/hg/icedtea-web: 3 new changesets
jvanek at icedtea.classpath.org
jvanek at icedtea.classpath.org
Mon Apr 13 13:00:19 UTC 2015
changeset 037811f1055e in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=037811f1055e
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Apr 13 13:55:20 2015 +0200
reverted "Kill processes in Integration Tests more cleanly". It needs to be revisite
changeset 6c166ac38f89 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=6c166ac38f89
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Apr 13 14:37:56 2015 +0200
Removed redundant occurrence of default keystore password
changeset ebcd2aaa59c7 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ebcd2aaa59c7
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Apr 13 14:59:38 2015 +0200
set single place for keystore operations
diffstat:
ChangeLog | 28 ++++++
netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 3 +-
netx/net/sourceforge/jnlp/security/CertificateUtils.java | 4 +-
netx/net/sourceforge/jnlp/security/KeyStores.java | 20 +---
netx/net/sourceforge/jnlp/security/SecurityUtil.java | 44 ++++++++-
netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 2 +-
netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java | 4 +-
tests/test-extensions/net/sourceforge/jnlp/ProcessAssasin.java | 41 ++++++--
tests/test-extensions/net/sourceforge/jnlp/ServerAccess.java | 2 +-
tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java | 5 +
10 files changed, 114 insertions(+), 39 deletions(-)
diffs (354 lines):
diff -r 25e7471b4912 -r ebcd2aaa59c7 ChangeLog
--- a/ChangeLog Fri Apr 10 11:17:03 2015 -0400
+++ b/ChangeLog Mon Apr 13 14:59:38 2015 +0200
@@ -1,3 +1,31 @@
+2015-04-13 Jiri Vanek <jvanek at redhat.com>
+
+ set single place for keystore operations
+ */netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: usage of keystore moved
+ to utility method
+ */netx/net/sourceforge/jnlp/security/CertificateUtils.java: same
+ */netx/net/sourceforge/jnlp/security/KeyStores.java: same
+ */netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same
+ */netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java: same
+ */netx/net/sourceforge/jnlp/security/SecurityUtil.java: added five new methods
+ wrapping work on keystores
+
+2015-04-13 Jiri Vanek <jvanek at redhat.com>
+
+ Removed redundant occurrence of default keystore password
+ */netx/net/sourceforge/jnlp/security/KeyStores.java: removed redundant DEFAULT_PASSWORD
+ */netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: call to KeyStores.getPassword
+ replaced by SecurityUtil.getTrustedCertsPassword
+ */netx/net/sourceforge/jnlp/security/CertificateUtils.java: same
+ */netx/net/sourceforge/jnlp/security/SecurityUtil.java: same
+ */netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same
+ */netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java: same
+
+2015-04-13 Jiri Vanek <jvanek at redhat.com>
+
+ reverted "Kill processes in Integration Tests more cleanly"
+ It needs to be revisited.
+
2015-04-10 Lukasz Dracz <ldracz at redhat.com>
add DeploymentPropertiesModifierTests
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Apr 13 14:59:38 2015 +0200
@@ -65,6 +65,7 @@
import net.sourceforge.jnlp.security.JNLPAuthenticator;
import net.sourceforge.jnlp.security.KeyStores;
import net.sourceforge.jnlp.security.SecurityDialogMessageHandler;
+import net.sourceforge.jnlp.security.SecurityUtil;
import net.sourceforge.jnlp.services.XServiceManagerStub;
import net.sourceforge.jnlp.util.FileUtils;
import net.sourceforge.jnlp.util.logging.JavaConsole;
@@ -269,7 +270,7 @@
SSLContext context = SSLContext.getInstance("SSL");
KeyStore ks = KeyStores.getKeyStore(KeyStores.Level.USER, KeyStores.Type.CLIENT_CERTS);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
- kmf.init(ks, KeyStores.getPassword());
+ SecurityUtil.initKeyManagerFactory(kmf, ks);
TrustManager[] trust = new TrustManager[] { getSSLSocketTrustManager() };
context.init(kmf.getKeyManagers(), trust, null);
sslSocketFactory = context.getSocketFactory();
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/security/CertificateUtils.java
--- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java Mon Apr 13 14:59:38 2015 +0200
@@ -147,7 +147,7 @@
alias = new BigInteger(20, random).toString();
} while (ks.getCertificate(alias) != null);
- ks.setKeyEntry(alias, key, KeyStores.getPassword(), certChain);
+ SecurityUtil.setKeyEntry(ks, alias, key, certChain);
}
/**
@@ -196,7 +196,7 @@
public static void dumpPKCS12(String alias, File file, KeyStore ks, char[] password)
throws Exception {
Certificate[] certChain = ks.getCertificateChain(alias);
- Key key = ks.getKey(alias, KeyStores.getPassword());
+ Key key = SecurityUtil.getKey(ks, alias);
BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(file));
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(null, null);
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/security/KeyStores.java
--- a/netx/net/sourceforge/jnlp/security/KeyStores.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/security/KeyStores.java Mon Apr 13 14:59:38 2015 +0200
@@ -83,12 +83,6 @@
public static final Map<Integer,String> keystoresPaths=new HashMap<Integer, String>();
private static final String KEYSTORE_TYPE = "JKS";
- /** the default password used to protect the KeyStores */
- private static final String DEFAULT_PASSWORD = "changeit";
-
- public static char[] getPassword() {
- return DEFAULT_PASSWORD.toCharArray();
- }
/**
* Returns a KeyStore corresponding to the appropriate level level (user or
@@ -127,7 +121,7 @@
String location = getKeyStoreLocation(level, type).getFullPath();
KeyStore ks = null;
try {
- ks = createKeyStoreFromFile(new File(location), create, DEFAULT_PASSWORD);
+ ks = createKeyStoreFromFile(new File(location), create);
//hashcode is used instead of instance so when no references are left
//to keystore, then this will not be blocker for garbage collection
keystoresPaths.put(ks.hashCode(),location);
@@ -329,11 +323,9 @@
* it returns an empty but initialized KeyStore
*
* @param file the file to load information from
- * @param password the password to unlock the KeyStore file.
