/hg/icedtea-web: All headless, xtrustatAll/None, shouldPrompt di...
jvanek at icedtea.classpath.org
jvanek at icedtea.classpath.org
Wed Jun 17 15:38:17 UTC 2015
changeset 50571bdee6ed in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=50571bdee6ed
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Jun 17 17:15:52 2015 +0200
All headless, xtrustatAll/None, shouldPrompt dialogue decisions moved into shared place
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (checkTrustWithUser) (promptUserOnPartialSigning) calls to trusts removed.
* netx/net/sourceforge/jnlp/security/SecurityDialog.java: added getDefaultNegativeAnswer getDefaultPositiveAnswer stubs to access panel.
* netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java: all trust/shouldPrompt/headless decisions moved to this place. Small modularization done.
* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: all trust/shouldPrompt/headless removed
* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: same
* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:same
* netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java: implemented abstract methods of getDefaultNegativeAnswer getDefaultPositiveAnswer
* netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java: same
* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same
* netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java: same
* netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java: same
* netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java:same
* netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java:same
* netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java:same
* netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: sameand added javadoc to htmlWrap
* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:same
* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:same
* netx/net/sourceforge/jnlp/security/dialogs/remember/RememberDialog.java:added null check to (findRememberablePanel)
* tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java: heavily adapted (all tests now use fakeQeue). Timeout moved to 10s.
diffstat:
ChangeLog | 38 +
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 13 +-
netx/net/sourceforge/jnlp/security/SecurityDialog.java | 9 +
netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java | 125 +++++-
netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 82 ----
netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java | 5 +-
netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java | 14 +-
netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java | 13 +-
netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java | 11 +
netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java | 11 +
netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java | 11 +
netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java | 11 +
netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java | 11 +-
netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java | 12 +
netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java | 12 +
netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java | 8 +
netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java | 13 +-
netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java | 10 +
netx/net/sourceforge/jnlp/security/dialogs/remember/RememberDialog.java | 3 +
tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java | 202 +++++----
20 files changed, 402 insertions(+), 212 deletions(-)
diffs (truncated from 1062 to 500 lines):
diff -r 37dfc20a1816 -r 50571bdee6ed ChangeLog
--- a/ChangeLog Tue Jun 16 12:11:58 2015 +0200
+++ b/ChangeLog Wed Jun 17 17:15:52 2015 +0200
@@ -1,3 +1,41 @@
+2015-06-16 Jiri Vanek <jvanek at redhat.com>
+
+ All headless, xtrustatAll/None, shouldPrompt dialogue decisions moved into shared place
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (checkTrustWithUser)
+ (promptUserOnPartialSigning) calls to trusts removed.
+ * netx/net/sourceforge/jnlp/security/SecurityDialog.java: added getDefaultNegativeAnswer
+ getDefaultPositiveAnswer stubs to access panel.
+ * netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java:
+ all trust/shouldPrompt/headless decisions moved to this place. Small modularization done.
+ * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: all
+ trust/shouldPrompt/headless removed
+ * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: same
+ * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java: implemented
+ abstract methods of getDefaultNegativeAnswer getDefaultPositiveAnswer
+ * netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java: same
+ * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same
+ * netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java: same
+ * netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java: same
+ * netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: same
+ and added javadoc to htmlWrap
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
+ same
+ * netx/net/sourceforge/jnlp/security/dialogs/remember/RememberDialog.java:
+ added null check to (findRememberablePanel)
+ * tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java:
+ heavily adapted (all tests now use fakeQeue). Timeout moved to 10s.
+
+
2015-06-16 Jiri Vanek <jvanek at redhat.com>
runtime.exec replaced by ProcessBuilder. All waits for proeces amde safe
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Wed Jun 17 17:15:52 2015 +0200
@@ -1059,16 +1059,11 @@
* @throws LaunchException if the user does not approve every dialog prompt.
