/hg/icedtea-web: Updated NEWS, added javadoc fo security package...
jvanek at icedtea.classpath.org
jvanek at icedtea.classpath.org
Mon Jun 15 10:45:53 UTC 2015
changeset cedb9509df43 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=cedb9509df43
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Jun 15 12:44:41 2015 +0200
Updated NEWS, added javadoc fo security package. Added changelog entry for last commit
* NEWS: mentioned major work in last month and half
* netx/net/sourceforge/jnlp/security/package-info.java: new file, describing flow of SecurityDialogMessage
* ChangeLog: added content to previous item
diffstat:
ChangeLog | 102 ++++++++++++++++++-
NEWS | 17 +++
netx/net/sourceforge/jnlp/security/package-info.java | 86 ++++++++++++++++
3 files changed, 204 insertions(+), 1 deletions(-)
diffs (229 lines):
diff -r 0afcc93fb7fb -r cedb9509df43 ChangeLog
--- a/ChangeLog Fri Jun 12 16:49:07 2015 +0200
+++ b/ChangeLog Mon Jun 15 12:44:41 2015 +0200
@@ -1,7 +1,107 @@
2015-06-12 Jiri Vanek <jvanek at redhat.com>
+ Updated NEWS, added javadoc fo security package. Added changelog entry for last commit
+ * NEWS: mentioned major work in last month and half
+ * netx/net/sourceforge/jnlp/security/package-info.java: new file, describing
+ flow of SecurityDialogMessage
+ * ChangeLog: added content to previous item
+
+2015-06-12 Jiri Vanek <jvanek at redhat.com>
+
Implemented general solution for remembering of various dialogues
- * todo: changelog and javadoc and news
+ * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java:
+ removed columns for separate remember actions. Replaced by single column with all
+ remembered actions.
+ * netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java:
+ same
+ * netx/net/sourceforge/jnlp/resources/Messages.properties: removed
+ APPEXTSECunsetAppletAction, APPEXTSECguiTableModelTableColumnActionUA,
+ APPEXTSECguiTableModelTableColumnActionMatchALACA
+ added APPEXTSECguiTableModelTableColumnRD
+ * netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java: added null check
+ for ics
+ * netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java: removed
+ final keyword from class definition. Extension is necessary for testing.
+ (handleMessage) made protected and added logic for remembering actions.
+ Unlocking of message moved to unlockMessagesClient method.
+ * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showPartiallySignedWarningDialog)
+ moved to return YesNoSandbox
+ * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: same in
+ (doPrivileged)
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java:
+ adapted imports
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionStorage.java:
+ All usages of id retyped from int to Class extends RememberableDialog
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java:
+ same
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
+ Class rewritten to handle new saving/loading schema. Support for legacy structure kept.
+ * netx/net/sourceforge/jnlp/security/dialogresults/AccessWarningPaneComplexReturn.java:
+ adapted to be able to read various malformed shortcut definitions. Removed RemeberType
+ * netx/net/sourceforge/jnlp/security/dialogresults/BasicDialogValue.java:
+ added various equals and hashcode methods.
+ * netx/net/sourceforge/jnlp/security/dialogresults/Yes.java:
+ made extendable, added toString
+ * netx/net/sourceforge/jnlp/security/dialogresults/YesCancel.java:
+ extends Yes
+ * netx/net/sourceforge/jnlp/security/dialogresults/YesNo.java:
+ extends Yes
+ * netx/net/sourceforge/jnlp/security/dialogresults/YesNoCancel.java:
+ extends YesNo
+ * netx/net/sourceforge/jnlp/security/dialogresults/YesNoSandbox.java:
+ extends YesNo
+ * netx/net/sourceforge/jnlp/security/dialogresults/YesNoSandboxLimited.java:
+ New class. Extends YesNoSandbox, but accept only YesNo by default. Used in
+ AppTrustWarningPanel, which by default accept only YES and NO, but is extended
+ by PartiallySignedAppTrustWarningPanel, which add also SANDBOX.
+ * netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java:
+ implements RememberableDialog, removed RemeberType usage
+ * netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java:
+ implements RememberableDialog
+ * netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/MatchingALACAttributePanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
+ uses class instead of id in additional info obtaining methods.
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/ActionChoiceListener.java:
+ removed,useless
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/AppSigningWarningAction.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/AppletSecurityActions.java:
+ Class rewritten to handle new saving/loading schema. Support for legacy structure kept.
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/ExecuteAppletAction.java:
+ removed Sandbox and Unset support.
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RemeberActionProvider.java:
+ new file, general interface to provide values for remembering/
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RememberDialog.java:
+ new file for general utility methods for remembering logic.
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RememberPanel.java:
+ cleaned from legacy code
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RememberPanelResult.java:
+ new file. Keeper of remembered information.
