.SecurityDialog; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityUtil; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.logging.OutputController; @@ -88,14 +97,29 @@ */ public class CertWarningPane extends SecurityDialogPanel { - JCheckBox alwaysTrust; - CertVerifier certVerifier; - SecurityDelegate securityDelegate; + private final JNLPFile file; + private final AccessType accessType; + private final Certificate cert; + private JCheckBox alwaysTrust; + private final CertVerifier certVerifier; + private SecurityDelegate securityDelegate; + private JPopupMenu policyMenu; + private JPanel topPanel, infoPanel, buttonPanel, bottomPanel; + private JLabel topLabel, nameLabel, publisherLabel, fromLabel, bottomLabel; + private JButton run, sandbox, advancedOptions, cancel, moreInfo; + private boolean alwaysTrustSelected; + private String bottomLabelWarningText; + private PolicyEditor policyEditor = null; public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) { super(x, certVerifier); this.certVerifier = certVerifier; this.securityDelegate = securityDelegate; + + this.accessType = parent.getAccessType(); + this.file = parent.getFile(); + this.cert = parent.getCertVerifier().getPublisher(null); + addComponents(); } @@ -103,10 +127,11 @@ * Creates the actual GUI components, and adds it to this panel */ private void addComponents() { - AccessType type = parent.getAccessType(); - JNLPFile file = parent.getFile(); - Certificate c = parent.getCertVerifier().getPublisher(null); + setTextAndLabels(); + addButtons(); + } + private void setTextAndLabels() { String name = ""; String publisher = ""; String from = ""; @@ -115,8 +140,8 @@ //these strings -- we just want to fill in as many as possible. try { if ((certVerifier instanceof HttpsCertVerifier) && - (c instanceof X509Certificate)) { - name = SecurityUtil.getCN(((X509Certificate) c) + (cert instanceof X509Certificate)) { + name = SecurityUtil.getCN(((X509Certificate) cert) .getSubjectX500Principal().getName()); } else if (file instanceof PluginBridge) { name = file.getTitle(); @@ -127,8 +152,8 @@ } try { - if (c instanceof X509Certificate) { - publisher = SecurityUtil.getCN(((X509Certificate) c) + if (cert instanceof X509Certificate) { + publisher = SecurityUtil.getCN(((X509Certificate) cert) .getSubjectX500Principal().getName()); } } catch (Exception e) { @@ -145,63 +170,66 @@ // Labels String topLabelText = ""; - String bottomLabelText = parent.getCertVerifier().getRootInCacerts() ? - R("STrustedSource") : R("SUntrustedSource"); - String propertyName = ""; + bottomLabelWarningText = parent.getCertVerifier().getRootInCacerts() ? + R("STrustedSource") : R("SUntrustedSource"); String iconLocation = "net/sourceforge/jnlp/resources/"; - boolean alwaysTrustSelected = false; + alwaysTrustSelected = false; if (certVerifier instanceof HttpsCertVerifier) { // HTTPS certs that are verified do not prompt for a dialog. // @see VariableX509TrustManager#checkServerTrusted topLabelText = R("SHttpsUnverified") + " " + R("Continue"); - propertyName = "OptionPane.warningIcon"; iconLocation += "warning.png"; } else { - switch (type) { + switch (accessType) { case VERIFIED: topLabelText = R("SSigVerified"); - propertyName = "OptionPane.informationIcon"; iconLocation += "question.png"; alwaysTrustSelected = true; break; case UNVERIFIED: topLabelText = R("SSigUnverified"); - propertyName = "OptionPane.warningIcon"; iconLocation += "warning.png"; - bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); + bottomLabelWarningText += " " + R("SWarnFullPermissionsIgnorePolicy"); break; case SIGNING_ERROR: topLabelText = R("SSignatureError"); - propertyName = "OptionPane.warningIcon"; iconLocation += "warning.png"; - bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); + bottomLabelWarningText += " " + R("SWarnFullPermissionsIgnorePolicy"); break; } } - ImageIcon icon = new ImageIcon((new sun.misc.Launcher()) - .getClassLoader().getResource(iconLocation)); - JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); + ImageIcon icon = getImageIcon(iconLocation); + topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); + topPanel = new JPanel(new BorderLayout()); topPanel.setBackground(Color.WHITE); topPanel.add(topLabel, BorderLayout.CENTER); topPanel.setPreferredSize(new Dimension(400, 75)); topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); //application info - JLabel nameLabel = new JLabel(R("Name") + ": " + name); + nameLabel = new JLabel(R("Name") + ": " + name); nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); + publisherLabel = new JLabel(R("Publisher") + ": " + publisher); publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel fromLabel = new JLabel(R("From") + ": " + from); + fromLabel = new JLabel(R("From") + ": " + from); fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + } + + private ImageIcon getImageIcon(final String imageLocation) { + return new ImageIcon((new sun.misc.Launcher()) + .getClassLoader().getResource(imageLocation)); + } + + private void addButtons() { + createPolicyPermissionsMenu(); alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher")); alwaysTrust.setEnabled(true); alwaysTrust.setSelected(alwaysTrustSelected); - JPanel infoPanel = new JPanel(new GridLayout(4, 1)); + infoPanel = new JPanel(new GridLayout(4, 1)); infoPanel.add(nameLabel); infoPanel.add(publisherLabel); @@ -213,12 +241,15 @@ infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - JButton run = new JButton(R("ButRun")); - JButton sandbox = new JButton(R("ButSandbox")); - JButton cancel = new JButton(R("ButCancel")); + buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + run = new JButton(R("ButRun")); + sandbox = new JButton(R("ButSandbox")); + advancedOptions = new JButton("\u2630"); // "hamburger" navicon + cancel = new JButton(R("ButCancel")); + run.setToolTipText(R("CertWarnRunTip")); sandbox.setToolTipText(R("CertWarnSandboxTip")); + advancedOptions.setToolTipText(R("CertWarnPolicyTip")); cancel.setToolTipText(R("CertWarnCancelTip")); alwaysTrust.addActionListener(new ButtonDisableListener(sandbox)); @@ -227,16 +258,23 @@ buttonWidth = Math.max(buttonWidth, cancel.getMinimumSize().width); int buttonHeight = run.getMinimumSize().height; Dimension d = new Dimension(buttonWidth, buttonHeight); + run.setPreferredSize(d); sandbox.setPreferredSize(d); + advancedOptions.setPreferredSize(new Dimension(advancedOptions.getMinimumSize().width, buttonHeight)); cancel.setPreferredSize(d); sandbox.setEnabled(!alwaysTrust.isSelected()); run.addActionListener(createSetValueListener(parent, 0)); run.addActionListener(new CheckBoxListener()); + sandbox.addActionListener(createSetValueListener(parent, 1)); + + advancedOptions.addMouseListener(new PolicyEditorPopupListener()); + cancel.addActionListener(createSetValueListener(parent, 2)); + initialFocusComponent = cancel; buttonPanel.add(run); // file will be null iff this dialog is being called from VariableX509TrustManager. @@ -245,8 +283,10 @@ // Since there is no app, there is nothing to run sandboxed. if (file != null) { buttonPanel.add(sandbox); + buttonPanel.add(advancedOptions); } buttonPanel.add(cancel); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); //all of the above @@ -255,18 +295,75 @@ add(infoPanel); add(buttonPanel); - JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText)); - JButton moreInfo = new JButton(R("ButMoreInformation")); + bottomLabel = new JLabel(htmlWrap(bottomLabelWarningText)); + moreInfo = new JButton(R("ButMoreInformation")); moreInfo.addActionListener(new MoreInfoButtonListener()); - JPanel bottomPanel = new JPanel(); + bottomPanel = new JPanel(); bottomPanel.setLayout(new BoxLayout(bottomPanel, BoxLayout.X_AXIS)); bottomPanel.add(bottomLabel); bottomPanel.add(moreInfo); bottomPanel.setPreferredSize(new Dimension(600, 100)); bottomPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); add(bottomPanel); + } + private void createPolicyPermissionsMenu() { + policyMenu = new JPopupMenu(); + + JMenuItem launchPolicyEditor = new JMenuItem(R("CertWarnPolicyEditorItem")); + launchPolicyEditor.addActionListener(new PolicyEditorLaunchListener()); + + policyMenu.add(launchPolicyEditor); + policyMenu.setSize(policyMenu.getMinimumSize()); + policyMenu.setVisible(false); + } + + private class PolicyEditorLaunchListener implements ActionListener { + @Override + public void actionPerformed(final ActionEvent e) { + final String rawFilepath = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_SECURITY_POLICY); + String filepath; + try { + filepath = new URL(rawFilepath).getPath(); + } catch (final MalformedURLException mfue) { + filepath = null; + } + + if (policyEditor == null || policyEditor.isClosed()) { + policyEditor = PolicyEditor.createInstance(filepath); + } else { + policyEditor.toFront(); + policyEditor.repaint(); + } + policyEditor.addNewCodebase(file.getCodeBase().toString()); + policyEditor.setVisible(true); + policyMenu.setVisible(false); + } + } + + private class PolicyEditorPopupListener implements MouseListener { + @Override + public void mouseClicked(final MouseEvent e) { + policyMenu.setLocation(e.getLocationOnScreen()); + policyMenu.setVisible(!policyMenu.isVisible()); + } + + @Override + public void mousePressed(final MouseEvent e) { + } + + @Override + public void mouseReleased(final MouseEvent e) { + } + + @Override + public void mouseEntered(final MouseEvent e) { + } + + @Override + public void mouseExited(final MouseEvent e) { + } } private class MoreInfoButtonListener implements ActionListener { diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java Thu Mar 20 15:45:13 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java Mon Mar 24 09:20:18 2014 -0400 @@ -2,34 +2,41 @@ import static net.sourceforge.jnlp.runtime.Translator.R; -import java.awt.BorderLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.MouseEvent; +import java.awt.event.MouseListener; +import java.net.MalformedURLException; import java.net.URL; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import javax.swing.ImageIcon; import javax.swing.JButton; -import javax.swing.JFrame; +import javax.swing.JMenuItem; +import javax.swing.JPopupMenu; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.PluginParameters; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.SecurityDialog; -import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; -import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; import net.sourceforge.jnlp.security.SecurityUtil; import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; import net.sourceforge.jnlp.tools.CertInformation; import net.sourceforge.jnlp.tools.JarCertVerifier; public class PartiallySignedAppTrustWarningPanel extends AppTrustWarningPanel { - private JarCertVerifier jcv; - private JButton sandboxButton; + private final JarCertVerifier jcv; + private final JButton sandboxButton; + private final JButton advancedOptionsButton; From aazores at redhat.com Mon Mar 24 13:39:19 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 09:39:19 -0400 Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane In-Reply-To: <53302222.3060902@redhat.com> References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com> <5323135E.6070700@redhat.com> <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com> <532B2ACB.3010509@redhat.com> <532B3EA9.3090702@redhat.com> <532B480C.4070304@redhat.com> <53302222.3060902@redhat.com> Message-ID: <53303587.1020608@redhat.com> On 03/24/2014 08:16 AM, Jiri Vanek wrote: > > Looks ok to go. > > > Few feature works > - with only one item the submenu donot have much sense, but it will > greow (? :) ) so ok if finished in 1.5.1 I'm thinking maybe the Filter option can actually be the second item under the View menu. It seems to be a fitting place to me, since the filtering is probably not important enough to be always displayed, and View is definitely the right menu for it to go in if it does go in a menu. > > - the modality and filter needs to be fixed until 1.5 > - when there are already stored items in policies, the first one is > selected, and user would like actually edit the *newly* added. > Probably not only filter, but be sure that the newly > add/currnelty-should-be-edited item is really selected. Well, the policy file is parse asynchronously when the editor opens, so if this doesn't complete first, then when the dialogs add a new codebase, it may not be the last one added. Since adding a new codebase automatically selects it, this could make it so that the current applet's codebase isn't actually selected. I'll start a new discussion thread for this, and another one for modality as well. > > Please push the tweeks for attributevalidator as separate changeset > and add trusted-only to news during commit please. Done. > > > ty! > > J. Thanks, -- Andrew A From andrew at icedtea.classpath.org Mon Mar 24 13:55:47 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 24 Mar 2014 13:55:47 +0000 Subject: /hg/release/icedtea7-forest-2.3/jdk: Add missing files from 8028293 Message-ID: changeset 3428bff8a33a in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=3428bff8a33a author: andrew date: Mon Mar 24 13:55:37 2014 +0000 Add missing files from 8028293 diffstat: src/solaris/classes/sun/net/PortConfig.java | 89 ++++++++++++++++++++ src/solaris/native/sun/net/portconfig.c | 122 ++++++++++++++++++++++++++++ src/windows/classes/sun/net/PortConfig.java | 65 ++++++++++++++ src/windows/native/sun/net/portconfig.c | 106 ++++++++++++++++++++++++ 4 files changed, 382 insertions(+), 0 deletions(-) diffs (398 lines): diff -r 2906d76a7086 -r 3428bff8a33a src/solaris/classes/sun/net/PortConfig.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/solaris/classes/sun/net/PortConfig.java Mon Mar 24 13:55:37 2014 +0000 @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.net; + +import java.security.AccessController; + +/** + * Determines the ephemeral port range in use on this system. + * If this cannot be determined, then the default settings + * of the OS are returned. + */ + +public final class PortConfig { + + private static int defaultUpper, defaultLower; + private final static int upper, lower; + + private PortConfig() {} + + static { + AccessController.doPrivileged( + new java.security.PrivilegedAction() { + public Void run() { + System.loadLibrary("net"); + String os = System.getProperty("os.name"); + if (os.startsWith("Linux")) { + defaultLower = 32768; + defaultUpper = 61000; + } else if (os.startsWith("SunOS")) { + defaultLower = 32768; + defaultUpper = 65535; + } else if (os.contains("OS X")) { + defaultLower = 49152; + defaultUpper = 65535; + } else { + throw new InternalError( + "sun.net.PortConfig: unknown OS"); + } + return null; + } + }); + + int v = getLower0(); + if (v == -1) { + v = defaultLower; + } + lower = v; + + v = getUpper0(); + if (v == -1) { + v = defaultUpper; + } + upper = v; + } + + static native int getLower0(); + static native int getUpper0(); + + public static int getLower() { + return lower; + } + + public static int getUpper() { + return upper; + } +} diff -r 2906d76a7086 -r 3428bff8a33a src/solaris/native/sun/net/portconfig.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/solaris/native/sun/net/portconfig.c Mon Mar 24 13:55:37 2014 +0000 @@ -0,0 +1,122 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include +#include +#include +#include + +#if defined(_ALLBSD_SOURCE) +#include +#endif + +#include "jni.h" +#include "net_util.h" + +#ifdef __cplusplus +extern "C" { +#endif + +struct portrange { + int lower; + int higher; +}; + +static int getPortRange(struct portrange *range) +{ +#ifdef __linux__ + { + int ret; + FILE *f; + + f = fopen("/proc/sys/net/ipv4/ip_local_port_range", "r"); + if (f != NULL) { + ret = fscanf(f, "%d %d", &range->lower, &range->higher); + fclose(f); + return ret == 2 ? 0 : -1; + } + return -1; + } + +#elif defined(__solaris__) + { + range->lower = net_getParam("/dev/tcp", "tcp_smallest_anon_port"); + range->higher = net_getParam("/dev/tcp", "tcp_largest_anon_port"); + return 0; + } +#elif defined(_ALLBSD_SOURCE) + { + int ret; + size_t size = sizeof(range->lower); + ret = sysctlbyname( + "net.inet.ip.portrange.first", &range->lower, &size, 0, 0 + ); + if (ret == -1) { + return -1; + } + size = sizeof(range->higher); + ret = sysctlbyname( + "net.inet.ip.portrange.last", &range->higher, &size, 0, 0 + ); + return ret; + } +#else + return -1; +#endif +} + +/* + * Class: sun_net_PortConfig + * Method: getLower0 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0 + (JNIEnv *env, jclass clazz) +{ + struct portrange range; + if (getPortRange(&range) < 0) { + return -1; + } + return range.lower; +} + +/* + * Class: sun_net_PortConfig + * Method: getUpper + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0 + (JNIEnv *env, jclass clazz) +{ + struct portrange range; + if (getPortRange(&range) < 0) { + return -1; + } + return range.higher; +} + +#ifdef __cplusplus +} +#endif diff -r 2906d76a7086 -r 3428bff8a33a src/windows/classes/sun/net/PortConfig.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/windows/classes/sun/net/PortConfig.java Mon Mar 24 13:55:37 2014 +0000 @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.net; + +import java.security.AccessController; + +/** + * Determines the ephemeral port range in use on this system. + * If this cannot be determined, then the default settings + * of the OS are returned. + */ + +public final class PortConfig { + + private final static int upper, lower; + + private PortConfig() {} + + static { + AccessController.doPrivileged( + new java.security.PrivilegedAction() { + public Void run() { + System.loadLibrary("net"); + return null; + } + }); + + lower = getLower0(); + upper = getUpper0(); + } + + static native int getLower0(); + static native int getUpper0(); + + public static int getLower() { + return lower; + } + + public static int getUpper() { + return upper; + } +} diff -r 2906d76a7086 -r 3428bff8a33a src/windows/native/sun/net/portconfig.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/windows/native/sun/net/portconfig.c Mon Mar 24 13:55:37 2014 +0000 @@ -0,0 +1,106 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include +#include "jni.h" +#include "net_util.h" + +#ifdef __cplusplus +extern "C" { +#endif + +struct portrange { + int lower; + int higher; +}; + +static int getPortRange(struct portrange *range) +{ + OSVERSIONINFO ver; + ver.dwOSVersionInfoSize = sizeof(ver); + GetVersionEx(&ver); + + /* Check for major version 5 or less = Windows XP/2003 or older */ + if (ver.dwMajorVersion <= 5) { + LONG ret; + HKEY hKey; + range->lower = 1024; + range->higher = 4999; + + /* check registry to see if upper limit was raised */ + ret = RegOpenKeyEx(HKEY_LOCAL_MACHINE, + "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters", + 0, KEY_READ, (PHKEY)&hKey + ); + if (ret == ERROR_SUCCESS) { + DWORD maxuserport; + ULONG ulType; + DWORD dwLen = sizeof(maxuserport); + ret = RegQueryValueEx(hKey, "MaxUserPort", NULL, &ulType, + (LPBYTE)&maxuserport, &dwLen); + RegCloseKey(hKey); + if (ret == ERROR_SUCCESS) { + range->higher = maxuserport; + } + } + } else { + /* There doesn't seem to be an API to access this. "MaxUserPort" + * is affected, but is not sufficient to determine. + * so we just use the defaults, which are less likely to change + */ + range->lower = 49152; + range->higher = 65535; + } + return 0; +} + +/* + * Class: sun_net_PortConfig + * Method: getLower0 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0 + (JNIEnv *env, jclass clazz) +{ + struct portrange range; + getPortRange(&range); + return range.lower; +} + +/* + * Class: sun_net_PortConfig + * Method: getUpper0 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0 + (JNIEnv *env, jclass clazz) +{ + struct portrange range; + getPortRange(&range); + return range.higher; +} +#ifdef __cplusplus +} +#endif From aazores at redhat.com Mon Mar 24 14:01:07 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 10:01:07 -0400 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing Message-ID: <53303AA3.3080109@redhat.com> Hi, PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the editor does not have a well-defined order. This can be problematic because PolicyEditor highlights/selects the last added codebase, so eg in the scenario where the editor is being launched from a security dialog, we want to be sure that the current applet's codebase is the one selected when the editor appears. This patch adds a method to PolicyEditor that indicates whether the editor is currently reading/writing a file, and adds a loop to the two security dialogs so that the new codebase is not added and the editor made visible until it completes its IO. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-wait-for-io.patch Type: text/x-patch Size: 5772 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 24 14:26:35 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 15:26:35 +0100 Subject: [rfc][icedtea-web] Trusted-only manifest attribute In-Reply-To: <53302E10.1060000@redhat.com> References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com> <532C5A50.6060400@redhat.com> <53302E10.1060000@redhat.com> Message-ID: <5330409B.9070909@redhat.com> On 03/24/2014 02:07 PM, Andrew Azores wrote: > On 03/21/2014 11:27 AM, Jiri Vanek wrote: >> On 03/21/2014 03:56 PM, Omair Majid wrote: >>> * Andrew Azores [2014-03-20 11:35]: >>>> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java >>> >>>> + void checkTrustedOnlyAttribute() throws LaunchException { >>> >>> A stylistic nit: if you ask me to use a class named *Validator, I will >>> look for the validate* method as the first thing. If the class is named >>> *Checker, then maybe a check* method makes more sense. >>> >>> What do you think? >>> >>> Thanks, >>> Omair >>> >> >> >> the small refactoring >> >> ManifestsAttributesValidator -> ManifestsAttributesChecker >> >> and all its current methods started with check >> >> is probably worthy to do... >> >> J. > > Just this? Yes :) Whn you are in, I.m for making all checkTrustedOnlyAttribute(); checkCodebaseAttribute(); checkPermissionsAttribute(); checkApplicationLibraryAllowableCodebaseAttribute(); private and encapsulate them in public checkAll(). And call this in constructor. If you agree feel free to encapsualte in this push. Otherwise ok to go anyway. J,. From ptisnovs at icedtea.classpath.org Mon Mar 24 14:38:39 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 24 Mar 2014 14:38:39 +0000 Subject: /hg/icedtea7: Fixed compilation failure on Aarch64. Message-ID: changeset 80573ab16562 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=80573ab16562 author: Pavel Tisnovsky date: Mon Mar 24 16:41:29 2014 -0400 Fixed compilation failure on Aarch64. diffstat: ChangeLog | 5 +++++ contrib/jck/compile-native-code.sh | 3 +++ 2 files changed, 8 insertions(+), 0 deletions(-) diffs (25 lines): diff -r f4920229fa73 -r 80573ab16562 ChangeLog --- a/ChangeLog Fri Mar 21 17:50:28 2014 +0000 +++ b/ChangeLog Mon Mar 24 16:41:29 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-24 Pavel Tisnovsky + + * contrib/jck/compile-native-code.sh: + Fixed compilation failure on Aarch64. + 2014-03-21 Andrew John Hughes * acinclude.m4: diff -r f4920229fa73 -r 80573ab16562 contrib/jck/compile-native-code.sh --- a/contrib/jck/compile-native-code.sh Fri Mar 21 17:50:28 2014 +0000 +++ b/contrib/jck/compile-native-code.sh Mon Mar 24 16:41:29 2014 -0400 @@ -31,6 +31,9 @@ x86_64|ppc64|s390x) MFLAG=-m64 ;; + aarch64) + MFLAG=-march=armv8-a + ;; *) echo 1>&2 "error: unhandled arch '$arch'" exit 1 From aazores at redhat.com Mon Mar 24 14:44:39 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 10:44:39 -0400 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <533043CB.3010506@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> Message-ID: <533044D7.8040402@redhat.com> On 03/24/2014 10:40 AM, Jiri Vanek wrote: > On 03/24/2014 03:01 PM, Andrew Azores wrote: >> Hi, >> >> PolicyEditor loads and saves policy files async, obviously. However, >> this means that opening a new >> PolicyEditor instance on an existing policy file and programmatically >> adding a new codebase to the >> editor does not have a well-defined order. This can be problematic >> because PolicyEditor >> highlights/selects the last added codebase, so eg in the scenario >> where the editor is being launched >> from a security dialog, we want to be sure that the current applet's >> codebase is the one selected >> when the editor appears. This patch adds a method to PolicyEditor >> that indicates whether the editor >> is currently reading/writing a file, and adds a loop to the two >> security dialogs so that the new >> codebase is not added and the editor made visible until it completes >> its IO. >> >> Thanks, >> > > Hm... I dont think this is correct approach. Why are you so strongly > against modal dialogue? > > > J. I'm not... making PolicyEditor modal will come later. This patch is just about making sure that when you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be the selected one when the editor appears. This and modality are completely separate. Thanks, -- Andrew A From ptisnovs at icedtea.classpath.org Mon Mar 24 14:49:59 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 24 Mar 2014 14:49:59 +0000 Subject: /hg/icedtea6: Fixed compilation failure on Aarch64. Message-ID: changeset 0ef5e61b1b00 in /hg/icedtea6 details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=0ef5e61b1b00 author: Pavel Tisnovsky date: Mon Mar 24 16:53:24 2014 -0400 Fixed compilation failure on Aarch64. diffstat: ChangeLog | 5 +++++ contrib/jck/compile-native-code.sh | 3 +++ 2 files changed, 8 insertions(+), 0 deletions(-) diffs (25 lines): diff -r 9ace699eb46a -r 0ef5e61b1b00 ChangeLog --- a/ChangeLog Thu Mar 20 02:06:20 2014 +0000 +++ b/ChangeLog Mon Mar 24 16:53:24 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-24 Pavel Tisnovsky + + * contrib/jck/compile-native-code.sh: + Fixed compilation failure on Aarch64. + 2012-08-16 Andrew John Hughes PR1712: Allow -Werror to be turned off in the diff -r 9ace699eb46a -r 0ef5e61b1b00 contrib/jck/compile-native-code.sh --- a/contrib/jck/compile-native-code.sh Thu Mar 20 02:06:20 2014 +0000 +++ b/contrib/jck/compile-native-code.sh Mon Mar 24 16:53:24 2014 -0400 @@ -31,6 +31,9 @@ x86_64|ppc64|s390x) MFLAG=-m64 ;; + aarch64) + MFLAG=-march=armv8-a + ;; *) echo 1>&2 "error: unhandled arch '$arch'" exit 1 From aazores at redhat.com Mon Mar 24 14:58:23 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 10:58:23 -0400 Subject: [rfc][icedtea-web] Reprint of application logs to console In-Reply-To: <53300A33.2010801@redhat.com> References: <532C5F65.8080709@redhat.com> <20140321155752.GE6449@redhat.com> <53300A33.2010801@redhat.com> Message-ID: <5330480F.3080009@redhat.com> On 03/24/2014 06:34 AM, Jiri Vanek wrote: > On 03/21/2014 04:57 PM, Omair Majid wrote: >> Hi >> >> I haven't reviewed the patch, but just wanted to comment on something. >> >> * Jiri Vanek [2014-03-21 11:51]: >>> If application is calling system.out/err.print(ln) for some kind of >>> debugging, then it is *maybe* good to show it in our debug console. >>> With its powerful features it may be usefull debugging tool for >>> developers. >> >> I would replace 'maybe' with 'definitely'. > > Thanx for support! >> >>> tbh, I'm not sure if this is wonted feature, but I somehow think it >>> should be there. I also think previous console did it. So should >>> new. And ... it really looks cool :) >> >> I think this is definitely worth having. And yes, I implemented this in >> the older console. The console that is part of the proprietary plugin >> does this too. >> > In this case I would like to push it to head asap, as the code is > perfect as usually, can I consider it as "ok for head" ? :) > > > J. > I think it looks okay, although I don't really know what's going on in a lot of the console, so some of it I don't know what it does (eg why the canChange field is needed). Thanks, -- Andrew A From aazores at redhat.com Mon Mar 24 15:01:18 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 11:01:18 -0400 Subject: [rfc][icedtea-web] cache tweeks In-Reply-To: <532C5B02.5020108@redhat.com> References: <532AFC0A.5040501@redhat.com> <532B07FC.3050401@redhat.com> <532C5B02.5020108@redhat.com> Message-ID: <533048BE.7050900@redhat.com> On 03/21/2014 11:30 AM, Jiri Vanek wrote: > On 03/20/2014 04:23 PM, Andrew Azores wrote: >> On 03/20/2014 10:32 AM, Jiri Vanek wrote: >>> releaseLock is bug, found thanx to tweeksToCache work. >>> releaseLock is releasing the never released lock. It is not 100% fix >>> but for deeper fixing this >>> needs to wait for cache revisite. ntil now it was invisible, because >>> jvm always terminated after >>> clean-cache. >>> >>> The tweeksToCache is doing the only thing - making clear cache more >>> visible. Righ ntnow it exists >>> only as cmd switch, and as feature in itw-settings->cache->view >>> Fiels->delete on by one. >>> Now one can itw-settings->cache->view Files->delete all. >>> Delete all is also presented on error dialogs - with tooltip why. >>> >>> Motivation? - tired to close bugs by "clear cache first please" >>> "how" "...:x..." "It started to work" >>> >>> Thanx! >>> J. >> >> There's some weird formatting going on in the cache tweaks patch. >> invokeLaterDeleteAll, >> disableButtons, restoreDisabled, and visualCleanCache all have >> various indentation issues. >> >> Otherwise I think this is okay. >> >> Thanks, >> > > > Few more nits to this topic. > - improved messages > - exception shown to user as "what to do now" > > J. Looks pretty good, feel free to push after fixing formatting problems noted in my last email. Only other nit is catching generic Exception in visualCleanCache, but this discussion has been had enough times already... :) Thanks, -- Andrew A From jvanek at redhat.com Mon Mar 24 14:40:11 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 15:40:11 +0100 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <53303AA3.3080109@redhat.com> References: <53303AA3.3080109@redhat.com> Message-ID: <533043CB.3010506@redhat.com> On 03/24/2014 03:01 PM, Andrew Azores wrote: > Hi, > > PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new > PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the > editor does not have a well-defined order. This can be problematic because PolicyEditor > highlights/selects the last added codebase, so eg in the scenario where the editor is being launched > from a security dialog, we want to be sure that the current applet's codebase is the one selected > when the editor appears. This patch adds a method to PolicyEditor that indicates whether the editor > is currently reading/writing a file, and adds a loop to the two security dialogs so that the new > codebase is not added and the editor made visible until it completes its IO. > > Thanks, > Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue? J. From jvanek at redhat.com Mon Mar 24 15:11:10 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 16:11:10 +0100 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <533044D7.8040402@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> Message-ID: <53304B0E.3060505@redhat.com> On 03/24/2014 03:44 PM, Andrew Azores wrote: > On 03/24/2014 10:40 AM, Jiri Vanek wrote: >> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>> Hi, >>> >>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new >>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the >>> editor does not have a well-defined order. This can be problematic because PolicyEditor >>> highlights/selects the last added codebase, so eg in the scenario where the editor is being launched >>> from a security dialog, we want to be sure that the current applet's codebase is the one selected >>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the editor >>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new >>> codebase is not added and the editor made visible until it completes its IO. >>> >>> Thanks, >>> >> >> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue? >> >> >> J. > > I'm not... making PolicyEditor modal will come later. This patch is just about making sure that when > you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be > the selected one when the editor appears. This and modality are completely separate. > > Thanks, > uff... wouldnt be much more easy to make the load/save in sync? I do not see any reason why it is in new thread Thread(save/load).start() .... J. From ptisnovs at icedtea.classpath.org Mon Mar 24 15:15:39 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Mon, 24 Mar 2014 15:15:39 +0000 Subject: /hg/icedtea: Fixed compilation failure on Aarch64. Message-ID: changeset 102993442e37 in /hg/icedtea details: http://icedtea.classpath.org/hg/icedtea?cmd=changeset;node=102993442e37 author: Pavel Tisnovsky date: Mon Mar 24 17:19:19 2014 -0400 Fixed compilation failure on Aarch64. diffstat: ChangeLog | 5 +++++ contrib/jck/compile-native-code.sh | 3 +++ 2 files changed, 8 insertions(+), 0 deletions(-) diffs (25 lines): diff -r fde41e40bb89 -r 102993442e37 ChangeLog --- a/ChangeLog Fri Dec 20 11:46:05 2013 +0100 +++ b/ChangeLog Mon Mar 24 17:19:19 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-24 Pavel Tisnovsky + + * contrib/jck/compile-native-code.sh: + Fixed compilation failure on Aarch64. + 2013-12-20 Xerxes R??nby Robert Lougher diff -r fde41e40bb89 -r 102993442e37 contrib/jck/compile-native-code.sh --- a/contrib/jck/compile-native-code.sh Fri Dec 20 11:46:05 2013 +0100 +++ b/contrib/jck/compile-native-code.sh Mon Mar 24 17:19:19 2014 -0400 @@ -31,6 +31,9 @@ x86_64|ppc64|s390x) MFLAG=-m64 ;; + aarch64) + MFLAG=-march=armv8-a + ;; *) echo 1>&2 "error: unhandled arch '$arch'" exit 1 From jvanek at icedtea.classpath.org Mon Mar 24 15:46:28 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 24 Mar 2014 15:46:28 +0000 Subject: /hg/icedtea-web: Minor cache fixes Message-ID: changeset 2d02a075cb1e in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2d02a075cb1e author: Jiri Vanek date: Mon Mar 24 16:46:09 2014 +0100 Minor cache fixes diffstat: ChangeLog | 7 +++++++ netx/net/sourceforge/jnlp/controlpanel/CachePane.java | 11 +++++++---- netx/net/sourceforge/jnlp/resources/Messages.properties | 6 +++--- 3 files changed, 17 insertions(+), 7 deletions(-) diffs (61 lines): diff -r 6bdbe6b2694b -r 2d02a075cb1e ChangeLog --- a/ChangeLog Mon Mar 24 09:20:18 2014 -0400 +++ b/ChangeLog Mon Mar 24 16:46:09 2014 +0100 @@ -1,3 +1,10 @@ +2014-03-20 Jiri Vanek + + * netx/net/sourceforge/jnlp/controlpanel/CachePane.java: (visualCleanCache) + consider exception in cache operation as not-scuess. + * netx/net/sourceforge/jnlp/resources/Messages.properties: (CCannotClearCache) + (CFakedCache) (CVCPCleanCacheTip) improved by fix it tips. + 2014-03-24 Andrew Azores * NEWS: added mention of Trusted-only manifest attribute diff -r 6bdbe6b2694b -r 2d02a075cb1e netx/net/sourceforge/jnlp/controlpanel/CachePane.java --- a/netx/net/sourceforge/jnlp/controlpanel/CachePane.java Mon Mar 24 09:20:18 2014 -0400 +++ b/netx/net/sourceforge/jnlp/controlpanel/CachePane.java Mon Mar 24 16:46:09 2014 +0100 @@ -481,12 +481,15 @@ parent.getContentPane().setCursor(Cursor.getDefaultCursor()); } - public static boolean visualCleanCache(Component parent) { - boolean success = CacheUtil.clearCache(); - if (!success) { + public static void visualCleanCache(Component parent) { + try { + boolean success = CacheUtil.clearCache(); + if (!success) { + JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache")); + } + } catch (Exception ex) { JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache")); } - return success; } } diff -r 6bdbe6b2694b -r 2d02a075cb1e netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 09:20:18 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 16:46:09 2014 +0100 @@ -265,9 +265,9 @@ CChooseCache=Choose a cache directory... CChooseCacheInfo=NetX needs a location for storing cache files. CChooseCacheDir=Cache directory -CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications. +CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Clean all CFakeCache=Cache is corrupt. Fixing. -CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible. +CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible. You can also use via itw-settings Cache -> View files -> Clean all # Security SFileReadAccess=The application has requested read access to {0}. Do you want to allow this action? @@ -683,7 +683,7 @@ CVCPButRefresh=Refresh CVCPButDelete=Delete CVCPCleanCache=Clean all cache -CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. +CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Clean all CVCPColLastModified=Last Modified CVCPColSize=Size (Bytes) CVCPColDomain=Domain From aazores at redhat.com Mon Mar 24 15:46:53 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 11:46:53 -0400 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <53304B0E.3060505@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> Message-ID: <5330536D.2030608@redhat.com> On 03/24/2014 11:11 AM, Jiri Vanek wrote: > On 03/24/2014 03:44 PM, Andrew Azores wrote: >> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>> Hi, >>>> >>>> PolicyEditor loads and saves policy files async, obviously. >>>> However, this means that opening a new >>>> PolicyEditor instance on an existing policy file and >>>> programmatically adding a new codebase to the >>>> editor does not have a well-defined order. This can be problematic >>>> because PolicyEditor >>>> highlights/selects the last added codebase, so eg in the scenario >>>> where the editor is being launched >>>> from a security dialog, we want to be sure that the current >>>> applet's codebase is the one selected >>>> when the editor appears. This patch adds a method to PolicyEditor >>>> that indicates whether the editor >>>> is currently reading/writing a file, and adds a loop to the two >>>> security dialogs so that the new >>>> codebase is not added and the editor made visible until it >>>> completes its IO. >>>> >>>> Thanks, >>>> >>> >>> Hm... I dont think this is correct approach. Why are you so strongly >>> against modal dialogue? >>> >>> >>> J. >> >> I'm not... making PolicyEditor modal will come later. This patch is >> just about making sure that when >> you launch PolicyEditor from a security dialog, the current applet's >> codebase is guaranteed to be >> the selected one when the editor appears. This and modality are >> completely separate. >> >> Thanks, >> > uff... wouldnt be much more easy to make the load/save in sync? I do > not see any reason why it is in new thread Thread(save/load).start() .... > > > J. I really don't want to be doing it sync on the UI thread. This makes the application less responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee the programmatically added new codebases come after. There are better ways to do it async than manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and Runnables as I suggested. Still, these potential enhancements to the multithreading model would still have the codebase ordering problem. Thanks, -- Andrew A From aazores at redhat.com Mon Mar 24 15:55:51 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 11:55:51 -0400 Subject: [rfc][icedtea-web] Temporary permissions Message-ID: <53305587.9080208@redhat.com> Hi, This patch adds new menu items to the new popup menu where PolicyEditor can be launched. These new items make it possible to run the current applet sandboxed, but with some additional permissions added, without having to actually launch PolicyEditor and configure the permissions. These permissions are also temporary, as opposed to making a custom policy, which persists until you remove the policy. Right now the permission set defined is just the sum of the permissions PolicyEditor can grant via its checkboxes, and the two options added are No File Access and No Network Access, which are just that full set minus a few. I'd appreciate input on what other temporary permission options could be made available. Anyone have ideas on making the popup menu disappear nicely, rather than adding a setVisible call on it to every action listener we have? And I suppose it should also be forced to disappear when the dialog is disposed as well. What's the best practice for that? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: temporary-permissions.patch Type: text/x-patch Size: 15147 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 24 16:01:39 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 17:01:39 +0100 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <5330536D.2030608@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> <5330536D.2030608@redhat.com> Message-ID: <533056E3.60201@redhat.com> On 03/24/2014 04:46 PM, Andrew Azores wrote: > On 03/24/2014 11:11 AM, Jiri Vanek wrote: >> On 03/24/2014 03:44 PM, Andrew Azores wrote: >>> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>>> Hi, >>>>> >>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new >>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the >>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor >>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being >>>>> launched >>>>> from a security dialog, we want to be sure that the current applet's codebase is the one selected >>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the >>>>> editor >>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new >>>>> codebase is not added and the editor made visible until it completes its IO. >>>>> >>>>> Thanks, >>>>> >>>> >>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue? >>>> >>>> >>>> J. >>> >>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that when >>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be >>> the selected one when the editor appears. This and modality are completely separate. >>> >>> Thanks, >>> >> uff... wouldnt be much more easy to make the load/save in sync? I do not see any reason why it is >> in new thread Thread(save/load).start() .... >> >> >> J. > > I really don't want to be doing it sync on the UI thread. This makes the application less > responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee > the programmatically added new codebases come after. There are better ways to do it async than > manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and > Runnables as I suggested. Still, these potential enhancements to the multithreading model would > still have the codebase ordering problem. I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested locking. Correct aporach is: invoke thread (swingworker) disable gui or show dialog with progressbar or soem wait please (so gui will be "responsoble") wait for thread. Would be correct approach. However - the polici files *are* small. So the burden of *doing it IN* AWT is imho acceptable. J. From jvanek at icedtea.classpath.org Mon Mar 24 16:05:05 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:05:05 +0000 Subject: /hg/icedtea-web: Client applications now log into new console. Message-ID: changeset c0845e58bfba in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=c0845e58bfba author: Jiri Vanek date: Mon Mar 24 17:04:51 2014 +0100 Client applications now log into new console. diffstat: ChangeLog | 24 +- netx/net/sourceforge/jnlp/resources/Messages.properties | 2 + netx/net/sourceforge/jnlp/runtime/Boot.java | 3 +- netx/net/sourceforge/jnlp/util/TeeOutputStream.java | 95 ------ netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java | 39 ++- netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java | 35 ++- netx/net/sourceforge/jnlp/util/logging/JavaConsole.java | 10 + netx/net/sourceforge/jnlp/util/logging/OutputController.java | 4 + netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java | 141 ++++++++++ netx/net/sourceforge/jnlp/util/logging/headers/Header.java | 19 +- 10 files changed, 261 insertions(+), 111 deletions(-) diffs (truncated from 589 to 500 lines): diff -r 2d02a075cb1e -r c0845e58bfba ChangeLog --- a/ChangeLog Mon Mar 24 16:46:09 2014 +0100 +++ b/ChangeLog Mon Mar 24 17:04:51 2014 +0100 @@ -1,4 +1,26 @@ -2014-03-20 Jiri Vanek +2014-03-24 Jiri Vanek + + Client applications now log into new console. + * netx/net/sourceforge/jnlp/resources/Messages.properties: added keys (COPitw) + and (COPclientApp) for new checkboxes in console + * netx/net/sourceforge/jnlp/runtime/Boot.java: added brackets to headless if + * netx/net/sourceforge/jnlp/util/TeeOutputStream.java: moved to + * netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java: and improved to + log into new console. + * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: added new + checkboxes to filter out/in custom app/itw logs. copyAll buttons do not include + custom app's logs in case of first click. + * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java: Added + testing data with custom app. (HTMLCOLOR_PURPLE) and (HTMLCOLOR_GREEN) as + new colors for custom app. (filter) now handle client app. + * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: (init) redirect + stdout/err over teeOutputStream + * /netx/net/sourceforge/jnlp/util/logging/OutputController.java: (consume) + do not reprint if header is marked by isClientApp + * netx/net/sourceforge/jnlp/util/logging/headers/Header.java: added field + (isClientApp) + +2014-03-24 Jiri Vanek * netx/net/sourceforge/jnlp/controlpanel/CachePane.java: (visualCleanCache) consider exception in cache operation as not-scuess. diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 17:04:51 2014 +0100 @@ -622,6 +622,8 @@ COPmatch=match COPnot=not COPrevert=revert +COPitw=IcedTea-Web +COPclientApp=Client app. # Control Panel - DesktopShortcutPanel DSPNeverCreate=Never create diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/runtime/Boot.java --- a/netx/net/sourceforge/jnlp/runtime/Boot.java Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Mon Mar 24 17:04:51 2014 +0100 @@ -135,8 +135,9 @@ if (AppContext.getAppContext() == null) { SunToolkit.createNewAppContext(); } - if (null != getOption("-headless")) + if (null != getOption("-headless")) { JNLPRuntime.setHeadless(true); + } DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched(); diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/TeeOutputStream.java --- a/netx/net/sourceforge/jnlp/util/TeeOutputStream.java Mon Mar 24 16:46:09 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,95 +0,0 @@ -/* TeeOutputStream.java - Copyright (C) 2010 Red Hat - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -IcedTea is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package net.sourceforge.jnlp.util; - -import java.io.FileOutputStream; -import java.io.PrintStream; - -/** - * Behaves like the 'tee' command, sends output to both actual std stream and a - * file - */ -public final class TeeOutputStream extends PrintStream { - - // Everthing written to TeeOutputStream is written to this file - PrintStream logFile; - - public TeeOutputStream(FileOutputStream fileOutputStream, - PrintStream stdStream) { - super(stdStream); - logFile = new PrintStream(fileOutputStream); - } - - @Override - public boolean checkError() { - boolean thisError = super.checkError(); - boolean fileError = logFile.checkError(); - - return thisError || fileError; - } - - @Override - public void close() { - logFile.close(); - super.close(); - } - - @Override - public void flush() { - logFile.flush(); - super.flush(); - } - - /* - * The big ones: these do the actual writing - */ - - @Override - public void write(byte[] buf, int off, int len) { - logFile.write(buf, off, len); - - super.write(buf, off, len); - } - - @Override - public void write(int b) { - logFile.write(b); - - super.write(b); - } -} diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java --- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java Mon Mar 24 17:04:51 2014 +0100 @@ -31,6 +31,8 @@ import net.sourceforge.jnlp.util.logging.headers.ObservableMessagesProvider; public class ConsoleOutputPane extends javax.swing.JPanel implements Observer { + + private boolean canChange = true; @Override public synchronized void update(Observable o, Object arg) { @@ -171,7 +173,7 @@ @Override public void actionPerformed(java.awt.event.ActionEvent evt) { - refreshAction(evt); + refreshAction(); } }; } @@ -284,6 +286,8 @@ wordWrap = new javax.swing.JCheckBox(); showDebug = new javax.swing.JCheckBox(); showInfo = new javax.swing.JCheckBox(); + showItw = new javax.swing.JCheckBox(); + showApp = new javax.swing.JCheckBox(); showCode = new javax.swing.JCheckBox(); statistics = new javax.swing.JLabel(); showPostInit = new javax.swing.JCheckBox(); @@ -384,7 +388,7 @@ @Override public void actionPerformed(java.awt.event.ActionEvent evt) { model.usedPattern = model.lastValidPattern; - refreshAction(evt); + refreshAction(); } }); @@ -447,6 +451,14 @@ showInfo.setSelected(true); showInfo.setText(Translator.R("COPinfo")); showInfo.addActionListener(getDefaultActionSingleton()); + + showItw.setSelected(true); + showItw.setText(Translator.R("COPitw")); + showItw.addActionListener(getDefaultActionSingleton()); + + showApp.setSelected(true); + showApp.setText(Translator.R("COPclientApp")); + showApp.addActionListener(getDefaultActionSingleton()); showCode.setSelected(true); showCode.setText(Translator.R("COPcode")); @@ -523,7 +535,10 @@ addComponent(showJava).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED). addComponent(showPlugin).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(showDebug).addGap(6, 6, 6). - addComponent(showInfo))).addGap(2, 2, 2). + addComponent(showInfo).addGap(6, 6, 6). + addComponent(showItw).addGap(6, 6, 6). + addComponent(showApp) + )).addGap(2, 2, 2). addComponent(statistics)).addGroup( javax.swing.GroupLayout.Alignment.TRAILING, jPanel2Layout.createSequentialGroup(). addComponent(showPreInit).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED). @@ -564,6 +579,8 @@ addComponent(showPlugin). addComponent(showDebug). addComponent(showInfo). + addComponent(showItw). + addComponent(showApp). addComponent(statistics)).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED).addGroup( jPanel2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE). addComponent(showPreInit). @@ -708,7 +725,7 @@ validate(); } - private void refreshAction(java.awt.event.ActionEvent evt) { + private void refreshAction() { updateModel(); refreshPane(); } @@ -807,10 +824,20 @@ } private void copyPlainActionPerformed(java.awt.event.ActionEvent evt) { + if (canChange) { + showApp.setSelected(false); + refreshAction(); + canChange = false; + } fillClipBoard(false, sortCopyAll.isSelected()); } private void copyRichActionPerformed(java.awt.event.ActionEvent evt) { + if (canChange) { + showApp.setSelected(false); + refreshAction(); + canChange = false; + } fillClipBoard(true, sortCopyAll.isSelected()); } @@ -856,6 +883,8 @@ model.showHeaders = showHeaders.isSelected(); model.showIncomplete = showIncomplete.isSelected(); model.showInfo = showInfo.isSelected(); + model.showItw = showItw.isSelected(); + model.showApp = showApp.isSelected(); model.showJava = showJava.isSelected(); model.showLevel = showLevel.isSelected(); model.showMessage = showMessage.isSelected(); @@ -900,6 +929,8 @@ private javax.swing.JButton showHide; private javax.swing.JCheckBox showIncomplete; private javax.swing.JCheckBox showInfo; + private javax.swing.JCheckBox showItw; + private javax.swing.JCheckBox showApp; private javax.swing.JCheckBox showJava; private javax.swing.JCheckBox showLevel; private javax.swing.JCheckBox showMessage; diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java --- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java Mon Mar 24 17:04:51 2014 +0100 @@ -96,6 +96,12 @@ origData.add(new JavaMessage(new Header(Level.WARNING_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 2")); origData.add(new JavaMessage(new Header(Level.WARNING_DEBUG, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 4")); origData.add(new JavaMessage(new Header(Level.MESSAGE_DEBUG, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 9")); + JavaMessage m1 = new JavaMessage(new Header(Level.MESSAGE_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "app1"); + JavaMessage m2 = new JavaMessage(new Header(Level.ERROR_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "app2"); + m1.getHeader().isClientApp = true; + m2.getHeader().isClientApp = true; + origData.add(m1); + origData.add(m2); origData.add(new JavaMessage(new Header(Level.MESSAGE_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 0 - multilined \n" + "since beggining\n" + " later\n" @@ -117,7 +123,8 @@ private static final String HTMLCOLOR_GREENYELLOW = "AAAA00"; private static final String HTMLCOLOR_PINKYREAD = "FF0055"; private static final String HTMLCOLOR_BLACK = "000000"; - + private static final String HTMLCOLOR_GREEN = "669966"; + private static final String HTMLCOLOR_PURPLE = "990066"; String importList() { return importList(lastUpdateIndex); } @@ -174,12 +181,20 @@ } } } else { - if (messageWithHeader.getHeader().level.isWarning()) { - sb.append(HTMLCOLOR_GREENYELLOW); - } else if (messageWithHeader.getHeader().level.isError()) { - sb.append(HTMLCOLOR_PINKYREAD); + if (messageWithHeader.getHeader().isClientApp) { + if (messageWithHeader.getHeader().level.isError()) { + sb.append(HTMLCOLOR_PURPLE); + } else { + sb.append(HTMLCOLOR_GREEN); + } } else { - sb.append(HTMLCOLOR_BLACK); + if (messageWithHeader.getHeader().level.isWarning()) { + sb.append(HTMLCOLOR_GREENYELLOW); + } else if (messageWithHeader.getHeader().level.isError()) { + sb.append(HTMLCOLOR_PINKYREAD); + } else { + sb.append(HTMLCOLOR_BLACK); + } } } sb.append("'>"); @@ -328,6 +343,12 @@ if (!showInfo && m.getHeader().level.isInfo()) { return true; } + if (!showItw && !m.getHeader().isClientApp) { + return true; + } + if (!showApp && m.getHeader().isClientApp) { + return true; + } if (!showJava && !m.getHeader().isC) { return true; } @@ -376,6 +397,8 @@ boolean showHeaders; boolean showIncomplete; boolean showInfo; + boolean showItw; + boolean showApp; boolean showJava; boolean showLevel; boolean showMessage; diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/JavaConsole.java --- a/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java Mon Mar 24 17:04:51 2014 +0100 @@ -89,6 +89,16 @@ final private List rawData = Collections.synchronizedList(new ArrayList()); final private List outputs = new ArrayList(); + public JavaConsole() { + //add middleware, which catches client's application stdout/err + //and will submit it into console + System.setErr(new TeeOutputStream(System.err, true)); + System.setOut(new TeeOutputStream(System.out, false)); + //internal stdOut/Err are going throughs outLog/errLog + //when console is off, those tees are not installed + } + + private void refreshOutputs() { refreshOutputs(outputsPanel, (Integer)numberOfOutputs.getValue()); } diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/OutputController.java --- a/netx/net/sourceforge/jnlp/util/logging/OutputController.java Mon Mar 24 16:46:09 2014 +0100 +++ b/netx/net/sourceforge/jnlp/util/logging/OutputController.java Mon Mar 24 17:04:51 2014 +0100 @@ -148,6 +148,10 @@ if (LogConfig.getLogConfig().isLogToConsole()) { JavaConsole.getConsole().addMessage(s); } + //clients app's messages are reprinted only to console + if (s.getHeader().isClientApp){ + return; + } if (!JNLPRuntime.isDebug() && (s.getHeader().level == Level.MESSAGE_DEBUG || s.getHeader().level == Level.WARNING_DEBUG || s.getHeader().level == Level.ERROR_DEBUG)) { diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java Mon Mar 24 17:04:51 2014 +0100 @@ -0,0 +1,141 @@ +/* TeeOutputStream.java + Copyright (C) 2010 Red Hat + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package net.sourceforge.jnlp.util.logging; + + +import java.io.PrintStream; +import net.sourceforge.jnlp.util.logging.JavaConsole; +import net.sourceforge.jnlp.util.logging.OutputController; +import net.sourceforge.jnlp.util.logging.OutputController.Level; +import net.sourceforge.jnlp.util.logging.SingleStreamLogger; +import net.sourceforge.jnlp.util.logging.headers.Header; +import net.sourceforge.jnlp.util.logging.headers.JavaMessage; +import net.sourceforge.jnlp.util.logging.headers.MessageWithHeader; + +/** + * Behaves like the 'tee' command, sends output to both actual std stream and a + * log + */ +public final class TeeOutputStream extends PrintStream implements SingleStreamLogger{ + + // Everthing written to TeeOutputStream is written to our log too + + private final StringBuffer string = new StringBuffer(); + private final boolean isError; + + public TeeOutputStream(PrintStream stdStream, boolean isError) { + super(stdStream); + this.isError = isError; + } + + + @Override + public void close() { + flushLog(); + super.close(); + } + + @Override + public void flush() { + flushLog(); + super.flush(); + } + + /* + * The big ones: these do the actual writing + */ + + @Override + public synchronized void write(byte[] b, int off, int len) { + if (b == null) { + throw new NullPointerException(); + } else if ((off < 0) || (off > b.length) || (len < 0) + || ((off + len) > b.length) || ((off + len) < 0)) { + throw new IndexOutOfBoundsException(); + } else if (len == 0) { + return; + } + for (int i = 0; i < len; i++) { + appendChar(b[off + i]); + } + super.write(b, off, len); + } + + @Override + public synchronized void write(int b) { + appendChar(b); + super.write(b); + } + + private void flushLog() { + if (string.length() <= 0 ){ + return; + } + log(string.toString()); From andrew at icedtea.classpath.org Mon Mar 24 16:09:53 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:09:53 +0000 Subject: /hg/release/icedtea7-2.3: 7 new changesets Message-ID: changeset 54a01fed7fe2 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=54a01fed7fe2 author: Andrew John Hughes date: Thu Jan 16 05:20:16 2014 +0000 Fix broken bootstrap. 2014-01-15 Andrew John Hughes * patches/boot/ecj-multicatch.patch: Add new cases in RSAClientKeyExchange and Handshaker. changeset 6971534a9128 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=6971534a9128 author: Andrew John Hughes date: Tue Feb 25 16:38:08 2014 +0000 S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only) S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only) S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only) S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only) S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only) S8000780: make Zero build and run with JDK8 (Zero only) 2014-02-25 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add new patches for Zero builds only. * NEWS: List new patches. * patches/zero/7023639-8000780-jsr292_fast_path.patch, * patches/zero/7192406-exact_return_type_info.patch, * patches/zero/7196242-loopsandthreads_crashed.patch, * patches/zero/7200949-jruby_fail.patch, * patches/zero/8029507-jvm_method_processing.patch: Backports of 7023639 and 8029507 security fixes for Zero only, with required backports. changeset 2df0b6e6b67f in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=2df0b6e6b67f author: Andrew John Hughes date: Fri Mar 21 20:25:44 2014 +0000 List bootstrap fix in NEWS. 2014-03-21 Andrew John Hughes * NEWS: List bootstrap fix. changeset 358293cf091b in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=358293cf091b author: Andrew John Hughes date: Fri Feb 21 22:04:31 2014 +0000 Avoid giving PAX_COMMAND a value if no PaX utility is available. 2014-02-21 Andrew John Hughes * acinclude.m4: (IT_WITH_PAX): Leave PAX_COMMAND with the empty string rather than "not specified" to avoid build failures. * pax-mark-vm.in: Update PAX_COMMAND check. changeset 752098160f94 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=752098160f94 author: Andrew John Hughes date: Fri Mar 21 20:28:06 2014 +0000 PR1684: Build fails with empty PAX_COMMAND 2014-02-24 Andrew John Hughes PR1684: Build fails with empty PAX_COMMAND * Makefile.am: (ICEDTEA_ENV): Only add PAX_COMMAND when defined. * NEWS: Updated. changeset 1b8baaef20dd in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=1b8baaef20dd author: Andrew John Hughes date: Fri Mar 21 20:29:20 2014 +0000 Add Gentoo bug reference for PaX update. 2014-02-24 Andrew John Hughes * NEWS: Add Gentoo bug reference for PaX update. changeset 65e24999d804 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804 author: Andrew John Hughes date: Mon Mar 24 16:09:19 2014 +0000 Bring in latest changes from 2.4 branch and u51. PR1653: Support ppc64le via Zero PR1654: ppc32 needs a larger ThreadStackSize to build PR1679: Allow OpenJDK to build on PaX-enabled kernels 2014-03-24 Andrew John Hughes * patches/revert-7017193.patch: Removed. * patches/boot/ecj-diamond.patch: Remove unneeded change to src/share/classes/java/beans/ThreadGroupContext.java * Makefile.am: (CORBA_CHANGESET): Update to icedtea-2.3 HEAD. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. (ICEDTEA_PATCHES): Remove 7017193 reversion. * NEWS: Updated with latest changes, including PaX ARM32 and Shark changes. * acinclude.m4: (IT_ENABLE_ARM32JIT): Enable by default. * hotspot.map: Update to icedtea-2.3 HEAD. 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, * patches/pax-mark-rmic-java.patch, * patches/test_gamma.patch: Removed. * INSTALL: Document ARM32 JIT and --enable-arm32-jit option. (ICEDTEA_PATCHES): Remove PaX patches. (ICEDTEA_BOOT_PATCHES): Remove test_gamma patch (fixed by detection of non-Oracle JDK addition from PPC port) (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build. * acinclude.m4: (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be enabled. * configure.ac: Run IT_ENABLE_ARM32JIT macro. diffstat: ChangeLog | 86 + INSTALL | 5 + Makefile.am | 50 +- NEWS | 56 +- acinclude.m4 | 29 +- configure.ac | 1 + hotspot.map | 2 +- patches/boot/ecj-diamond.patch | 1152 +- patches/boot/ecj-multicatch.patch | 49 + patches/boot/test_gamma.patch | 47 - patches/pax-mark-rmic-java.patch | 10 - patches/revert-7017193.patch | 138 - patches/test_gamma.patch | 47 - patches/zero/7023639-8000780-jsr292_fast_path.patch | 28468 ++++++++++++++++++ patches/zero/7192406-exact_return_type_info.patch | 660 + patches/zero/7196242-loopsandthreads_crashed.patch | 124 + patches/zero/7200949-jruby_fail.patch | 1045 + patches/zero/8029507-jvm_method_processing.patch | 215 + pax-mark-vm.in | 2 +- 19 files changed, 31334 insertions(+), 852 deletions(-) diffs (truncated from 34267 to 500 lines): diff -r 541d09b19300 -r 65e24999d804 ChangeLog --- a/ChangeLog Mon Feb 24 18:59:38 2014 +0000 +++ b/ChangeLog Mon Mar 24 16:09:19 2014 +0000 @@ -1,3 +1,89 @@ +2014-03-24 Andrew John Hughes + + * patches/revert-7017193.patch: + Removed. + * patches/boot/ecj-diamond.patch: Remove unneeded + change to src/share/classes/java/beans/ThreadGroupContext.java + * Makefile.am: + (CORBA_CHANGESET): Update to icedtea-2.3 HEAD. + (JAXP_CHANGESET): Likewise. + (JAXWS_CHANGESET): Likewise. + (JDK_CHANGESET): Likewise. + (OPENJDK_CHANGESET): Likewise. + (CORBA_SHA256SUM): Likewise. + (JAXP_SHA256SUM): Likewise. + (JAXWS_SHA256SUM): Likewise. + (JDK_SHA256SUM): Likewise. + (OPENJDK_SHA256SUM): Likewise. + (ICEDTEA_PATCHES): Remove 7017193 reversion. + * NEWS: Updated with latest changes, including PaX + ARM32 and Shark changes. + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Enable by default. + * hotspot.map: Update to icedtea-2.3 HEAD. + +2014-02-19 Andrew John Hughes + + * patches/boot/test_gamma.patch, + * patches/pax-mark-rmic-java.patch, + * patches/test_gamma.patch: + Removed. + * INSTALL: + Document ARM32 JIT and --enable-arm32-jit option. + (ICEDTEA_PATCHES): Remove PaX patches. + (ICEDTEA_BOOT_PATCHES): Remove test_gamma + patch (fixed by detection of non-Oracle JDK + addition from PPC port) + (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. + (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build. + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be + enabled. + * configure.ac: Run IT_ENABLE_ARM32JIT macro. + +2014-02-24 Andrew John Hughes + + * NEWS: Add Gentoo bug reference for + PaX update. + +2014-02-24 Andrew John Hughes + + PR1684: Build fails with empty PAX_COMMAND + * Makefile.am: + (ICEDTEA_ENV): Only add PAX_COMMAND when defined. + * NEWS: Updated. + +2014-02-21 Andrew John Hughes + + * acinclude.m4: + (IT_WITH_PAX): Leave PAX_COMMAND with the empty + string rather than "not specified" to avoid build + failures. + * pax-mark-vm.in: Update PAX_COMMAND check. + +2014-03-21 Andrew John Hughes + + * NEWS: List bootstrap fix. + +2014-02-25 Andrew John Hughes + + * Makefile.am: + (ICEDTEA_PATCHES): Add new patches for Zero builds only. + * NEWS: List new patches. + * patches/zero/7023639-8000780-jsr292_fast_path.patch, + * patches/zero/7192406-exact_return_type_info.patch, + * patches/zero/7196242-loopsandthreads_crashed.patch, + * patches/zero/7200949-jruby_fail.patch, + * patches/zero/8029507-jvm_method_processing.patch: + Backports of 7023639 and 8029507 security fixes for + Zero only, with required backports. + +2014-01-15 Andrew John Hughes + + * patches/boot/ecj-multicatch.patch: + Add new cases in RSAClientKeyExchange + and Handshaker. + 2014-02-19 Andrew John Hughes PR1677: Update PaX support to detect running PaX diff -r 541d09b19300 -r 65e24999d804 INSTALL --- a/INSTALL Mon Feb 24 18:59:38 2014 +0000 +++ b/INSTALL Mon Mar 24 16:09:19 2014 +0000 @@ -195,6 +195,7 @@ * --with-rhino: Include Javascript support using Rhino (location may optionally be specified). * --with-additional-vms=vm-list: Additional VMs to build using the system described below. +* --enable-arm32-jit: Build the ARM32 JIT. Testing ======= @@ -294,6 +295,10 @@ --enable-shark to configure. Please note that Shark is still in development and builds are still likely to fail at present. +On ARM32, there is also a native JIT port built on top of Zero. This +still has issues and is thus not enabled by default. To enable it, +pass --enable-arm32-jit to configure. + Support for Different Versions of HotSpot ========================================= diff -r 541d09b19300 -r 65e24999d804 Makefile.am --- a/Makefile.am Mon Feb 24 18:59:38 2014 +0000 +++ b/Makefile.am Mon Mar 24 16:09:19 2014 +0000 @@ -4,19 +4,19 @@ JDK_UPDATE_VERSION = 25 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION) -CORBA_CHANGESET = f12e1c039846 -JAXP_CHANGESET = 691a5e0c657f -JAXWS_CHANGESET = 1067e01a4e0e -JDK_CHANGESET = bad5e0686160 +CORBA_CHANGESET = c7d0b72f704f +JAXP_CHANGESET = 0eb202593710 +JAXWS_CHANGESET = 482a3f64a8ea +JDK_CHANGESET = 3428bff8a33a LANGTOOLS_CHANGESET = d50a9c5cd291 -OPENJDK_CHANGESET = 66eecafe5565 +OPENJDK_CHANGESET = 14181eb6c00d -CORBA_SHA256SUM = 1da8714d86f7d9a91d835280662b95b257cb1b6f04b9d2dc5e30adb854b86cf0 -JAXP_SHA256SUM = 0c6f61c054613b5f06a8a16796ba020b0dd0f2d980c6eb0fc1ccc8bb41fce7dd -JAXWS_SHA256SUM = 3957ca1fbf2a4f37f106a24d1cc0e45ae48a9916270150f1de1aead698b33124 -JDK_SHA256SUM = 5c107e2176a94d1d589920dfaef2a989a7b49bb92a63c68b3f44da297e70bf6b +CORBA_SHA256SUM = 5d3811e2994d2d5f96d2ae8693e81354a3abede5dc5b75bfad15444136d77b13 +JAXP_SHA256SUM = 686022ea83f721dfdadc2dc835237fbca81383e7b1346191a8ef254ccfe3b565 +JAXWS_SHA256SUM = f8b8d787041c708809655e0f903bd4a86ffe1683c07890c58f39ea0b8c302eab +JDK_SHA256SUM = b4ae9750bfec39285cce9cbb3b8589689137d3155165e7960c954311b95b567e LANGTOOLS_SHA256SUM = 1ea31d21beb88f2512630523f24f3a35498deed1356c4c0bf8b901086dd2c13a -OPENJDK_SHA256SUM = a8ed4cefc22353e6126f14a80bbf92d111c6bcfb58537c14e2916520de3f94f6 +OPENJDK_SHA256SUM = d883a9a04f11ae1616b3f162671d6926283cdd27233332c787350f76ba960ac5 CACAO_VERSION = a567bcb7f589 CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9 @@ -264,8 +264,7 @@ # Patch list -ICEDTEA_PATCHES = \ - patches/revert-7017193.patch +ICEDTEA_PATCHES = # Conditional patches @@ -311,10 +310,13 @@ ICEDTEA_PATCHES += patches/nss-not-enabled-config.patch endif -if WITH_PAX +if ZERO_BUILD ICEDTEA_PATCHES += \ - patches/test_gamma.patch \ - patches/pax-mark-rmic-java.patch + patches/zero/7023639-8000780-jsr292_fast_path.patch \ + patches/zero/7196242-loopsandthreads_crashed.patch \ + patches/zero/7192406-exact_return_type_info.patch \ + patches/zero/7200949-jruby_fail.patch \ + patches/zero/8029507-jvm_method_processing.patch endif ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) @@ -355,10 +357,6 @@ patches/boot/ecj-autoboxing.patch \ patches/boot/xsltproc.patch -if !WITH_PAX -ICEDTEA_BOOT_PATCHES += patches/boot/test_gamma.patch -endif - if CP39408_JAVAH ICEDTEA_BOOT_PATCHES += patches/boot/pr39408.patch endif @@ -438,6 +436,12 @@ WERROR_STATUS=false endif +if ENABLE_ARM32JIT +ARM32JIT_STATUS=true +else +ARM32JIT_STATUS=false +endif + ICEDTEA_ENV = \ ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \ ANT="$(ANT)" \ @@ -489,7 +493,8 @@ CUPS_CFLAGS="${CUPS_CFLAGS}" \ STRIP_POLICY=no_strip \ JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \ - COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" + COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \ + ARM32JIT="${ARM32JIT_STATUS}" if ENABLE_CACAO ICEDTEA_ENV += \ @@ -593,6 +598,11 @@ COMPRESS_JARS="true" endif +if WITH_PAX +ICEDTEA_ENV += \ + PAX_COMMAND="${PAX_COMMAND}" +endif + # OpenJDK boot build environment. ICEDTEA_ENV_BOOT = $(ICEDTEA_ENV) \ BOOTCLASSPATH_CLS_RT="-bootclasspath $(CLS_DIR_BOOT):$(RUNTIME)" \ diff -r 541d09b19300 -r 65e24999d804 NEWS --- a/NEWS Mon Feb 24 18:59:38 2014 +0000 +++ b/NEWS Mon Mar 24 16:09:19 2014 +0000 @@ -12,8 +12,62 @@ New in release 2.3.14 (2014-01-XX): +* Security fixes + - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only) + - S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only) +* Backports + - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f + - S7032018: The file list in JFileChooser does not have an accessible name + - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics + - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages + - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only) + - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only) + - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only) + - S8000780: make Zero build and run with JDK8 (Zero only) + - S8008764: 7uX l10n resource file translation update + - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 + - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint + - S8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions + - S8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option + - S8023310: Thread contention in the method Beans.IsDesignTime() + - S8024302: Clarify jar verifications + - S8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test + - S8025255: (tz) Support tzdata2013g + - S8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris + - S8026304: jarsigner output bad grammar + - S8026887: Make issues due to failed large pages allocations easier to debug + - S8027204: Revise the update of 8026204 and 8025758 + - S8027224: test regression - ClassNotFoundException + - S8027370: Support tzdata2013h + - S8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04 + - S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms + - S8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45 + - S8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications + - S8028111: XML readers share the same entity expansion counter + - S8028215: ORB.init fails with SecurityException if properties select the JDK default ORB + - S8028293: Check local configuration for actual ephemeral port range + - S8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147 + - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win) + - S8028823: java/net/Makefile tabs converted to spaces + - S8029038: Revise fix for XML readers share the same entity expansion counter * Bug fixes - - PR1677: Update PaX support to detect running PaX kernel and use newer tools + - Fix broken bootstrap build by updating ecj-multicatch.patch + - PR1654: ppc32 needs a larger ThreadStackSize to build + - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools + - PR1679: Allow OpenJDK to build on PaX-enabled kernels + - PR1684: Build fails with empty PAX_COMMAND + - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. + - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) + - RH910107: fail to load PC/SC library +* New features + - PR1653: Support ppc64le via Zero +* ARM port + - Allow ARM32 JIT to be disabled + - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. + - Turn ARM32 JIT on by default +* Shark + - Add Shark definitions from 8003868 + - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp New in release 2.3.13 (2014-01-14): diff -r 541d09b19300 -r 65e24999d804 acinclude.m4 --- a/acinclude.m4 Mon Feb 24 18:59:38 2014 +0000 +++ b/acinclude.m4 Mon Mar 24 16:09:19 2014 +0000 @@ -2296,10 +2296,7 @@ fi fi fi - if test -z "${PAX_COMMAND}"; then - PAX_COMMAND="not specified" - PAX_COMMAND_ARGS="not specified" - else + if test -n "${PAX_COMMAND}"; then AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}]) case "${host_cpu}" in i?86) @@ -2311,7 +2308,7 @@ esac AC_MSG_RESULT(${PAX_COMMAND_ARGS}) fi - AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified") + AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "x") AC_SUBST(PAX_COMMAND) AC_SUBST(PAX_COMMAND_ARGS) ]) @@ -2497,3 +2494,25 @@ AM_CONDITIONAL([LACKS_$1], test x"${it_cv_$1}" = "xyes") AC_PROVIDE([$0])dnl ]) + +AC_DEFUN([IT_ENABLE_ARM32JIT], +[ + AC_MSG_CHECKING([whether to enable the ARM32 JIT]) + AC_ARG_ENABLE([arm32-jit], + [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])], + [ + case "${enableval}" in + yes) + enable_arm32jit=yes + ;; + *) + enable_arm32jit=no + ;; + esac + ], + [ + enable_arm32jit=yes + ]) + AC_MSG_RESULT([$enable_arm32jit]) + AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") +]) diff -r 541d09b19300 -r 65e24999d804 configure.ac --- a/configure.ac Mon Feb 24 18:59:38 2014 +0000 +++ b/configure.ac Mon Mar 24 16:09:19 2014 +0000 @@ -181,6 +181,7 @@ IT_ENABLE_JAR_COMPRESSION IT_SET_SHARK_BUILD IT_CHECK_ADDITIONAL_VMS +IT_ENABLE_ARM32JIT IT_WITH_VERSION_SUFFIX IT_WITH_PROJECT diff -r 541d09b19300 -r 65e24999d804 hotspot.map --- a/hotspot.map Mon Feb 24 18:59:38 2014 +0000 +++ b/hotspot.map Mon Mar 24 16:09:19 2014 +0000 @@ -1,2 +1,2 @@ # version url changeset sha256sum -default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 3442eb7ef2d2 cda53696c0c5240f59ca8b21c8c38a347714ee95d0434f228e3a794b1aad65b4 +default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 9747f83d7a38 afc6b4e85ee0673da8effe4ba6eaba4a8f1edcc80d0c557f35157d970cb2e601 diff -r 541d09b19300 -r 65e24999d804 patches/boot/ecj-diamond.patch --- a/patches/boot/ecj-diamond.patch Mon Feb 24 18:59:38 2014 +0000 +++ b/patches/boot/ecj-diamond.patch Mon Mar 24 16:09:19 2014 +0000 @@ -1,6 +1,6 @@ diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java ---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java 2013-03-08 16:05:05.000000000 +0000 -+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java 2013-04-17 14:53:25.283551366 +0100 +--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java 2014-01-23 23:19:18.000000000 +0000 ++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java 2014-03-24 13:47:00.726495741 +0000 @@ -58,7 +58,7 @@ private CorbaConnection conn; @@ -11,9 +11,9 @@ public static synchronized void cleanCache( ORB orb ) { synchronized (iorMapLock) { diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java ---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java 2013-03-08 16:05:05.000000000 +0000 -+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java 2013-04-17 14:53:25.291551495 +0100 -@@ -1316,7 +1316,7 @@ +--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java 2014-01-23 23:19:18.000000000 +0000 ++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java 2014-03-24 13:47:00.726495741 +0000 +@@ -1315,7 +1315,7 @@ protected void shutdownServants(boolean wait_for_completion) { Set oaset; synchronized (this) { @@ -23,8 +23,8 @@ for (ObjectAdapterFactory oaf : oaset) diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java ---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java 2013-03-08 16:05:05.000000000 +0000 -+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java 2013-04-17 14:53:25.291551495 +0100 +--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java 2014-01-23 23:19:18.000000000 +0000 ++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java 2014-03-24 13:47:00.726495741 +0000 @@ -108,7 +108,7 @@ private ThreadGroup threadGroup; @@ -44,9 +44,9 @@ for (WorkerThread wt : copy) { diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java 2013-04-17 14:53:25.291551495 +0100 -@@ -62,9 +62,10 @@ +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java 2014-03-24 13:47:00.726495741 +0000 +@@ -63,9 +63,10 @@ */ public final class DocumentHandler extends DefaultHandler { private final AccessControlContext acc = AccessController.getContext(); @@ -61,8 +61,8 @@ private Reference loader; private ExceptionListener listener; diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java 2013-04-17 14:53:25.291551495 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java 2014-03-24 13:47:00.726495741 +0000 @@ -239,9 +239,9 @@ } } @@ -76,8 +76,8 @@ /** * Constructs the type resolver for the given actual type. diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java 2013-04-17 14:53:25.291551495 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java 2014-03-24 13:47:00.730495800 +0000 @@ -103,9 +103,9 @@ return this.def.compareTo(that.def); } @@ -149,8 +149,8 @@ for (int i = 0; i < layout.length(); i++) { if (layout.charAt(i++) != '[') diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java 2013-04-17 14:52:22.422547047 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java 2013-04-17 14:53:25.291551495 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java 2014-03-24 13:25:33.695413121 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java 2014-03-24 13:47:00.730495800 +0000 @@ -257,7 +257,7 @@ assert(basicCodings[_meta_default] == null); assert(basicCodings[_meta_canon_min] != null); @@ -219,8 +219,8 @@ return true; } diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java 2013-04-17 14:52:22.294545002 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java 2013-04-17 14:53:25.291551495 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java 2014-03-24 13:25:33.571411269 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java 2014-03-24 13:47:00.730495800 +0000 @@ -466,7 +466,7 @@ void readInnerClasses(Class cls) throws IOException { @@ -231,8 +231,8 @@ InnerClass ic = new InnerClass(readClassRef(), diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java 2013-04-17 14:53:25.295551558 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java 2014-03-24 13:47:00.730495800 +0000 @@ -743,9 +743,9 @@ // Steps 1/2/3 are interdependent, and may be iterated. // Steps 4 and 5 may be decided independently afterward. @@ -269,8 +269,8 @@ if (popset.add(values[i])) popvals.add(values[i]); } diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java 2013-04-17 14:53:25.295551558 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java 2014-03-24 13:47:00.730495800 +0000 @@ -402,7 +402,7 @@ private static Map codeMap; @@ -281,8 +281,8 @@ Coding x1 = codeMap.get(x0); if (x1 == null) codeMap.put(x0, x1 = x0); diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java 2013-04-17 14:53:25.295551558 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java 2014-01-28 18:02:26.000000000 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java 2014-03-24 13:47:00.730495800 +0000 @@ -915,7 +915,7 @@ public static Index[] partition(Index ix, int[] keys) { @@ -311,8 +311,8 @@ Entry e = work.previous(); work.remove(); // pop stack diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java 2013-04-17 14:52:22.422547047 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java 2013-04-17 14:53:25.295551558 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java 2014-03-24 13:25:33.695413121 +0000 ++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java 2014-03-24 13:47:00.730495800 +0000 @@ -61,7 +61,7 @@ ResourceBundle.getBundle("com.sun.java.util.jar.pack.DriverResource"); @@ -350,8 +350,8 @@ for (String optline : options.split("\n")) { String[] words = optline.split("\\p{Space}+"); diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java ---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java 2013-04-15 23:41:13.000000000 +0100 -+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java 2013-04-17 14:53:25.295551558 +0100 +--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java 2014-01-28 18:02:26.000000000 +0000 From bugzilla-daemon at icedtea.classpath.org Mon Mar 24 16:10:01 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:10:01 +0000 Subject: [Bug 1684] [IcedTea7] Build fails with empty PAX_COMMAND In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1684 --- Comment #3 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=752098160f94 author: Andrew John Hughes date: Fri Mar 21 20:28:06 2014 +0000 PR1684: Build fails with empty PAX_COMMAND 2014-02-24 Andrew John Hughes PR1684: Build fails with empty PAX_COMMAND * Makefile.am: (ICEDTEA_ENV): Only add PAX_COMMAND when defined. * NEWS: Updated. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 24 16:10:15 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:10:15 +0000 Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653 --- Comment #13 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804 author: Andrew John Hughes date: Mon Mar 24 16:09:19 2014 +0000 Bring in latest changes from 2.4 branch and u51. PR1653: Support ppc64le via Zero PR1654: ppc32 needs a larger ThreadStackSize to build PR1679: Allow OpenJDK to build on PaX-enabled kernels 2014-03-24 Andrew John Hughes * patches/revert-7017193.patch: Removed. * patches/boot/ecj-diamond.patch: Remove unneeded change to src/share/classes/java/beans/ThreadGroupContext.java * Makefile.am: (CORBA_CHANGESET): Update to icedtea-2.3 HEAD. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. (ICEDTEA_PATCHES): Remove 7017193 reversion. * NEWS: Updated with latest changes, including PaX ARM32 and Shark changes. * acinclude.m4: (IT_ENABLE_ARM32JIT): Enable by default. * hotspot.map: Update to icedtea-2.3 HEAD. 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, * patches/pax-mark-rmic-java.patch, * patches/test_gamma.patch: Removed. * INSTALL: Document ARM32 JIT and --enable-arm32-jit option. (ICEDTEA_PATCHES): Remove PaX patches. (ICEDTEA_BOOT_PATCHES): Remove test_gamma patch (fixed by detection of non-Oracle JDK addition from PPC port) (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build. * acinclude.m4: (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be enabled. * configure.ac: Run IT_ENABLE_ARM32JIT macro. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 24 16:10:20 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:10:20 +0000 Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654 --- Comment #10 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804 author: Andrew John Hughes date: Mon Mar 24 16:09:19 2014 +0000 Bring in latest changes from 2.4 branch and u51. PR1653: Support ppc64le via Zero PR1654: ppc32 needs a larger ThreadStackSize to build PR1679: Allow OpenJDK to build on PaX-enabled kernels 2014-03-24 Andrew John Hughes * patches/revert-7017193.patch: Removed. * patches/boot/ecj-diamond.patch: Remove unneeded change to src/share/classes/java/beans/ThreadGroupContext.java * Makefile.am: (CORBA_CHANGESET): Update to icedtea-2.3 HEAD. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. (ICEDTEA_PATCHES): Remove 7017193 reversion. * NEWS: Updated with latest changes, including PaX ARM32 and Shark changes. * acinclude.m4: (IT_ENABLE_ARM32JIT): Enable by default. * hotspot.map: Update to icedtea-2.3 HEAD. 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, * patches/pax-mark-rmic-java.patch, * patches/test_gamma.patch: Removed. * INSTALL: Document ARM32 JIT and --enable-arm32-jit option. (ICEDTEA_PATCHES): Remove PaX patches. (ICEDTEA_BOOT_PATCHES): Remove test_gamma patch (fixed by detection of non-Oracle JDK addition from PPC port) (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build. * acinclude.m4: (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be enabled. * configure.ac: Run IT_ENABLE_ARM32JIT macro. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Mon Mar 24 16:10:23 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:10:23 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 --- Comment #12 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804 author: Andrew John Hughes date: Mon Mar 24 16:09:19 2014 +0000 Bring in latest changes from 2.4 branch and u51. PR1653: Support ppc64le via Zero PR1654: ppc32 needs a larger ThreadStackSize to build PR1679: Allow OpenJDK to build on PaX-enabled kernels 2014-03-24 Andrew John Hughes * patches/revert-7017193.patch: Removed. * patches/boot/ecj-diamond.patch: Remove unneeded change to src/share/classes/java/beans/ThreadGroupContext.java * Makefile.am: (CORBA_CHANGESET): Update to icedtea-2.3 HEAD. (JAXP_CHANGESET): Likewise. (JAXWS_CHANGESET): Likewise. (JDK_CHANGESET): Likewise. (OPENJDK_CHANGESET): Likewise. (CORBA_SHA256SUM): Likewise. (JAXP_SHA256SUM): Likewise. (JAXWS_SHA256SUM): Likewise. (JDK_SHA256SUM): Likewise. (OPENJDK_SHA256SUM): Likewise. (ICEDTEA_PATCHES): Remove 7017193 reversion. * NEWS: Updated with latest changes, including PaX ARM32 and Shark changes. * acinclude.m4: (IT_ENABLE_ARM32JIT): Enable by default. * hotspot.map: Update to icedtea-2.3 HEAD. 2014-02-19 Andrew John Hughes * patches/boot/test_gamma.patch, * patches/pax-mark-rmic-java.patch, * patches/test_gamma.patch: Removed. * INSTALL: Document ARM32 JIT and --enable-arm32-jit option. (ICEDTEA_PATCHES): Remove PaX patches. (ICEDTEA_BOOT_PATCHES): Remove test_gamma patch (fixed by detection of non-Oracle JDK addition from PPC port) (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT. (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build. * acinclude.m4: (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be enabled. * configure.ac: Run IT_ENABLE_ARM32JIT macro. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jvanek at redhat.com Mon Mar 24 16:18:08 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 17:18:08 +0100 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53305587.9080208@redhat.com> References: <53305587.9080208@redhat.com> Message-ID: <53305AC0.9060509@redhat.com> On 03/24/2014 04:55 PM, Andrew Azores wrote: > Hi, > > This patch adds new menu items to the new popup menu where PolicyEditor can be launched. These new > items make it possible to run the current applet sandboxed, but with some additional permissions > added, without having to actually launch PolicyEditor and configure the permissions. These > permissions are also temporary, as opposed to making a custom policy, which persists until you > remove the policy. > > Right now the permission set defined is just the sum of the permissions PolicyEditor can grant via > its checkboxes, and the two options added are No File Access and No Network Access, which are just > that full set minus a few. I'd appreciate input on what other temporary permission options could be > made available. Only Sound Only clipboard ? .. jsut ideas :) Generally I would like to have combinations, which allows to me most of freedom, but protectme aginst gratest evils - fiel accees - network - system.exec and simialr calls (yaaaaaaah!!) and ege sets of above - no fiel accees nor networl - network nor system exec - system.exec nor fileacces - non of those three .... agian - jsut ideas.... > > Anyone have ideas on making the popup menu disappear nicely, rather than adding a setVisible call on > it to every action listener we have? And I suppose it should also be forced to disappear when the > dialog is disposed as well. What's the best practice for that? You can try lostfocus (it is actually window inside) or on MouseExited). Each have its pross and cons... > > Thanks, > > -- > Andrew A > This is extra cool :) > > temporary-permissions.patch > > > diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties > --- a/netx/net/sourceforge/jnlp/resources/Messages.properties > +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties > @@ -302,6 +302,8 @@ SAuthenticationPrompt=The {0} server at > SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. > SAppletTitle=Applet title: {0} > STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed. > +STempPermNoFile=No file access > +STempPermNoNetwork=No network access > > # Security - used for the More Information dialog > SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. > diff --git a/netx/net/sourceforge/jnlp/security/Permissions.java b/netx/net/sourceforge/jnlp/security/Permissions.java > new file mode 100644 > --- /dev/null > +++ b/netx/net/sourceforge/jnlp/security/Permissions.java > @@ -0,0 +1,24 @@ > +package net.sourceforge.jnlp.security; > + > +import java.awt.AWTPermission; > +import java.io.FilePermission; > +import java.net.SocketPermission; > +import java.security.Permission; > +import java.util.PropertyPermission; > + > +import javax.sound.sampled.AudioPermission; > + > +public class Permissions { > + > + public static final Permission READ_LOCAL_FILES = new FilePermission("${user.home}${/}*", "read"); > + public static final Permission WRITE_LOCAL_FILES = new FilePermission("${user.home}${/}*", "write"); > + public static final Permission READ_TMP_FILES = new FilePermission("${java.io.tmpdir}${/}*", "read"); > + public static final Permission WRITE_TMP_FILES = new FilePermission("${java.io.tmpdir}${/}*", "write"); > + public static final Permission READ_PROPERTIES = new PropertyPermission("*", "read"); > + public static final Permission WRITE_PROPERTIES = new PropertyPermission("*", "write"); > + public static final Permission NETWORK_ACCESS = new SocketPermission("*", "listen,connect,accept,resolve"); > + public static final Permission CLIPBOARD_ACCESS = new AWTPermission("accessClipboard"); > + public static final Permission PRINT_DOCUMENTS = new RuntimePermission("queuePrintJob"); > + public static final Permission PLAY_AUDIO = new AudioPermission("play"); Arent those already deffineded? I think I saw them.. or something really simialr. Cant it be reused? > + > +} > diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java > --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java snip > + > + final JMenuItem noFileAccess = new JMenuItem(R("STempPermNoFile")); > + noFileAccess.addActionListener(new TemporaryPermissionsListener( > + Permissions.NETWORK_ACCESS, Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, > + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS)); > + policyMenu.add(noFileAccess); > + > + final JMenuItem noNetworkAccess = new JMenuItem(R("STempPermNoNetwork")); > + noNetworkAccess.addActionListener(new TemporaryPermissionsListener( > + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, > + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, > + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, > + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS)); > + policyMenu.add(noNetworkAccess); > + > policyMenu.setSize(policyMenu.getMinimumSize()); Cant this be a bit more beter? I do not isnists, but imho tehre should be some Interface "privledge provider" With (now) two implementations - Offline, NoFileAcces ... What do you think? Maybe something like this would be doable also for the policies as they flew into ITW, isnt there somthing like that? J. From aazores at redhat.com Mon Mar 24 16:18:24 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 12:18:24 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor Message-ID: <53305AD0.4020601@redhat.com> Hi, The "policyeditor-jdialog" patch is simply making PolicyEditor into a JDialog rather than JFrame so that it can be modal. The "modal-policyeditor" patch actually makes it modal for the two security dialogs which can launch PolicyEditor. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modal-policyeditor.patch Type: text/x-patch Size: 2057 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-jdialog.patch Type: text/x-patch Size: 3741 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 24 16:22:53 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 17:22:53 +0100 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <53305AD0.4020601@redhat.com> References: <53305AD0.4020601@redhat.com> Message-ID: <53305BDD.9010204@redhat.com> On 03/24/2014 05:18 PM, Andrew Azores wrote: > Hi, > > The "policyeditor-jdialog" patch is simply making PolicyEditor into a JDialog rather than JFrame so > that it can be modal. The "modal-policyeditor" patch actually makes it modal for the two security > dialogs which can launch PolicyEditor. > > Thanks, > hmhmh. What about stand alone app? Some window maagers atre treating jdialog somehow.. wrongly (likenot seen in alt+tab or similar) I'm for -public class PolicyEditor extends JFrame { +public class PolicyEditor extends JPanel { and have two static getters which return - one jdialog - one jframe what is better for the case... with the panel on of PolcyEditor in it. J. jsut noted: * Comments will *not* be preserved when PolicyEditor next saves to the Is it really so hard to store the comments for future save? From bugzilla-daemon at icedtea.classpath.org Mon Mar 24 16:40:27 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:40:27 +0000 Subject: [Bug 1721] Error reported on applet cancellation In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721 Deepak Bhole changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|dbhole at redhat.com |aazores at redhat.com -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Mon Mar 24 16:54:51 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Mon, 24 Mar 2014 16:54:51 +0000 Subject: /hg/release/icedtea7-forest-2.3/hotspot: 8035893: JVM_GetVersion... Message-ID: changeset 72a544aeb892 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=72a544aeb892 author: igerasim date: Fri Feb 28 16:00:40 2014 +0400 8035893: JVM_GetVersionInfo fails to zero structure Reviewed-by: sla, zgu diffstat: src/share/vm/prims/jvm.cpp | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp --- a/src/share/vm/prims/jvm.cpp Fri Mar 21 20:57:28 2014 +0000 +++ b/src/share/vm/prims/jvm.cpp Fri Feb 28 16:00:40 2014 +0400 @@ -4534,7 +4534,7 @@ JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size)) { - memset(info, 0, sizeof(info_size)); + memset(info, 0, info_size); info->jvm_version = Abstract_VM_Version::jvm_version(); info->update_version = 0; /* 0 in HotSpot Express VM */ From aazores at redhat.com Mon Mar 24 17:12:53 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 13:12:53 -0400 Subject: [rfc][icedtea-web] Trusted-only + sandbox fix Message-ID: <53306795.8060708@redhat.com> Hi, Second attempt at reconciling Trusted-only with RunInSandbox. Manual test case provided by Jiri: https://www.netbank.nordea.dk/netbank/index.jsp Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: mav-trustedonly-fix.patch Type: text/x-patch Size: 1751 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 24 17:18:07 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 18:18:07 +0100 Subject: [rfc][icedtea-web] Trusted-only + sandbox fix In-Reply-To: <53306795.8060708@redhat.com> References: <53306795.8060708@redhat.com> Message-ID: <533068CF.3000506@redhat.com> On 03/24/2014 06:12 PM, Andrew Azores wrote: > Hi, > > Second attempt at reconciling Trusted-only with RunInSandbox. > > Manual test case provided by Jiri: https://www.netbank.nordea.dk/netbank/index.jsp > > Thanks, > Yes, should go in. From jvanek at redhat.com Mon Mar 24 17:31:01 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 24 Mar 2014 18:31:01 +0100 Subject: [icedtea-web] Translation of 1.5 Message-ID: <53306BD5.8040902@redhat.com> Hi guys! Is there any progress/eta or whatever? If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the fix. Anyway for any case, I need some feedback to sync with you and rest of ITW. Thanx in advance, All the best J. From skolnag at gmail.com Mon Mar 24 17:46:42 2014 From: skolnag at gmail.com (skolnag at gmail.com) Date: Mon, 24 Mar 2014 18:46:42 +0100 Subject: [icedtea-web] Translation of 1.5 In-Reply-To: <53306BD5.8040902@redhat.com> References: <53306BD5.8040902@redhat.com> Message-ID: Hello, I have most of the translation finished. There are, however, some places where the source text is unclear. I will send my questions tomorrow and after I receive the answers I will provide final translation. Thank you for understanding. Kind regards, Alexandr 2014-03-24 18:31 GMT+01:00 Jiri Vanek : > Hi guys! > > Is there any progress/eta or whatever? > > If not, Then I will probably release 1.5 with missing lines, and hope for > 1.5.1 to bring the fix. > > Anyway for any case, I need some feedback to sync with you and rest of ITW. > > Thanx in advance, > All the best > J. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Mon Mar 24 18:05:52 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 14:05:52 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53305AC0.9060509@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> Message-ID: <53307400.60801@redhat.com> On 03/24/2014 12:18 PM, Jiri Vanek wrote: > On 03/24/2014 04:55 PM, Andrew Azores wrote: >> Hi, >> >> This patch adds new menu items to the new popup menu where >> PolicyEditor can be launched. These new >> items make it possible to run the current applet sandboxed, but with >> some additional permissions >> added, without having to actually launch PolicyEditor and configure >> the permissions. These >> permissions are also temporary, as opposed to making a custom policy, >> which persists until you >> remove the policy. >> >> Right now the permission set defined is just the sum of the >> permissions PolicyEditor can grant via >> its checkboxes, and the two options added are No File Access and No >> Network Access, which are just >> that full set minus a few. I'd appreciate input on what other >> temporary permission options could be >> made available. > > Only Sound > Only clipboard > > ? .. jsut ideas :) > > Generally I would like to have combinations, which allows to me most > of freedom, but protectme aginst gratest evils > - fiel accees > - network > - system.exec and simialr calls (yaaaaaaah!!) > > and ege sets of above > - no fiel accees nor networl > - network nor system exec > - system.exec nor fileacces > - non of those three > > .... > agian - jsut ideas.... Okay, added a bunch like this, including Reflection as we discussed on IRC, and Runtime.exec which is actually FilePermission with execute action apparently (makes sense). > >> >> Anyone have ideas on making the popup menu disappear nicely, rather >> than adding a setVisible call on >> it to every action listener we have? And I suppose it should also be >> forced to disappear when the >> dialog is disposed as well. What's the best practice for that? > > You can try lostfocus (it is actually window inside) or on > MouseExited). Each have its pross and cons... > Didn't end up using either, but problem is solved anyway using the show() method rather than setVisible(), I think. > > >> >> Thanks, >> >> -- >> Andrew A >> > > This is extra cool :) >> >> temporary-permissions.patch >> >> >> diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties >> b/netx/net/sourceforge/jnlp/resources/Messages.properties >> --- a/netx/net/sourceforge/jnlp/resources/Messages.properties >> +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties >> @@ -302,6 +302,8 @@ SAuthenticationPrompt=The {0} server at >> SJNLPFileIsNotSigned=This application contains a digital signature >> in which the launching JNLP file is not signed. >> SAppletTitle=Applet title: {0} >> STrustedOnlyAttributeFailure=This application specifies >> Trusted-only as True in its Manifest. {0} and requests permission >> level: {1}. This is not allowed. >> +STempPermNoFile=No file access >> +STempPermNoNetwork=No network access >> >> # Security - used for the More Information dialog >> SBadKeyUsage=Resources contain entries whose signer certificate's >> KeyUsage extension doesn't allow code signing. >> diff --git a/netx/net/sourceforge/jnlp/security/Permissions.java >> b/netx/net/sourceforge/jnlp/security/Permissions.java >> new file mode 100644 >> --- /dev/null >> +++ b/netx/net/sourceforge/jnlp/security/Permissions.java >> @@ -0,0 +1,24 @@ >> +package net.sourceforge.jnlp.security; >> + >> +import java.awt.AWTPermission; >> +import java.io.FilePermission; >> +import java.net.SocketPermission; >> +import java.security.Permission; >> +import java.util.PropertyPermission; >> + >> +import javax.sound.sampled.AudioPermission; >> + >> +public class Permissions { >> + >> + public static final Permission READ_LOCAL_FILES = new >> FilePermission("${user.home}${/}*", "read"); >> + public static final Permission WRITE_LOCAL_FILES = new >> FilePermission("${user.home}${/}*", "write"); >> + public static final Permission READ_TMP_FILES = new >> FilePermission("${java.io.tmpdir}${/}*", "read"); >> + public static final Permission WRITE_TMP_FILES = new >> FilePermission("${java.io.tmpdir}${/}*", "write"); >> + public static final Permission READ_PROPERTIES = new >> PropertyPermission("*", "read"); >> + public static final Permission WRITE_PROPERTIES = new >> PropertyPermission("*", "write"); >> + public static final Permission NETWORK_ACCESS = new >> SocketPermission("*", "listen,connect,accept,resolve"); >> + public static final Permission CLIPBOARD_ACCESS = new >> AWTPermission("accessClipboard"); >> + public static final Permission PRINT_DOCUMENTS = new >> RuntimePermission("queuePrintJob"); >> + public static final Permission PLAY_AUDIO = new >> AudioPermission("play"); > > Arent those already deffineded? I think I saw them.. or something > really simialr. Cant it be reused? You're probably thinking of PolicyEditorPermissions. They aren't actually the Permission objects to be granted, they're just models that in the end contain a few Strings, which are used for (de)serializing. I don't know of a simple prebuilt way to go from these models/string representations to the actual Permission objects. It could be reused by giving it a Permission field, and then adding a switch statement to check the PermissionType and set the field based on this, but that's a bit ugly. Up to you if this would be preferable. >> + >> +} >> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java >> b/netx/net/sourceforge/jnlp/security/SecurityDialog.java >> --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java > > > snip >> + >> + final JMenuItem noFileAccess = new >> JMenuItem(R("STempPermNoFile")); >> + noFileAccess.addActionListener(new >> TemporaryPermissionsListener( >> + Permissions.NETWORK_ACCESS, >> Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >> + Permissions.CLIPBOARD_ACCESS, >> Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS)); >> + policyMenu.add(noFileAccess); >> + >> + final JMenuItem noNetworkAccess = new >> JMenuItem(R("STempPermNoNetwork")); >> + noNetworkAccess.addActionListener(new >> TemporaryPermissionsListener( >> + Permissions.READ_LOCAL_FILES, >> Permissions.WRITE_LOCAL_FILES, >> + Permissions.READ_TMP_FILES, >> Permissions.WRITE_TMP_FILES, >> + Permissions.READ_PROPERTIES, >> Permissions.WRITE_PROPERTIES, >> + Permissions.CLIPBOARD_ACCESS, >> Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS)); >> + policyMenu.add(noNetworkAccess); >> + >> policyMenu.setSize(policyMenu.getMinimumSize()); > > > Cant this be a bit more beter? I do not isnists, but imho tehre should > be some Interface "privledge provider" > With (now) two implementations - Offline, NoFileAcces ... It's a nice idea, but it seems like a bit more abstraction than is really needed for this task, doesn't it? I guess it would at least reduce the line count in the two dialogs. I don't think it's really worthwhile though. > > What do you think? Maybe something like this would be doable also for > the policies as they flew into ITW, isnt there somthing like that? > > > J. > Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: temporary-permissions.patch Type: text/x-patch Size: 25523 bytes Desc: not available URL: From aazores at icedtea.classpath.org Mon Mar 24 18:08:27 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 24 Mar 2014 18:08:27 +0000 Subject: /hg/icedtea-web: Fixed ManifestsAttributeValidator and RunInSandbox Message-ID: changeset 80e5a57863e2 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=80e5a57863e2 author: Andrew Azores date: Mon Mar 24 14:08:17 2014 -0400 Fixed ManifestsAttributeValidator and RunInSandbox diffstat: ChangeLog | 5 ++++ netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java | 11 +++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diffs (40 lines): diff -r c0845e58bfba -r 80e5a57863e2 ChangeLog --- a/ChangeLog Mon Mar 24 17:04:51 2014 +0100 +++ b/ChangeLog Mon Mar 24 14:08:17 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-24 Andrew Azores + + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + (checkTrustedOnlyAttrubute) works properly with sandboxing + 2014-03-24 Jiri Vanek Client applications now log into new console. diff -r c0845e58bfba -r 80e5a57863e2 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 17:04:51 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 14:08:17 2014 -0400 @@ -102,16 +102,21 @@ securityType = "Unknown"; } - final boolean isFullySigned = signing == SigningState.FULL || (signing == SigningState.PARTIAL && securityDelegate.getRunInSandbox()); + final boolean isFullySigned = signing == SigningState.FULL; + final boolean isSandboxed = securityDelegate.getRunInSandbox(); + final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc)) + || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc)); final String signedMsg; - if (isFullySigned) { + if (isFullySigned && !isSandboxed) { signedMsg = "The applet is fully signed"; + } else if (isFullySigned && isSandboxed) { + signedMsg = "The applet is fully signed and sandboxed"; } else { signedMsg = "The applet is not fully signed"; } OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); - if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) { + if (!(isFullySigned && requestsCorrectPermissions)) { throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType)); } } From aazores at icedtea.classpath.org Mon Mar 24 18:16:34 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Mon, 24 Mar 2014 18:16:34 +0000 Subject: /hg/icedtea-web: ManifestsAttributesValidator renamed to Manifes... Message-ID: changeset d0069afaeaff in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d0069afaeaff author: Andrew Azores date: Mon Mar 24 14:16:20 2014 -0400 ManifestsAttributesValidator renamed to ManifestAttributesChecker * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: renamed to ManifestAttributesChecker. * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: (checkTrustedOnlyAttribute, checkCodebaseAttribute, checkPermissionsAttribute, checkApplicationLibraryAllowableCodebaseAttribute) made private. (checkAll) new method. * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: reflect above changes diffstat: ChangeLog | 12 + netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 7 +- netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java | 302 ++++++++++ netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java | 295 --------- 4 files changed, 316 insertions(+), 300 deletions(-) diffs (truncated from 641 to 500 lines): diff -r 80e5a57863e2 -r d0069afaeaff ChangeLog --- a/ChangeLog Mon Mar 24 14:08:17 2014 -0400 +++ b/ChangeLog Mon Mar 24 14:16:20 2014 -0400 @@ -1,3 +1,15 @@ +2014-03-24 Andrew Azores + + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + renamed to ManifestAttributesChecker. + * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: + (checkTrustedOnlyAttribute, checkCodebaseAttribute, + checkPermissionsAttribute, + checkApplicationLibraryAllowableCodebaseAttribute) made private. + (checkAll) new method. + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: reflect above + changes + 2014-03-24 Andrew Azores * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Mon Mar 24 14:08:17 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Mon Mar 24 14:16:20 2014 -0400 @@ -284,11 +284,8 @@ setSecurity(); - ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing, securityDelegate); - mav.checkTrustedOnlyAttribute(); - mav.checkCodebaseAttribute(); - mav.checkPermissionsAttribute(); - mav.checkApplicationLibraryAllowableCodebaseAttribute(); + ManifestAttributesChecker mac = new ManifestAttributesChecker(security, file, signing, securityDelegate); + mac.checkAll(); installShutdownHooks(); diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Mon Mar 24 14:16:20 2014 -0400 @@ -0,0 +1,302 @@ +/* +Copyright (C) 2011 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ +package net.sourceforge.jnlp.runtime; + +import java.net.URL; +import java.util.HashSet; +import java.util.Set; + +import net.sourceforge.jnlp.ExtensionDesc; +import net.sourceforge.jnlp.JARDesc; +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; +import net.sourceforge.jnlp.LaunchException; +import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.ResourcesDesc; +import net.sourceforge.jnlp.SecurityDesc; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; +import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState; +import net.sourceforge.jnlp.security.SecurityDialogs; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; +import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers; +import net.sourceforge.jnlp.util.UrlUtils; +import net.sourceforge.jnlp.util.logging.OutputController; + +public class ManifestAttributesChecker { + + private final SecurityDesc security; + private final JNLPFile file; + private final SigningState signing; + private final SecurityDelegate securityDelegate; + + public ManifestAttributesChecker(final SecurityDesc security, final JNLPFile file, + final SigningState signing, final SecurityDelegate securityDelegate) throws LaunchException { + this.security = security; + this.file = file; + this.signing = signing; + this.securityDelegate = securityDelegate; + } + + void checkAll() throws LaunchException { + checkTrustedOnlyAttribute(); + checkCodebaseAttribute(); + checkPermissionsAttribute(); + checkApplicationLibraryAllowableCodebaseAttribute(); + } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only + */ + private void checkTrustedOnlyAttribute() throws LaunchException { + final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly(); + if (trustedOnly == ManifestBoolean.UNDEFINED) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing."); + return; + } + + if (trustedOnly == ManifestBoolean.FALSE) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing."); + return; + } + + final Object desc = security.getSecurityType(); + + final String securityType; + if (desc == null) { + securityType = "Not Specified"; + } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) { + securityType = "All-Permission"; + } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { + securityType = "Sandbox"; + } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) { + securityType = "J2EE"; + } else { + securityType = "Unknown"; + } + + final boolean isFullySigned = signing == SigningState.FULL; + final boolean isSandboxed = securityDelegate.getRunInSandbox(); + final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc)) + || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc)); + final String signedMsg; + if (isFullySigned && !isSandboxed) { + signedMsg = "The applet is fully signed"; + } else if (isFullySigned && isSandboxed) { + signedMsg = "The applet is fully signed and sandboxed"; + } else { + signedMsg = "The applet is not fully signed"; + } + OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, + "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); + if (!(isFullySigned && requestsCorrectPermissions)) { + throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType)); + } + } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase + */ + private void checkCodebaseAttribute() throws LaunchException { + if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile")); + return; + } + final Object securityType = security.getSecurityType(); + final URL codebase = UrlUtils.guessCodeBase(file); + final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase(); + if (codebaseAtt == null) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry")); + return; + } + if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { + if (codebaseAtt.matches(codebase)) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass")); + } else { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail")); + } + } else { + if (codebaseAtt.matches(codebase)) { + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk")); + } else { + if (file instanceof PluginBridge) { + throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase)); + } else { + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail")); + } + } + } + + } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions + */ + private void checkPermissionsAttribute() throws LaunchException { + final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); + AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + if (level == AppletSecurityLevel.ALLOW_UNSIGNED || securityDelegate.getRunInSandbox()) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + + "' Your Extended applets security is at 'low', or you have specifically chosen to run the applet Sandboxed. Continuing"); + return; + } + switch (permissions) { + case UNDEFINED: { + if (level == AppletSecurityLevel.DENY_UNSIGNED) { + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); + } + if (level == AppletSecurityLevel.ASK_UNSIGNED) { + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); + if (!a) { + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); + } else { + OutputController.getLogger().log("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it."); + } + } + //default for missing is sandbox + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); + } + break; + } + case TRUE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } else { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); + } + } + case FALSE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); + } else { + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } + } + } + } + + private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException { + if (signing == SigningState.NONE) { + return; /*when app is not signed at all, then skip this check*/ + } + //conditions + URL codebase = file.getCodeBase(); + URL documentBase = null; + if (file instanceof PluginBridge) { + documentBase = ((PluginBridge) file).getSourceLocation(); + } + if (documentBase == null) { + documentBase = file.getCodeBase(); + } + + //cases + Set usedUrls = new HashSet(); + URL sourceLocation = file.getSourceLocation(); + ResourcesDesc[] resourcesDescs = file.getResourcesDescs(); + if (sourceLocation != null) { + usedUrls.add(UrlUtils.removeFileName(sourceLocation)); + } + for (ResourcesDesc resourcesDesc : resourcesDescs) { + ExtensionDesc[] ex = resourcesDesc.getExtensions(); + if (ex != null) { + for (ExtensionDesc extensionDesc : ex) { + if (extensionDesc != null) { + usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation())); + } + } + } + JARDesc[] jars = resourcesDesc.getJARs(); + if (jars != null) { + for (JARDesc jarDesc : jars) { + if (jarDesc != null) { + usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation())); + } + } + } + JNLPFile jnlp = resourcesDesc.getJNLPFile(); + if (jnlp != null) { + usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation())); + } + + } + OutputController.getLogger().log("Found alaca URLs to be verified"); + for (URL url : usedUrls) { + OutputController.getLogger().log(" - " + url.toExternalForm()); + } + if (usedUrls.isEmpty()) { + //I hope this is the case, when the resources is/are + //only codebase classes. Then it should be safe to return. + OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + + if (usedUrls.size() == 1) { + if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase) + && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) { + //all resoources are from codebase or document base. it is ok to proceeed. + OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + } + ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); + + if (att == null) { + boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!a) { + throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"); + } else { + OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user"); + return; + } + } else { + for (URL foundUrl : usedUrls) { + if (!att.matches(foundUrl)) { + throw new LaunchException("The resource from " + foundUrl + " does not match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running."); + } else { + OutputController.getLogger().log("The resource from " + foundUrl + " does match the location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing."); + } + } + } + boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!a) { + throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user."); + } else { + OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user."); + } + } +} diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 14:08:17 2014 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,295 +0,0 @@ -/* -Copyright (C) 2011 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ -package net.sourceforge.jnlp.runtime; - -import java.net.URL; -import java.util.HashSet; -import java.util.Set; - -import net.sourceforge.jnlp.ExtensionDesc; -import net.sourceforge.jnlp.JARDesc; -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; -import net.sourceforge.jnlp.LaunchException; -import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.ResourcesDesc; -import net.sourceforge.jnlp.SecurityDesc; -import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; -import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState; -import net.sourceforge.jnlp.security.SecurityDialogs; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; -import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; -import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers; -import net.sourceforge.jnlp.util.UrlUtils; -import net.sourceforge.jnlp.util.logging.OutputController; - -public class ManifestsAttributesValidator { - - private final SecurityDesc security; - private final JNLPFile file; - private final SigningState signing; - private final SecurityDelegate securityDelegate; - - public ManifestsAttributesValidator(final SecurityDesc security, final JNLPFile file, - final SigningState signing, final SecurityDelegate securityDelegate) { - this.security = security; - this.file = file; - this.signing = signing; - this.securityDelegate = securityDelegate; - } - - /** - * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only - */ - void checkTrustedOnlyAttribute() throws LaunchException { - final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly(); - if (trustedOnly == ManifestBoolean.UNDEFINED) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing."); - return; - } - - if (trustedOnly == ManifestBoolean.FALSE) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing."); - return; - } - - final Object desc = security.getSecurityType(); - - final String securityType; - if (desc == null) { - securityType = "Not Specified"; - } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) { - securityType = "All-Permission"; - } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { - securityType = "Sandbox"; - } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) { - securityType = "J2EE"; - } else { - securityType = "Unknown"; - } - - final boolean isFullySigned = signing == SigningState.FULL; - final boolean isSandboxed = securityDelegate.getRunInSandbox(); - final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc)) - || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc)); - final String signedMsg; - if (isFullySigned && !isSandboxed) { - signedMsg = "The applet is fully signed"; - } else if (isFullySigned && isSandboxed) { - signedMsg = "The applet is fully signed and sandboxed"; - } else { - signedMsg = "The applet is not fully signed"; - } - OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, - "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); - if (!(isFullySigned && requestsCorrectPermissions)) { - throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType)); - } - } - - /** - * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase - */ - void checkCodebaseAttribute() throws LaunchException { - if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile")); - return; - } - final Object securityType = security.getSecurityType(); - final URL codebase = UrlUtils.guessCodeBase(file); - final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase(); - if (codebaseAtt == null) { - OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry")); - return; - } - if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) { - if (codebaseAtt.matches(codebase)) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass")); - } else { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail")); - } - } else { - if (codebaseAtt.matches(codebase)) { - OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk")); - } else { - if (file instanceof PluginBridge) { - throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase)); - } else { - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail")); - } - } From aazores at redhat.com Mon Mar 24 20:05:40 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 16:05:40 -0400 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions Message-ID: <53309014.8040801@redhat.com> Hi, This patch just adds Reflection and Exec permission options to PolicyEditor. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-reflection-exec.patch Type: text/x-patch Size: 4176 bytes Desc: not available URL: From aazores at redhat.com Mon Mar 24 20:39:20 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 24 Mar 2014 16:39:20 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <53305BDD.9010204@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> Message-ID: <533097F8.9090509@redhat.com> On 03/24/2014 12:22 PM, Jiri Vanek wrote: > On 03/24/2014 05:18 PM, Andrew Azores wrote: >> Hi, >> >> The "policyeditor-jdialog" patch is simply making PolicyEditor into a >> JDialog rather than JFrame so >> that it can be modal. The "modal-policyeditor" patch actually makes >> it modal for the two security >> dialogs which can launch PolicyEditor. >> >> Thanks, >> > > hmhmh. What about stand alone app? Some window maagers atre treating > jdialog somehow.. wrongly (likenot seen in alt+tab or similar) > > I'm for > > -public class PolicyEditor extends JFrame { > +public class PolicyEditor extends JPanel { > > and have two static getters which return > - one jdialog > - one jframe > > what is better for the case... with the panel on of PolcyEditor in it. > > > J. > How's this? > > jsut noted: > * Comments will *not* be preserved when PolicyEditor next saves to the > > Is it really so hard to store the comments for future save? PolicyEditor doesn't even properly parse policy files sometimes, depending on the way the comments are written :) once that's sorted out then being able to store the comments in their own model as well should not be too hard. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modal-policyeditor-2.patch Type: text/x-patch Size: 19812 bytes Desc: not available URL: From ptisnovs at icedtea.classpath.org Tue Mar 25 08:38:54 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 25 Mar 2014 08:38:54 +0000 Subject: /hg/gfx-test: New tests added into CAGOperationsOnTwoTouchingCir... Message-ID: changeset 72be1e400e82 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=72be1e400e82 author: Pavel Tisnovsky date: Tue Mar 25 09:39:30 2014 +0100 New tests added into CAGOperationsOnTwoTouchingCircles. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java | 125 ++++++++++ 2 files changed, 130 insertions(+), 0 deletions(-) diffs (147 lines): diff -r 6c229eda647a -r 72be1e400e82 ChangeLog --- a/ChangeLog Mon Mar 24 11:06:19 2014 +0100 +++ b/ChangeLog Tue Mar 25 09:39:30 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-25 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java: + New tests added into CAGOperationsOnTwoTouchingCircles. + 2014-03-24 Pavel Tisnovsky * src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java: diff -r 6c229eda647a -r 72be1e400e82 src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java --- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java Mon Mar 24 11:06:19 2014 +0100 +++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java Tue Mar 25 09:39:30 2014 +0100 @@ -433,6 +433,131 @@ /** * Checks the process of creating and rendering new geometric shape + * constructed from two overlapping rectangles using union operator. The shape is rendered + * using zero wide stroke. + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testUnionZeroStrokePaint(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set stroke width + CommonRenderingStyles.setStrokeZeroThick(graphics2d); + // create area using union operator + Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingUnionOperator(image); + // draw the area + graphics2d.draw(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two overlapping rectangles using subtract operator. The shape is + * rendered using zero stroke. + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testSubtractZeroStrokePaint(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set stroke width + CommonRenderingStyles.setStrokeZeroThick(graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingSubtractOperator(image); + // draw the area + graphics2d.draw(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two overlapping rectangles using inverse subtract operator. The shape + * is rendered using zero stroke. + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testInverseSubtractZeroStrokePaint(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set stroke width + CommonRenderingStyles.setStrokeZeroThick(graphics2d); + // create area using subtract operator + Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingInverseSubtractOperator(image); + // draw the area + graphics2d.draw(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two overlapping rectangles using intersect operator. The shape is + * rendered using zero stroke. + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testIntersectZeroStrokePaint(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set stroke width + CommonRenderingStyles.setStrokeZeroThick(graphics2d); + // create area using intersect operator + Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingIntersectOperator(image); + // draw the area + graphics2d.draw(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape + * constructed from two overlapping rectangles using XOR operator. The shape is rendered + * using zero stroke. + * + * @param image + * image to which area is to be drawn + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testXorZeroStrokePaint(TestImage image, Graphics2D graphics2d) + { + // set stroke color + CommonRenderingStyles.setStrokeColor(graphics2d); + // set stroke width + CommonRenderingStyles.setStrokeZeroThick(graphics2d); + // create area using XOR operator + Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingXorOperator(image); + // draw the area + graphics2d.draw(area); + // test result + return TestResult.PASSED; + } + + /** + * Checks the process of creating and rendering new geometric shape * constructed from two rectangles using union operator. The shape is * rendered using color paint (fill). * From ptisnovs at icedtea.classpath.org Tue Mar 25 08:42:58 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Tue, 25 Mar 2014 08:42:58 +0000 Subject: /hg/rhino-tests: Three new tests added into ScriptEngineFactoryC... Message-ID: changeset 4aec4c1b2a37 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=4aec4c1b2a37 author: Pavel Tisnovsky date: Tue Mar 25 09:43:42 2014 +0100 Three new tests added into ScriptEngineFactoryClassTest. diffstat: ChangeLog | 5 ++ src/org/RhinoTests/ScriptEngineFactoryClassTest.java | 41 +++++++++++++++++++- 2 files changed, 45 insertions(+), 1 deletions(-) diffs (74 lines): diff -r a925ed2c4086 -r 4aec4c1b2a37 ChangeLog --- a/ChangeLog Mon Mar 24 11:13:09 2014 +0100 +++ b/ChangeLog Tue Mar 25 09:43:42 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-25 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: + Three new tests added into ScriptEngineFactoryClassTest. + 2014-03-24 Pavel Tisnovsky * src/org/RhinoTests/ScriptExceptionClassTest.java: diff -r a925ed2c4086 -r 4aec4c1b2a37 src/org/RhinoTests/ScriptEngineFactoryClassTest.java --- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Mon Mar 24 11:13:09 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java Tue Mar 25 09:43:42 2014 +0100 @@ -1859,6 +1859,27 @@ } /** + * Test for method javax.script.ScriptEngineFactory.getClass().getResourceNPETest() + */ + protected void testGetResourceNPETest() { + try { + Object resource = this.scriptEngineFactoryClass.getResource(null); + throw new AssertionError("NullPointerException expected!"); + } + catch (NullPointerException e) { + //This is OK OK + } + } + + /** + * Test for method javax.script.ScriptEngineFactory.getClass().getResourceNegativeTest() + */ + protected void testGetResourceNegativeTest() { + Object resource = this.scriptEngineFactoryClass.getResource("unknown"); + assertNull(resource, "getResource() does not return null"); + } + + /** * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamNegativeTest() */ protected void testGetResourceAsStreamNegativeTest() { @@ -1918,6 +1939,25 @@ stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); } + + /** + * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.ScriptEngineFactory.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.scriptEngineFactoryClass.toString(); + assertEquals("interface javax.script.ScriptEngineFactory", asString, "wrong toString() return value"); + } + /** * Test for instanceof operator applied to a class javax.script.ScriptEngineFactory */ @@ -1942,4 +1982,3 @@ new ScriptEngineFactoryClassTest().doTests(args); } } - From jvanek at redhat.com Tue Mar 25 09:30:46 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 10:30:46 +0100 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <53309014.8040801@redhat.com> References: <53309014.8040801@redhat.com> Message-ID: <53314CC6.8020901@redhat.com> On 03/24/2014 09:05 PM, Andrew Azores wrote: > Hi, > > This patch just adds Reflection and Exec permission options to PolicyEditor. > > Thanks, > Looks good. Just not sure if it is enough: eg: java.lang.NullPointerException at geogebra.i.x.a(Unknown Source) at geogebra.gui.a.a.a(Unknown Source) at geogebra.gui.a.a.a(Unknown Source) at geogebra.GeoGebra.a(Unknown Source) at geogebra.GeoGebra.a(Unknown Source) at geogebra.GeoGebra.main(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) I think he class for name is not allowed by your permission. For exec - are supported both runtimelexec and process builder? J. From jvanek at redhat.com Tue Mar 25 09:40:10 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 10:40:10 +0100 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53307400.60801@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> Message-ID: <53314EFA.2060201@redhat.com> Generally ok, except one important nit: final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); + noCmdExec.addActionListener(new TemporaryPermissionsListener( + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, + Permissions.NETWORK_ACCESS)); + policyMenu.add(noCmdExec); And similar: are - duplicated. You can push, as similar evil is already done. However refactoring, asn asap changeset is needed. the ||| advanced settings button will be encapsulated, so non of its code is duplicated. You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut insntance of this button to the panes. Also all the : new TemporaryPermissionsListener( + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, + Permissions.NETWORK_ACCESS)); + policyMenu.add(noCmdExec); should be encapsualted. Those permissionListeners may be stored in some static class as static constantsand just used as singletons. or not? If not then they can be provided by some factory methods. But not spred in gui code like this. Yes, just code celaning, but how it is now, i do not look nicely. Sorry for troubles:( J. On 03/24/2014 07:05 PM, Andrew Azores wrote: > On 03/24/2014 12:18 PM, Jiri Vanek wrote: >> On 03/24/2014 04:55 PM, Andrew Azores wrote: >>> Hi, >>> >>> This patch adds new menu items to the new popup menu where PolicyEditor can be launched. These new >>> items make it possible to run the current applet sandboxed, but with some additional permissions >>> added, without having to actually launch PolicyEditor and configure the permissions. These >>> permissions are also temporary, as opposed to making a custom policy, which persists until you >>> remove the policy. >>> >>> Right now the permission set defined is just the sum of the permissions PolicyEditor can grant via >>> its checkboxes, and the two options added are No File Access and No Network Access, which are just >>> that full set minus a few. I'd appreciate input on what other temporary permission options could be >>> made available. >> >> Only Sound >> Only clipboard >> >> ? .. jsut ideas :) >> >> Generally I would like to have combinations, which allows to me most of freedom, but protectme aginst gratest evils >> - fiel accees >> - network >> - system.exec and simialr calls (yaaaaaaah!!) >> >> and ege sets of above >> - no fiel accees nor networl >> - network nor system exec >> - system.exec nor fileacces >> - non of those three >> >> .... >> agian - jsut ideas.... > > Okay, added a bunch like this, including Reflection as we discussed on IRC, and Runtime.exec which is actually FilePermission with execute action apparently (makes sense). > >> >>> >>> Anyone have ideas on making the popup menu disappear nicely, rather than adding a setVisible call on >>> it to every action listener we have? And I suppose it should also be forced to disappear when the >>> dialog is disposed as well. What's the best practice for that? >> >> You can try lostfocus (it is actually window inside) or on MouseExited). Each have its pross and cons... >> > > Didn't end up using either, but problem is solved anyway using the show() method rather than setVisible(), I think. Yes - may be. From jvanek at redhat.com Tue Mar 25 09:47:30 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 10:47:30 +0100 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <533097F8.9090509@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> Message-ID: <533150B2.8030008@redhat.com> Nearly perfect ;) On 03/24/2014 09:39 PM, Andrew Azores wrote: > On 03/24/2014 12:22 PM, Jiri Vanek wrote: ... >> >> jsut noted: >> * Comments will *not* be preserved when PolicyEditor next saves to the >> >> Is it really so hard to store the comments for future save? > > PolicyEditor doesn't even properly parse policy files sometimes, depending on the way the comments are written :) once that's sorted out then being able to store the comments in their own model as well should not be too hard. > Sure. it was jsut undelrine hint > - } > - }); > + public static class PolicyEditorFrame extends JFrame { > + public final PolicyEditor editor; > + > + public PolicyEditorFrame(final PolicyEditor editor) { I doubt this will be ever used - please do it private. > + super(); > + this.editor = editor; > + add(editor); > + this.pack(); > + editor.setVisible(true); > + this.setJMenuBar(createMenuBar(this, editor)); > + > + setTitle(R("PETitle")); > + > + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); > + > + addWindowListener(new WindowAdapter() { > + @Override > + public void windowClosing(final WindowEvent e) { > + editor.quit(); > + dispose(); > + } > + }); > + > + editor.closeButton.addActionListener(new ActionListener() { > + @Override > + public void actionPerformed(final ActionEvent e) { > + dispose(); > + } > + }); > + } > + } > + > + public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) { > + return new PolicyEditorFrame(new PolicyEditor(filepath)); > + } > + Tehre is really a lot of shared code in this two "methods". PolicyEditorFrame and PolicyEditorDialog. They both have general ancestor -Window. All the operations behind super() call may be done in generalised ancestor. > + public static class PolicyEditorDialog extends JDialog { > + public final PolicyEditor editor; > + > + public PolicyEditorDialog(final PolicyEditor editor) I doubt this will be ever used - please do it private. { > + super(); > + this.editor = editor; > + add(editor); > + this.pack(); > + this.setJMenuBar(createMenuBar(this, editor)); > + > + editor.setVisible(true); > + > + setTitle(R("PETitle")); > + > + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); > + > + addWindowListener(new WindowAdapter() { > + @Override > + public void windowClosing(final WindowEvent e) { > + editor.quit(); > + dispose(); > + } > + }); > + > + editor.closeButton.addActionListener(new ActionListener() { > + @Override > + public void actionPerformed(final ActionEvent e) { > + dispose(); > + } > + }); > + } > + } > + > + public static PolicyEditorDialog getPolicyEditorDialog(final String filepath) { > + return new PolicyEditorDialog(new PolicyEditor(filepath)); > } > > private void setClosed() { > @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame > */ > private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) { > final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers); > - final JRootPane root = getRootPane(); > - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); > - root.getActionMap().put(identifier, action); > + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); > + this.getActionMap().put(identifier, action); > } > > /** > @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame > } > weakThis.clear(); > setClosed(); > - dispose(); > } > > /** > @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame > * @param component the component for which to set a mnemonic > * @param mnemonic the mnemonic to set > */ > - private void setComponentMnemonic(final AbstractButton component, final String mnemonic) { > + private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) { > final int trig; > try { > trig = Integer.parseInt(mnemonic); > @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame > component.setMnemonic(trig); > } > > - /** > - * Lay out all controls, tooltips, etc. > - */ > - private void setupLayout() { > + private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) { > + final JMenuBar menuBar = new JMenuBar(); > + > final JMenu fileMenu = new JMenu(R("PEFileMenu")); > setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic")); > + > final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem")); > setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic")); > openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); > - openItem.addActionListener(openButtonAction); > + openItem.addActionListener(editor.openButtonAction); > fileMenu.add(openItem); > + > final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem")); > setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic")); > saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); > - saveItem.addActionListener(okButtonAction); > + saveItem.addActionListener(editor.okButtonAction); > fileMenu.add(saveItem); > + > final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem")); > setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic")); > saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK)); > - saveAsItem.addActionListener(saveAsButtonAction); > + saveAsItem.addActionListener(editor.saveAsButtonAction); > fileMenu.add(saveAsItem); > + > final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem")); > setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic")); > exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); > - exitItem.addActionListener(closeButtonAction); > + exitItem.addActionListener(editor.closeButtonAction); > + exitItem.addActionListener(new ActionListener() { > + @Override > + public void actionPerformed(final ActionEvent e) { > + window.dispose(); > + } > + }); > fileMenu.add(exitItem); > menuBar.add(fileMenu); > > final JMenu viewMenu = new JMenu(R("PEViewMenu")); > setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic")); > + > final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem")); > setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic")); > customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK)); > - customPermissionsItem.addActionListener(viewCustomButtonAction); > + customPermissionsItem.addActionListener(editor.viewCustomButtonAction); > > viewMenu.add(customPermissionsItem); > menuBar.add(viewMenu); > - this.setJMenuBar(menuBar); > > + return menuBar; > + } > + > + /** > + * Lay out all controls, tooltips, etc. > + */ > + private void setupLayout() { > final JLabel checkboxLabel = new JLabel(); > checkboxLabel.setText(R("PECheckboxLabel")); > checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2)); > @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame > add(closeButton, cancelButtonConstraints); > > setMinimumSize(getPreferredSize()); > - pack(); > } > > /** > @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame > // maybe the user just forgot the -file flag, so try to open anyway > filepath = args[0]; > } > - final PolicyEditor editor = new PolicyEditor(filepath); > - editor.setVisible(true); > + final PolicyEditorFrame frame = getPolicyEditorFrame(filepath); > + frame.setVisible(true); > final String codebaseStr = argsMap.get(CODEBASE_FLAG); > if (codebaseStr != null) { > final String[] urls = codebaseStr.split(" "); > - editor.addNewCodebases(urls); > + frame.editor.addNewCodebases(urls); > } > } > }); > diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java b/netx/net/sourceforge/jnlp/util/FileUtils.java > --- a/netx/net/sourceforge/jnlp/util/FileUtils.java > +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java > @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util; > > import static net.sourceforge.jnlp.runtime.Translator.R; > > +import java.awt.Component; > import java.io.BufferedReader; > import java.io.BufferedWriter; > import java.io.File; > @@ -30,7 +31,6 @@ import java.io.InputStreamReader; > import java.io.OutputStreamWriter; > import java.io.RandomAccessFile; > import java.io.Writer; > -import java.nio.ByteBuffer; > import java.nio.channels.FileChannel; > import java.nio.channels.FileLock; > import java.security.DigestInputStream; > @@ -347,7 +347,7 @@ public final class FileUtils { > * Show a dialog informing the user that the file is currently read-only > * @param frame a {@link JFrame} to act as parent to this dialog > */ > - public static void showReadOnlyDialog(final JFrame frame) { > + public static void showReadOnlyDialog(final Component frame) { > SwingUtilities.invokeLater(new Runnable() { > @Override > public void run() { > @@ -361,7 +361,7 @@ public final class FileUtils { > * @param frame a {@link JFrame} to act as parent to this dialog > * @param filePath a {@link String} representing the path to the file we failed to open > */ > - public static void showCouldNotOpenFilepathDialog(final JFrame frame, final String filePath) { > + public static void showCouldNotOpenFilepathDialog(final Component frame, final String filePath) { Window will be much more suitable then Component n thsoe calls. > showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath)); > } > > @@ -371,7 +371,7 @@ public final class FileUtils { > * @param filePath a {@link String} representing the path to the file we failed to open > * @param reason a {@link OpenFileResult} specifying more precisely why we failed to open the file > */ > - public static void showCouldNotOpenFileDialog(final JFrame frame, final String filePath, final OpenFileResult reason) { > + public static void showCouldNotOpenFileDialog(final Component frame, final String filePath, final OpenFileResult reason) { > final String message; > switch (reason) { > case CANT_CREATE: > @@ -396,7 +396,7 @@ public final class FileUtils { > * @param filePath a {@link String} representing the path to the file we failed to open > * @param message a {@link String} giving the specific reason the file could not be opened > */ > - public static void showCouldNotOpenDialog(final JFrame frame, final String message) { > + public static void showCouldNotOpenDialog(final Component frame, final String message) { > SwingUtilities.invokeLater(new Runnable() { > @Override > public void run() { After thsoe clean up. it will be ready to go. Thanx! J. From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 12:44:58 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 12:44:58 +0000 Subject: [Bug 1722] New: Intermittent JVM crash at sun.security.krb5.KrbException.equals(Ljava/lang/Object;) Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722 Bug ID: 1722 Summary: Intermittent JVM crash at sun.security.krb5.KrbException.equals(Ljava/lang/Objec t;) Product: IcedTea Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: dpospisi at redhat.com CC: unassigned at icedtea.classpath.org Created attachment 1058 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1058&action=edit JVM crash log I am getting intermittent crash while executing sun.security.krb5.KrbException.equals(Ljava/lang/Object;). Steps to reproduce: git clone git at github.com:dpospisil/jboss-eap.git cd jboss-eap git checkout 6.x.ldap mvn clean install -DskipTests cd testsuite/integration/basic mvn clean install -DskipTests mvn test -Dtest=SPNEGOLoginModuleTestCase Environment: Linux version 3.13.6-200.fc20.x86_64 (mockbuild at bkernel02) (gcc version 4.8.2 20131212 (Red Hat 4.8.2-7) (GCC) ) #1 SMP Fri Mar 7 17:02:28 UTC 2014 java -version java version "1.7.0_51" OpenJDK Runtime Environment (fedora-2.4.5.1.fc20-x86_64 u51-b31) OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode) -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 14:00:24 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 14:00:24 +0000 Subject: [Bug 1722] Intermittent JVM crash at sun.security.krb5.KrbException.equals(Ljava/lang/Object;) In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722 --- Comment #1 from Dominik Pospisil --- Could not be reproduxed with -Xint -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Tue Mar 25 14:06:11 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 10:06:11 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <533150B2.8030008@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> Message-ID: <53318D53.3070502@redhat.com> On 03/25/2014 05:47 AM, Jiri Vanek wrote: > Nearly perfect ;) > > On 03/24/2014 09:39 PM, Andrew Azores wrote: >> On 03/24/2014 12:22 PM, Jiri Vanek wrote: > ... >>> >>> jsut noted: >>> * Comments will *not* be preserved when PolicyEditor next saves to the >>> >>> Is it really so hard to store the comments for future save? >> >> PolicyEditor doesn't even properly parse policy files sometimes, >> depending on the way the comments are written :) once that's sorted >> out then being able to store the comments in their own model as well >> should not be too hard. >> > > Sure. it was jsut undelrine hint > > >> - } >> - }); >> + public static class PolicyEditorFrame extends JFrame { >> + public final PolicyEditor editor; >> + >> + public PolicyEditorFrame(final PolicyEditor editor) { > > I doubt this will be ever used - please do it private. Private, but return the specialized PolicyEditorFrame type anyway from the public getters? Seems a bit odd. I'm not just returning JFrame/JDialog because then there's no easy way to get the actual PolicyEditor instance out of it, to do things like programmatically add codebases. I did have to give the PolicyEditor a reference to its parent frame/dialog in this revision, but I'd rather not use this as a way to hold the reference to the frame/dialog and have eg the security dialogs access the frame/dialog through the editor's reference. That just seems upside down and backward. >> + super(); >> + this.editor = editor; >> + add(editor); >> + this.pack(); >> + editor.setVisible(true); >> + this.setJMenuBar(createMenuBar(this, editor)); >> + >> + setTitle(R("PETitle")); >> + >> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >> + >> + addWindowListener(new WindowAdapter() { >> + @Override >> + public void windowClosing(final WindowEvent e) { >> + editor.quit(); >> + dispose(); >> + } >> + }); >> + >> + editor.closeButton.addActionListener(new ActionListener() { >> + @Override >> + public void actionPerformed(final ActionEvent e) { >> + dispose(); >> + } >> + }); >> + } >> + } >> + >> + public static PolicyEditorFrame getPolicyEditorFrame(final >> String filepath) { >> + return new PolicyEditorFrame(new PolicyEditor(filepath)); >> + } >> + > > Tehre is really a lot of shared code in this two "methods". > > PolicyEditorFrame and PolicyEditorDialog. > > They both have general ancestor -Window. All the operations behind > super() call may be done in generalised ancestor. Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation... > >> + public static class PolicyEditorDialog extends JDialog { >> + public final PolicyEditor editor; >> + >> + public PolicyEditorDialog(final PolicyEditor editor) > I doubt this will be ever used - please do it private. > { >> + super(); >> + this.editor = editor; >> + add(editor); >> + this.pack(); >> + this.setJMenuBar(createMenuBar(this, editor)); >> + >> + editor.setVisible(true); >> + >> + setTitle(R("PETitle")); >> + >> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >> + >> + addWindowListener(new WindowAdapter() { >> + @Override >> + public void windowClosing(final WindowEvent e) { >> + editor.quit(); >> + dispose(); >> + } >> + }); >> + >> + editor.closeButton.addActionListener(new ActionListener() { >> + @Override >> + public void actionPerformed(final ActionEvent e) { >> + dispose(); >> + } >> + }); >> + } >> + } >> + >> + public static PolicyEditorDialog getPolicyEditorDialog(final >> String filepath) { >> + return new PolicyEditorDialog(new PolicyEditor(filepath)); >> } >> >> private void setClosed() { >> @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame >> */ >> private void setAccelerator(final int trigger, final int >> modifiers, final Action action, final String identifier) { >> final KeyStroke key = KeyStroke.getKeyStroke(trigger, >> modifiers); >> - final JRootPane root = getRootPane(); >> - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, >> identifier); >> - root.getActionMap().put(identifier, action); >> + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, >> identifier); >> + this.getActionMap().put(identifier, action); >> } >> >> /** >> @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame >> } >> weakThis.clear(); >> setClosed(); >> - dispose(); >> } >> >> /** >> @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame >> * @param component the component for which to set a mnemonic >> * @param mnemonic the mnemonic to set >> */ >> - private void setComponentMnemonic(final AbstractButton >> component, final String mnemonic) { >> + private static void setComponentMnemonic(final AbstractButton >> component, final String mnemonic) { >> final int trig; >> try { >> trig = Integer.parseInt(mnemonic); >> @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame >> component.setMnemonic(trig); >> } >> >> - /** >> - * Lay out all controls, tooltips, etc. >> - */ >> - private void setupLayout() { >> + private static JMenuBar createMenuBar(final Window window, final >> PolicyEditor editor) { >> + final JMenuBar menuBar = new JMenuBar(); >> + >> final JMenu fileMenu = new JMenu(R("PEFileMenu")); >> setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic")); >> + >> final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem")); >> setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic")); >> openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); >> >> - openItem.addActionListener(openButtonAction); >> + openItem.addActionListener(editor.openButtonAction); >> fileMenu.add(openItem); >> + >> final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem")); >> setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic")); >> saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); >> >> - saveItem.addActionListener(okButtonAction); >> + saveItem.addActionListener(editor.okButtonAction); >> fileMenu.add(saveItem); >> + >> final JMenuItem saveAsItem = new >> JMenuItem(R("PESaveAsMenuItem")); >> setComponentMnemonic(saveAsItem, >> R("PESaveAsMenuItemMnemonic")); >> saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), >> ActionEvent.CTRL_MASK)); >> - saveAsItem.addActionListener(saveAsButtonAction); >> + saveAsItem.addActionListener(editor.saveAsButtonAction); >> fileMenu.add(saveAsItem); >> + >> final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem")); >> setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic")); >> exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); >> >> - exitItem.addActionListener(closeButtonAction); >> + exitItem.addActionListener(editor.closeButtonAction); >> + exitItem.addActionListener(new ActionListener() { >> + @Override >> + public void actionPerformed(final ActionEvent e) { >> + window.dispose(); >> + } >> + }); >> fileMenu.add(exitItem); >> menuBar.add(fileMenu); >> >> final JMenu viewMenu = new JMenu(R("PEViewMenu")); >> setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic")); >> + >> final JMenuItem customPermissionsItem = new >> JMenuItem(R("PECustomPermissionsItem")); >> setComponentMnemonic(customPermissionsItem, >> R("PECustomPermissionsItemMnemonic")); >> customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), >> ActionEvent.ALT_MASK)); >> - customPermissionsItem.addActionListener(viewCustomButtonAction); >> + >> customPermissionsItem.addActionListener(editor.viewCustomButtonAction); >> >> viewMenu.add(customPermissionsItem); >> menuBar.add(viewMenu); >> - this.setJMenuBar(menuBar); >> >> + return menuBar; >> + } >> + >> + /** >> + * Lay out all controls, tooltips, etc. >> + */ >> + private void setupLayout() { >> final JLabel checkboxLabel = new JLabel(); >> checkboxLabel.setText(R("PECheckboxLabel")); >> checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2)); >> @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame >> add(closeButton, cancelButtonConstraints); >> >> setMinimumSize(getPreferredSize()); >> - pack(); >> } >> >> /** >> @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame >> // maybe the user just forgot the -file flag, >> so try to open anyway >> filepath = args[0]; >> } >> - final PolicyEditor editor = new PolicyEditor(filepath); >> - editor.setVisible(true); >> + final PolicyEditorFrame frame = >> getPolicyEditorFrame(filepath); >> + frame.setVisible(true); >> final String codebaseStr = argsMap.get(CODEBASE_FLAG); >> if (codebaseStr != null) { >> final String[] urls = codebaseStr.split(" "); >> - editor.addNewCodebases(urls); >> + frame.editor.addNewCodebases(urls); >> } >> } >> }); >> diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java >> b/netx/net/sourceforge/jnlp/util/FileUtils.java >> --- a/netx/net/sourceforge/jnlp/util/FileUtils.java >> +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java >> @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util; >> >> import static net.sourceforge.jnlp.runtime.Translator.R; >> >> +import java.awt.Component; >> import java.io.BufferedReader; >> import java.io.BufferedWriter; >> import java.io.File; >> @@ -30,7 +31,6 @@ import java.io.InputStreamReader; >> import java.io.OutputStreamWriter; >> import java.io.RandomAccessFile; >> import java.io.Writer; >> -import java.nio.ByteBuffer; >> import java.nio.channels.FileChannel; >> import java.nio.channels.FileLock; >> import java.security.DigestInputStream; >> @@ -347,7 +347,7 @@ public final class FileUtils { >> * Show a dialog informing the user that the file is currently >> read-only >> * @param frame a {@link JFrame} to act as parent to this dialog >> */ >> - public static void showReadOnlyDialog(final JFrame frame) { >> + public static void showReadOnlyDialog(final Component frame) { >> SwingUtilities.invokeLater(new Runnable() { >> @Override >> public void run() { >> @@ -361,7 +361,7 @@ public final class FileUtils { >> * @param frame a {@link JFrame} to act as parent to this dialog >> * @param filePath a {@link String} representing the path to >> the file we failed to open >> */ >> - public static void showCouldNotOpenFilepathDialog(final JFrame >> frame, final String filePath) { >> + public static void showCouldNotOpenFilepathDialog(final >> Component frame, final String filePath) { > Window will be much more suitable then Component n thsoe calls. Okay, fixed. > >> showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath)); >> } >> >> @@ -371,7 +371,7 @@ public final class FileUtils { >> * @param filePath a {@link String} representing the path to >> the file we failed to open >> * @param reason a {@link OpenFileResult} specifying more >> precisely why we failed to open the file >> */ >> - public static void showCouldNotOpenFileDialog(final JFrame >> frame, final String filePath, final OpenFileResult reason) { >> + public static void showCouldNotOpenFileDialog(final Component >> frame, final String filePath, final OpenFileResult reason) { >> final String message; >> switch (reason) { >> case CANT_CREATE: >> @@ -396,7 +396,7 @@ public final class FileUtils { >> * @param filePath a {@link String} representing the path to >> the file we failed to open >> * @param message a {@link String} giving the specific reason >> the file could not be opened >> */ >> - public static void showCouldNotOpenDialog(final JFrame frame, >> final String message) { >> + public static void showCouldNotOpenDialog(final Component frame, >> final String message) { >> SwingUtilities.invokeLater(new Runnable() { >> @Override >> public void run() { > > After thsoe clean up. it will be ready to go. > > Thanx! > > J. And sorry for the noise in this patch as well, but I noticed that somehow it became mixed tabs+spaces, so I just did a :retab along with the actual work. Also fixed in this patch: Custom Policy Viewer is not frozen due to its parent PolicyEditor's modality. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modal-policyeditor-3.patch Type: text/x-patch Size: 22656 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 25 13:39:03 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 09:39:03 -0400 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <53314CC6.8020901@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> Message-ID: <533186F7.2040109@redhat.com> On 03/25/2014 05:30 AM, Jiri Vanek wrote: > On 03/24/2014 09:05 PM, Andrew Azores wrote: >> Hi, >> >> This patch just adds Reflection and Exec permission options to >> PolicyEditor. >> >> Thanks, >> > > Looks good. Just not sure if it is enough: > > eg: > java.lang.NullPointerException > at geogebra.i.x.a(Unknown Source) > at geogebra.gui.a.a.a(Unknown Source) > at geogebra.gui.a.a.a(Unknown Source) > at geogebra.GeoGebra.a(Unknown Source) > at geogebra.GeoGebra.a(Unknown Source) > at geogebra.GeoGebra.main(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:616) > at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) > at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) > > I think he class for name is not allowed by your permission. Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection, but [1] proves otherwise (and makes sense). [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html [1] http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29 > For exec - are supported both runtimelexec and process builder? According to the documentation, they both go through SecurityManager#checkExec, which checks for "execute" action on the given file. So if granting <> as the target, it should allow executing anything (which sounds so, so scary - but that's why this is optional! :) ) > > J. New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well be added because they're likely to be needed in conjunction with it and each other. PolicyEditor doesn't really have a way to make a single checkbox handle multiple permissions, at least not right now, so the Reflection stuff is split up into four different permissions basically, but I think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a future enhancement would be to add labels separating the checkboxes into groups eg File Access, Java Reflection, System Utility? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-reflection-exec-2.patch Type: text/x-patch Size: 7586 bytes Desc: not available URL: From andrew at icedtea.classpath.org Tue Mar 25 15:37:59 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Tue, 25 Mar 2014 15:37:59 +0000 Subject: /hg/release/icedtea7-2.3: S8035893: JVM_GetVersionInfo fails to ... Message-ID: changeset 2413c19a0afe in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=2413c19a0afe author: Andrew John Hughes date: Tue Mar 25 15:37:38 2014 +0000 S8035893: JVM_GetVersionInfo fails to zero structure 2014-03-24 Andrew John Hughes * NEWS: Updated. * hotspot.map: Bring in S8035893 backport. diffstat: ChangeLog | 5 +++++ NEWS | 1 + hotspot.map | 2 +- 3 files changed, 7 insertions(+), 1 deletions(-) diffs (30 lines): diff -r 65e24999d804 -r 2413c19a0afe ChangeLog --- a/ChangeLog Mon Mar 24 16:09:19 2014 +0000 +++ b/ChangeLog Tue Mar 25 15:37:38 2014 +0000 @@ -1,3 +1,8 @@ +2014-03-24 Andrew John Hughes + + * NEWS: Updated. + * hotspot.map: Bring in S8035893 backport. + 2014-03-24 Andrew John Hughes * patches/revert-7017193.patch: diff -r 65e24999d804 -r 2413c19a0afe NEWS --- a/NEWS Mon Mar 24 16:09:19 2014 +0000 +++ b/NEWS Tue Mar 25 15:37:38 2014 +0000 @@ -50,6 +50,7 @@ - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win) - S8028823: java/net/Makefile tabs converted to spaces - S8029038: Revise fix for XML readers share the same entity expansion counter + - S8035893: JVM_GetVersionInfo fails to zero structure * Bug fixes - Fix broken bootstrap build by updating ecj-multicatch.patch - PR1654: ppc32 needs a larger ThreadStackSize to build diff -r 65e24999d804 -r 2413c19a0afe hotspot.map --- a/hotspot.map Mon Mar 24 16:09:19 2014 +0000 +++ b/hotspot.map Tue Mar 25 15:37:38 2014 +0000 @@ -1,2 +1,2 @@ # version url changeset sha256sum -default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 9747f83d7a38 afc6b4e85ee0673da8effe4ba6eaba4a8f1edcc80d0c557f35157d970cb2e601 +default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 72a544aeb892 f3985b6d39d6c516ccc78d45105818fc7f22d5646da047ac39116cebc7e9467f From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 17:37:01 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 17:37:01 +0000 Subject: [Bug 1205] Plugin crashes with java.lang.NullPointerException with AUSkey software In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1205 Andrew Azores changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 17:43:52 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 17:43:52 +0000 Subject: [Bug 1721] Error reported on applet cancellation In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721 Andrew Azores changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Andrew Azores --- Yes, when you cancel an applet, a LaunchException is thrown on purpose - this is just how we handle stopping the process of launching. If you look at the first exception in the stacktrace, it says "Fatal: Launch Error: Canceled on user request." 1515 is essentially the same thing, but from a different dialog, and so with a different explanation message for cancellation ("applet was unsigned but was not trusted" is trying to say that the user didn't trust the unsigned applet when asked, so it wasn't run). Perhaps we should be looking for these specific "user-cancellation" LaunchExceptions and not printing them in a way they can be mistaken for actual failures, but this seems low priority. Marking as a duplicate of 1515. *** This bug has been marked as a duplicate of bug 1515 *** -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 17:43:52 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 17:43:52 +0000 Subject: [Bug 1515] An unecessary net.sourceforge.jnlp.LaunchException is reported when clicking on Cancel In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1515 Andrew Azores changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jpsinthemix at verizon.net --- Comment #1 from Andrew Azores --- *** Bug 1721 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 17:49:54 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 17:49:54 +0000 Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20 64-bit plus Firefox 27 In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687 Andrew Azores changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WORKSFORME --- Comment #6 from Andrew Azores --- (In reply to Andrew Azores from comment #5) > (In reply to Harish Pillay from comment #3) > > I just tested it on another site: > > http://stilllistener.addr.com/checkpoint1/Java/ and the 2nd Java applet on > > that page (towards the bottom) failed as well and the stack trace is: > > > > IcedTea-Web Plugin version: 1.4.2 (fedora-0.fc20-x86_64) > > Sat Mar 01 06:26:53 SGT 2014 > > java.lang.NullPointerException > > at net.sourceforge.jnlp.NetxPanel.runLoader(NetxPanel.java:116) > > at sun.applet.AppletPanel.run(AppletPanel.java:380) > > at java.lang.Thread.run(Thread.java:744) > > This happens occasionally, it's an intermittent problem unrelated to your > original bug report. > > I'm still unable to determine what's causing the failure for you and one > other person here who I asked. It works fine for myself and most other > users. Is there anything you did in particular to come across this error? > Does the WebEx test page at [1] work for you? > > [1] http://www.webex.com/test-meeting.html Actually, this NullPointerException appears to not be the one I was thinking of. I don't know what the problem is there exactly - I've never seen this occur elsewhere, and it's strange that an InterruptedException is so repeatable. I still can't reproduce the WebEx failure, but it does sound very plausible that it's simply due to selinux, as the linked posted earlier suggests. Closing. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Tue Mar 25 17:34:30 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 13:34:30 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53314EFA.2060201@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> Message-ID: <5331BE26.5060802@redhat.com> On 03/25/2014 05:40 AM, Jiri Vanek wrote: > Generally ok, except one important nit: > > final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); > + noCmdExec.addActionListener(new TemporaryPermissionsListener( > + Permissions.READ_LOCAL_FILES, > Permissions.WRITE_LOCAL_FILES, > + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, > + Permissions.READ_PROPERTIES, > Permissions.WRITE_PROPERTIES, > + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, > + Permissions.PRINT_DOCUMENTS, > Permissions.JAVA_REFLECTION, > + Permissions.NETWORK_ACCESS)); > + policyMenu.add(noCmdExec); > > And similar: > are - duplicated. > > > You can push, as similar evil is already done. > > However refactoring, asn asap changeset is needed. > > the ||| advanced settings button will be encapsulated, so non of its > code is duplicated. > You can have your own "extends jbutton" hwhich will do all this logic. > And you add jsut insntance of this button to the panes. > > Also all the : > new TemporaryPermissionsListener( > + Permissions.READ_LOCAL_FILES, > Permissions.WRITE_LOCAL_FILES, > + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, > + Permissions.READ_PROPERTIES, > Permissions.WRITE_PROPERTIES, > + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, > + Permissions.PRINT_DOCUMENTS, > Permissions.JAVA_REFLECTION, > + Permissions.NETWORK_ACCESS)); > + policyMenu.add(noCmdExec); > > should be encapsualted. Those permissionListeners may be stored in > some static class as static constantsand just used as singletons. or not? > If not then they can be provided by some factory methods. But not > spred in gui code like this. > > Yes, just code celaning, but how it is now, i do not look nicely. > > Sorry for troubles:( > J. > You're right, it was getting very messy, and the code for the button/menu stuff definitely should have been shared. So now, behold the monster you've asked for... ! :D 1) Button is pulled out into its own class and used in the two dialogs 2) Popup menu is actually even simpler to make appear now (less futzing with position on screen) 3) !! PolicyEditorPermissions are reused. It's some slightly scary reflection with a bit of regex sprinkled in, but it works perfect. 