* @return a KeyStore containing data from the file
*/
- private static final KeyStore createKeyStoreFromFile(File file, boolean createIfNotFound,
- String password) throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ private static final KeyStore createKeyStoreFromFile(File file, boolean createIfNotFound) throws IOException, KeyStoreException, NoSuchAlgorithmException,
CertificateException {
FileInputStream fis = null;
KeyStore ks = null;
@@ -347,9 +339,9 @@
FileUtils.createRestrictedFile(file, true);
ks = KeyStore.getInstance(KEYSTORE_TYPE);
- ks.load(null, password.toCharArray());
+ SecurityUtil.loadKeyStore(ks, null);
FileOutputStream fos = new FileOutputStream(file);
- ks.store(fos, password.toCharArray());
+ SecurityUtil.keyStoreStore(ks, fos);
fos.close();
}
@@ -358,10 +350,10 @@
if (file.exists()) {
fis = new FileInputStream(file);
ks = KeyStore.getInstance(KEYSTORE_TYPE);
- ks.load(fis, password.toCharArray());
+ SecurityUtil.loadKeyStore(ks, fis);
} else {
ks = KeyStore.getInstance(KEYSTORE_TYPE);
- ks.load(null, password.toCharArray());
+ SecurityUtil.loadKeyStore(ks, null);
}
} finally {
if (fis != null) {
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/security/SecurityUtil.java
--- a/netx/net/sourceforge/jnlp/security/SecurityUtil.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityUtil.java Mon Apr 13 14:59:38 2015 +0200
@@ -40,7 +40,17 @@
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.Key;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import javax.net.ssl.KeyManagerFactory;
import net.sourceforge.jnlp.security.KeyStores.Level;
import net.sourceforge.jnlp.security.KeyStores.Type;
@@ -48,14 +58,14 @@
public class SecurityUtil {
- private static final char[] password = "changeit".toCharArray();
+ private static final char[] DEFAULT_PASSWORD = "changeit".toCharArray();
public static String getTrustedCertsFilename() throws Exception {
return KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS).getFullPath();
}
- public static char[] getTrustedCertsPassword() {
- return password;
+ private static char[] getTrustedCertsPassword() {
+ return DEFAULT_PASSWORD;
}
/**
@@ -179,9 +189,9 @@
//made directory, or directory exists
if (madeDir || dir.isDirectory()) {
KeyStore ks = KeyStore.getInstance("JKS");
- ks.load(null, password);
+ loadKeyStore(ks, null);
FileOutputStream fos = new FileOutputStream(certFile);
- ks.store(fos, password);
+ keyStoreStore(ks, fos);
fos.close();
return true;
} else {
@@ -208,7 +218,7 @@
if (file.exists()) {
fis = new FileInputStream(file);
ks = KeyStore.getInstance("JKS");
- ks.load(fis, password);
+ loadKeyStore(ks, fis);
}
} catch (Exception e) {
OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
@@ -277,4 +287,26 @@
return caks;
}
+
+
+ public static void initKeyManagerFactory(KeyManagerFactory kmf, KeyStore ks) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
+ kmf.init(ks, SecurityUtil.getTrustedCertsPassword());
+
+ }
+
+ public static void setKeyEntry(KeyStore ks, String alias, Key key, Certificate[] certChain) throws KeyStoreException {
+ ks.setKeyEntry(alias, key, SecurityUtil.getTrustedCertsPassword(), certChain);
+ }
+
+ public static Key getKey(KeyStore ks, String alias) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
+ return ks.getKey(alias, getTrustedCertsPassword());
+ }
+
+ public static void loadKeyStore(KeyStore ks, InputStream is) throws IOException, NoSuchAlgorithmException, CertificateException {
+ ks.load(is, SecurityUtil.getTrustedCertsPassword());
+ }
+
+ public static void keyStoreStore(KeyStore ks, OutputStream fos) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
+ ks.store(fos,SecurityUtil.getTrustedCertsPassword());
+ }
}
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Mon Apr 13 14:59:38 2015 +0200