*/
private void checkTrustWithUser() throws LaunchException {
- if (JNLPRuntime.isTrustNone()) {
- if (!securityDelegate.getRunInSandbox()) {
- setRunInSandbox();
- }
+
+ if (securityDelegate.getRunInSandbox()) {
return;
}
- if (JNLPRuntime.isTrustAll() || securityDelegate.getRunInSandbox()) {
- return;
- }
-
+
if (getSigningState() == SigningState.FULL && jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) {
jcv.checkTrustWithUser(securityDelegate, file);
}
@@ -2431,7 +2426,7 @@
@Override
public void promptUserOnPartialSigning() throws LaunchException {
- if (promptedForPartialSigning || JNLPRuntime.isTrustAll()) {
+ if (promptedForPartialSigning) {
return;
}
promptedForPartialSigning = true;
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Wed Jun 17 17:15:52 2015 +0200
@@ -401,4 +401,13 @@
{
return requiresSignedJNLPWarning;
}
+
+ DialogResult getDefaultNegativeAnswer() {
+ return panel.getDefaultNegativeAnswer();
+ }
+
+ DialogResult getDefaultPositiveAnswer() {
+ return panel.getDefaultPositiveAnswer();
+ }
+
}
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java Wed Jun 17 17:15:52 2015 +0200
@@ -39,8 +39,12 @@
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
import net.sourceforge.jnlp.security.dialogs.remember.RememberDialog;
import net.sourceforge.jnlp.security.dialogs.remember.RememberableDialog;
@@ -70,7 +74,7 @@
public class SecurityDialogMessageHandler implements Runnable {
/** the queue of incoming messages to show security dialogs */
- private BlockingQueue<SecurityDialogMessage> queue = new LinkedBlockingQueue<SecurityDialogMessage>();
+ private BlockingQueue<SecurityDialogMessage> queue = new LinkedBlockingQueue<>();
/**
* Runs the message handler loop. This waits for incoming security messages
@@ -105,35 +109,63 @@
final SecurityDialog dialog = new SecurityDialog(message.dialogType,
message.accessType, message.file, message.certVerifier, message.certificate, message.extras);
+ if (processAutomatedAnswers(message, dialog)){
+ return;
+ }
+
final RememberableDialog found = RememberDialog.getInstance().findRememberablePanel(dialog);
SavedRememberAction action = null;
if (found!=null){
- action = RememberDialog.getInstance().getRememberedState(found);
+ action = RememberDialog.getInstance().getRememberedState(found);
}
if (action != null && action.isRemember()) {
message.userResponse = found.readValue(action.getSavedValue());
UnsignedAppletTrustConfirmation.updateAppletAction(found.getFile(), action, null, (Class<RememberableDialog>) found.getClass());
unlockMessagesClient(message);
} else {
- dialog.addActionListener(new ActionListener() {
-
- @Override
- public void actionPerformed(ActionEvent e) {
- if (found == null) {
- message.userResponse = dialog.getValue();
- } else {
- message.userResponse = found.getValue();
- RememberDialog.getInstance().setOrUpdateRememberedState(dialog);
- }
- unlockMessagesClient(message);
- }
-
- });
- dialog.setVisible(true);
+
+ if (!shouldPromptUser() || isHeadless()) {
+ message.userResponse = dialog.getDefaultNegativeAnswer();
+ unlockMessagesClient(message);
+ } else {
+ processMessageInGui(dialog, found, message);
+ }
}
}
+ private boolean processAutomatedAnswers(final SecurityDialogMessage message, final SecurityDialog dialog) {
+ if (isXtrustNone()) {
+ message.userResponse = dialog.getDefaultNegativeAnswer();
+ unlockMessagesClient(message);
+ return true;
+ }
+ if (isXtrustAll()) {
+ message.userResponse = dialog.getDefaultPositiveAnswer();
+ unlockMessagesClient(message);
+ return true;
+ }
+ return false;
+ }
+
+ private void processMessageInGui(final SecurityDialog dialog, final RememberableDialog found, final SecurityDialogMessage message) {
+ dialog.addActionListener(new ActionListener() {
+
+ @Override
+ public void actionPerformed(ActionEvent e) {
+ if (found == null) {
+ message.userResponse = dialog.getValue();
+ } else {
+ message.userResponse = found.getValue();
+ RememberDialog.getInstance().setOrUpdateRememberedState(dialog);
+ }
+ unlockMessagesClient(message);
+ }
+
+ });
+ dialog.setVisible(true);
+ }
+
protected void unlockMessagesClient(final SecurityDialogMessage msg) {
/* Allow the client to continue on the other side */
if (msg.toDispose != null) {
@@ -162,5 +194,64 @@
OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
}
}
+
+
+ /**
+ * Returns whether the current runtime configuration allows prompting user
+ * for security warnings.
+ *
+ * @return true if security warnings should be shown to the user.