3b) Some of the temp permissions have been removed because PolicyEditorPermissions don't yet have the right counterparts. But there's another patch I sent earlier that adds all of those permissions as well, so then they can be added in quite quickly here after 4) Temp permission types and menu entries are much much cleaner to define Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: temporary-permissions-2.patch Type: text/x-patch Size: 36009 bytes Desc: not available URL: From bugzilla-daemon at icedtea.classpath.org Tue Mar 25 18:15:21 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Tue, 25 Mar 2014 18:15:21 +0000 Subject: [Bug 1723] New: JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1 Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1723 Bug ID: 1723 Summary: JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1 Product: IcedTea Version: 6-1.1 Hardware: x86_64 OS: Linux Status: NEW Severity: critical Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: rrosmanov at gmail.com CC: unassigned at icedtea.classpath.org Created attachment 1059 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1059&action=edit sigsegv info OS: Gentoo Eclipse package: [I] dev-util/eclipse-sdk-bin [1] Available versions: (4.2) ~4.2.0 ~4.2.1 (~)4.2.1-r1 Installed versions: 4.2.1-r1(4.2)(07:10:39 PM 03/23/2014) Homepage: http://www.eclipse.org Description: Eclipse SDK Installed from the java overlay. IcedTea package: [I] dev-java/icedtea-bin Available versions: (6) 6.1.12.7^s (7) ~7.2.4.3^s {+X +alsa cjk +cups doc examples nsplugin source} Installed versions: 6.1.12.7(6)^s(12:25:12 AM 03/21/2014)(X alsa cups nsplugin -cjk -doc -examples -source) Homepage: http://icedtea.classpath.org Description: A Gentoo-made binary build of the IcedTea JDK Steps to reproduce: 1. Launch eclipse in terminal: eclipse-bin-4.2 2. Open a Java file and make a few clicks on the code This results in a crash: # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x00007f4be6b23d71, pid=5984, tid=139966811485952 # # JRE version: 6.0_27-b27 # Java VM: OpenJDK 64-Bit Server VM (20.0-b12 mixed mode linux-amd64 compressed oops) # Derivative: IcedTea6 1.12.7 # Distribution: Built on NAME=Gentoo (Sun Dec 8 16:00:44 CET 2013) # Problematic frame: # C [libsoup-2.4.so.1+0x72d71] soup_session_feature_detach+0x11 # # An error report file with more information is saved as: # /var/www/s3/hs_err_pid5984.log # # If you would like to submit a bug report, please include # instructions how to reproduce the bug and visit: # http://icedtea.classpath.org/bugzilla # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # The file is attached -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jvanek at redhat.com Tue Mar 25 18:57:48 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 19:57:48 +0100 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <533186F7.2040109@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> <533186F7.2040109@redhat.com> Message-ID: <5331D1AC.7060109@redhat.com> On 03/25/2014 02:39 PM, Andrew Azores wrote: > On 03/25/2014 05:30 AM, Jiri Vanek wrote: >> On 03/24/2014 09:05 PM, Andrew Azores wrote: >>> Hi, >>> >>> This patch just adds Reflection and Exec permission options to PolicyEditor. >>> >>> Thanks, >>> >> >> Looks good. Just not sure if it is enough: >> >> eg: >> java.lang.NullPointerException >> at geogebra.i.x.a(Unknown Source) >> at geogebra.gui.a.a.a(Unknown Source) >> at geogebra.gui.a.a.a(Unknown Source) >> at geogebra.GeoGebra.a(Unknown Source) >> at geogebra.GeoGebra.a(Unknown Source) >> at geogebra.GeoGebra.main(Unknown Source) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:616) >> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) >> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) >> >> I think he class for name is not allowed by your permission. > > Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection, but [1] proves otherwise (and makes sense). > Hmm still the same exception. It is geogebra which is causing this. > [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html > [1] http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29 > >> For exec - are supported both runtimelexec and process builder? > > According to the documentation, they both go through SecurityManager#checkExec, which checks for "execute" action on the given file. So if granting <> as the target, it should allow executing anything (which sounds so, so scary - but that's why this is optional! :) ) hmhmh.. No granularity needed in policy editor level imho. Just allow all. > >> >> J. > > > New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well be added because they're likely to be needed in conjunction with it and each other. PolicyEditor doesn't really have a way to make a single checkbox handle multiple permissions, at least not right now, so the Reflection stuff is split up into four different permissions basically, but I think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a future enhancement would be to add labels separating the checkboxes into groups eg File Access, Java Reflection, System Utility? This should be fixed. Eg all checkboxes from family of "allow unowned code execution" should be gathered under one :(( Not needed to do now, but later 100% needed fix. > > Thanks, > From jvanek at redhat.com Tue Mar 25 19:07:27 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 20:07:27 +0100 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <53318D53.3070502@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> Message-ID: <5331D3EF.7080407@redhat.com> On 03/25/2014 03:06 PM, Andrew Azores wrote: > On 03/25/2014 05:47 AM, Jiri Vanek wrote: >> Nearly perfect ;) >> >> On 03/24/2014 09:39 PM, Andrew Azores wrote: >>> On 03/24/2014 12:22 PM, Jiri Vanek wrote: >> ... >>>> >>>> jsut noted: >>>> * Comments will *not* be preserved when PolicyEditor next saves to the >>>> >>>> Is it really so hard to store the comments for future save? >>> >>> PolicyEditor doesn't even properly parse policy files sometimes, depending on the way the comments are written :) once that's sorted out then being able to store the comments in their own model as well should not be too hard. >>> >> >> Sure. it was jsut undelrine hint >> >> >>> - } >>> - }); >>> + public static class PolicyEditorFrame extends JFrame { >>> + public final PolicyEditor editor; >>> + >>> + public PolicyEditorFrame(final PolicyEditor editor) { >> >> I doubt this will be ever used - please do it private. > > Private, but return the specialized PolicyEditorFrame type anyway from the public getters? Seems a bit odd. I'm not just returning JFrame/JDialog because then there's no easy way to get the actual PolicyEditor instance out of it, to do things like programmatically add codebases. I did have to give the PolicyEditor a reference to its parent frame/dialog in this revision, but I'd rather not use this as a way to hold the reference to the frame/dialog and have eg the security dialogs access the frame/dialog through the editor's reference. That just seems upside down and backward. I must insists. Please do both "do the actuall work" constructors (public PolicyEditorFrame(final PolicyEditor editor) and public PolicyEditorDialog(final PolicyEditor editor) )private. > >>> + super(); >>> + this.editor = editor; >>> + add(editor); >>> + this.pack(); >>> + editor.setVisible(true); >>> + this.setJMenuBar(createMenuBar(this, editor)); >>> + >>> + setTitle(R("PETitle")); >>> + >>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >>> + >>> + addWindowListener(new WindowAdapter() { >>> + @Override >>> + public void windowClosing(final WindowEvent e) { >>> + editor.quit(); >>> + dispose(); >>> + } >>> + }); >>> + >>> + editor.closeButton.addActionListener(new ActionListener() { >>> + @Override >>> + public void actionPerformed(final ActionEvent e) { >>> + dispose(); >>> + } >>> + }); >>> + } >>> + } >>> + >>> + public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) { >>> + return new PolicyEditorFrame(new PolicyEditor(filepath)); >>> + } >>> + >> >> Tehre is really a lot of shared code in this two "methods". >> >> PolicyEditorFrame and PolicyEditorDialog. >> >> They both have general ancestor -Window. All the operations behind super() call may be done in generalised ancestor. > > Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation... hmm.. I was found with patns down it seams.... The java.awt.Window really do not have it?? Strange... Anyway - there is really to much duplicate code. Please nvm - the duplicate code is really awwefull: + this.editor = editor; private artificial forefather? + add(editor); + this.pack(); window editor.setVisible(true); + + setTitle(R("PETitle")); + this is stupid :) + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); + this too:-/ Maybe add interfcae for this? :D feel free to elaborate as you wish. + addWindowListener(new WindowAdapter() { + @Override + public void windowClosing(final WindowEvent e) { + editor.quit(); + dispose(); + } + }); + + editor.closeButton.addActionListener(new ActionListener() { + @Override + public void actionPerformed(final ActionEvent e) { + dispose(); + } + }); thso eshould be in Window or comon artifical forefather too. > >> >>> + public static class PolicyEditorDialog extends JDialog { >>> + public final PolicyEditor editor; >>> + >>> + public PolicyEditorDialog(final PolicyEditor editor) >> I doubt this will be ever used - please do it private. >> { >>> + super(); >>> + this.editor = editor; >>> + add(editor); >>> + this.pack(); >>> + this.setJMenuBar(createMenuBar(this, editor)); >>> + >>> + editor.setVisible(true); >>> + >>> + setTitle(R("PETitle")); >>> + >>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >>> + >>> + addWindowListener(new WindowAdapter() { >>> + @Override >>> + public void windowClosing(final WindowEvent e) { >>> + editor.quit(); >>> + dispose(); >>> + } >>> + }); >>> + >>> + editor.closeButton.addActionListener(new ActionListener() { >>> + @Override >>> + public void actionPerformed(final ActionEvent e) { >>> + dispose(); >>> + } >>> + }); >>> + } >>> + } >>> + >>> + public static PolicyEditorDialog getPolicyEditorDialog(final String filepath) { >>> + return new PolicyEditorDialog(new PolicyEditor(filepath)); >>> } >>> >>> private void setClosed() { >>> @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame >>> */ >>> private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) { >>> final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers); >>> - final JRootPane root = getRootPane(); >>> - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); >>> - root.getActionMap().put(identifier, action); >>> + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); >>> + this.getActionMap().put(identifier, action); >>> } >>> >>> /** >>> @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame >>> } >>> weakThis.clear(); >>> setClosed(); >>> - dispose(); >>> } >>> >>> /** >>> @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame >>> * @param component the component for which to set a mnemonic >>> * @param mnemonic the mnemonic to set >>> */ >>> - private void setComponentMnemonic(final AbstractButton component, final String mnemonic) { >>> + private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) { >>> final int trig; >>> try { >>> trig = Integer.parseInt(mnemonic); >>> @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame >>> component.setMnemonic(trig); >>> } >>> >>> - /** >>> - * Lay out all controls, tooltips, etc. >>> - */ >>> - private void setupLayout() { >>> + private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) { >>> + final JMenuBar menuBar = new JMenuBar(); >>> + >>> final JMenu fileMenu = new JMenu(R("PEFileMenu")); >>> setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic")); >>> + >>> final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem")); >>> setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic")); >>> openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); >>> - openItem.addActionListener(openButtonAction); >>> + openItem.addActionListener(editor.openButtonAction); >>> fileMenu.add(openItem); >>> + >>> final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem")); >>> setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic")); >>> saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); >>> - saveItem.addActionListener(okButtonAction); >>> + saveItem.addActionListener(editor.okButtonAction); >>> fileMenu.add(saveItem); >>> + >>> final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem")); >>> setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic")); >>> saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK)); >>> - saveAsItem.addActionListener(saveAsButtonAction); >>> + saveAsItem.addActionListener(editor.saveAsButtonAction); >>> fileMenu.add(saveAsItem); >>> + >>> final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem")); >>> setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic")); >>> exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); >>> - exitItem.addActionListener(closeButtonAction); >>> + exitItem.addActionListener(editor.closeButtonAction); >>> + exitItem.addActionListener(new ActionListener() { >>> + @Override >>> + public void actionPerformed(final ActionEvent e) { >>> + window.dispose(); >>> + } >>> + }); >>> fileMenu.add(exitItem); >>> menuBar.add(fileMenu); >>> >>> final JMenu viewMenu = new JMenu(R("PEViewMenu")); >>> setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic")); >>> + >>> final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem")); >>> setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic")); >>> customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK)); >>> - customPermissionsItem.addActionListener(viewCustomButtonAction); >>> + customPermissionsItem.addActionListener(editor.viewCustomButtonAction); >>> >>> viewMenu.add(customPermissionsItem); >>> menuBar.add(viewMenu); >>> - this.setJMenuBar(menuBar); >>> >>> + return menuBar; >>> + } >>> + >>> + /** >>> + * Lay out all controls, tooltips, etc. >>> + */ >>> + private void setupLayout() { >>> final JLabel checkboxLabel = new JLabel(); >>> checkboxLabel.setText(R("PECheckboxLabel")); >>> checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2)); >>> @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame >>> add(closeButton, cancelButtonConstraints); >>> >>> setMinimumSize(getPreferredSize()); >>> - pack(); >>> } >>> >>> /** >>> @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame >>> // maybe the user just forgot the -file flag, so try to open anyway >>> filepath = args[0]; >>> } >>> - final PolicyEditor editor = new PolicyEditor(filepath); >>> - editor.setVisible(true); >>> + final PolicyEditorFrame frame = getPolicyEditorFrame(filepath); >>> + frame.setVisible(true); >>> final String codebaseStr = argsMap.get(CODEBASE_FLAG); >>> if (codebaseStr != null) { >>> final String[] urls = codebaseStr.split(" "); >>> - editor.addNewCodebases(urls); >>> + frame.editor.addNewCodebases(urls); >>> } >>> } >>> }); >>> diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java b/netx/net/sourceforge/jnlp/util/FileUtils.java >>> --- a/netx/net/sourceforge/jnlp/util/FileUtils.java >>> +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java >>> @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util; >>> >>> import static net.sourceforge.jnlp.runtime.Translator.R; >>> >>> +import java.awt.Component; >>> import java.io.BufferedReader; >>> import java.io.BufferedWriter; >>> import java.io.File; >>> @@ -30,7 +31,6 @@ import java.io.InputStreamReader; >>> import java.io.OutputStreamWriter; >>> import java.io.RandomAccessFile; >>> import java.io.Writer; >>> -import java.nio.ByteBuffer; >>> import java.nio.channels.FileChannel; >>> import java.nio.channels.FileLock; >>> import java.security.DigestInputStream; >>> @@ -347,7 +347,7 @@ public final class FileUtils { >>> * Show a dialog informing the user that the file is currently read-only >>> * @param frame a {@link JFrame} to act as parent to this dialog >>> */ >>> - public static void showReadOnlyDialog(final JFrame frame) { >>> + public static void showReadOnlyDialog(final Component frame) { >>> SwingUtilities.invokeLater(new Runnable() { >>> @Override >>> public void run() { >>> @@ -361,7 +361,7 @@ public final class FileUtils { >>> * @param frame a {@link JFrame} to act as parent to this dialog >>> * @param filePath a {@link String} representing the path to the file we failed to open >>> */ >>> - public static void showCouldNotOpenFilepathDialog(final JFrame frame, final String filePath) { >>> + public static void showCouldNotOpenFilepathDialog(final Component frame, final String filePath) { >> Window will be much more suitable then Component n thsoe calls. > > Okay, fixed. > >> >>> showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath)); >>> } >>> >>> @@ -371,7 +371,7 @@ public final class FileUtils { >>> * @param filePath a {@link String} representing the path to the file we failed to open >>> * @param reason a {@link OpenFileResult} specifying more precisely why we failed to open the file >>> */ >>> - public static void showCouldNotOpenFileDialog(final JFrame frame, final String filePath, final OpenFileResult reason) { >>> + public static void showCouldNotOpenFileDialog(final Component frame, final String filePath, final OpenFileResult reason) { >>> final String message; >>> switch (reason) { >>> case CANT_CREATE: >>> @@ -396,7 +396,7 @@ public final class FileUtils { >>> * @param filePath a {@link String} representing the path to the file we failed to open >>> * @param message a {@link String} giving the specific reason the file could not be opened >>> */ >>> - public static void showCouldNotOpenDialog(final JFrame frame, final String message) { >>> + public static void showCouldNotOpenDialog(final Component frame, final String message) { >>> SwingUtilities.invokeLater(new Runnable() { >>> @Override >>> public void run() { >> >> After thsoe clean up. it will be ready to go. >> >> Thanx! >> >> J. > > And sorry for the noise in this patch as well, but I noticed that somehow it became mixed tabs+spaces, so I just did a :retab along with the actual work. > > Also fixed in this patch: Custom Policy Viewer is not frozen due to its parent PolicyEditor's modality. > NP. Otherwise loks ok. From jvanek at redhat.com Tue Mar 25 19:13:04 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Tue, 25 Mar 2014 20:13:04 +0100 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <5331BE26.5060802@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> Message-ID: <5331D540.3060401@redhat.com> On 03/25/2014 06:34 PM, Andrew Azores wrote: > On 03/25/2014 05:40 AM, Jiri Vanek wrote: >> Generally ok, except one important nit: >> >> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); >> + noCmdExec.addActionListener(new TemporaryPermissionsListener( >> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >> + Permissions.NETWORK_ACCESS)); >> + policyMenu.add(noCmdExec); >> >> And similar: >> are - duplicated. >> >> >> You can push, as similar evil is already done. >> >> However refactoring, asn asap changeset is needed. >> >> the ||| advanced settings button will be encapsulated, so non of its code is duplicated. >> You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut insntance of this button to the panes. >> >> Also all the : >> new TemporaryPermissionsListener( >> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >> + Permissions.NETWORK_ACCESS)); >> + policyMenu.add(noCmdExec); >> >> should be encapsualted. Those permissionListeners may be stored in some static class as static constantsand just used as singletons. or not? >> If not then they can be provided by some factory methods. But not spred in gui code like this. >> >> Yes, just code celaning, but how it is now, i do not look nicely. >> >> Sorry for troubles:( >> J. >> > > You're right, it was getting very messy, and the code for the button/menu stuff definitely should have been shared. > > So now, behold the monster you've asked for... ! :D > > 1) Button is pulled out into its own class and used in the two dialogs > 2) Popup menu is actually even simpler to make appear now (less futzing with position on screen) > 3) !! PolicyEditorPermissions are reused. It's some slightly scary reflection with a bit of regex sprinkled in, but it works perfect. > 3b) Some of the temp permissions have been removed because PolicyEditorPermissions don't yet have the right counterparts. But there's another patch I sent earlier that adds all of those permissions as well, so then they can be added in quite quickly here after > 4) Temp permission types and menu entries are much much cleaner to define > hmhmhm - just see: +STempSoundOnly=Play audio it is same issue as in case of reflection. it should probably allow both recording and playing. UTwo permissions under one checkbox. - maybe as tmp hack can serve some better grouping of checkboxes, with one main - whcih will select/unselect all underlying. By this you will have your one-permission-per-checkbox - and user will not be bored by to much on-first-glance-visible permissions. Maybe I can do thsis tomorrow? I wil enjoy it :) + public static Permission getPermission(final PolicyEditorPermissions editorPermission) { arrgh thats monster..... Why reflection!!?!??! No way!!! it is our class. Please do something public or whatever... Otherwise it is not os monsterous :) From omajid at redhat.com Tue Mar 25 19:24:26 2014 From: omajid at redhat.com (Omair Majid) Date: Tue, 25 Mar 2014 15:24:26 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <5331D540.3060401@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> Message-ID: <20140325192425.GF2000@redhat.com> * Jiri Vanek [2014-03-25 15:08]: > +STempSoundOnly=Play audio FYI, last I looked into this, no permissions are generally need to play audio (even though some docs suggest permissions are needed). At least, the default audio provider in OpenJDK did not check for this permission. In fact, as far as I know, permissions are only needed to record audio. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Tue Mar 25 19:28:04 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 15:28:04 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <5331D540.3060401@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> Message-ID: <5331D8C4.3040309@redhat.com> On 03/25/2014 03:13 PM, Jiri Vanek wrote: > On 03/25/2014 06:34 PM, Andrew Azores wrote: >> On 03/25/2014 05:40 AM, Jiri Vanek wrote: >>> Generally ok, except one important nit: >>> >>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); >>> + noCmdExec.addActionListener(new TemporaryPermissionsListener( >>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>> + Permissions.NETWORK_ACCESS)); >>> + policyMenu.add(noCmdExec); >>> >>> And similar: >>> are - duplicated. >>> >>> >>> You can push, as similar evil is already done. >>> >>> However refactoring, asn asap changeset is needed. >>> >>> the ||| advanced settings button will be encapsulated, so non of its >>> code is duplicated. >>> You can have your own "extends jbutton" hwhich will do all this >>> logic. And you add jsut insntance of this button to the panes. >>> >>> Also all the : >>> new TemporaryPermissionsListener( >>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>> + Permissions.NETWORK_ACCESS)); >>> + policyMenu.add(noCmdExec); >>> >>> should be encapsualted. Those permissionListeners may be stored in >>> some static class as static constantsand just used as singletons. or >>> not? >>> If not then they can be provided by some factory methods. But not >>> spred in gui code like this. >>> >>> Yes, just code celaning, but how it is now, i do not look nicely. >>> >>> Sorry for troubles:( >>> J. >>> >> >> You're right, it was getting very messy, and the code for the >> button/menu stuff definitely should have been shared. >> >> So now, behold the monster you've asked for... ! :D >> >> 1) Button is pulled out into its own class and used in the two dialogs >> 2) Popup menu is actually even simpler to make appear now (less >> futzing with position on screen) >> 3) !! PolicyEditorPermissions are reused. It's some slightly scary >> reflection with a bit of regex sprinkled in, but it works perfect. >> 3b) Some of the temp permissions have been removed because >> PolicyEditorPermissions don't yet have the right counterparts. But >> there's another patch I sent earlier that adds all of those >> permissions as well, so then they can be added in quite quickly here >> after >> 4) Temp permission types and menu entries are much much cleaner to >> define >> > > > hmhmhm - just see: > +STempSoundOnly=Play audio > it is same issue as in case of reflection. it should probably allow > both recording and playing. UTwo permissions under one checkbox. Really? I can imagine many scenarios where a user is comfortable with an applet playing sound back but not recording it. Reflection makes sense to group together but I think audio should be separate. > > - maybe as tmp hack can serve some better grouping of checkboxes, with > one main - whcih will select/unselect all underlying. By this you will > have your one-permission-per-checkbox - and user will not be bored by > to much on-first-glance-visible permissions. Maybe I can do thsis > tomorrow? I wil enjoy it :) Go ahead. > > > + public static Permission getPermission(final > PolicyEditorPermissions editorPermission) { > > arrgh thats monster..... Why reflection!!?!??! No way!!! it is our > class. Please do something public or whatever... > > > > Otherwise it is not os monsterous :) Well, I had to decide if I wanted to extend PolicyEditorPermissions with some way to convert into Permissions, or to just add this translation layer separately. I liked the new layer better, since PolicyEditorPermissions was really just intended for use within PolicyEditor, and in there we don't need this kind of logic. So from outside of the model itself, reflection was actually not a bad way to handle acquiring the correct kind of Permission subclass from the model - the alternative would have been a switch or long if/else chain, which would have then meant that any new PermissionTypes would have also needed an update to the TemporaryPermissions converter. Using reflection like this means that it never has to be updated if the PermissionTypes change. I don't think this is even that bad of a use of reflection - I don't think it's too hard to read, and it's not being used somewhere performance critical or where it will be called very frequently. The other good option I've thought of is to add the Permission conversion logic to the PolicyEditorPermissions model, and move/rename this model so it's more suitable as something shared between PolicyEditor and these dialogs. The PolicyEditorPermissions could be constructed with a Class reference, eg RuntimePermission.class, and have a Permission field that is then populated by the constructor doing a bit less reflection. This eliminates the need for the Class.forName call, but makes the PolicyEditorPermission model more complicated in a way that I don't think it really needs to be. Thanks, -- Andrew A From aazores at redhat.com Tue Mar 25 19:34:41 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 15:34:41 -0400 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <5331D1AC.7060109@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> <533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com> Message-ID: <5331DA51.80604@redhat.com> On 03/25/2014 02:57 PM, Jiri Vanek wrote: > On 03/25/2014 02:39 PM, Andrew Azores wrote: >> On 03/25/2014 05:30 AM, Jiri Vanek wrote: >>> On 03/24/2014 09:05 PM, Andrew Azores wrote: >>>> Hi, >>>> >>>> This patch just adds Reflection and Exec permission options to >>>> PolicyEditor. >>>> >>>> Thanks, >>>> >>> >>> Looks good. Just not sure if it is enough: >>> >>> eg: >>> java.lang.NullPointerException >>> at geogebra.i.x.a(Unknown Source) >>> at geogebra.gui.a.a.a(Unknown Source) >>> at geogebra.gui.a.a.a(Unknown Source) >>> at geogebra.GeoGebra.a(Unknown Source) >>> at geogebra.GeoGebra.a(Unknown Source) >>> at geogebra.GeoGebra.main(Unknown Source) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:616) >>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) >>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) >>> >>> I think he class for name is not allowed by your permission. >> >> Aha! Thanks for catching this. [0] suggests there's only one >> permission needed for reflection, but [1] proves otherwise (and makes >> sense). >> > > Hmm still the same exception. It is geogebra which is causing this. Do you have exact reproduction steps? > >> [0] >> http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html >> [1] >> http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29 >> >>> For exec - are supported both runtimelexec and process builder? >> >> According to the documentation, they both go through >> SecurityManager#checkExec, which checks for "execute" action on the >> given file. So if granting <> as the target, it should >> allow executing anything (which sounds so, so scary - but that's why >> this is optional! :) ) > hmhmh.. No granularity needed in policy editor level imho. Just allow > all. Yea, that's what it is now. Just FilePermission with "execute" action on "<>" target. >> >>> >>> J. >> >> >> New patch adds the ClassLoader permission, as well as a bunch of >> others I figured might as well be added because they're likely to be >> needed in conjunction with it and each other. PolicyEditor doesn't >> really have a way to make a single checkbox handle multiple >> permissions, at least not right now, so the Reflection stuff is split >> up into four different permissions basically, but I think that's >> probably actually better anyway. It's just a little more cluttered >> looking. Maybe a future enhancement would be to add labels separating >> the checkboxes into groups eg File Access, Java Reflection, System >> Utility? > > This should be fixed. Eg all checkboxes from family of "allow unowned > code execution" should be gathered under one :(( > > Not needed to do now, but later 100% needed fix. >> >> Thanks, >> > Thanks, -- Andrew A From aazores at redhat.com Tue Mar 25 20:05:18 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 16:05:18 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <5331D3EF.7080407@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com> Message-ID: <5331E17E.5070302@redhat.com> On 03/25/2014 03:07 PM, Jiri Vanek wrote: > >>>> - } >>>> - }); >>>> + public static class PolicyEditorFrame extends JFrame { >>>> + public final PolicyEditor editor; >>>> + >>>> + public PolicyEditorFrame(final PolicyEditor editor) { >>> >>> I doubt this will be ever used - please do it private. >> >> Private, but return the specialized PolicyEditorFrame type anyway >> from the public getters? Seems a bit odd. I'm not just returning >> JFrame/JDialog because then there's no easy way to get the actual >> PolicyEditor instance out of it, to do things like programmatically >> add codebases. I did have to give the PolicyEditor a reference to its >> parent frame/dialog in this revision, but I'd rather not use this as >> a way to hold the reference to the frame/dialog and have eg the >> security dialogs access the frame/dialog through the editor's >> reference. That just seems upside down and backward. > > > I must insists. Please do both "do the actuall work" constructors > (public PolicyEditorFrame(final PolicyEditor editor) and public > PolicyEditorDialog(final PolicyEditor editor) )private. Okay, so then if they're private, CertWarningPane and PartiallySignedAppTrustWarningPanel can't use them, and will be stuck with only JDialog? Then how do they get to the actual PolicyEditor instance to do addNewCodebase? > >> >>>> + super(); >>>> + this.editor = editor; >>>> + add(editor); >>>> + this.pack(); >>>> + editor.setVisible(true); >>>> + this.setJMenuBar(createMenuBar(this, editor)); >>>> + >>>> + setTitle(R("PETitle")); >>>> + >>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >>>> + >>>> + addWindowListener(new WindowAdapter() { >>>> + @Override >>>> + public void windowClosing(final WindowEvent e) { >>>> + editor.quit(); >>>> + dispose(); >>>> + } >>>> + }); >>>> + >>>> + editor.closeButton.addActionListener(new ActionListener() { >>>> + @Override >>>> + public void actionPerformed(final ActionEvent e) { >>>> + dispose(); >>>> + } >>>> + }); >>>> + } >>>> + } >>>> + >>>> + public static PolicyEditorFrame getPolicyEditorFrame(final String >>>> filepath) { >>>> + return new PolicyEditorFrame(new PolicyEditor(filepath)); >>>> + } >>>> + >>> >>> Tehre is really a lot of shared code in this two "methods". >>> >>> PolicyEditorFrame and PolicyEditorDialog. >>> >>> They both have general ancestor -Window. All the operations behind >>> super() call may be done in generalised ancestor. >> >> Window doesn't have setTitle, or setJMenuBar, or >> setDefaultCloseOperation... > hmm.. I was found with patns down it seams.... The java.awt.Window > really do not have it?? Strange... > Anyway - there is really to much duplicate code. Please > > > nvm - the duplicate code is really awwefull: > > + this.editor = editor; > private artificial forefather? > + add(editor); > + this.pack(); > > window > > editor.setVisible(true); > + > + setTitle(R("PETitle")); > + > > this is stupid :) > > + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); > + > this too:-/ Sorry but none of the above five comments are useful. I don't know what you want. > > Maybe add interfcae for this? :D feel free to elaborate as you wish. What? An interface for what? I don't understand how adding an interface is going to help. > > + addWindowListener(new WindowAdapter() { > + @Override > + public void windowClosing(final WindowEvent e) { > + editor.quit(); > + dispose(); > + } > + }); > + > + editor.closeButton.addActionListener(new ActionListener() { > + @Override > + public void actionPerformed(final ActionEvent e) { > + dispose(); > + } > + }); > > thso eshould be in Window or comon artifical forefather too. > > I still don't know how I'm supposed to be subclassing Window here. It is missing required functionality that is implemented independently by both JFrame and JDialog. Yes, if I made a Window subclass, then most of the logic could be moved into it just fine, but some important things eg window title and menu bar would be missing. Then if I subclass this new Window subclass, I still don't have the JMenuBar, etc. I don't know what "artificial forefather" you're suggesting otherwise. Anyway, the attached patch slightly reduces the amount of duplicated code by extracting it into a private static helper method that operates on Window. The only work now done in the JDialog and JFrame subclassed constructors are the parts that cannot be done on a Window, which happens to be the exact same between the two of them. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modal-policyeditor-4.patch Type: text/x-patch Size: 22131 bytes Desc: not available URL: From aazores at redhat.com Tue Mar 25 20:36:16 2014 From: aazores at redhat.com (Andrew Azores) Date: Tue, 25 Mar 2014 16:36:16 -0400 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <533056E3.60201@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> <5330536D.2030608@redhat.com> <533056E3.60201@redhat.com> Message-ID: <5331E8C0.6030401@redhat.com> On 03/24/2014 12:01 PM, Jiri Vanek wrote: > On 03/24/2014 04:46 PM, Andrew Azores wrote: >> On 03/24/2014 11:11 AM, Jiri Vanek wrote: >>> On 03/24/2014 03:44 PM, Andrew Azores wrote: >>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>>>> Hi, >>>>>> >>>>>> PolicyEditor loads and saves policy files async, obviously. >>>>>> However, this means that opening a new >>>>>> PolicyEditor instance on an existing policy file and >>>>>> programmatically adding a new codebase to the >>>>>> editor does not have a well-defined order. This can be >>>>>> problematic because PolicyEditor >>>>>> highlights/selects the last added codebase, so eg in the scenario >>>>>> where the editor is being >>>>>> launched >>>>>> from a security dialog, we want to be sure that the current >>>>>> applet's codebase is the one selected >>>>>> when the editor appears. This patch adds a method to PolicyEditor >>>>>> that indicates whether the >>>>>> editor >>>>>> is currently reading/writing a file, and adds a loop to the two >>>>>> security dialogs so that the new >>>>>> codebase is not added and the editor made visible until it >>>>>> completes its IO. >>>>>> >>>>>> Thanks, >>>>>> >>>>> >>>>> Hm... I dont think this is correct approach. Why are you so >>>>> strongly against modal dialogue? >>>>> >>>>> >>>>> J. >>>> >>>> I'm not... making PolicyEditor modal will come later. This patch is >>>> just about making sure that when >>>> you launch PolicyEditor from a security dialog, the current >>>> applet's codebase is guaranteed to be >>>> the selected one when the editor appears. This and modality are >>>> completely separate. >>>> >>>> Thanks, >>>> >>> uff... wouldnt be much more easy to make the load/save in sync? I >>> do not see any reason why it is >>> in new thread Thread(save/load).start() .... >>> >>> >>> J. >> >> I really don't want to be doing it sync on the UI thread. This makes >> the application less >> responsive, and is generally bad practice. Not worth the benefit of >> making it easier to guarantee >> the programmatically added new codebases come after. There are better >> ways to do it async than >> manually spawning a new Thread, though, yes. eg SwingWorker as you >> said on IRC, or Executors and >> Runnables as I suggested. Still, these potential enhancements to the >> multithreading model would >> still have the codebase ordering problem. > > I agree thath do it in gui thread is wrong. But I disagree with > current aproach and new suggested locking. > > Correct aporach is: > invoke thread (swingworker) > disable gui or show dialog with progressbar or soem wait please > (so gui will be "responsoble") > wait for thread. > > > Would be correct approach. Okay, this is an enhancement in that it uses the nice SwingWorker abstraction and provides a visual indicator of progress for the IO operation, but I don't see how it really solves the problem. If by "wait for thread" you mean Thread#join or similar, then we're again just blocking the EDT, so it won't actually be responsive until the IO is done. In that case we might as well just have the EDT do the IO directly. If we don't block the EDT and continue to let the IO complete async, albeit with visual progress indication and nicely abstracted, then there is still the problem of addNewCodebase being called externally and not having a well-defined order compared to the addNewCodebase calls made by the thread performing the IO. > > > However - the polici files *are* small. So the burden of *doing it > IN* AWT is imho acceptable. > > > J. > > Thanks, -- Andrew A From andrew at icedtea.classpath.org Tue Mar 25 23:25:02 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Tue, 25 Mar 2014 23:25:02 +0000 Subject: /hg/icedtea6: Add unreleased upstream patches. Message-ID: changeset 03d11116ab06 in /hg/icedtea6 details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=03d11116ab06 author: Andrew John Hughes date: Tue Mar 25 23:24:47 2014 +0000 Add unreleased upstream patches. 2014-03-25 Andrew John Hughes * Makefile.am: (UPSTREAMED_PATCHES): Add patches from unreleased upstream. (ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES. * NEWS: Updated. * patches/openjdk/7110396-sound_code_build_fix.patch, * patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch, * patches/openjdk/oj6-29-jdk_version_info_zeroing.patch: Add new patches from upstream. diffstat: ChangeLog | 16 +++++ Makefile.am | 6 ++ NEWS | 3 + patches/linker-libs-order.patch | 44 +++++---------- patches/openjdk/7110396-sound_code_build_fix.patch | 22 ++++++++ patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch | 21 +++++++ patches/openjdk/oj6-29-jdk_version_info_zeroing.patch | 21 +++++++ 7 files changed, 105 insertions(+), 28 deletions(-) diffs (189 lines): diff -r 0ef5e61b1b00 -r 03d11116ab06 ChangeLog --- a/ChangeLog Mon Mar 24 16:53:24 2014 -0400 +++ b/ChangeLog Tue Mar 25 23:24:47 2014 +0000 @@ -1,3 +1,19 @@ +2014-03-25 Andrew John Hughes + + * Makefile.am: + (UPSTREAMED_PATCHES): Add patches from unreleased upstream. + (ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES. + * NEWS: Updated. + * patches/openjdk/7110396-sound_code_build_fix.patch, + * patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch, + * patches/openjdk/oj6-29-jdk_version_info_zeroing.patch: + Add new patches from upstream. + +2014-02-01 Andrew John Hughes + + * patches/linker-libs-order.patch: + Regenerate, removing upstreamed fragment. + 2014-03-24 Pavel Tisnovsky * contrib/jck/compile-native-code.sh: diff -r 0ef5e61b1b00 -r 03d11116ab06 Makefile.am --- a/Makefile.am Mon Mar 24 16:53:24 2014 -0400 +++ b/Makefile.am Tue Mar 25 23:24:47 2014 +0000 @@ -313,9 +313,15 @@ patches/lcms.patch endif +UPSTREAMED_PATCHES = \ + patches/openjdk/7110396-sound_code_build_fix.patch \ + patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch \ + patches/openjdk/oj6-29-jdk_version_info_zeroing.patch + ICEDTEA_PATCHES = \ $(DROP_PATCHES) \ $(SECURITY_PATCHES) \ + $(UPSTREAMED_PATCHES) \ patches/openjdk/6733501-icedtea_lcms_test.patch \ $(LCMS_PATCHES) \ patches/openjdk/4993545-nativeinlightfixer.patch \ diff -r 0ef5e61b1b00 -r 03d11116ab06 NEWS --- a/NEWS Mon Mar 24 16:53:24 2014 -0400 +++ b/NEWS Tue Mar 25 23:24:47 2014 +0000 @@ -15,9 +15,12 @@ New in release 1.14.0 (201X-XX-XX): * Backports + - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages - S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory() - S8026887: Make issues due to failed large pages allocations easier to debug + - S8035893: JVM_GetVersionInfo fails to zero structure + - OPENJDK6-29: JDK fails to zero jdk_version_info correctly * Bug fixes - PR1714: Update PaX support to detect running PaX kernel and use newer tools - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/linker-libs-order.patch --- a/patches/linker-libs-order.patch Mon Mar 24 16:53:24 2014 -0400 +++ b/patches/linker-libs-order.patch Tue Mar 25 23:24:47 2014 +0000 @@ -1,7 +1,19 @@ -diff -durN openjdk-orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk ---- openjdk-orig/jdk/make/common/shared/Sanity.gmk 2008-10-27 00:25:33.000000000 +0000 -+++ openjdk/jdk/make/common/shared/Sanity.gmk 2008-10-28 21:42:16.000000000 +0000 -@@ -1397,7 +1397,7 @@ +diff -Nru openjdk.orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile +--- openjdk.orig/jdk/make/com/sun/java/pack/Makefile 2013-08-21 20:32:57.128216515 +0100 ++++ openjdk/jdk/make/com/sun/java/pack/Makefile 2014-02-01 15:58:10.921834941 +0000 +@@ -144,7 +144,7 @@ + + $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres + $(prep-target) +- $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) ++ $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) + $(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE) + + +diff -Nru openjdk.orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk +--- openjdk.orig/jdk/make/common/shared/Sanity.gmk 2014-02-01 15:43:22.344232267 +0000 ++++ openjdk/jdk/make/common/shared/Sanity.gmk 2014-02-01 15:58:10.921834941 +0000 +@@ -1344,7 +1344,7 @@ ifdef ALSA_VERSION_CHECK $(ALSA_VERSION_CHECK): $(ALSA_VERSION_CHECK).c @$(prep-target) @@ -10,27 +22,3 @@ $(ALSA_VERSION_CHECK).c: @$(prep-target) -diff -durN openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile openjdk/jdk/make/javax/sound/jsoundalsa/Makefile ---- openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile 2008-08-28 09:10:50.000000000 +0100 -+++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile 2008-10-28 21:55:27.000000000 +0000 -@@ -65,7 +65,7 @@ - $(MIDIFILES_export) \ - $(PORTFILES_export) - --LDFLAGS += -lasound -+OTHER_LDLIBS += -lasound - - CPPFLAGS += \ - -DUSE_DAUDIO=TRUE \ -diff -durN openjdk-orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile ---- openjdk-orig/jdk/make/com/sun/java/pack/Makefile 2008-10-27 00:25:30.000000000 +0000 -+++ openjdk/jdk/make/com/sun/java/pack/Makefile 2008-10-28 23:27:55.000000000 +0000 -@@ -142,7 +141,7 @@ - - $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres - $(prep-target) -- $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) -+ $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) - $(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE) - - diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/7110396-sound_code_build_fix.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/7110396-sound_code_build_fix.patch Tue Mar 25 23:24:47 2014 +0000 @@ -0,0 +1,22 @@ +# HG changeset patch +# User mr +# Date 1327351181 28800 +# Mon Jan 23 12:39:41 2012 -0800 +# Node ID b49e33de40eafc113d3ca822f4abe2fde31d2cc2 +# Parent 07a296eb4c9cb88d2d84561ecfe70e10b167a2ac +7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems +Reviewed-by: ohair +Contributed-by: edvard.wendelin at oracle.com + +diff -r 07a296eb4c9c -r b49e33de40ea make/javax/sound/jsoundalsa/Makefile +--- openjdk/jdk/make/javax/sound/jsoundalsa/Makefile Tue Jan 21 13:39:13 2014 -0500 ++++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile Mon Jan 23 12:39:41 2012 -0800 +@@ -65,7 +65,7 @@ + $(MIDIFILES_export) \ + $(PORTFILES_export) + +-LDFLAGS += -lasound ++OTHER_LDLIBS += -lasound + + CPPFLAGS += \ + -DUSE_DAUDIO=TRUE \ diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch Tue Mar 25 23:24:47 2014 +0000 @@ -0,0 +1,21 @@ +# HG changeset patch +# User igerasim +# Date 1393588840 -14400 +# Fri Feb 28 16:00:40 2014 +0400 +# Node ID 72a544aeb89217020b60c10fe167e2567fea3460 +# Parent 9747f83d7a38205a4a26008ee767fd161e1856c2 +8035893: JVM_GetVersionInfo fails to zero structure +Reviewed-by: sla, zgu + +diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp +--- openjdk/hotspot/src/share/vm/prims/jvm.cpp Fri Mar 21 20:57:28 2014 +0000 ++++ openjdk/hotspot/src/share/vm/prims/jvm.cpp Fri Feb 28 16:00:40 2014 +0400 +@@ -4534,7 +4534,7 @@ + + JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size)) + { +- memset(info, 0, sizeof(info_size)); ++ memset(info, 0, info_size); + + info->jvm_version = Abstract_VM_Version::jvm_version(); + info->update_version = 0; /* 0 in HotSpot Express VM */ diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj6-29-jdk_version_info_zeroing.patch Tue Mar 25 23:24:47 2014 +0000 @@ -0,0 +1,21 @@ +# HG changeset patch +# User aph +# Date 1393513709 0 +# Thu Feb 27 15:08:29 2014 +0000 +# Node ID 04e4c3ec6516727f01f91a9ce8cb72586a3bc502 +# Parent 942d4ba93be74b1c401d6532f116da80f5466303 +OPENJDK6-29: JDK fails to zero jdk_version_info correctly +Reviewed-by: andrew + +diff -r 942d4ba93be7 -r 04e4c3ec6516 src/share/native/common/jdk_util.c +--- openjdk/jdk/src/share/native/common/jdk_util.c Wed Feb 26 18:06:02 2014 +0000 ++++ openjdk/jdk/src/share/native/common/jdk_util.c Thu Feb 27 15:08:29 2014 +0000 +@@ -76,7 +76,7 @@ + } + + +- memset(info, 0, sizeof(info_size)); ++ memset(info, 0, info_size); + info->jdk_version = ((jdk_major_version & 0xFF) << 24) | + ((jdk_minor_version & 0xFF) << 16) | + ((jdk_micro_version & 0xFF) << 8) | From jvanek at redhat.com Wed Mar 26 09:04:49 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 10:04:49 +0100 Subject: [rfc][icedtea-web] minor properties fix Message-ID: <53329831.4070502@redhat.com> 2014-03-26 Jiri Vanek * /netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: (checkTrustedOnlyAttribute) hardocded strings for signedMsg moved to properties. * /netx/net/sourceforge/jnlp/resources/Messages.propertie: Added (STOAsignedMsgFully) (STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) keys -------------- next part -------------- A non-text attachment was scrubbed... Name: minorLocalisationFix.patch Type: text/x-patch Size: 2068 bytes Desc: not available URL: From jvanek at redhat.com Wed Mar 26 09:06:26 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 10:06:26 +0100 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <5331DA51.80604@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> <533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com> <5331DA51.80604@redhat.com> Message-ID: <53329892.30105@redhat.com> On 03/25/2014 08:34 PM, Andrew Azores wrote: > On 03/25/2014 02:57 PM, Jiri Vanek wrote: >> On 03/25/2014 02:39 PM, Andrew Azores wrote: >>> On 03/25/2014 05:30 AM, Jiri Vanek wrote: >>>> On 03/24/2014 09:05 PM, Andrew Azores wrote: >>>>> Hi, >>>>> >>>>> This patch just adds Reflection and Exec permission options to PolicyEditor. >>>>> >>>>> Thanks, >>>>> >>>> >>>> Looks good. Just not sure if it is enough: >>>> >>>> eg: >>>> java.lang.NullPointerException >>>> at geogebra.i.x.a(Unknown Source) >>>> at geogebra.gui.a.a.a(Unknown Source) >>>> at geogebra.gui.a.a.a(Unknown Source) >>>> at geogebra.GeoGebra.a(Unknown Source) >>>> at geogebra.GeoGebra.a(Unknown Source) >>>> at geogebra.GeoGebra.main(Unknown Source) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:616) >>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) >>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) >>>> >>>> I think he class for name is not allowed by your permission. >>> >>> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection, >>> but [1] proves otherwise (and makes sense). >>> >> >> Hmm still the same exception. It is geogebra which is causing this. > > Do you have exact reproduction steps? yes, lunch geogebra from our testcases and sue any sandbox combination :) - or try to tune it to run:) > >> >>> [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html >>> [1] >>> http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29 >>> >>> >>>> For exec - are supported both runtimelexec and process builder? >>> >>> According to the documentation, they both go through SecurityManager#checkExec, which checks for >>> "execute" action on the given file. So if granting <> as the target, it should allow >>> executing anything (which sounds so, so scary - but that's why this is optional! :) ) >> hmhmh.. No granularity needed in policy editor level imho. Just allow all. > > Yea, that's what it is now. Just FilePermission with "execute" action on "<>" target. > >>> >>>> >>>> J. >>> >>> >>> New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well >>> be added because they're likely to be needed in conjunction with it and each other. PolicyEditor >>> doesn't really have a way to make a single checkbox handle multiple permissions, at least not >>> right now, so the Reflection stuff is split up into four different permissions basically, but I >>> think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a >>> future enhancement would be to add labels separating the checkboxes into groups eg File Access, >>> Java Reflection, System Utility? >> >> This should be fixed. Eg all checkboxes from family of "allow unowned code execution" should be >> gathered under one :(( >> >> Not needed to do now, but later 100% needed fix. >>> >>> Thanks, >>> >> > > Thanks, > From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 10:10:24 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 10:10:24 +0000 Subject: [Bug 1722] Intermittent JVM crash at sun.security.krb5.KrbException.equals(Ljava/lang/Object;) In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722 Severin Gehwolf changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |sgehwolf at redhat.com Resolution|--- |INVALID --- Comment #2 from Severin Gehwolf --- Closing as not-a-bug, since this seems to be a problem with Fedora's java abrt connector. See: https://bugzilla.redhat.com/show_bug.cgi?id=1080476 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 10:17:54 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 10:17:54 +0000 Subject: [Bug 1723] JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1 In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1723 Severin Gehwolf changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |sgehwolf at redhat.com Resolution|--- |INVALID --- Comment #1 from Severin Gehwolf --- Closing this bug as invalid since this is an upstream eclipse issue of version 4.2 with newer webkit. It can possibly be fixed in Gentoo somehow pulling in the right webkit version. See: https://bugs.eclipse.org/bugs/show_bug.cgi?id=405786 https://bugs.eclipse.org/bugs/show_bug.cgi?id=404776 Not an openjdk/icedtea issue either way. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ptisnovs at icedtea.classpath.org Wed Mar 26 11:21:09 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 26 Mar 2014 11:21:09 +0000 Subject: /hg/gfx-test: Eight new tests added into BitBltAffineQuadrantRot... Message-ID: changeset 638107db910c in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=638107db910c author: Pavel Tisnovsky date: Wed Mar 26 12:21:48 2014 +0100 Eight new tests added into BitBltAffineQuadrantRotateTransformOp.java. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java | 140 ++++++++++ 2 files changed, 145 insertions(+), 0 deletions(-) diffs (162 lines): diff -r 72be1e400e82 -r 638107db910c ChangeLog --- a/ChangeLog Tue Mar 25 09:39:30 2014 +0100 +++ b/ChangeLog Wed Mar 26 12:21:48 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-26 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: + Eight new tests added into BitBltAffineQuadrantRotateTransformOp.java. + 2014-03-25 Pavel Tisnovsky * src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java: diff -r 72be1e400e82 -r 638107db910c src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Tue Mar 25 09:39:30 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Wed Mar 26 12:21:48 2014 +0100 @@ -893,6 +893,146 @@ } /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR. * * @param image From ptisnovs at icedtea.classpath.org Wed Mar 26 11:24:57 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Wed, 26 Mar 2014 11:24:57 +0000 Subject: /hg/rhino-tests: Added two new tests into ScriptContextClassTest. Message-ID: changeset d9b4a5a38938 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=d9b4a5a38938 author: Pavel Tisnovsky date: Wed Mar 26 12:25:39 2014 +0100 Added two new tests into ScriptContextClassTest. diffstat: ChangeLog | 5 +++++ src/org/RhinoTests/ScriptContextClassTest.java | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+), 0 deletions(-) diffs (40 lines): diff -r 4aec4c1b2a37 -r d9b4a5a38938 ChangeLog --- a/ChangeLog Tue Mar 25 09:43:42 2014 +0100 +++ b/ChangeLog Wed Mar 26 12:25:39 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-26 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptContextClassTest.java: + Added two new tests into ScriptContextClassTest. + 2014-03-25 Pavel Tisnovsky * src/org/RhinoTests/ScriptEngineFactoryClassTest.java: diff -r 4aec4c1b2a37 -r d9b4a5a38938 src/org/RhinoTests/ScriptContextClassTest.java --- a/src/org/RhinoTests/ScriptContextClassTest.java Tue Mar 25 09:43:42 2014 +0100 +++ b/src/org/RhinoTests/ScriptContextClassTest.java Wed Mar 26 12:25:39 2014 +0100 @@ -2063,6 +2063,24 @@ } /** + * Test for method javax.script.ScriptContext.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.ScriptContext.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.scriptContextClass.toString(); + assertEquals("interface javax.script.ScriptContext", asString, "wrong toString() return value"); + } + + /** * Test for instanceof operator applied to a class javax.script.ScriptContext */ @SuppressWarnings("cast") From jvanek at redhat.com Wed Mar 26 11:31:09 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 12:31:09 +0100 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <5331E17E.5070302@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com> <5331E17E.5070302@redhat.com> Message-ID: <5332BA7D.5070300@redhat.com> I think we misunderstood a bit. Attached is an patch doing what I wonted. It is defining interface (I wish it could be an class! :) ) common to both PolicyEditorFrame and PolicyEditorDialog. It become quite verbose, but its cleaner. It is fixing one mayor bug: You had public static class PolicyEditorFrame extends JDialog { So I fixed it to public static class PolicyEditorFrame extends JFrame { And making the two constructors I wont private. I really don't know where we miscommunicated:)) Also it is removing unnecessary private final Window parentWindow by fixing the signature of methods which were using from incorrect window, to correct component. Otherwise it is same. If you can survive my Interface, You can push. If not (and I agree it is maybe nuclear shot to kill a pigeon.. really maybe to much verbose) then please one last round. But keep your version : - with two private constructors - without aprent variable - and without duplicate code. Sorry for my probably wrong explanations during reviews :( J. On 03/25/2014 09:05 PM, Andrew Azores wrote: > On 03/25/2014 03:07 PM, Jiri Vanek wrote: >> >>>>> - } >>>>> - }); >>>>> + public static class PolicyEditorFrame extends JFrame { >>>>> + public final PolicyEditor editor; >>>>> + >>>>> + public PolicyEditorFrame(final PolicyEditor editor) { >>>> >>>> I doubt this will be ever used - please do it private. >>> >>> Private, but return the specialized PolicyEditorFrame type anyway from the public getters? Seems >>> a bit odd. I'm not just returning JFrame/JDialog because then there's no easy way to get the >>> actual PolicyEditor instance out of it, to do things like programmatically add codebases. I did >>> have to give the PolicyEditor a reference to its parent frame/dialog in this revision, but I'd >>> rather not use this as a way to hold the reference to the frame/dialog and have eg the security >>> dialogs access the frame/dialog through the editor's reference. That just seems upside down and >>> backward. >> >> >> I must insists. Please do both "do the actuall work" constructors (public PolicyEditorFrame(final >> PolicyEditor editor) and public PolicyEditorDialog(final PolicyEditor editor) )private. > > Okay, so then if they're private, CertWarningPane and PartiallySignedAppTrustWarningPanel can't use > them, and will be stuck with only JDialog? Then how do they get to the actual PolicyEditor instance > to do addNewCodebase? > >> >>> >>>>> + super(); >>>>> + this.editor = editor; >>>>> + add(editor); >>>>> + this.pack(); >>>>> + editor.setVisible(true); >>>>> + this.setJMenuBar(createMenuBar(this, editor)); >>>>> + >>>>> + setTitle(R("PETitle")); >>>>> + >>>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >>>>> + >>>>> + addWindowListener(new WindowAdapter() { >>>>> + @Override >>>>> + public void windowClosing(final WindowEvent e) { >>>>> + editor.quit(); >>>>> + dispose(); >>>>> + } >>>>> + }); >>>>> + >>>>> + editor.closeButton.addActionListener(new ActionListener() { >>>>> + @Override >>>>> + public void actionPerformed(final ActionEvent e) { >>>>> + dispose(); >>>>> + } >>>>> + }); >>>>> + } >>>>> + } >>>>> + >>>>> + public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) { >>>>> + return new PolicyEditorFrame(new PolicyEditor(filepath)); >>>>> + } >>>>> + >>>> >>>> Tehre is really a lot of shared code in this two "methods". >>>> >>>> PolicyEditorFrame and PolicyEditorDialog. >>>> >>>> They both have general ancestor -Window. All the operations behind super() call may be done in >>>> generalised ancestor. >>> >>> Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation... >> hmm.. I was found with patns down it seams.... The java.awt.Window really do not have it?? Strange... >> Anyway - there is really to much duplicate code. Please >> >> >> nvm - the duplicate code is really awwefull: >> >> + this.editor = editor; >> private artificial forefather? >> + add(editor); >> + this.pack(); >> >> window >> >> editor.setVisible(true); >> + >> + setTitle(R("PETitle")); >> + >> >> this is stupid :) >> >> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); >> + >> this too:-/ > > Sorry but none of the above five comments are useful. I don't know what you want. > >> >> Maybe add interfcae for this? :D feel free to elaborate as you wish. > > What? An interface for what? I don't understand how adding an interface is going to help. > >> >> + addWindowListener(new WindowAdapter() { >> + @Override >> + public void windowClosing(final WindowEvent e) { >> + editor.quit(); >> + dispose(); >> + } >> + }); >> + >> + editor.closeButton.addActionListener(new ActionListener() { >> + @Override >> + public void actionPerformed(final ActionEvent e) { >> + dispose(); >> + } >> + }); >> >> thso eshould be in Window or comon artifical forefather too. >> >> > > I still don't know how I'm supposed to be subclassing Window here. It is missing required > functionality that is implemented independently by both JFrame and JDialog. Yes, if I made a Window > subclass, then most of the logic could be moved into it just fine, but some important things eg > window title and menu bar would be missing. Then if I subclass this new Window subclass, I still > don't have the JMenuBar, etc. I don't know what "artificial forefather" you're suggesting otherwise. > > Anyway, the attached patch slightly reduces the amount of duplicated code by extracting it into a > private static helper method that operates on Window. The only work now done in the JDialog and > JFrame subclassed constructors are the parts that cannot be done on a Window, which happens to be > the exact same between the two of them. > > Thanks, > > -- > Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modalPoliciEditor.patch Type: text/x-patch Size: 22320 bytes Desc: not available URL: From jvanek at redhat.com Wed Mar 26 11:37:48 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 12:37:48 +0100 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <5331E8C0.6030401@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> <5330536D.2030608@redhat.com> <533056E3.60201@redhat.com> <5331E8C0.6030401@redhat.com> Message-ID: <5332BC0C.9040007@redhat.com> On 03/25/2014 09:36 PM, Andrew Azores wrote: > On 03/24/2014 12:01 PM, Jiri Vanek wrote: >> On 03/24/2014 04:46 PM, Andrew Azores wrote: >>> On 03/24/2014 11:11 AM, Jiri Vanek wrote: >>>> On 03/24/2014 03:44 PM, Andrew Azores wrote: >>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>>>>> Hi, >>>>>>> >>>>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening >>>>>>> a new >>>>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase >>>>>>> to the >>>>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor >>>>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being >>>>>>> launched >>>>>>> from a security dialog, we want to be sure that the current applet's codebase is the one >>>>>>> selected >>>>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the >>>>>>> editor >>>>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new >>>>>>> codebase is not added and the editor made visible until it completes its IO. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>> >>>>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue? >>>>>> >>>>>> >>>>>> J. >>>>> >>>>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that >>>>> when >>>>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be >>>>> the selected one when the editor appears. This and modality are completely separate. >>>>> >>>>> Thanks, >>>>> >>>> uff... wouldnt be much more easy to make the load/save in sync? I do not see any reason why it is >>>> in new thread Thread(save/load).start() .... >>>> >>>> >>>> J. >>> >>> I really don't want to be doing it sync on the UI thread. This makes the application less >>> responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee >>> the programmatically added new codebases come after. There are better ways to do it async than >>> manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and >>> Runnables as I suggested. Still, these potential enhancements to the multithreading model would >>> still have the codebase ordering problem. >> >> I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested >> locking. >> >> Correct aporach is: >> invoke thread (swingworker) >> disable gui or show dialog with progressbar or soem wait please >> (so gui will be "responsoble") >> wait for thread. >> >> >> Would be correct approach. > > Okay, this is an enhancement in that it uses the nice SwingWorker abstraction and provides a visual > indicator of progress for the IO operation, but I don't see how it really solves the problem. If by > "wait for thread" you mean Thread#join or similar, then we're again just blocking the EDT, so it > won't actually be responsive until the IO is done. In that case we might as well just have the EDT > do the IO directly. If we don't block the EDT and continue to let the IO complete async, albeit with > visual progress indication and nicely abstracted, then there is still the problem of addNewCodebase > being called externally and not having a well-defined order compared to the addNewCodebase calls > made by the thread performing the IO. Agree. Then please do this now: ** failed to import extension forest from /home/jvanek/hg-forest-ext/forest.py: No module named repo diff -r 4c584d98c42d netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:21:48 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:37:11 2014 +0100 @@ -1067,7 +1067,7 @@ OutputController.getLogger().log(e); } } - }.start(); + }.run(); } /** @@ -1170,7 +1170,7 @@ showCouldNotSaveDialog(); } } - }.start(); + }.run(); } /** > >> because : >> >> However - the polici files *are* small. So the burden of *doing it IN* AWT is imho acceptable. >> >> From andrew at icedtea.classpath.org Wed Mar 26 12:54:22 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Wed, 26 Mar 2014 12:54:22 +0000 Subject: /hg/release/icedtea6-1.13: 3 new changesets Message-ID: changeset fad7f1e7be70 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=fad7f1e7be70 author: Andrew John Hughes date: Wed Mar 26 05:05:39 2014 +0000 PR1714: Update PaX support to detect running PaX kernel and use newer tools 2014-03-25 Andrew John Hughes PR1714: Update PaX support to detect running PaX kernel and use newer tools * Makefile.am: (add-archive): Depend on pax-mark-vm as the target executes java. (add-archive-debug): Likewise with pax-mark-vm-debug. (check-crypto): Depend on pax-mark-vm as the target executes java. (check-crypto-debug): Likewise with pax-mark-vm-debug. (add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes java. (check-crypto-boot): Likewise. * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. changeset aea5755bef42 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=aea5755bef42 author: Andrew John Hughes date: Thu Mar 20 02:06:20 2014 +0000 PR1712: Allow -Werror to be turned off in the HotSpot build 2012-08-16 Andrew John Hughes PR1712: Allow -Werror to be turned off in the HotSpot build * Makefile.am: (WERROR_STATUS): Set to true or false depending on if ENABLE_WERROR is set or not. (ICEDTEA_ENV): Use WERROR_STATUS to set COMPILER_WARNINGS_FATAL. * acinclude.m4: (IT_ENABLE_WERROR): New macro to enable -Werror. This is disabled by default. * configure.ac: Call IT_ENABLE_WERROR. * NEWS: Updated. changeset 9408a82b3d19 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=9408a82b3d19 author: Andrew John Hughes date: Wed Mar 26 06:34:03 2014 +0000 Add unreleased upstream patches. 2014-03-25 Andrew John Hughes * Makefile.am: (UPSTREAMED_PATCHES): Add patches from unreleased upstream. (ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES. * NEWS: Updated. * patches/openjdk/7110396-sound_code_build_fix.patch, * patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch, * patches/openjdk/oj6-29-jdk_version_info_zeroing.patch: Add new patches from upstream. 2014-02-01 Andrew John Hughes * patches/linker-libs-order.patch: Regenerate, removing upstreamed fragment. diffstat: ChangeLog | 51 ++++++ Makefile.am | 27 ++- NEWS | 8 + acinclude.m4 | 117 ++++++++++---- configure.ac | 1 + patches/linker-libs-order.patch | 44 ++--- patches/openjdk/7110396-sound_code_build_fix.patch | 22 ++ patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch | 21 ++ patches/openjdk/oj6-29-jdk_version_info_zeroing.patch | 21 ++ 9 files changed, 245 insertions(+), 67 deletions(-) diffs (455 lines): diff -r 8796f8cdd621 -r 9408a82b3d19 ChangeLog --- a/ChangeLog Thu Jan 23 18:56:55 2014 +0000 +++ b/ChangeLog Wed Mar 26 06:34:03 2014 +0000 @@ -1,3 +1,54 @@ +2014-03-25 Andrew John Hughes + + * Makefile.am: + (UPSTREAMED_PATCHES): Add patches from unreleased upstream. + (ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES. + * NEWS: Updated. + * patches/openjdk/7110396-sound_code_build_fix.patch, + * patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch, + * patches/openjdk/oj6-29-jdk_version_info_zeroing.patch: + Add new patches from upstream. + +2014-02-01 Andrew John Hughes + + * patches/linker-libs-order.patch: + Regenerate, removing upstreamed fragment. + +2012-08-16 Andrew John Hughes + + PR1712: Allow -Werror to be turned off in the + HotSpot build + * Makefile.am: + (WERROR_STATUS): Set to true or false + depending on if ENABLE_WERROR is set or not. + (ICEDTEA_ENV): Use WERROR_STATUS to set + COMPILER_WARNINGS_FATAL. + * acinclude.m4: + (IT_ENABLE_WERROR): New macro to enable -Werror. + This is disabled by default. + * configure.ac: Call IT_ENABLE_WERROR. + * NEWS: Updated. + +2014-03-25 Andrew John Hughes + + PR1714: Update PaX support to detect running PaX + kernel and use newer tools + * Makefile.am: + (add-archive): Depend on pax-mark-vm as the target executes java. + (add-archive-debug): Likewise with pax-mark-vm-debug. + (check-crypto): Depend on pax-mark-vm as the target executes java. + (check-crypto-debug): Likewise with pax-mark-vm-debug. + (add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes java. + (check-crypto-boot): Likewise. + * NEWS: Updated. + * acinclude.m4: + (IT_HAS_PAX): New macro to detect whether the running + kernel uses PaX. + (IT_WITH_PAX): Rewritten to search for PaX tools - + currently paxmark.sh, paxctl-ng, chpax and paxctl - + and fail if a tool isn't found and a PaX kernel is + being used. + 2014-01-23 Andrew John Hughes * acinclude.m4: diff -r 8796f8cdd621 -r 9408a82b3d19 Makefile.am --- a/Makefile.am Thu Jan 23 18:56:55 2014 +0000 +++ b/Makefile.am Wed Mar 26 06:34:03 2014 +0000 @@ -313,9 +313,15 @@ patches/lcms.patch endif +UPSTREAMED_PATCHES = \ + patches/openjdk/7110396-sound_code_build_fix.patch \ + patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch \ + patches/openjdk/oj6-29-jdk_version_info_zeroing.patch + ICEDTEA_PATCHES = \ $(DROP_PATCHES) \ $(SECURITY_PATCHES) \ + $(UPSTREAMED_PATCHES) \ patches/openjdk/6733501-icedtea_lcms_test.patch \ $(LCMS_PATCHES) \ patches/openjdk/4993545-nativeinlightfixer.patch \ @@ -775,6 +781,12 @@ ICEDTEA_PKG = $(EMPTY) (${PKGVERSION}) endif +if ENABLE_WERROR +WERROR_STATUS=true +else +WERROR_STATUS=false +endif + ICEDTEA_ENV = \ ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \ ANT="$(ANT)" \ @@ -817,7 +829,8 @@ ALT_OUTPUTDIR="$(BUILD_OUTPUT_DIR)" \ STATIC_CXX="false" \ BUILD_GCC=gcc$(GCC_SUFFIX) \ - BUILD_CXX=g++$(GCC_SUFFIX) + BUILD_CXX=g++$(GCC_SUFFIX) \ + COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" if ENABLE_CACAO ICEDTEA_ENV += \ @@ -1986,7 +1999,7 @@ fi rm -f stamps/add-tzdata-support-debug.stamp -stamps/add-archive.stamp: stamps/icedtea.stamp +stamps/add-archive.stamp: stamps/pax-mark-vm.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2002,7 +2015,7 @@ rm -vf $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/$(INSTALL_ARCH_DIR)/*/*.jsa rm -f stamps/add-archive.stamp -stamps/add-archive-debug.stamp: stamps/icedtea-debug.stamp +stamps/add-archive-debug.stamp: stamps/pax-mark-vm-debug.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2036,7 +2049,7 @@ clean-pax-mark-vm-debug: rm -f stamps/pax-mark-vm-debug.stamp -stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/icedtea.stamp +stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm.stamp if [ -e $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi @@ -2046,7 +2059,7 @@ clean-check-crypto: rm -f stamps/check-crypto.stamp -stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/icedtea-debug.stamp +stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm-debug.stamp if [ -e $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi @@ -2205,7 +2218,7 @@ fi rm -f stamps/add-tzdata-support-ecj.stamp -stamps/add-archive-ecj.stamp: stamps/icedtea-ecj.stamp +stamps/add-archive-ecj.stamp: stamps/pax-mark-vm-ecj.stamp if !ENABLE_JAMVM if !ENABLE_CACAO if !ZERO_BUILD @@ -2230,7 +2243,7 @@ clean-pax-mark-vm-ecj: rm -f stamps/pax-mark-vm-ecj.stamp -stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/icedtea-ecj.stamp +stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm-ecj.stamp if [ -e $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \ $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \ fi diff -r 8796f8cdd621 -r 9408a82b3d19 NEWS --- a/NEWS Thu Jan 23 18:56:55 2014 +0000 +++ b/NEWS Wed Mar 26 06:34:03 2014 +0000 @@ -14,6 +14,14 @@ New in release 1.13.2 (2014-04-XX): +* Backports + - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems + - S8035893: JVM_GetVersionInfo fails to zero structure + - OPENJDK6-29: JDK fails to zero jdk_version_info correctly +* Bug fixes + - PR1714: Update PaX support to detect running PaX kernel and use newer tools + - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build + New in release 1.13.1 (2014-01-22): * Security fixes diff -r 8796f8cdd621 -r 9408a82b3d19 acinclude.m4 --- a/acinclude.m4 Thu Jan 23 18:56:55 2014 +0000 +++ b/acinclude.m4 Wed Mar 26 06:34:03 2014 +0000 @@ -2139,48 +2139,79 @@ AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes") ]) +AC_DEFUN_ONCE([IT_HAS_PAX], +[ + AC_MSG_CHECKING([if a PaX kernel is in use]) + if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then + pax_active=yes; + else + pax_active=no; + fi + AC_MSG_RESULT([${pax_active}]) + AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes") +]) + AC_DEFUN_ONCE([IT_WITH_PAX], [ - AC_MSG_CHECKING([for pax utility to use]) + AC_REQUIRE([IT_HAS_PAX]) + PAX_DEFAULT=/usr/sbin/paxmark.sh + AC_MSG_CHECKING([if a PaX utility was specified]) AC_ARG_WITH([pax], [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)], [ - PAX_COMMAND=${withval} - if test "x${PAX_COMMAND}" = "xno"; then - PAX_COMMAND="not specified" + if test "x${withval}" = "xyes"; then + PAX_COMMAND=no + else + PAX_COMMAND="${withval}" fi ], [ + PAX_COMMAND=no + ]) + AC_MSG_RESULT(${PAX_COMMAND}) + if test "x${PAX_COMMAND}" == "xno"; then + PAX_COMMAND=${PAX_DEFAULT} + fi + AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file]) + if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PAX_COMMAND="" + AC_PATH_PROG(PAX_COMMAND, "paxmark.sh") + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl-ng") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "chpax") + fi + if test -z "${PAX_COMMAND}"; then + AC_PATH_PROG(PAX_COMMAND, "paxctl") + fi + if test -z "${PAX_COMMAND}"; then + if test "x${pax_active}" = "xyes"; then + AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.") + else + AC_MSG_WARN("No PaX utility found.") + fi + fi + fi + if test -z "${PAX_COMMAND}"; then PAX_COMMAND="not specified" - ]) - case "x${PAX_COMMAND}" in - xchpax) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - xpaxctl) - case "${host_cpu}" in - i?86) - PAX_COMMAND_ARGS="-msp" - ;; - *) - PAX_COMMAND_ARGS="-m" - ;; - esac - ;; - *) - PAX_COMMAND="not specified" - PAX_COMMAND_ARGS="not specified" - ;; - esac + PAX_COMMAND_ARGS="not specified" + else + AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}]) + case "${host_cpu}" in + i?86) + PAX_COMMAND_ARGS="-msp" + ;; + *) + PAX_COMMAND_ARGS="-m" + ;; + esac + AC_MSG_RESULT(${PAX_COMMAND_ARGS}) + fi AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified") - AC_MSG_RESULT(${PAX_COMMAND}) AC_SUBST(PAX_COMMAND) AC_SUBST(PAX_COMMAND_ARGS) ]) @@ -2264,3 +2295,25 @@ AC_MSG_RESULT([$enable_jar_compression]) AM_CONDITIONAL([ENABLE_JAR_COMPRESSION], test x"${enable_jar_compression}" = "xyes") ]) + +AC_DEFUN([IT_ENABLE_WERROR], +[ + AC_MSG_CHECKING([whether to enable -Werror]) + AC_ARG_ENABLE([Werror], + [AS_HELP_STRING(--enable-Werror,build with -Werror [[default=no]])], + [ + case "${enableval}" in + yes) + enable_werror=yes + ;; + *) + enable_werror=no + ;; + esac + ], + [ + enable_werror=no + ]) + AC_MSG_RESULT([$enable_werror]) + AM_CONDITIONAL([ENABLE_WERROR], test x"${enable_werror}" = "xyes") +]) diff -r 8796f8cdd621 -r 9408a82b3d19 configure.ac --- a/configure.ac Thu Jan 23 18:56:55 2014 +0000 +++ b/configure.ac Wed Mar 26 06:34:03 2014 +0000 @@ -283,6 +283,7 @@ IT_WITH_JAMVM_SRC_ZIP IT_DISABLE_OPTIMIZATIONS +IT_ENABLE_WERROR IT_ENABLE_JAR_COMPRESSION IT_SET_SHARK_BUILD IT_ENABLE_ZERO_BUILD diff -r 8796f8cdd621 -r 9408a82b3d19 patches/linker-libs-order.patch --- a/patches/linker-libs-order.patch Thu Jan 23 18:56:55 2014 +0000 +++ b/patches/linker-libs-order.patch Wed Mar 26 06:34:03 2014 +0000 @@ -1,7 +1,19 @@ -diff -durN openjdk-orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk ---- openjdk-orig/jdk/make/common/shared/Sanity.gmk 2008-10-27 00:25:33.000000000 +0000 -+++ openjdk/jdk/make/common/shared/Sanity.gmk 2008-10-28 21:42:16.000000000 +0000 -@@ -1397,7 +1397,7 @@ +diff -Nru openjdk.orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile +--- openjdk.orig/jdk/make/com/sun/java/pack/Makefile 2013-08-21 20:32:57.128216515 +0100 ++++ openjdk/jdk/make/com/sun/java/pack/Makefile 2014-02-01 15:58:10.921834941 +0000 +@@ -144,7 +144,7 @@ + + $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres + $(prep-target) +- $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) ++ $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) + $(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE) + + +diff -Nru openjdk.orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk +--- openjdk.orig/jdk/make/common/shared/Sanity.gmk 2014-02-01 15:43:22.344232267 +0000 ++++ openjdk/jdk/make/common/shared/Sanity.gmk 2014-02-01 15:58:10.921834941 +0000 +@@ -1344,7 +1344,7 @@ ifdef ALSA_VERSION_CHECK $(ALSA_VERSION_CHECK): $(ALSA_VERSION_CHECK).c @$(prep-target) @@ -10,27 +22,3 @@ $(ALSA_VERSION_CHECK).c: @$(prep-target) -diff -durN openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile openjdk/jdk/make/javax/sound/jsoundalsa/Makefile ---- openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile 2008-08-28 09:10:50.000000000 +0100 -+++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile 2008-10-28 21:55:27.000000000 +0000 -@@ -65,7 +65,7 @@ - $(MIDIFILES_export) \ - $(PORTFILES_export) - --LDFLAGS += -lasound -+OTHER_LDLIBS += -lasound - - CPPFLAGS += \ - -DUSE_DAUDIO=TRUE \ -diff -durN openjdk-orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile ---- openjdk-orig/jdk/make/com/sun/java/pack/Makefile 2008-10-27 00:25:30.000000000 +0000 -+++ openjdk/jdk/make/com/sun/java/pack/Makefile 2008-10-28 23:27:55.000000000 +0000 -@@ -142,7 +141,7 @@ - - $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres - $(prep-target) -- $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) -+ $(LINKER) $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX) - $(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE) - - diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/7110396-sound_code_build_fix.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/7110396-sound_code_build_fix.patch Wed Mar 26 06:34:03 2014 +0000 @@ -0,0 +1,22 @@ +# HG changeset patch +# User mr +# Date 1327351181 28800 +# Mon Jan 23 12:39:41 2012 -0800 +# Node ID b49e33de40eafc113d3ca822f4abe2fde31d2cc2 +# Parent 07a296eb4c9cb88d2d84561ecfe70e10b167a2ac +7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems +Reviewed-by: ohair +Contributed-by: edvard.wendelin at oracle.com + +diff -r 07a296eb4c9c -r b49e33de40ea make/javax/sound/jsoundalsa/Makefile +--- openjdk/jdk/make/javax/sound/jsoundalsa/Makefile Tue Jan 21 13:39:13 2014 -0500 ++++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile Mon Jan 23 12:39:41 2012 -0800 +@@ -65,7 +65,7 @@ + $(MIDIFILES_export) \ + $(PORTFILES_export) + +-LDFLAGS += -lasound ++OTHER_LDLIBS += -lasound + + CPPFLAGS += \ + -DUSE_DAUDIO=TRUE \ diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch Wed Mar 26 06:34:03 2014 +0000 @@ -0,0 +1,21 @@ +# HG changeset patch +# User igerasim +# Date 1393588840 -14400 +# Fri Feb 28 16:00:40 2014 +0400 +# Node ID 72a544aeb89217020b60c10fe167e2567fea3460 +# Parent 9747f83d7a38205a4a26008ee767fd161e1856c2 +8035893: JVM_GetVersionInfo fails to zero structure +Reviewed-by: sla, zgu + +diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp +--- openjdk/hotspot/src/share/vm/prims/jvm.cpp Fri Mar 21 20:57:28 2014 +0000 ++++ openjdk/hotspot/src/share/vm/prims/jvm.cpp Fri Feb 28 16:00:40 2014 +0400 +@@ -4534,7 +4534,7 @@ + + JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size)) + { +- memset(info, 0, sizeof(info_size)); ++ memset(info, 0, info_size); + + info->jvm_version = Abstract_VM_Version::jvm_version(); + info->update_version = 0; /* 0 in HotSpot Express VM */ diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj6-29-jdk_version_info_zeroing.patch Wed Mar 26 06:34:03 2014 +0000 @@ -0,0 +1,21 @@ +# HG changeset patch +# User aph +# Date 1393513709 0 +# Thu Feb 27 15:08:29 2014 +0000 +# Node ID 04e4c3ec6516727f01f91a9ce8cb72586a3bc502 +# Parent 942d4ba93be74b1c401d6532f116da80f5466303 +OPENJDK6-29: JDK fails to zero jdk_version_info correctly +Reviewed-by: andrew + +diff -r 942d4ba93be7 -r 04e4c3ec6516 src/share/native/common/jdk_util.c +--- openjdk/jdk/src/share/native/common/jdk_util.c Wed Feb 26 18:06:02 2014 +0000 ++++ openjdk/jdk/src/share/native/common/jdk_util.c Thu Feb 27 15:08:29 2014 +0000 +@@ -76,7 +76,7 @@ + } + + +- memset(info, 0, sizeof(info_size)); ++ memset(info, 0, info_size); + info->jdk_version = ((jdk_major_version & 0xFF) << 24) | + ((jdk_minor_version & 0xFF) << 16) | + ((jdk_micro_version & 0xFF) << 8) | From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 12:54:33 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 12:54:33 +0000 Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX kernel and use newer tools In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea6-1.13?cmd=changeset;node=fad7f1e7be70 author: Andrew John Hughes date: Wed Mar 26 05:05:39 2014 +0000 PR1714: Update PaX support to detect running PaX kernel and use newer tools 2014-03-25 Andrew John Hughes PR1714: Update PaX support to detect running PaX kernel and use newer tools * Makefile.am: (add-archive): Depend on pax-mark-vm as the target executes java. (add-archive-debug): Likewise with pax-mark-vm-debug. (check-crypto): Depend on pax-mark-vm as the target executes java. (check-crypto-debug): Likewise with pax-mark-vm-debug. (add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes java. (check-crypto-boot): Likewise. * NEWS: Updated. * acinclude.m4: (IT_HAS_PAX): New macro to detect whether the running kernel uses PaX. (IT_WITH_PAX): Rewritten to search for PaX tools - currently paxmark.sh, paxctl-ng, chpax and paxctl - and fail if a tool isn't found and a PaX kernel is being used. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 12:54:43 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 12:54:43 +0000 Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot build In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea6-1.13?cmd=changeset;node=aea5755bef42 author: Andrew John Hughes date: Thu Mar 20 02:06:20 2014 +0000 PR1712: Allow -Werror to be turned off in the HotSpot build 2012-08-16 Andrew John Hughes PR1712: Allow -Werror to be turned off in the HotSpot build * Makefile.am: (WERROR_STATUS): Set to true or false depending on if ENABLE_WERROR is set or not. (ICEDTEA_ENV): Use WERROR_STATUS to set COMPILER_WARNINGS_FATAL. * acinclude.m4: (IT_ENABLE_WERROR): New macro to enable -Werror. This is disabled by default. * configure.ac: Call IT_ENABLE_WERROR. * NEWS: Updated. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 13:11:40 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 13:11:40 +0000 Subject: [Bug 1724] New: JDK-8035893 Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1724 Bug ID: 1724 Summary: JDK-8035893 Product: IcedTea Version: 6-hg Hardware: x86_64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: jamie at ubuntu.com CC: unassigned at icedtea.classpath.org In Ubuntu icedtea 1.13.1 introduced a regression: https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1295987 It is believed that the underlying issue is: https://bugs.openjdk.java.net/browse/JDK-6989972 which was backported as OPENJDK6-29. However, there is a related issue in hotspot: https://bugs.openjdk.java.net/browse/JDK-8035893 AFAICS, this was only updated in jd9: http://hg.openjdk.java.net/jdk9/jdk9/hotspot/raw-rev/cd30121047ac I haven't reproduced the error condition itself, but the patch to memset is the same, so it seems like this should be backported to OPENJDK6 (and maybe OPENJDK7, I didn't check). -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 13:26:50 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 13:26:50 +0000 Subject: [Bug 1724] JDK-8035893 In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1724 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Target Milestone|--- |6-1.13.2 Severity|enhancement |normal --- Comment #1 from Andrew John Hughes --- Both are in HEAD and the 1.13 branch: http://icedtea.classpath.org/hg/release/icedtea6-1.13/rev/9408a82b3d19 -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aazores at redhat.com Wed Mar 26 14:03:50 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 10:03:50 -0400 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <53329892.30105@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> <533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com> <5331DA51.80604@redhat.com> <53329892.30105@redhat.com> Message-ID: <5332DE46.4020009@redhat.com> On 03/26/2014 05:06 AM, Jiri Vanek wrote: > On 03/25/2014 08:34 PM, Andrew Azores wrote: >> On 03/25/2014 02:57 PM, Jiri Vanek wrote: >>> On 03/25/2014 02:39 PM, Andrew Azores wrote: >>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote: >>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote: >>>>>> Hi, >>>>>> >>>>>> This patch just adds Reflection and Exec permission options to >>>>>> PolicyEditor. >>>>>> >>>>>> Thanks, >>>>>> >>>>> >>>>> Looks good. Just not sure if it is enough: >>>>> >>>>> eg: >>>>> java.lang.NullPointerException >>>>> at geogebra.i.x.a(Unknown Source) >>>>> at geogebra.gui.a.a.a(Unknown Source) >>>>> at geogebra.gui.a.a.a(Unknown Source) >>>>> at geogebra.GeoGebra.a(Unknown Source) >>>>> at geogebra.GeoGebra.a(Unknown Source) >>>>> at geogebra.GeoGebra.main(Unknown Source) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>> at >>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>>> at >>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>>> at java.lang.reflect.Method.invoke(Method.java:616) >>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) >>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) >>>>> >>>>> I think he class for name is not allowed by your permission. >>>> >>>> Aha! Thanks for catching this. [0] suggests there's only one >>>> permission needed for reflection, >>>> but [1] proves otherwise (and makes sense). >>>> >>> >>> Hmm still the same exception. It is geogebra which is causing this. >> >> Do you have exact reproduction steps? > > yes, lunch geogebra from our testcases and sue any sandbox combination > :) - or try to tune it to run:) > Ah I see, it's failing as soon as it starts basically. Maybe I should have tried before asking for detailed steps ;) Why do you think it's being denied on a classForName call though? Not saying it isn't, but I don't see what indicates that in particular? According to the docs for Class.forName, the permission required is a RuntimePermission with "getClassLoader" target and no actions, and that's what the Get ClassLoader permission in PolicyEditor is granting. I mean, the NPE is happening somewhere after some GUI package stuff is going on apparently, so how do we know it isn't a missing AWT permission instead? Maybe there should be a catch-all AWT permission available as well, actually, even if that isn't the problem here. Thanks, -- Andrew A From jvanek at redhat.com Wed Mar 26 14:17:24 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 15:17:24 +0100 Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions In-Reply-To: <5332DE46.4020009@redhat.com> References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com> <533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com> <5331DA51.80604@redhat.com> <53329892.30105@redhat.com> <5332DE46.4020009@redhat.com> Message-ID: <5332E174.8090903@redhat.com> On 03/26/2014 03:03 PM, Andrew Azores wrote: > On 03/26/2014 05:06 AM, Jiri Vanek wrote: >> On 03/25/2014 08:34 PM, Andrew Azores wrote: >>> On 03/25/2014 02:57 PM, Jiri Vanek wrote: >>>> On 03/25/2014 02:39 PM, Andrew Azores wrote: >>>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote: >>>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote: >>>>>>> Hi, >>>>>>> >>>>>>> This patch just adds Reflection and Exec permission options to PolicyEditor. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>> >>>>>> Looks good. Just not sure if it is enough: >>>>>> >>>>>> eg: >>>>>> java.lang.NullPointerException >>>>>> at geogebra.i.x.a(Unknown Source) >>>>>> at geogebra.gui.a.a.a(Unknown Source) >>>>>> at geogebra.gui.a.a.a(Unknown Source) >>>>>> at geogebra.GeoGebra.a(Unknown Source) >>>>>> at geogebra.GeoGebra.a(Unknown Source) >>>>>> at geogebra.GeoGebra.main(Unknown Source) >>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>>>> at java.lang.reflect.Method.invoke(Method.java:616) >>>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571) >>>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) >>>>>> >>>>>> I think he class for name is not allowed by your permission. >>>>> >>>>> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection, >>>>> but [1] proves otherwise (and makes sense). >>>>> >>>> >>>> Hmm still the same exception. It is geogebra which is causing this. >>> >>> Do you have exact reproduction steps? >> >> yes, lunch geogebra from our testcases and sue any sandbox combination :) - or try to tune it to >> run:) >> > > Ah I see, it's failing as soon as it starts basically. Maybe I should have tried before asking for > detailed steps ;) > > Why do you think it's being denied on a classForName call though? Not saying it isn't, but I don't > see what indicates that in particular? According to the docs for Class.forName, the permission > required is a RuntimePermission with "getClassLoader" target and no actions, and that's what the Get > ClassLoader permission in PolicyEditor is granting. I mean, the NPE is happening somewhere after > some GUI package stuff is going on apparently, so how do we know it isn't a missing AWT permission > instead? Maybe there should be a catch-all AWT permission available as well, actually, even if that > isn't the problem here. > I was trying all current pemissions in polici editor (with this patch included) .Non made geogebra run :( Anyway I dont know what is causing to fail. If you dont know, then ok to push. From aazores at redhat.com Wed Mar 26 13:40:09 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 09:40:09 -0400 Subject: [rfc][icedtea-web] minor properties fix In-Reply-To: <53329831.4070502@redhat.com> References: <53329831.4070502@redhat.com> Message-ID: <5332D8B9.1050409@redhat.com> On 03/26/2014 05:04 AM, Jiri Vanek wrote: > 2014-03-26 Jiri Vanek > > * > /netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: > (checkTrustedOnlyAttribute) > hardocded strings for signedMsg moved to properties. > * /netx/net/sourceforge/jnlp/resources/Messages.propertie: Added > (STOAsignedMsgFully) > (STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) keys Okay to push. Thanks, -- Andrew A From aazores at icedtea.classpath.org Wed Mar 26 14:45:54 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 26 Mar 2014 14:45:54 +0000 Subject: /hg/icedtea-web: Added many new permissions for PolicyEditor Message-ID: changeset 689447c4d6bd in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=689447c4d6bd author: Andrew Azores date: Wed Mar 26 10:45:46 2014 -0400 Added many new permissions for PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEWriteProps, PEWritePropsDetail, PEWriteSystemFiles, PEWriteSystemFilesDetail, PEAWTPermission, PEAWTPermissionDetail, PERecordAudio, PERecordAudioDetail, PEReflection, PEReflectionDetail, PEClassLoader, PEClassLoaderDetail, PEClassInPackage, PEClassInPackageDetail, PEDeclaredMembers, PEDeclaredMembersDetail, PEExec, PEExecDetail, PEGetEnv, PEGetEnvDetail): new messages. (PEAudio, PEAudioDetail) renamed to PEPlayAudio{,Detail}. * netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java: (EXECUTE) new action * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: (ALL_FILES, RECORD, REFLECT, GETENV, ACCESS_CLASS_IN_PACKAGE, DECLARED_MEMBERS, CLASSLOADER) new targets * netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java: (REFLECT_PERMISSION) new type * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: (WRITE_PROPERTIES, WRITE_SYSTEM_FILES, JAVA_REFLECTION, GET_CLASSLOADER, ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS, EXEC_COMMANDS, GET_ENV, ALL_AWT, RECORD_AUDIO) new permissions. (AUDIO) renamed PLAY_AUDIO. diffstat: ChangeLog | 23 +++++ netx/net/sourceforge/jnlp/resources/Messages.properties | 24 +++++- netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java | 1 + netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java | 11 ++- netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java | 3 +- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java | 44 ++++++++- 6 files changed, 94 insertions(+), 12 deletions(-) diffs (197 lines): diff -r d0069afaeaff -r 689447c4d6bd ChangeLog --- a/ChangeLog Mon Mar 24 14:16:20 2014 -0400 +++ b/ChangeLog Wed Mar 26 10:45:46 2014 -0400 @@ -1,3 +1,26 @@ +2014-03-26 Andrew Azores + + Added many new permissions for PolicyEditor + * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEWriteProps, + PEWritePropsDetail, PEWriteSystemFiles, PEWriteSystemFilesDetail, + PEAWTPermission, PEAWTPermissionDetail, PERecordAudio, + PERecordAudioDetail, PEReflection, PEReflectionDetail, PEClassLoader, + PEClassLoaderDetail, PEClassInPackage, PEClassInPackageDetail, + PEDeclaredMembers, PEDeclaredMembersDetail, PEExec, PEExecDetail, + PEGetEnv, PEGetEnvDetail): new messages. (PEAudio, PEAudioDetail) renamed + to PEPlayAudio{,Detail}. + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java: + (EXECUTE) new action + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: + (ALL_FILES, RECORD, REFLECT, GETENV, ACCESS_CLASS_IN_PACKAGE, + DECLARED_MEMBERS, CLASSLOADER) new targets + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java: + (REFLECT_PERMISSION) new type + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: + (WRITE_PROPERTIES, WRITE_SYSTEM_FILES, JAVA_REFLECTION, GET_CLASSLOADER, + ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS, EXEC_COMMANDS, GET_ENV, + ALL_AWT, RECORD_AUDIO) new permissions. (AUDIO) renamed PLAY_AUDIO. + 2014-03-24 Andrew Azores * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 24 14:16:20 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 26 10:45:46 2014 -0400 @@ -492,24 +492,44 @@ PETitle=Policy Editor PEReadProps=Read system properties PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location +PEWriteProps=Write system properties +PEWritePropsDetail=Allow applets to (over)write system properties PEReadFiles=Read from local files PEReadFilesDetail=Allow applets to read from files in your home directory PEWriteFiles=Write to local files PEWriteFilesDetail=Allow applets to write to files in your home directory PEReadSystemFiles=Read all system files PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer +PEWriteSystemFiles=Write all system files +PEWriteSystemFilesDetail=Allow applets write-only access to all locations on your computer PEReadTempFiles=Read from temp files PEReadTempFilesDetail=Allow applets to read from your temporary files directory PEWriteTempFiles=Write to temp files PEWriteTempFilesDetail=Allow applets to write to your temporary files directory +PEAWTPermission=Window System Access +PEAWTPermissionDetail=Allow applets all AWT windowing system access PEClipboard=Access clipboard PEClipboardDetail=Allow applets to read from and write to your clipboard PENetwork=Access the network PENetworkDetail=Allow applets to establish any network connections PEPrint=Print documents PEPrintDetail=Allow applets to queue print jobs -PEAudio=Play sounds -PEAudioDetail=Allow applets to play sounds, but not record +PEPlayAudio=Play sounds +PEPlayAudioDetail=Allow applets to play sounds, but not record +PERecordAudio=Record audio +PERecordAudioDetail=Allow applets to record audio, but not play back +PEReflection=Java reflection +PEReflectionDetail=Allow applets to access the Java Reflection API +PEClassLoader=Get ClassLoader +PEClassLoaderDetail=Allow applets to access the system classloader (often used with Reflection) +PEClassInPackage=Access other packages +PEClassInPackageDetail=Allow applets to access classes from other applet packages (often used with Reflection) +PEDeclaredMembers=Access private class data +PEDeclaredMembersDetail=Allow applets to access normally hidden data from other Java classes (often used with Reflection) +PEExec=Execute commands +PEExecDetail=Allow applets to execute system commands +PEGetEnv=Get environment variables +PEGetEnvDetail=Allow applets to read system environment variables PECouldNotOpen=Unable to open policy file PECouldNotSave=Unable to save policy file PEAddCodebase=Add new Codebase diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java Mon Mar 24 14:16:20 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java Wed Mar 26 10:45:46 2014 -0400 @@ -49,6 +49,7 @@ NONE(""), READ("read"), WRITE("write"), + EXECUTE("execute"), ACCEPT("accept"), LISTEN("listen"), CONNECT("connect"), diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java Mon Mar 24 14:16:20 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java Wed Mar 26 10:45:46 2014 -0400 @@ -41,13 +41,20 @@ */ public enum PermissionTarget { - NONE(""), + NONE(""), ALL("*"), + ALL_FILES("<>"), USER_HOME("${user.home}${/}*"), TMPDIR("${java.io.tmpdir}${/}*"), CLIPBOARD("accessClipboard"), PRINT("queuePrintJob"), - PLAY("play"); + PLAY("play"), + RECORD("record"), + REFLECT("suppressAccessChecks"), + GETENV("getenv.*"), + ACCESS_CLASS_IN_PACKAGE("accessClassInPackage.*"), + DECLARED_MEMBERS("accessDeclaredMembers"), + CLASSLOADER("getClassLoader"); public final String target; diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java Mon Mar 24 14:16:20 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java Wed Mar 26 10:45:46 2014 -0400 @@ -47,7 +47,8 @@ AWT_PERMISSION("java.awt.AWTPermission"), SOCKET_PERMISSION("java.net.SocketPermission"), RUNTIME_PERMISSION("java.lang.RuntimePermission"), - AUDIO_PERMISSION("javax.sound.sampled.AudioPermission"); + AUDIO_PERMISSION("javax.sound.sampled.AudioPermission"), + REFLECT_PERMISSION("java.lang.reflect.ReflectPermission"); public final String type; diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java Mon Mar 24 14:16:20 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java Wed Mar 26 10:45:46 2014 -0400 @@ -56,8 +56,14 @@ READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"), PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.READ), + WRITE_PROPERTIES(R("PEWriteProps"), R("PEWritePropsDetail"), + PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.WRITE), + READ_SYSTEM_FILES(R("PEReadSystemFiles"), R("PEReadSystemFilesDetail"), - PermissionType.FILE_PERMISSION, PermissionTarget.ALL, PermissionActions.READ), + PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.READ), + + WRITE_SYSTEM_FILES(R("PEWriteSystemFiles"), R("PEWriteSystemFilesDetail"), + PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.WRITE), READ_TMP_FILES(R("PEReadTempFiles"), R("PEReadTempFilesDetail"), PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.READ), @@ -65,17 +71,41 @@ WRITE_TMP_FILES(R("PEWriteTempFiles"), R("PEWriteTempFilesDetail"), PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.WRITE), - CLIPBOARD(R("PEClipboard"), R("PEClipboardDetail"), - PermissionType.AWT_PERMISSION, PermissionTarget.CLIPBOARD, PermissionActions.NONE), + JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"), + PermissionType.REFLECT_PERMISSION, PermissionTarget.REFLECT, PermissionActions.NONE), + + GET_CLASSLOADER(R("PEClassLoader"), R("PEClassLoaderDetail"), + PermissionType.RUNTIME_PERMISSION, PermissionTarget.CLASSLOADER, PermissionActions.NONE), + + ACCESS_CLASS_IN_PACKAGE(R("PEClassInPackage"), R("PEClassInPackageDetail"), + PermissionType.RUNTIME_PERMISSION, PermissionTarget.ACCESS_CLASS_IN_PACKAGE, PermissionActions.NONE), + + ACCESS_DECLARED_MEMBERS(R("PEDeclaredMembers"), R("PEDeclaredMembersDetail"), + PermissionType.RUNTIME_PERMISSION, PermissionTarget.DECLARED_MEMBERS, PermissionActions.NONE), NETWORK(R("PENetwork"), R("PENetworkDetail"), PermissionType.SOCKET_PERMISSION, PermissionTarget.ALL, PermissionActions.NETALL), + EXEC_COMMANDS(R("PEExec"), R("PEExecDetail"), + PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.EXECUTE), + + GET_ENV(R("PEGetEnv"), R("PEGetEnvDetail"), + PermissionType.RUNTIME_PERMISSION, PermissionTarget.GETENV, PermissionActions.NONE), + + ALL_AWT(R("PEAWTPermission"), R("PEAWTPermissionDetail"), + PermissionType.AWT_PERMISSION, PermissionTarget.ALL, PermissionActions.NONE), + + CLIPBOARD(R("PEClipboard"), R("PEClipboardDetail"), + PermissionType.AWT_PERMISSION, PermissionTarget.CLIPBOARD, PermissionActions.NONE), + + PLAY_AUDIO(R("PEPlayAudio"), R("PEPlayAudioDetail"), + PermissionType.AUDIO_PERMISSION, PermissionTarget.PLAY, PermissionActions.NONE), + + RECORD_AUDIO(R("PERecordAudio"), R("PERecordAudioDetail"), + PermissionType.AUDIO_PERMISSION, PermissionTarget.RECORD, PermissionActions.NONE), + PRINT(R("PEPrint"), R("PEPrintDetail"), - PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE), - - AUDIO(R("PEAudio"), R("PEAudioDetail"), - PermissionType.AUDIO_PERMISSION, PermissionTarget.PLAY, PermissionActions.NONE); + PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE); private final String name, description; private final PermissionType type; From aazores at redhat.com Wed Mar 26 14:48:22 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 10:48:22 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <5332BA7D.5070300@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com> <5331E17E.5070302@redhat.com> <5332BA7D.5070300@redhat.com> Message-ID: <5332E8B6.1050605@redhat.com> On 03/26/2014 07:31 AM, Jiri Vanek wrote: > I think we misunderstood a bit. > > Attached is an patch doing what I wonted. > > It is defining interface (I wish it could be an class! :) ) common to > both PolicyEditorFrame and PolicyEditorDialog. > > It become quite verbose, but its cleaner. > > > It is fixing one mayor bug: > You had public static class PolicyEditorFrame extends JDialog { > So I fixed it to public static class PolicyEditorFrame extends > JFrame { > > And making the two constructors I wont private. > I really don't know where we miscommunicated:)) > > Also it is removing unnecessary private final Window parentWindow > by fixing the signature of methods which were using from incorrect > window, to correct component. > > > Otherwise it is same. If you can survive my Interface, You can push. > If not (and I agree it is maybe nuclear shot to kill a pigeon.. really > maybe to much verbose) then please one last round. But keep your > version : > - with two private constructors > - without aprent variable > - and without duplicate code. > > > Sorry for my probably wrong explanations during reviews :( > > > J. Wow, yes quite verbose. But it seems like a good enough solution. I'll push this then. Thanks, -- Andrew A From aazores at icedtea.classpath.org Wed Mar 26 15:02:11 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 26 Mar 2014 15:02:11 +0000 Subject: /hg/icedtea-web: PolicyEditor can be made modal. Message-ID: changeset fcb9dcf1c83c in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fcb9dcf1c83c author: Andrew Azores date: Wed Mar 26 11:02:00 2014 -0400 PolicyEditor can be made modal. * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (PolicyEditorWindow) new interface to facilitate PolicyEditor as a Window rather than Panel. (PolicyEditorFrame, PolicyEditorDialog) PolicyEditorWindow implementations. (getPolicyEditorFrame, getPolicyEditorWindow) new methods to get frame or dialog implementations. (setComponentMnemonic) made static. (preparePolicyEditorWindow) common setup for frame and dialog implementations. * netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java: refactor to use PolicyEditorWindow * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java same * netx/net/sourceforge/jnlp/util/FileUtils.java: (showReadOnlyDialog, showCouldNotOpenFileDialog, showCouldNotOpenFilePathDialog, showCouldNotOpenDialog) use Component rather than JFrame diffstat: ChangeLog | 22 + netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java | 14 +- netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 17 +- netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java | 17 +- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 210 ++++++++- netx/net/sourceforge/jnlp/util/FileUtils.java | 11 +- 6 files changed, 236 insertions(+), 55 deletions(-) diffs (truncated from 581 to 500 lines): diff -r 689447c4d6bd -r fcb9dcf1c83c ChangeLog --- a/ChangeLog Wed Mar 26 10:45:46 2014 -0400 +++ b/ChangeLog Wed Mar 26 11:02:00 2014 -0400 @@ -1,3 +1,25 @@ +2014-03-26 Andrew Azores + Jiri Vanek + + PolicyEditor can be made modal. + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (PolicyEditorWindow) new interface to facilitate PolicyEditor as a Window + rather than Panel. (PolicyEditorFrame, PolicyEditorDialog) + PolicyEditorWindow implementations. (getPolicyEditorFrame, + getPolicyEditorWindow) new methods to get frame or dialog implementations. + (setComponentMnemonic) made static. (preparePolicyEditorWindow) common + setup for frame and dialog implementations. + * netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java: refactor to use + PolicyEditorWindow + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: + same + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java + same + * netx/net/sourceforge/jnlp/util/FileUtils.java: (showReadOnlyDialog, + showCouldNotOpenFileDialog, showCouldNotOpenFilePathDialog, + showCouldNotOpenDialog) use Component rather than JFrame + + 2014-03-26 Andrew Azores Added many new permissions for PolicyEditor diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java --- a/netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java Wed Mar 26 10:45:46 2014 -0400 +++ b/netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java Wed Mar 26 11:02:00 2014 -0400 @@ -54,12 +54,12 @@ import javax.swing.JButton; import javax.swing.JFrame; import javax.swing.JLabel; -import javax.swing.JOptionPane; import javax.swing.JTextField; import javax.swing.SwingUtilities; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.FileUtils.OpenFileResult; import net.sourceforge.jnlp.util.logging.OutputController; @@ -72,7 +72,7 @@ */ public class PolicyPanel extends NamedBorderPanel { - private PolicyEditor policyEditor = null; + private PolicyEditorWindow policyEditor = null; public PolicyPanel(final JFrame frame, final DeploymentConfiguration config) { super(R("CPHeadPolicy"), new GridBagLayout()); @@ -161,12 +161,12 @@ * @param filePath a {@link String} representing the path to the file to be opened */ private void launchSimplePolicyEditor(final String filePath) { - if (policyEditor == null || policyEditor.isClosed()) { - policyEditor = PolicyEditor.createInstance(filePath); - policyEditor.setVisible(true); + if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) { + policyEditor = PolicyEditor.getPolicyEditorFrame(filePath); + policyEditor.asWindow().setVisible(true); } else { - policyEditor.toFront(); - policyEditor.repaint(); + policyEditor.asWindow().toFront(); + policyEditor.asWindow().repaint(); } } diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java --- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Wed Mar 26 10:45:46 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Wed Mar 26 11:02:00 2014 -0400 @@ -41,6 +41,7 @@ import java.awt.BorderLayout; import java.awt.Color; +import java.awt.Dialog.ModalityType; import java.awt.Dimension; import java.awt.FlowLayout; import java.awt.Font; @@ -84,6 +85,7 @@ import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityUtil; import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.logging.OutputController; @@ -109,7 +111,7 @@ private JButton run, sandbox, advancedOptions, cancel, moreInfo; private boolean alwaysTrustSelected; private String bottomLabelWarningText; - private PolicyEditor policyEditor = null; + private PolicyEditorWindow policyEditor = null; public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) { super(x, certVerifier); @@ -330,14 +332,15 @@ filepath = null; } - if (policyEditor == null || policyEditor.isClosed()) { - policyEditor = PolicyEditor.createInstance(filepath); + if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) { + policyEditor = PolicyEditor.getPolicyEditorDialog(filepath); } else { - policyEditor.toFront(); - policyEditor.repaint(); + policyEditor.asWindow().toFront(); + policyEditor.asWindow().repaint(); } - policyEditor.addNewCodebase(file.getCodeBase().toString()); - policyEditor.setVisible(true); + policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL); + policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString()); + policyEditor.asWindow().setVisible(true); policyMenu.setVisible(false); } } diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java --- a/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java Wed Mar 26 10:45:46 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java Wed Mar 26 11:02:00 2014 -0400 @@ -2,6 +2,7 @@ import static net.sourceforge.jnlp.runtime.Translator.R; +import java.awt.Dialog.ModalityType; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.MouseEvent; @@ -25,6 +26,7 @@ import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow; import net.sourceforge.jnlp.tools.CertInformation; import net.sourceforge.jnlp.tools.JarCertVerifier; @@ -34,7 +36,7 @@ private final JButton sandboxButton; private final JButton advancedOptionsButton; private final JPopupMenu policyMenu; - private PolicyEditor policyEditor = null; + private PolicyEditorWindow policyEditor = null; public PartiallySignedAppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener, SecurityDialog securityDialog) { super(file, actionChoiceListener); @@ -175,14 +177,15 @@ filepath = null; } - if (policyEditor == null || policyEditor.isClosed()) { - policyEditor = PolicyEditor.createInstance(filepath); + if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) { + policyEditor = PolicyEditor.getPolicyEditorDialog(filepath); } else { - policyEditor.toFront(); - policyEditor.repaint(); + policyEditor.asWindow().toFront(); + policyEditor.asWindow().repaint(); } - policyEditor.addNewCodebase(file.getCodeBase().toString()); - policyEditor.setVisible(true); + policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL); + policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString()); + policyEditor.asWindow().setVisible(true); policyMenu.setVisible(false); } } diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 10:45:46 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 11:02:00 2014 -0400 @@ -36,10 +36,12 @@ package net.sourceforge.jnlp.security.policyeditor; +import java.awt.Dialog.ModalityType; import static net.sourceforge.jnlp.runtime.Translator.R; import java.awt.GridBagConstraints; import java.awt.GridBagLayout; +import java.awt.Window; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.KeyEvent; @@ -73,6 +75,7 @@ import javax.swing.JButton; import javax.swing.JCheckBox; import javax.swing.JComponent; +import javax.swing.JDialog; import javax.swing.JFileChooser; import javax.swing.JFrame; import javax.swing.JLabel; @@ -81,7 +84,7 @@ import javax.swing.JMenuBar; import javax.swing.JMenuItem; import javax.swing.JOptionPane; -import javax.swing.JRootPane; +import javax.swing.JPanel; import javax.swing.JScrollPane; import javax.swing.KeyStroke; import javax.swing.ListSelectionModel; @@ -124,7 +127,7 @@ * Comments will *not* be preserved when PolicyEditor next saves to the * file. */ -public class PolicyEditor extends JFrame { +public class PolicyEditor extends JPanel { /** * Command line switch to print a help message. @@ -161,7 +164,6 @@ private final JList list = new JList(listModel); private final JButton okButton = new JButton(), closeButton = new JButton(), addCodebaseButton = new JButton(), removeCodebaseButton = new JButton(); - private final JMenuBar menuBar = new JMenuBar(); private final JFileChooser fileChooser; private CustomPolicyViewer cpViewer = null; private final WeakReference weakThis = new WeakReference(this); @@ -295,19 +297,156 @@ }; setAccelerators(); - setTitle(R("PETitle")); setupLayout(); list.setSelectedIndex(0); updateCheckboxes(""); - setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); + } - addWindowListener(new WindowAdapter() { + private static void preparePolicyEditorWindow(final PolicyEditorWindow w, PolicyEditor e) { + w.setModalityType(ModalityType.MODELESS); //at least some default + w.setPolicyEditor(e); + w.setTitle(R("PETitle")); + w.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); + w.setJMenuBar(createMenuBar(w.asWindow(), w.getPolicyEditor())); + setupPolicyEditorWindow(w.asWindow(), w.getPolicyEditor()); + + } + + private static void setupPolicyEditorWindow(final Window window, final PolicyEditor editor) { + window.add(editor); + window.pack(); + editor.setVisible(true); + + window.addWindowListener(new WindowAdapter() { @Override public void windowClosing(final WindowEvent e) { - quit(); + editor.quit(); + window.dispose(); } }); + + editor.closeButton.addActionListener(new ActionListener() { + @Override + public void actionPerformed(final ActionEvent e) { + window.dispose(); + } + }); + } + + public static interface PolicyEditorWindow { + + public void setTitle(String s); + + public void setDefaultCloseOperation(int i); + + public PolicyEditor getPolicyEditor(); + + public void setPolicyEditor(PolicyEditor e); + + public void setJMenuBar(JMenuBar menu); + + public Window asWindow(); + + public void setModalityType(ModalityType modalityType); + } + + private static class PolicyEditorFrame extends JFrame implements PolicyEditorWindow { + + private PolicyEditor editor; + + private PolicyEditorFrame(final PolicyEditor editor) { + super(); + preparePolicyEditorWindow((PolicyEditorWindow)this, editor); + } + + @Override + public final void setTitle(String title) { + super.setTitle(title); + } + + @Override + public final PolicyEditor getPolicyEditor() { + return editor; + } + + @Override + public final void setPolicyEditor(PolicyEditor e) { + editor = e; + } + + @Override + public final void setDefaultCloseOperation(int operation) { + super.setDefaultCloseOperation(operation); + } + + @Override + public final void setJMenuBar(JMenuBar menu) { + super.setJMenuBar(menu); + } + + @Override + public final Window asWindow() { + return this; + } + + @Override + public void setModalityType(ModalityType type) { + //no op for frame + } + } + + public static PolicyEditorWindow getPolicyEditorFrame(final String filepath) { + return new PolicyEditorFrame(new PolicyEditor(filepath)); + } + + private static class PolicyEditorDialog extends JDialog implements PolicyEditorWindow { + + private PolicyEditor editor; + + private PolicyEditorDialog(final PolicyEditor editor) { + super(); + preparePolicyEditorWindow((PolicyEditorWindow)this, editor); + } + + @Override + public final void setTitle(String title) { + super.setTitle(title); + } + + @Override + public final PolicyEditor getPolicyEditor() { + return editor; + } + + @Override + public final void setPolicyEditor(PolicyEditor e) { + editor = e; + } + + @Override + public final void setDefaultCloseOperation(int operation) { + super.setDefaultCloseOperation(operation); + } + + @Override + public final void setJMenuBar(JMenuBar menu) { + super.setJMenuBar(menu); + } + + @Override + public final Window asWindow() { + return this; + } + + @Override + public void setModalityType(ModalityType type) { + super.setModalityType(type); + } + } + + public static PolicyEditorWindow getPolicyEditorDialog(final String filepath) { + return new PolicyEditorDialog(new PolicyEditor(filepath)); } private void setClosed() { @@ -370,9 +509,8 @@ */ private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) { final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers); - final JRootPane root = getRootPane(); - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); - root.getActionMap().put(identifier, action); + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier); + this.getActionMap().put(identifier, action); } /** @@ -454,7 +592,6 @@ } weakThis.clear(); setClosed(); - dispose(); } /** @@ -649,7 +786,7 @@ * @param component the component for which to set a mnemonic * @param mnemonic the mnemonic to set */ - private void setComponentMnemonic(final AbstractButton component, final String mnemonic) { + private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) { final int trig; try { trig = Integer.parseInt(mnemonic); @@ -660,45 +797,61 @@ component.setMnemonic(trig); } - /** - * Lay out all controls, tooltips, etc. - */ - private void setupLayout() { + private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) { + final JMenuBar menuBar = new JMenuBar(); + final JMenu fileMenu = new JMenu(R("PEFileMenu")); setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic")); + final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem")); setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic")); openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); - openItem.addActionListener(openButtonAction); + openItem.addActionListener(editor.openButtonAction); fileMenu.add(openItem); + final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem")); setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic")); saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); - saveItem.addActionListener(okButtonAction); + saveItem.addActionListener(editor.okButtonAction); fileMenu.add(saveItem); + final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem")); setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic")); saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK)); - saveAsItem.addActionListener(saveAsButtonAction); + saveAsItem.addActionListener(editor.saveAsButtonAction); fileMenu.add(saveAsItem); + final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem")); setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic")); exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); - exitItem.addActionListener(closeButtonAction); + exitItem.addActionListener(editor.closeButtonAction); + exitItem.addActionListener(new ActionListener() { + @Override + public void actionPerformed(final ActionEvent e) { + window.dispose(); + } + }); fileMenu.add(exitItem); menuBar.add(fileMenu); final JMenu viewMenu = new JMenu(R("PEViewMenu")); setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic")); + final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem")); setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic")); customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK)); - customPermissionsItem.addActionListener(viewCustomButtonAction); + customPermissionsItem.addActionListener(editor.viewCustomButtonAction); viewMenu.add(customPermissionsItem); menuBar.add(viewMenu); - this.setJMenuBar(menuBar); + return menuBar; + } + + /** + * Lay out all controls, tooltips, etc. + */ + private void setupLayout() { final JLabel checkboxLabel = new JLabel(); checkboxLabel.setText(R("PECheckboxLabel")); checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2)); @@ -796,7 +949,6 @@ add(closeButton, cancelButtonConstraints); setMinimumSize(getPreferredSize()); - pack(); } /** @@ -979,10 +1131,10 @@ } final StringBuilder sb = new StringBuilder(); sb.append(AUTOGENERATED_NOTICE); - sb.append("\n/* Generated by PolicyEditor at " + new SimpleDateFormat("yyyy-MM-dd HH:mm:ss") - .format(Calendar.getInstance().getTime()) + " */" + System.getProperty("line.separator")); + sb.append("\n/* Generated by PolicyEditor at ").append(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss") From aazores at redhat.com Wed Mar 26 15:52:52 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 11:52:52 -0400 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <5332E8B6.1050605@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com> <5331E17E.5070302@redhat.com> <5332BA7D.5070300@redhat.com> <5332E8B6.1050605@redhat.com> Message-ID: <5332F7D4.7080506@redhat.com> On 03/26/2014 10:48 AM, Andrew Azores wrote: > On 03/26/2014 07:31 AM, Jiri Vanek wrote: >> I think we misunderstood a bit. >> >> Attached is an patch doing what I wonted. >> >> It is defining interface (I wish it could be an class! :) ) common to >> both PolicyEditorFrame and PolicyEditorDialog. >> >> It become quite verbose, but its cleaner. >> >> >> It is fixing one mayor bug: >> You had public static class PolicyEditorFrame extends JDialog { >> So I fixed it to public static class PolicyEditorFrame extends >> JFrame { >> >> And making the two constructors I wont private. >> I really don't know where we miscommunicated:)) >> >> Also it is removing unnecessary private final Window parentWindow >> by fixing the signature of methods which were using from incorrect >> window, to correct component. >> >> >> Otherwise it is same. If you can survive my Interface, You can push. >> If not (and I agree it is maybe nuclear shot to kill a pigeon.. >> really maybe to much verbose) then please one last round. But keep >> your version : >> - with two private constructors >> - without aprent variable >> - and without duplicate code. >> >> >> Sorry for my probably wrong explanations during reviews :( >> >> >> J. > > Wow, yes quite verbose. But it seems like a good enough solution. I'll > push this then. > > Thanks, > As discussed on IRC, some flaws were found with this. This patch fixes the known problems at least. The "Save Changes" prompt now works properly again, and the checkbox labels and remove button are now the correct widths. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: modal-policyeditor-fixes.patch Type: text/x-patch Size: 9456 bytes Desc: not available URL: From aazores at redhat.com Wed Mar 26 16:04:28 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 12:04:28 -0400 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <5332BC0C.9040007@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> <5330536D.2030608@redhat.com> <533056E3.60201@redhat.com> <5331E8C0.6030401@redhat.com> <5332BC0C.9040007@redhat.com> Message-ID: <5332FA8C.2070300@redhat.com> On 03/26/2014 07:37 AM, Jiri Vanek wrote: > On 03/25/2014 09:36 PM, Andrew Azores wrote: >> On 03/24/2014 12:01 PM, Jiri Vanek wrote: >>> On 03/24/2014 04:46 PM, Andrew Azores wrote: >>>> On 03/24/2014 11:11 AM, Jiri Vanek wrote: >>>>> On 03/24/2014 03:44 PM, Andrew Azores wrote: >>>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>>>>>> Hi, >>>>>>>> >>>>>>>> PolicyEditor loads and saves policy files async, obviously. >>>>>>>> However, this means that opening >>>>>>>> a new >>>>>>>> PolicyEditor instance on an existing policy file and >>>>>>>> programmatically adding a new codebase >>>>>>>> to the >>>>>>>> editor does not have a well-defined order. This can be >>>>>>>> problematic because PolicyEditor >>>>>>>> highlights/selects the last added codebase, so eg in the >>>>>>>> scenario where the editor is being >>>>>>>> launched >>>>>>>> from a security dialog, we want to be sure that the current >>>>>>>> applet's codebase is the one >>>>>>>> selected >>>>>>>> when the editor appears. This patch adds a method to >>>>>>>> PolicyEditor that indicates whether the >>>>>>>> editor >>>>>>>> is currently reading/writing a file, and adds a loop to the two >>>>>>>> security dialogs so that the new >>>>>>>> codebase is not added and the editor made visible until it >>>>>>>> completes its IO. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>> >>>>>>> Hm... I dont think this is correct approach. Why are you so >>>>>>> strongly against modal dialogue? >>>>>>> >>>>>>> >>>>>>> J. >>>>>> >>>>>> I'm not... making PolicyEditor modal will come later. This patch >>>>>> is just about making sure that >>>>>> when >>>>>> you launch PolicyEditor from a security dialog, the current >>>>>> applet's codebase is guaranteed to be >>>>>> the selected one when the editor appears. This and modality are >>>>>> completely separate. >>>>>> >>>>>> Thanks, >>>>>> >>>>> uff... wouldnt be much more easy to make the load/save in sync? I >>>>> do not see any reason why it is >>>>> in new thread Thread(save/load).start() .... >>>>> >>>>> >>>>> J. >>>> >>>> I really don't want to be doing it sync on the UI thread. This >>>> makes the application less >>>> responsive, and is generally bad practice. Not worth the benefit of >>>> making it easier to guarantee >>>> the programmatically added new codebases come after. There are >>>> better ways to do it async than >>>> manually spawning a new Thread, though, yes. eg SwingWorker as you >>>> said on IRC, or Executors and >>>> Runnables as I suggested. Still, these potential enhancements to >>>> the multithreading model would >>>> still have the codebase ordering problem. >>> >>> I agree thath do it in gui thread is wrong. But I disagree with >>> current aproach and new suggested >>> locking. >>> >>> Correct aporach is: >>> invoke thread (swingworker) >>> disable gui or show dialog with progressbar or soem wait please >>> (so gui will be "responsoble") >>> wait for thread. >>> >>> >>> Would be correct approach. >> >> Okay, this is an enhancement in that it uses the nice SwingWorker >> abstraction and provides a visual >> indicator of progress for the IO operation, but I don't see how it >> really solves the problem. If by >> "wait for thread" you mean Thread#join or similar, then we're again >> just blocking the EDT, so it >> won't actually be responsive until the IO is done. In that case we >> might as well just have the EDT >> do the IO directly. If we don't block the EDT and continue to let the >> IO complete async, albeit with >> visual progress indication and nicely abstracted, then there is still >> the problem of addNewCodebase >> being called externally and not having a well-defined order compared >> to the addNewCodebase calls >> made by the thread performing the IO. > > > Agree. Then please do this now: > > ** failed to import extension forest from > /home/jvanek/hg-forest-ext/forest.py: No module named repo > diff -r 4c584d98c42d > netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java > --- > a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java > Wed Mar 26 12:21:48 2014 +0100 > +++ > b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java > Wed Mar 26 12:37:11 2014 +0100 > @@ -1067,7 +1067,7 @@ > OutputController.getLogger().log(e); > } > } > - }.start(); > + }.run(); > } > > /** > @@ -1170,7 +1170,7 @@ > showCouldNotSaveDialog(); > } > } > - }.start(); > + }.run(); > } > > /** > > >> >>> > because : >>> >>> However - the polici files *are* small. So the burden of *doing it >>> IN* AWT is imho acceptable. >>> >>> > Good to go? Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-io-sync.patch Type: text/x-patch Size: 1236 bytes Desc: not available URL: From jvanek at redhat.com Wed Mar 26 16:05:00 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 17:05:00 +0100 Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish parsing In-Reply-To: <5332FA8C.2070300@redhat.com> References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com> <533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com> <5330536D.2030608@redhat.com> <533056E3.60201@redhat.com> <5331E8C0.6030401@redhat.com> <5332BC0C.9040007@redhat.com> <5332FA8C.2070300@redhat.com> Message-ID: <5332FAAC.3030604@redhat.com> On 03/26/2014 05:04 PM, Andrew Azores wrote: > On 03/26/2014 07:37 AM, Jiri Vanek wrote: >> On 03/25/2014 09:36 PM, Andrew Azores wrote: >>> On 03/24/2014 12:01 PM, Jiri Vanek wrote: >>>> On 03/24/2014 04:46 PM, Andrew Azores wrote: >>>>> On 03/24/2014 11:11 AM, Jiri Vanek wrote: >>>>>> On 03/24/2014 03:44 PM, Andrew Azores wrote: >>>>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote: >>>>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote: >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening >>>>>>>>> a new >>>>>>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase >>>>>>>>> to the >>>>>>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor >>>>>>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being >>>>>>>>> launched >>>>>>>>> from a security dialog, we want to be sure that the current applet's codebase is the one >>>>>>>>> selected >>>>>>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the >>>>>>>>> editor >>>>>>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that >>>>>>>>> the new >>>>>>>>> codebase is not added and the editor made visible until it completes its IO. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> >>>>>>>> >>>>>>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue? >>>>>>>> >>>>>>>> >>>>>>>> J. >>>>>>> >>>>>>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that >>>>>>> when >>>>>>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed >>>>>>> to be >>>>>>> the selected one when the editor appears. This and modality are completely separate. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>> uff... wouldnt be much more easy to make the load/save in sync? I do not see any reason why >>>>>> it is >>>>>> in new thread Thread(save/load).start() .... >>>>>> >>>>>> >>>>>> J. >>>>> >>>>> I really don't want to be doing it sync on the UI thread. This makes the application less >>>>> responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee >>>>> the programmatically added new codebases come after. There are better ways to do it async than >>>>> manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and >>>>> Runnables as I suggested. Still, these potential enhancements to the multithreading model would >>>>> still have the codebase ordering problem. >>>> >>>> I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested >>>> locking. >>>> >>>> Correct aporach is: >>>> invoke thread (swingworker) >>>> disable gui or show dialog with progressbar or soem wait please >>>> (so gui will be "responsoble") >>>> wait for thread. >>>> >>>> >>>> Would be correct approach. >>> >>> Okay, this is an enhancement in that it uses the nice SwingWorker abstraction and provides a visual >>> indicator of progress for the IO operation, but I don't see how it really solves the problem. If by >>> "wait for thread" you mean Thread#join or similar, then we're again just blocking the EDT, so it >>> won't actually be responsive until the IO is done. In that case we might as well just have the EDT >>> do the IO directly. If we don't block the EDT and continue to let the IO complete async, albeit with >>> visual progress indication and nicely abstracted, then there is still the problem of addNewCodebase >>> being called externally and not having a well-defined order compared to the addNewCodebase calls >>> made by the thread performing the IO. >> >> >> Agree. Then please do this now: >> >> ** failed to import extension forest from /home/jvanek/hg-forest-ext/forest.py: No module named repo >> diff -r 4c584d98c42d netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java >> --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:21:48 2014 >> +0100 >> +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:37:11 2014 >> +0100 >> @@ -1067,7 +1067,7 @@ >> OutputController.getLogger().log(e); >> } >> } >> - }.start(); >> + }.run(); >> } >> >> /** >> @@ -1170,7 +1170,7 @@ >> showCouldNotSaveDialog(); >> } >> } >> - }.start(); >> + }.run(); >> } >> >> /** >> >> >>> >>>> >> because : >>>> >>>> However - the polici files *are* small. So the burden of *doing it IN* AWT is imho acceptable. >>>> >>>> >> > > Good to go? Yes:) From aazores at icedtea.classpath.org Wed Mar 26 16:07:34 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 26 Mar 2014 16:07:34 +0000 Subject: /hg/icedtea-web: PolicyEditor IO operations made synchronous Message-ID: changeset ca18850addad in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ca18850addad author: Andrew Azores date: Wed Mar 26 12:07:23 2014 -0400 PolicyEditor IO operations made synchronous * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (savePolicyFile, openAndParsePolicyFile) made synchronous so that programmatically adding a new codebase has a well-defined order when performed immediately after starting a new PolicyEditor instance diffstat: ChangeLog | 7 +++++++ netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 8 ++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diffs (39 lines): diff -r fcb9dcf1c83c -r ca18850addad ChangeLog --- a/ChangeLog Wed Mar 26 11:02:00 2014 -0400 +++ b/ChangeLog Wed Mar 26 12:07:23 2014 -0400 @@ -1,3 +1,10 @@ +2014-03-26 Andrew Azores + + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (savePolicyFile, openAndParsePolicyFile) made synchronous so that + programmatically adding a new codebase has a well-defined order when + performed immediately after starting a new PolicyEditor instance + 2014-03-26 Andrew Azores Jiri Vanek diff -r fcb9dcf1c83c -r ca18850addad netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 11:02:00 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:07:23 2014 -0400 @@ -1067,7 +1067,9 @@ OutputController.getLogger().log(e); } } - }.start(); + }.run(); // #run() to make IO synchronous right now. #start() can be used to make it async instead. + // http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026886.html + // TODO: use SwingWorker and give some visual indication that IO is occurring } /** @@ -1170,7 +1172,9 @@ showCouldNotSaveDialog(); } } - }.start(); + }.run(); // #run() to make IO synchronous right now. #start() can be used to make it async instead. + // http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026886.html + // TODO: use SwingWorker and give some visual indication that IO is occurring } /** From jvanek at redhat.com Wed Mar 26 17:11:07 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 18:11:07 +0100 Subject: [rfc][icedtea-web] policy editor -added possibility for grouping. Message-ID: <53330A2B.6030307@redhat.com> perfectly self documented code! Happy review :) -------------- next part -------------- A non-text attachment was scrubbed... Name: addedGroupingOnGuiLevelForPermissions.patch Type: text/x-patch Size: 16317 bytes Desc: not available URL: From aazores at redhat.com Wed Mar 26 17:18:02 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 13:18:02 -0400 Subject: [rfc][icedtea-web] policy editor -added possibility for grouping. In-Reply-To: <53330A2B.6030307@redhat.com> References: <53330A2B.6030307@redhat.com> Message-ID: <53330BCA.4080104@redhat.com> On 03/26/2014 01:11 PM, Jiri Vanek wrote: > perfectly self documented code! > Happy review :) Very very nice! Nits: 1) there are some blank lines that have spaces up to the indent level, should be just empty lines? 2) add File Access group please since there are six permissions about it Then ok to push after. Thanks! -- Andrew A From jvanek at redhat.com Wed Mar 26 17:18:19 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 18:18:19 +0100 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <5331D8C4.3040309@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> <5331D8C4.3040309@redhat.com> Message-ID: <53330BDB.2010104@redhat.com> On 03/25/2014 08:28 PM, Andrew Azores wrote: > On 03/25/2014 03:13 PM, Jiri Vanek wrote: >> On 03/25/2014 06:34 PM, Andrew Azores wrote: >>> On 03/25/2014 05:40 AM, Jiri Vanek wrote: >>>> Generally ok, except one important nit: >>>> >>>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); >>>> + noCmdExec.addActionListener(new TemporaryPermissionsListener( >>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>>> + Permissions.NETWORK_ACCESS)); >>>> + policyMenu.add(noCmdExec); >>>> >>>> And similar: >>>> are - duplicated. >>>> >>>> >>>> You can push, as similar evil is already done. >>>> >>>> However refactoring, asn asap changeset is needed. >>>> >>>> the ||| advanced settings button will be encapsulated, so non of its code is duplicated. >>>> You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut >>>> insntance of this button to the panes. >>>> >>>> Also all the : >>>> new TemporaryPermissionsListener( >>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>>> + Permissions.NETWORK_ACCESS)); >>>> + policyMenu.add(noCmdExec); >>>> >>>> should be encapsualted. Those permissionListeners may be stored in some static class as static >>>> constantsand just used as singletons. or not? >>>> If not then they can be provided by some factory methods. But not spred in gui code like this. >>>> >>>> Yes, just code celaning, but how it is now, i do not look nicely. >>>> >>>> Sorry for troubles:( >>>> J. >>>> >>> >>> You're right, it was getting very messy, and the code for the button/menu stuff definitely should >>> have been shared. >>> >>> So now, behold the monster you've asked for... ! :D >>> >>> 1) Button is pulled out into its own class and used in the two dialogs >>> 2) Popup menu is actually even simpler to make appear now (less futzing with position on screen) >>> 3) !! PolicyEditorPermissions are reused. It's some slightly scary reflection with a bit of regex >>> sprinkled in, but it works perfect. >>> 3b) Some of the temp permissions have been removed because PolicyEditorPermissions don't yet have >>> the right counterparts. But there's another patch I sent earlier that adds all of those >>> permissions as well, so then they can be added in quite quickly here after >>> 4) Temp permission types and menu entries are much much cleaner to define >>> >> >> >> hmhmhm - just see: >> +STempSoundOnly=Play audio >> it is same issue as in case of reflection. it should probably allow both recording and playing. >> UTwo permissions under one checkbox. > > Really? I can imagine many scenarios where a user is comfortable with an applet playing sound back > but not recording it. Reflection makes sense to group together but I think audio should be separate. > >> >> - maybe as tmp hack can serve some better grouping of checkboxes, with one main - whcih will >> select/unselect all underlying. By this you will have your one-permission-per-checkbox - and user >> will not be bored by to much on-first-glance-visible permissions. Maybe I can do thsis tomorrow? I >> wil enjoy it :) > > Go ahead. > >> >> >> + public static Permission getPermission(final PolicyEditorPermissions editorPermission) { >> >> arrgh thats monster..... Why reflection!!?!??! No way!!! it is our class. Please do something >> public or whatever... >> >> >> >> Otherwise it is not os monsterous :) > > Well, I had to decide if I wanted to extend PolicyEditorPermissions with some way to convert into > Permissions, or to just add this translation layer separately. I liked the new layer better, since > PolicyEditorPermissions was really just intended for use within PolicyEditor, and in there we don't > need this kind of logic. So from outside of the model itself, reflection was actually not a bad way > to handle acquiring the correct kind of Permission subclass from the model - the alternative would > have been a switch or long if/else chain, which would have then meant that any new PermissionTypes > would have also needed an update to the TemporaryPermissions converter. Using reflection like this > means that it never has to be updated if the PermissionTypes change. I don't think this is even that > bad of a use of reflection - I don't think it's too hard to read, and it's not being used somewhere > performance critical or where it will be called very frequently. > > The other good option I've thought of is to add the Permission conversion logic to the > PolicyEditorPermissions model, and move/rename this model so it's more suitable as something shared > between PolicyEditor and these dialogs. The PolicyEditorPermissions could be constructed with a > Class reference, eg RuntimePermission.class, and have a Permission field that is then populated by > the constructor doing a bit less reflection. This eliminates the need for the Class.forName call, > but makes the PolicyEditorPermission model more complicated in a way that I don't think it really > needs to be. > hmm All three ways looks bad:( Both reflection and "any new PermissionTypes would have " is very wrong. No advice here :( Sorry. But I belive you will figure it out O:) From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 17:22:08 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 17:22:08 +0000 Subject: [Bug 1677] [IcedTea7] Update PaX support to detect running PaX kernel and use newer tools In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1677 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 17:22:41 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 17:22:41 +0000 Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From theuserbl at hotmail.com Wed Mar 26 17:32:36 2014 From: theuserbl at hotmail.com (theUser BL) Date: Wed, 26 Mar 2014 17:32:36 +0000 Subject: Bug in fonts of OpenJDK Message-ID: I have tested the OpenJDK in the OpenSUSE distribution and the Windows and Linux builds at http://www.azulsystems.com/products/zulu All have the same bug, which Oracle JDK http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html don't have. If you start SwingSet2.jar and naviagte to a "Source Code"-tab, then the sourcecode is formatted. But on Oracles Java, words like "import", "public", "int", etc. are bold. On OpenJDK they are not. But the other words, which are colored, are on Oracles JDK and OpenJDK same colored. Greatings theuserbl From jvanek at icedtea.classpath.org Wed Mar 26 17:46:27 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Wed, 26 Mar 2014 17:46:27 +0000 Subject: /hg/icedtea-web: Added possibility to group permissions in Polic... Message-ID: changeset 9de6713da051 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=9de6713da051 author: Jiri Vanek date: Wed Mar 26 18:46:13 2014 +0100 Added possibility to group permissions in PolicyEditor gui diffstat: ChangeLog | 11 + netx/net/sourceforge/jnlp/resources/Messages.properties | 6 + netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 168 +++++++++- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java | 95 +++++- 4 files changed, 265 insertions(+), 15 deletions(-) diffs (428 lines): diff -r ca18850addad -r 9de6713da051 ChangeLog --- a/ChangeLog Wed Mar 26 12:07:23 2014 -0400 +++ b/ChangeLog Wed Mar 26 18:46:13 2014 +0100 @@ -1,3 +1,14 @@ +2014-03-24 Jiri Vanek + + Added possibility to group permissions in PolicyEditor + * netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java : (setLayout) + added grouping panels and checkboxes. (JcheckBoxWithGroup) New inner class to work + with groups. + netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: + Added inner class (Groups) and deffinied (ReadFileSystem) (WriteFileSystem) + (AccesUnowenedCode) (MediaAccess) + 2014-03-26 Andrew Azores * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 26 12:07:23 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 26 18:46:13 2014 +0100 @@ -549,6 +549,12 @@ PECustomPermissionsItem=Custom Permissions... PEFileModified=File Modification Warning PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving? +PEGAccesUnowenedCode = Execute unowned code +PEGMediaAccess = Media access +PEGrightClick = right click to fold/unfold +PEGReadFileSystem = Read to system +PEGWriteFileSystem = Write to system + # Policy Editor CustomPolicyViewer PECPTitle=Custom Policy Viewer diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:07:23 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 18:46:13 2014 +0100 @@ -36,6 +36,8 @@ package net.sourceforge.jnlp.security.policyeditor; +import java.awt.Color; +import java.awt.Container; import java.awt.Dialog.ModalityType; import static net.sourceforge.jnlp.runtime.Translator.R; @@ -45,6 +47,8 @@ import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.KeyEvent; +import java.awt.event.MouseAdapter; +import java.awt.event.MouseEvent; import java.awt.event.WindowAdapter; import java.awt.event.WindowEvent; import java.io.File; @@ -55,12 +59,14 @@ import java.net.URL; import java.nio.channels.FileLock; import java.text.SimpleDateFormat; +import java.util.ArrayList; import java.util.Arrays; import java.util.Calendar; import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; +import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.Set; @@ -92,8 +98,10 @@ import javax.swing.UIManager; import javax.swing.WindowConstants; import javax.swing.border.EmptyBorder; +import javax.swing.border.LineBorder; import javax.swing.event.ListSelectionEvent; import javax.swing.event.ListSelectionListener; +import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.Group; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.FileUtils.OpenFileResult; @@ -159,6 +167,7 @@ private final Map> codebasePermissionsMap = new HashMap>(); private final Map> customPermissionsMap = new HashMap>(); private final Map checkboxMap = new TreeMap(); + private final List groupBoxList = new ArrayList(Group.values().length); private final JScrollPane scrollPane = new JScrollPane(); private final DefaultListModel listModel = new DefaultListModel(); private final JList list = new JList(listModel); @@ -172,6 +181,43 @@ private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction, removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction; + private static class JCheckBoxWithGroup extends JCheckBox { + + private final PolicyEditorPermissions.Group group; + + private JCheckBoxWithGroup(Group g) { + super(g.getTitle()); + group = g; + } + + public Group getGroup() { + return group; + } + + private void setState(Map map) { + List backup = new LinkedList(); + for (final ActionListener l : this.getActionListeners()) { + backup.add(l); + this.removeActionListener(l); + } + int i = group.getState(map); + this.setBackground(getParent().getBackground()); + if (i > 0) { + this.setSelected(true); + } + if (i < 0) { + this.setSelected(false); + } + if (i == 0) { + this.setBackground(Color.yellow); + this.setSelected(false); + } + + for (ActionListener al : backup) { + this.addActionListener(al); + } + } + } public PolicyEditor(final String filepath) { super(); setLayout(new GridBagLayout()); @@ -277,13 +323,10 @@ SwingUtilities.invokeLater(new Runnable() { @Override public void run() { - String codebase = (String) list.getSelectedValue(); - if (codebase == null || codebase.isEmpty()) { + String codebase = getSelectedCodebase(); + if (codebase == null){ return; } - if (codebase.equals(R("PEGlobalSettings"))) { - codebase = ""; - } if (cpViewer == null) { cpViewer = new CustomPolicyViewer(weakThis.get(), codebase, customPermissionsMap.get(codebase)); cpViewer.setVisible(true); @@ -302,6 +345,17 @@ list.setSelectedIndex(0); updateCheckboxes(""); } + + private String getSelectedCodebase() { + String codebase = (String) list.getSelectedValue(); + if (codebase == null || codebase.isEmpty()) { + return null; + } + if (codebase.equals(R("PEGlobalSettings"))) { + return ""; + } + return codebase; + } private static void preparePolicyEditorWindow(final PolicyEditorWindow w, PolicyEditor e) { w.setModalityType(ModalityType.MODELESS); //at least some default @@ -767,12 +821,18 @@ } else { state = false; } + for (JCheckBoxWithGroup jg : groupBoxList) { + jg.setState(map); + } box.setSelected(state); box.addActionListener(new ActionListener() { @Override public void actionPerformed(final ActionEvent e) { changesMade = true; map.put(perm, box.isSelected()); + for (JCheckBoxWithGroup jg : groupBoxList) { + jg.setState(map); + } } }); } @@ -869,6 +929,10 @@ checkboxConstraints.gridy = 1; for (final JCheckBox box : checkboxMap.values()) { + if (PolicyEditorPermissions.Group.anyContains(box, checkboxMap)){ + //do not show boxes in any group + continue; + } add(box, checkboxConstraints); checkboxConstraints.gridx++; // Two columns of checkboxes @@ -877,6 +941,89 @@ checkboxConstraints.gridy++; } } + //add groups + for (PolicyEditorPermissions.Group g : PolicyEditorPermissions.Group.values()) { + //no metter what, put group title on new line + checkboxConstraints.gridy++; + //all groups are in second column + checkboxConstraints.gridx = 2; + final JCheckBoxWithGroup groupCh = new JCheckBoxWithGroup(g); + groupBoxList.add(groupCh); + final JPanel groupPanel = new JPanel(new GridBagLayout()); + groupPanel.setBorder(new LineBorder(Color.black)); + groupCh.setToolTipText(R("PEGrightClick")); + groupCh.addMouseListener(new MouseAdapter() { + @Override + public void mouseClicked(MouseEvent e) { + if (e.getButton() == MouseEvent.BUTTON3) { + groupPanel.setVisible(!groupPanel.isVisible()); + PolicyEditor.this.validate(); + Container c = PolicyEditor.this.getParent(); + //find the window and repack it + while (!(c instanceof Window)) { + if (c == null) { + return; + } + c = c.getParent(); + } + Window w = (Window) c; + w.pack(); + + } + } + }); + groupCh.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + String codebase = getSelectedCodebase(); + if (codebase == null) { + return; + } + List backup = new LinkedList(); + for (final ActionListener l : groupCh.getActionListeners()) { + backup.add(l); + groupCh.removeActionListener(l); + } + final Map map = codebasePermissionsMap.get(codebase); + for (PolicyEditorPermissions p : groupCh.getGroup().getPermissions()) { + map.put(p, groupCh.isSelected()); + } + changesMade = true; + updateCheckboxes(codebase); + for (ActionListener al : backup) { + groupCh.addActionListener(al); + } + + } + }); + add(groupCh, checkboxConstraints); + //place panel with mebers below the title + checkboxConstraints.gridy++; + checkboxConstraints.gridx = 2; + //spread group's panel over two columns + checkboxConstraints.gridwidth = 2; + checkboxConstraints.fill = checkboxConstraints.BOTH; + add(groupPanel, checkboxConstraints); + final GridBagConstraints groupCheckboxLabelConstraints = new GridBagConstraints(); + groupCheckboxLabelConstraints.anchor = GridBagConstraints.LINE_START; + groupCheckboxLabelConstraints.weightx = 0; + groupCheckboxLabelConstraints.weighty = 0; + groupCheckboxLabelConstraints.gridx = 1; + groupCheckboxLabelConstraints.gridy = 1; + for (PolicyEditorPermissions p : g.getPermissions()) { + groupPanel.add(checkboxMap.get(p), groupCheckboxLabelConstraints); + // Two columns of checkboxes + groupCheckboxLabelConstraints.gridx++; + if (groupCheckboxLabelConstraints.gridx > 2) { + groupCheckboxLabelConstraints.gridx = 1; + groupCheckboxLabelConstraints.gridy++; + } + } + groupPanel.setVisible(false); + //reset + checkboxConstraints.gridwidth = 1; + } + final JLabel codebaseListLabel = new JLabel(R("PECodebaseLabel")); codebaseListLabel.setBorder(new EmptyBorder(2, 2, 2, 2)); @@ -892,16 +1039,10 @@ if (e.getValueIsAdjusting()) { return; // ignore first click, act on release } - final String selectedCodebase = (String) list.getSelectedValue(); - if (selectedCodebase == null) { + final String codebase = getSelectedCodebase(); + if (codebase == null) { return; } - final String codebase; - if (selectedCodebase.equals(R("PEGlobalSettings"))) { - codebase = ""; - } else { - codebase = selectedCodebase; - } updateCheckboxes(codebase); } }); @@ -1061,6 +1202,7 @@ } } list.setSelectedIndex(0); + updateCheckboxes(""); try { fileLock.release(); } catch (final IOException e) { diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java Wed Mar 26 12:07:23 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java Wed Mar 26 18:46:13 2014 +0100 @@ -36,10 +36,10 @@ package net.sourceforge.jnlp.security.policyeditor; +import java.util.Map; +import javax.swing.JCheckBox; import static net.sourceforge.jnlp.runtime.Translator.R; -import java.util.regex.Matcher; -import java.util.regex.Pattern; /** * Defines the set of default permissions for PolicyEditor, ie the ones which are assigned @@ -107,6 +107,97 @@ PRINT(R("PEPrint"), R("PEPrintDetail"), PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE); + + public static enum Group { + + + ReadFileSystem(R("PEGReadFileSystem"), READ_LOCAL_FILES, READ_PROPERTIES, READ_SYSTEM_FILES, READ_TMP_FILES, GET_ENV), + WriteFileSystem(R("PEGWriteFileSystem"), WRITE_LOCAL_FILES, WRITE_PROPERTIES, WRITE_SYSTEM_FILES, WRITE_TMP_FILES, EXEC_COMMANDS), + AccesUnowenedCode(R("PEGAccesUnowenedCode"), JAVA_REFLECTION, GET_CLASSLOADER, ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS), + MediaAccess(R("PEGMediaAccess"), PLAY_AUDIO, RECORD_AUDIO, PRINT, CLIPBOARD); + + + private final PolicyEditorPermissions[] permissions; + private final String title; + private Group(String title, PolicyEditorPermissions... permissions) { + this.title = title; + this.permissions = permissions; + + } + + public static boolean anyContains(PolicyEditorPermissions permission) { + for (Group g : Group.values()) { + if (g.contains(permission)) { + return true; + } + } + return false; + } + + public static boolean anyContains(JCheckBox view, Map checkboxMap) { + for (Map.Entry pairs : checkboxMap.entrySet()){ + if (pairs.getValue() == view) { + for (Group g : Group.values()) { + if (g.contains(pairs.getKey())) { + return true; + } + } + } + } + return false; + } + + /* + * + all is selected + * 0 invalid + * - none is selected + */ + public int getState (final Map map) { + boolean allTrue=true; + boolean allFalse=true; + for (PolicyEditorPermissions pp: getPermissions()){ + Boolean b = map.get(pp); + if (b == null){ + return 0; + } + if (b.booleanValue()){ + allFalse = false; + } else { + allTrue = false; + } + } + if (allFalse){ + return -1; + } + if (allTrue){ + return 1; + } + return 0; + } + + public boolean contains(PolicyEditorPermissions permission) { + for (PolicyEditorPermissions policyEditorPermissions : permissions) { + if (policyEditorPermissions == permission) { + return true; + } + } + return false; + + } + + public String getTitle() { + return title + " ??"; + } + + public PolicyEditorPermissions[] getPermissions() { + return permissions; + } + + + + } + + private final String name, description; private final PermissionType type; private final PermissionTarget target; From jvanek at icedtea.classpath.org Wed Mar 26 17:50:42 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Wed, 26 Mar 2014 17:50:42 +0000 Subject: /hg/icedtea-web: Extracted hardcoded strings from AttributesChecker Message-ID: changeset 01a37b9ad8cb in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=01a37b9ad8cb author: Jiri Vanek date: Wed Mar 26 18:50:35 2014 +0100 Extracted hardcoded strings from AttributesChecker diffstat: ChangeLog | 9 ++++++++- netx/net/sourceforge/jnlp/resources/Messages.properties | 3 +++ netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java | 6 +++--- 3 files changed, 14 insertions(+), 4 deletions(-) diffs (47 lines): diff -r 9de6713da051 -r 01a37b9ad8cb ChangeLog --- a/ChangeLog Wed Mar 26 18:46:13 2014 +0100 +++ b/ChangeLog Wed Mar 26 18:50:35 2014 +0100 @@ -1,4 +1,11 @@ -2014-03-24 Jiri Vanek +2014-03-26 Jiri Vanek + + * netx/net/sourceforge/jnlp/resources/Messages.propertie: new keys (STOAsignedMsgFully) + (STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) added + * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: extracted + hardocded values of (signedMsg) + +2014-03-26 Jiri Vanek Added possibility to group permissions in PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names diff -r 9de6713da051 -r 01a37b9ad8cb netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 26 18:46:13 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Mar 26 18:50:35 2014 +0100 @@ -302,6 +302,9 @@ SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. SAppletTitle=Applet title: {0} STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed. +STOAsignedMsgFully = The applet is fully signed +STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed +STOAsignedMsgPartiall = The applet is not fully signed # Security - used for the More Information dialog SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. diff -r 9de6713da051 -r 01a37b9ad8cb netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Wed Mar 26 18:46:13 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Wed Mar 26 18:50:35 2014 +0100 @@ -115,11 +115,11 @@ || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc)); final String signedMsg; if (isFullySigned && !isSandboxed) { - signedMsg = "The applet is fully signed"; + signedMsg = Translator.R("STOAsignedMsgFully"); } else if (isFullySigned && isSandboxed) { - signedMsg = "The applet is fully signed and sandboxed"; + signedMsg = Translator.R("STOAsignedMsgAndSandbox"); } else { - signedMsg = "The applet is not fully signed"; + signedMsg = Translator.R("STOAsignedMsgPartiall"); } OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); From jvanek at redhat.com Wed Mar 26 17:52:35 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Wed, 26 Mar 2014 18:52:35 +0100 Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor In-Reply-To: <5332F7D4.7080506@redhat.com> References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com> <533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com> <53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com> <5331E17E.5070302@redhat.com> <5332BA7D.5070300@redhat.com> <5332E8B6.1050605@redhat.com> <5332F7D4.7080506@redhat.com> Message-ID: <533313E3.6050608@redhat.com> On 03/26/2014 04:52 PM, Andrew Azores wrote: > On 03/26/2014 10:48 AM, Andrew Azores wrote: >> On 03/26/2014 07:31 AM, Jiri Vanek wrote: >>> I think we misunderstood a bit. >>> >>> Attached is an patch doing what I wonted. >>> >>> It is defining interface (I wish it could be an class! :) ) common to both PolicyEditorFrame and >>> PolicyEditorDialog. >>> >>> It become quite verbose, but its cleaner. >>> >>> >>> It is fixing one mayor bug: >>> You had public static class PolicyEditorFrame extends JDialog { >>> So I fixed it to public static class PolicyEditorFrame extends JFrame { >>> >>> And making the two constructors I wont private. >>> I really don't know where we miscommunicated:)) >>> >>> Also it is removing unnecessary private final Window parentWindow by fixing the signature of >>> methods which were using from incorrect window, to correct component. >>> >>> >>> Otherwise it is same. If you can survive my Interface, You can push. >>> If not (and I agree it is maybe nuclear shot to kill a pigeon.. really maybe to much verbose) >>> then please one last round. But keep your version : >>> - with two private constructors >>> - without aprent variable >>> - and without duplicate code. >>> >>> >>> Sorry for my probably wrong explanations during reviews :( >>> >>> >>> J. >> >> Wow, yes quite verbose. But it seems like a good enough solution. I'll push this then. >> >> Thanks, >> > > As discussed on IRC, some flaws were found with this. This patch fixes the known problems at least. > The "Save Changes" prompt now works properly again, and the checkbox labels and remove button are > now the correct widths. > > Thanks, > Looks ok. Please double test and push :) Thank you! J. From aazores at icedtea.classpath.org Wed Mar 26 17:57:03 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Wed, 26 Mar 2014 17:57:03 +0000 Subject: /hg/icedtea-web: Fix JOptionPane modality problems after making ... Message-ID: changeset f975d5db4fbd in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f975d5db4fbd author: Andrew Azores date: Wed Mar 26 13:56:55 2014 -0400 Fix JOptionPane modality problems after making PolicyEditor itself modal * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: JOptionPane dialog parents set correctly to JDialog or JFrame rather than JPanel diffstat: ChangeLog | 9 +- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 147 ++++----- 2 files changed, 79 insertions(+), 77 deletions(-) diffs (285 lines): diff -r 01a37b9ad8cb -r f975d5db4fbd ChangeLog --- a/ChangeLog Wed Mar 26 18:50:35 2014 +0100 +++ b/ChangeLog Wed Mar 26 13:56:55 2014 -0400 @@ -1,3 +1,10 @@ +2014-03-26 Andrew Azores + + Fix JOptionPane modality problems after making PolicyEditor itself modal + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + JOptionPane dialog parents set correctly to JDialog or JFrame rather than + JPanel + 2014-03-26 Jiri Vanek * netx/net/sourceforge/jnlp/resources/Messages.propertie: new keys (STOAsignedMsgFully) @@ -9,7 +16,7 @@ Added possibility to group permissions in PolicyEditor * netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names - * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java : (setLayout) + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (setLayout) added grouping panels and checkboxes. (JcheckBoxWithGroup) New inner class to work with groups. netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: diff -r 01a37b9ad8cb -r f975d5db4fbd netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 18:50:35 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 13:56:55 2014 -0400 @@ -36,11 +36,11 @@ package net.sourceforge.jnlp.security.policyeditor; +import static net.sourceforge.jnlp.runtime.Translator.R; + import java.awt.Color; import java.awt.Container; import java.awt.Dialog.ModalityType; -import static net.sourceforge.jnlp.runtime.Translator.R; - import java.awt.GridBagConstraints; import java.awt.GridBagLayout; import java.awt.Window; @@ -101,8 +101,8 @@ import javax.swing.border.LineBorder; import javax.swing.event.ListSelectionEvent; import javax.swing.event.ListSelectionListener; + import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.Group; - import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.FileUtils.OpenFileResult; import net.sourceforge.jnlp.util.MD5SumWatcher; @@ -178,8 +178,9 @@ private final WeakReference weakThis = new WeakReference(this); private MD5SumWatcher fileWatcher; - private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction, + private final ActionListener okButtonAction, addCodebaseButtonAction, removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction; + private ActionListener closeButtonAction; private static class JCheckBoxWithGroup extends JCheckBox { @@ -260,15 +261,6 @@ okButton.setText(R("ButApply")); okButton.addActionListener(okButtonAction); - closeButtonAction = new ActionListener() { - @Override - public void actionPerformed(final ActionEvent event) { - quit(); - } - }; - closeButton.setText(R("ButClose")); - closeButton.addActionListener(closeButtonAction); - addCodebaseButtonAction = new ActionListener() { @Override public void actionPerformed(final ActionEvent e) { @@ -364,7 +356,6 @@ w.