@@ -360,7 +360,7 @@
OutputStream os = new FileOutputStream(keyStoreFile);
try {
- ks.store(os, KeyStores.getPassword());
+ SecurityUtil.keyStoreStore(ks, os);
} finally {
os.close();
}
diff -r 25e7471b4912 -r ebcd2aaa59c7 netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Fri Apr 10 11:17:03 2015 -0400
+++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Mon Apr 13 14:59:38 2015 +0200
@@ -401,7 +401,7 @@
OutputStream os = new FileOutputStream(keyStoreFile);
try {
- ks.store(os, KeyStores.getPassword());
+ SecurityUtil.keyStoreStore(ks, os);
} finally {
os.close();
}
@@ -489,7 +489,7 @@
FileUtils.createRestrictedFile(keyStoreFile, true);
}
FileOutputStream fos = new FileOutputStream(keyStoreFile);
- keyStore.store(fos, KeyStores.getPassword());
+ SecurityUtil.keyStoreStore(keyStore, fos);
fos.close();
}
}
diff -r 25e7471b4912 -r ebcd2aaa59c7 tests/test-extensions/net/sourceforge/jnlp/ProcessAssasin.java
--- a/tests/test-extensions/net/sourceforge/jnlp/ProcessAssasin.java Fri Apr 10 11:17:03 2015 -0400
+++ b/tests/test-extensions/net/sourceforge/jnlp/ProcessAssasin.java Mon Apr 13 14:59:38 2015 +0200
@@ -200,19 +200,17 @@
String pid = (f.get(p)).toString();
if (reactingProcess != null) {
reactingProcess.beforeKill(pid);
- }
-// sigInt(pid);
-// sigTerm(pid);
-// sigKill(pid);
- sigUsr1(pid);
-
- p.destroy();
+ };
+ sigInt(pid);
+ //sigTerm(pid);
+ //sigKill(pid);
} catch (Exception ex) {
ServerAccess.logException(ex);
} finally {
+ p.destroy();
if (reactingProcess != null) {
reactingProcess.afterKill("");
- }
+ };
}
}
@@ -228,10 +226,6 @@
kill(pid, "SIGTERM");
}
- public static void sigUsr1(String pid) throws Exception {
- kill(pid, "SIGUSR1");
- }
-
public static void kill(String pid, String signal) throws InterruptedException, Exception {
List<String> ll = new ArrayList<String>(4);
ll.add("kill");
@@ -246,4 +240,27 @@
void setReactingProcess(ReactingProcess reactingProcess) {
this.reactingProcess = reactingProcess;
}
+
+ public static void closeWindow(String pid) throws Exception {
+ List<String> ll = new ArrayList<String>(2);
+ ll.add(ServerAccess.getInstance().getDir().getParent() + "/softkiller");
+ ll.add(pid);
+ ServerAccess.executeProcess(ll); //sync, but acctually release
+ //before affected application "close"
+ Thread.sleep(100);
+
+ }
+
+ public static void closeWindows(String s) throws Exception {
+ closeWindows(s, 10);
+ }
+
+ public static void closeWindows(String s, int count) throws Exception {
+ //each close closes just one tab...
+ for (int i = 0; i < count; i++) {
+ ProcessAssasin.closeWindow(s);
+ }
+ }
+
+
}
diff -r 25e7471b4912 -r ebcd2aaa59c7 tests/test-extensions/net/sourceforge/jnlp/ServerAccess.java
--- a/tests/test-extensions/net/sourceforge/jnlp/ServerAccess.java Fri Apr 10 11:17:03 2015 -0400
+++ b/tests/test-extensions/net/sourceforge/jnlp/ServerAccess.java Mon Apr 13 14:59:38 2015 +0200
@@ -108,7 +108,7 @@
* timeout in ms to let process to finish, before assassin will kill it.
* This can be changed in runtime, but will affect all following tasks
*/
- public static long PROCESS_TIMEOUT = 10 * 1000;//ms
+ public static long PROCESS_TIMEOUT = 20 * 1000;//ms
/**
* this flag is indicating whether output of executeProcess should be logged. By default true.
*/
diff -r 25e7471b4912 -r ebcd2aaa59c7 tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java
--- a/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Fri Apr 10 11:17:03 2015 -0400
+++ b/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Mon Apr 13 14:59:38 2015 +0200
@@ -77,6 +77,11 @@
@Override
public void beforeKill(String s) {
+ try {
+ ProcessAssasin.closeWindows(s);
+ } catch (Exception ex) {
+ throw new RuntimeException(ex);
+ }
}
@Override
More information about the distro-pkg-dev
mailing list