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RememberableDialog.java:
+ interface identifying rememberable panels.
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/SavedRememberAction.java:
+ new class. Wrapper around remembered value and remembered decision.
+ * netx/net/sourceforge/jnlp/services/ServiceUtil.java:
+ adapted call to showAccessWarningDialog
+ * tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java:
+ Added tests for saved actions, adapted old tests
+ * tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/impl/LegacyUnsignedAppletActionStorageImplTest.java:
+ copy of original UnsignedAppletActionStorageImplTest
+ * tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImplTest.java:
+ new file, tests for parser of new schema
+ * tests/netx/unit/net/sourceforge/jnlp/security/dialogs/remember/AppletSecurityActionsTest.java:
+ adapted to new methods.
+ * tests/netx/unit/net/sourceforge/jnlp/util/XDesktopEntryTest.java: adapted
+
2015-06-11 Jiri Vanek <jvanek at redhat.com>
diff -r 0afcc93fb7fb -r cedb9509df43 NEWS
--- a/NEWS Fri Jun 12 16:49:07 2015 +0200
+++ b/NEWS Mon Jun 15 12:44:41 2015 +0200
@@ -9,6 +9,23 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
New in release 1.7 (2015-XX-XX):
+* comments in deployment.properties now should persists load/save
+* fixed bug in caching of files with query
+* fixed issues with recreating of existing shortcut
+* trustAll/trustNone now processed correctly
+* headless no longer shows dialogues
+* more dialogs got remember me possibility
+ - MissingALACAttributePanel
+ - AccessWarning
+ - MissingPermissionsAttributePanel
+ - MatchingALACAttributePanel
+ - UnsignedAppletTrustWarningPanel
+ - PartiallySignedAppTrustWarningPanel
+* NetX
+ - fixed issues with -html shortcuts
+ - fixed issue with -html receiving garbage in width and height
+* PolicyEditor
+ - file flag made to work when used standalone
New in release 1.6 (2015-XX-XX):
* Massively improved offline abilities. Added Xoffline switch to force work without inet connection.
diff -r 0afcc93fb7fb -r cedb9509df43 netx/net/sourceforge/jnlp/security/package-info.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/package-info.java Mon Jun 15 12:44:41 2015 +0200
@@ -0,0 +1,86 @@
+/* package-info.java
+ Copyright (C) 2015 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify it under the
+terms of the GNU General Public License as published by the Free Software
+Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with
+IcedTea; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is making a
+combined work based on this library. Thus, the terms and conditions of the GNU
+General Public License cover the whole combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent modules, and
+to copy and distribute the resulting executable under terms of your choice,
+provided that you also meet, for each linked independent module, the terms and
+conditions of the license of that module. An independent module is a module
+which is not derived from or based on this library. If you modify this library,
+you may extend this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this exception
+statement from your version.*/
+/**
+ *<pre>
+ ITW-thread(s) | dialogs-thread X
+ | X
+ presteps in SecurtyDialogs | X
+ # eg handle trustall/none | X
+ | | X
+ prepare message | X
+ # set JNLPfile | X
+ # set type of dialog | X
+ see | X
+ # extrass... | X
+ # lock | X
+ | | X
+ post message to queue | X
+ | >------------------------------------> | <----------------------------------------------------------------------------------------------------------------------------| X
+ wait for result from | read message from queue | X
+ getUserResponse(lock lock)| | | X
+ | create instance of dialogue | X
+ | | | X
+ | acording to type of dialogue, create and place panel (this is important, panel is keeper of rememberable decission) | X
+ | | | X
+ | if panel is instance of RememberableDialogue | X
+ | else then | X
+ | | | | X
+ | | check whether this applet+action was already stored and pernamently remembered in .appletSecurity | X
+ | | no yes | X
+ | |<-------------------------| | | X
+ | | | | X
+ | | | | X
+ | | | | X
+ | | | | X
+ | add closing and disposing listener(s) to button(s) | | X
+ | | * set return value to listner? | | X
+ | | | | X
+ | accordingo to set value, set default selected button? | | X
+ | | | | X
+ | if his applet+action was already stored in .appletSecurity include text approved/denyed and when | | X
+ | | | | X
+ | wait for user to click buttton or close dialogue | | X
+ | | | | X
+ | --> set selected value (via listener?) to message, dispose dialog -> <- set stored value to message <-| | X
+ | | | X
+ | if panel is instance of RememberableDialogue crate new, update old(date/decission,jars...) record in .appletSecurity | X
+ | | | X
+ | <------------------------------------------------------------------------------------------< unlock lock of this messge >--------------------------------------------| X
+ read result from message | X
+ | | X
+ continue accordingly | X
+ X
+
+ *</pre>
+ */
+package net.sourceforge.jnlp.security;
More information about the distro-pkg-dev
mailing list