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); w.setJMenuBar(createMenuBar(w.asWindow(), w.getPolicyEditor())); setupPolicyEditorWindow(w.asWindow(), w.getPolicyEditor()); - } private static void setupPolicyEditorWindow(final Window window, final PolicyEditor editor) { @@ -375,17 +366,44 @@ window.addWindowListener(new WindowAdapter() { @Override public void windowClosing(final WindowEvent e) { - editor.quit(); + ((PolicyEditorWindow) window).quit(); window.dispose(); } }); - editor.closeButton.addActionListener(new ActionListener() { + editor.closeButtonAction = new ActionListener() { + @Override + public void actionPerformed(final ActionEvent event) { + ((PolicyEditorWindow) window).quit(); + } + }; + editor.closeButton.setText(R("ButClose")); + editor.closeButton.addActionListener(editor.closeButtonAction); + + + final Action saveAct = new AbstractAction() { @Override public void actionPerformed(final ActionEvent e) { - window.dispose(); + editor.savePolicyFile(); } - }); + }; + editor.setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, saveAct, "OkButtonAccelerator"); + + final Action quitAct = new AbstractAction() { + @Override + public void actionPerformed(final ActionEvent e) { + ((PolicyEditorWindow) window).quit(); + } + }; + editor.setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, quitAct, "CancelButtonAccelerator"); + + final Action escAct = new AbstractAction() { + @Override + public void actionPerformed(final ActionEvent e) { + ((PolicyEditorWindow) window).quit(); + } + }; + editor.setAccelerator(KeyEvent.VK_ESCAPE, ActionEvent.ALT_MASK, escAct, "ExitOnEscape"); } public static interface PolicyEditorWindow { @@ -403,6 +421,8 @@ public Window asWindow(); public void setModalityType(ModalityType modalityType); + + public void quit(); } private static class PolicyEditorFrame extends JFrame implements PolicyEditorWindow { @@ -448,6 +468,22 @@ public void setModalityType(ModalityType type) { //no op for frame } + + @Override + public void quit() { + if (editor.changesMade) { + final int save = JOptionPane.showConfirmDialog(this, R("PESaveChanges")); + if (save == JOptionPane.YES_OPTION) { + editor.savePolicyFile(); + } else if (save == JOptionPane.CANCEL_OPTION) { + return; + } + } + editor.weakThis.clear(); + editor.setClosed(); + dispose(); + } + } public static PolicyEditorWindow getPolicyEditorFrame(final String filepath) { @@ -497,6 +533,21 @@ public void setModalityType(ModalityType type) { super.setModalityType(type); } + + @Override + public void quit() { + if (editor.changesMade) { + final int save = JOptionPane.showConfirmDialog(this, R("PESaveChanges")); + if (save == JOptionPane.YES_OPTION) { + editor.savePolicyFile(); + } else if (save == JOptionPane.CANCEL_OPTION) { + return; + } + } + editor.weakThis.clear(); + editor.setClosed(); + dispose(); + } } public static PolicyEditorWindow getPolicyEditorDialog(final String filepath) { @@ -527,11 +578,8 @@ * Set keyboard accelerators for each major function in the editor */ private void setAccelerators() { - setEscapeExit(); setAddCodebaseAccelerator(); setRemoveCodebaseAccelerator(); - setOkAccelerator(); - setCancelAccelerator(); } /** @@ -568,19 +616,6 @@ } /** - * Quit the editor when the Escape key is pressed - */ - private void setEscapeExit() { - final Action act = new AbstractAction() { - @Override - public void actionPerformed(final ActionEvent e) { - quit(); - } - }; - setAccelerator(KeyEvent.VK_ESCAPE, ActionEvent.ALT_MASK, act, "ExitOnEscape"); - } - - /** * Add an accelerator for adding new codebases */ private void setAddCodebaseAccelerator() { @@ -607,48 +642,6 @@ } /** - * Add an accelerator for applying changes (saving file) - */ - private void setOkAccelerator() { - final Action act = new AbstractAction() { - @Override - public void actionPerformed(final ActionEvent e) { - savePolicyFile(); - } - }; - setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, act, "OkButtonAccelerator"); - } - - /** - * Add an accelerator for quitting - */ - private void setCancelAccelerator() { - final Action act = new AbstractAction() { - @Override - public void actionPerformed(final ActionEvent e) { - quit(); - } - }; - setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator"); - } - - /** - * Quit, prompting the user first if there are unsaved changes - */ - public void quit() { - if (changesMade) { - final int save = JOptionPane.showConfirmDialog(weakThis.get(), R("PESaveChanges")); - if (save == JOptionPane.YES_OPTION) { - savePolicyFile(); - } else if (save == JOptionPane.CANCEL_OPTION) { - return; - } - } - weakThis.clear(); - setClosed(); - } - - /** * Add a new codebase to the editor's model. If the codebase is not a valid URL, * the codebase is not added. * @param codebase to be added @@ -923,6 +916,7 @@ final GridBagConstraints checkboxConstraints = new GridBagConstraints(); checkboxConstraints.anchor = GridBagConstraints.LINE_START; + checkboxConstraints.fill = GridBagConstraints.HORIZONTAL; checkboxConstraints.weightx = 0; checkboxConstraints.weighty = 0; checkboxConstraints.gridx = 2; @@ -1073,6 +1067,7 @@ removeCodebaseButtonConstraints.gridx = addCodebaseButtonConstraints.gridx + 1; removeCodebaseButtonConstraints.gridy = addCodebaseButtonConstraints.gridy; setComponentMnemonic(removeCodebaseButton, R("PERemoveCodebaseMnemonic")); + removeCodebaseButton.setPreferredSize(addCodebaseButton.getPreferredSize()); add(removeCodebaseButton, removeCodebaseButtonConstraints); final GridBagConstraints okButtonConstraints = new GridBagConstraints(); From aazores at redhat.com Wed Mar 26 20:41:29 2014 From: aazores at redhat.com (Andrew Azores) Date: Wed, 26 Mar 2014 16:41:29 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53330BDB.2010104@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> <5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com> Message-ID: <53333B79.7010507@redhat.com> On 03/26/2014 01:18 PM, Jiri Vanek wrote: > On 03/25/2014 08:28 PM, Andrew Azores wrote: >> On 03/25/2014 03:13 PM, Jiri Vanek wrote: >>> On 03/25/2014 06:34 PM, Andrew Azores wrote: >>>> On 03/25/2014 05:40 AM, Jiri Vanek wrote: >>>>> Generally ok, except one important nit: >>>>> >>>>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec")); >>>>> + noCmdExec.addActionListener(new TemporaryPermissionsListener( >>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>>>> + Permissions.NETWORK_ACCESS)); >>>>> + policyMenu.add(noCmdExec); >>>>> >>>>> And similar: >>>>> are - duplicated. >>>>> >>>>> >>>>> You can push, as similar evil is already done. >>>>> >>>>> However refactoring, asn asap changeset is needed. >>>>> >>>>> the ||| advanced settings button will be encapsulated, so non of >>>>> its code is duplicated. >>>>> You can have your own "extends jbutton" hwhich will do all this >>>>> logic. And you add jsut >>>>> insntance of this button to the panes. >>>>> >>>>> Also all the : >>>>> new TemporaryPermissionsListener( >>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES, >>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES, >>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES, >>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, >>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION, >>>>> + Permissions.NETWORK_ACCESS)); >>>>> + policyMenu.add(noCmdExec); >>>>> >>>>> should be encapsualted. Those permissionListeners may be stored in >>>>> some static class as static >>>>> constantsand just used as singletons. or not? >>>>> If not then they can be provided by some factory methods. But not >>>>> spred in gui code like this. >>>>> >>>>> Yes, just code celaning, but how it is now, i do not look nicely. >>>>> >>>>> Sorry for troubles:( >>>>> J. >>>>> >>>> >>>> You're right, it was getting very messy, and the code for the >>>> button/menu stuff definitely should >>>> have been shared. >>>> >>>> So now, behold the monster you've asked for... ! :D >>>> >>>> 1) Button is pulled out into its own class and used in the two dialogs >>>> 2) Popup menu is actually even simpler to make appear now (less >>>> futzing with position on screen) >>>> 3) !! PolicyEditorPermissions are reused. It's some slightly scary >>>> reflection with a bit of regex >>>> sprinkled in, but it works perfect. >>>> 3b) Some of the temp permissions have been removed because >>>> PolicyEditorPermissions don't yet have >>>> the right counterparts. But there's another patch I sent earlier >>>> that adds all of those >>>> permissions as well, so then they can be added in quite quickly >>>> here after >>>> 4) Temp permission types and menu entries are much much cleaner to >>>> define >>>> >>> >>> >>> hmhmhm - just see: >>> +STempSoundOnly=Play audio >>> it is same issue as in case of reflection. it should probably allow >>> both recording and playing. >>> UTwo permissions under one checkbox. >> >> Really? I can imagine many scenarios where a user is comfortable with >> an applet playing sound back >> but not recording it. Reflection makes sense to group together but I >> think audio should be separate. >> >>> >>> - maybe as tmp hack can serve some better grouping of checkboxes, >>> with one main - whcih will >>> select/unselect all underlying. By this you will have your >>> one-permission-per-checkbox - and user >>> will not be bored by to much on-first-glance-visible permissions. >>> Maybe I can do thsis tomorrow? I >>> wil enjoy it :) >> >> Go ahead. >> >>> >>> >>> + public static Permission getPermission(final >>> PolicyEditorPermissions editorPermission) { >>> >>> arrgh thats monster..... Why reflection!!?!??! No way!!! it is our >>> class. Please do something >>> public or whatever... >>> >>> >>> >>> Otherwise it is not os monsterous :) >> >> Well, I had to decide if I wanted to extend PolicyEditorPermissions >> with some way to convert into >> Permissions, or to just add this translation layer separately. I >> liked the new layer better, since >> PolicyEditorPermissions was really just intended for use within >> PolicyEditor, and in there we don't >> need this kind of logic. So from outside of the model itself, >> reflection was actually not a bad way >> to handle acquiring the correct kind of Permission subclass from the >> model - the alternative would >> have been a switch or long if/else chain, which would have then meant >> that any new PermissionTypes >> would have also needed an update to the TemporaryPermissions >> converter. Using reflection like this >> means that it never has to be updated if the PermissionTypes change. >> I don't think this is even that >> bad of a use of reflection - I don't think it's too hard to read, and >> it's not being used somewhere >> performance critical or where it will be called very frequently. >> >> The other good option I've thought of is to add the Permission >> conversion logic to the >> PolicyEditorPermissions model, and move/rename this model so it's >> more suitable as something shared >> between PolicyEditor and these dialogs. The PolicyEditorPermissions >> could be constructed with a >> Class reference, eg RuntimePermission.class, and have a Permission >> field that is then populated by >> the constructor doing a bit less reflection. This eliminates the need >> for the Class.forName call, >> but makes the PolicyEditorPermission model more complicated in a way >> that I don't think it really >> needs to be. >> > > hmm All three ways looks bad:( Both reflection and "any new > PermissionTypes would have " is very wrong. > > > No advice here :( Sorry. But I belive you will figure it out O:) > As you said you preferred on IRC, here's the way where each temporary permission is just newly defined, rather than being directly converted from PolicyEditorPermissions. I do reuse what I can from them, just to eliminate as much extra hardcoding of Strings as possible, but the new Permissions are all defined manually. It took a while to figure out a way to make this look clean and be easy to extend in the future, as well as to be able to nicely define permissions as reductions from the All Permissions set, but I think I've managed it. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: temporary-permissions-3.patch Type: text/x-patch Size: 42991 bytes Desc: not available URL: From gnu.andrew at redhat.com Wed Mar 26 20:51:45 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Wed, 26 Mar 2014 16:51:45 -0400 (EDT) Subject: Bug in fonts of OpenJDK In-Reply-To: References: Message-ID: <210514705.1213497.1395867105303.JavaMail.zimbra@redhat.com> ----- Original Message ----- > I have tested the OpenJDK in the OpenSUSE distribution and the Windows and > Linux builds at > http://www.azulsystems.com/products/zulu > All have the same bug, which Oracle JDK > http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html > don't have. > > If you start SwingSet2.jar and naviagte to a "Source Code"-tab, then the > sourcecode is formatted. > But on Oracles Java, words like "import", "public", "int", etc. are bold. On > OpenJDK they are not. > But the other words, which are colored, are on Oracles JDK and OpenJDK same > colored. > > Greatings > theuserbl Which versions? -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From andrew at icedtea.classpath.org Wed Mar 26 22:23:43 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Wed, 26 Mar 2014 22:23:43 +0000 Subject: /hg/release/icedtea7-2.4: PR1713: Support AArch64 Port Message-ID: changeset b9722cf65cbe in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=b9722cf65cbe author: Andrew John Hughes date: Wed Mar 26 20:58:00 2014 +0000 PR1713: Support AArch64 Port 2014-03-26 Andrew John Hughes * Makefile.am: (JDK_CHANGESET): Bring in PR1713. (JDK_SHA256SUM): Likewise. * NEWS: List PR1713 and enablement of ARM32 JIT. Add AArch64 section and rename 'ARM port' section as 'ARM32 port'. diffstat: ChangeLog | 10 ++++++++++ Makefile.am | 4 ++-- NEWS | 5 ++++- 3 files changed, 16 insertions(+), 3 deletions(-) diffs (59 lines): diff -r ec74d72298dd -r b9722cf65cbe ChangeLog --- a/ChangeLog Fri Mar 21 17:50:28 2014 +0000 +++ b/ChangeLog Wed Mar 26 20:58:00 2014 +0000 @@ -1,3 +1,13 @@ +2014-03-26 Andrew John Hughes + + * Makefile.am: + (JDK_CHANGESET): Bring in PR1713. + (JDK_SHA256SUM): Likewise. + * NEWS: + List PR1713 and enablement of ARM32 JIT. + Add AArch64 section and rename 'ARM port' section + as 'ARM32 port'. + 2014-03-21 Andrew John Hughes * acinclude.m4: diff -r ec74d72298dd -r b9722cf65cbe Makefile.am --- a/Makefile.am Fri Mar 21 17:50:28 2014 +0000 +++ b/Makefile.am Wed Mar 26 20:58:00 2014 +0000 @@ -7,14 +7,14 @@ CORBA_CHANGESET = 48ef1bb6d120 JAXP_CHANGESET = e0ba4b9a8b91 JAXWS_CHANGESET = 4bd947cd146b -JDK_CHANGESET = f582aad1fce8 +JDK_CHANGESET = b5282042aae0 LANGTOOLS_CHANGESET = 06eeb77dac24 OPENJDK_CHANGESET = b028e58c1b77 CORBA_SHA256SUM = 2fcfe699797154da8b4ba5242e32468b2f3f42a0cb17039915bfb1f84887a5b6 JAXP_SHA256SUM = e7014057721b8392676bd24760c3f7b3dd40548abb3c8dfbe8df2fa04d7c1fca JAXWS_SHA256SUM = 17ed5278872ad0c9ec3a849caf1480e5942b714e35c9a4a949d09daac4b34c5a -JDK_SHA256SUM = 17410212d856da9f52f87a6289d3937d3748992855d53bb5e1496fe7879e27cd +JDK_SHA256SUM = ab9b0e973625604b12a2f027cb2a6f9bc5160ef7df55408da6ca8a9c3aaed2d5 LANGTOOLS_SHA256SUM = a67e62618c70ef9190b2aef2b49be9d79624be9363bda258828b17494e092477 OPENJDK_SHA256SUM = e6be030ac5934781d9682dc3108980fa7d2330c32da3cea4ae74df11fbaa92f2 diff -r ec74d72298dd -r b9722cf65cbe NEWS --- a/NEWS Fri Mar 21 17:50:28 2014 +0000 +++ b/NEWS Wed Mar 26 20:58:00 2014 +0000 @@ -25,7 +25,7 @@ - PR1684: Build fails with empty PAX_COMMAND - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - Link against $(LIBDL) if SYSTEM_CUPS is not true -* ARM port +* ARM32 port - Add arm_port from IcedTea 6 - Add patches/arm.patch from IcedTea 6 - Add patches/arm-debug.patch from IcedTea 6 @@ -63,6 +63,9 @@ - Include $(CFLAGS) in assembler stage - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. + - Turn ARM32 JIT on by default +* AArch64 port + - PR1713: Support AArch64 Port * Shark - Add Shark definitions from 8003868 - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp From bugzilla-daemon at icedtea.classpath.org Wed Mar 26 22:23:50 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Wed, 26 Mar 2014 22:23:50 +0000 Subject: [Bug 1713] [IcedTea7] Support AArch64 Port In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 --- Comment #3 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=b9722cf65cbe author: Andrew John Hughes date: Wed Mar 26 20:58:00 2014 +0000 PR1713: Support AArch64 Port 2014-03-26 Andrew John Hughes * Makefile.am: (JDK_CHANGESET): Bring in PR1713. (JDK_SHA256SUM): Likewise. * NEWS: List PR1713 and enablement of ARM32 JIT. Add AArch64 section and rename 'ARM port' section as 'ARM32 port'. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Thu Mar 27 03:52:08 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 27 Mar 2014 03:52:08 +0000 Subject: /hg/icedtea7: Perform configure checks using ecj.jar if native e... Message-ID: changeset bf2f5ea62322 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=bf2f5ea62322 author: Andrew John Hughes date: Thu Mar 27 03:50:20 2014 +0000 Perform configure checks using ecj.jar if native ecj is enabled. 2014-03-26 Andrew John Hughes Perform configure checks using ecj.jar if native ecj is enabled. * Makefile.am: (native-ecj): Link against gcj explicitly. * acinclude.m4: (IT_FIND_COMPILER): Run IT_WITH_GCJ and set JAVAC to an invocation of the ECJ_JAR if native ecj is used. Depend on IT_FIND_JAVA and IT_FIND_ECJ_JAR for this. (IT_FIND_ECJ_JAR): Define only once. (IT_WITH_GCJ): Likewise. (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. * configure.ac: Remove invocation of IT_WITH_GCJ. diffstat: ChangeLog | 16 ++++++++++++++++ Makefile.am | 2 +- acinclude.m4 | 13 +++++++++++-- configure.ac | 1 - 4 files changed, 28 insertions(+), 4 deletions(-) diffs (93 lines): diff -r 80573ab16562 -r bf2f5ea62322 ChangeLog --- a/ChangeLog Mon Mar 24 16:41:29 2014 -0400 +++ b/ChangeLog Thu Mar 27 03:50:20 2014 +0000 @@ -1,3 +1,19 @@ +2014-03-26 Andrew John Hughes + + Perform configure checks using ecj.jar + if native ecj is enabled. + * Makefile.am: + (native-ecj): Link against gcj explicitly. + * acinclude.m4: + (IT_FIND_COMPILER): Run IT_WITH_GCJ + and set JAVAC to an invocation of the ECJ_JAR + if native ecj is used. Depend on IT_FIND_JAVA + and IT_FIND_ECJ_JAR for this. + (IT_FIND_ECJ_JAR): Define only once. + (IT_WITH_GCJ): Likewise. + (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. + * configure.ac: Remove invocation of IT_WITH_GCJ. + 2014-03-24 Pavel Tisnovsky * contrib/jck/compile-native-code.sh: diff -r 80573ab16562 -r bf2f5ea62322 Makefile.am --- a/Makefile.am Mon Mar 24 16:41:29 2014 -0400 +++ b/Makefile.am Thu Mar 27 03:50:20 2014 +0000 @@ -1584,7 +1584,7 @@ mkdir -p stamps if BUILD_NATIVE_ECJ ${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \ - --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR} + --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR} endif touch $@ diff -r 80573ab16562 -r bf2f5ea62322 acinclude.m4 --- a/acinclude.m4 Mon Mar 24 16:41:29 2014 -0400 +++ b/acinclude.m4 Thu Mar 27 03:50:20 2014 +0000 @@ -126,9 +126,17 @@ AC_DEFUN([IT_FIND_COMPILER], [ + AC_REQUIRE([IT_FIND_JAVA]) + AC_REQUIRE([IT_FIND_ECJ_JAR]) + IT_FIND_JAVAC IT_FIND_ECJ IT_USING_ECJ + IT_WITH_GCJ + + if test x"${GCJ}" != xno ; then + JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" + fi AC_SUBST(ECJ) AC_SUBST(JAVAC) @@ -315,7 +323,7 @@ AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes") ]) -AC_DEFUN([IT_FIND_ECJ_JAR], +AC_DEFUN_ONCE([IT_FIND_ECJ_JAR], [ AC_MSG_CHECKING([for an ecj JAR file]) AC_ARG_WITH([ecj-jar], @@ -922,7 +930,7 @@ AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7") ]) -AC_DEFUN([IT_WITH_GCJ], +AC_DEFUN_ONCE([IT_WITH_GCJ], [ AC_MSG_CHECKING([whether to compile ecj natively]) AC_ARG_WITH([gcj], @@ -1774,6 +1782,7 @@ ]) AC_DEFUN([IT_DIAMOND_CHECK],[ + AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK]) AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [ CLASS=Test.java BYTECODE=$(echo $CLASS|sed 's#\.java##') diff -r 80573ab16562 -r bf2f5ea62322 configure.ac --- a/configure.ac Mon Mar 24 16:41:29 2014 -0400 +++ b/configure.ac Thu Mar 27 03:50:20 2014 +0000 @@ -43,7 +43,6 @@ IT_CHECK_FOR_MERCURIAL IT_OBTAIN_HG_REVISIONS AC_PATH_TOOL([LSB_RELEASE],[lsb_release]) -IT_WITH_GCJ IT_WITH_HOTSPOT_BUILD AC_PATH_TOOL([LINUX32],[linux32]) IT_CHECK_GCC_VERSION From ptisnovs at icedtea.classpath.org Thu Mar 27 08:54:18 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 27 Mar 2014 08:54:18 +0000 Subject: /hg/gfx-test: Ten new tests added into BitBltAffineQuadrantRotat... Message-ID: changeset 3ab1971d3e7c in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3ab1971d3e7c author: Pavel Tisnovsky date: Thu Mar 27 09:54:59 2014 +0100 Ten new tests added into BitBltAffineQuadrantRotateTransformOp. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java | 140 ++++++++++ 2 files changed, 145 insertions(+), 0 deletions(-) diffs (162 lines): diff -r 638107db910c -r 3ab1971d3e7c ChangeLog --- a/ChangeLog Wed Mar 26 12:21:48 2014 +0100 +++ b/ChangeLog Thu Mar 27 09:54:59 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-27 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: + Ten new tests added into BitBltAffineQuadrantRotateTransformOp. + 2014-03-26 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: diff -r 638107db910c -r 3ab1971d3e7c src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java --- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Wed Mar 26 12:21:48 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java Thu Mar 27 09:54:59 2014 +0100 @@ -1033,6 +1033,146 @@ } /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[4]); + } + + /** + Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[5]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[0]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[1]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[2]); + } + + /** + * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d) + { + return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[3]); + } + + /** * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR. * * @param image From ptisnovs at icedtea.classpath.org Thu Mar 27 09:01:39 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Thu, 27 Mar 2014 09:01:39 +0000 Subject: /hg/rhino-tests: Added new tests testGetResourceAsStreamPositiov... Message-ID: changeset 2b9db1e50f41 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=2b9db1e50f41 author: Pavel Tisnovsky date: Thu Mar 27 10:02:20 2014 +0100 Added new tests testGetResourceAsStreamPositioveTest into ScriptEngineClassTest. diffstat: ChangeLog | 6 ++ src/org/RhinoTests/ScriptEngineClassTest.java | 61 +++++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 0 deletions(-) diffs (84 lines): diff -r d9b4a5a38938 -r 2b9db1e50f41 ChangeLog --- a/ChangeLog Wed Mar 26 12:25:39 2014 +0100 +++ b/ChangeLog Thu Mar 27 10:02:20 2014 +0100 @@ -1,3 +1,9 @@ +2014-03-27 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineClassTest.java: + Added new tests testGetResourceAsStreamPositioveTest + into ScriptEngineClassTest. + 2014-03-26 Pavel Tisnovsky * src/org/RhinoTests/ScriptContextClassTest.java: diff -r d9b4a5a38938 -r 2b9db1e50f41 src/org/RhinoTests/ScriptEngineClassTest.java --- a/src/org/RhinoTests/ScriptEngineClassTest.java Wed Mar 26 12:25:39 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineClassTest.java Thu Mar 27 10:02:20 2014 +0100 @@ -2048,6 +2048,67 @@ } /** + * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNegativeTest() + */ + protected void testGetResourceAsStreamNegativeTest() { + Object stream = null; + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/Constants.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null"); + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class"); + assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null"); + } + + /** * Test for instanceof operator applied to a class javax.script.ScriptEngine */ @SuppressWarnings("cast") From jvanek at icedtea.classpath.org Thu Mar 27 13:09:25 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Thu, 27 Mar 2014 13:09:25 +0000 Subject: /hg/icedtea-web: Clenaup in PolicyEditor tests and MVC Message-ID: changeset b4631fce293a in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=b4631fce293a author: Jiri Vanek date: Thu Mar 27 14:08:54 2014 +0100 Clenaup in PolicyEditor tests and MVC diffstat: ChangeLog | 10 +++ netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 29 ++++++++- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java | 2 - tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java | 3 +- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java | 1 - tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java | 1 - tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java | 14 +--- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java | 6 +- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java | 6 +- tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java | 4 + 10 files changed, 47 insertions(+), 29 deletions(-) diffs (201 lines): diff -r f975d5db4fbd -r b4631fce293a ChangeLog --- a/ChangeLog Wed Mar 26 13:56:55 2014 -0400 +++ b/ChangeLog Thu Mar 27 14:08:54 2014 +0100 @@ -1,3 +1,13 @@ +2014-03-27 Jiri Vanek + + Clenaup in PolicyEditor tests and MVC + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: MVC + mixing method (updatecheckboxes) splited to invokelater and plain impls. + * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/* : removed + warnings and fixed wrong package declaration. + * tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java: when + filelaks are negative, take it as success. + 2014-03-26 Andrew Azores Fix JOptionPane modality problems after making PolicyEditor itself modal diff -r f975d5db4fbd -r b4631fce293a netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 13:56:55 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Thu Mar 27 14:08:54 2014 +0100 @@ -55,6 +55,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.lang.ref.WeakReference; +import java.lang.reflect.InvocationTargetException; import java.net.MalformedURLException; import java.net.URL; import java.nio.channels.FileLock; @@ -793,10 +794,31 @@ * @param codebase whose permissions to display */ private void updateCheckboxes(final String codebase) { - SwingUtilities.invokeLater(new Runnable() { + try { + if (SwingUtilities.isEventDispatchThread()){ + updateCheckboxesImpl(codebase); + } else { + updateCheckboxesInvokeAndWait(codebase); + } + } catch (InterruptedException ex) { + OutputController.getLogger().log(ex); + } catch (InvocationTargetException ex) { + OutputController.getLogger().log(ex); + } + } + + private void updateCheckboxesInvokeAndWait(final String codebase) throws InterruptedException, InvocationTargetException { + SwingUtilities.invokeAndWait(new Runnable() { @Override public void run() { - for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { + updateCheckboxesImpl(codebase); + } + }); + + } + + private void updateCheckboxesImpl(String codebase) { + for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) { final JCheckBox box = checkboxMap.get(perm); for (final ActionListener l : box.getActionListeners()) { box.removeActionListener(l); @@ -830,9 +852,6 @@ }); } } - }); - - } /** * Set a mnemonic key for a menu item or button diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -37,8 +37,6 @@ package net.sourceforge.jnlp.security.policyeditor; import static org.junit.Assert.assertTrue; -import net.sourceforge.jnlp.security.policyeditor.CustomPermission; - import org.junit.Test; public class CustomPermissionTest { diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -36,10 +36,9 @@ package net.sourceforge.jnlp.security.policyeditor; -import static org.junit.Assert.assertTrue; - import java.util.HashSet; import java.util.Set; +import static org.junit.Assert.assertTrue; import org.junit.Test; public class PermissionActionsTest { diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -37,7 +37,6 @@ package net.sourceforge.jnlp.security.policyeditor; import static org.junit.Assert.assertTrue; - import org.junit.Test; public class PermissionTargetTest { diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -37,7 +37,6 @@ package net.sourceforge.jnlp.security.policyeditor; import static org.junit.Assert.assertTrue; - import org.junit.Test; public class PermissionTypeTest { diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -33,18 +33,14 @@ obligated to do so. If you do not wish to do so, delete this exception statement from your version. */ +package net.sourceforge.jnlp.security.policyeditor; +import java.io.File; +import java.util.Map; +import net.sourceforge.jnlp.annotations.KnownToFail; +import net.sourceforge.jnlp.util.FileUtils; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; - -import java.io.File; -import java.io.FileInputStream; -import java.util.Map; -import net.sourceforge.jnlp.annotations.KnownToFail; -import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; -import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions; -import net.sourceforge.jnlp.util.FileUtils; -import org.junit.After; import org.junit.Before; import org.junit.Test; diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -36,13 +36,9 @@ package net.sourceforge.jnlp.security.policyeditor; +import java.util.regex.Pattern; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; - -import java.util.regex.Pattern; - -import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions; - import org.junit.Test; public class PolicyEditorPermissionsTest { diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java Thu Mar 27 14:08:54 2014 +0100 @@ -36,15 +36,13 @@ package net.sourceforge.jnlp.security.policyeditor; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - import java.io.File; import java.util.Collection; import java.util.HashSet; import java.util.Map; import java.util.Set; - +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; import org.junit.Before; import org.junit.Test; diff -r f975d5db4fbd -r b4631fce293a tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java --- a/tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java Wed Mar 26 13:56:55 2014 -0400 +++ b/tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java Thu Mar 27 14:08:54 2014 +0100 @@ -79,6 +79,10 @@ runnable.run(); Thread.sleep(10); long filesLeaked = getOpenFileDescriptorCount() - filesOpenBefore; + //how come? Appearently can... + if (filesLeaked<0){ + return; + } assertEquals(0, filesLeaked); } From aazores at redhat.com Thu Mar 27 14:22:18 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 27 Mar 2014 10:22:18 -0400 Subject: [rfc][icedtea-web][policyeditor] Checkbox and codebase list bug fixes Message-ID: <5334341A.9060005@redhat.com> Hi, This patch fixes two bugs: 1) checkboxes not displaying the correct permissions for the default selected codebase, when opening an existing non-empty policy file 2) opening a policy file multiple times leading to several of the same codebase entry in the list Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-checkboxes-fixes.patch Type: text/x-patch Size: 2640 bytes Desc: not available URL: From jvanek at redhat.com Thu Mar 27 14:37:08 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 27 Mar 2014 15:37:08 +0100 Subject: [rfc][icedtea-web][policyeditor] Checkbox and codebase list bug fixes In-Reply-To: <5334341A.9060005@redhat.com> References: <5334341A.9060005@redhat.com> Message-ID: <53343794.7000902@redhat.com> On 03/27/2014 03:22 PM, Andrew Azores wrote: > Hi, > > This patch fixes two bugs: > 1) checkboxes not displaying the correct permissions for the default selected codebase, when opening > an existing non-empty policy file > 2) opening a policy file multiple times leading to several of the same codebase entry in the list > > Thanks, > Looks ok. Please ensure it works with tmp permissions patchapplied, and donot break any unittests;) Once done, ok to push. From aazores at redhat.com Thu Mar 27 14:45:28 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 27 Mar 2014 10:45:28 -0400 Subject: [rfc][icedtea-web][policyeditor] Fix for NPE when trying to open a file Message-ID: <53343988.6000002@redhat.com> Hi, This workflow: 1) Open PolicyEditor with no filepath 2) Make changes 3) File>Open, without saving first 4) Select "Yes" to save changes Currently results in: 5) NPE due to the file field still being null. With this patch, it is the following: 5) File chooser appears for Save As action 6) Save file somewhere, or cancel 7) If file chooser was not cancelled, a new file chooser appears for the Open action. If it was cancelled, return back to the editor, with changes preserved but not saved to file Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: policyeditor-open-with-changes-npe.patch Type: text/x-patch Size: 1159 bytes Desc: not available URL: From jvanek at redhat.com Thu Mar 27 14:55:21 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 27 Mar 2014 15:55:21 +0100 Subject: [rfc][icedtea-web][policyeditor] Fix for NPE when trying to open a file In-Reply-To: <53343988.6000002@redhat.com> References: <53343988.6000002@redhat.com> Message-ID: <53343BD9.9090204@redhat.com> On 03/27/2014 03:45 PM, Andrew Azores wrote: > Hi, > > This workflow: > 1) Open PolicyEditor with no filepath > 2) Make changes > 3) File>Open, without saving first > 4) Select "Yes" to save changes > > Currently results in: > 5) NPE > > due to the file field still being null. With this patch, it is the following: > 5) File chooser appears for Save As action > 6) Save file somewhere, or cancel > 7) If file chooser was not cancelled, a new file chooser appears for the Open action. If it was > cancelled, return back to the editor, with changes preserved but not saved to file > > Thanks, > Same conditions as for " Checkbox and codebase list bug fixes" Then ok to push. From aazores at redhat.com Thu Mar 27 14:57:42 2014 From: aazores at redhat.com (Andrew Azores) Date: Thu, 27 Mar 2014 10:57:42 -0400 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <5334360A.4030608@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> <5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com> <53333B79.7010507@redhat.com> <5334360A.4030608@redhat.com> Message-ID: <53343C66.6080801@redhat.com> On 03/27/2014 10:30 AM, Jiri Vanek wrote: > ..snip... >>> >> >> As you said you preferred on IRC, here's the way where each temporary >> permission is just newly >> defined, rather than being directly converted from >> PolicyEditorPermissions. I do reuse what I can >> from them, just to eliminate as much extra hardcoding of Strings as >> possible, but the new >> Permissions are all defined manually. It took a while to figure out a >> way to make this look clean >> and be easy to extend in the future, as well as to be able to nicely >> define permissions as >> reductions from the All Permissions set, but I think I've managed it. >> > > I like this patch. > > one mayor nit - it broke 8 tests: > > FAILED: > testNormalPolicyWithMixedEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testNormalPolicyWithLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testCommentAfterPermission(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testPolicyWithCodebase(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > Passed: > net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest.testCommentedLine > FAILED: > testMultiplePermissions(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testNormalPolicy(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testNormalPolicyWithHeader(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES > FAILED: > testNormalPolicyWithCRLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) > Permissions should include READ_LOCAL_FILES Ahh good catch, thanks. I slightly changed the PermissionTarget for the user home directory and forgot to mirror this in the unit tests, that's all. > > ... >> + >> + private class PolicyEditorPopupListener implements MouseListener { >> + private final Component parent; >> + >> + public PolicyEditorPopupListener(final Component parent) { >> + this.parent = parent; >> + } >> + >> + @Override >> + public void mouseClicked(final MouseEvent e) { >> + menu.show(parent, e.getX(), e.getY()); >> + } >> + >> + @Override >> + public void mousePressed(final MouseEvent e) { >> + } >> + >> + @Override >> + public void mouseReleased(final MouseEvent e) { >> + } >> + >> + @Override >> + public void mouseEntered(final MouseEvent e) { >> + } >> + >> + @Override >> + public void mouseExited(final MouseEvent e) { >> + } >> + } > > > please use mouse adapter :)) > > > ... Learn something useful every day :) > >> @@ -53,6 +53,9 @@ public enum PolicyEditorPermissions { >> WRITE_LOCAL_FILES(R("PEWriteFiles"), R("PEWriteFilesDetail"), >> PermissionType.FILE_PERMISSION, >> PermissionTarget.USER_HOME, PermissionActions.WRITE), >> >> + DELETE_LOCAL_FILES(R("PEDeleteFiles"), R("PEDeleteFilesDetail"), >> + PermissionType.FILE_PERMISSION, >> PermissionTarget.USER_HOME, PermissionActions.DELETE), >> + >> READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"), >> PermissionType.PROPERTY_PERMISSION, >> PermissionTarget.ALL, PermissionActions.READ), >> >> @@ -71,6 +74,9 @@ public enum PolicyEditorPermissions { >> WRITE_TMP_FILES(R("PEWriteTempFiles"), >> R("PEWriteTempFilesDetail"), >> PermissionType.FILE_PERMISSION, >> PermissionTarget.TMPDIR, PermissionActions.WRITE), >> >> + DELETE_TMP_FILES(R("PEDeleteTempFiles"), >> R("PEDeleteTempFilesDetail"), >> + PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, >> PermissionActions.DELETE), >> + >> JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"), >> PermissionType.REFLECT_PERMISSION, >> PermissionTarget.REFLECT, PermissionActions.NONE), >> >> > Those should (if you wish) be gtrouped undeer write system group. Done. > > Final decissopn - minors are ok. Once fixed this can go in. > > > The unittets - please fixed. If fixes are minor, then push once > fixed.If they will grow, feel free to post another round. > > jsut double answer - the unittestsmust be fixed befor push :) > > J. Thanks, -- Andrew A From jvanek at redhat.com Thu Mar 27 14:30:34 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Thu, 27 Mar 2014 15:30:34 +0100 Subject: [rfc][icedtea-web] Temporary permissions In-Reply-To: <53333B79.7010507@redhat.com> References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com> <53307400.60801@redhat.com> <53314EFA.2060201@redhat.com> <5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com> <5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com> <53333B79.7010507@redhat.com> Message-ID: <5334360A.4030608@redhat.com> ..snip... >> > > As you said you preferred on IRC, here's the way where each temporary permission is just newly > defined, rather than being directly converted from PolicyEditorPermissions. I do reuse what I can > from them, just to eliminate as much extra hardcoding of Strings as possible, but the new > Permissions are all defined manually. It took a while to figure out a way to make this look clean > and be easy to extend in the future, as well as to be able to nicely define permissions as > reductions from the All Permissions set, but I think I've managed it. > I like this patch. one mayor nit - it broke 8 tests: FAILED: testNormalPolicyWithMixedEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testNormalPolicyWithLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testCommentAfterPermission(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testPolicyWithCodebase(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES Passed: net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest.testCommentedLine FAILED: testMultiplePermissions(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testNormalPolicy(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testNormalPolicyWithHeader(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES FAILED: testNormalPolicyWithCRLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) Permissions should include READ_LOCAL_FILES ... > + > + private class PolicyEditorPopupListener implements MouseListener { > + private final Component parent; > + > + public PolicyEditorPopupListener(final Component parent) { > + this.parent = parent; > + } > + > + @Override > + public void mouseClicked(final MouseEvent e) { > + menu.show(parent, e.getX(), e.getY()); > + } > + > + @Override > + public void mousePressed(final MouseEvent e) { > + } > + > + @Override > + public void mouseReleased(final MouseEvent e) { > + } > + > + @Override > + public void mouseEntered(final MouseEvent e) { > + } > + > + @Override > + public void mouseExited(final MouseEvent e) { > + } > + } please use mouse adapter :)) ... > @@ -53,6 +53,9 @@ public enum PolicyEditorPermissions { > WRITE_LOCAL_FILES(R("PEWriteFiles"), R("PEWriteFilesDetail"), > PermissionType.FILE_PERMISSION, PermissionTarget.USER_HOME, PermissionActions.WRITE), > > + DELETE_LOCAL_FILES(R("PEDeleteFiles"), R("PEDeleteFilesDetail"), > + PermissionType.FILE_PERMISSION, PermissionTarget.USER_HOME, PermissionActions.DELETE), > + > READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"), > PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.READ), > > @@ -71,6 +74,9 @@ public enum PolicyEditorPermissions { > WRITE_TMP_FILES(R("PEWriteTempFiles"), R("PEWriteTempFilesDetail"), > PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.WRITE), > > + DELETE_TMP_FILES(R("PEDeleteTempFiles"), R("PEDeleteTempFilesDetail"), > + PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.DELETE), > + > JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"), > PermissionType.REFLECT_PERMISSION, PermissionTarget.REFLECT, PermissionActions.NONE), > > Those should (if you wish) be gtrouped undeer write system group. Final decissopn - minors are ok. Once fixed this can go in. The unittets - please fixed. If fixes are minor, then push once fixed.If they will grow, feel free to post another round. jsut double answer - the unittestsmust be fixed befor push :) J. From aazores at icedtea.classpath.org Thu Mar 27 15:08:35 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 27 Mar 2014 15:08:35 +0000 Subject: /hg/icedtea-web: Applets can be granted temporary permissions fr... Message-ID: changeset ede0279b5c53 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ede0279b5c53 author: Andrew Azores date: Thu Mar 27 11:08:09 2014 -0400 Applets can be granted temporary permissions from security dialogs Applets can be temporarily granted permission levels above fully sandboxed but below all-permission * netx/net/sourceforge/jnlp/resources/Messages.properties: (STempPermNoFile, STempPermNoNetwork, STempPermNoExec, STempPermNoFileOrNetwork, STempPermNoExecOrNetwork, STempPermNoFileOrExec, STempPermNoFileOrNetworkOrExec, STempAllMedia, STempSoundOnly, STempClipboardOnly, STempPrintOnly, STempAllFileAndPropertyAccess, STempReadLocalFilesAndProperties, STempReflectionOnly): new messages * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (installPanel) pass SecurityDelegate to partially signed dialog * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showPartiallySignedWarningDialog) added SecutityDelegate param for message extras * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: (checkPartiallySignedWithUserIfRequired) added SecurityDelegate param * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (createPolicyPermissionsMenu, PolicyEditorLaunchListener, PolicyEditorPopupListener) removed in favour of TemporaryPermissionsButton * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: same * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: (partiallySigned) SecurityDelegate param * netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java: (DELETE, READLINK, FILE_ALL) new actions. (rawActions, rawString) can retrieve raw String representation of the action * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: (USER_HOME, TMPDIR) grant permissions to entire directory, not only children * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: (DELETE_LOCAL_FILES, DELETE_TMP_FILES) new permissions. (Group.WriteFileSystem) added DELETE* permissions * nests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: update for change in PermissionTarget * netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java: new class * netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java: new class diffstat: ChangeLog | 40 + netx/net/sourceforge/jnlp/resources/Messages.properties | 18 + netx/net/sourceforge/jnlp/security/SecurityDialog.java | 2 +- netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 4 +- netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java | 2 +- netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 74 +--- netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java | 204 ++++++++++ netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java | 191 +++++++++ netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java | 7 +- netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java | 123 ++---- netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java | 9 + netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java | 4 +- netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java | 24 +- tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java | 4 +- 14 files changed, 530 insertions(+), 176 deletions(-) diffs (truncated from 1021 to 500 lines): diff -r b4631fce293a -r ede0279b5c53 ChangeLog --- a/ChangeLog Thu Mar 27 14:08:54 2014 +0100 +++ b/ChangeLog Thu Mar 27 11:08:09 2014 -0400 @@ -1,3 +1,43 @@ +2014-03-27 Andrew Azores + + Applets can be temporarily granted permission levels above fully sandboxed + but below all-permission + * netx/net/sourceforge/jnlp/resources/Messages.properties: + (STempPermNoFile, STempPermNoNetwork, STempPermNoExec, + STempPermNoFileOrNetwork, STempPermNoExecOrNetwork, STempPermNoFileOrExec, + STempPermNoFileOrNetworkOrExec, STempAllMedia, STempSoundOnly, + STempClipboardOnly, STempPrintOnly, STempAllFileAndPropertyAccess, + STempReadLocalFilesAndProperties, STempReflectionOnly): new messages + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (installPanel) + pass SecurityDelegate to partially signed dialog + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: + (showPartiallySignedWarningDialog) added SecutityDelegate param for + message extras + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: + (checkPartiallySignedWithUserIfRequired) added SecurityDelegate param + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: + (createPolicyPermissionsMenu, PolicyEditorLaunchListener, + PolicyEditorPopupListener) removed in favour of TemporaryPermissionsButton + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java: + same + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: + (partiallySigned) SecurityDelegate param + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java: + (DELETE, READLINK, FILE_ALL) new actions. (rawActions, rawString) can + retrieve raw String representation of the action + * netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java: + (USER_HOME, TMPDIR) grant permissions to entire directory, not only + children + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: + (DELETE_LOCAL_FILES, DELETE_TMP_FILES) new permissions. + (Group.WriteFileSystem) added DELETE* permissions + * nests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: + update for change in PermissionTarget + * netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java: + new class + * netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java: + new class + 2014-03-27 Jiri Vanek Clenaup in PolicyEditor tests and MVC diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 27 14:08:54 2014 +0100 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Mar 27 11:08:09 2014 -0400 @@ -305,6 +305,20 @@ STOAsignedMsgFully = The applet is fully signed STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed STOAsignedMsgPartiall = The applet is not fully signed +STempPermNoFile=No file access +STempPermNoNetwork=No network access +STempPermNoExec=No command execution +STempNoFileOrNetwork=No file or network access +STempNoExecOrNetwork=No command execution or network access +STempNoFileOrExec=No file access or command execution +STempNoFileOrNetworkOrExec=No file access, network access, or command execution +STempAllMedia=All media +STempSoundOnly=Play audio +STempClipboardOnly=Access clipboard +STempPrintOnly=Print documents +STempAllFileAndPropertyAccess=All file and properties access +STempReadLocalFilesAndProperties=Read-only local files and properties +STempReflectionOnly=Java Reflection only # Security - used for the More Information dialog SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. @@ -501,6 +515,8 @@ PEReadFilesDetail=Allow applets to read from files in your home directory PEWriteFiles=Write to local files PEWriteFilesDetail=Allow applets to write to files in your home directory +PEDeleteFiles=Delete local files +PEDeleteFilesDetail=Allow applets to delete files in your home directory PEReadSystemFiles=Read all system files PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer PEWriteSystemFiles=Write all system files @@ -509,6 +525,8 @@ PEReadTempFilesDetail=Allow applets to read from your temporary files directory PEWriteTempFiles=Write to temp files PEWriteTempFilesDetail=Allow applets to write to your temporary files directory +PEDeleteTempFiles=Delete temp files +PEDeleteTempFilesDetail=Allow applets to delete files in your temporary files directory PEAWTPermission=Window System Access PEAWTPermissionDetail=Allow applets all AWT windowing system access PEClipboard=Access clipboard diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Thu Mar 27 14:08:54 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Thu Mar 27 11:08:09 2014 -0400 @@ -315,7 +315,7 @@ else if (dialogType == DialogType.APPLET_WARNING) panel = new AppletWarningPane(this, this.certVerifier); else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING) - panel = AppTrustWarningDialog.partiallySigned(this, file); + panel = AppTrustWarningDialog.partiallySigned(this, file, (SecurityDelegate) extras[0]); else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above panel = AppTrustWarningDialog.unsigned(this, file); else if (dialogType == DialogType.AUTHENTICATION) diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Mar 27 14:08:54 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Mar 27 11:08:09 2014 -0400 @@ -221,13 +221,15 @@ * * @return true if permission was granted by the user, false otherwise. */ - public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier) { + public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier, + SecurityDelegate securityDelegate) { final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.PARTIALLYSIGNED_WARNING; message.accessType = AccessType.PARTIALLYSIGNED; message.file = file; message.certVerifier = certVerifier; + message.extras = new Object[] { securityDelegate }; return (AppSigningWarningAction) getUserResponse(message); } diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java --- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Thu Mar 27 14:08:54 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Thu Mar 27 11:08:09 2014 -0400 @@ -239,7 +239,7 @@ appletOK = false; } else { // No remembered decision, prompt the user - AppSigningWarningAction warningResponse = SecurityDialogs.showPartiallySignedWarningDialog(file, certVerifier); + AppSigningWarningAction warningResponse = SecurityDialogs.showPartiallySignedWarningDialog(file, certVerifier, securityDelegate); ExecuteAppletAction executeAction = warningResponse.getAction(); if (executeAction == ExecuteAppletAction.SANDBOX) { diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java --- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Thu Mar 27 14:08:54 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Thu Mar 27 11:08:09 2014 -0400 @@ -41,20 +41,15 @@ import java.awt.BorderLayout; import java.awt.Color; -import java.awt.Dialog.ModalityType; import java.awt.Dimension; import java.awt.FlowLayout; import java.awt.Font; import java.awt.GridLayout; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; -import java.awt.event.MouseEvent; -import java.awt.event.MouseListener; import java.io.File; import java.io.FileOutputStream; import java.io.OutputStream; -import java.net.MalformedURLException; -import java.net.URL; import java.security.KeyStore; import java.security.cert.Certificate; import java.security.cert.X509Certificate; @@ -65,16 +60,13 @@ import javax.swing.JButton; import javax.swing.JCheckBox; import javax.swing.JLabel; -import javax.swing.JMenuItem; import javax.swing.JPanel; import javax.swing.JPopupMenu; import javax.swing.SwingConstants; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; -import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.CertVerifier; import net.sourceforge.jnlp.security.CertificateUtils; import net.sourceforge.jnlp.security.HttpsCertVerifier; @@ -84,7 +76,6 @@ import net.sourceforge.jnlp.security.SecurityDialog; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityUtil; -import net.sourceforge.jnlp.security.policyeditor.PolicyEditor; import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.logging.OutputController; @@ -225,8 +216,6 @@ } private void addButtons() { - createPolicyPermissionsMenu(); - alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher")); alwaysTrust.setEnabled(true); alwaysTrust.setSelected(alwaysTrustSelected); @@ -246,7 +235,7 @@ buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); run = new JButton(R("ButRun")); sandbox = new JButton(R("ButSandbox")); - advancedOptions = new JButton("\u2630"); // "hamburger" navicon + advancedOptions = new TemporaryPermissionsButton(file, securityDelegate, sandbox); cancel = new JButton(R("ButCancel")); run.setToolTipText(R("CertWarnRunTip")); @@ -273,8 +262,6 @@ sandbox.addActionListener(createSetValueListener(parent, 1)); - advancedOptions.addMouseListener(new PolicyEditorPopupListener()); - cancel.addActionListener(createSetValueListener(parent, 2)); initialFocusComponent = cancel; @@ -310,65 +297,6 @@ add(bottomPanel); } - private void createPolicyPermissionsMenu() { - policyMenu = new JPopupMenu(); - - JMenuItem launchPolicyEditor = new JMenuItem(R("CertWarnPolicyEditorItem")); - launchPolicyEditor.addActionListener(new PolicyEditorLaunchListener()); - - policyMenu.add(launchPolicyEditor); - policyMenu.setSize(policyMenu.getMinimumSize()); - policyMenu.setVisible(false); - } - - private class PolicyEditorLaunchListener implements ActionListener { - @Override - public void actionPerformed(final ActionEvent e) { - final String rawFilepath = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_SECURITY_POLICY); - String filepath; - try { - filepath = new URL(rawFilepath).getPath(); - } catch (final MalformedURLException mfue) { - filepath = null; - } - - if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) { - policyEditor = PolicyEditor.getPolicyEditorDialog(filepath); - } else { - policyEditor.asWindow().toFront(); - policyEditor.asWindow().repaint(); - } - policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL); - policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString()); - policyEditor.asWindow().setVisible(true); - policyMenu.setVisible(false); - } - } - - private class PolicyEditorPopupListener implements MouseListener { - @Override - public void mouseClicked(final MouseEvent e) { - policyMenu.setLocation(e.getLocationOnScreen()); - policyMenu.setVisible(!policyMenu.isVisible()); - } - - @Override - public void mousePressed(final MouseEvent e) { - } - - @Override - public void mouseReleased(final MouseEvent e) { - } - - @Override - public void mouseEntered(final MouseEvent e) { - } - - @Override - public void mouseExited(final MouseEvent e) { - } - } - private class MoreInfoButtonListener implements ActionListener { @Override public void actionPerformed(ActionEvent e) { diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java Thu Mar 27 11:08:09 2014 -0400 @@ -0,0 +1,204 @@ +/* Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.AWTPermission; +import java.io.FilePermission; +import java.lang.reflect.ReflectPermission; +import java.net.SocketPermission; +import java.security.Permission; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashSet; +import java.util.PropertyPermission; + +import javax.sound.sampled.AudioPermission; + +import static net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.*; + +public class TemporaryPermissions { + + // We can't use the PolicyEditorPermissions versions of these, because they rely on System Property expansion, which is perfomed + // by the policy parser, but not by the Permissions constructors. + private static final String USER_HOME = System.getProperty("user.home"); + private static final String TMPDIR = System.getProperty("java.io.tmpdir"); + + public static final FilePermission READ_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, READ_LOCAL_FILES.getActions().rawString()); + public static final FilePermission WRITE_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, WRITE_LOCAL_FILES.getActions().rawString()); + public static final FilePermission DELETE_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, DELETE_LOCAL_FILES.getActions().rawString()); + public static final FilePermission READ_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, READ_TMP_FILES.getActions().rawString()); + public static final FilePermission WRITE_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, WRITE_TMP_FILES.getActions().rawString()); + public static final FilePermission DELETE_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, DELETE_TMP_FILES.getActions().rawString()); + public static final FilePermission READ_SYSTEM_FILES_PERMISSION = new FilePermission(READ_SYSTEM_FILES.getTarget().target, READ_SYSTEM_FILES.getActions() + .rawString()); + public static final FilePermission WRITE_SYSTEM_FILES_PERMISSION = new FilePermission(WRITE_SYSTEM_FILES.getTarget().target, WRITE_SYSTEM_FILES + .getActions().rawString()); + + public static final PropertyPermission READ_PROPERTIES_PERMISSION = new PropertyPermission(READ_PROPERTIES.getTarget().target, READ_PROPERTIES.getActions() + .rawString()); + public static final PropertyPermission WRITE_PROPERTIES_PERMISSION = new PropertyPermission(WRITE_PROPERTIES.getTarget().target, WRITE_PROPERTIES + .getActions().rawString()); + + public static final FilePermission EXEC_PERMISSION = new FilePermission(EXEC_COMMANDS.getTarget().target, EXEC_COMMANDS.getActions().rawString()); + public static final RuntimePermission GETENV_PERMISSION = new RuntimePermission(GET_ENV.getTarget().target); + + public static final SocketPermission NETWORK_PERMISSION = new SocketPermission(NETWORK.getTarget().target, NETWORK.getActions().rawString()); + + public static final ReflectPermission REFLECTION_PERMISSION = new ReflectPermission(JAVA_REFLECTION.getTarget().target); + public static final RuntimePermission CLASSLOADER_PERMISSION = new RuntimePermission(GET_CLASSLOADER.getTarget().target); + public static final RuntimePermission ACCESS_CLASS_IN_PACKAGE_PERMISSION = new RuntimePermission(ACCESS_CLASS_IN_PACKAGE.getTarget().target); + public static final RuntimePermission ACCESS_DECLARED_MEMBERS_PERMISSION = new RuntimePermission(ACCESS_DECLARED_MEMBERS.getTarget().target); + + public static final AWTPermission AWT_PERMISSION = new AWTPermission(ALL_AWT.getTarget().target); + public static final AudioPermission PLAY_AUDIO_PERMISSION = new AudioPermission(PLAY_AUDIO.getTarget().target); + public static final AudioPermission RECORD_AUDIO_PERMISSION = new AudioPermission(RECORD_AUDIO.getTarget().target); + public static final AWTPermission CLIPBOARD_PERMISSION = new AWTPermission(CLIPBOARD.getTarget().target); + public static final RuntimePermission PRINT_PERMISSION = new RuntimePermission(PRINT.getTarget().target); + + public static final Collection ALL_PERMISSIONS, FILE_PERMISSIONS, PROPERTY_PERMISSIONS, NETWORK_PERMISSIONS, EXEC_PERMISSIONS, + REFLECTION_PERMISSIONS, MEDIA_PERMISSIONS; + static { + final Collection all = new HashSet(), file = new HashSet(), property = new HashSet(), + network = new HashSet(), exec = new HashSet(), reflection = new HashSet(), media = new HashSet(); + + file.add(READ_LOCAL_FILES_PERMISSION); + file.add(WRITE_LOCAL_FILES_PERMISSION); + file.add(DELETE_LOCAL_FILES_PERMISSION); + file.add(READ_TMP_FILES_PERMISSION); + file.add(WRITE_TMP_FILES_PERMISSION); + file.add(DELETE_TMP_FILES_PERMISSION); + file.add(READ_SYSTEM_FILES_PERMISSION); + file.add(WRITE_SYSTEM_FILES_PERMISSION); + FILE_PERMISSIONS = Collections.unmodifiableCollection(file); + + property.add(READ_PROPERTIES_PERMISSION); + property.add(WRITE_PROPERTIES_PERMISSION); + PROPERTY_PERMISSIONS = Collections.unmodifiableCollection(property); + + exec.add(EXEC_PERMISSION); + exec.add(GETENV_PERMISSION); + EXEC_PERMISSIONS = Collections.unmodifiableCollection(exec); + + network.add(NETWORK_PERMISSION); + NETWORK_PERMISSIONS = Collections.unmodifiableCollection(network); + + reflection.add(REFLECTION_PERMISSION); + reflection.add(CLASSLOADER_PERMISSION); + reflection.add(ACCESS_CLASS_IN_PACKAGE_PERMISSION); + reflection.add(ACCESS_DECLARED_MEMBERS_PERMISSION); + REFLECTION_PERMISSIONS = Collections.unmodifiableCollection(reflection); + + media.add(AWT_PERMISSION); + media.add(PLAY_AUDIO_PERMISSION); + media.add(RECORD_AUDIO_PERMISSION); + media.add(CLIPBOARD_PERMISSION); + media.add(PRINT_PERMISSION); + MEDIA_PERMISSIONS = Collections.unmodifiableCollection(media); + + all.addAll(file); + all.addAll(property); + all.addAll(exec); + all.addAll(network); + all.addAll(reflection); + all.addAll(media); + ALL_PERMISSIONS = Collections.unmodifiableCollection(all); + } + + private static final Collection allMinus(final Collection permissions) { + return subtract(ALL_PERMISSIONS, permissions); + } + + private static Collection sum(final Permission... permissions) { + final Collection result = new HashSet(Arrays.asList(permissions)); + return Collections.unmodifiableCollection(result); + } + + private static Collection sum(final Collection a, final Collection b) { + final Collection result = new HashSet(); + result.addAll(a); + result.addAll(b); + return Collections.unmodifiableCollection(result); + } + + private static final Collection subtract(final Collection from, final Collection remove) { + final Collection result = new HashSet(from); + result.removeAll(remove); + return Collections.unmodifiableCollection(result); + } + + public static Collection noFileAccess() { + return allMinus(FILE_PERMISSIONS); + } + + public static Collection noNetworkAccess() { + return allMinus(Arrays.asList(new Permission[] { NETWORK_PERMISSION })); + } + + public static Collection noFileOrNetworkAccess() { + return subtract(allMinus(FILE_PERMISSIONS), NETWORK_PERMISSIONS); + } + + public static Collection allFileAccessAndProperties() { + return sum(FILE_PERMISSIONS, PROPERTY_PERMISSIONS); + } + + public static Collection readLocalFilesAndProperties() { + return sum(READ_LOCAL_FILES_PERMISSION, READ_PROPERTIES_PERMISSION); + } + + public static Collection reflectionOnly() { + return REFLECTION_PERMISSIONS; + } + + public static Collection allMedia() { + return MEDIA_PERMISSIONS; + } + + public static Collection audioOnly() { + return sum(PLAY_AUDIO_PERMISSION, RECORD_AUDIO_PERMISSION); + } + + public static Collection clipboardOnly() { + return sum(CLIPBOARD_PERMISSION); + } + + public static Collection printOnly() { + return sum(PRINT_PERMISSION); + } + +} diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java Thu Mar 27 11:08:09 2014 -0400 @@ -0,0 +1,191 @@ +/* Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + From aazores at icedtea.classpath.org Thu Mar 27 15:17:46 2014 From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org) Date: Thu, 27 Mar 2014 15:17:46 +0000 Subject: /hg/icedtea-web: 2 new changesets Message-ID: changeset e9f222be36b5 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=e9f222be36b5 author: Andrew Azores date: Thu Mar 27 11:13:41 2014 -0400 PolicyEditor codebase list and checkboxes visual bug fix Fix bug with checkboxes not correctly updating on open and with repeats of a codebase appearing when opening a file multiple times * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (resetCodebases) new method. (openAndParsePolicyFile) call resetCodebases at start. (PolicyEditor) call resetCodebases in constructor changeset 8417559b6a12 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=8417559b6a12 author: Andrew Azores date: Thu Mar 27 11:16:58 2014 -0400 Fix NPE on Open action when changes have been made and are to be saved Fix NPE when trying to open a new file, with changes made, and wanting to save these changes to a file * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (openButtonAction) display Save As file chooser if there is no file object yet and user wishes to save changes diffstat: ChangeLog | 16 +++++ netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java | 32 +++++++-- 2 files changed, 41 insertions(+), 7 deletions(-) diffs (112 lines): diff -r ede0279b5c53 -r 8417559b6a12 ChangeLog --- a/ChangeLog Thu Mar 27 11:08:09 2014 -0400 +++ b/ChangeLog Thu Mar 27 11:16:58 2014 -0400 @@ -1,3 +1,19 @@ +2014-03-27 Andrew Azores + + Fix NPE when trying to open a new file, with changes made, and wanting to + save these changes to a file + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (openButtonAction) display Save As file chooser if there is no file object + yet and user wishes to save changes + +2014-03-27 Andrew Azores + + Fix bug with checkboxes not correctly updating on open and with repeats of + a codebase appearing when opening a file multiple times + * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: + (resetCodebases) new method. (openAndParsePolicyFile) call resetCodebases + at start. (PolicyEditor) call resetCodebases in constructor + 2014-03-27 Andrew Azores Applets can be temporarily granted permission levels above fully sandboxed diff -r ede0279b5c53 -r 8417559b6a12 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Thu Mar 27 11:08:09 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Thu Mar 27 11:16:58 2014 -0400 @@ -220,6 +220,7 @@ } } } + public PolicyEditor(final String filepath) { super(); setLayout(new GridBagLayout()); @@ -234,15 +235,13 @@ if (filepath != null) { file = new File(filepath); openAndParsePolicyFile(); + } else { + resetCodebases(); } fileChooser = new JFileChooser(file); fileChooser.setFileHidingEnabled(false); - initializeMapForCodebase(""); - listModel.addElement(R("PEGlobalSettings")); - updateCheckboxes(""); - okButtonAction = new ActionListener() { @Override public void actionPerformed(final ActionEvent event) { @@ -286,6 +285,14 @@ if (changesMade) { final int save = JOptionPane.showConfirmDialog(weakThis.get(), R("PESaveChanges")); if (save == JOptionPane.YES_OPTION) { + if (file == null) { + final int choice = fileChooser.showSaveDialog(weakThis.get()); + if (choice == JFileChooser.APPROVE_OPTION) { + file = fileChooser.getSelectedFile(); + } else if (choice == JFileChooser.CANCEL_OPTION) { + return; + } + } savePolicyFile(); } else if (save == JOptionPane.CANCEL_OPTION) { return; @@ -335,8 +342,6 @@ setAccelerators(); setupLayout(); - list.setSelectedIndex(0); - updateCheckboxes(""); } private String getSelectedCodebase() { @@ -1118,6 +1123,17 @@ customPermissionsMap.get(codebase).addAll(permissions); } + private void resetCodebases() { + listModel.clear(); + codebasePermissionsMap.clear(); + customPermissionsMap.clear(); + + initializeMapForCodebase(""); + listModel.addElement(R("PEGlobalSettings")); + list.setSelectedValue(R("PEGlobalSettings"), true); + updateCheckboxes(""); + } + /** * Open the file pointed to by the filePath field. This is either provided by the * "-file" command line flag, or if none given, comes from DeploymentConfiguration. @@ -1126,6 +1142,8 @@ new Thread() { @Override public void run() { + resetCodebases(); + if (!file.exists()) { try { file.createNewFile(); @@ -1215,7 +1233,7 @@ } } } - list.setSelectedIndex(0); + list.setSelectedValue(R("PEGlobalSettings"), true); updateCheckboxes(""); try { fileLock.release(); From skolnag at gmail.com Thu Mar 27 19:52:27 2014 From: skolnag at gmail.com (skolnag at gmail.com) Date: Thu, 27 Mar 2014 19:52:27 +0000 Subject: [icedtea-web] Translation of 1.5 In-Reply-To: References: <53306BD5.8040902@redhat.com> Message-ID: Hello, Here is the Czech translation. Kind regards, Alexandr 2014-03-24 17:46 GMT+00:00 skolnag at gmail.com : > Hello, > > I have most of the translation finished. There are, however, some places > where the source text is unclear. I will send my questions tomorrow and > after I receive the answers I will provide final translation. > > Thank you for understanding. > > Kind regards, > Alexandr > > > > > 2014-03-24 18:31 GMT+01:00 Jiri Vanek : > >> Hi guys! >> >> Is there any progress/eta or whatever? >> >> If not, Then I will probably release 1.5 with missing lines, and hope for >> 1.5.1 to bring the fix. >> >> Anyway for any case, I need some feedback to sync with you and rest of >> ITW. >> >> Thanx in advance, >> All the best >> J. >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Messages_cs.properties Type: application/octet-stream Size: 80310 bytes Desc: not available URL: From andrew at icedtea.classpath.org Thu Mar 27 20:02:15 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 27 Mar 2014 20:02:15 +0000 Subject: /hg/release/icedtea7-2.4: 2 new changesets Message-ID: changeset 7e432bfdb372 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=7e432bfdb372 author: Andrew John Hughes date: Thu Mar 27 19:18:54 2014 +0000 PR1713: Support AArch64 port 2014-03-27 Andrew John Hughes * patches/boot/hotspot/default/jdk-dependency.patch: Moved to... * patches/boot/hotspot/zero/jdk-dependency.patch: Removed; no longer a zero HotSpot build. * Makefile.am: (ICEDTEA_BOOT_PATCHES): Make jdk-dependency not dependent on HotSpot version. * patches/boot/hotspot-jdk-dependency.patch: ...here. 2014-03-07 Andrew John Hughes * patches/systemtap_gc.patch: Moved to... * Makefile.am: (ICEDTEA_PATCHES): Make systemtap_gc.patch HotSpot-dependent. * hotspot.map: Add aarch64 HotSpot. * patches/hotspot/aarch64/systemtap_gc.patch: New patch against AArch64 HotSpot tarball. * patches/hotspot/default/systemtap_gc.patch: ... here. changeset 2b651084f99e in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=2b651084f99e author: Andrew John Hughes date: Thu Mar 27 20:01:40 2014 +0000 PR1713: Support AArch64 port 2014-03-27 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64. (IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64. diffstat: ChangeLog | 30 + Makefile.am | 4 +- acinclude.m4 | 8 +- hotspot.map | 1 + patches/boot/hotspot-jdk-dependency.patch | 23 + patches/boot/hotspot/default/jdk-dependency.patch | 23 - patches/boot/hotspot/zero/jdk-dependency.patch | 25 - patches/hotspot/aarch64/systemtap_gc.patch | 373 +++++++++++++++++++++ patches/hotspot/default/systemtap_gc.patch | 379 ++++++++++++++++++++++ patches/systemtap_gc.patch | 379 ---------------------- 10 files changed, 815 insertions(+), 430 deletions(-) diffs (truncated from 1316 to 500 lines): diff -r b9722cf65cbe -r 2b651084f99e ChangeLog --- a/ChangeLog Wed Mar 26 20:58:00 2014 +0000 +++ b/ChangeLog Thu Mar 27 20:01:40 2014 +0000 @@ -1,3 +1,33 @@ +2014-03-27 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64. + (IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64. + +2014-03-27 Andrew John Hughes + + * patches/boot/hotspot/default/jdk-dependency.patch: + Moved to... + * patches/boot/hotspot/zero/jdk-dependency.patch: + Removed; no longer a zero HotSpot build. + * Makefile.am: + (ICEDTEA_BOOT_PATCHES): Make jdk-dependency not + dependent on HotSpot version. + * patches/boot/hotspot-jdk-dependency.patch: + ...here. + +2014-03-07 Andrew John Hughes + + * patches/systemtap_gc.patch: Moved to... + * Makefile.am: + (ICEDTEA_PATCHES): Make systemtap_gc.patch + HotSpot-dependent. + * hotspot.map: Add aarch64 HotSpot. + * patches/hotspot/aarch64/systemtap_gc.patch: + New patch against AArch64 HotSpot tarball. + * patches/hotspot/default/systemtap_gc.patch: + ... here. + 2014-03-26 Andrew John Hughes * Makefile.am: diff -r b9722cf65cbe -r 2b651084f99e Makefile.am --- a/Makefile.am Wed Mar 26 20:58:00 2014 +0000 +++ b/Makefile.am Thu Mar 27 20:01:40 2014 +0000 @@ -290,7 +290,7 @@ if ENABLE_SYSTEMTAP ICEDTEA_PATCHES += \ - patches/systemtap_gc.patch + patches/hotspot/$(HSBUILD)/systemtap_gc.patch endif if ENABLE_NSS @@ -328,7 +328,7 @@ patches/boot/corba-dependencies.patch \ patches/boot/jaxws-langtools-dependency.patch \ patches/boot/jaxws-jdk-dependency.patch \ - patches/boot/hotspot/${HSBUILD}/jdk-dependency.patch \ + patches/boot/hotspot-jdk-dependency.patch \ patches/boot/ecj-multicatch.patch \ patches/boot/ecj-trywithresources.patch \ patches/boot/ecj-autoboxing.patch \ diff -r b9722cf65cbe -r 2b651084f99e acinclude.m4 --- a/acinclude.m4 Wed Mar 26 20:58:00 2014 +0000 +++ b/acinclude.m4 Thu Mar 27 20:01:40 2014 +0000 @@ -682,6 +682,8 @@ use_zero=yes; else case "${host}" in + aarch64-*-*) ;; + arm64-*-*) ;; i?86-*-*) ;; sparc*-*-*) ;; x86_64-*-*) ;; @@ -950,7 +952,11 @@ AC_DEFUN_ONCE([IT_WITH_HOTSPOT_BUILD], [ AC_REQUIRE([IT_ENABLE_ZERO_BUILD]) - DEFAULT_BUILD="default" + if test "x$JRE_ARCH_DIR" = "xaarch64"; then + DEFAULT_BUILD="aarch64" + else + DEFAULT_BUILD="default" + fi AC_MSG_CHECKING([which HotSpot build to use]) AC_ARG_WITH([hotspot-build], [AS_HELP_STRING(--with-hotspot-build=BUILD,the HotSpot build to use [[BUILD=default]])], diff -r b9722cf65cbe -r 2b651084f99e hotspot.map --- a/hotspot.map Wed Mar 26 20:58:00 2014 +0000 +++ b/hotspot.map Thu Mar 27 20:01:40 2014 +0000 @@ -1,2 +1,3 @@ # version url changeset sha256sum default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760 +aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot-jdk-dependency.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/boot/hotspot-jdk-dependency.patch Thu Mar 27 20:01:40 2014 +0000 @@ -0,0 +1,23 @@ +diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make +--- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make 2012-05-23 22:15:04.747642641 +0100 ++++ openjdk-boot/hotspot/make/linux/makefiles/sa.make 2012-05-23 22:16:32.825095823 +0100 +@@ -91,7 +91,7 @@ + # are in AGENT_FILES, so use the shell to expand them. + # Be extra carefull to not produce too long command lines in the shell! + $(foreach file,$(AGENT_FILES),$(shell ls -1 $(file) >> $(AGENT_FILES_LIST))) +- $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST) ++ $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST) + $(QUIETLY) $(REMOTE) $(COMPILE.RMIC) -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer + $(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES) + $(QUIETLY) rm -f $(SA_CLASSDIR)/sun/jvm/hotspot/utilities/soql/sa.js +diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk +--- openjdk-boot.orig/make/hotspot-rules.gmk 2012-05-23 20:37:39.000000000 +0100 ++++ openjdk-boot/make/hotspot-rules.gmk 2012-05-23 22:16:52.425419199 +0100 +@@ -85,6 +85,7 @@ + HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR) + HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH) + HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR) ++HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR) + + # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=? + # Or is there something wrong with hotspot/make/Makefile? diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot/default/jdk-dependency.patch --- a/patches/boot/hotspot/default/jdk-dependency.patch Wed Mar 26 20:58:00 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,23 +0,0 @@ -diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make ---- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make 2012-05-23 22:15:04.747642641 +0100 -+++ openjdk-boot/hotspot/make/linux/makefiles/sa.make 2012-05-23 22:16:32.825095823 +0100 -@@ -91,7 +91,7 @@ - # are in AGENT_FILES, so use the shell to expand them. - # Be extra carefull to not produce too long command lines in the shell! - $(foreach file,$(AGENT_FILES),$(shell ls -1 $(file) >> $(AGENT_FILES_LIST))) -- $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST) -+ $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST) - $(QUIETLY) $(REMOTE) $(COMPILE.RMIC) -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer - $(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES) - $(QUIETLY) rm -f $(SA_CLASSDIR)/sun/jvm/hotspot/utilities/soql/sa.js -diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk ---- openjdk-boot.orig/make/hotspot-rules.gmk 2012-05-23 20:37:39.000000000 +0100 -+++ openjdk-boot/make/hotspot-rules.gmk 2012-05-23 22:16:52.425419199 +0100 -@@ -85,6 +85,7 @@ - HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR) - HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH) - HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR) -+HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR) - - # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=? - # Or is there something wrong with hotspot/make/Makefile? diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot/zero/jdk-dependency.patch --- a/patches/boot/hotspot/zero/jdk-dependency.patch Wed Mar 26 20:58:00 2014 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make ---- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make 2012-07-20 18:05:26.733484117 +0100 -+++ openjdk-boot/hotspot/make/linux/makefiles/sa.make 2012-07-20 18:10:11.384736044 +0100 -@@ -97,8 +97,8 @@ - $(foreach file,$(AGENT_FILES1),$(shell echo $(file) >> $(AGENT_FILES1_LIST))) - $(foreach file,$(AGENT_FILES2),$(shell echo $(file) >> $(AGENT_FILES2_LIST))) - -- $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES1_LIST) -- $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES2_LIST) -+ $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES1_LIST) -+ $(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES2_LIST) - - $(QUIETLY) $(REMOTE) $(COMPILE.RMIC) -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer - $(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES) -diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk ---- openjdk-boot.orig/make/hotspot-rules.gmk 2012-06-29 15:19:51.000000000 +0100 -+++ openjdk-boot/make/hotspot-rules.gmk 2012-07-20 18:10:28.277161702 +0100 -@@ -85,6 +85,7 @@ - HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR) - HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH) - HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR) -+HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR) - - # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=? - # Or is there something wrong with hotspot/make/Makefile? diff -r b9722cf65cbe -r 2b651084f99e patches/hotspot/aarch64/systemtap_gc.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/hotspot/aarch64/systemtap_gc.patch Thu Mar 27 20:01:40 2014 +0000 @@ -0,0 +1,373 @@ +diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp +--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp 2014-03-07 04:29:33.230530073 +0000 +@@ -33,9 +33,13 @@ + #include "memory/resourceArea.hpp" + #include "runtime/frame.inline.hpp" + #include "runtime/signature.hpp" ++#include "utilities/dtrace.hpp" + #ifdef COMPILER1 + #include "c1/c1_Defs.hpp" + #endif ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t); ++#endif /* !USDT2 */ + + // OopMapStream + +@@ -677,6 +681,9 @@ + " - Derived: " INTPTR_FORMAT " Base: " INTPTR_FORMAT " (Offset: %d)", + derived_loc, (address)*derived_loc, (address)base, offset); + } ++#ifndef USDT2 ++ HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry); ++#endif /* !USDT2 */ + + // Delete entry + delete entry; +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -62,6 +62,12 @@ + #include "runtime/vmThread.hpp" + #include "services/memoryService.hpp" + #include "services/runtimeService.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + // statics + CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL; +@@ -1642,7 +1648,13 @@ + size_t size, + bool tlab) + { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + collector()->collect(full, clear_all_soft_refs, size, tlab); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab); ++#endif /* !USDT2 */ + } + + void CMSCollector::collect(bool full, +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp 2014-03-07 04:33:00.601620772 +0000 +@@ -49,8 +49,13 @@ + #include "runtime/thread.hpp" + #include "runtime/vmThread.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__end, *uintptr_t, *uintptr_t); ++ #endif /* !USDT2 */ + class HeapRegion; + + void G1MarkSweep::invoke_at_safepoint(ReferenceProcessor* rp, +@@ -84,6 +89,9 @@ + // The marking doesn't preserve the marks of biased objects. + BiasedLocking::preserve_marks(); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__G1__begin, &sh, sh->gc_cause()); ++#endif /* !USDT2 */ + mark_sweep_phase1(marked_for_unloading, clear_all_softrefs); + + mark_sweep_phase2(); +@@ -99,6 +107,9 @@ + BiasedLocking::restore_marks(); + GenMarkSweep::deallocate_stacks(); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__G1__end, &sh, sh->gc_cause()); ++#endif /* !USDT2 */ + // "free at last gc" is calculated from these. + // CHF: cheating for now!!! + // Universe::set_heap_capacity_at_last_gc(Universe::heap()->capacity()); +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp 2014-03-07 04:31:58.396693660 +0000 +@@ -43,8 +43,14 @@ + #include "runtime/java.hpp" + #include "runtime/vmThread.hpp" + #include "services/memTracker.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/vmError.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__end, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ ++ + PSYoungGen* ParallelScavengeHeap::_young_gen = NULL; + PSOldGen* ParallelScavengeHeap::_old_gen = NULL; + PSAdaptiveSizePolicy* ParallelScavengeHeap::_size_policy = NULL; +@@ -530,7 +536,13 @@ + } + + VM_ParallelGCSystemGC op(gc_count, full_gc_count, cause); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__begin, &op, cause); ++#endif /* !USDT2 */ + VMThread::execute(&op); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__end, &op, cause); ++#endif /* !USDT2 */ + } + + void ParallelScavengeHeap::oop_iterate(ExtendedOopClosure* cl) { +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -56,11 +56,18 @@ + #include "services/management.hpp" + #include "services/memoryService.hpp" + #include "services/memTracker.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + #include "utilities/stack.inline.hpp" + + #include + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__ParallelCompact__clear, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__parallel__collect, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__move, *uintptr_t, *uintptr_t, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ ++ + // All sizes are in HeapWords. + const size_t ParallelCompactData::Log2RegionSize = 16; // 64K words + const size_t ParallelCompactData::RegionSize = (size_t)1 << Log2RegionSize; +@@ -451,6 +458,9 @@ + + void ParallelCompactData::clear() + { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__ParallelCompact__clear, &_region_data, _region_data->data_location()); ++#endif /* !USDT2 */ + memset(_region_data, 0, _region_vspace->committed_size()); + memset(_block_data, 0, _block_vspace->committed_size()); + } +@@ -1977,6 +1987,9 @@ + "should be in vm thread"); + + ParallelScavengeHeap* heap = gc_heap(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__parallel__collect, heap, heap->gc_cause()); ++#endif /* !USDT2 */ + GCCause::Cause gc_cause = heap->gc_cause(); + assert(!heap->is_gc_active(), "not reentrant"); + +@@ -3269,6 +3282,9 @@ + // past the end of the partial object entering the region (if any). + HeapWord* const dest_addr = sd.partial_obj_end(dp_region); + HeapWord* const new_top = _space_info[space_id].new_top(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__move, &beg_addr, &end_addr, &dest_addr, &new_top); ++#endif /* !USDT2 */ + assert(new_top >= dest_addr, "bad new_top value"); + const size_t words = pointer_delta(new_top, dest_addr); + +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -54,8 +54,17 @@ + #include "runtime/vmThread.hpp" + #include "runtime/vm_operations.hpp" + #include "services/memoryService.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/stack.inline.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__end, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__end, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__begin, *uintptr_t, *uintptr_t); ++ HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__end, *uintptr_t, *uintptr_t); ++#endif /* !USDT2 */ + + HeapWord* PSScavenge::_to_space_top_before_gc = NULL; + int PSScavenge::_consecutive_skipped_scavenges = 0; +@@ -228,7 +237,13 @@ + PSAdaptiveSizePolicy* policy = heap->size_policy(); + IsGCActiveMark mark; + ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + const bool scavenge_done = PSScavenge::invoke_no_policy(); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + const bool need_full_gc = !scavenge_done || + policy->should_full_GC(heap->old_gen()->free_in_bytes()); + bool full_gc_done = false; +@@ -245,9 +260,21 @@ + const bool clear_all_softrefs = cp->should_clear_all_soft_refs(); + + if (UseParallelOldGC) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + full_gc_done = PSParallelCompact::invoke_no_policy(clear_all_softrefs); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + } else { ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__begin, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + full_gc_done = PSMarkSweep::invoke_no_policy(clear_all_softrefs); ++#ifndef USDT2 ++ HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__end, &heap, heap->gc_cause()); ++#endif /* !USDT2 */ + } + } + +diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -54,6 +54,12 @@ + #include "utilities/copy.hpp" + #include "utilities/globalDefinitions.hpp" + #include "utilities/workgroup.hpp" ++#include "utilities/dtrace.hpp" ++ ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + + #ifdef _MSC_VER + #pragma warning( push ) +@@ -911,6 +917,9 @@ + bool clear_all_soft_refs, + size_t size, + bool is_tlab) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + assert(full || size > 0, "otherwise we don't want to collect"); + + GenCollectedHeap* gch = GenCollectedHeap::heap(); +@@ -1061,6 +1070,10 @@ + gch->print_heap_change(gch_prev_used); + } + ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ ++ + if (PrintGCDetails && ParallelGCVerbose) { + TASKQUEUE_STATS_ONLY(thread_state_set.print_termination_stats()); + TASKQUEUE_STATS_ONLY(thread_state_set.print_taskqueue_stats()); +diff -Nru openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp +--- openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp 2014-03-07 04:31:15.676056944 +0000 +@@ -44,8 +44,13 @@ + #include "runtime/java.hpp" + #include "runtime/thread.inline.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/stack.inline.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__end, bool, bool, size_t, bool); ++#endif /* !USDT2 */ + // + // DefNewGeneration functions. + +@@ -558,6 +563,9 @@ + bool clear_all_soft_refs, + size_t size, + bool is_tlab) { ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__begin, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ + assert(full || size > 0, "otherwise we don't want to collect"); + + GenCollectedHeap* gch = GenCollectedHeap::heap(); +@@ -706,6 +714,10 @@ + jlong now = os::javaTimeNanos() / NANOSECS_PER_MILLISEC; + update_time_of_last_gc(now); + ++#ifndef USDT2 ++ HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__end, full, clear_all_soft_refs, size, is_tlab); ++#endif /* !USDT2 */ ++ + gch->trace_heap_after_gc(&gc_tracer); + gc_tracer.report_tenuring_threshold(tenuring_threshold()); + +diff -Nru openjdk.orig/hotspot/src/share/vm/memory/generation.cpp openjdk/hotspot/src/share/vm/memory/generation.cpp +--- openjdk.orig/hotspot/src/share/vm/memory/generation.cpp 2014-03-06 09:11:53.000000000 +0000 ++++ openjdk/hotspot/src/share/vm/memory/generation.cpp 2014-03-07 04:29:33.234530133 +0000 +@@ -41,8 +41,14 @@ + #include "oops/oop.inline.hpp" + #include "runtime/java.hpp" + #include "utilities/copy.hpp" ++#include "utilities/dtrace.hpp" + #include "utilities/events.hpp" + ++#ifndef USDT2 ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool); ++ HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool); From bugzilla-daemon at icedtea.classpath.org Thu Mar 27 20:02:23 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 27 Mar 2014 20:02:23 +0000 Subject: [Bug 1713] [IcedTea7] Support AArch64 Port In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 --- Comment #4 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=7e432bfdb372 author: Andrew John Hughes date: Thu Mar 27 19:18:54 2014 +0000 PR1713: Support AArch64 port 2014-03-27 Andrew John Hughes * patches/boot/hotspot/default/jdk-dependency.patch: Moved to... * patches/boot/hotspot/zero/jdk-dependency.patch: Removed; no longer a zero HotSpot build. * Makefile.am: (ICEDTEA_BOOT_PATCHES): Make jdk-dependency not dependent on HotSpot version. * patches/boot/hotspot-jdk-dependency.patch: ...here. 2014-03-07 Andrew John Hughes * patches/systemtap_gc.patch: Moved to... * Makefile.am: (ICEDTEA_PATCHES): Make systemtap_gc.patch HotSpot-dependent. * hotspot.map: Add aarch64 HotSpot. * patches/hotspot/aarch64/systemtap_gc.patch: New patch against AArch64 HotSpot tarball. * patches/hotspot/default/systemtap_gc.patch: ... here. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Thu Mar 27 20:02:29 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Thu, 27 Mar 2014 20:02:29 +0000 Subject: [Bug 1713] [IcedTea7] Support AArch64 Port In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713 --- Comment #5 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=2b651084f99e author: Andrew John Hughes date: Thu Mar 27 20:01:40 2014 +0000 PR1713: Support AArch64 port 2014-03-27 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64. (IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Thu Mar 27 20:23:42 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 27 Mar 2014 20:23:42 +0000 Subject: /hg/release/icedtea7-2.4: Turn ARM32 JIT off by default; fails t... Message-ID: changeset 0e95da4065f2 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=0e95da4065f2 author: Andrew John Hughes date: Thu Mar 27 20:22:28 2014 +0000 Turn ARM32 JIT off by default; fails to bootstrap. 2014-03-27 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ARM32JIT): Turn JIT off by default. * NEWS: Remove mention of turning JIT on by default. diffstat: ChangeLog | 6 ++++++ NEWS | 1 - acinclude.m4 | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diffs (36 lines): diff -r 2b651084f99e -r 0e95da4065f2 ChangeLog --- a/ChangeLog Thu Mar 27 20:01:40 2014 +0000 +++ b/ChangeLog Thu Mar 27 20:22:28 2014 +0000 @@ -1,3 +1,9 @@ +2014-03-27 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Turn JIT off by default. + * NEWS: Remove mention of turning JIT on by default. + 2014-03-27 Andrew John Hughes * acinclude.m4: diff -r 2b651084f99e -r 0e95da4065f2 NEWS --- a/NEWS Thu Mar 27 20:01:40 2014 +0000 +++ b/NEWS Thu Mar 27 20:22:28 2014 +0000 @@ -63,7 +63,6 @@ - Include $(CFLAGS) in assembler stage - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. - - Turn ARM32 JIT on by default * AArch64 port - PR1713: Support AArch64 Port * Shark diff -r 2b651084f99e -r 0e95da4065f2 acinclude.m4 --- a/acinclude.m4 Thu Mar 27 20:01:40 2014 +0000 +++ b/acinclude.m4 Thu Mar 27 20:22:28 2014 +0000 @@ -2643,7 +2643,7 @@ esac ], [ - enable_arm32jit=yes + enable_arm32jit=no ]) AC_MSG_RESULT([$enable_arm32jit]) AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") From andrew at icedtea.classpath.org Thu Mar 27 23:22:17 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 27 Mar 2014 23:22:17 +0000 Subject: /hg/release/icedtea7-forest-2.4/hotspot: 2 new changesets Message-ID: changeset 172674e0ab65 in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=172674e0ab65 author: igerasim date: Fri Feb 28 16:00:40 2014 +0400 8035893: JVM_GetVersionInfo fails to zero structure Reviewed-by: sla, zgu changeset 7f4fbcd8815d in /hg/release/icedtea7-forest-2.4/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=7f4fbcd8815d author: andrew date: Thu Mar 27 23:21:09 2014 +0000 Added tag icedtea-2.4.6 for changeset 172674e0ab65 diffstat: .hgtags | 1 + src/share/vm/prims/jvm.cpp | 2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diffs (20 lines): diff -r 490de178ae72 -r 7f4fbcd8815d .hgtags --- a/.hgtags Mon Mar 17 16:37:17 2014 +0000 +++ b/.hgtags Thu Mar 27 23:21:09 2014 +0000 @@ -625,3 +625,4 @@ 6c6a2299029ad02fa2820b8ff8c61c2bbcae799c jdk7u51-b13 2cb58882dac3bf8b186ef15f847be926772bbf98 icedtea-2.4.5 00478c5bf5e93892b40bac1c293f8540d5be58ab icedtea-2.4.6pre01 +172674e0ab65752a9a6e5bb7f563e03f8ca44be1 icedtea-2.4.6 diff -r 490de178ae72 -r 7f4fbcd8815d src/share/vm/prims/jvm.cpp --- a/src/share/vm/prims/jvm.cpp Mon Mar 17 16:37:17 2014 +0000 +++ b/src/share/vm/prims/jvm.cpp Thu Mar 27 23:21:09 2014 +0000 @@ -4546,7 +4546,7 @@ JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size)) { - memset(info, 0, sizeof(info_size)); + memset(info, 0, info_size); info->jvm_version = Abstract_VM_Version::jvm_version(); info->update_version = 0; /* 0 in HotSpot Express VM */ From andrew at icedtea.classpath.org Thu Mar 27 23:29:35 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Thu, 27 Mar 2014 23:29:35 +0000 Subject: /hg/icedtea7: 2 new changesets Message-ID: changeset 6ef5523cf948 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=6ef5523cf948 author: Andrew John Hughes date: Thu Mar 27 20:30:05 2014 +0000 Update patch locations for tarball. 2014-03-27 Andrew John Hughes * Makefile.am: (EXTRA_DIST): Don't look for patches in boot/hotspot/*. Do look for patches in hotspot/*. changeset 2278f72329bf in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=2278f72329bf author: Andrew John Hughes date: Thu Mar 27 21:18:02 2014 +0000 Update to latest aarch64 tree. 2014-03-27 Andrew John Hughes * hotspot.map: Update to latest aarch64 tree. diffstat: ChangeLog | 12 ++++++++++++ Makefile.am | 2 +- hotspot.map | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diffs (39 lines): diff -r bf2f5ea62322 -r 2278f72329bf ChangeLog --- a/ChangeLog Thu Mar 27 03:50:20 2014 +0000 +++ b/ChangeLog Thu Mar 27 21:18:02 2014 +0000 @@ -1,3 +1,15 @@ +2014-03-27 Andrew John Hughes + + * hotspot.map: + Update to latest aarch64 tree. + +2014-03-27 Andrew John Hughes + + * Makefile.am: + (EXTRA_DIST): Don't look for patches in + boot/hotspot/*. Do look for patches in + hotspot/*. + 2014-03-26 Andrew John Hughes Perform configure checks using ecj.jar diff -r bf2f5ea62322 -r 2278f72329bf Makefile.am --- a/Makefile.am Thu Mar 27 03:50:20 2014 +0000 +++ b/Makefile.am Thu Mar 27 21:18:02 2014 +0000 @@ -730,7 +730,7 @@ EXTRA_DIST = $(GENERATED_FILES) $(top_srcdir)/patches/*.patch \ $(top_srcdir)/patches/boot/*.patch \ $(top_srcdir)/patches/cacao/*.patch \ - $(top_srcdir)/patches/boot/hotspot/*/*.patch \ + $(top_srcdir)/patches/hotspot/*/*.patch \ tools-copy contrib overlays \ javaws.png javaws.desktop \ jconsole.desktop policytool.desktop \ diff -r bf2f5ea62322 -r 2278f72329bf hotspot.map --- a/hotspot.map Thu Mar 27 03:50:20 2014 +0000 +++ b/hotspot.map Thu Mar 27 21:18:02 2014 +0000 @@ -1,3 +1,3 @@ # version url changeset sha256sum default http://icedtea.classpath.org/hg/icedtea7-forest/hotspot f30e87f16d90 871fa08b8e9d7a2958cee844f940752c39b1946146dc382c005269e86b687a49 -aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a +aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot f50993b6c38d 64c2d0bfa71d6eecf18ab28fd64d5bd79af096f77548d80de7953c306fd9c22c From ptisnovs at icedtea.classpath.org Fri Mar 28 09:45:07 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 28 Mar 2014 09:45:07 +0000 Subject: /hg/gfx-test: Eight new tests added into BitBltBasicTests. Message-ID: changeset ab61c1a09c99 in /hg/gfx-test details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=ab61c1a09c99 author: Pavel Tisnovsky date: Fri Mar 28 10:45:48 2014 +0100 Eight new tests added into BitBltBasicTests. diffstat: ChangeLog | 5 + src/org/gfxtest/testsuites/BitBltBasicTests.java | 120 +++++++++++++++++++++++ 2 files changed, 125 insertions(+), 0 deletions(-) diffs (191 lines): diff -r 3ab1971d3e7c -r ab61c1a09c99 ChangeLog --- a/ChangeLog Thu Mar 27 09:54:59 2014 +0100 +++ b/ChangeLog Fri Mar 28 10:45:48 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-28 Pavel Tisnovsky + + * src/org/gfxtest/testsuites/BitBltBasicTests.java: + Eight new tests added into BitBltBasicTests. + 2014-03-27 Pavel Tisnovsky * src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java: diff -r 3ab1971d3e7c -r ab61c1a09c99 src/org/gfxtest/testsuites/BitBltBasicTests.java --- a/src/org/gfxtest/testsuites/BitBltBasicTests.java Thu Mar 27 09:54:59 2014 +0100 +++ b/src/org/gfxtest/testsuites/BitBltBasicTests.java Fri Mar 28 10:45:48 2014 +0100 @@ -2383,6 +2383,21 @@ } /** + * Test basic BitBlt operation for diagonal color stripes buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltDiagonalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithDiagonalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for black and white dots pattern buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -2580,6 +2595,21 @@ } /** + * Test basic BitBlt operation for black and white dots pattern buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltBWDotsBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithBWDotsImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for color dots pattern buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -2777,6 +2807,21 @@ } /** + * Test basic BitBlt operation for color dots pattern buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltColorDotsBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithColorDotsImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for horizontal grayscale gradient buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -2973,6 +3018,21 @@ } /** + * Test basic BitBlt operation for horizontal grayscale gradient buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltHorizontalGrayscaleGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithHorizontalGrayscaleGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for vertical grayscale gradient buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -3169,6 +3229,21 @@ } /** + * Test basic BitBlt operation for vertical grayscale gradient buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltVerticalGrayscaleGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithVerticalGrayscaleGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for horizontal red gradient buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -3366,6 +3441,21 @@ } /** + * Test basic BitBlt operation for horizontal red gradient buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltHorizontalRedGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithHorizontalRedGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for vertical red gradient buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -3563,6 +3653,21 @@ } /** + * Test basic BitBlt operation for vertical red gradient buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltVerticalRedGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithVerticalRedGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for horizontal green gradient buffered image with type TYPE_3BYTE_BGR. * * @param image @@ -3760,6 +3865,21 @@ } /** + * Test basic BitBlt operation for horizontal green gradient buffered image with type TYPE_CUSTOM. + * + * @param image + * image used as a destination for BitBlt-type operations + * @param graphics2d + * graphics canvas + * @return test result status - PASSED, FAILED or ERROR + */ + public TestResult testBitBltHorizontalGreenGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d) + { + // create new buffered image and then perform basic BitBlt test. + return CommonBitmapOperations.doBitBltTestWithHorizontalGreenGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM); + } + + /** * Test basic BitBlt operation for vertical green gradient buffered image with type TYPE_3BYTE_BGR. * * @param image From ptisnovs at icedtea.classpath.org Fri Mar 28 09:47:59 2014 From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org) Date: Fri, 28 Mar 2014 09:47:59 +0000 Subject: /hg/rhino-tests: Three new tests added into ScriptEngineClassTest. Message-ID: changeset 9d409b2379c5 in /hg/rhino-tests details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=9d409b2379c5 author: Pavel Tisnovsky date: Fri Mar 28 10:48:43 2014 +0100 Three new tests added into ScriptEngineClassTest. diffstat: ChangeLog | 5 ++++ src/org/RhinoTests/ScriptEngineClassTest.java | 31 +++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 0 deletions(-) diffs (60 lines): diff -r 2b9db1e50f41 -r 9d409b2379c5 ChangeLog --- a/ChangeLog Thu Mar 27 10:02:20 2014 +0100 +++ b/ChangeLog Fri Mar 28 10:48:43 2014 +0100 @@ -1,3 +1,8 @@ +2014-03-28 Pavel Tisnovsky + + * src/org/RhinoTests/ScriptEngineClassTest.java: + Three new tests added into ScriptEngineClassTest. + 2014-03-27 Pavel Tisnovsky * src/org/RhinoTests/ScriptEngineClassTest.java: diff -r 2b9db1e50f41 -r 9d409b2379c5 src/org/RhinoTests/ScriptEngineClassTest.java --- a/src/org/RhinoTests/ScriptEngineClassTest.java Thu Mar 27 10:02:20 2014 +0100 +++ b/src/org/RhinoTests/ScriptEngineClassTest.java Fri Mar 28 10:48:43 2014 +0100 @@ -2048,6 +2048,19 @@ } /** + * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNPETest() + */ + protected void testGetResourceAsStreamNPETest() { + try { + Object resource = this.scriptEngineClass.getResourceAsStream(null); + throw new AssertionError("NullPointerException expected!"); + } + catch (NullPointerException e) { + //This is OK OK + } + } + + /** * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNegativeTest() */ protected void testGetResourceAsStreamNegativeTest() { @@ -2109,6 +2122,24 @@ } /** + * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamPositiveTest() + */ + protected void testGetResourceAsStreamPositiveTest() { + Object stream; + stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class"); + assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null"); + } + + /** + * Test for method javax.script.ScriptEngine.getClass().toString() + */ + protected void testToString() { + String asString; + asString = this.scriptEngineClass.toString(); + assertEquals("interface javax.script.ScriptEngine", asString, "wrong toString() return value"); + } + + /** * Test for instanceof operator applied to a class javax.script.ScriptEngine */ @SuppressWarnings("cast") From andrew at icedtea.classpath.org Fri Mar 28 12:28:02 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:28:02 +0000 Subject: /hg/release/icedtea7-2.4: 10 new changesets Message-ID: changeset 931fe5bd6067 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=931fe5bd6067 author: Andrew John Hughes date: Thu Mar 27 20:26:36 2014 +0000 Prepare for 2.4.6 release. 2014-03-27 Andrew John Hughes * NEWS: Set release date to today. * configure.ac: Set to 2.4.6. changeset 372ef328babd in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=372ef328babd author: Andrew John Hughes date: Thu Mar 27 20:30:05 2014 +0000 Update patch locations for tarball. 2014-03-27 Andrew John Hughes * Makefile.am: (EXTRA_DIST): Don't look for patches in boot/hotspot/*. Do look for patches in hotspot/*. changeset 3024634a3335 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=3024634a3335 author: Andrew John Hughes date: Thu Mar 27 21:18:02 2014 +0000 Update to latest aarch64 tree. 2014-03-27 Andrew John Hughes * hotspot.map: Update to latest aarch64 tree. changeset df0089517a62 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=df0089517a62 author: Andrew John Hughes date: Thu Mar 27 03:50:20 2014 +0000 Perform configure checks using ecj.jar if native ecj is enabled. 2014-03-26 Andrew John Hughes Perform configure checks using ecj.jar if native ecj is enabled. * Makefile.am: (native-ecj): Link against gcj explicitly. * acinclude.m4: (IT_FIND_COMPILER): Run IT_WITH_GCJ and set JAVAC to an invocation of the ECJ_JAR if native ecj is used. Depend on IT_FIND_JAVA and IT_FIND_ECJ_JAR for this. (IT_FIND_ECJ_JAR): Define only once. (IT_WITH_GCJ): Likewise. (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. * configure.ac: Remove invocation of IT_WITH_GCJ. changeset c99ce4169f55 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=c99ce4169f55 author: Andrew John Hughes date: Thu Mar 27 23:33:04 2014 +0000 S8035893: JVM_GetVersionInfo fails to zero structure 2014-03-27 Andrew John Hughes * NEWS: Updated. * hotspot.map: Bring in S8035893 backport. changeset 47177c9bfafa in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=47177c9bfafa author: Andrew John Hughes date: Fri Mar 28 03:41:03 2014 +0000 Apply Werror fix to aarch64 port. 2012-08-16 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add -Werror patch from IcedTea7 HEAD. * patches/hotspot/aarch64/werror.patch: Allow COMPILER_WARNINGS_FATAL to turn off -Werror. changeset fdd91eddd59b in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=fdd91eddd59b author: Andrew John Hughes date: Fri Mar 28 11:55:57 2014 +0000 Revert previous change to ARM32 JIT default as bootstraps on Fedora. 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ARM32JIT): Turn JIT on by default. * NEWS: Readd mention of turning JIT on by default. changeset 4ca3077d0f5d in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=4ca3077d0f5d author: Andrew John Hughes date: Fri Mar 28 12:06:12 2014 +0000 Update release date. 2014-03-28 Andrew John Hughes * NEWS: Update release date. changeset 7207e8b9dc7f in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=7207e8b9dc7f author: Andrew John Hughes date: Fri Mar 28 12:08:50 2014 +0000 Update NEWS with recent changes. 2014-03-26 Andrew John Hughes * NEWS: Update with recent changes. changeset d2bc83a8ce09 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=d2bc83a8ce09 author: Andrew John Hughes date: Fri Mar 28 12:27:42 2014 +0000 Added tag icedtea-2.4.6 for changeset 7207e8b9dc7f diffstat: .hgtags | 1 + ChangeLog | 60 ++++++++++++++++++++++++++++++++++++ Makefile.am | 8 +++- NEWS | 5 ++- acinclude.m4 | 17 +++++++-- configure.ac | 3 +- hotspot.map | 4 +- patches/hotspot/aarch64/werror.patch | 43 +++++++++++++++++++++++++ 8 files changed, 130 insertions(+), 11 deletions(-) diffs (277 lines): diff -r 0e95da4065f2 -r d2bc83a8ce09 .hgtags --- a/.hgtags Thu Mar 27 20:22:28 2014 +0000 +++ b/.hgtags Fri Mar 28 12:27:42 2014 +0000 @@ -41,3 +41,4 @@ 3dd8c1e3a5b3827f1843a78a017c57d0ed45f2c0 icedtea-2.4.3 73ef620ce0a5d16d5c90e58eb17d022c1ecb572e icedtea-2.4.4 4bfa1c865fdd3d385c3bdf7a7c8611f80d42029d icedtea-2.4.5 +7207e8b9dc7f2a1673b02e410e75927fa49651fa icedtea-2.4.6 diff -r 0e95da4065f2 -r d2bc83a8ce09 ChangeLog --- a/ChangeLog Thu Mar 27 20:22:28 2014 +0000 +++ b/ChangeLog Fri Mar 28 12:27:42 2014 +0000 @@ -1,3 +1,63 @@ +2014-03-26 Andrew John Hughes + + * NEWS: Update with recent changes. + +2014-03-28 Andrew John Hughes + + * NEWS: Update release date. + +2014-03-28 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Turn JIT on by default. + * NEWS: Readd mention of turning JIT on by default. + +2012-08-16 Andrew John Hughes + + * Makefile.am: + (ICEDTEA_PATCHES): Add -Werror patch + from IcedTea7 HEAD. + * patches/hotspot/aarch64/werror.patch: + Allow COMPILER_WARNINGS_FATAL to turn off -Werror. + +2014-03-27 Andrew John Hughes + + * NEWS: Updated. + * hotspot.map: Bring in S8035893 backport. + +2014-03-26 Andrew John Hughes + + Perform configure checks using ecj.jar + if native ecj is enabled. + * Makefile.am: + (native-ecj): Link against gcj explicitly. + * acinclude.m4: + (IT_FIND_COMPILER): Run IT_WITH_GCJ + and set JAVAC to an invocation of the ECJ_JAR + if native ecj is used. Depend on IT_FIND_JAVA + and IT_FIND_ECJ_JAR for this. + (IT_FIND_ECJ_JAR): Define only once. + (IT_WITH_GCJ): Likewise. + (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. + * configure.ac: Remove invocation of IT_WITH_GCJ. + +2014-03-27 Andrew John Hughes + + * hotspot.map: + Update to latest aarch64 tree. + +2014-03-27 Andrew John Hughes + + * Makefile.am: + (EXTRA_DIST): Don't look for patches in + boot/hotspot/*. Do look for patches in + hotspot/*. + +2014-03-27 Andrew John Hughes + + * NEWS: Set release date to today. + * configure.ac: Set to 2.4.6. + 2014-03-27 Andrew John Hughes * acinclude.m4: diff -r 0e95da4065f2 -r d2bc83a8ce09 Makefile.am --- a/Makefile.am Thu Mar 27 20:22:28 2014 +0000 +++ b/Makefile.am Fri Mar 28 12:27:42 2014 +0000 @@ -297,6 +297,10 @@ ICEDTEA_PATCHES += patches/nss-config.patch endif +if WITH_ALT_HSBUILD +ICEDTEA_PATCHES += patches/hotspot/aarch64/werror.patch +endif + ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) # Bootstrapping patches @@ -773,7 +777,7 @@ EXTRA_DIST = $(GENERATED_FILES) $(top_srcdir)/patches/*.patch \ $(top_srcdir)/patches/boot/*.patch \ $(top_srcdir)/patches/cacao/*.patch \ - $(top_srcdir)/patches/boot/hotspot/*/*.patch \ + $(top_srcdir)/patches/hotspot/*/*.patch \ tools-copy contrib overlays \ javaws.png javaws.desktop \ jconsole.desktop policytool.desktop \ @@ -1627,7 +1631,7 @@ mkdir -p stamps if BUILD_NATIVE_ECJ ${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \ - --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR} + --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR} endif touch $@ diff -r 0e95da4065f2 -r d2bc83a8ce09 NEWS --- a/NEWS Thu Mar 27 20:22:28 2014 +0000 +++ b/NEWS Fri Mar 28 12:27:42 2014 +0000 @@ -12,10 +12,11 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 2.4.6 (2014-04-XX): +New in release 2.4.6 (2014-03-28): * Backports - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 + - S8035893: JVM_GetVersionInfo fails to zero structure - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. * Bug fixes - PR1101: Undefined symbols on GNU/Linux SPARC @@ -25,6 +26,7 @@ - PR1684: Build fails with empty PAX_COMMAND - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - Link against $(LIBDL) if SYSTEM_CUPS is not true + - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled. * ARM32 port - Add arm_port from IcedTea 6 - Add patches/arm.patch from IcedTea 6 @@ -63,6 +65,7 @@ - Include $(CFLAGS) in assembler stage - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. + - Turn ARM32 JIT on by default * AArch64 port - PR1713: Support AArch64 Port * Shark diff -r 0e95da4065f2 -r d2bc83a8ce09 acinclude.m4 --- a/acinclude.m4 Thu Mar 27 20:22:28 2014 +0000 +++ b/acinclude.m4 Fri Mar 28 12:27:42 2014 +0000 @@ -126,9 +126,17 @@ AC_DEFUN([IT_FIND_COMPILER], [ + AC_REQUIRE([IT_FIND_JAVA]) + AC_REQUIRE([IT_FIND_ECJ_JAR]) + IT_FIND_JAVAC IT_FIND_ECJ IT_USING_ECJ + IT_WITH_GCJ + + if test x"${GCJ}" != xno ; then + JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" + fi AC_SUBST(ECJ) AC_SUBST(JAVAC) @@ -315,7 +323,7 @@ AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes") ]) -AC_DEFUN([IT_FIND_ECJ_JAR], +AC_DEFUN_ONCE([IT_FIND_ECJ_JAR], [ AC_MSG_CHECKING([for an ecj JAR file]) AC_ARG_WITH([ecj-jar], @@ -930,7 +938,7 @@ AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7") ]) -AC_DEFUN([IT_WITH_GCJ], +AC_DEFUN_ONCE([IT_WITH_GCJ], [ AC_MSG_CHECKING([whether to compile ecj natively]) AC_ARG_WITH([gcj], @@ -1786,6 +1794,7 @@ ]) AC_DEFUN([IT_DIAMOND_CHECK],[ + AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK]) AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [ CLASS=Test.java BYTECODE=$(echo $CLASS|sed 's#\.java##') @@ -2631,7 +2640,7 @@ [ AC_MSG_CHECKING([whether to enable the ARM32 JIT]) AC_ARG_ENABLE([arm32-jit], - [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])], + [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])], [ case "${enableval}" in yes) @@ -2643,7 +2652,7 @@ esac ], [ - enable_arm32jit=no + enable_arm32jit=yes ]) AC_MSG_RESULT([$enable_arm32jit]) AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") diff -r 0e95da4065f2 -r d2bc83a8ce09 configure.ac --- a/configure.ac Thu Mar 27 20:22:28 2014 +0000 +++ b/configure.ac Fri Mar 28 12:27:42 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea], [2.4.6pre01], [distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea], [2.4.6], [distro-pkg-dev at openjdk.java.net]) AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) AC_CONFIG_FILES([Makefile]) @@ -43,7 +43,6 @@ IT_CHECK_FOR_MERCURIAL IT_OBTAIN_HG_REVISIONS AC_PATH_TOOL([LSB_RELEASE],[lsb_release]) -IT_WITH_GCJ IT_WITH_HOTSPOT_BUILD AC_PATH_TOOL([LINUX32],[linux32]) IT_CHECK_GCC_VERSION diff -r 0e95da4065f2 -r d2bc83a8ce09 hotspot.map --- a/hotspot.map Thu Mar 27 20:22:28 2014 +0000 +++ b/hotspot.map Fri Mar 28 12:27:42 2014 +0000 @@ -1,3 +1,3 @@ # version url changeset sha256sum -default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760 -aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a +default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 172674e0ab65 2aadfe9b1848a619bd2d35f802b3e71ef5286e7822f9e7b02ce2539ca817d9b0 +aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot f50993b6c38d 64c2d0bfa71d6eecf18ab28fd64d5bd79af096f77548d80de7953c306fd9c22c diff -r 0e95da4065f2 -r d2bc83a8ce09 patches/hotspot/aarch64/werror.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/hotspot/aarch64/werror.patch Fri Mar 28 12:27:42 2014 +0000 @@ -0,0 +1,43 @@ +diff -Nru openjdk.orig/hotspot/make/linux/makefiles/gcc.make openjdk/hotspot/make/linux/makefiles/gcc.make +--- openjdk.orig/hotspot/make/linux/makefiles/gcc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/linux/makefiles/gcc.make 2014-03-28 03:26:57.229802760 +0000 +@@ -205,7 +205,9 @@ + endif + + # Compiler warnings are treated as errors ++ifneq ($(COMPILER_WARNINGS_FATAL),false) + WARNINGS_ARE_ERRORS = -Werror ++endif + + ifeq ($(USE_CLANG), true) + # However we need to clean the code up before we can unrestrictedly enable this option with Clang +diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/adlc.make openjdk/hotspot/make/solaris/makefiles/adlc.make +--- openjdk.orig/hotspot/make/solaris/makefiles/adlc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/solaris/makefiles/adlc.make 2014-03-28 03:26:02.604988364 +0000 +@@ -73,8 +73,10 @@ + + # CFLAGS_WARN holds compiler options to suppress/enable warnings. + # Compiler warnings are treated as errors +-ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1) +- CFLAGS_WARN = +w -errwarn ++ifneq ($(COMPILER_WARNINGS_FATAL),false) ++ ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1) ++ CFLAGS_WARN = +w -errwarn ++ endif + endif + CFLAGS += $(CFLAGS_WARN) + +diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/gcc.make openjdk/hotspot/make/solaris/makefiles/gcc.make +--- openjdk.orig/hotspot/make/solaris/makefiles/gcc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/solaris/makefiles/gcc.make 2014-03-28 03:27:28.206264586 +0000 +@@ -116,7 +116,9 @@ + + + # Compiler warnings are treated as errors +-WARNINGS_ARE_ERRORS = -Werror ++ifneq ($(COMPILER_WARNINGS_FATAL),false) ++WARNINGS_ARE_ERRORS = -Werror ++endif + # Enable these warnings. See 'info gcc' about details on these options + WARNING_FLAGS = -Wpointer-arith -Wconversion -Wsign-compare -Wundef + CFLAGS_WARN/DEFAULT = $(WARNINGS_ARE_ERRORS) $(WARNING_FLAGS) From andrew at icedtea.classpath.org Fri Mar 28 12:29:54 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:29:54 +0000 Subject: /hg/release/icedtea7-forest-2.4/corba: Added tag icedtea-2.4.6 f... Message-ID: changeset 83199e0b01cf in /hg/release/icedtea7-forest-2.4/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/corba?cmd=changeset;node=83199e0b01cf author: andrew date: Wed Mar 26 16:03:42 2014 +0000 Added tag icedtea-2.4.6 for changeset 48ef1bb6d120 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 3cf2158dd79b -r 83199e0b01cf .hgtags --- a/.hgtags Mon Mar 17 16:37:11 2014 +0000 +++ b/.hgtags Wed Mar 26 16:03:42 2014 +0000 @@ -412,3 +412,4 @@ e2f0036f712aa636cfd55334ac21ea7ca2587a7b jdk7u51-b13 3594dbde270d68920afc5ee862d10f14c2a87dc8 icedtea-2.4.5 48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6pre01 +48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:29:47 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:29:47 +0000 Subject: /hg/release/icedtea7-forest-2.4: Added tag icedtea-2.4.6 for cha... Message-ID: changeset d1abda35e18d in /hg/release/icedtea7-forest-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=d1abda35e18d author: andrew date: Wed Mar 26 16:02:33 2014 +0000 Added tag icedtea-2.4.6 for changeset b028e58c1b77 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 2307419e6c4c -r d1abda35e18d .hgtags --- a/.hgtags Mon Mar 17 16:37:10 2014 +0000 +++ b/.hgtags Wed Mar 26 16:02:33 2014 +0000 @@ -410,3 +410,4 @@ 6c778574d87336a2e55156544af92ce2de799696 jdk7u51-b13 410eb7fef869645524ebb08293da1ba6215e5ce9 icedtea-2.4.5 b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6pre01 +b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:30:00 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:30:00 +0000 Subject: /hg/release/icedtea7-forest-2.4/jaxp: Added tag icedtea-2.4.6 fo... Message-ID: changeset 076644826249 in /hg/release/icedtea7-forest-2.4/jaxp details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxp?cmd=changeset;node=076644826249 author: andrew date: Wed Mar 26 16:03:42 2014 +0000 Added tag icedtea-2.4.6 for changeset e0ba4b9a8b91 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 729a01a39169 -r 076644826249 .hgtags --- a/.hgtags Mon Mar 17 16:37:13 2014 +0000 +++ b/.hgtags Wed Mar 26 16:03:42 2014 +0000 @@ -412,3 +412,4 @@ 114654a331e2f97a048d7ed43d06d7512e20e2c1 jdk7u51-b13 8fe156ad49e2db0e5034ffda4649e801b9c315da icedtea-2.4.5 e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6pre01 +e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:30:07 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:30:07 +0000 Subject: /hg/release/icedtea7-forest-2.4/jaxws: Added tag icedtea-2.4.6 f... Message-ID: changeset 622332638ead in /hg/release/icedtea7-forest-2.4/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxws?cmd=changeset;node=622332638ead author: andrew date: Wed Mar 26 16:03:43 2014 +0000 Added tag icedtea-2.4.6 for changeset 4bd947cd146b diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r d64584236d69 -r 622332638ead .hgtags --- a/.hgtags Mon Mar 17 16:37:13 2014 +0000 +++ b/.hgtags Wed Mar 26 16:03:43 2014 +0000 @@ -412,3 +412,4 @@ 81a1b110f70c37d2c2f0de7c0ef3bd2d04aba475 jdk7u51-b13 32ea8b1ed91a12ac4633d596f0713c2c67930874 icedtea-2.4.5 4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6pre01 +4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:30:15 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:30:15 +0000 Subject: /hg/release/icedtea7-forest-2.4/langtools: Added tag icedtea-2.4... Message-ID: changeset a4b41531c1f4 in /hg/release/icedtea7-forest-2.4/langtools details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/langtools?cmd=changeset;node=a4b41531c1f4 author: andrew date: Wed Mar 26 16:03:43 2014 +0000 Added tag icedtea-2.4.6 for changeset 06eeb77dac24 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r f1982814ebb6 -r a4b41531c1f4 .hgtags --- a/.hgtags Mon Mar 17 16:37:14 2014 +0000 +++ b/.hgtags Wed Mar 26 16:03:43 2014 +0000 @@ -412,3 +412,4 @@ 4d0807934c302f2e35e6a5acc6cdc720c82b5671 jdk7u51-b13 dabd37b7e2950b42c1c9550caea26522348cd7b4 icedtea-2.4.5 06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6pre01 +06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:30:29 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:30:29 +0000 Subject: /hg/release/icedtea7-forest-2.4/jdk: Added tag icedtea-2.4.6 for... Message-ID: changeset a1fe933e5be6 in /hg/release/icedtea7-forest-2.4/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=a1fe933e5be6 author: andrew date: Wed Mar 26 16:01:18 2014 +0000 Added tag icedtea-2.4.6 for changeset b5282042aae0 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r b5282042aae0 -r a1fe933e5be6 .hgtags --- a/.hgtags Fri Mar 21 17:48:59 2014 +0000 +++ b/.hgtags Wed Mar 26 16:01:18 2014 +0000 @@ -403,3 +403,4 @@ d19a89fdfb9b959b8638441d9d396685d6c7ab7b jdk7u51-b13 9db88c18e114006dc242d1ba31683cbdb6151a5d icedtea-2.4.5 f582aad1fce8fe3410728dd40778dbde12f63beb icedtea-2.4.6pre01 +b5282042aae07c3f9b6fed8879b3db7352556286 icedtea-2.4.6 From andrew at icedtea.classpath.org Fri Mar 28 12:31:21 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:31:21 +0000 Subject: /hg/release/icedtea7-2.3: 7 new changesets Message-ID: changeset c412c251e4c0 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=c412c251e4c0 author: Andrew John Hughes date: Wed Mar 26 14:45:38 2014 +0000 Prepare for 2.3.14 release cycle. 2014-03-26 Andrew John Hughes * NEWS: Set release date to today. * configure.ac: Set to 2.3.14. changeset 92ea9fe53505 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=92ea9fe53505 author: Andrew John Hughes date: Wed Mar 26 23:23:37 2014 +0000 Include zero patches directory in tarball and backport post-7023639 ARM32 JIT patch. 2014-03-26 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add ARM hs24 support patch. (EXTRA_DIST): Include zero patches directory. * NEWS: Mention PR1626. * patches/zero/arm-7023639.patch: Backport of most of PR1626, as applicable to hs23 + S7023639. changeset 531847dfec6f in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=531847dfec6f author: Andrew John Hughes date: Thu Mar 27 03:50:20 2014 +0000 Perform configure checks using ecj.jar if native ecj is enabled. 2014-03-26 Andrew John Hughes Perform configure checks using ecj.jar if native ecj is enabled. * Makefile.am: (native-ecj): Link against gcj explicitly. * acinclude.m4: (IT_FIND_COMPILER): Run IT_WITH_GCJ and set JAVAC to an invocation of the ECJ_JAR if native ecj is used. Depend on IT_FIND_JAVA and IT_FIND_ECJ_JAR for this. (IT_FIND_ECJ_JAR): Define only once. (IT_WITH_GCJ): Likewise. (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. * configure.ac: Remove invocation of IT_WITH_GCJ. changeset ed2108ad126a in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=ed2108ad126a author: Andrew John Hughes date: Thu Mar 27 04:19:17 2014 +0000 Allow JSR292 patches to be turned on or off, independently of Zero. 2014-03-26 Andrew John Hughes * patches/zero/7023639-8000780-jsr292_fast_path.patch, * patches/zero/7192406-exact_return_type_info.patch, * patches/zero/7196242-loopsandthreads_crashed.patch, * patches/zero/7200949-jruby_fail.patch, * patches/zero/8029507-jvm_method_processing.patch, * patches/zero/arm-7023639.patch: Move patches to... * INSTALL: Document --enable-jsr292-update. * Makefile.am: (ICEDTEA_PATCHES): Fix path to JSR292 patches and enable if JSR292 update option is on, rather than tying the patches to Zero. (EXTRA_DIST): Update path to JSR292 patches. * acinclude.m4: (IT_ENABLE_ARM32JIT): Fix text regarding default. (IT_ENABLE_JSR292_UPDATE): Turn on or off the JSR292 patches. They are on by default if building Zero without the ARM32 JIT. * configure.ac: Replace invocation of IT_ENABLE_ARM32JIT with IT_ENABLE_JSR292_UPDATE (which depends on the former). * patches/jsr292/7023639-8000780-jsr292_fast_path.patch, * patches/jsr292/7192406-exact_return_type_info.patch, * patches/jsr292/7196242-loopsandthreads_crashed.patch, * patches/jsr292/7200949-jruby_fail.patch, * patches/jsr292/8029507-jvm_method_processing.patch, * patches/jsr292/arm-7023639.patch: ... here. changeset ecb7a4569122 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=ecb7a4569122 author: Andrew John Hughes date: Thu Mar 27 04:21:32 2014 +0000 Update NEWS with recent changes. 2014-03-26 Andrew John Hughes * NEWS: Update with recent changes. changeset 0d41c744e17e in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=0d41c744e17e author: Andrew John Hughes date: Fri Mar 28 12:07:01 2014 +0000 Update release date. 2014-03-28 Andrew John Hughes * NEWS: Update release date. changeset 8a7b22cf755e in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=8a7b22cf755e author: Andrew John Hughes date: Fri Mar 28 12:31:02 2014 +0000 Added tag icedtea-2.3.14 for changeset 0d41c744e17e diffstat: .hgtags | 1 + ChangeLog | 66 + INSTALL | 1 + Makefile.am | 16 +- NEWS | 16 +- acinclude.m4 | 48 +- configure.ac | 5 +- patches/jsr292/7023639-8000780-jsr292_fast_path.patch | 28468 ++++++++++++++++ patches/jsr292/7192406-exact_return_type_info.patch | 660 + patches/jsr292/7196242-loopsandthreads_crashed.patch | 124 + patches/jsr292/7200949-jruby_fail.patch | 1045 + patches/jsr292/8029507-jvm_method_processing.patch | 215 + patches/jsr292/arm-7023639.patch | 361 + patches/zero/7023639-8000780-jsr292_fast_path.patch | 28468 ---------------- patches/zero/7192406-exact_return_type_info.patch | 660 - patches/zero/7196242-loopsandthreads_crashed.patch | 124 - patches/zero/7200949-jruby_fail.patch | 1045 - patches/zero/8029507-jvm_method_processing.patch | 215 - 18 files changed, 31006 insertions(+), 30532 deletions(-) diffs (truncated from 61728 to 500 lines): diff -r 2413c19a0afe -r 8a7b22cf755e .hgtags --- a/.hgtags Tue Mar 25 15:37:38 2014 +0000 +++ b/.hgtags Fri Mar 28 12:31:02 2014 +0000 @@ -50,3 +50,4 @@ 05dd3f8c99d9f7682f2913105e0dbfca1d54574c icedtea-2.3.11 15f12a7b52afd256dab7f6eb91050714e33871a9 icedtea-2.3.12 1ced129674a58a8dec5ce2ceb11d8dd6407aa2af icedtea-2.3.13 +0d41c744e17e10b26e7ef4b2311b2cce531c0271 icedtea-2.3.14 diff -r 2413c19a0afe -r 8a7b22cf755e ChangeLog --- a/ChangeLog Tue Mar 25 15:37:38 2014 +0000 +++ b/ChangeLog Fri Mar 28 12:31:02 2014 +0000 @@ -1,3 +1,69 @@ +2014-03-28 Andrew John Hughes + + * NEWS: Update release date. + +2014-03-26 Andrew John Hughes + + * NEWS: Update with recent changes. + +2014-03-26 Andrew John Hughes + + * patches/zero/7023639-8000780-jsr292_fast_path.patch, + * patches/zero/7192406-exact_return_type_info.patch, + * patches/zero/7196242-loopsandthreads_crashed.patch, + * patches/zero/7200949-jruby_fail.patch, + * patches/zero/8029507-jvm_method_processing.patch, + * patches/zero/arm-7023639.patch: Move patches to... + * INSTALL: Document --enable-jsr292-update. + * Makefile.am: + (ICEDTEA_PATCHES): Fix path to JSR292 patches and + enable if JSR292 update option is on, rather than tying + the patches to Zero. + (EXTRA_DIST): Update path to JSR292 patches. + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Fix text regarding default. + (IT_ENABLE_JSR292_UPDATE): Turn on or off the JSR292 patches. + They are on by default if building Zero without the ARM32 JIT. + * configure.ac: Replace invocation of IT_ENABLE_ARM32JIT with + IT_ENABLE_JSR292_UPDATE (which depends on the former). + * patches/jsr292/7023639-8000780-jsr292_fast_path.patch, + * patches/jsr292/7192406-exact_return_type_info.patch, + * patches/jsr292/7196242-loopsandthreads_crashed.patch, + * patches/jsr292/7200949-jruby_fail.patch, + * patches/jsr292/8029507-jvm_method_processing.patch, + * patches/jsr292/arm-7023639.patch: ... here. + +2014-03-26 Andrew John Hughes + + Perform configure checks using ecj.jar + if native ecj is enabled. + * Makefile.am: + (native-ecj): Link against gcj explicitly. + * acinclude.m4: + (IT_FIND_COMPILER): Run IT_WITH_GCJ + and set JAVAC to an invocation of the ECJ_JAR + if native ecj is used. Depend on IT_FIND_JAVA + and IT_FIND_ECJ_JAR for this. + (IT_FIND_ECJ_JAR): Define only once. + (IT_WITH_GCJ): Likewise. + (IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK. + * configure.ac: Remove invocation of IT_WITH_GCJ. + +2014-03-26 Andrew John Hughes + + * Makefile.am: + (ICEDTEA_PATCHES): Add ARM hs24 support patch. + (EXTRA_DIST): Include zero patches directory. + * NEWS: Mention PR1626. + * patches/zero/arm-7023639.patch: Backport of + most of PR1626, as applicable to hs23 + + S7023639. + +2014-03-26 Andrew John Hughes + + * NEWS: Set release date to today. + * configure.ac: Set to 2.3.14. + 2014-03-24 Andrew John Hughes * NEWS: Updated. diff -r 2413c19a0afe -r 8a7b22cf755e INSTALL --- a/INSTALL Tue Mar 25 15:37:38 2014 +0000 +++ b/INSTALL Fri Mar 28 12:31:02 2014 +0000 @@ -176,6 +176,7 @@ * --enable-Werror: Turn gcc & javac warnings into errors. * --disable-jar-compression: Don't compress the OpenJDK JAR files. * --disable-downloading: Don't download tarballs if not available; fail instead. +* --enable-jsr292-update: Patch OpenJDK sources with a backport of S7023639 and associated patches. Other options may be supplied which enable or disable new features. These are documented fully in the relevant section below. diff -r 2413c19a0afe -r 8a7b22cf755e Makefile.am --- a/Makefile.am Tue Mar 25 15:37:38 2014 +0000 +++ b/Makefile.am Fri Mar 28 12:31:02 2014 +0000 @@ -310,13 +310,14 @@ ICEDTEA_PATCHES += patches/nss-not-enabled-config.patch endif -if ZERO_BUILD +if ENABLE_JSR292 ICEDTEA_PATCHES += \ - patches/zero/7023639-8000780-jsr292_fast_path.patch \ - patches/zero/7196242-loopsandthreads_crashed.patch \ - patches/zero/7192406-exact_return_type_info.patch \ - patches/zero/7200949-jruby_fail.patch \ - patches/zero/8029507-jvm_method_processing.patch + patches/jsr292/7023639-8000780-jsr292_fast_path.patch \ + patches/jsr292/7196242-loopsandthreads_crashed.patch \ + patches/jsr292/7192406-exact_return_type_info.patch \ + patches/jsr292/7200949-jruby_fail.patch \ + patches/jsr292/8029507-jvm_method_processing.patch \ + patches/jsr292/arm-7023639.patch endif ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) @@ -778,6 +779,7 @@ $(top_srcdir)/patches/boot/*.patch \ $(top_srcdir)/patches/cacao/*.patch \ $(top_srcdir)/patches/jamvm/*.patch \ + $(top_srcdir)/patches/jsr292/*.patch \ tools-copy contrib overlays \ javaws.png javaws.desktop \ jconsole.desktop policytool.desktop \ @@ -1607,7 +1609,7 @@ mkdir -p stamps if BUILD_NATIVE_ECJ ${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \ - --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR} + --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR} endif touch $@ diff -r 2413c19a0afe -r 8a7b22cf755e NEWS --- a/NEWS Tue Mar 25 15:37:38 2014 +0000 +++ b/NEWS Fri Mar 28 12:31:02 2014 +0000 @@ -10,20 +10,20 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 2.3.14 (2014-01-XX): +New in release 2.3.14 (2014-03-28): * Security fixes - - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only) - - S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only) + - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (JSR292 update only) + - S8029507, CVE-2013-5893: Enhance JVM method processing (JSR292 update only) * Backports - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f - S7032018: The file list in JFileChooser does not have an accessible name - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages - - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only) - - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only) - - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only) - - S8000780: make Zero build and run with JDK8 (Zero only) + - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (JSR292 update only) + - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (JSR292 update only) + - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (JSR292 update only) + - S8000780: make Zero build and run with JDK8 (JSR292 update only) - S8008764: 7uX l10n resource file translation update - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint @@ -53,6 +53,7 @@ - S8035893: JVM_GetVersionInfo fails to zero structure * Bug fixes - Fix broken bootstrap build by updating ecj-multicatch.patch + - PR1626: ARM32 assembler update for hsx24 (JSR292 update only) - PR1654: ppc32 needs a larger ThreadStackSize to build - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1679: Allow OpenJDK to build on PaX-enabled kernels @@ -60,6 +61,7 @@ - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - RH910107: fail to load PC/SC library + - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled. * New features - PR1653: Support ppc64le via Zero * ARM port diff -r 2413c19a0afe -r 8a7b22cf755e acinclude.m4 --- a/acinclude.m4 Tue Mar 25 15:37:38 2014 +0000 +++ b/acinclude.m4 Fri Mar 28 12:31:02 2014 +0000 @@ -119,9 +119,17 @@ AC_DEFUN([IT_FIND_COMPILER], [ + AC_REQUIRE([IT_FIND_JAVA]) + AC_REQUIRE([IT_FIND_ECJ_JAR]) + IT_FIND_JAVAC IT_FIND_ECJ IT_USING_ECJ + IT_WITH_GCJ + + if test x"${GCJ}" != xno ; then + JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" + fi AC_SUBST(ECJ) AC_SUBST(JAVAC) @@ -308,7 +316,7 @@ AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes") ]) -AC_DEFUN([IT_FIND_ECJ_JAR], +AC_DEFUN_ONCE([IT_FIND_ECJ_JAR], [ AC_MSG_CHECKING([for an ecj JAR file]) AC_ARG_WITH([ecj-jar], @@ -904,7 +912,7 @@ AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7") ]) -AC_DEFUN([IT_WITH_GCJ], +AC_DEFUN_ONCE([IT_WITH_GCJ], [ AC_MSG_CHECKING([whether to compile ecj natively]) AC_ARG_WITH([gcj], @@ -1746,6 +1754,7 @@ ]) AC_DEFUN([IT_DIAMOND_CHECK],[ + AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK]) AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [ CLASS=Test.java BYTECODE=$(echo $CLASS|sed 's#\.java##') @@ -2499,7 +2508,7 @@ [ AC_MSG_CHECKING([whether to enable the ARM32 JIT]) AC_ARG_ENABLE([arm32-jit], - [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])], + [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])], [ case "${enableval}" in yes) @@ -2516,3 +2525,36 @@ AC_MSG_RESULT([$enable_arm32jit]) AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes") ]) + +AC_DEFUN([IT_ENABLE_JSR292_UPDATE], +[ + AC_REQUIRE([IT_SET_ARCH_SETTINGS]) + AC_REQUIRE([IT_ENABLE_ZERO_BUILD]) + AC_REQUIRE([IT_ENABLE_ARM32JIT]) + AC_MSG_CHECKING([whether to enable the JSR292 update in 7023639]) + AC_ARG_ENABLE([jsr292-update], + [AS_HELP_STRING(--enable-jsr292-update,build with the JSR292 update [[default=yes for zero]])], + [ + case "${enableval}" in + yes) + enable_jsr292=yes + ;; + *) + enable_jsr292=no + ;; + esac + ], + [ + if test "x${use_zero}" = xyes; then + if test "x${JRE_ARCH_DIR}" = xarm -a "x${enable_arm32jit}" = "xyes"; then + enable_jsr292=no; + else + enable_jsr292=yes; + fi + else + enable_jsr292=no; + fi + ]) + AC_MSG_RESULT([$enable_jsr292]) + AM_CONDITIONAL([ENABLE_JSR292], test x"${enable_jsr292}" = "xyes") +]) diff -r 2413c19a0afe -r 8a7b22cf755e configure.ac --- a/configure.ac Tue Mar 25 15:37:38 2014 +0000 +++ b/configure.ac Fri Mar 28 12:31:02 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea], [2.3.14pre], [distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea], [2.3.14], [distro-pkg-dev at openjdk.java.net]) AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) AC_CONFIG_FILES([Makefile]) @@ -43,7 +43,6 @@ IT_CHECK_FOR_MERCURIAL IT_OBTAIN_HG_REVISIONS AC_PATH_TOOL([LSB_RELEASE],[lsb_release]) -IT_WITH_GCJ IT_WITH_HOTSPOT_BUILD AC_PATH_TOOL([LINUX32],[linux32]) IT_CHECK_GCC_VERSION @@ -181,7 +180,7 @@ IT_ENABLE_JAR_COMPRESSION IT_SET_SHARK_BUILD IT_CHECK_ADDITIONAL_VMS -IT_ENABLE_ARM32JIT +IT_ENABLE_JSR292_UPDATE IT_WITH_VERSION_SUFFIX IT_WITH_PROJECT diff -r 2413c19a0afe -r 8a7b22cf755e patches/jsr292/7023639-8000780-jsr292_fast_path.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/jsr292/7023639-8000780-jsr292_fast_path.patch Fri Mar 28 12:31:02 2014 +0000 @@ -0,0 +1,28468 @@ +# HG changeset patch +# User andrew +# Date 1391696693 0 +# Thu Feb 06 14:24:53 2014 +0000 +# Node ID 19ac51ce4be77e6895816f9823bce63a72392e89 +# Parent 3442eb7ef2d216d6bf655d537929a2d31a76a321 +7023639: JSR 292 method handle invocation needs a fast path for compiled code +6984705: JSR 292 method handle creation should not go through JNI +Summary: remove assembly code for JDK 7 chained method handles +Reviewed-by: jrose, twisti, kvn, mhaupt +Contributed-by: John Rose , Christian Thalinger , Michael Haupt + +8000780: [Backport from jdk8] Fix zero fail to build in icedtea7-head. +Summary: Update Zero in icedtea7 to use the hsx24 b25+ java level MLVM + hooks (MLVM Lazy) now in jdk8 and jdk7u-dev head. +Reviewed-by: rkennke ( Roman Kenbke ) + +diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java +--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java Tue Jan 14 20:24:44 2014 -0500 ++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java Thu Feb 06 14:24:53 2014 +0000 +@@ -93,7 +93,6 @@ + public boolean isUncommonTrapStub() { return false; } + public boolean isExceptionStub() { return false; } + public boolean isSafepointStub() { return false; } +- public boolean isRicochetBlob() { return false; } + public boolean isAdapterBlob() { return false; } + + // Fine grain nmethod support: isNmethod() == isJavaMethod() || isNativeMethod() || isOSRMethod() +diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java +--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java Tue Jan 14 20:24:44 2014 -0500 ++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java Thu Feb 06 14:24:53 2014 +0000 +@@ -57,7 +57,6 @@ + virtualConstructor.addMapping("BufferBlob", BufferBlob.class); + virtualConstructor.addMapping("nmethod", NMethod.class); + virtualConstructor.addMapping("RuntimeStub", RuntimeStub.class); +- virtualConstructor.addMapping("RicochetBlob", RicochetBlob.class); + virtualConstructor.addMapping("AdapterBlob", AdapterBlob.class); + virtualConstructor.addMapping("MethodHandlesAdapterBlob", MethodHandlesAdapterBlob.class); + virtualConstructor.addMapping("SafepointBlob", SafepointBlob.class); +@@ -127,10 +126,6 @@ + Assert.that(result.blobContains(start) || result.blobContains(start.addOffsetTo(8)), + "found wrong CodeBlob"); + } +- if (result.isRicochetBlob()) { +- // This should probably be done for other SingletonBlobs +- return VM.getVM().ricochetBlob(); +- } + return result; + } + +diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/RicochetBlob.java +--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/RicochetBlob.java Tue Jan 14 20:24:44 2014 -0500 ++++ /dev/null Thu Jan 01 00:00:00 1970 +0000 +@@ -1,70 +0,0 @@ +-/* +- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- * +- */ +- +-package sun.jvm.hotspot.code; +- +-import java.util.*; +-import sun.jvm.hotspot.debugger.*; +-import sun.jvm.hotspot.runtime.*; +-import sun.jvm.hotspot.types.*; +- +-/** RicochetBlob (currently only used by Compiler 2) */ +- +-public class RicochetBlob extends SingletonBlob { +- static { +- VM.registerVMInitializedObserver(new Observer() { +- public void update(Observable o, Object data) { +- initialize(VM.getVM().getTypeDataBase()); +- } +- }); +- } +- +- private static void initialize(TypeDataBase db) { +- Type type = db.lookupType("RicochetBlob"); +- +- bounceOffsetField = type.getCIntegerField("_bounce_offset"); +- exceptionOffsetField = type.getCIntegerField("_exception_offset"); +- } +- +- private static CIntegerField bounceOffsetField; +- private static CIntegerField exceptionOffsetField; +- +- public RicochetBlob(Address addr) { +- super(addr); +- } +- +- public boolean isRicochetBlob() { +- return true; +- } +- +- public Address bounceAddr() { +- return codeBegin().addOffsetTo(bounceOffsetField.getValue(addr)); +- } +- +- public boolean returnsToBounceAddr(Address pc) { +- Address bouncePc = bounceAddr(); +- return (pc.equals(bouncePc) || pc.addOffsetTo(Frame.pcReturnOffset()).equals(bouncePc)); +- } +- +-} +diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java +--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java Tue Jan 14 20:24:44 2014 -0500 ++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java Thu Feb 06 14:24:53 2014 +0000 +@@ -147,12 +147,6 @@ + } + } + +- public boolean isRicochetFrame() { +- CodeBlob cb = VM.getVM().getCodeCache().findBlob(getPC()); +- RicochetBlob rcb = VM.getVM().ricochetBlob(); +- return (cb == rcb && rcb != null && rcb.returnsToBounceAddr(getPC())); +- } +- + public boolean isCompiledFrame() { + if (Assert.ASSERTS_ENABLED) { + Assert.that(!VM.getVM().isCore(), "noncore builds only"); +@@ -216,8 +210,7 @@ + public Frame realSender(RegisterMap map) { + if (!VM.getVM().isCore()) { + Frame result = sender(map); +- while (result.isRuntimeFrame() || +- result.isRicochetFrame()) { ++ while (result.isRuntimeFrame()) { + result = result.sender(map); + } + return result; +@@ -631,9 +624,6 @@ + if (Assert.ASSERTS_ENABLED) { + Assert.that(cb != null, "sanity check"); + } +- if (cb == VM.getVM().ricochetBlob()) { +- oopsRicochetDo(oopVisitor, regMap); +- } + if (cb.getOopMaps() != null) { + OopMapSet.oopsDo(this, cb, regMap, oopVisitor, VM.getVM().isDebugging()); + +@@ -650,10 +640,6 @@ + // } + } + +- private void oopsRicochetDo (AddressVisitor oopVisitor, RegisterMap regMap) { +- // XXX Empty for now +- } +- + // FIXME: implement the above routines, plus add + // oops_interpreted_arguments_do and oops_compiled_arguments_do + } +diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java +--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java Tue Jan 14 20:24:44 2014 -0500 ++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java Thu Feb 06 14:24:53 2014 +0000 +@@ -87,8 +87,6 @@ + private StubRoutines stubRoutines; + private Bytes bytes; + +- private RicochetBlob ricochetBlob; +- + /** Flags indicating whether we are attached to a core, C1, or C2 build */ + private boolean usingClientCompiler; + private boolean usingServerCompiler; +@@ -628,18 +626,6 @@ + return stubRoutines; + } + +- public RicochetBlob ricochetBlob() { +- if (ricochetBlob == null) { +- Type ricochetType = db.lookupType("SharedRuntime"); +- AddressField ricochetBlobAddress = ricochetType.getAddressField("_ricochet_blob"); +- Address addr = ricochetBlobAddress.getValue(); +- if (addr != null) { +- ricochetBlob = new RicochetBlob(addr); +- } +- } +- return ricochetBlob; From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 12:31:32 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:31:32 +0000 Subject: [Bug 1626] icedtea7-zero fails to build on ARM In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1626 --- Comment #5 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=92ea9fe53505 author: Andrew John Hughes date: Wed Mar 26 23:23:37 2014 +0000 Include zero patches directory in tarball and backport post-7023639 ARM32 JIT patch. 2014-03-26 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add ARM hs24 support patch. (EXTRA_DIST): Include zero patches directory. * NEWS: Mention PR1626. * patches/zero/arm-7023639.patch: Backport of most of PR1626, as applicable to hs23 + S7023639. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 12:42:52 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:42:52 +0000 Subject: /hg/release/icedtea7-forest-2.3: Added tag icedtea-2.3.14 for ch... Message-ID: changeset 4ed28c8bebe9 in /hg/release/icedtea7-forest-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3?cmd=changeset;node=4ed28c8bebe9 author: andrew date: Fri Mar 28 12:42:02 2014 +0000 Added tag icedtea-2.3.14 for changeset 14181eb6c00d diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 14181eb6c00d -r 4ed28c8bebe9 .hgtags --- a/.hgtags Wed Feb 19 21:07:59 2014 +0000 +++ b/.hgtags Fri Mar 28 12:42:02 2014 +0000 @@ -304,3 +304,4 @@ 2197dde877124579204c5266fa9d89166760b44f jdk7u25-b15 9846c505054fb91762f3fd9b817d1a9760322029 jdk7u25-b30 2ce335eb4926b0c7b59098159f33d452e8bf2d95 icedtea-2.3.13 +14181eb6c00d4806337559762ff598b425299c6a icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:42:58 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:42:58 +0000 Subject: /hg/release/icedtea7-forest-2.3/corba: Added tag icedtea-2.3.14 ... Message-ID: changeset 520d73cfba80 in /hg/release/icedtea7-forest-2.3/corba details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=520d73cfba80 author: andrew date: Fri Mar 28 12:40:08 2014 +0000 Added tag icedtea-2.3.14 for changeset c7d0b72f704f diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r c7d0b72f704f -r 520d73cfba80 .hgtags --- a/.hgtags Thu Jan 23 23:19:18 2014 +0000 +++ b/.hgtags Fri Mar 28 12:40:08 2014 +0000 @@ -306,3 +306,4 @@ 4fde7ac2ecf4b170022ebbf8a961e6dbb229ccab jdk7u25-b15 f4bec833a24b20f5ae770d0650350fc8950c9dc0 jdk7u25-b30 d07caee626d9964ed0a85b2ae825a8b88bac7b65 icedtea-2.3.13 +c7d0b72f704f71ae09a8c546072cb2756b03e408 icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:43:05 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:43:05 +0000 Subject: /hg/release/icedtea7-forest-2.3/jaxp: Added tag icedtea-2.3.14 f... Message-ID: changeset 2d51fae92f97 in /hg/release/icedtea7-forest-2.3/jaxp details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=2d51fae92f97 author: andrew date: Fri Mar 28 12:40:09 2014 +0000 Added tag icedtea-2.3.14 for changeset 0eb202593710 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 0eb202593710 -r 2d51fae92f97 .hgtags --- a/.hgtags Fri Mar 21 19:37:44 2014 +0000 +++ b/.hgtags Fri Mar 28 12:40:09 2014 +0000 @@ -306,3 +306,4 @@ 503f75b55b34ae22f43b2992b1e56c96e35a60de jdk7u25-b15 8c35f2344beeb42e85d718e95813e6fdc2f0a605 jdk7u25-b30 8bbd7289b29dd7222e6b273272f275316369c7b8 icedtea-2.3.13 +0eb20259371053f37ccebbd34fd205a432fc5913 icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:43:12 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:43:12 +0000 Subject: /hg/release/icedtea7-forest-2.3/jaxws: Added tag icedtea-2.3.14 ... Message-ID: changeset 4d1188469bfd in /hg/release/icedtea7-forest-2.3/jaxws details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=4d1188469bfd author: andrew date: Fri Mar 28 12:40:11 2014 +0000 Added tag icedtea-2.3.14 for changeset 482a3f64a8ea diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 482a3f64a8ea -r 4d1188469bfd .hgtags --- a/.hgtags Thu Nov 21 11:15:32 2013 +0100 +++ b/.hgtags Fri Mar 28 12:40:11 2014 +0000 @@ -306,3 +306,4 @@ 4a925430bf712d36abb78decda16e04da1b1f6bc jdk7u25-b15 3ecf7ddefa035bc2c99b03b7a58a0dd0e97089c1 jdk7u25-b30 9801349b6b812410ec8f3175697facb7cfa4fc5a icedtea-2.3.13 +482a3f64a8ea659e3c8a7db8b2dad708b50202a3 icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:43:19 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:43:19 +0000 Subject: /hg/release/icedtea7-forest-2.3/langtools: Added tag icedtea-2.3... Message-ID: changeset 09ae96015a82 in /hg/release/icedtea7-forest-2.3/langtools details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools?cmd=changeset;node=09ae96015a82 author: andrew date: Fri Mar 28 12:40:19 2014 +0000 Added tag icedtea-2.3.14 for changeset d50a9c5cd291 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r d50a9c5cd291 -r 09ae96015a82 .hgtags --- a/.hgtags Tue Jan 14 20:24:46 2014 -0500 +++ b/.hgtags Fri Mar 28 12:40:19 2014 +0000 @@ -306,3 +306,4 @@ 3b8323e24a636ac0638604d19fc116eb0eef6cdb jdk7u25-b15 5d95c1e7c0913ad4bc0b5f0b559510d32557def2 jdk7u25-b30 96fc7f35fbeda3e348b4c088c4b7307b2a72478a icedtea-2.3.13 +d50a9c5cd291b1cd4f5ea612bc6b1fb4e5aa443e icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:43:26 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:43:26 +0000 Subject: /hg/release/icedtea7-forest-2.3/hotspot: Added tag icedtea-2.3.1... Message-ID: changeset 053505f331b0 in /hg/release/icedtea7-forest-2.3/hotspot details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=053505f331b0 author: andrew date: Fri Mar 28 12:40:21 2014 +0000 Added tag icedtea-2.3.14 for changeset 72a544aeb892 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 72a544aeb892 -r 053505f331b0 .hgtags --- a/.hgtags Fri Feb 28 16:00:40 2014 +0400 +++ b/.hgtags Fri Mar 28 12:40:21 2014 +0000 @@ -429,3 +429,4 @@ 3e145a686fedd9eefdcb6b714241200ed236b41d jdk7u25-b13 4fafaf293aa5666e8c9f5ca1d96c3f752305f586 jdk7u25-b14 b23760b457ce80ee57a215282ef5d23f677e9831 icedtea-2.3.13 +72a544aeb89217020b60c10fe167e2567fea3460 icedtea-2.3.14 From andrew at icedtea.classpath.org Fri Mar 28 12:43:33 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 12:43:33 +0000 Subject: /hg/release/icedtea7-forest-2.3/jdk: Added tag icedtea-2.3.14 fo... Message-ID: changeset 6bfd82b58e07 in /hg/release/icedtea7-forest-2.3/jdk details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=6bfd82b58e07 author: andrew date: Fri Mar 28 12:40:16 2014 +0000 Added tag icedtea-2.3.14 for changeset 3428bff8a33a diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 3428bff8a33a -r 6bfd82b58e07 .hgtags --- a/.hgtags Mon Mar 24 13:55:37 2014 +0000 +++ b/.hgtags Fri Mar 28 12:40:16 2014 +0000 @@ -320,3 +320,4 @@ 0a482b2f7c351d157c5ae9ca495d762c2deaf37c icedtea-2.3.11 4a0cf2c05cc6f0abd48d72008d8880b7e7a874e1 icedtea-2.3.12 acce97b208855981122cc33131b63e9b39fb9aa6 icedtea-2.3.13 +3428bff8a33a0ecf54412186f64efed7e168ccd1 icedtea-2.3.14 From gnu_andrew at member.fsf.org Fri Mar 28 13:13:38 2014 From: gnu_andrew at member.fsf.org (Andrew Hughes) Date: Fri, 28 Mar 2014 13:13:38 +0000 Subject: IcedTea 2.3.14 & 2.4.6: Considered ARMful Released! Message-ID: <20140328131338.GA4378@carrie.the212.com> The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK. These releases are mainly focused on ARM support. In 2.4.6, we see the first appearance of support for both the ARM32 JIT (previously in 2.3.x and earlier) and the AArch64 port. As it successfully built itself on Fedora, the ARM32 JIT is enabled by default, but can now be disabled using --disable-arm32-jit. We also update the 2.3 series, containing the more stable version of the ARM32 JIT, with the fixes previously released in 2.4.5. 2.3.14 also adds the two missing HotSpot security updates from the 2.3.12 release. However, these are only enabled by default when building Zero. They can be forced on for other builds by setting --enable-jsr292-update. This will be the last release of the 2.3.x series and users should transition to 2.4.x as soon as possible. More updates on this and other releases to follow shortly. If you find an issue with one of the releases, please report it to our bug database (http://icedtea.classpath.org/bugzilla) under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome. Full details of the releases can be found below. What's New? =========== New in release 2.4.6 (2014-03-28): * Backports - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 - S8035893: JVM_GetVersionInfo fails to zero structure - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. * Bug fixes - PR1101: Undefined symbols on GNU/Linux SPARC - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1679: Allow OpenJDK to build on PaX-enabled kernels - PR1684: Build fails with empty PAX_COMMAND - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - Link against $(LIBDL) if SYSTEM_CUPS is not true - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled. * ARM32 port - Add arm_port from IcedTea 6 - Add patches/arm.patch from IcedTea 6 - Add patches/arm-debug.patch from IcedTea 6 - Add patches/arm-hsdis.patch from IcedTea 6 - added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler - Adjust saved SP when safepointing. - First cut of invokedynamic - Fix trashed thread ptr after recursive re-entry from asm JIT. - JIT-compilation of ldc methodHandle - Rename a bunch of misleadingly-named functions - Changes for HSX22 - Rename a bunch of misleadingly-named functions - Patched method handle adapter code to deal with failures in TCK - Phase 1 - Phase 2 - RTC Thumb2 JIT enhancements. - Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo. - Use ldrexd for atomic reads on ARMv7. - Use unified syntax for thumb code. - Corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2 - Don't save locals at a return. - Fix call to handle_special_method(). Fix compareAndSwapLong. - Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged - invokedynamic and aldc for JIT - Modified safepoint check to rely on memory protect signal instead of polling - Minor review cleanups. - PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel - PR1363: Fedora 19 / rawhide FTBFS SIGILL - Changes for HSX23 - Remove fragment from method that has been removed - Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make. - Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags - Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present. - Override automatic detection of source language for bytecodes_arm.def - Include $(CFLAGS) in assembler stage - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off. - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. - Turn ARM32 JIT on by default * AArch64 port - PR1713: Support AArch64 Port * Shark - Add Shark definitions from 8003868 - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp New in release 2.3.14 (2014-03-28): * Security fixes - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (JSR292 update only) - S8029507, CVE-2013-5893: Enhance JVM method processing (JSR292 update only) * Backports - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f - S7032018: The file list in JFileChooser does not have an accessible name - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (JSR292 update only) - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (JSR292 update only) - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (JSR292 update only) - S8000780: make Zero build and run with JDK8 (JSR292 update only) - S8008764: 7uX l10n resource file translation update - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193 - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint - S8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions - S8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option - S8023310: Thread contention in the method Beans.IsDesignTime() - S8024302: Clarify jar verifications - S8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test - S8025255: (tz) Support tzdata2013g - S8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris - S8026304: jarsigner output bad grammar - S8026887: Make issues due to failed large pages allocations easier to debug - S8027204: Revise the update of 8026204 and 8025758 - S8027224: test regression - ClassNotFoundException - S8027370: Support tzdata2013h - S8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04 - S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms - S8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45 - S8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications - S8028111: XML readers share the same entity expansion counter - S8028215: ORB.init fails with SecurityException if properties select the JDK default ORB - S8028293: Check local configuration for actual ephemeral port range - S8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147 - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win) - S8028823: java/net/Makefile tabs converted to spaces - S8029038: Revise fix for XML readers share the same entity expansion counter - S8035893: JVM_GetVersionInfo fails to zero structure * Bug fixes - Fix broken bootstrap build by updating ecj-multicatch.patch - PR1626: ARM32 assembler update for hsx24 (JSR292 update only) - PR1654: ppc32 needs a larger ThreadStackSize to build - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1679: Allow OpenJDK to build on PaX-enabled kernels - PR1684: Build fails with empty PAX_COMMAND - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs. - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix) - RH910107: fail to load PC/SC library - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled. * New features - PR1653: Support ppc64le via Zero * ARM port - Allow ARM32 JIT to be disabled - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names. - Turn ARM32 JIT on by default * Shark - Add Shark definitions from 8003868 - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp The tarballs can be downloaded from: http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.gz http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.xz and: http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.gz http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.xz We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so. The tarballs are accompanied by digital signatures available at: http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.gz.sig http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.xz.sig http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.gz.sig http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.xz.sig These are produced using my public key. See details below. PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 SHA256 checksums: aa152c7b61dc9b1d2e66ff3270e8c59e399a39035fa707ae4b637f4c223cc474 icedtea-2.3.14.tar.gz 5aef30fbd8e6c3d59f7428154c470bf662261b6e12caaba24dc1cb2f20cc6e49 icedtea-2.3.14.tar.gz.sig 9743fbe6cad015b725eee1f6fdb0f476298c0469da7bd685d4f47b342f85c7a7 icedtea-2.3.14.tar.xz d96d3ad3abb0bfb8e19a0dfb0e28272729b27c20a81711b8d6027ad5fa8a479a icedtea-2.3.14.tar.xz.sig 1f2ea0a29d946b0e8dd8f74c485adc41c02710e88c17ef827b635e1e4215ad33 icedtea-2.4.6.tar.gz 60dfd60e5033c04d759882be206e8c27be0d54b6ad438cf48549921474fa74dc icedtea-2.4.6.tar.gz.sig c333bcaba46d8684b5ac727486d8b935ac77b9ba3cc5da1aad9d8c7422cbfa19 icedtea-2.4.6.tar.xz 0a05a678a29545b598846755acb9d2359933b607e1ab2473f88dba6ece7ae22e icedtea-2.4.6.tar.xz.sig The checksums can be downloaded from: http://icedtea.classpath.org/download/source/icedtea-2.3.14.sha256 http://icedtea.classpath.org/download/source/icedtea-2.4.6.sha256 The following people helped with these releases: * Severin Gehwolf (RH910107) * Andrew Haley (ARM32 literal offsets fix) * Andrew Hughes (all other bug fixes & backports, release management) * Chris Phillips (ARM32 hs24 support, RH1015432) * Yasumasa Suenaga (PR1659) We would also like to thank the bug reporters and testers! To get started: $ tar xzf icedtea-${version}.tar.gz or: $ tar x -I xz -f icedtea-${version}.tar.xz then: $ mkdir icedtea-build $ cd icedtea-build $ ../icedtea-${version}/configure $ make where ${version} is either 2.3.14 or 2.4.6. Full build requirements and instructions are available in the INSTALL file. Happy hacking! -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From andrew at icedtea.classpath.org Fri Mar 28 16:22:07 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 16:22:07 +0000 Subject: /hg/release/icedtea6-1.13: 3 new changesets Message-ID: changeset 605775de7be4 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=605775de7be4 author: Andrew John Hughes date: Wed Mar 26 12:59:52 2014 +0000 Prepare for 1.13.2 release. 2014-03-26 Andrew John Hughes * NEWS: Add potential release date and Gentoo bug ID for PaX change. * configure.ac: Set to 1.13.2. changeset 84eda38cea63 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=84eda38cea63 author: Andrew John Hughes date: Fri Mar 28 14:18:09 2014 +0000 Update release date. 2014-03-28 Andrew John Hughes * NEWS: Update release date. changeset b445fccb23bb in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=b445fccb23bb author: Andrew John Hughes date: Fri Mar 28 16:21:58 2014 +0000 Added tag icedtea6-1.13.2 for changeset 84eda38cea63 diffstat: .hgtags | 1 + ChangeLog | 10 ++++++++++ NEWS | 4 ++-- configure.ac | 2 +- 4 files changed, 14 insertions(+), 3 deletions(-) diffs (54 lines): diff -r 9408a82b3d19 -r b445fccb23bb .hgtags --- a/.hgtags Wed Mar 26 06:34:03 2014 +0000 +++ b/.hgtags Fri Mar 28 16:21:58 2014 +0000 @@ -24,3 +24,4 @@ 5a1e1b39664409e9a0945ba49b558f25ef976c58 icedtea6-1.12-branchpoint 0770fe4c010590f293d189c83af2c49ac0c2268d icedtea6-1.13 eb77bc7992a9c321470c8426c901abd75ed8f567 icedtea6-1.13.1 +84eda38cea6394a1973c62aed9e26086690db5c7 icedtea6-1.13.2 diff -r 9408a82b3d19 -r b445fccb23bb ChangeLog --- a/ChangeLog Wed Mar 26 06:34:03 2014 +0000 +++ b/ChangeLog Fri Mar 28 16:21:58 2014 +0000 @@ -1,3 +1,13 @@ +2014-03-28 Andrew John Hughes + + * NEWS: Update release date. + +2014-03-26 Andrew John Hughes + + * NEWS: Add potential release date and + Gentoo bug ID for PaX change. + * configure.ac: Set to 1.13.2. + 2014-03-25 Andrew John Hughes * Makefile.am: diff -r 9408a82b3d19 -r b445fccb23bb NEWS --- a/NEWS Wed Mar 26 06:34:03 2014 +0000 +++ b/NEWS Fri Mar 28 16:21:58 2014 +0000 @@ -12,14 +12,14 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 1.13.2 (2014-04-XX): +New in release 1.13.2 (2014-03-28): * Backports - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems - S8035893: JVM_GetVersionInfo fails to zero structure - OPENJDK6-29: JDK fails to zero jdk_version_info correctly * Bug fixes - - PR1714: Update PaX support to detect running PaX kernel and use newer tools + - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build New in release 1.13.1 (2014-01-22): diff -r 9408a82b3d19 -r b445fccb23bb configure.ac --- a/configure.ac Wed Mar 26 06:34:03 2014 +0000 +++ b/configure.ac Fri Mar 28 16:21:58 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea6],[1.13.2pre],[distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea6],[1.13.2],[distro-pkg-dev at openjdk.java.net]) AC_CANONICAL_HOST AC_CANONICAL_TARGET AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) From gnu.andrew at redhat.com Fri Mar 28 16:20:01 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Fri, 28 Mar 2014 16:20:01 +0000 Subject: IcedTea 1.13.2 for OpenJDK 6: sizeof Considered Harmful Released! Message-ID: <20140328161957.GA22803@carrie.the212.com> The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver, the ability to build against system libraries and support for alternative virtual machines and architectures beyond those supported by OpenJDK. This release updates our OpenJDK 6 support in the 1.13.x series with a number of bug fixes. If you find an issue with one of the releases, please report it to our bug database (http://icedtea.classpath.org/bugzilla) under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome. Full details of the release can be found below. What's New? =========== New in release 1.13.2 (2014-03-28): * Backports - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems - S8035893: JVM_GetVersionInfo fails to zero structure - OPENJDK6-29: JDK fails to zero jdk_version_info correctly * Bug fixes - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build The tarballs can be downloaded from: http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.gz http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.xz We provide both gzip and xz tarballs, so that those who are able to make use of the smaller tarball produced by xz may do so. The tarballs are accompanied by digital signatures available at: http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.gz.sig http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.xz.sig These are produced using my public key. See details below. PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 SHA256 checksums: 654648eb7b9a29a6a91768723707515750409980ff26e6daba6d13ff444fa330 icedtea6-1.13.2.tar.gz d5fa067745ccb7b1474b7bb4a053896a263e3b3da99131898cf83ddd4467a3a0 icedtea6-1.13.2.tar.gz.sig b7614cf5f90d10a3ad379c65bc7d9c5f64ca38beafe50282e131612d62b1a1f9 icedtea6-1.13.2.tar.xz bec15aac669c7345b4a0d3625ed2e388b951d1f5d73e06741154ee0dd42068b6 icedtea6-1.13.2.tar.xz.sig The checksums can be downloaded from: http://icedtea.classpath.org/download/source/icedtea6-1.13.2.sha256 The following people helped with these releases: * Andrew Dinn (OPENJDK6-29) * Andrew Hughes (all other bug fixes & backports, release management) We would also like to thank the bug reporters and testers! To get started: $ tar xzf icedtea6-1.13.2.tar.gz or: $ tar x -I xz -f icedtea6-1.13.2.tar.xz then: $ mkdir icedtea-build $ cd icedtea-build $ ../icedtea6-1.13.2/configure $ make Full build requirements and instructions are available in the INSTALL file. Happy hacking! -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 17:42:36 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 17:42:36 +0000 Subject: [Bug 1720] Crashes when attempting to build uPortal In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Version|unspecified |2.4.5 Severity|critical |normal -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From omajid at redhat.com Fri Mar 28 17:49:56 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 28 Mar 2014 13:49:56 -0400 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros Message-ID: <20140328174956.GA2812@redhat.com> Hi, I just tried to build a fresh clone of icedtea-web and got a few scary warnings on running autogen.sh: configure.ac:89: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2590: _AC_COMPILE_IFELSE is expanded from... ../../lib/autoconf/general.m4:2606: AC_COMPILE_IFELSE is expanded from... acinclude.m4:523: IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR is expanded from... configure.ac:89: the top level The attached patch fixes the warning by wrapping the code in an AC_LANG_SOURCE macro. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/ChangeLog b/ChangeLog --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2014-03-28 Omair Majid + + * acinclude.m4 + (IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR), + (IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code. + 2014-03-27 Andrew Azores Fix NPE when trying to open a new file, with changes made, and wanting to diff --git a/acinclude.m4 b/acinclude.m4 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -527,9 +527,9 @@ CXXFLAGS_BACKUP="$CXXFLAGS" CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS" AC_COMPILE_IFELSE([ - #include ] - [const char* NP_GetMIMEDescription () - {return (char*) "yap!";} + AC_LANG_SOURCE([[#include + const char* NP_GetMIMEDescription () + {return (char*) "yap!";}]]) ],[ AC_MSG_RESULT(no) ],[ @@ -547,10 +547,10 @@ CXXFLAGS_BACKUP="$CXXFLAGS" CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS" AC_COMPILE_IFELSE([ - #include - #include ] - [void setnpptr (NPVariant *result) - {VOID_TO_NPVARIANT(*result);} + AC_LANG_SOURCE([[#include + #include + void setnpptr (NPVariant *result) + { VOID_TO_NPVARIANT(*result);}]]) ],[ AC_MSG_RESULT(no) CXXFLAGS="$CXXFLAGS_BACKUP" From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:10:46 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:10:46 +0000 Subject: [Bug 1726] New: configure fails looking for ecj.jar before even trying to find javac Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 Bug ID: 1726 Summary: configure fails looking for ecj.jar before even trying to find javac Product: IcedTea Version: 2.4.6 Hardware: x86_64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: IcedTea Assignee: gnu.andrew at redhat.com Reporter: gnu.andrew at redhat.com CC: unassigned at icedtea.classpath.org Reported on #gentoo-java Freenode IRC: http://siren.gmake.de/stuff/icedtea/build.log checking for a JDK home directory... /usr/lib64/icedtea7 checking if a java binary was specified... no checking if /usr/lib64/icedtea7/bin/java is a valid executable file... yes checking for an ecj JAR file... no configure: error: "No compiler or ecj JAR file was found." -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:12:00 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:12:00 +0000 Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to find javac In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Target Milestone|--- |2.4.7 --- Comment #1 from Andrew John Hughes --- IT_FIND_ECJ_JAR macro uses ${JAVAC} but does not depend on any macro that defines it. As this is a terminal sanity check anyway, move it to the more obvious location of IT_FIND_COMPILER. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 18:12:59 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:12:59 +0000 Subject: /hg/release/icedtea7-2.4: 2 new changesets Message-ID: changeset 46f9059509fe in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=46f9059509fe author: Andrew John Hughes date: Fri Mar 28 18:06:31 2014 +0000 Start 2.4.7 release cycle. 2014-03-28 Andrew John Hughes * configure.ac: Bump to 2.4.7pre00. * NEWS: Add 2.4.7 section. changeset e8e59c50a451 in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=e8e59c50a451 author: Andrew John Hughes date: Fri Mar 28 18:12:46 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. diffstat: ChangeLog | 13 +++++++++++++ NEWS | 5 +++++ acinclude.m4 | 11 ++++++----- configure.ac | 2 +- 4 files changed, 25 insertions(+), 6 deletions(-) diffs (72 lines): diff -r d2bc83a8ce09 -r e8e59c50a451 ChangeLog --- a/ChangeLog Fri Mar 28 12:27:42 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:12:46 2014 +0000 @@ -1,3 +1,16 @@ +2014-03-28 Andrew John Hughes + + * acinclude.m4: + (IT_FIND_COMPILER): Check value of ECJ_JAR + and JAVAC here ... + (IT_FIND_ECJ_JAR): ... rather than here where + ${JAVAC} may not yet be defined. + +2014-03-28 Andrew John Hughes + + * configure.ac: Bump to 2.4.7pre00. + * NEWS: Add 2.4.7 section. + 2014-03-26 Andrew John Hughes * NEWS: Update with recent changes. diff -r d2bc83a8ce09 -r e8e59c50a451 NEWS --- a/NEWS Fri Mar 28 12:27:42 2014 +0000 +++ b/NEWS Fri Mar 28 18:12:46 2014 +0000 @@ -12,6 +12,11 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release 2.4.7 (2014-04-XX): + +* Bug fixes + - PR1726: configure fails looking for ecj.jar before even trying to find javac + New in release 2.4.6 (2014-03-28): * Backports diff -r d2bc83a8ce09 -r e8e59c50a451 acinclude.m4 --- a/acinclude.m4 Fri Mar 28 12:27:42 2014 +0000 +++ b/acinclude.m4 Fri Mar 28 18:12:46 2014 +0000 @@ -134,6 +134,12 @@ IT_USING_ECJ IT_WITH_GCJ + if test "x${ECJ_JAR}" = "xno"; then + if test "x${JAVAC}" = "x"; then + AC_MSG_ERROR("No compiler or ecj JAR file was found.") + fi + fi + if test x"${GCJ}" != xno ; then JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" fi @@ -350,11 +356,6 @@ fi fi AC_MSG_RESULT(${ECJ_JAR}) - if test "x${ECJ_JAR}" = "xno"; then - if test "x${JAVAC}" = "x"; then - AC_MSG_ERROR("No compiler or ecj JAR file was found.") - fi - fi AC_SUBST(ECJ_JAR) ]) diff -r d2bc83a8ce09 -r e8e59c50a451 configure.ac --- a/configure.ac Fri Mar 28 12:27:42 2014 +0000 +++ b/configure.ac Fri Mar 28 18:12:46 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea], [2.4.6], [distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea], [2.4.7pre00], [distro-pkg-dev at openjdk.java.net]) AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) AC_CONFIG_FILES([Makefile]) From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:13:05 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:13:05 +0000 Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to find javac In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 --- Comment #2 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=e8e59c50a451 author: Andrew John Hughes date: Fri Mar 28 18:12:46 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 18:19:33 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:19:33 +0000 Subject: /hg/icedtea7: 3 new changesets Message-ID: changeset aa5a1fe61c38 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=aa5a1fe61c38 author: Andrew John Hughes date: Fri Mar 28 03:41:03 2014 +0000 Apply Werror fix to aarch64 port. 2012-08-16 Andrew John Hughes * Makefile.am: (ICEDTEA_PATCHES): Add -Werror patch from IcedTea7 HEAD. * patches/hotspot/aarch64/werror.patch: Allow COMPILER_WARNINGS_FATAL to turn off -Werror. changeset 715ae9b63c91 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=715ae9b63c91 author: Andrew John Hughes date: Fri Mar 28 18:17:41 2014 +0000 Make ARM32 JIT option help text match actual default. 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_ENABLE_ARM32JIT): Make help text match setting. changeset a7f6247d3dff in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=a7f6247d3dff author: Andrew John Hughes date: Fri Mar 28 18:19:20 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. diffstat: ChangeLog | 21 +++++++++++++++++ Makefile.am | 4 +++ NEWS | 1 + acinclude.m4 | 13 +++++----- patches/hotspot/aarch64/werror.patch | 43 ++++++++++++++++++++++++++++++++++++ 5 files changed, 76 insertions(+), 6 deletions(-) diffs (137 lines): diff -r 2278f72329bf -r a7f6247d3dff ChangeLog --- a/ChangeLog Thu Mar 27 21:18:02 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:19:20 2014 +0000 @@ -1,3 +1,24 @@ +2014-03-28 Andrew John Hughes + + * acinclude.m4: + (IT_FIND_COMPILER): Check value of ECJ_JAR + and JAVAC here ... + (IT_FIND_ECJ_JAR): ... rather than here where + ${JAVAC} may not yet be defined. + +2014-03-28 Andrew John Hughes + + * acinclude.m4: + (IT_ENABLE_ARM32JIT): Make help text match setting. + +2012-08-16 Andrew John Hughes + + * Makefile.am: + (ICEDTEA_PATCHES): Add -Werror patch + from IcedTea7 HEAD. + * patches/hotspot/aarch64/werror.patch: + Allow COMPILER_WARNINGS_FATAL to turn off -Werror. + 2014-03-27 Andrew John Hughes * hotspot.map: diff -r 2278f72329bf -r a7f6247d3dff Makefile.am --- a/Makefile.am Thu Mar 27 21:18:02 2014 +0000 +++ b/Makefile.am Fri Mar 28 18:19:20 2014 +0000 @@ -297,6 +297,10 @@ ICEDTEA_PATCHES += patches/nss-config.patch endif +if WITH_ALT_HSBUILD +ICEDTEA_PATCHES += patches/hotspot/aarch64/werror.patch +endif + ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) # Bootstrapping patches diff -r 2278f72329bf -r a7f6247d3dff NEWS --- a/NEWS Thu Mar 27 21:18:02 2014 +0000 +++ b/NEWS Fri Mar 28 18:19:20 2014 +0000 @@ -160,6 +160,7 @@ - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1679: Allow OpenJDK to build on PaX-enabled kernels - PR1684: Build fails with empty PAX_COMMAND + - PR1726: configure fails looking for ecj.jar before even trying to find javac * PPC & AIX port - Add AIX-specific build instructions to README-ppc.html - Added AIX as testing platform for more jtreg tests written in shell-script diff -r 2278f72329bf -r a7f6247d3dff acinclude.m4 --- a/acinclude.m4 Thu Mar 27 21:18:02 2014 +0000 +++ b/acinclude.m4 Fri Mar 28 18:19:20 2014 +0000 @@ -134,6 +134,12 @@ IT_USING_ECJ IT_WITH_GCJ + if test "x${ECJ_JAR}" = "xno"; then + if test "x${JAVAC}" = "x"; then + AC_MSG_ERROR("No compiler or ecj JAR file was found.") + fi + fi + if test x"${GCJ}" != xno ; then JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" fi @@ -350,11 +356,6 @@ fi fi AC_MSG_RESULT(${ECJ_JAR}) - if test "x${ECJ_JAR}" = "xno"; then - if test "x${JAVAC}" = "x"; then - AC_MSG_ERROR("No compiler or ecj JAR file was found.") - fi - fi AC_SUBST(ECJ_JAR) ]) @@ -2666,7 +2667,7 @@ [ AC_MSG_CHECKING([whether to enable the ARM32 JIT]) AC_ARG_ENABLE([arm32-jit], - [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])], + [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])], [ case "${enableval}" in yes) diff -r 2278f72329bf -r a7f6247d3dff patches/hotspot/aarch64/werror.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/hotspot/aarch64/werror.patch Fri Mar 28 18:19:20 2014 +0000 @@ -0,0 +1,43 @@ +diff -Nru openjdk.orig/hotspot/make/linux/makefiles/gcc.make openjdk/hotspot/make/linux/makefiles/gcc.make +--- openjdk.orig/hotspot/make/linux/makefiles/gcc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/linux/makefiles/gcc.make 2014-03-28 03:26:57.229802760 +0000 +@@ -205,7 +205,9 @@ + endif + + # Compiler warnings are treated as errors ++ifneq ($(COMPILER_WARNINGS_FATAL),false) + WARNINGS_ARE_ERRORS = -Werror ++endif + + ifeq ($(USE_CLANG), true) + # However we need to clean the code up before we can unrestrictedly enable this option with Clang +diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/adlc.make openjdk/hotspot/make/solaris/makefiles/adlc.make +--- openjdk.orig/hotspot/make/solaris/makefiles/adlc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/solaris/makefiles/adlc.make 2014-03-28 03:26:02.604988364 +0000 +@@ -73,8 +73,10 @@ + + # CFLAGS_WARN holds compiler options to suppress/enable warnings. + # Compiler warnings are treated as errors +-ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1) +- CFLAGS_WARN = +w -errwarn ++ifneq ($(COMPILER_WARNINGS_FATAL),false) ++ ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1) ++ CFLAGS_WARN = +w -errwarn ++ endif + endif + CFLAGS += $(CFLAGS_WARN) + +diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/gcc.make openjdk/hotspot/make/solaris/makefiles/gcc.make +--- openjdk.orig/hotspot/make/solaris/makefiles/gcc.make 2014-03-25 14:07:53.000000000 +0000 ++++ openjdk/hotspot/make/solaris/makefiles/gcc.make 2014-03-28 03:27:28.206264586 +0000 +@@ -116,7 +116,9 @@ + + + # Compiler warnings are treated as errors +-WARNINGS_ARE_ERRORS = -Werror ++ifneq ($(COMPILER_WARNINGS_FATAL),false) ++WARNINGS_ARE_ERRORS = -Werror ++endif + # Enable these warnings. See 'info gcc' about details on these options + WARNING_FLAGS = -Wpointer-arith -Wconversion -Wsign-compare -Wundef + CFLAGS_WARN/DEFAULT = $(WARNINGS_ARE_ERRORS) $(WARNING_FLAGS) From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:19:43 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:19:43 +0000 Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to find javac In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 --- Comment #3 from hg commits --- details: http://icedtea.classpath.org//hg/icedtea7?cmd=changeset;node=a7f6247d3dff author: Andrew John Hughes date: Fri Mar 28 18:19:20 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 18:22:13 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:22:13 +0000 Subject: /hg/release/icedtea7-2.3: 2 new changesets Message-ID: changeset fea149da671f in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=fea149da671f author: Andrew John Hughes date: Fri Mar 28 18:21:00 2014 +0000 Start 2.3.15 release cycle. 2014-03-28 Andrew John Hughes * configure.ac: Bump to 2.3.15pre00. * NEWS: Add 2.3.15 section. changeset c1f745660d29 in /hg/release/icedtea7-2.3 details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=c1f745660d29 author: Andrew John Hughes date: Fri Mar 28 18:22:00 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. * NEWS: Updated. diffstat: ChangeLog | 14 ++++++++++++++ NEWS | 5 +++++ acinclude.m4 | 11 ++++++----- configure.ac | 2 +- 4 files changed, 26 insertions(+), 6 deletions(-) diffs (73 lines): diff -r 8a7b22cf755e -r c1f745660d29 ChangeLog --- a/ChangeLog Fri Mar 28 12:31:02 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:22:00 2014 +0000 @@ -1,3 +1,17 @@ +2014-03-28 Andrew John Hughes + + * acinclude.m4: + (IT_FIND_COMPILER): Check value of ECJ_JAR + and JAVAC here ... + (IT_FIND_ECJ_JAR): ... rather than here where + ${JAVAC} may not yet be defined. + * NEWS: Updated. + +2014-03-28 Andrew John Hughes + + * configure.ac: Bump to 2.3.15pre00. + * NEWS: Add 2.3.15 section. + 2014-03-28 Andrew John Hughes * NEWS: Update release date. diff -r 8a7b22cf755e -r c1f745660d29 NEWS --- a/NEWS Fri Mar 28 12:31:02 2014 +0000 +++ b/NEWS Fri Mar 28 18:22:00 2014 +0000 @@ -10,6 +10,11 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release 2.3.15 (20XX-XX-XX): + +* Bug fixes + - PR1726: configure fails looking for ecj.jar before even trying to find javac + New in release 2.3.14 (2014-03-28): * Security fixes diff -r 8a7b22cf755e -r c1f745660d29 acinclude.m4 --- a/acinclude.m4 Fri Mar 28 12:31:02 2014 +0000 +++ b/acinclude.m4 Fri Mar 28 18:22:00 2014 +0000 @@ -127,6 +127,12 @@ IT_USING_ECJ IT_WITH_GCJ + if test "x${ECJ_JAR}" = "xno"; then + if test "x${JAVAC}" = "x"; then + AC_MSG_ERROR("No compiler or ecj JAR file was found.") + fi + fi + if test x"${GCJ}" != xno ; then JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main" fi @@ -343,11 +349,6 @@ fi fi AC_MSG_RESULT(${ECJ_JAR}) - if test "x${ECJ_JAR}" = "xno"; then - if test "x${JAVAC}" = "x"; then - AC_MSG_ERROR("No compiler or ecj JAR file was found.") - fi - fi AC_SUBST(ECJ_JAR) ]) diff -r 8a7b22cf755e -r c1f745660d29 configure.ac --- a/configure.ac Fri Mar 28 12:31:02 2014 +0000 +++ b/configure.ac Fri Mar 28 18:22:00 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea], [2.3.14], [distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea], [2.3.15pre00], [distro-pkg-dev at openjdk.java.net]) AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) AC_CONFIG_FILES([Makefile]) From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:22:18 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:22:18 +0000 Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to find javac In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 --- Comment #4 from hg commits --- details: http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=c1f745660d29 author: Andrew John Hughes date: Fri Mar 28 18:22:00 2014 +0000 PR1726: configure fails looking for ecj.jar before even trying to find javac 2014-03-28 Andrew John Hughes * acinclude.m4: (IT_FIND_COMPILER): Check value of ECJ_JAR and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. * NEWS: Updated. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 18:22:52 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:22:52 +0000 Subject: /hg/icedtea7: Correct ChangeLog of previous commit. Message-ID: changeset 984ebd417db7 in /hg/icedtea7 details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=984ebd417db7 author: Andrew John Hughes date: Fri Mar 28 18:22:46 2014 +0000 Correct ChangeLog of previous commit. diffstat: ChangeLog | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r a7f6247d3dff -r 984ebd417db7 ChangeLog --- a/ChangeLog Fri Mar 28 18:19:20 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:22:46 2014 +0000 @@ -5,6 +5,7 @@ and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. + * NEWS: Updated. 2014-03-28 Andrew John Hughes From andrew at icedtea.classpath.org Fri Mar 28 18:23:30 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:23:30 +0000 Subject: /hg/release/icedtea7-2.4: Correct ChangeLog of previous commit. Message-ID: changeset 76236fae3eea in /hg/release/icedtea7-2.4 details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=76236fae3eea author: Andrew John Hughes date: Fri Mar 28 18:22:46 2014 +0000 Correct ChangeLog of previous commit. diffstat: ChangeLog | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r e8e59c50a451 -r 76236fae3eea ChangeLog --- a/ChangeLog Fri Mar 28 18:12:46 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:22:46 2014 +0000 @@ -5,6 +5,7 @@ and JAVAC here ... (IT_FIND_ECJ_JAR): ... rather than here where ${JAVAC} may not yet be defined. + * NEWS: Updated. 2014-03-28 Andrew John Hughes From bugzilla-daemon at icedtea.classpath.org Fri Mar 28 18:24:00 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:24:00 +0000 Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to find javac In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726 Andrew John Hughes changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED --- Comment #5 from Andrew John Hughes --- Fixed in HEAD, 2.3 & 2.4. Alternatively, a simple workaround is to just pass anything to --with-ecj-jar. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrew at icedtea.classpath.org Fri Mar 28 18:27:11 2014 From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org) Date: Fri, 28 Mar 2014 18:27:11 +0000 Subject: /hg/release/icedtea6-1.13: 2 new changesets Message-ID: changeset d6eabef09e8c in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=d6eabef09e8c author: Andrew John Hughes date: Fri Mar 28 18:26:12 2014 +0000 Start 1.13.3 release cycle. 2014-03-28 Andrew John Hughes * configure.ac: Bump to 1.13.3pre. * NEWS: Add 1.13.3 section. changeset a1a682d73ee8 in /hg/release/icedtea6-1.13 details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=a1a682d73ee8 author: Andrew John Hughes date: Fri Mar 28 18:26:56 2014 +0000 Fix OPENJDK6-29 bug reference in NEWS. 2014-03-28 Andrew John Hughes * NEWS: Fix OPENJDK6-29 bug reference. diffstat: ChangeLog | 9 +++++++++ NEWS | 4 +++- configure.ac | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diffs (44 lines): diff -r b445fccb23bb -r a1a682d73ee8 ChangeLog --- a/ChangeLog Fri Mar 28 16:21:58 2014 +0000 +++ b/ChangeLog Fri Mar 28 18:26:56 2014 +0000 @@ -1,3 +1,12 @@ +2014-03-28 Andrew John Hughes + + * NEWS: Fix OPENJDK6-29 bug reference. + +2014-03-28 Andrew John Hughes + + * configure.ac: Bump to 1.13.3pre. + * NEWS: Add 1.13.3 section. + 2014-03-28 Andrew John Hughes * NEWS: Update release date. diff -r b445fccb23bb -r a1a682d73ee8 NEWS --- a/NEWS Fri Mar 28 16:21:58 2014 +0000 +++ b/NEWS Fri Mar 28 18:26:56 2014 +0000 @@ -12,12 +12,14 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release 1.13.3 (2014-04-XX): + New in release 1.13.2 (2014-03-28): * Backports - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems - S8035893: JVM_GetVersionInfo fails to zero structure - - OPENJDK6-29: JDK fails to zero jdk_version_info correctly + - OJ29: JDK fails to zero jdk_version_info correctly * Bug fixes - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build diff -r b445fccb23bb -r a1a682d73ee8 configure.ac --- a/configure.ac Fri Mar 28 16:21:58 2014 +0000 +++ b/configure.ac Fri Mar 28 18:26:56 2014 +0000 @@ -1,4 +1,4 @@ -AC_INIT([icedtea6],[1.13.2],[distro-pkg-dev at openjdk.java.net]) +AC_INIT([icedtea6],[1.13.3pre],[distro-pkg-dev at openjdk.java.net]) AC_CANONICAL_HOST AC_CANONICAL_TARGET AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) From omajid at redhat.com Fri Mar 28 21:44:22 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 28 Mar 2014 17:44:22 -0400 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' Message-ID: <20140328214422.GD2812@redhat.com> Hi, I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp This fails to work with HEAD because the application asks for a heap size of '1G'. This is not a regression. The attached patch fixes it. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/ChangeLog b/ChangeLog --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2014-03-28 Omair Majid + + * netx/net/sourceforge/jnlp/JREDesc.java (checkHeapSize): Accept 'g' and + 'G' suffixes. Handle single-digit heap size. + * tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java: New file. + 2014-03-28 Omair Majid * acinclude.m4 diff --git a/netx/net/sourceforge/jnlp/JREDesc.java b/netx/net/sourceforge/jnlp/JREDesc.java --- a/netx/net/sourceforge/jnlp/JREDesc.java +++ b/netx/net/sourceforge/jnlp/JREDesc.java @@ -135,11 +135,11 @@ } boolean lastCharacterIsDigit = true; - // the last character must be 0-9 or k/K/m/M + // the last character must be 0-9 or k/K/m/M/g/G char lastChar = Character.toLowerCase(heapSize.charAt(heapSize.length() - 1)); if ((lastChar < '0' || lastChar > '9')) { lastCharacterIsDigit = false; - if (lastChar != 'k' && lastChar != 'm') { + if (lastChar != 'k' && lastChar != 'm' && lastChar != 'g') { throw new ParseException(R("PBadHeapSize", heapSize)); } } @@ -149,7 +149,7 @@ indexOfLastDigit = indexOfLastDigit - 1; } - String size = heapSize.substring(0, indexOfLastDigit); + String size = heapSize.substring(0, indexOfLastDigit+1); try { // check that the number is a number! Integer.valueOf(size); diff --git a/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java new file mode 100644 --- /dev/null +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java @@ -0,0 +1,76 @@ +/* JREDescTest.java + Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package net.sourceforge.jnlp; + +import org.junit.Test; + +public class JREDescTest { + + @Test + public void testInitialHeapSize() throws ParseException { + new JREDesc(null, null, null, "1", null, null); + new JREDesc(null, null, null, "99999999", null, null); + new JREDesc(null, null, null, "1k", null, null); + new JREDesc(null, null, null, "1000k", null, null); + new JREDesc(null, null, null, "1K", null, null); + new JREDesc(null, null, null, "1000K", null, null); + new JREDesc(null, null, null, "1m", null, null); + new JREDesc(null, null, null, "1m", null, null); + new JREDesc(null, null, null, "1M", null, null); + new JREDesc(null, null, null, "1g", null, null); + new JREDesc(null, null, null, "1G", null, null); + new JREDesc(null, null, null, "10000G", null, null); + } + + + @Test + public void testMaximumHeapSize() throws ParseException { + new JREDesc(null, null, null, null, "1", null); + new JREDesc(null, null, null, null, "99999999", null); + new JREDesc(null, null, null, null, "1k", null); + new JREDesc(null, null, null, null, "1000k", null); + new JREDesc(null, null, null, null, "1K", null); + new JREDesc(null, null, null, null, "1000K", null); + new JREDesc(null, null, null, null, "1m", null); + new JREDesc(null, null, null, null, "1m", null); + new JREDesc(null, null, null, null, "1M", null); + new JREDesc(null, null, null, null, "1g", null); + new JREDesc(null, null, null, null, "1G", null); + new JREDesc(null, null, null, null, "10000G", null); + } +} From omajid at redhat.com Fri Mar 28 22:23:03 2014 From: omajid at redhat.com (Omair Majid) Date: Fri, 28 Mar 2014 18:23:03 -0400 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog Message-ID: <20140328222303.GE2812@redhat.com> Hi, The attached patches does some minor tweaks to the ALACA dialog. 1. The word 'codebase' is removed. It seems redundant; the text reads about as well without it. 2. The list of urls is now enclosed within a html unordered-list element. Not enclosing it makes the parser think that the last list element is not terminated and causes the text after the list ("Are you sure...") to be indented. I am also thinking of making more changes, but I would like some feedback before doing those: I would also like to reword the dialog some more to something like this: ''' The application 'Foo' from 'Bar' uses resources from the following urls: - http://example.com - http://example.org Are you sure you want to run this application? ''' I am not sure the ALACA reference that is currently present is adding any more information. It may not have any meaning to users. Also, would it make more sense to change the "For more information" links to read "Manifest Attributes" and "Preventing RIAs from Being Repurposed" rather than the raw html links? At least for me, the links are so wide that they do not fix in the dialog and get cut off. Thoughts? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties @@ -62,8 +62,8 @@ # missing Application-Library-Allowable-Codebase dialogue ALACAMissingMainTitle=Application {0} \ -form codebase {1} is missing the Application-Library-Allowable-Codebase attribute. \ -This application uses resources from the following remote locations:
{2} Are you sure you want to run this application? +from {1} is missing the Application-Library-Allowable-Codebase attribute. \ +This application uses resources from the following remote locations: {2} Are you sure you want to run this application? ALACAMissingInfo=For more information you can visit:
\
\ http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
\ diff --git a/netx/net/sourceforge/jnlp/util/UrlUtils.java b/netx/net/sourceforge/jnlp/util/UrlUtils.java --- a/netx/net/sourceforge/jnlp/util/UrlUtils.java +++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java @@ -195,9 +195,11 @@ */ public static String setOfUrlsToHtmlList(Iterable remoteUrls) { StringBuilder sb = new StringBuilder(); + sb.append("

    "); for (URL url : remoteUrls) { sb.append("
  • ").append(url.toExternalForm()).append("
  • "); } + sb.append("
"); return sb.toString(); } From bugzilla-daemon at icedtea.classpath.org Sat Mar 29 05:26:46 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Sat, 29 Mar 2014 05:26:46 +0000 Subject: [Bug 1727] New: A fatal error has been detected by the Java Runtime Environment Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1727 Bug ID: 1727 Summary: A fatal error has been detected by the Java Runtime Environment Product: MIPS Port Version: unspecified Hardware: x86_64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: general Assignee: unassigned at icedtea.classpath.org Reporter: eduardomartins993 at hotmail.com Created attachment 1060 --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1060&action=edit Error when I try to compile a simple (Hello World) code! -- You are receiving this mail because: You are the assignee for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From guillaume at alaux.net Sun Mar 30 18:41:12 2014 From: guillaume at alaux.net (Guillaume Alaux) Date: Sun, 30 Mar 2014 20:41:12 +0200 Subject: IcedTea for Java 8 In-Reply-To: <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com> References: <5328801F.2000409@zafena.se> <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com> Message-ID: On 18 March 2014 18:32, Andrew Hughes wrote: > ----- Original Message ----- >> 2014-03-18 17:54, Naaman Newbold skrev: >> > Pardon the interruption, but are there plans for IcedTea support for Java >> > 8? >> >> >> The following hg currently builds OpenJDK 8 using IcedTea 3. >> http://icedtea.classpath.org/hg/icedtea/ >> >> IcedTea 3 with OpenJDK 8 support is still unreleased. >> >> Cheers >> Xerxes >> > > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently, > 6 & 7 occupy most of our time as this is what people are actively using. > > We do plan to scale back 6 & 7 support soon to allow more resources for 8; > more on this to come. > -- > Andrew :) > > Free Java Software Engineer > Red Hat, Inc. (http://www.redhat.com) > > PGP Key: 248BDC07 (https://keys.indymedia.org/) > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 > Hello, We are talking among Arch Linux devs as to what should be shipped in our repos (if any) until the IcedTea 3.0 release you mention is out. Do you have an idea of when this release could happen? I am definitely not urging you of course! Just trying to plan things :) Also, what is the "u20" you mentionned referring to? Because the Makefile.am of the repository looks like this OPENJDK_VERSION = b80 ... JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//") So if I read it correctly this would create a u80 build right? I may be confusing update numbers. [0] http://icedtea.classpath.org/hg/icedtea/ Thanks, -- Guillaume From gnu.andrew at redhat.com Mon Mar 31 09:54:45 2014 From: gnu.andrew at redhat.com (Andrew Hughes) Date: Mon, 31 Mar 2014 05:54:45 -0400 (EDT) Subject: IcedTea for Java 8 In-Reply-To: References: <5328801F.2000409@zafena.se> <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com> Message-ID: <1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com> ----- Original Message ----- > On 18 March 2014 18:32, Andrew Hughes wrote: > > ----- Original Message ----- > >> 2014-03-18 17:54, Naaman Newbold skrev: > >> > Pardon the interruption, but are there plans for IcedTea support for > >> > Java > >> > 8? > >> > >> > >> The following hg currently builds OpenJDK 8 using IcedTea 3. > >> http://icedtea.classpath.org/hg/icedtea/ > >> > >> IcedTea 3 with OpenJDK 8 support is still unreleased. > >> > >> Cheers > >> Xerxes > >> > > > > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently, > > 6 & 7 occupy most of our time as this is what people are actively using. > > > > We do plan to scale back 6 & 7 support soon to allow more resources for 8; > > more on this to come. > > -- > > Andrew :) > > > > Free Java Software Engineer > > Red Hat, Inc. (http://www.redhat.com) > > > > PGP Key: 248BDC07 (https://keys.indymedia.org/) > > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 > > > > Hello, > > We are talking among Arch Linux devs as to what should be shipped in > our repos (if any) until the IcedTea 3.0 release you mention is out. > Do you have an idea of when this release could happen? I am definitely > not urging you of course! Just trying to plan things :) > Hopefully in the next month. It depends how involved the security errata is next month. > Also, what is the "u20" you mentionned referring to? Because the > Makefile.am of the repository looks like this > > OPENJDK_VERSION = b80 > ... > JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//") > > So if I read it correctly this would create a u80 build right? I may > be confusing update numbers. That's b80 (build 80) of u00 (update 0). Oracle seem to now be on b05 of u20: http://hg.openjdk.java.net/jdk8u/jdk8u Basically, there doesn't seem much point targetting something that's already been and gone, so we'll aim for the next update. I agree Oracle's version numbers are very confusing :) It's why we keep we a traditional 3.0, 3.1, 3.2, etc. > > [0] http://icedtea.classpath.org/hg/icedtea/ > > Thanks, > > -- > Guillaume > -- Andrew :) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 From guillaume at alaux.net Mon Mar 31 11:33:21 2014 From: guillaume at alaux.net (Guillaume Alaux) Date: Mon, 31 Mar 2014 13:33:21 +0200 Subject: IcedTea for Java 8 In-Reply-To: <1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com> References: <5328801F.2000409@zafena.se> <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com> <1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com> Message-ID: On 31 March 2014 11:54, Andrew Hughes wrote: > ----- Original Message ----- >> On 18 March 2014 18:32, Andrew Hughes wrote: >> > ----- Original Message ----- >> >> 2014-03-18 17:54, Naaman Newbold skrev: >> >> > Pardon the interruption, but are there plans for IcedTea support for >> >> > Java >> >> > 8? >> >> >> >> >> >> The following hg currently builds OpenJDK 8 using IcedTea 3. >> >> http://icedtea.classpath.org/hg/icedtea/ >> >> >> >> IcedTea 3 with OpenJDK 8 support is still unreleased. >> >> >> >> Cheers >> >> Xerxes >> >> >> > >> > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently, >> > 6 & 7 occupy most of our time as this is what people are actively using. >> > >> > We do plan to scale back 6 & 7 support soon to allow more resources for 8; >> > more on this to come. >> > -- >> > Andrew :) >> > >> > Free Java Software Engineer >> > Red Hat, Inc. (http://www.redhat.com) >> > >> > PGP Key: 248BDC07 (https://keys.indymedia.org/) >> > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 >> > >> >> Hello, >> >> We are talking among Arch Linux devs as to what should be shipped in >> our repos (if any) until the IcedTea 3.0 release you mention is out. >> Do you have an idea of when this release could happen? I am definitely >> not urging you of course! Just trying to plan things :) >> > > Hopefully in the next month. It depends how involved the security errata > is next month. > >> Also, what is the "u20" you mentionned referring to? Because the >> Makefile.am of the repository looks like this >> >> OPENJDK_VERSION = b80 >> ... >> JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//") >> >> So if I read it correctly this would create a u80 build right? I may >> be confusing update numbers. > > That's b80 (build 80) of u00 (update 0). Oracle seem to now be on b05 of u20: > > http://hg.openjdk.java.net/jdk8u/jdk8u > > Basically, there doesn't seem much point targetting something that's already > been and gone, so we'll aim for the next update. > > I agree Oracle's version numbers are very confusing :) > It's why we keep we a traditional 3.0, 3.1, 3.2, etc. > >> >> [0] http://icedtea.classpath.org/hg/icedtea/ >> >> Thanks, >> >> -- >> Guillaume >> > > -- > Andrew :) > > Free Java Software Engineer > Red Hat, Inc. (http://www.redhat.com) > > PGP Key: 248BDC07 (https://keys.indymedia.org/) > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 > Great, thank you very much for these clarifications. -- Guillaume From jvanek at redhat.com Mon Mar 31 12:48:31 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 14:48:31 +0200 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros In-Reply-To: <20140328174956.GA2812@redhat.com> References: <20140328174956.GA2812@redhat.com> Message-ID: <5339641F.7090101@redhat.com> On 03/28/2014 06:49 PM, Omair Majid wrote: > Hi, > > I just tried to build a fresh clone of icedtea-web and got a few scary > warnings on running autogen.sh: > > configure.ac:89: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body > ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from... > ../../lib/autoconf/general.m4:2590: _AC_COMPILE_IFELSE is expanded from... > ../../lib/autoconf/general.m4:2606: AC_COMPILE_IFELSE is expanded from... > acinclude.m4:523: IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR is expanded from... > configure.ac:89: the top level > > The attached patch fixes the warning by wrapping the code in an > AC_LANG_SOURCE macro. > > Thanks, > Omair > If you check , you will see that I'm aware of it :) I was afraid to fix it for 1.5 because I was not able to find, when ac_lang_source appeared in autotools. I was afraid to break some older systems where ITW can appear. Today I made a bit more careful seacrh, and acoridng to http://git.savannah.gnu.org/gitweb/?p=autoconf.git;a=blob;f=ChangeLog.2;h=f5be7d87bb8d9e9d9d6ffdbb9a044f1a6a722fb0;hb=HEAD#l6407 this macro is older then year 2000 so it should be ok to go. It is funny that those two wrong macros generated 20lines of warnings :)) Thank you for forcing me to verify! From jvanek at redhat.com Mon Mar 31 13:33:53 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 15:33:53 +0200 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <20140328214422.GD2812@redhat.com> References: <20140328214422.GD2812@redhat.com> Message-ID: <53396EC1.1090102@redhat.com> On 03/28/2014 10:44 PM, Omair Majid wrote: > Hi, > > I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp > > This fails to work with HEAD because the application asks for a heap > size of '1G'. This is not a regression. > > The attached patch fixes it. > > Thanks, > Omair > What about t and T ? O:) I do not wont to be nitpicker, but I think this code desreves a bit more refactoring> Eg the one attached? Feel free to push anyone you like more. ps: please jsut keep the JREDesc a = in tests. It removed NB warning. -------------- next part -------------- A non-text attachment was scrubbed... Name: heap-size-bug2.patch Type: text/x-patch Size: 7425 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 31 13:34:33 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 09:34:33 -0400 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros In-Reply-To: <5339641F.7090101@redhat.com> References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com> Message-ID: <20140331133433.GA2669@redhat.com> Hi Jiri, * Jiri Vanek [2014-03-31 08:48]: > On 03/28/2014 06:49 PM, Omair Majid wrote: > >The attached patch fixes the warning by wrapping the code in an > >AC_LANG_SOURCE macro. > > If you check , you will see that I'm aware of it :) Whoops, I must have missed that. > I was afraid to fix it for 1.5 because I was not able to find, when > ac_lang_source appeared in autotools. I was afraid to break some > older systems where ITW can appear. That's certainly a good reason. It's a little incorrect, though. The configure.ac to configure conversion is done by the maintainer (you) on your local machine on release. The icedtea-web release tarball will contain a generated configure script. This configure script is sufficient for use by everyone building icedtea-web from the release tarball. There should be no need for anyone to process configure.ac locally. Even if AC_LANG_SOURCE was a new thing, it wouldn't matter. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Mon Mar 31 13:41:56 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 31 Mar 2014 09:41:56 -0400 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <53396EC1.1090102@redhat.com> References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com> Message-ID: <533970A4.9030102@redhat.com> On 03/31/2014 09:33 AM, Jiri Vanek wrote: > On 03/28/2014 10:44 PM, Omair Majid wrote: >> Hi, >> >> I just ran across this jnlp file: >> http://atlaslivecasino.net/casino_game.jnlp >> >> This fails to work with HEAD because the application asks for a heap >> size of '1G'. This is not a regression. >> >> The attached patch fixes it. >> >> Thanks, >> Omair >> > > What about t and T ? O:) > > I do not wont to be nitpicker, but I think this code desreves a bit > more refactoring> > > Eg the one attached? > > Feel free to push anyone you like more. > > ps: please jsut keep the JREDesc a = in tests. It removed NB warning. I like the regexes better as well, although to nitpick, couldn't "{0,1}" be replaced by "?" ;) the regex pattern could also be stored as a constant and unit tested on its own as well, rather than changing the visibility of this method. Just some suggestions, I'm happy enough with the original patch. Thanks, -- Andrew A From jvanek at redhat.com Mon Mar 31 13:46:37 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 15:46:37 +0200 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros In-Reply-To: <20140331133433.GA2669@redhat.com> References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com> <20140331133433.GA2669@redhat.com> Message-ID: <533971BD.3020300@redhat.com> On 03/31/2014 03:34 PM, Omair Majid wrote: > Hi Jiri, > > * Jiri Vanek [2014-03-31 08:48]: >> On 03/28/2014 06:49 PM, Omair Majid wrote: >>> The attached patch fixes the warning by wrapping the code in an >>> AC_LANG_SOURCE macro. >> >> If you check , you will see that I'm aware of it :) > > Whoops, I must have missed that. Forgot to add the url: http://icedtea.classpath.org/wiki/IcedTea-Web#IcedTea-Web_1.6_.28pre.29 > >> I was afraid to fix it for 1.5 because I was not able to find, when >> ac_lang_source appeared in autotools. I was afraid to break some >> older systems where ITW can appear. > > That's certainly a good reason. > > It's a little incorrect, though. The configure.ac to configure > conversion is done by the maintainer (you) on your local machine on > release. The icedtea-web release tarball will contain a generated > configure script. This configure script is sufficient for use by > everyone building icedtea-web from the release tarball. There should be > no need for anyone to process configure.ac locally. Even if > AC_LANG_SOURCE was a new thing, it wouldn't matter. Even better:) ..but - arm and ppc folk seems to be requiring autoreconf. to be added back to ITW spec file ;( => it will affect. Or not? J. From jvanek at redhat.com Mon Mar 31 13:47:50 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 15:47:50 +0200 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <533970A4.9030102@redhat.com> References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com> <533970A4.9030102@redhat.com> Message-ID: <53397206.5060106@redhat.com> On 03/31/2014 03:41 PM, Andrew Azores wrote: > On 03/31/2014 09:33 AM, Jiri Vanek wrote: >> On 03/28/2014 10:44 PM, Omair Majid wrote: >>> Hi, >>> >>> I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp >>> >>> This fails to work with HEAD because the application asks for a heap >>> size of '1G'. This is not a regression. >>> >>> The attached patch fixes it. >>> >>> Thanks, >>> Omair >>> >> >> What about t and T ? O:) >> >> I do not wont to be nitpicker, but I think this code desreves a bit more refactoring> >> >> Eg the one attached? >> >> Feel free to push anyone you like more. >> >> ps: please jsut keep the JREDesc a = in tests. It removed NB warning. > > I like the regexes better as well, although to nitpick, couldn't "{0,1}" be replaced by "?" ;) the crap :))) Sure. I will include it in patch If omari HAve nathing against regex. > regex pattern could also be stored as a constant and unit tested on its own as well, rather than > changing the visibility of this method. > > Just some suggestions, I'm happy enough with the original patch. > > Thanks, > From omajid at redhat.com Mon Mar 31 13:48:22 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 09:48:22 -0400 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <53396EC1.1090102@redhat.com> References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com> Message-ID: <20140331134822.GB2669@redhat.com> * Jiri Vanek [2014-03-31 09:33]: > On 03/28/2014 10:44 PM, Omair Majid wrote: > >I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp > > > >This fails to work with HEAD because the application asks for a heap > >size of '1G'. This is not a regression. > > What about t and T ? O:) The man page for java suggests the valid options are: k/K/m/M/g/G. > I do not wont to be nitpicker, but I think this code desreves a bit more refactoring> > > Eg the one attached? Sure, this looks even better! > Feel free to push anyone you like more. I don't feel appropriate taking credit for the much nicer patch you wrote. Unless there is a strong reason to, please call yourself the author :) > ps: please jsut keep the JREDesc a = in tests. It removed NB warning. Ugh. Really? > +++ b/netx/net/sourceforge/jnlp/JREDesc.java Mon Mar 31 15:32:48 2014 +0200 > + //0 or 0k/m/g is still valid as it was Please remove this line/comment ^ > + String heapSizeLower = heapSize.toLowerCase(); > + boolean match = heapSizeLower.matches("\\s*\\d+[kmgtp]{0,1}\\s*"); '?' is the same as '{0,1}', right? Would that be cleaner to use? If we are accepting leading or trailing spaces here, are we passing those to the JVM too? Maybe we should trim leading/trailing spaces before storing the sizes? > +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java Mon Mar 31 15:32:48 2014 +0200 > + JREDesc a = new JREDesc(null, null, null, "1", null, null); > + JREDesc.checkHeapSize("10"); These two lines are doing pretty much exactly the same thing, but two different ways. I think the tests should check the heap size in the same way everywhere. Either through JREDesc.checkHeapSize everywhere or through the constructor everywhere. Is there a benefit to mixing both? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Mon Mar 31 13:53:20 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 15:53:20 +0200 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <20140328222303.GE2812@redhat.com> References: <20140328222303.GE2812@redhat.com> Message-ID: <53397350.7030001@redhat.com> On 03/28/2014 11:23 PM, Omair Majid wrote: > Hi, > > The attached patches does some minor tweaks to the ALACA dialog. > > 1. The word 'codebase' is removed. It seems redundant; the text reads > about as well without it. > > 2. The list of urls is now enclosed within a html unordered-list > element. Not enclosing it makes the parser think that the last list > element is not terminated and causes the text after the list ("Are you > sure...") to be indented. > > I am also thinking of making more changes, but I would like some > feedback before doing those: > > I would also like to reword the dialog some more to something like this: > > ''' > The application 'Foo' from 'Bar' uses resources from the following urls: > - http://example.com > - http://example.org > > Are you sure you want to run this application? > ''' > > I am not sure the ALACA reference that is currently present is adding > any more information. It may not have any meaning to users. > > Also, would it make more sense to change the "For more information" > links to read "Manifest Attributes" and "Preventing RIAs from Being > Repurposed" rather than the raw html links? At least for me, the links > are so wide that they do not fix in the dialog and get cut off. > > Thoughts? > > Thanks, > Omair > Yes. This is ok to go. Also I'm for the compression of info attribute. I think it is more wide spread. Then jsut in alaca. Feel free to incclude, do as another changeset or keep it as leftover. If it will be fixced, I will adapt the CZ tranlastion accrodingly. J. From jvanek at redhat.com Mon Mar 31 14:08:35 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 16:08:35 +0200 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <20140331134822.GB2669@redhat.com> References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com> <20140331134822.GB2669@redhat.com> Message-ID: <533976E3.7030909@redhat.com> On 03/31/2014 03:48 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 09:33]: >> On 03/28/2014 10:44 PM, Omair Majid wrote: >>> I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp >>> >>> This fails to work with HEAD because the application asks for a heap >>> size of '1G'. This is not a regression. >> >> What about t and T ? O:) > > The man page for java suggests the valid options are: k/K/m/M/g/G. > >> I do not wont to be nitpicker, but I think this code desreves a bit more refactoring> >> >> Eg the one attached? > > Sure, this looks even better! > >> Feel free to push anyone you like more. > > I don't feel appropriate taking credit for the much nicer patch you > wrote. Unless there is a strong reason to, please call yourself the > author :) > >> ps: please jsut keep the JREDesc a = in tests. It removed NB warning. > > Ugh. Really? > >> +++ b/netx/net/sourceforge/jnlp/JREDesc.java Mon Mar 31 15:32:48 2014 +0200 > >> + //0 or 0k/m/g is still valid as it was > > Please remove this line/comment ^ > >> + String heapSizeLower = heapSize.toLowerCase(); >> + boolean match = heapSizeLower.matches("\\s*\\d+[kmgtp]{0,1}\\s*"); > > '?' is the same as '{0,1}', right? Would that be cleaner to use? > > If we are accepting leading or trailing spaces here, are we passing > those to the JVM too? Maybe we should trim leading/trailing spaces > before storing the sizes? > >> +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java Mon Mar 31 15:32:48 2014 +0200 > >> + JREDesc a = new JREDesc(null, null, null, "1", null, null); > >> + JREDesc.checkHeapSize("10"); > > These two lines are doing pretty much exactly the same thing, but two > different ways. I think the tests should check the heap size in the same > way everywhere. Either through JREDesc.checkHeapSize everywhere or > through the constructor everywhere. Is there a benefit to mixing both? I think you will see the benefit in this a bitmore refactored version. Rest fixed. Ok to go? > > Thanks, > Omair > -------------- next part -------------- A non-text attachment was scrubbed... Name: heap-size-bug3.patch Type: text/x-patch Size: 9121 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 31 14:11:04 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 10:11:04 -0400 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros In-Reply-To: <533971BD.3020300@redhat.com> References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com> <20140331133433.GA2669@redhat.com> <533971BD.3020300@redhat.com> Message-ID: <20140331141104.GC2669@redhat.com> * Jiri Vanek [2014-03-31 09:46]: > On 03/31/2014 03:34 PM, Omair Majid wrote: > ..but - arm and ppc folk seems to be requiring autoreconf. Hmm.. I hadn't considered this case. I think the simplest thing to do here is to assume these platforms have new-ish versions of autotools. If the versions are too old that they don't have those macros, then it's better to patch the build on just those platforms specifically rather than ignoring a warning (which could indicate that we are doing something very wrong with our macros). Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Mon Mar 31 14:11:50 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 16:11:50 +0200 Subject: Upcoming release of icedtea-web 1.5 In-Reply-To: <5319C1EF.2020801@redhat.com> References: <5319C1EF.2020801@redhat.com> Message-ID: <533977A6.1040809@redhat.com> On 03/07/2014 01:56 PM, Jiri Vanek wrote: > Hi All! > > I would like to announce, that deadline for icedtea-web 1.5 to be released should match start of > April. 1st April sounds good, doesn't it ?-) But Few days later should be still ok. > > Please count with head branch freezing in last week before release - an week for testing - so > pushes in this week will be only for for translation files and regression fixes. > According to my knowledge 1.5 is healthy now. Also I'm continually pushing it alive into > fedora-rawhide. And well, no one complains :) > > Also please note I will be off 17-19.3. > > The reason for start of April is that 16.4 is Oracle CPU. This my cause another month of delay, > which would be unbearable. > > Thank you for understanding. > > > J Hi! Please consider Head as frozen (except patches on review, Release blockers and translations. Many tests have been done during weekend, and except two regressions we are good to go. Cross the fingers for us! J. From jvanek at redhat.com Mon Mar 31 14:12:42 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 16:12:42 +0200 Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros In-Reply-To: <20140331141104.GC2669@redhat.com> References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com> <20140331133433.GA2669@redhat.com> <533971BD.3020300@redhat.com> <20140331141104.GC2669@redhat.com> Message-ID: <533977DA.9090508@redhat.com> On 03/31/2014 04:11 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 09:46]: >> On 03/31/2014 03:34 PM, Omair Majid wrote: >> ..but - arm and ppc folk seems to be requiring autoreconf. > > Hmm.. I hadn't considered this case. > > I think the simplest thing to do here is to assume these platforms have > new-ish versions of autotools. If the versions are too old that they > don't have those macros, then it's better to patch the build on just > those platforms specifically rather than ignoring a warning (which could > indicate that we are doing something very wrong with our macros). > > Thanks, > Omair > Ok to push then :) tbh - I was a bit ashamed to release ITW with this warnigs but was not brave enough :( J. From omajid at redhat.com Mon Mar 31 14:32:45 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 10:32:45 -0400 Subject: [icedtea-web] RFC: Handle a requested heap size of '1g' In-Reply-To: <533976E3.7030909@redhat.com> References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com> <20140331134822.GB2669@redhat.com> <533976E3.7030909@redhat.com> Message-ID: <20140331143244.GD2669@redhat.com> * Jiri Vanek [2014-03-31 10:08]: > I think you will see the benefit in this a bitmore refactored version. > + this.initialHeapSize = checkHeapSize(initialHeapSize); > + this.maximumHeapSize = checkHeapSize(maximumHeapSize); I like this change, a lot. > +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java Mon Mar 31 16:06:59 2014 +0200 > + JREDesc a = new JREDesc(null, null, null, null, null, null); > + s = JREDesc.checkHeapSize("1 "); > + Assert.assertEquals("1", s); For the record, I think there is quite a lot of duplication between these tests. IMHO, it would be better to test the public methods of this class (Constructor and .getMaximumHeapSize()) and treat checkHeapSize as an internal implementation detail. We should get the same test coverage either way (and at the boundary that we care about). Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at icedtea.classpath.org Mon Mar 31 14:37:38 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 31 Mar 2014 14:37:38 +0000 Subject: /hg/icedtea-web: Refactored check of heap space. Now recognize g... Message-ID: changeset cfe6aca11b12 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=cfe6aca11b12 author: Jiri Vanek date: Mon Mar 31 16:37:23 2014 +0200 Refactored check of heap space. Now recognize g/G and is based on regex diffstat: ChangeLog | 10 + netx/net/sourceforge/jnlp/JREDesc.java | 47 ++--- tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java | 146 ++++++++++++++++++ 3 files changed, 174 insertions(+), 29 deletions(-) diffs (251 lines): diff -r 8417559b6a12 -r cfe6aca11b12 ChangeLog --- a/ChangeLog Thu Mar 27 11:16:58 2014 -0400 +++ b/ChangeLog Mon Mar 31 16:37:23 2014 +0200 @@ -1,3 +1,13 @@ +2014-03-31 Jiri Vanek + + Refactored check of heap space. Now recognize g/G and is based on regex + * netx/net/sourceforge/jnlp/JREDesc.java: Added (heapPattern) constant. + (checkHeapSize) now returns trimmed string and its logic is matching the + heapPattern instead compelx structure. (init) set result of checkHeapSize + as initialHeapSize and maximumHeapSize. + * tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java: tests for (checkHeapSize) + and (init) of JREDesc. + 2014-03-27 Andrew Azores Fix NPE when trying to open a new file, with changes made, and wanting to diff -r 8417559b6a12 -r cfe6aca11b12 netx/net/sourceforge/jnlp/JREDesc.java --- a/netx/net/sourceforge/jnlp/JREDesc.java Thu Mar 27 11:16:58 2014 -0400 +++ b/netx/net/sourceforge/jnlp/JREDesc.java Mon Mar 31 16:37:23 2014 +0200 @@ -20,6 +20,8 @@ import java.net.*; import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** * The J2SE/Java element. @@ -28,6 +30,8 @@ * @version $Revision: 1.5 $ */ public class JREDesc { + + private static final Pattern heapPattern= Pattern.compile("\\d+[kmg]?"); /** the platform version or the product version if location is not null */ final private Version version; @@ -63,10 +67,8 @@ this.version = version; this.location = location; this.vmArgs = vmArgs; - checkHeapSize(initialHeapSize); - this.initialHeapSize = initialHeapSize; - checkHeapSize(maximumHeapSize); - this.maximumHeapSize = maximumHeapSize; + this.initialHeapSize = checkHeapSize(initialHeapSize); + this.maximumHeapSize = checkHeapSize(maximumHeapSize); this.resources = resources; } @@ -126,37 +128,24 @@ /** * Check for valid heap size string + * @return trimed heapSize if correct * @throws ParseException if heapSize is invalid */ - static private void checkHeapSize(String heapSize) throws ParseException { + static String checkHeapSize(String heapSize) throws ParseException { // need to implement for completeness even though not used in netx if (heapSize == null) { - return; + return null; } - - boolean lastCharacterIsDigit = true; - // the last character must be 0-9 or k/K/m/M - char lastChar = Character.toLowerCase(heapSize.charAt(heapSize.length() - 1)); - if ((lastChar < '0' || lastChar > '9')) { - lastCharacterIsDigit = false; - if (lastChar != 'k' && lastChar != 'm') { - throw new ParseException(R("PBadHeapSize", heapSize)); - } + heapSize = heapSize.trim(); + // the last character must be 0-9 or k/K/m/M/g/G + //0 or 0k/m/g is also accepted value + String heapSizeLower = heapSize.toLowerCase(); + Matcher heapMatcher = heapPattern.matcher(heapSizeLower); + if (!heapMatcher.matches()) { + throw new ParseException(R("PBadHeapSize", heapSize)); } - - int indexOfLastDigit = heapSize.length() - 1; - if (!lastCharacterIsDigit) { - indexOfLastDigit = indexOfLastDigit - 1; - } - - String size = heapSize.substring(0, indexOfLastDigit); - try { - // check that the number is a number! - Integer.valueOf(size); - } catch (NumberFormatException numberFormat) { - throw new ParseException(R("PBadHeapSize", heapSize), numberFormat); - } - + return heapSize; + } } diff -r 8417559b6a12 -r cfe6aca11b12 tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java Mon Mar 31 16:37:23 2014 +0200 @@ -0,0 +1,146 @@ +/* + Copyright (C) 2014 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + IcedTea is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. */ +package net.sourceforge.jnlp; + +import org.junit.Assert; +import org.junit.Test; + +public class JREDescTest { + + @Test + public void testNulls() throws ParseException { + JREDesc a = new JREDesc(null, null, null, null, null, null); + } + + @Test + public void testInitialHeapSize() throws ParseException { + JREDesc a = new JREDesc(null, null, null, "1", null, null); + a = new JREDesc(null, null, null, "99999999", null, null); + a = new JREDesc(null, null, null, "1k", null, null); + a = new JREDesc(null, null, null, "1000k", null, null); + a = new JREDesc(null, null, null, "1K", null, null); + a = new JREDesc(null, null, null, "1000K", null, null); + a = new JREDesc(null, null, null, "1m", null, null); + a = new JREDesc(null, null, null, "1m", null, null); + a = new JREDesc(null, null, null, "1M", null, null); + a = new JREDesc(null, null, null, "1g", null, null); + a = new JREDesc(null, null, null, "1G", null, null); + a = new JREDesc(null, null, null, "10000G", null, null); + } + + @Test + public void testMaximumHeapSize() throws ParseException { + JREDesc a = new JREDesc(null, null, null, null, "1", null); + a = new JREDesc(null, null, null, null, "99999999", null); + a = new JREDesc(null, null, null, null, "1k", null); + a = new JREDesc(null, null, null, null, "1000k", null); + a = new JREDesc(null, null, null, null, "1K", null); + a = new JREDesc(null, null, null, null, "1000K", null); + a = new JREDesc(null, null, null, null, "1m", null); + a = new JREDesc(null, null, null, null, "1m", null); + a = new JREDesc(null, null, null, null, "1M", null); + a = new JREDesc(null, null, null, null, "1g", null); + a = new JREDesc(null, null, null, null, "1G", null); + a = new JREDesc(null, null, null, null, "10000G", null); + } + + @Test(expected = ParseException.class) + public void testInitialHeapSizeBad() throws ParseException { + JREDesc a = new JREDesc(null, null, null, "blah", null, null); + + } + + @Test(expected = ParseException.class) + public void testMaximumHeapSizeBad() throws ParseException { + JREDesc a = new JREDesc(null, null, null, null, "blah", null); + + } + + @Test + public void checkHeapSize() throws ParseException { + String s = JREDesc.checkHeapSize(null); + Assert.assertEquals(null, s); + s = JREDesc.checkHeapSize("0"); + Assert.assertEquals("0", s); + s = JREDesc.checkHeapSize(" 0k"); + Assert.assertEquals("0k", s); + s = JREDesc.checkHeapSize("1 "); + Assert.assertEquals("1", s); + s = JREDesc.checkHeapSize("10"); + Assert.assertEquals("10", s); + s = JREDesc.checkHeapSize(" 1k"); + Assert.assertEquals("1k", s); + s = JREDesc.checkHeapSize("10m "); + Assert.assertEquals("10m", s); + + s = JREDesc.checkHeapSize("0"); + Assert.assertEquals("0", s); + s = JREDesc.checkHeapSize(" 0K"); + Assert.assertEquals("0K", s); + s = JREDesc.checkHeapSize("1 "); + Assert.assertEquals("1", s); + s = JREDesc.checkHeapSize("10"); + Assert.assertEquals("10", s); + s = JREDesc.checkHeapSize(" 1M"); + Assert.assertEquals("1M", s); + s = JREDesc.checkHeapSize("10G "); + Assert.assertEquals("10G", s); + s = JREDesc.checkHeapSize("99K"); + Assert.assertEquals("99K", s); + + } + + @Test(expected = ParseException.class) + public void checkHeapSizeBad1() throws ParseException { + JREDesc.checkHeapSize("10k10m"); + } + + @Test(expected = ParseException.class) + public void checkHeapSizeBad2() throws ParseException { + JREDesc.checkHeapSize("one gigabyte"); + } + + @Test(expected = ParseException.class) + public void checkHeapSizeBad3() throws ParseException { + JREDesc.checkHeapSize("99l"); + } + + @Test(expected = ParseException.class) + public void checkHeapSizeBad4() throws ParseException { + JREDesc.checkHeapSize("99KK"); + } +} From omajid at icedtea.classpath.org Mon Mar 31 14:44:03 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Mon, 31 Mar 2014 14:44:03 +0000 Subject: /hg/icedtea-web: Fix Autoconf warning Message-ID: changeset da9335e11493 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=da9335e11493 author: Omair Majid date: Mon Mar 31 10:38:55 2014 -0400 Fix Autoconf warning 2014-03-31 Omair Majid * acinclude.m4 (IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR), (IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code. diffstat: ChangeLog | 6 ++++++ acinclude.m4 | 14 +++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diffs (44 lines): diff -r cfe6aca11b12 -r da9335e11493 ChangeLog --- a/ChangeLog Mon Mar 31 16:37:23 2014 +0200 +++ b/ChangeLog Mon Mar 31 10:38:55 2014 -0400 @@ -1,3 +1,9 @@ +2014-03-31 Omair Majid + + * acinclude.m4 + (IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR), + (IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code. + 2014-03-31 Jiri Vanek Refactored check of heap space. Now recognize g/G and is based on regex diff -r cfe6aca11b12 -r da9335e11493 acinclude.m4 --- a/acinclude.m4 Mon Mar 31 16:37:23 2014 +0200 +++ b/acinclude.m4 Mon Mar 31 10:38:55 2014 -0400 @@ -527,9 +527,9 @@ CXXFLAGS_BACKUP="$CXXFLAGS" CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS" AC_COMPILE_IFELSE([ - #include ] - [const char* NP_GetMIMEDescription () - {return (char*) "yap!";} + AC_LANG_SOURCE([[#include + const char* NP_GetMIMEDescription () + {return (char*) "yap!";}]]) ],[ AC_MSG_RESULT(no) ],[ @@ -547,10 +547,10 @@ CXXFLAGS_BACKUP="$CXXFLAGS" CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS" AC_COMPILE_IFELSE([ - #include - #include ] - [void setnpptr (NPVariant *result) - {VOID_TO_NPVARIANT(*result);} + AC_LANG_SOURCE([[#include + #include + void setnpptr (NPVariant *result) + { VOID_TO_NPVARIANT(*result);}]]) ],[ AC_MSG_RESULT(no) CXXFLAGS="$CXXFLAGS_BACKUP" From jvanek at icedtea.classpath.org Mon Mar 31 14:55:02 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 31 Mar 2014 14:55:02 +0000 Subject: /hg/icedtea-web: Fixed cz_CS locales and adapted tests Message-ID: changeset ee80e215928e in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ee80e215928e author: Jiri Vanek date: Mon Mar 31 16:54:52 2014 +0200 Fixed cz_CS locales and adapted tests diffstat: ChangeLog | 11 + netx/net/sourceforge/jnlp/resources/Messages_cs.properties | 422 ++++++++- tests/netx/unit/net/sourceforge/jnlp/resources/MessagesPropertiesTest.java | 11 +- 3 files changed, 366 insertions(+), 78 deletions(-) diffs (truncated from 801 to 500 lines): diff -r da9335e11493 -r ee80e215928e ChangeLog --- a/ChangeLog Mon Mar 31 10:38:55 2014 -0400 +++ b/ChangeLog Mon Mar 31 16:54:52 2014 +0200 @@ -1,3 +1,14 @@ +2013-03-31 Jiri Vanek + Alexandr Kolouch + + Fixed cz_CS locales and adapted tests + * netx/net/sourceforge/jnlp/resources/Messages_cs_CZ.properties: added missing + values + * tests/reproducers/simple/LocalesTest/testcases/LocalesTestTest.java: + Added few untranslatable items to white-list. (allResourcesAreReallyDifferent) + now skip test on values of "std. err" "std. out" "Policy Editor" and + "Java Reflection" + 2014-03-31 Omair Majid * acinclude.m4 diff -r da9335e11493 -r ee80e215928e netx/net/sourceforge/jnlp/resources/Messages_cs.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Mon Mar 31 10:38:55 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Mon Mar 31 16:54:52 2014 +0200 @@ -1,4 +1,4 @@ -# Czech UI messages for netx +# Default (English) UI messages for netx # L=Launcher, B=Boot, P=Parser, C=cache S=security # # General @@ -12,15 +12,25 @@ ButOk=OK ButProceed=Pokra\u010dovat ButRun=Spustit +ButSandbox=Izolovan\u00fd prostor (sandbox) ButApply=Pou\u017e\u00edt ButDone=Hotovo ButShowDetails=Zobrazit podrobnosti ButHideDetails=Skr\u00fdt podrobnosti +ButYes=Ano +ButNo=Ne + +CertWarnRunTip=Apletu m\u016f\u017eete v\u011b\u0159it a spustit ho s pln\u00fdmi opr\u00e1vn\u011bn\u00edmi. +CertWarnSandboxTip=Apletu nev\u011b\u0159te a spus\u0165te ho s omezen\u00fdmi opr\u00e1vn\u011bn\u00edmi. +CertWarnCancelTip=Tento aplet nespou\u0161t\u011bjte. +CertWarnPolicyTip=Roz\u0161\u00ed\u0159en\u00e1 nastaven\u00ed izolovan\u00e9ho prostoru (sandbox) +CertWarnPolicyEditorItem=Spustit aplikaci Policy Editor AFileOnTheMachine=soubor v po\u010d\u00edta\u010di AlwaysAllowAction=V\u017edy povolit tuto akci Usage=Pou\u017eit\u00ed: Error=Chyba +Warning=Varov\u00e1n\u00ed Continue=Chcete pokra\u010dovat? Field=Pole @@ -33,6 +43,24 @@ Value=Hodnota Version=Verze +# about dialogue +AboutDialogueTabAbout=O aplikaci IcedTea-Web +AboutDialogueTabAuthors=Auto\u0159i +AboutDialogueTabChangelog=Seznam zm\u011bn +AboutDialogueTabNews=Novinky +AboutDialogueTabGPLv2=GPLv2 + +# missing permissions dialogue +MissingPermissionsMainTitle=Aplikace {0} se z\u00e1kladnou k\u00f3du (codebase) {1} postr\u00e1d\u00e1 element \u201epermissions\u201c. Aplikaci bez tohoto elementu byste nem\u011bli v\u011b\u0159it. Chcete povolit b\u011bh t\u00e9to aplikace? +MissingPermissionsInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
a
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html + +# missing Application-Library-Allowable-Codebase dialogue +ALACAMissingMainTitle=Aplikace {0} se z\u00e1kladnou k\u00f3du (codebase) {1} postr\u00e1d\u00e1 element \u201eapplication-library-allowable-codebase\u201c. Tato aplikace pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edho vzd\u00e1len\u00e9ho um\u00edst\u011bn\u00ed:
{2} Skute\u010dn\u011b chcete spustit tuto aplikaci? +ALACAMissingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
a
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +# matching Application-Library-Allowable-Codebase dialogue +ALACAMatchingMainTitle=Aplikace {0} se z\u00e1kladnou k\u00f3du (codebase) {1} vy\u017eaduje platn\u00e9 zdroje z r\u016fzn\u00fdch um\u00edst\u011bn\u00ed:
{2}
O\u010dek\u00e1v\u00e1 se na\u010dten\u00ed t\u011bchto zdroj\u016f. Souhlas\u00edte se spu\u0161t\u011bn\u00edm t\u00e9to aplikace? +ALACAMatchingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
a
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html + # LS - Severity LSMinor=Mal\u00e1 LSFatal=Z\u00e1va\u017en\u00e1 @@ -48,14 +76,14 @@ LCInit=Chyba inicializace LAllThreadGroup=V\u0161echny aplikace JNLP -LNullUpdatePolicy=Pravidla pro aktualizaci nesm\u00ed b\u00fdt pr\u00e1zdn\u00e1. +LNullUpdatePolicy=Z\u00e1sady pro aktualizaci nesm\u00ed b\u00fdt pr\u00e1zdn\u00e9. LThreadInterrupted=Vl\u00e1kno bylo p\u0159eru\u0161eno p\u0159i \u010dek\u00e1n\u00ed na spu\u0161t\u011bn\u00ed souboru. -LThreadInterruptedInfo=To m\u016f\u017ee v\u00e9st k zablokov\u00e1n\u00ed nebo v\u00e9st k jin\u00e9mu po\u0161kozen\u00ed p\u0159i spou\u0161t\u011bn\u00ed. Restartujte aplikaci/prohl\u00ed\u017ee\u010d. +LThreadInterruptedInfo=Tato akce m\u016f\u017ee v\u00e9st k zablokov\u00e1n\u00ed nebo jin\u00e9mu po\u0161kozen\u00ed v pr\u016fb\u011bhu spou\u0161t\u011bn\u00ed. Restartujte aplikaci/prohl\u00ed\u017ee\u010d. LCouldNotLaunch=Nelze spustit soubor JNLP. -LCouldNotLaunchInfo=Aplikace nebyla inicializov\u00e1na. V\u00edce informac\u00ed z\u00edsk\u00e1te spu\u0161t\u011bn\u00edm p\u0159\u00edkazu javaws/prohl\u00ed\u017ee\u010de z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky. +LCouldNotLaunchInfo=Aplikace nebyla inicializov\u00e1na. Chcete-li z\u00edskat v\u00edce informac\u00ed, spus\u0165te javaws/prohl\u00ed\u017ee\u010d z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky a za\u0161lete hl\u00e1\u0161en\u00ed o chyb\u011b. LCantRead=Nelze \u010d\u00edst nebo analyzovat soubor JNLP. -LCantReadInfo=M\u016f\u017eete se pokusit st\u00e1hnout tento soubor ru\u010dn\u011b a poslat ho jako hl\u00e1\u0161en\u00ed o chyb\u011b t\u00fdmu IcedTea-Web. +LCantReadInfo=M\u016f\u017eete zkusit st\u00e1hnout tento soubor ru\u010dn\u011b a zaslat ho prost\u0159ednictv\u00edm hl\u00e1\u0161en\u00ed o chyb\u011b t\u00fdmu IcedTea-Web. LNullLocation=Nelze ur\u010dit um\u00edst\u011bn\u00ed souboru JNLP. LNullLocationInfo=Byl u\u010din\u011bn pokus o spu\u0161t\u011bn\u00ed souboru JNLP v jin\u00e9m prost\u0159ed\u00ed JVM, av\u0161ak soubor nebyl nalezen. Chcete-li spustit extern\u00ed prost\u0159ed\u00ed JVM, modul runtime mus\u00ed b\u00fdt schopen nal\u00e9zt soubor .jnlp v lok\u00e1ln\u00edm souborov\u00e9m syst\u00e9mu nebo na serveru. LNetxJarMissing=Nelze ur\u010dit um\u00edst\u011bn\u00ed souboru netx.jar. @@ -64,33 +92,37 @@ LNotToSpecInfo=Soubor JNLP obsahuje data, kter\u00e1 jsou zak\u00e1z\u00e1na v r\u00e1mci specifikace JNLP. Modul runtime se m\u016f\u017ee pokusit ignorovat neplatn\u00e9 informace a pokra\u010dovat ve spou\u0161t\u011bn\u00ed souboru. LNotApplication=Nejedn\u00e1 se o soubor aplikace. LNotApplicationInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed aplikac\u00ed, jako soubor aplikace. -LNotApplet=Nejedn\u00e1 se o soubor appletu. -LNotAppletInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed appletem, jako soubor appletu. +LNotApplet=Nejedn\u00e1 se o soubor apletu. +LNotAppletInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed apletem, jako soubor apletu. LNoInstallers=Instal\u00e1tory nejsou podporov\u00e1ny. LNoInstallersInfo=Instal\u00e1tory JNLP je\u0161t\u011b nejsou podporov\u00e1ny. -LInitApplet=Nelze inicializovat applet. -LInitAppletInfo=Chcete-li v\u00edce informac\u00ed, klikn\u011bte na tla\u010d\u00edtko Dal\u0161\u00ed informace... +LInitApplet=Nelze inicializovat aplet. +LInitAppletInfo=Dal\u0161\u00ed informace z\u00edsk\u00e1te kliknut\u00edm na tla\u010d\u00edtko Dal\u0161\u00ed informace... LInitApplication=Nelze inicializovat aplikaci. -LInitApplicationInfo=Aplikace nebyla inicializov\u00e1na. V\u00edce informac\u00ed z\u00edsk\u00e1te spu\u0161t\u011bn\u00edm p\u0159\u00edkazu javaws z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky. +LInitApplicationInfo=Aplikace nebyla inicializov\u00e1na. Chcete-li z\u00edskat v\u00edce informac\u00ed, spus\u0165te javaws z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky. LNotLaunchable=Nejedn\u00e1 se o spustiteln\u00fd soubor JNLP. -LNotLaunchableInfo=Soubor mus\u00ed b\u00fdt aplikac\u00ed, appletem nebo instal\u00e1torem JNLP. +LNotLaunchableInfo=Soubor mus\u00ed b\u00fdt aplikac\u00ed, apletem nebo instal\u00e1torem JNLP. LCantDetermineMainClass=Nezn\u00e1m\u00e1 t\u0159\u00edda Main-Class. LCantDetermineMainClassInfo=Nelze ur\u010dit t\u0159\u00eddu main class pro tuto aplikaci. LUnsignedJarWithSecurity=Nelze ud\u011blit opr\u00e1vn\u011bn\u00ed nepodepsan\u00fdm soubor\u016fm JAR. LUnsignedJarWithSecurityInfo=Aplikace po\u017e\u00e1dala o bezpe\u010dnostn\u00ed opr\u00e1vn\u011bn\u00ed, av\u0161ak soubory JAR nejsou podeps\u00e1ny. LSignedJNLPAppDifferentCerts=Aplikace JNLP nen\u00ed kompletn\u011b podepsan\u00e1 jednou certifika\u010dn\u00ed autoritou. LSignedJNLPAppDifferentCertsInfo=Jednotliv\u00e9 komponenty aplikace JNLP jsou individu\u00e1ln\u011b podeps\u00e1ny, nicm\u00e9n\u011b pro v\u0161echny polo\u017eky mus\u00ed b\u00fdt jeden spole\u010dn\u00fd podepisovatel. -LUnsignedApplet=Applet nebyl podepsan\u00fd. -LUnsignedAppletPolicyDenied=Applet nebyl podepsan\u00fd a bezpe\u010dnostn\u00ed pravidla zabr\u00e1nila jeho spu\u0161t\u011bn\u00ed. -LUnsignedAppletUserDenied=Applet nebyl podepsan\u00fd a byl vyhodnocen jako ned\u016fv\u011bryhodn\u00fd. +LUnsignedApplet=Aplet nebyl podepsan\u00fd. +LUnsignedAppletPolicyDenied=Aplet nebyl podepsan\u00fd a bezpe\u010dnostn\u00ed z\u00e1sady zabr\u00e1nily jeho spu\u0161t\u011bn\u00ed. +LUnsignedAppletUserDenied=Aplet nebyl podepsan\u00fd a byl vyhodnocen jako ned\u016fv\u011bryhodn\u00fd. +LPartiallySignedApplet=Aplet byl \u010d\u00e1ste\u010dn\u011b podepsan\u00fd. +LPartiallySignedAppletUserDenied=Aplet byl \u010d\u00e1ste\u010dn\u011b podepsan\u00fd a u\u017eivatel ho vyhodnotil jako ned\u016fv\u011bryhodn\u00fd. LSignedAppJarUsingUnsignedJar=Podepsan\u00e1 aplikace pou\u017e\u00edvaj\u00edc\u00ed nepodepsan\u00e9 soubory JAR. LSignedAppJarUsingUnsignedJarInfo=Hlavn\u00ed soubor JAR aplikace je podepsan\u00fd, av\u0161ak n\u011bkter\u00e9 z dal\u0161\u00edch pou\u017e\u00edvan\u00fdch soubor\u016f JAR nejsou podeps\u00e1ny. +LRunInSandboxError=Vol\u00e1n\u00ed pro b\u011bh v izolovan\u00e9m prostoru (sandbox) bylo vykon\u00e1no p\u0159\u00edli\u0161 pozd\u011b. +LRunInSandboxErrorInfo=Zavad\u011b\u010d t\u0159\u00edd dostal hl\u00e1\u0161en\u00ed, aby spustil aplet v izolovan\u00e9m prost\u0159ed\u00ed, av\u0161ak bezpe\u010dnostn\u00ed nastaven\u00ed ji\u017e byla inicializov\u00e1na. LSignedJNLPFileDidNotMatch=Podepsan\u00fd soubor JNLP se neshoduje se spou\u0161t\u011bn\u00fdm souborem JNLP. LNoSecInstance=Chyba: Neexistuje bezpe\u010dnostn\u00ed instance pro aplikaci {0}. Aplikace m\u016f\u017ee m\u00edt pot\u00ed\u017ee pokra\u010dovat. LCertFoundIn=Certifik\u00e1t {0} byl nalezen v arch\u00edvu cacerts ({1}). -LSingleInstanceExists=Ji\u017e existuje jin\u00e1 instance tohoto appletu. Nelze provozovat v\u00edce instanc\u00ed appletu z\u00e1rove\u0148. +LSingleInstanceExists=Ji\u017e existuje jin\u00e1 instance tohoto apletu. Nelze provozovat v\u00edce instanc\u00ed apletu z\u00e1rove\u0148. -JNotApplet=Soubor nen\u00ed applet. +JNotApplet=Soubor nen\u00ed aplet. JNotApplication=Soubor nen\u00ed aplikace. JNotComponent=Soubor nen\u00ed komponenta. JNotInstaller=Soubor nen\u00ed instal\u00e1tor. @@ -105,7 +137,7 @@ LAskToContinue=Chcete p\u0159esto pokra\u010dovat ve spou\u0161t\u011bn\u00ed t\u00e9to aplikace? # Parser -PInvalidRoot=Element \u201eroot\u201c nen\u00ed elementem jnlp. +PInvalidRoot=Element \u201eroot" nen\u00ed elementem jnlp. PNoResources=Nen\u00ed definov\u00e1n element \u201eresources\u201c. PUntrustedNative=Nelze deklarovat element \u201enativelib\u201c, ani\u017e by bylo po\u017e\u00e1d\u00e1no o p\u0159\u00edslu\u0161n\u00e1 opr\u00e1vn\u011bn\u00ed. PExtensionHasJ2SE=V souboru roz\u0161\u00ed\u0159en\u00ed nelze deklarovat element \u201ej2se\u201c. @@ -116,7 +148,7 @@ PMissingTitle=N\u00e1zev PMissingVendor=Dodavatel PMissingElement=Pro va\u0161e n\u00e1rodn\u00ed prost\u0159ed\u00ed nebyla zad\u00e1na sekce {0}, ani neexistuje v\u00fdchoz\u00ed hodnota v souboru JNLP. -PTwoDescriptions=Duplicitn\u00ed elementy \u201edescription\u201c typu {0} jsou neplatn\u00e9. +PTwoDescriptions=Duplicitn\u00ed elementy \u201edescription" typu {0} jsou neplatn\u00e9. PSharing=Element \u201esharing-allowed\u201c je neplatn\u00fd ve standardn\u00edm souboru JNLP. PTwoSecurity=V ka\u017ed\u00e9m souboru JNLP m\u016f\u017ee b\u00fdt pouze jeden element \u201esecurity\u201c. PEmptySecurity=Element \u201esecurity\u201c je definov\u00e1n, av\u0161ak neobsahuje element \u201epermissions\u201c. @@ -126,9 +158,9 @@ PTwoTitles=Je povolen pouze jeden element \u201etitle\u201c. PTwoIcons=Je povolen pouze jeden element \u201eicon\u201c. PTwoUpdates=Je povolen pouze jeden element \u201eupdate\u201c. -PUnknownApplet=Nezn\u00e1m\u00fd applet -PBadWidth=Neplatn\u00e1 \u0161\u00ed\u0159ka appletu -PBadHeight=Neplatn\u00e1 v\u00fd\u0161ka appletu +PUnknownApplet=Nezn\u00e1m\u00fd aplet +PBadWidth=Neplatn\u00e1 \u0161\u00ed\u0159ka apletu +PBadHeight=Neplatn\u00e1 v\u00fd\u0161ka apletu PUrlNotInCodebase=Relativn\u00ed adresa URL neuv\u00e1d\u00ed podadres\u00e1\u0159 se z\u00e1kladnou k\u00f3du (codebase). (uzel (node)={0}, odkaz (href)={1}, z\u00e1kladna k\u00f3du (codebase)={2}) PBadRelativeUrl=Neplatn\u00e1 relativn\u00ed adresa URL (uzel (node)={0}, odkaz (href)={1}, z\u00e1kladna k\u00f3du (codebase)={2}) PBadNonrelativeUrl=Neplatn\u00e1 absolutn\u00ed adresa URL (uzel (node)={0}, odkaz (href)={1}) @@ -138,19 +170,24 @@ # Runtime BLaunchAbout=Prob\u00edh\u00e1 spou\u0161t\u011bn\u00ed okna O aplikaci IcedTea-Web... +BLaunchAboutFailure=Spu\u0161t\u011bn\u00ed okna O aplikaci IcedTea-Web se nezda\u0159ilo. BNeedsFile=Je nutn\u00e9 zadat soubor JNLP. RNoAboutJnlp=Nelze nal\u00e9zt soubor about.jnlp. BFileLoc=Um\u00edst\u011bn\u00ed souboru JNLP BBadProp=Neplatn\u00fd form\u00e1t vlastnosti {0} (platn\u00fd form\u00e1t: kl\u00ed\u010d=hodnota) BBadParam=Neplatn\u00fd form\u00e1t parametru {0} (platn\u00fd form\u00e1t: n\u00e1zev=hodnota) BNoDir=Adres\u00e1\u0159 {0} neexistuje. -BNoCodeOrObjectApplet=Zna\u010dka appletu mus\u00ed deklarovat atribut \u201ecode\u201c nebo \u201eobject\u201c. +BNoCodeOrObjectApplet=Zna\u010dka apletu mus\u00ed deklarovat atribut \u201ecode" nebo \u201eobject". RNoResource=Chyb\u011bj\u00edc\u00ed zdroj: {0} RShutdown=Tato v\u00fdjimka zabra\u0148uje ukon\u010den\u00ed prost\u0159ed\u00ed JVM, av\u0161ak proces byl ukon\u010den. RExitTaken=T\u0159\u00edda exit class m\u016f\u017ee b\u00fdt nastavena pouze jednou a pouze ta pak m\u016f\u017ee ukon\u010dit prost\u0159ed\u00ed JVM. RCantReplaceSM=Nen\u00ed dovoleno vym\u011bnit t\u0159\u00eddu SecurityManager. RCantCreateFile=Nelze vytvo\u0159it soubor {0}. RCantDeleteFile=Nelze smazat soubor {0}. +RCantOpenFile=Nepoda\u0159ilo se otev\u0159\u00edt soubor {0}. +RCantWriteFile=Nepoda\u0159ilo se zapisovat do souboru {0}. +RFileReadOnly=Soubor bude otev\u0159en v re\u017eimu pro \u010dten\u00ed. +RExpectedFile={0}m\u011bl b\u00fdt dle o\u010dek\u00e1v\u00e1n\u00ed soubor, ale nen\u00ed. RRemoveRPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed ke \u010dten\u00ed u souboru {0}. RRemoveWPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed k z\u00e1pisu u souboru {0}. RRemoveXPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed ke spou\u0161t\u011bn\u00ed u souboru {0}. @@ -164,31 +201,39 @@ RNoLockDir=Nelze vytvo\u0159it uzamykac\u00ed adres\u00e1\u0159 ({0}). RNestedJarExtration=Nelze extrahovat vno\u0159en\u00fd soubor JAR. RUnexpected=Neo\u010dek\u00e1van\u00e1 v\u00fdjimka {0} v n\u00e1sleduj\u00edc\u00ed \u010d\u00e1sti v\u00fdpisu trasov\u00e1n\u00ed: {1} -RConfigurationError=P\u0159i \u010dten\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b. +RConfigurationError=P\u0159i \u010dten\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b. Pokra\u010duji s pr\u00e1zdnou konfigurac\u00ed. Opravte chybu. RConfigurationFatal=CHYBA: P\u0159i na\u010d\u00edt\u00e1n\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b. Mo\u017en\u00e1 je nutn\u00e9 pou\u017e\u00edt glob\u00e1ln\u00ed konfiguraci, kter\u00e1 v\u0161ak nebyla nalezena. +RFailingToDefault=Bude pou\u017eita v\u00fdchoz\u00ed konfigurace. RPRoxyPacNotSupported=Pou\u017eit\u00ed soubor\u016f PAC (Proxy Auto Config) nen\u00ed podporov\u00e1no. RProxyFirefoxNotFound=Nelze pou\u017e\u00edt nastaven\u00ed proxy server\u016f prohl\u00ed\u017ee\u010de Firefox. Je pou\u017eito nastaven\u00ed bez proxy serveru (DIRECT). RProxyFirefoxOptionNotImplemented=Mo\u017enost nastaven\u00ed proxy serveru prohl\u00ed\u017ee\u010de {0} ({1}) je\u0161t\u011b nen\u00ed podporov\u00e1na. RBrowserLocationPromptTitle=Um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de RBrowserLocationPromptMessage=Zadejte um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de. RBrowserLocationPromptMessageWithReason=Zadejte um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de (p\u0159\u00edkaz prohl\u00ed\u017ee\u010de {0} je neplatn\u00fd). +BAboutITW=Projekt IcedTea-Web poskytuje svobodn\u00fd z\u00e1suvn\u00fd modul pro webov\u00fd prohl\u00ed\u017ee\u010d, kter\u00fd spou\u0161t\u00ed aplety napsan\u00e9 v programovac\u00edm jazyce Java, a implementaci technologie Java Web Start, p\u016fvodn\u011b zalo\u017een\u00e9 na projektu NetX. Domovskou str\u00e1nku IcedTea-Web m\u016f\u017eete nav\u0161t\u00edvit na adrese: http://icedtea.classpath.org/wiki/IcedTea-Web. V\u00edce informac\u00ed z\u00edsk\u00e1te pou\u017eit\u00edm p\u0159\u00edkaz\u016f \u201eman javaws\u201c nebo \u201ejavaws -help\u201c. +BFileInfoAuthors=Jm\u00e9na a e-mailov\u00e9 adresy p\u0159isp\u011bvatel\u016f do projektu naleznete v souboru AUTHORS v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web. +BFileInfoCopying=Kompletn\u00ed licen\u010dn\u00ed ujedn\u00e1n\u00ed GPLv2 tohoto projektu naleznete v souboru COPYING v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web. +BFileInfoNews=Novinky o vyd\u00e1n\u00edch aplikac\u00ed tohoto projektu naleznete v souboru NEWS v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web. # Boot options, message should be shorter than this ----------------> BOUsage=javaws [-volby-spu\u0161t\u011bn\u00ed] BOUsage2=javaws [-volby-ovl\u00e1d\u00e1n\u00ed] BOJnlp= Um\u00edst\u011bn\u00ed souboru JNLP ke spu\u0161t\u011bn\u00ed (URL nebo soubor) BOArg= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr aplikace. -BOParam= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr appletu. +BOParam= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr apletu. BOProperty= P\u0159ed spu\u0161t\u011bn\u00edm nastav\u00ed syst\u00e9movou vlastnost. BOUpdate= Zkontroluje aktualizace. BOLicense= Zobraz\u00ed licenci GPL a ukon\u010d\u00ed aplikaci. BOVerbose= Zapne podrobn\u00fd v\u00fdstup. BOAbout= Uk\u00e1\u017ee vzorovou aplikaci. +BOVersion= Vyp\u00ed\u0161e verzi aplikace IcedTea-Web a ukon\u010d\u00ed aplikaci. BONosecurity= Vypne zabezpe\u010den\u00e9 b\u011bhov\u00e9 prost\u0159ed\u00ed. BONoupdate= Vypne kontrolu aktualizac\u00ed. BOHeadless= Vypne ve\u0161ker\u00e9 grafick\u00e9 prvky u\u017eiv. rozhran\u00ed IcedTea-Web. BOStrict= Zapne striktn\u00ed kontrolu souborov\u00e9ho form\u00e1tu JNLP. BOViewer= Zobraz\u00ed prohl\u00ed\u017ee\u010d d\u016fv\u011bryhodn\u00fdch certifik\u00e1t\u016f. +BOXml= Pou\u017eije pro anal\u00fdzu souboru JNLP striktn\u00ed XML parser. +BOredirect= Povolit n\u00e1sledovat p\u0159esm\u011brov\u00e1n\u00ed s k\u00f3dy 301, 302, 303, 307 a 308 BXnofork= Zak\u00e1\u017ee vytv\u00e1\u0159en\u00ed jin\u00fdch prost\u0159ed\u00ed JVM. BXclearcache= Vy\u010dist\u00ed vyrovn\u00e1vac\u00ed pam\u011b\u0165 aplikace JNLP. BXignoreheaders= Vynech\u00e1 ov\u011b\u0159ov\u00e1n\u00ed hlavi\u010dky souboru JAR. @@ -200,21 +245,21 @@ CDownloading=Prob\u00edh\u00e1 stahov\u00e1n\u00ed. CComplete=Dokon\u010deno CChooseCache=Zvolit adres\u00e1\u0159 pro vyrovn\u00e1vac\u00ed pam\u011b\u0165... -CChooseCacheInfo=Netx pot\u0159ebuje um\u00edst\u011bn\u00ed pro uchov\u00e1v\u00e1n\u00ed soubor\u016f vyrovn\u00e1vac\u00ed pam\u011bti. +CChooseCacheInfo=NetX pot\u0159ebuje um\u00edst\u011bn\u00ed pro uchov\u00e1v\u00e1n\u00ed soubor\u016f vyrovn\u00e1vac\u00ed pam\u011bti. CChooseCacheDir=Adres\u00e1\u0159 vyrovn\u00e1vac\u00ed pam\u011bti -CCannotClearCache=Moment\u00e1ln\u011b nelze vy\u010distit vyrovn\u00e1vac\u00ed pam\u011b\u0165. +CCannotClearCache=Moment\u00e1ln\u011b nelze vy\u010distit vyrovn\u00e1vac\u00ed pam\u011b\u0165. Zkuste to pozd\u011bji. Pokud probl\u00e9m p\u0159etrv\u00e1v\u00e1, zkuste zav\u0159\u00edt prohl\u00ed\u017ee\u010de a aplikace JNLP. Jako posledn\u00ed prost\u0159edek m\u016f\u017eete zkusit zab\u00edt v\u0161echny Java aplikace. \\\n Vyrovn\u00e1vac\u00ed pam\u011b\u0165 m\u016f\u017eete vy\u010disti pomoc\u00ed p\u0159\u00edkazu javaws -Xclearcache nebo v programu itw-settings kliknut\u00edm na polo\u017eky Cache -> View files -> Clean all. CFakeCache=Vyrovn\u00e1vac\u00ed pam\u011b\u0165 je po\u0161kozena. Prob\u00edh\u00e1 oprava. -CFakedCache=Po\u0161kozen\u00e1 vyrovn\u00e1vac\u00ed pam\u011b\u0165 byla opravena. D\u016frazn\u011b doporu\u010dujeme co nejd\u0159\u00edve spustit p\u0159\u00edkaz \u201ejavaws -Xclearcache\u201c a pak znovu spustit aplikaci. +CFakedCache=Po\u0161kozen\u00e1 vyrovn\u00e1vac\u00ed pam\u011b\u0165 byla opravena. D\u016frazn\u011b doporu\u010dujeme co nejd\u0159\u00edve spustit p\u0159\u00edkaz \u201ejavaws -Xclearcache\u201c a pak znovu spustit aplikaci. P\u0159\u00edpadn\u011b m\u016f\u017eete pou\u017e\u00edt program itw-settings, mo\u017enosti Cache -> View files -> Clean all. # Security SFileReadAccess=Aplikace vy\u017eaduje p\u0159\u00edstup ke \u010dten\u00ed souboru {0}. Chcete tuto akci povolit? SFileWriteAccess=Aplikace vy\u017eaduje p\u0159\u00edstup k zapisov\u00e1n\u00ed do souboru {0}. Chcete tuto akci povolit? SDesktopShortcut=Aplikace vy\u017eaduje opr\u00e1vn\u011bn\u00ed k vytvo\u0159en\u00ed spou\u0161t\u011bc\u00edho souboru na plo\u0161e. Chcete tuto akci povolit? -SSigUnverified=Digit\u00e1ln\u00ed podpis aplikace nelze ov\u011b\u0159it. Chcete aplikaci spustit? -SSigVerified=Digit\u00e1ln\u00ed podpis aplikace byl ov\u011b\u0159en. Chcete aplikaci spustit? -SSignatureError=Digit\u00e1ln\u00ed podpis aplikace obsahuje chybu. Chcete aplikaci spustit? +SSigUnverified=Digit\u00e1ln\u00ed podpis aplikace nelze ov\u011b\u0159it. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di. +SSigVerified=Digit\u00e1ln\u00ed podpis aplikace byl ov\u011b\u0159en. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di. +SSignatureError=Digit\u00e1ln\u00ed podpis aplikace obsahuje chybu. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di. SUntrustedSource=Digit\u00e1ln\u00ed podpis nelze ov\u011b\u0159it pomoc\u00ed d\u016fv\u011bryhodn\u00e9ho zdroje. Aplikaci spus\u0165te, pouze pokud v\u011b\u0159\u00edte p\u016fvodu aplikace. -SWarnFullPermissionsIgnorePolicy=Spou\u0161t\u011bn\u00e9mu k\u00f3du budou ud\u011blena pln\u00e1 opr\u00e1vn\u011bn\u00ed bez ohledu na p\u0159\u00edpadn\u00e1 va\u0161e vlastn\u00ed pravidla chov\u00e1n\u00ed prost\u0159ed\u00ed Java. +SWarnFullPermissionsIgnorePolicy=Spou\u0161t\u011bn\u00e9mu k\u00f3du budou ud\u011blena pln\u00e1 opr\u00e1vn\u011bn\u00ed bez ohledu na p\u0159\u00edpadn\u00e1 va\u0161e vlastn\u00ed z\u00e1sady chov\u00e1n\u00ed prost\u0159ed\u00ed Java. STrustedSource=Digit\u00e1ln\u00ed podpis byl ov\u011b\u0159en pomoc\u00ed d\u016fv\u011bryhodn\u00e9ho zdroje. SClipboardReadAccess=Aplikace po\u017eaduje p\u0159\u00edstup ke \u010dten\u00ed syst\u00e9mov\u00e9 schr\u00e1nky. Chcete tuto akci povolit? SClipboardWriteAccess=Aplikace vy\u017eaduje p\u0159\u00edstup k zapisov\u00e1n\u00ed do syst\u00e9mov\u00e9 schr\u00e1nky. Chcete tuto akci povolit? @@ -225,18 +270,37 @@ SAlwaysTrustPublisher=V\u017edy d\u016fv\u011b\u0159ovat obsahu od tohoto vydavatele SHttpsUnverified=Certifik\u00e1t HTTPS webu nelze ov\u011b\u0159it. SRememberOption=Zapamatovat si tuto volbu? -SRememberAppletOnly=Pro applet +SRememberAppletOnly=Pro aplet SRememberCodebase=Pro web {0} SUnsignedSummary=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace Java. -SUnsignedDetail=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace z n\u00e1sleduj\u00edc\u00edho um\u00edst\u011bn\u00ed:
\u00a0\u00a0{0}
Str\u00e1nka, kter\u00e1 p\u0159edala tento po\u017eadavek:
\u00a0\u00a0{1}

Doporu\u010dujeme, abyste spou\u0161t\u011bli aplikace pouze z web\u016f, kter\u00fdm d\u016fv\u011b\u0159ujete. -SUnsignedAllowedBefore=Tento applet jste ji\u017e d\u0159\u00edve povolili. -SUnsignedRejectedBefore=Tento applet jste ji\u017e d\u0159\u00edve odm\u00edtli. -SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed appletu? +SUnsignedDetail=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace z n\u00e1sleduj\u00edc\u00edho um\u00edst\u011bn\u00ed:
  {0}
Str\u00e1nka, kter\u00e1 p\u0159edala tento po\u017eadavek:
  {1}

Doporu\u010dujeme, abyste spou\u0161t\u011bli aplikace pouze z web\u016f, kter\u00fdm d\u016fv\u011b\u0159ujete. +SUnsignedAllowedBefore=Tento aplet jste ji\u017e d\u0159\u00edve povolili. +SUnsignedRejectedBefore=Tento aplet jste ji\u017e d\u0159\u00edve odm\u00edtli. +SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed apletu? SPartiallySignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace. SPartiallySignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele. SPartiallySignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci? SAuthenticationPrompt=Server {0} na adrese {1} vy\u017eaduje ov\u011b\u0159en\u00ed. Zpr\u00e1va: \u201e{2}\u201c SJNLPFileIsNotSigned=Tato aplikace obsahuje digit\u00e1ln\u00ed podpis, v r\u00e1mci kter\u00e9ho v\u0161ak nen\u00ed podeps\u00e1n spou\u0161t\u011bn\u00fd soubor JNLP. +SAppletTitle=N\u00e1zev apletu: {0} +STrustedOnlyAttributeFailure=Element \u201etrusted-only\u201c v manifestu aplikace m\u00e1 hodnotu true. {0} a po\u017eaduje n\u00e1sleduj\u00edc\u00ed \u00farove\u0148 opr\u00e1vn\u011bn\u00ed: {1}. To nen\u00ed dovoleno. +STOAsignedMsgFully= Aplet je kompletn\u011b podeps\u00e1n. +STOAsignedMsgAndSandbox= Aplet je kompletn\u011b podeps\u00e1n a b\u011b\u017e\u00ed v izolovan\u00e9m prostoru (sandbox). +STOAsignedMsgPartiall= Aplet nen\u00ed kompletn\u011b podeps\u00e1n. +STempPermNoFile=Bez p\u0159\u00edstupu k soubor\u016fm +STempPermNoNetwork=Bez p\u0159\u00edstupu k s\u00edti +STempPermNoExec=Bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy +STempNoFileOrNetwork=Bez p\u0159\u00edstupu k soubor\u016fm a s\u00edti +STempNoExecOrNetwork=Bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy a bez p\u0159\u00edstupu k s\u00edti +STempNoFileOrExec=Bez p\u0159\u00edstupu k soubor\u016fm a bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy +STempNoFileOrNetworkOrExec=Bez p\u0159\u00edstupu k soubor\u016fm a s\u00edti a bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy +STempAllMedia=V\u0161echna m\u00e9dia +STempSoundOnly=P\u0159ehr\u00e1v\u00e1n\u00ed audia +STempClipboardOnly=P\u0159\u00edstup do schr\u00e1nky +STempPrintOnly=Tisknut\u00ed dokument\u016f +STempAllFileAndPropertyAccess=P\u0159\u00edstup ke v\u0161em soubor\u016fm a vlastnostem. +STempReadLocalFilesAndProperties=P\u0159\u00edstup k lok\u00e1ln\u00edm soubor\u016fm a vlastnostem v re\u017eimu pro \u010dten\u00ed +STempReflectionOnly=Pouze rozhran\u00ed Java Reflection # Security - used for the More Information dialog SBadKeyUsage=Zdroj obsahuje polo\u017eky, u nich\u017e roz\u0161\u00ed\u0159en\u00ed pou\u017eit\u00ed kl\u00ed\u010de KeyUsage certifik\u00e1tu podepisovatele nedovoluje podeps\u00e1n\u00ed k\u00f3du. @@ -291,11 +355,14 @@ DCInternal=Vnit\u0159n\u00ed chyba: {0} DCSourceInternal= DCUnknownSettingWithName=Vlastnost {0} je nezn\u00e1m\u00e1. +DCmaindircheckNotexists=P\u0159es v\u0161echny pokusy nebyl v\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nalezen. +DCmaindircheckNotdir=V\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nen\u00ed adres\u00e1\u0159. +DCmaindircheckRwproblem=V\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nen\u00ed mo\u017en\u00e9 spr\u00e1vn\u011b \u010d\u00edst ani do n\u011bj zapisovat. # Value Validator messages. Messages should follow "Possible values ..." VVPossibleValues=Mo\u017en\u00e9 hodnoty {0} VVPossibleBooleanValues=jsou {0} nebo {1}. -VVPossibleFileValues=obsahuj\u00ed absolutn\u00ed um\u00edst\u011bn\u00ed souboru. +VVPossibleFileValues=obsahuj\u00ed absolutn\u00ed um\u00edst\u011bn\u00ed souboru nebo adres\u00e1\u0159e. VVPossibleRangedIntegerValues=jsou v rozmez\u00ed {0} a\u017e {1} (v\u010detn\u011b). VVPossibleUrlValues=obsahuj\u00ed jakoukoliv platnou adresu URL (nap\u0159. http://icedtea.classpath.org/hg/). @@ -307,7 +374,7 @@ CPAboutDescription=Zobrazen\u00ed informace o verzi ovl\u00e1dac\u00edho panelu IcedTea CPNetworkSettingsDescription=Nastaven\u00ed s\u00edt\u011b v\u010detn\u011b zp\u016fsobu p\u0159ipojen\u00ed aplikace IcedTea-Web k Internetu a p\u0159\u00edpadn\u00e9ho pou\u017eit\u00ed proxy server\u016f CPTempInternetFilesDescription=Ukl\u00e1d\u00e1n\u00ed dat aplikac\u00ed prost\u0159ed\u00edm Java, aby bylo p\u0159i p\u0159\u00ed\u0161t\u00edm spu\u0161t\u011bn\u00ed umo\u017en\u011bno rychlej\u0161\u00ed na\u010dten\u00ed -CPJRESettingsDescription=Zobrazen\u00ed a spravov\u00e1n\u00ed verze a nastaven\u00ed prost\u0159ed\u00ed Java Runtime Environment pro aplikace a applety Java +CPJRESettingsDescription=Zobrazen\u00ed a spravov\u00e1n\u00ed verze a nastaven\u00ed prost\u0159ed\u00ed Java Runtime Environment pro aplikace a aplety Java CPCertificatesDescription=Pou\u017eit\u00ed certifik\u00e1t\u016f k pozitivn\u00ed identifikaci v\u00e1s, certifikac\u00ed, certifika\u010dn\u00edch autorit a vydavatel\u016f CPSecurityDescription=Konfigurace nastaven\u00ed zabezpe\u010den\u00ed CPDebuggingDescription=Zapnut\u00ed mo\u017enost\u00ed pom\u00e1haj\u00edc\u00edch p\u0159i lad\u011bn\u00ed @@ -315,7 +382,7 @@ CPJVMPluginArguments=Nastaven\u00ed parametr\u016f prost\u0159ed\u00ed JVM pro z\u00e1suvn\u00fd modul. CPJVMitwExec=Nastaven\u00ed prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web (pracuje nejl\u00e9pe s prost\u0159ed\u00edm OpenJDK) CPJVMitwExecValidation=Ov\u011b\u0159en\u00ed prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web -CPJVMPluginSelectExec=Volba prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web +CPJVMPluginSelectExec=Vyhledat prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web CPJVMnone=\u017d\u00e1dn\u00e9 v\u00fdsledky ov\u011b\u0159en\u00ed pro cestu CPJVMvalidated=V\u00fdsledky ov\u011b\u0159en\u00ed pro cestu CPJVMvalueNotSet=Hodnota nen\u00ed nastavena. Bude pou\u017eito p\u0159edvolen\u00e9 prost\u0159ed\u00ed JVM. @@ -332,11 +399,14 @@ CPJVMjava=OK, adres\u00e1\u0159, kter\u00fd jste vybrali, obsahuje podadres\u00e1\u0159 a soubor \u201ebin/java\u201c. CPJVMnoRtJar=Chyba: adres\u00e1\u0159, kter\u00fd jste vybrali, neobsahuje podadres\u00e1\u0159 a soubor \u201elib/rt.jar\u201c. CPJVMrtJar=OK, adres\u00e1\u0159, kter\u00fd jste vybrali, obsahuje podadres\u00e1\u0159 a soubor \u201elib/rt.jar\u201c. -CPJVMPluginAllowTTValidation=Povolit ov\u011b\u0159ov\u00e1n\u00ed v pr\u016fb\u011bhu psan\u00ed +CPJVMPluginAllowTTValidation=Ov\u011b\u0159it prost\u0159ed\u00ed JRE ihned CPJVMNotokMessage1=Zadali jste neplatnou hodnotu ({0}) prost\u0159ed\u00ed JDK. Chybov\u00e1 zpr\u00e1va: CPJVMNotokMessage2=Tuto zpr\u00e1vu vid\u00edte pravd\u011bpodobn\u011b proto\u017ee:
* V\u00e1\u0161 syst\u00e9m nepro\u0161el n\u011bkter\u00fdm z ov\u011b\u0159ovac\u00edch test\u016f
* Bylo detekov\u00e1no jin\u00e9 prost\u0159ed\u00ed ne\u017e OpenJDK
S neplatn\u00fdm prost\u0159ed\u00edm JDK nebude se pravd\u011bpodobn\u011b nebude aplikace IcedTea-Web schopna spustit.
Budete muset upravit nebo odstranit vlastnost {0} ve va\u0161em konfigura\u010dn\u00edm souboru {1}.
M\u011bli byste ve sv\u00e9m syst\u00e9mu nal\u00e9zt prost\u0159ed\u00ed OpenJDK, nebo byste m\u011bli dob\u0159e v\u011bd\u011bt, co d\u011bl\u00e1te. CPJVMconfirmInvalidJdkTitle=Potvrzen\u00ed neplatn\u00e9ho prost\u0159ed\u00ed JDK CPJVMconfirmReset=Obnovit v\u00fdchoz\u00ed nastaven\u00ed? +CPPolicyDetail=Zobrazit nebo upravit v\u00e1\u0161 u\u017eivatelsk\u00fd soubor se z\u00e1sadami prost\u0159ed\u00ed Java Toto nastaven\u00ed v\u00e1m umo\u017en\u00ed ud\u011blit nebo odep\u0159\u00edt opr\u00e1vn\u011bn\u00ed modulu runtime pro aplet bez ohledu na standardn\u00ed bezpe\u010dnostn\u00ed pravidla pro pr\u00e1ci v izolovan\u00e9m prostoru (sandbox). +CPPolicyTooltip=Otev\u0159\u00edt soubor {0} v n\u00e1stroji Policy Editor. +CPPolicyEditorNotFound=Nelze nal\u00e9zt editor pro tvorbu souboru syst\u00e9mov\u00fdch z\u00e1sad. Zkontrolujte, zda je n\u00e1stroj Policy Tool dosa\u017eiteln\u00fd z PATH. # Control Panel - Buttons CPButAbout=O aplikaci IcedTea-Web @@ -344,6 +414,8 @@ CPButSettings=Nastaven\u00ed... CPButView=Zobrazit... CPButCertificates=Certifik\u00e1ty... +CPButSimpleEditor=Jednoduch\u00fd editor +CPButAdvancedEditor=Roz\u0161\u00ed\u0159en\u00fd editor # Control Panel - Headers CPHead=Ovl\u00e1dac\u00ed panel IcedTea-Web @@ -356,6 +428,7 @@ CPHeadDesktopIntegration=\u00a0Integrace s pracovn\u00ed plochou\u00a0 CPHeadSecurity=\u00a0Nastaven\u00ed zabezpe\u010den\u00ed\u00a0 CPHeadJVMSettings=\u00a0Nastaven\u00ed JVM\u00a0 +CPHeadPolicy=\u00a0Vlastn\u00ed nastaven\u00ed z\u00e1sad\u00a0 # Control Panel - Tabs CPTabAbout=O aplikaci IcedTea-Web @@ -368,9 +441,10 @@ CPTabRuntimes=Moduly runtime CPTabSecurity=Zabezpe\u010den\u00ed CPTabJVMSettings=Nastaven\u00ed JVM +CPTabPolicy=Nastaven\u00ed z\u00e1sad # Control Panel - AboutPanel -CPAboutInfo=Toto je ovl\u00e1dac\u00ed panel umo\u017e\u0148uj\u00edc\u00ed nastavit deployment.properties.
Dokud nebudou implementov\u00e1ny v\u0161echny funkce, n\u011bkter\u00e9 z nich nebudou \u00fa\u010dinn\u00e9.
V sou\u010dasnosti nen\u00ed podporov\u00e1no pou\u017e\u00edv\u00e1n\u00ed v\u00edce prost\u0159ed\u00ed JRE.
+CPAboutInfo=Toto je ovl\u00e1dac\u00ed panel umo\u017e\u0148uj\u00edc\u00ed nastavit deployment.properties.
Dokud nebudou implementov\u00e1ny v\u0161echny funkce, n\u011bkter\u00e9 z nich nebudou \u00fa\u010dinn\u00e9.
V sou\u010dasnosti je pou\u017e\u00edv\u00e1n\u00ed v\u00edce prost\u0159ed\u00ed JRE omezeno na OpenJDK.
# Control Panel - AdvancedProxySettings APSDialogTitle=Nastaven\u00ed s\u00edt\u011b @@ -388,11 +462,197 @@ APSExceptionInstruction=Odd\u011blte ka\u017edou polo\u017eku st\u0159edn\u00edkem. # Control Panel - DebugginPanel -DPEnableLogging=Zapnout protokolov\u00e1n\u00ed +CPDebuggingPossibilites=V\u00fdstupy protokolov\u00e1n\u00ed +DPEnableLogging=Zapnout lad\u011bn\u00ed +DPEnableLoggingHint=Kdy\u017e je tento p\u0159ep\u00edna\u010d zapnut\u00fd, jsou protokolov\u00e1ny tak\u00e9 zpr\u00e1vy z lad\u011bn\u00ed. Ekvivalent pou\u017eit\u00ed p\u0159ep\u00edna\u010de -verbose nebo pou\u017eit\u00ed nastaven\u00ed ICEDTEAPLUGIN_DEBUG=true. +DPEnableHeaders=Povolit hlavi\u010dky +DPEnableHeadersHint=Kdy\u017e je tento p\u0159ep\u00edna\u010d zapnut\u00fd, ka\u017ed\u00e1 zaprotokolovan\u00e1 zpr\u00e1va m\u00e1 hlavi\u010dku s dodate\u010dn\u00fdmi informacemi, jako jsou nap\u0159\u00edklad podrobnosti o u\u017eivateli, um\u00edst\u011bn\u00ed v k\u00f3du a \u010dasu. +DPEnableFile=Zapnout protokolov\u00e1n\u00ed do souboru +CPFilesLogsDestDir=Adres\u00e1\u0159 pro souborov\u00e9 protokoly +CPFilesLogsDestDirResert=Obnovit v\u00fdchoz\u00ed nastaven\u00ed +DPEnableFileHint=zpr\u00e1vy v\u00fdstupu budou ulo\u017eeny do souboru v adres\u00e1\u0159i {0}. +DPEnableStds=Zapnout protokolov\u00e1n\u00ed na standardn\u00ed v\u00fdstupy. +DPEnableStdsHint=Zpr\u00e1vy budou vyps\u00e1ny na standardn\u00edch v\u00fdstupech. +DPEnableSyslog=Zapnout protokolov\u00e1n\u00ed do syst\u00e9mov\u00fdch protokol\u016f +DPEnableSyslogHint=zpr\u00e1vy v\u00fdstupu budou ulo\u017eeny do syst\u00e9mov\u00fdch protokol\u016f. DPDisable=Vypnout DPHide=Skr\u00fdt p\u0159i spou\u0161t\u011bn\u00ed DPShow=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed +DPShowPluginOnly=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed z\u00e1suvn\u00e9ho modulu +DPShowJavawsOnly=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed javaws DPJavaConsole=Konzola Java +DPJavaConsoleDisabledHint=Konzola Java je vypnuta. Pomoc\u00ed programu itw-settings ji m\u016f\u017eete zapnout a nastavit jej\u00ed zobrazov\u00e1n\u00ed/nezobrazov\u00e1n\u00ed po startu. + +# PolicyEditor +PEUsage=policyeditor [-file soubor_se_ z\u00e1sadami] +PEHelpFlag=Vyp\u00ed\u0161e zadanou zpr\u00e1vu do konzole a ukon\u010d\u00ed aplikaci. +PEFileFlag=Specifikuje cestu k souboru se z\u00e1sadami, kter\u00fd se m\u00e1 b\u00fdt otev\u0159en. +PECodebaseFlag=Specifikuje adresy URL z\u00e1kladny k\u00f3du (codebase), kter\u00e9 se p\u0159idaj\u00ed anebo zv\u00fdrazn\u00ed v editoru. +PETitle=Policy Editor +PEReadProps=\u010cten\u00ed syst\u00e9mov\u00fdch vlastnost\u00ed +PEReadPropsDetail=Povol\u00ed aplet\u016fm \u010d\u00edst syst\u00e9mov\u00e9 vlastnosti, jako jen va\u0161e u\u017eivatelsk\u00e9 jm\u00e9no a um\u00edst\u011bn\u00ed domovsk\u00e9ho adres\u00e1\u0159e. +PEWriteProps=Zapisov\u00e1n\u00ed syst\u00e9mov\u00fdch vlastnost\u00ed +PEWritePropsDetail=Povol\u00ed aplet\u016fm zapisovat/p\u0159episovat syst\u00e9mov\u00e9 vlastnosti. +PEReadFiles=\u010cten\u00ed lok\u00e1ln\u00edch soubor\u016f +PEReadFilesDetail=Povol\u00ed aplet\u016fm \u010d\u00edst ze soubor\u016f ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i. +PEWriteFiles=Zapisov\u00e1n\u00ed do lok\u00e1ln\u00edch soubor\u016f +PEWriteFilesDetail=Povol\u00ed aplet\u016fm zapisovat do soubor\u016f ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i. +PEDeleteFiles=Maz\u00e1n\u00ed lok\u00e1ln\u00edch soubor\u016f +PEDeleteFilesDetail=Povol\u00ed aplet\u016fm mazat soubory ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i. +PEReadSystemFiles=\u010cten\u00ed v\u0161ech syst\u00e9mov\u00fdch soubor\u016f +PEReadSystemFilesDetail=Povol\u00ed aplikac\u00edm p\u0159istupovat ke v\u0161em um\u00edst\u011bn\u00edm ve va\u0161em po\u010d\u00edta\u010di v re\u017eimu pro \u010dten\u00ed. +PEWriteSystemFiles=Zapisov\u00e1n\u00ed do v\u0161ech syst\u00e9mov\u00fdch soubor\u016f +PEWriteSystemFilesDetail=Povol\u00ed aplikac\u00edm p\u0159istupovat ke v\u0161em um\u00edst\u011bn\u00edm ve va\u0161em po\u010d\u00edta\u010di v re\u017eimu pro z\u00e1pis. +PEReadTempFiles=\u010cten\u00ed z do\u010dasn\u00fdch soubor\u016f +PEReadTempFilesDetail=Povol\u00ed aplet\u016fm \u010d\u00edst z adres\u00e1\u0159e s do\u010dasn\u00fdmi soubory. +PEWriteTempFiles=Zapisov\u00e1n\u00ed do do\u010dasn\u00fdch soubor\u016f +PEWriteTempFilesDetail=Povol\u00ed aplet\u016fm zapisovat do adres\u00e1\u0159e s do\u010dasn\u00fdmi soubory. +PEDeleteTempFiles=Maz\u00e1n\u00ed do\u010dasn\u00fdch soubor\u016f +PEDeleteTempFilesDetail=Povol\u00ed aplet\u016fm mazat soubory ve va\u0161em adres\u00e1\u0159i s do\u010dasn\u00fdmi soubory. +PEAWTPermission=P\u0159\u00edstup k syst\u00e9mu oken +PEAWTPermissionDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k syst\u00e9mu oken AWT. +PEClipboard=P\u0159\u00edstup do schr\u00e1nky +PEClipboardDetail=Povol\u00ed aplet\u016fm \u010d\u00edst a zapisovat ve schr\u00e1nce. +PENetwork=P\u0159\u00edstup k s\u00edti +PENetworkDetail=Povol\u00ed aplet\u016fm navazovat jak\u00e1koli s\u00ed\u0165ov\u00e1 spojen\u00ed. +PEPrint=Tisknut\u00ed dokument\u016f +PEPrintDetail=Povol\u00ed aplet\u016fm p\u0159id\u00e1vat \u00falohy do tiskov\u00e9 fronty. +PEPlayAudio=P\u0159ehr\u00e1v\u00e1n\u00ed zvuk\u016f +PEPlayAudioDetail=Povol\u00ed aplet\u016fm p\u0159ehr\u00e1vat zvuky, nikoliv v\u0161ak zvuky nahr\u00e1vat. +PERecordAudio=Nahr\u00e1v\u00e1n\u00ed audia +PERecordAudioDetail=Povol\u00ed aplet\u016fm nahr\u00e1vat audio, nikoliv v\u0161ak audio soubory p\u0159ehr\u00e1vat. +PEReflection=Java Reflection +PEReflectionDetail=Povol\u00ed aplet\u016fm p\u0159istupovat k rozhran\u00ed Java Reflection API +PEClassLoader=P\u0159\u00edstup k zavad\u011b\u010di t\u0159\u00edd +PEClassLoaderDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k syst\u00e9mov\u00e9mu zavad\u011b\u010di t\u0159\u00edd (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection). +PEClassInPackage=P\u0159\u00edstup k ostatn\u00edm bal\u00ed\u010dk\u016fm +PEClassInPackageDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k t\u0159\u00edd\u00e1m z bal\u00ed\u010dk\u016f ostatn\u00edch aplet\u016f (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection). +PEDeclaredMembers=P\u0159\u00edstup k soukrom\u00fdm dat\u016fm t\u0159\u00edd +PEDeclaredMembersDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k obvykle skryt\u00fdm dat\u016fm ostatn\u00edch t\u0159\u00edd prost\u0159ed\u00ed Java (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection). +PEExec=Spou\u0161t\u011bn\u00ed p\u0159\u00edkaz\u016f +PEExecDetail=Povol\u00ed aplet\u016fm spou\u0161t\u011bt syst\u00e9mov\u00e9 p\u0159\u00edkazy. +PEGetEnv=P\u0159\u00edstup k prom\u011bnn\u00fdm prost\u0159ed\u00ed +PEGetEnvDetail=Povol\u00ed aplet\u016fm \u010d\u00edst prom\u011bnn\u00e9 syst\u00e9mov\u00e9ho prost\u0159ed\u00ed. +PECouldNotOpen=Nelze otev\u0159\u00edt soubor se z\u00e1sadami +PECouldNotSave=Nelze ulo\u017eit soubor se z\u00e1sadami +PEAddCodebase=P\u0159idat novou z\u00e1kladnu k\u00f3du (codebase) +PERemoveCodebase=Odstranit +PECodebasePrompt=Zadejte novou z\u00e1kladnu k\u00f3du (codebase) +PEGlobalSettings=V\u0161echny aplety +PESaveChanges=Ulo\u017eit zm\u011bny p\u0159ed ukon\u010den\u00edm? +PEChangesSaved=Zm\u011bny byly ulo\u017eeny. +PECheckboxLabel=Opr\u00e1vn\u011bn\u00ed +PECodebaseLabel=Z\u00e1kladny k\u00f3du (codebases) +PEFileMenu=Soubor +PEOpenMenuItem=Otev\u0159\u00edt... +PESaveMenuItem=Ulo\u017eit +PESaveAsMenuItem=Ulo\u017eit jako... +PEExitMenuItem=Ukon\u010dit +PEViewMenu=Zobrazit +PECustomPermissionsItem=Vlastn\u00ed opr\u00e1vn\u011bn\u00ed... +PEFileModified=Varov\u00e1n\u00ed ohledn\u011b zm\u011bny souboru +PEFileModifiedDetail=Soubor se z\u00e1sadami v um\u00edst\u011bn\u00ed {0} byl od posledn\u00edho otev\u0159en\u00ed zm\u011bn\u011bn. Chcete ho p\u0159ed ulo\u017een\u00edm znovu na\u010d\u00edst a upravit? +PEGAccesUnowenedCode= Spou\u0161t\u011bn\u00ed k\u00f3du, kter\u00fd nevlastn\u00edte +PEGMediaAccess= P\u0159\u00edstup k m\u00e9di\u00edm +PEGrightClick= prav\u00fdm tla\u010d\u00edtkem my\u0161i rozbalit/sbalit nab\u00eddku +PEGReadFileSystem= \u010cten\u00ed ze syst\u00e9mu +PEGWriteFileSystem= Zapisov\u00e1n\u00ed do syst\u00e9mu + + +# Policy Editor CustomPolicyViewer +PECPTitle=Prohl\u00ed\u017ee\u010d vlastn\u00edch z\u00e1sad From jvanek at redhat.com Mon Mar 31 14:59:46 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 16:59:46 +0200 Subject: [icedtea-web] Translation of 1.5 In-Reply-To: References: <53306BD5.8040902@redhat.com> Message-ID: <533982E2.9070006@redhat.com> Thank you! Pushed. Please note, I have removed the copy of looong help string. And you may note also the small whitelist which appeared :) J. Thank you AGAIN and SO much! On 03/27/2014 08:52 PM, skolnag at gmail.com wrote: > Hello, > > Here is the Czech translation. > > Kind regards, > Alexandr > > > > > > 2014-03-24 17:46 GMT+00:00 skolnag at gmail.com >: > > Hello, > > I have most of the translation finished. There are, however, some places where the source text > is unclear. I will send my questions tomorrow and after I receive the answers I will provide > final translation. > > Thank you for understanding. > > Kind regards, > Alexandr > > > > > 2014-03-24 18:31 GMT+01:00 Jiri Vanek >: > > Hi guys! > > Is there any progress/eta or whatever? > > If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the > fix. > > Anyway for any case, I need some feedback to sync with you and rest of ITW. > > Thanx in advance, > All the best > J. > > > From jvanek at redhat.com Mon Mar 31 15:31:37 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 17:31:37 +0200 Subject: [icedtea-web] Translation of 1.5 In-Reply-To: <533982E2.9070006@redhat.com> References: <53306BD5.8040902@redhat.com> <533982E2.9070006@redhat.com> Message-ID: <53398A59.2010803@redhat.com> On 03/31/2014 04:59 PM, Jiri Vanek wrote: > > Thank you! > > Pushed. > > Please note, I have removed the copy of looong help string. > > And you may note also the small whitelist which appeared :) Forgot to add link http://icedtea.classpath.org/hg/icedtea-web/rev/ee80e215928e#l3.26 Sorry for spam:( > > > J. > > Thank you AGAIN and SO much! > > > On 03/27/2014 08:52 PM, skolnag at gmail.com wrote: >> Hello, >> >> Here is the Czech translation. >> >> Kind regards, >> Alexandr >> >> >> >> >> >> 2014-03-24 17:46 GMT+00:00 skolnag at gmail.com > >: >> >> Hello, >> >> I have most of the translation finished. There are, however, some places where the source text >> is unclear. I will send my questions tomorrow and after I receive the answers I will provide >> final translation. >> >> Thank you for understanding. >> >> Kind regards, >> Alexandr >> >> >> >> >> 2014-03-24 18:31 GMT+01:00 Jiri Vanek >: >> >> Hi guys! >> >> Is there any progress/eta or whatever? >> >> If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the >> fix. >> >> Anyway for any case, I need some feedback to sync with you and rest of ITW. >> >> Thanx in advance, >> All the best >> J. >> >> >> > From jvanek at redhat.com Mon Mar 31 15:54:16 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 17:54:16 +0200 Subject: [rfc][icedtea-web] allowing "dot issue" of codebaseMatcher Message-ID: <53398FA8.6080401@redhat.com> Fixing the regression of jogamp, as in subject J. ps: I still think its bug, and Oracle sucks :-/ pps: I emailed them about this issue several times, no reply :( -------------- next part -------------- A non-text attachment was scrubbed... Name: alowingDotIssue.patch Type: text/x-patch Size: 1742 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 31 16:06:18 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 12:06:18 -0400 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <53397350.7030001@redhat.com> References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com> Message-ID: <20140331160617.GE2669@redhat.com> * Jiri Vanek [2014-03-31 09:53]: > On 03/28/2014 11:23 PM, Omair Majid wrote: > >The attached patches does some minor tweaks to the ALACA dialog. > > Yes. This is ok to go. Also I'm for the compression of info > attribute. I think it is more wide spread. Then jsut in alaca. Okay, this patch includes all the 4 changes (remove 'codebase', wrap urls in
    , simplify the ALACA title and fix html link names). If you read it carefully, you will see both ALACA title/descriptions are the same. I am still not sure if, from a user's point of view, there is any difference. Thoughts? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties @@ -61,23 +61,24 @@ http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html # missing Application-Library-Allowable-Codebase dialogue -ALACAMissingMainTitle=Application {0} \ -form codebase {1} is missing the Application-Library-Allowable-Codebase attribute. \ -This application uses resources from the following remote locations:
    {2} Are you sure you want to run this application? -ALACAMissingInfo=For more information you can visit:
    \ +ALACAMissingMainTitle=The application {0} \ +from {1} uses resources from the following remote locations: \ +{2} \ +Are you sure you want to run this application? +ALACAMissingInfo=For more information see:
    \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
    \ +JAR File Manifest Attributes
    \ and
    \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the Repurposing of an Application # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=Application {0} \ -form codebase {1} is requiring valid resources from different locations:
    {2}
    \ -Those resources are expected to be loaded. Do you agree to run this application? +ALACAMatchingMainTitle=The application {0} \ +from {1} uses resources from the following remote locations:
    {2}
    \ +Are you sure you want to run this application? ALACAMatchingInfo=For more information you can visit:
    \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
    \ +JAR File Manifest Attributes
    \ and
    \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the Repurposing of an Application # LS - Severity LSMinor=Minor diff --git a/netx/net/sourceforge/jnlp/util/UrlUtils.java b/netx/net/sourceforge/jnlp/util/UrlUtils.java --- a/netx/net/sourceforge/jnlp/util/UrlUtils.java +++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java @@ -195,9 +195,11 @@ */ public static String setOfUrlsToHtmlList(Iterable remoteUrls) { StringBuilder sb = new StringBuilder(); + sb.append("
      "); for (URL url : remoteUrls) { sb.append("
    • ").append(url.toExternalForm()).append("
    • "); } + sb.append("
    "); return sb.toString(); } From jvanek at redhat.com Mon Mar 31 16:26:45 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 18:26:45 +0200 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <20140331160617.GE2669@redhat.com> References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com> <20140331160617.GE2669@redhat.com> Message-ID: <53399745.9080301@redhat.com> On 03/31/2014 06:06 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 09:53]: >> On 03/28/2014 11:23 PM, Omair Majid wrote: >>> The attached patches does some minor tweaks to the ALACA dialog. >> >> Yes. This is ok to go. Also I'm for the compression of info >> attribute. I think it is more wide spread. Then jsut in alaca. > > Okay, this patch includes all the 4 changes (remove 'codebase', wrap > urls in
      , simplify the ALACA title and fix html link names). > > If you read it carefully, you will see both ALACA title/descriptions are > the same. I am still not sure if, from a user's point of view, there is > any difference. > > Thoughts? > > Thanks, > Omair > ok to go! Please also push the http://fpaste.org/90290/28294913/ together. J. From omajid at redhat.com Mon Mar 31 16:26:52 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 12:26:52 -0400 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <53397350.7030001@redhat.com> References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com> Message-ID: <20140331162651.GG2669@redhat.com> * Jiri Vanek [2014-03-31 09:54]: > Yes. This is ok to go. Also I'm for the compression of info > attribute. I think it is more wide spread. Then jsut in alaca. There is one other link with full link text: MissingPermissionsInfo. The attached patch fixes that. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -------------- next part -------------- diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties @@ -56,9 +56,9 @@ Applications without this attribute should not be trusted. Do you wish to allow this application to run? MissingPermissionsInfo=For more information you can visit:
      \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
      \ +JAR File Manifest Attributes
      \ and
      \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the repurposing of Applications # missing Application-Library-Allowable-Codebase dialogue ALACAMissingMainTitle=The application {0} \ From jvanek at redhat.com Mon Mar 31 16:28:32 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 18:28:32 +0200 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <20140331162651.GG2669@redhat.com> References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com> <20140331162651.GG2669@redhat.com> Message-ID: <533997B0.2000707@redhat.com> On 03/31/2014 06:26 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 09:54]: >> Yes. This is ok to go. Also I'm for the compression of info >> attribute. I think it is more wide spread. Then jsut in alaca. > > There is one other link with full link text: MissingPermissionsInfo. The > attached patch fixes that. > > Thanks, > Omair > Already OKed, but nvm :) Go on, please. From bugzilla-daemon at icedtea.classpath.org Mon Mar 31 16:36:43 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 31 Mar 2014 16:36:43 +0000 Subject: [Bug 900] Fatal: Application Error: Unknown Main-Class. Could not determine the main class for this application. In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=900 Jonathan Kamens changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jik at kamens.us --- Comment #9 from Jonathan Kamens --- I have two Fedora 20 x86_64 systems. On one, I am seeing this problem. On the other, I can load exactly the same java applet in Firefox with no trouble. I tried creating a brand new Firefox profile and the problem persisted. Here's the start of the output in the java console on the machine that's not working: Attempted to download https://xvm.mit.edu:446/static/VncViewer.jar, but failed to connect! Application title was not found in manifest. Check with application vendor JAR https://xvm.mit.edu:446/static/VncViewer.jar not found. Continuing. JAR https://xvm.mit.edu:446/static/VncViewer.jar not found. Continuing. When you cut and paste that URL into a browser or download it with curl or do a HEAD request, it works just fine, so I have no idea why OpenJDK is unable to download it. -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jvanek at redhat.com Mon Mar 31 16:46:04 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 18:46:04 +0200 Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog In-Reply-To: <20140331162651.GG2669@redhat.com> References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com> <20140331162651.GG2669@redhat.com> Message-ID: <53399BCC.4080808@redhat.com> On 03/31/2014 06:26 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 09:54]: >> Yes. This is ok to go. Also I'm for the compression of info >> attribute. I think it is more wide spread. Then jsut in alaca. > > There is one other link with full link text: MissingPermissionsInfo. The > attached patch fixes that. > > Thanks, > Omair > I think you mat also fix the: form codebase {1} is missing the permissions attribute. \ to rmeove the codebase word, in same manner as in case of ALACA. Feel free to include and push at free will. J. From aazores at redhat.com Mon Mar 31 16:56:58 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 31 Mar 2014 12:56:58 -0400 Subject: [rfc][icedtea-web] allowing "dot issue" of codebaseMatcher In-Reply-To: <53398FA8.6080401@redhat.com> References: <53398FA8.6080401@redhat.com> Message-ID: <53399E5A.4090007@redhat.com> On 03/31/2014 11:54 AM, Jiri Vanek wrote: > > Fixing the regression of jogamp, as in subject > > J. > > ps: I still think its bug, and Oracle sucks :-/ > pps: I emailed them about this issue several times, no reply :( I think this is okay. I haven't very thoroughly tested it, but it does make the previously-failing Jogamp test case start to work again at least. Thanks, -- Andrew A From jvanek at redhat.com Mon Mar 31 17:04:17 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 19:04:17 +0200 Subject: [fyi][icedtea-web] adapting cz localisation for future changes. Message-ID: <5339A011.2060405@redhat.com> With: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026995.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026997.html and http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/027000.html approved. This is adaptation of current CZ messages. I will push this in short time. J. From jvanek at icedtea.classpath.org Mon Mar 31 17:20:32 2014 From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org) Date: Mon, 31 Mar 2014 17:20:32 +0000 Subject: /hg/icedtea-web: Allowed wrong match of the aaaexample.com by *.... Message-ID: changeset 79a3a7a01760 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=79a3a7a01760 author: Jiri Vanek date: Mon Mar 31 19:20:19 2014 +0200 Allowed wrong match of the aaaexample.com by *.example.com expression as in specification. diffstat: ChangeLog | 9 +++++++++ netx/net/sourceforge/jnlp/util/ClasspathMatcher.java | 9 +++++---- tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java | 8 ++++++-- 3 files changed, 20 insertions(+), 6 deletions(-) diffs (54 lines): diff -r ee80e215928e -r 79a3a7a01760 ChangeLog --- a/ChangeLog Mon Mar 31 16:54:52 2014 +0200 +++ b/ChangeLog Mon Mar 31 19:20:19 2014 +0200 @@ -1,3 +1,12 @@ +2013-03-31 Jiri Vanek + + Allowed wrong match of the aaaexample.com by *.example.com expression as in + specification. + * netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: uncommented handling + of dot in (domainToRegEx). + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: + (matchTest) uncommented and added tests of/for dot issue. + 2013-03-31 Jiri Vanek Alexandr Kolouch diff -r ee80e215928e -r 79a3a7a01760 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java --- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 16:54:52 2014 +0200 +++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 19:20:19 2014 +0200 @@ -146,10 +146,11 @@ } private static Pattern domainToRegEx(String domain) { - // I have conisdered the "dot" as bug i specification - // while (domain.startsWith("*.")) { - // domain = "*" + domain.substring(2); - //} + // Although I have conisdered the "dot" as bug in specification, + // to many applications are depnding on it + while (domain.startsWith("*.")) { + domain = "*" + domain.substring(2); + } return ClasspathMatcher.sourceToRegEx(domain); } } diff -r ee80e215928e -r 79a3a7a01760 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 16:54:52 2014 +0200 +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 19:20:19 2014 +0200 @@ -422,9 +422,13 @@ Assert.assertTrue(p.match(urls[13])); Assert.assertTrue(p.match(urls[14])); //those represent the "dot" issue - //Assert.assertTrue(p.match(urls[15])); - //Assert.assertTrue(p.match(urls[16])); + Assert.assertTrue(p.match(urls[15])); + Assert.assertTrue(p.match(urls[16])); Assert.assertFalse(p.match(urls[17])); + //reasons for alowing "dot" issue + Assert.assertTrue(p.match(new URL("http://www.example.com"))); + Assert.assertTrue(p.match(new URL("http://example.com"))); //yah, this is really nasty + //still the DOT issue is an BUG } @Test From aazores at redhat.com Mon Mar 31 17:28:12 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 31 Mar 2014 13:28:12 -0400 Subject: [rfc][icedtea-web] Permissions manifest attribute fix Message-ID: <5339A5AC.1070004@redhat.com> Hi, The spec for this attribute is at [0]. Any reviewer, please double check the spec to be sure I've correctly interpreted it, and not just implemented something else. [1] and [2] can be used as test cases for this fix. The Permissions manifest attribute had a bug due to the inability to distinguish between a signed applet being granted All-permission because it specified it in the HTML params, and a signed applet being granted All-permission because it did not specify a permission level and All-permission is the default in this case. This bug led to signed applets being unable to properly request for themselves to be run sandboxed. This patch fixes it so that the applets may be run, however, there is a deficiency in that we are not actually able to sandbox the applet. This is because we are doing our manifest checks after all of our resources have been loaded and assigned SecurityDescs. In order to run an applet sandboxed, the SecurityDelegate#setRunInSandbox call must be performed before any of these security descriptors are assigned. This is not currently possible. However, we do at least have the Run In Sandbox button which can be used before the manifest checks are performed, which will then allow the applet to be run sandboxed at the user's discretion. [0] http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions [1] http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html [2] http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: permissions-attr-check.patch Type: text/x-patch Size: 14472 bytes Desc: not available URL: From omajid at icedtea.classpath.org Mon Mar 31 17:28:50 2014 From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org) Date: Mon, 31 Mar 2014 17:28:50 +0000 Subject: /hg/icedtea-web: 3 new changesets Message-ID: changeset 1fa70bdff359 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=1fa70bdff359 author: Omair Majid date: Mon Mar 31 13:19:52 2014 -0400 Adjust strings in ALACA dialog 2013-03-31 Omair Majid * netx/net/sourceforge/jnlp/resources/Messages.properties (ALACAMissingMainTitle, ALACAMissingInfo ALACAMatchingMainTitle) (ALACAMatchingInfo): Rephrase strings and replace full links with page names. * netx/net/sourceforge/jnlp/util/UrlUtils.java (setOfUrlsToHtmlList): Enclose list in 'ul' element. changeset ec7b04725a82 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ec7b04725a82 author: Omair Majid date: Mon Mar 31 13:26:39 2014 -0400 Fix misssing permissions dialog 2013-03-31 Omair Majid * netx/net/sourceforge/jnlp/resources/Messages.properties (MissingPermissionsMainTitle): Remove 'codebase' (MissingPermissionsInfo): Use simple link title. changeset dc0a77856cb4 in /hg/icedtea-web details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dc0a77856cb4 author: Omair Majid date: Mon Mar 31 13:27:48 2014 -0400 Merge diffstat: ChangeLog | 24 ++++++++ netx/net/sourceforge/jnlp/resources/Messages.properties | 29 +++++---- netx/net/sourceforge/jnlp/util/ClasspathMatcher.java | 9 +- netx/net/sourceforge/jnlp/util/UrlUtils.java | 2 + tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java | 8 ++- 5 files changed, 52 insertions(+), 20 deletions(-) diffs (135 lines): diff -r ee80e215928e -r dc0a77856cb4 ChangeLog --- a/ChangeLog Mon Mar 31 16:54:52 2014 +0200 +++ b/ChangeLog Mon Mar 31 13:27:48 2014 -0400 @@ -1,3 +1,27 @@ +2013-03-31 Omair Majid + + * netx/net/sourceforge/jnlp/resources/Messages.properties + (MissingPermissionsMainTitle): Remove 'codebase' + (MissingPermissionsInfo): Use simple link title. + +2013-03-31 Omair Majid + + * netx/net/sourceforge/jnlp/resources/Messages.properties + (ALACAMissingMainTitle, ALACAMissingInfo ALACAMatchingMainTitle) + (ALACAMatchingInfo): Rephrase strings and replace full links with page + names. + * netx/net/sourceforge/jnlp/util/UrlUtils.java (setOfUrlsToHtmlList): + Enclose list in 'ul' element. + +2013-03-31 Jiri Vanek + + Allowed wrong match of the aaaexample.com by *.example.com expression as in + specification. + * netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: uncommented handling + of dot in (domainToRegEx). + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: + (matchTest) uncommented and added tests of/for dot issue. + 2013-03-31 Jiri Vanek Alexandr Kolouch diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 31 16:54:52 2014 +0200 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 31 13:27:48 2014 -0400 @@ -52,32 +52,33 @@ # missing permissions dialogue MissingPermissionsMainTitle=Application {0} \ -form codebase {1} is missing the permissions attribute. \ +from {1} is missing the permissions attribute. \ Applications without this attribute should not be trusted. Do you wish to allow this application to run? MissingPermissionsInfo=For more information you can visit:
      \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
      \ +JAR File Manifest Attributes
      \ and
      \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the repurposing of Applications # missing Application-Library-Allowable-Codebase dialogue -ALACAMissingMainTitle=Application {0} \ -form codebase {1} is missing the Application-Library-Allowable-Codebase attribute. \ -This application uses resources from the following remote locations:
      {2} Are you sure you want to run this application? -ALACAMissingInfo=For more information you can visit:
      \ +ALACAMissingMainTitle=The application {0} \ +from {1} uses resources from the following remote locations: \ +{2} \ +Are you sure you want to run this application? +ALACAMissingInfo=For more information see:
      \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
      \ +JAR File Manifest Attributes
      \ and
      \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the Repurposing of an Application # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=Application {0} \ -form codebase {1} is requiring valid resources from different locations:
      {2}
      \ -Those resources are expected to be loaded. Do you agree to run this application? +ALACAMatchingMainTitle=The application {0} \ +from {1} uses resources from the following remote locations:
      {2}
      \ +Are you sure you want to run this application? ALACAMatchingInfo=For more information you can visit:
      \ \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
      \ +JAR File Manifest Attributes
      \ and
      \ -http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html +Preventing the Repurposing of an Application # LS - Severity LSMinor=Minor diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java --- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 16:54:52 2014 +0200 +++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 13:27:48 2014 -0400 @@ -146,10 +146,11 @@ } private static Pattern domainToRegEx(String domain) { - // I have conisdered the "dot" as bug i specification - // while (domain.startsWith("*.")) { - // domain = "*" + domain.substring(2); - //} + // Although I have conisdered the "dot" as bug in specification, + // to many applications are depnding on it + while (domain.startsWith("*.")) { + domain = "*" + domain.substring(2); + } return ClasspathMatcher.sourceToRegEx(domain); } } diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/UrlUtils.java --- a/netx/net/sourceforge/jnlp/util/UrlUtils.java Mon Mar 31 16:54:52 2014 +0200 +++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java Mon Mar 31 13:27:48 2014 -0400 @@ -195,9 +195,11 @@ */ public static String setOfUrlsToHtmlList(Iterable remoteUrls) { StringBuilder sb = new StringBuilder(); + sb.append("
        "); for (URL url : remoteUrls) { sb.append("
      • ").append(url.toExternalForm()).append("
      • "); } + sb.append("
      "); return sb.toString(); } diff -r ee80e215928e -r dc0a77856cb4 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 16:54:52 2014 +0200 +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 13:27:48 2014 -0400 @@ -422,9 +422,13 @@ Assert.assertTrue(p.match(urls[13])); Assert.assertTrue(p.match(urls[14])); //those represent the "dot" issue - //Assert.assertTrue(p.match(urls[15])); - //Assert.assertTrue(p.match(urls[16])); + Assert.assertTrue(p.match(urls[15])); + Assert.assertTrue(p.match(urls[16])); Assert.assertFalse(p.match(urls[17])); + //reasons for alowing "dot" issue + Assert.assertTrue(p.match(new URL("http://www.example.com"))); + Assert.assertTrue(p.match(new URL("http://example.com"))); //yah, this is really nasty + //still the DOT issue is an BUG } @Test From bugzilla-daemon at icedtea.classpath.org Mon Mar 31 17:54:29 2014 From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org) Date: Mon, 31 Mar 2014 17:54:29 +0000 Subject: [Bug 900] Fatal: Application Error: Unknown Main-Class. Could not determine the main class for this application. In-Reply-To: References: Message-ID: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=900 Andrew Azores changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |FIXED --- Comment #10 from Andrew Azores --- Although both this problem and the original one in the report end with the same exception and failure to launch, it seems to me that the cause is different. Could you please open a new bug report and provide reproduction steps? -- You are receiving this mail because: You are on the CC list for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jvanek at redhat.com Mon Mar 31 18:31:44 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 20:31:44 +0200 Subject: [rfc][icedtea-web] restricting codebase matcher from aaaexample.com to example.com or whatever.example.com only Message-ID: <5339B490.7030909@redhat.com> As Omair sugested - the previous fix was to vague. This is fixing it. Now *.example.com is matching example.com or whatever.example.com but not aaaexample.com This is doen for domain only. The paths are still eveluated as : *.example.com is matching whatever.example.com but not example.com nor aaaexample.com Unittests attached. Now I'm thinking that we are really doing correct thing. Also I think I did the correct patch :) J. -------------- next part -------------- A non-text attachment was scrubbed... Name: restrictingDotIssue.patch Type: text/x-patch Size: 3840 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 31 18:51:11 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 14:51:11 -0400 Subject: [rfc][icedtea-web] restricting codebase matcher from aaaexample.com to example.com or whatever.example.com only In-Reply-To: <5339B490.7030909@redhat.com> References: <5339B490.7030909@redhat.com> Message-ID: <20140331185111.GA15901@redhat.com> * Jiri Vanek [2014-03-31 14:31]: > As Omair sugested - the previous fix was to vague. Yes, I think the previous fix was too lenient. Almost a security hole. > This is doen for domain only. The paths are still eveluated as : > *.example.com > is matching whatever.example.com but not example.com nor aaaexample.com Any specific reason for this? > +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 20:30:45 2014 +0200 > + @Test > + public void dotIssueWithPaths() throws MalformedURLException { How about renaming it to something more explanatory? I am thinking of something like wildCardSubdomainDoesNotMatchParentDomainPaths. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Mon Mar 31 19:10:03 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 21:10:03 +0200 Subject: [rfc][icedtea-web] restricting codebase matcher from aaaexample.com to example.com or whatever.example.com only In-Reply-To: <20140331185111.GA15901@redhat.com> References: <5339B490.7030909@redhat.com> <20140331185111.GA15901@redhat.com> Message-ID: <5339BD8B.3080206@redhat.com> On 03/31/2014 08:51 PM, Omair Majid wrote: > * Jiri Vanek [2014-03-31 14:31]: >> As Omair sugested - the previous fix was to vague. > > Yes, I think the previous fix was too lenient. Almost a security hole. > >> This is doen for domain only. The paths are still eveluated as : >> *.example.com >> is matching whatever.example.com but not example.com nor aaaexample.com > > Any specific reason for this? Yes. For doman it have sense to ignore dot, if there is nothing before jsut star. On the other hand, the paths are not specified at all inspec (only there is nit, thet they are matched) So I think for paths, the correct evaluationg of *.aaa mathces ONLY whatever.aaa and not jsut aaa is mroe correct. If you think it is wrong, I can adpt. > >> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Mon Mar 31 20:30:45 2014 +0200 > >> + @Test >> + public void dotIssueWithPaths() throws MalformedURLException { > > How about renaming it to something more explanatory? I am thinking of > something like wildCardSubdomainDoesNotMatchParentDomainPaths. I will do before push. Pleasure on my side, J. From gitne at gmx.de Mon Mar 31 18:58:20 2014 From: gitne at gmx.de (Jacob Wisor) Date: Mon, 31 Mar 2014 20:58:20 +0200 Subject: [rfc][icedtea-web] Translation of 1.5 In-Reply-To: <53306BD5.8040902@redhat.com> References: <53306BD5.8040902@redhat.com> Message-ID: <5339BACC.9060300@gmx.de> Hello there! On 03/24/2014 06:31 PM, Jiri Vanek wrote: > Hi guys! > > Is there any progress/eta or whatever? > > If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 > to bring the fix. > > Anyway for any case, I need some feedback to sync with you and rest of ITW. > > Thanx in advance, > All the best > J. Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than I have initially expected. But here they are. However, I was again occasionally grinding over the quite poor quality of many English sources. Therefore, I have made some tiny modifications to Messages.properties. The modifications are meant as proposals only and by far do not encompass all modification I would like to make. As usual, localized messages are preceded by its original message as a comment for your convenience only while reviewing, and will be removed before committing. Jacob -------------- next part -------------- A non-text attachment was scrubbed... Name: DE localization for IcedTea-Web 1.5.1.patch Type: text/x-patch Size: 43273 bytes Desc: not available URL: From jvanek at redhat.com Mon Mar 31 19:25:48 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 21:25:48 +0200 Subject: [rfc][icedtea-web] Translation of 1.5 In-Reply-To: <5339BACC.9060300@gmx.de> References: <53306BD5.8040902@redhat.com> <5339BACC.9060300@gmx.de> Message-ID: <5339C13C.4040807@redhat.com> On 03/31/2014 08:58 PM, Jacob Wisor wrote: Hello and tahnk you very much! Few nits: -BOredirect = Allow to follow 301, 302, 303, 307 and 308 redirections +BOredirect = Follows HTTP redirections. There are even ore then those 4 redirections. The missing two are *not* follwoed. So I would ratehr keep the numbers eg in brackets att the end of string. ... -> Expunge .. Expunge??? Isnt this error? :)) You yourself renamed it: -CONSOLEClean=Clean all +CONSOLEClean=Clear Which I personally probably do not care, but et least it should be used instead of Expunge, or not? > Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than I have initially > expected. But here they are. > > However, I was again occasionally grinding over the quite poor quality of many English sources. > Therefore, I have made some tiny modifications to Messages.properties. The modifications are meant > as proposals only and by far do not encompass all modification I would like to make. > > As usual, localized messages are preceded by its original message as a comment for your convenience > only while reviewing, and will be removed before committing. hmhmh - MissingPermissionsMainTitle ALACAMatchingMainTitle ALACAMissingMainTitle Are missing. I think the other ALACA nd Permission strings are also missing - are you ging to fix those? Also - how PL? Deepest thanx, J. whole test log: Warning! Items equals for: AboutDialogueTabGPLv2 = GPLv2 but are in allowed subset Warning! Items equals for: ButOk = OK but are in allowed subset Warning! Items equals for: LSFatal = Fatal but are in allowed subset Warning! Items equals for: COPcode = Code but are in allowed subset Warning! Items equals for: CVSystem = System but are in allowed subset Warning! Items equals for: COPinfo = Info but are in allowed subset Warning! Items equals for: CVDetails = Details but are in allowed subset Warning! Items equals for: PEOpenMenuItemMnemonic = 79 but are in allowed subset Warning! Items equals for: PEExitMenuItemMnemonic = 88 but are in allowed subset Warning! Items equals for: PESaveMenuItemMnemonic = 83 but are in allowed subset Warning! Items equals for: APSLabelFTP = FTP but are in allowed subset Warning! Items equals for: APPEXTSECguiPanelAppletInfoHederPart1 = {0} {1} but are in allowed subset Warning! Items equals for: PEAddCodebaseMnemonic = 78 but are in allowed subset Warning! Items equals for: APSLabelSocks = Socks but are in allowed subset Warning! Items equals for: SPLASHurlLooks = http://icedtea.classpath.org/wiki/IcedTea-Web but are in allowed subset Warning! Items equals for: COPjava = Java but are in allowed subset Warning! Items equals for: SPLASHurl = http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs but are in allowed subset Warning! Items equals for: Version = Version but are in allowed subset Warning! Items equals for: SPLASHhomepage = Homepage but are in allowed subset Warning! Items equals for: CVCPColName = Name but are in allowed subset Warning! Items equals for: BAboutITW = The IcedTea-Web project provides a Free Software web browser plugin running applets written in the Java programming language and an implementation of Java Web Start, originally based on the NetX project. Visit the IcedTea-Web homepage: http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws -help" for more information. but are in allowed subset Warning! Items equals for: COPitw = IcedTea-Web but are in allowed subset Warning! Items equals for: APSLabelHTTP = HTTP but are in allowed subset Warning! Items equals for: Name = Name but are in allowed subset Error! Items equals for: MissingPermissionsMainTitle = Application {0} from {1} is missing the permissions attribute. Applications without this attribute should not be trusted. Do you wish to allow this application to run? Warning! Items equals for: MissingPermissionsInfo = For more information you can visit:
      JAR File Manifest Attributes
      and
      Preventing the repurposing of Applications but are in allowed subset Warning! Items equals for: ALACAMissingInfo = For more information see:
      JAR File Manifest Attributes
      and
      Preventing the Repurposing of an Application but are in allowed subset Error! Items equals for: ALACAMatchingMainTitle = The application {0} from {1} uses resources from the following remote locations:
      {2}
      Are you sure you want to run this application? Warning! Items equals for: ALACAMatchingInfo = For more information you can visit:
      JAR File Manifest Attributes
      and
      Preventing the Repurposing of an Application but are in allowed subset Error! Items equals for: ALACAMissingMainTitle = The application {0} from {1} uses resources from the following remote locations: {2} Are you sure you want to run this application? Feel free to elaborate as you wish. From omajid at redhat.com Mon Mar 31 19:29:46 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 15:29:46 -0400 Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation In-Reply-To: <52F27F34.1010007@redhat.com> References: <52F27F34.1010007@redhat.com> Message-ID: <20140331192945.GB15901@redhat.com> * Jiri Vanek [2014-02-05 13:16]: > So here is first impelmentation of more complex D-I-D manifest attributes: > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html > > the codebase > > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase > > The classapth matcher is quite complex, as its going to be reused in > Application-Library-Allowable-Codebase and Caller-Allowable-Codebase Attribute > + if (s.startsWith("*") && s.endsWith("*")) { > + return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$"; > + } else if (s.endsWith("*")) { > + return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$"; > + > + } else if (s.startsWith("*")) { > + return "^.*\\Q" + s.substring(1) + "\\E$"; > + > + } else { > + return "^\\Q" + s + "\\E$"; > + } Sorry for spotting this so late, but I think creating regular expressions by string concatenation without sanitizing the input string is a bad idea. Just like SQL-injection, this allows users to craft special strings that contain \Q and \E to bypass/workaround our checks and restrictions. Please use Pattern.quote [1]. Thanks, Omair [1] http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html#quote(java.lang.String) -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From jvanek at redhat.com Mon Mar 31 19:45:47 2014 From: jvanek at redhat.com (Jiri Vanek) Date: Mon, 31 Mar 2014 21:45:47 +0200 Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation In-Reply-To: <20140331192945.GB15901@redhat.com> References: <52F27F34.1010007@redhat.com> <20140331192945.GB15901@redhat.com> Message-ID: <5339C5EB.70708@redhat.com> On 03/31/2014 09:29 PM, Omair Majid wrote: > * Jiri Vanek [2014-02-05 13:16]: >> So here is first impelmentation of more complex D-I-D manifest attributes: >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html >> >> the codebase >> >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase >> >> The classapth matcher is quite complex, as its going to be reused in >> Application-Library-Allowable-Codebase and Caller-Allowable-Codebase Attribute > >> + if (s.startsWith("*") && s.endsWith("*")) { >> + return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$"; >> + } else if (s.endsWith("*")) { >> + return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$"; >> + >> + } else if (s.startsWith("*")) { >> + return "^.*\\Q" + s.substring(1) + "\\E$"; >> + >> + } else { >> + return "^\\Q" + s + "\\E$"; >> + } > > Sorry for spotting this so late, but I think creating regular > expressions by string concatenation without sanitizing the input string > is a bad idea. Just like SQL-injection, this allows users to craft > special strings that contain \Q and \E to bypass/workaround our checks > and restrictions. Nice catch! like this? (as atatched) Thanx! > > Please use Pattern.quote [1]. > > Thanks, > Omair > > [1] http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html#quote(java.lang.String) > -------------- next part -------------- diff -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java --- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 13:27:48 2014 -0400 +++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 21:44:30 2014 +0200 @@ -318,22 +318,20 @@ } /* * coment for lazybones: - * \Q is start of citation - * \E is end of citation - * - all characters in citation are threated as are without any special meaning + * Pattern.quote - all characters in citation are threated as are without any special meaning * ^ is start of th e line * $ is end of the line */ if (s.startsWith("*") && s.endsWith("*")) { - return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$"; + return "^.*" + Pattern.quote(s.substring(1, s.length() - 1)) + ".*$"; } else if (s.endsWith("*")) { - return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$"; + return "^" + Pattern.quote(s.substring(0, s.length() - 1)) + ".*$"; } else if (s.startsWith("*")) { - return "^.*\\Q" + s.substring(1) + "\\E$"; + return "^.*" + Pattern.quote(s.substring(1)) + "$"; } else { - return "^\\Q" + s + "\\E$"; + return "^" + Pattern.quote(s) + "$"; } } From aazores at redhat.com Mon Mar 31 20:10:52 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 31 Mar 2014 16:10:52 -0400 Subject: [rfc][icedtea-web] Permissions manifest attribute fix In-Reply-To: <5339A5AC.1070004@redhat.com> References: <5339A5AC.1070004@redhat.com> Message-ID: <5339CBCC.4000508@redhat.com> On 03/31/2014 01:28 PM, Andrew Azores wrote: > Hi, > > The spec for this attribute is at [0]. Any reviewer, please double > check the spec to be sure I've correctly interpreted it, and not just > implemented something else. > > [1] and [2] can be used as test cases for this fix. The Permissions > manifest attribute had a bug due to the inability to distinguish > between a signed applet being granted All-permission because it > specified it in the HTML params, and a signed applet being granted > All-permission because it did not specify a permission level and > All-permission is the default in this case. This bug led to signed > applets being unable to properly request for themselves to be run > sandboxed. > > This patch fixes it so that the applets may be run, however, there is > a deficiency in that we are not actually able to sandbox the applet. > This is because we are doing our manifest checks after all of our > resources have been loaded and assigned SecurityDescs. In order to run > an applet sandboxed, the SecurityDelegate#setRunInSandbox call must be > performed before any of these security descriptors are assigned. This > is not currently possible. However, we do at least have the Run In > Sandbox button which can be used before the manifest checks are > performed, which will then allow the applet to be run sandboxed at the > user's discretion. > > [0] > http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions > [1] > http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html > [2] > http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html > > Thanks, > Small refactor. Rather than the new RequestedPermissionLevel being available from SecurityDesc and PluginBridge only, it's also available from JNLPFile. PluginBridge, being a JNLPFile subclass, then overrides the method and provides the correct implementation for HTML applets. This just makes things more coherent IMO. Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: permissions-attr-check-2.patch Type: text/x-patch Size: 15378 bytes Desc: not available URL: From omajid at redhat.com Mon Mar 31 20:18:15 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 16:18:15 -0400 Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation In-Reply-To: <5339C5EB.70708@redhat.com> References: <52F27F34.1010007@redhat.com> <20140331192945.GB15901@redhat.com> <5339C5EB.70708@redhat.com> Message-ID: <20140331201815.GC15901@redhat.com> * Jiri Vanek [2014-03-31 15:45]: > On 03/31/2014 09:29 PM, Omair Majid wrote: > >Sorry for spotting this so late, but I think creating regular > >expressions by string concatenation without sanitizing the input string > >is a bad idea. Just like SQL-injection, this allows users to craft > >special strings that contain \Q and \E to bypass/workaround our checks > >and restrictions. > > like this? (as atatched) Yes, this looks much better. Thanks for the quick fix. > diff -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java > --- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 13:27:48 2014 -0400 > +++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java Mon Mar 31 21:44:30 2014 +0200 > @@ -318,22 +318,20 @@ > } > /* > * coment for lazybones: > - * \Q is start of citation > - * \E is end of citation > - * - all characters in citation are threated as are without any special meaning > + * Pattern.quote - all characters in citation are threated as are without any special meaning s/threat/treat/ > * ^ is start of th e line > * $ is end of the line > */ \Q and \E are uncommon enough that adding a comment to clarify that was probably okay. But now this comment really doesn't do much. I recommend removing it. Looks good otherwise. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 From aazores at redhat.com Mon Mar 31 20:35:17 2014 From: aazores at redhat.com (Andrew Azores) Date: Mon, 31 Mar 2014 16:35:17 -0400 Subject: [rfc][icedtea-web] Permissions manifest attribute fix In-Reply-To: <5339CBCC.4000508@redhat.com> References: <5339A5AC.1070004@redhat.com> <5339CBCC.4000508@redhat.com> Message-ID: <5339D185.5080905@redhat.com> On 03/31/2014 04:10 PM, Andrew Azores wrote: > On 03/31/2014 01:28 PM, Andrew Azores wrote: >> Hi, >> >> The spec for this attribute is at [0]. Any reviewer, please double >> check the spec to be sure I've correctly interpreted it, and not just >> implemented something else. >> >> [1] and [2] can be used as test cases for this fix. The Permissions >> manifest attribute had a bug due to the inability to distinguish >> between a signed applet being granted All-permission because it >> specified it in the HTML params, and a signed applet being granted >> All-permission because it did not specify a permission level and >> All-permission is the default in this case. This bug led to signed >> applets being unable to properly request for themselves to be run >> sandboxed. >> >> This patch fixes it so that the applets may be run, however, there is >> a deficiency in that we are not actually able to sandbox the applet. >> This is because we are doing our manifest checks after all of our >> resources have been loaded and assigned SecurityDescs. In order to >> run an applet sandboxed, the SecurityDelegate#setRunInSandbox call >> must be performed before any of these security descriptors are >> assigned. This is not currently possible. However, we do at least >> have the Run In Sandbox button which can be used before the manifest >> checks are performed, which will then allow the applet to be run >> sandboxed at the user's discretion. >> >> [0] >> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions >> [1] >> http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html >> [2] >> http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html >> >> Thanks, >> > > Small refactor. Rather than the new RequestedPermissionLevel being > available from SecurityDesc and PluginBridge only, it's also available > from JNLPFile. PluginBridge, being a JNLPFile subclass, then overrides > the method and provides the correct implementation for HTML applets. > This just makes things more coherent IMO. > > Thanks, > And another, as discussed with Omair on IRC. Just extracted the common checks for HTML and JNLP into a new method and call this method once, before the split check for HTML/JNLP divergence. So long as the spec doesn't diverge the two any further, then this should be okay. Also remove an unnecessary typecast (made unnecessary in the last refactor due to new method and override, but forgot to fix). Thanks, -- Andrew A -------------- next part -------------- A non-text attachment was scrubbed... Name: permissions-attr-check-3.patch Type: text/x-patch Size: 14899 bytes Desc: not available URL: From gitne at gmx.de Mon Mar 31 20:33:50 2014 From: gitne at gmx.de (Jacob Wisor) Date: Mon, 31 Mar 2014 22:33:50 +0200 Subject: [rfc][icedtea-web] Translation of 1.5 In-Reply-To: <5339C13C.4040807@redhat.com> References: <53306BD5.8040902@redhat.com> <5339BACC.9060300@gmx.de> <5339C13C.4040807@redhat.com> Message-ID: <5339D12E.6060900@gmx.de> On 03/31/2014 09:25 PM, Jiri Vanek wrote: > On 03/31/2014 08:58 PM, Jacob Wisor wrote: > Hello and thank you very much! > > > Few nits: > > -BOredirect = Allow to follow 301, 302, 303, 307 and 308 redirections > +BOredirect = Follows HTTP redirects. > > There are even ore then those 4 redirections. The missing two are *not* > follwoed. So I would ratehr keep the numbers eg in brackets att the end of string. No. Remember KISS? Those HTTP response codes are a piece of information for the documentation (not the UI). If anyone really needs to know the exact codes affected by this switch, this is where they should/would look. > > ... -> Expunge .. > > Expunge??? Isnt this error? :)) Does it sound too radical? :-D Well, "Purge" would be another suitable term. In any case, "Clear all cache" sounds simply ..., lets say somehow awkward. So, this should better be adapted. Oh regardless of the final text; there should really be a message box popping up and asking the user to affirm this action, to prevent any accidental hitting of the button. ;-) > You yourself renamed it: > -CONSOLEClean=Clean all > +CONSOLEClean=Clear > > Which I personally probably do not care, but et least it should be used instead > of Expunge, or not? Yeah, we could stick to "Clear" everywhere where applicable. This would make the language more streamlined. >> Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than >> I have initially >> expected. But here they are. >> >> However, I was again occasionally grinding over the quite poor quality of many >> English sources. >> Therefore, I have made some tiny modifications to Messages.properties. The >> modifications are meant >> as proposals only and by far do not encompass all modification I would like to >> make. >> >> As usual, localized messages are preceded by its original message as a comment >> for your convenience >> only while reviewing, and will be removed before committing. > > hmhmh - > > MissingPermissionsMainTitle > ALACAMatchingMainTitle > ALACAMissingMainTitle > > Are missing. I think the other ALACA nd Permission strings are also missing - > are you ging to fix those? I have left those out on purpose because I was not sure whether these would change before release or not, or maybe even after release. > Also - how PL? I have made it through partially so far. So, as you can see, quite a lot of stuff has accumulated since the last release, so it won't be before some time. > > > whole test log: > > Warning! Items equals for: AboutDialogueTabGPLv2 = GPLv2 but are in allowed subset > Warning! Items equals for: ButOk = OK but are in allowed subset > Warning! Items equals for: LSFatal = Fatal but are in allowed subset > Warning! Items equals for: COPcode = Code but are in allowed subset > Warning! Items equals for: CVSystem = System but are in allowed subset > Warning! Items equals for: COPinfo = Info but are in allowed subset > Warning! Items equals for: CVDetails = Details but are in allowed subset > Warning! Items equals for: PEOpenMenuItemMnemonic = 79 but are in allowed subset > Warning! Items equals for: PEExitMenuItemMnemonic = 88 but are in allowed subset > Warning! Items equals for: PESaveMenuItemMnemonic = 83 but are in allowed subset > Warning! Items equals for: APSLabelFTP = FTP but are in allowed subset > Warning! Items equals for: APPEXTSECguiPanelAppletInfoHederPart1 = {0} {1} but > are in allowed subset > Warning! Items equals for: PEAddCodebaseMnemonic = 78 but are in allowed subset > Warning! Items equals for: APSLabelSocks = Socks but are in allowed subset > Warning! Items equals for: SPLASHurlLooks = > http://icedtea.classpath.org/wiki/IcedTea-Web but are in allowed subset > Warning! Items equals for: COPjava = Java but are in allowed subset > Warning! Items equals for: SPLASHurl = > http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs but are in allowed subset > Warning! Items equals for: Version = Version but are in allowed subset > Warning! Items equals for: SPLASHhomepage = Homepage but are in allowed subset > Warning! Items equals for: CVCPColName = Name but are in allowed subset Many of these seem to occur twice. Yes, even in the sources??? :-o > Warning! Items equals for: BAboutITW = The IcedTea-Web project provides a Free > Software web browser plugin running applets written in the Java programming > language and an implementation of Java Web Start, originally based on the NetX > project. Visit the IcedTea-Web homepage: > http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws > -help" for more information. but are in allowed subset Yeah, I have realized that I had missed this one just after hitting the send button on my last e-mail. > Warning! Items equals for: COPitw = IcedTea-Web but are in allowed subset > Warning! Items equals for: APSLabelHTTP = HTTP but are in allowed subset > Warning! Items equals for: Name = Name but are in allowed subset > Error! Items equals for: MissingPermissionsMainTitle = Application color='red'> {0} from {1} is missing the > permissions attribute. Applications without this attribute should not be > trusted. Do you wish to allow this application to run? > Warning! Items equals for: MissingPermissionsInfo = For more information you can > visit:
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> > JAR File Manifest Attributes
      and
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > Preventing the repurposing of Applications but are in allowed subset > Warning! Items equals for: ALACAMissingInfo = For more information see:
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> > JAR File Manifest Attributes
      and
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > Preventing the Repurposing of an Application but are in allowed subset > Error! Items equals for: ALACAMatchingMainTitle = The application color='red'> {0} from {1} uses resources from > the following remote locations:
      {2}
      Are you sure you want to run this > application? > Warning! Items equals for: ALACAMatchingInfo = For more information you can > visit:
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> > JAR File Manifest Attributes
      and
      href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> > Preventing the Repurposing of an Application but are in allowed subset > Error! Items equals for: ALACAMissingMainTitle = The application color='red'> {0} from {1} uses resources from > the following remote locations: {2} Are you sure you want to run this application? These seem to have been added just recently. Well, at least after I started localizing. So, back to work! :-D Jacob From omajid at redhat.com Mon Mar 31 21:30:16 2014 From: omajid at redhat.com (Omair Majid) Date: Mon, 31 Mar 2014 17:30:16 -0400 Subject: [rfc][icedtea-web] Permissions manifest attribute fix In-Reply-To: <5339D185.5080905@redhat.com> References: <5339A5AC.1070004@redhat.com> <5339CBCC.4000508@redhat.com> <5339D185.5080905@redhat.com> Message-ID: <20140331213014.GD15901@redhat.com> * Andrew Azores [2014-03-31 16:35]: > On 03/31/2014 04:10 PM, Andrew Azores wrote: > >On 03/31/2014 01:28 PM, Andrew Azores wrote: > >Small refactor. Rather than the new RequestedPermissionLevel being > >available from SecurityDesc and PluginBridge only, it's also > >available from JNLPFile. PluginBridge, being a JNLPFile subclass, > >then overrides the method and provides the correct implementation > >for HTML applets. This just makes things more coherent IMO. > > > >Thanks, > > > > And another, as discussed with Omair on IRC. Just extracted the > common checks for HTML and JNLP into a new method and call this > method once, before the split check for HTML/JNLP divergence. So > long as the spec doesn't diverge the two any further, then this > should be okay. Also remove an unnecessary typecast (made > unnecessary in the last refactor due to new method and override, but > forgot to fix). I am far from an expert on this code, so please take this 'review' with a grain of salt. Also, I am a little hesitant about such (potentially) invasive code going in at the last minute. > +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java > + final RequestedPermissionLevel requested = file.getRequestedPermissionLevel(); > + validateRequestedPermissionLevelMatchesManifestPermissions(requested, permissions); > + if (file instanceof PluginBridge) { // HTML applet > + if (requested == RequestedPermissionLevel.NONE) { > + if (permissions == ManifestBoolean.TRUE && signing != SigningState.NONE) { > + // http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions > + // FIXME: attempting to follow the spec, but it is too late now to actually set the applet > + // to run in sandbox, so the applet will not be run at all, rather than run sandboxed! > + //securityDelegate.setRunInSandbox(); I read this comment a few times and I couldn't figure out (without asking you) how it relates to the current state. The "applet will not be run at all" bit completely threw me off. I read this comment as: we can not set the sandbox state now (for some reason) so by leaving this commented out, the applet will not run at all. Can you clarify that not calling sandbox will let it run without any issues? > + if (requested == RequestedPermissionLevel.NONE) { > + if (permissions == ManifestBoolean.TRUE && signing != SigningState.NONE) { Maybe call this variable `sandbox` rather than `permissions` to clarify that TRUE means sandbox? Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681