+ */
+ private static boolean shouldPromptUser() {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ @Override
+ public Boolean run() {
+ return Boolean.valueOf(JNLPRuntime.getConfiguration()
+ .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
+ }
+ });
+ }
+
+ /**
+ * Returns whether the current runtime configuration is headless
+ *
+ * @return true X is used
+ */
+ private static boolean isHeadless() {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ @Override
+ public Boolean run() {
+ return JNLPRuntime.isHeadless();
+ }
+ });
+ }
+
+ /**
+ * Returns whether the current runtime configuration is trustAll
+ *
+ * @return true if xtrustall was specified
+ */
+ private static boolean isXtrustAll() {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ @Override
+ public Boolean run() {
+ return JNLPRuntime.isTrustAll();
+ }
+ });
+ }
+
+ /**
+ * Returns whether the current runtime configuration is trustNone
+ *
+ * @return true if xtrustnone was specified
+ */
+ private static boolean isXtrustNone() {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ @Override
+ public Boolean run() {
+ return JNLPRuntime.isTrustNone();
+ }
+ });
+ }
}
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Wed Jun 17 17:15:52 2015 +0200
@@ -51,13 +51,11 @@
import javax.swing.SwingUtilities;
import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.config.DeploymentConfiguration;
import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
import net.sourceforge.jnlp.runtime.JNLPRuntime;
import net.sourceforge.jnlp.security.dialogresults.AccessWarningPaneComplexReturn;
import net.sourceforge.jnlp.security.dialogresults.DialogResult;
import net.sourceforge.jnlp.security.dialogresults.NamePassword;
-import net.sourceforge.jnlp.security.dialogresults.YesNo;
import net.sourceforge.jnlp.security.dialogresults.YesNoSandbox;
import net.sourceforge.jnlp.security.dialogresults.YesNoSandboxLimited;
import net.sourceforge.jnlp.util.UrlUtils;
@@ -120,14 +118,6 @@
public static AccessWarningPaneComplexReturn showAccessWarningDialog(final AccessType accessType,
final JNLPFile file, final Object[] extras) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return new AccessWarningPaneComplexReturn(true);
- } else {
- return new AccessWarningPaneComplexReturn(false);
- }
- }
-
final SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.ACCESS_WARNING;
@@ -148,14 +138,6 @@
*/
public static YesNoSandboxLimited showUnsignedWarningDialog(JNLPFile file) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return YesNoSandboxLimited.yes();
- } else {
- return YesNoSandboxLimited.no();
- }
- }
-
final SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.UNSIGNED_WARNING;
message.accessType = AccessType.UNSIGNED;
@@ -183,14 +165,6 @@
public static YesNoSandbox showCertWarningDialog(AccessType accessType,
JNLPFile file, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return YesNoSandbox.yes();
- } else {
- return YesNoSandbox.no();
- }
- }
-
final SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.CERT_WARNING;
message.accessType = accessType;
@@ -213,14 +187,6 @@
public static YesNoSandbox showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier,
SecurityDelegate securityDelegate) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return YesNoSandbox.yes();
- } else {
- return YesNoSandbox.no();
- }
- }
-
final SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.PARTIALLYSIGNED_WARNING;
message.accessType = AccessType.PARTIALLYSIGNED;
@@ -244,10 +210,6 @@
* @throws SecurityException if the caller does not have the appropriate permissions.
*/
public static NamePassword showAuthenicationPrompt(String host, int port, String prompt, String type) {
-
- if (!shouldPromptUser()){
- return null;
- }
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@@ -268,14 +230,6 @@
public static boolean showMissingALACAttributePanel(JNLPFile file, URL codeBase, Set<URL> remoteUrls) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return true;
- } else {
- return false;
- }
- }
-
SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.MISSING_ALACA;
String urlToShow = "unknown url";
@@ -297,14 +251,6 @@
public static boolean showMatchingALACAttributePanel(JNLPFile file, URL documentBase, Set<URL> remoteUrls) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return true;
- } else {
- return false;
- }
- }
-
SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.MATCHING_ALACA;
message.extras = new Object[]{documentBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
@@ -322,14 +268,6 @@
public static boolean showMissingPermissionsAttributeDialogue(JNLPFile file) {
- if (!shouldPromptUser()) {
- if (JNLPRuntime.isTrustAll()) {
- return true;
- } else {
- return false;
- }
- }
-
SecurityDialogMessage message = new SecurityDialogMessage(file);
message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING;
DialogResult selectedValue = getUserResponse(message);
@@ -419,25 +357,5 @@
}
return message.userResponse;
}
-
- /**
- * Returns whether the current runtime configuration allows prompting user
- * for security warnings.
- *
- * @return true if security warnings should be shown to the user. false of
- * otherwise or runtime is headless
- */
- private static boolean shouldPromptUser() {
- return AccessController.doPrivileged(new PrivilegedAction<Boolean >() {
- @Override
- public Boolean run() {
- if (JNLPRuntime.isHeadless()){
- return false;
- }
- return Boolean.valueOf(JNLPRuntime.getConfiguration()
- .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
- }
- });
- }
}
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java
--- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Wed Jun 17 17:15:52 2015 +0200
@@ -409,10 +409,7 @@
private boolean askUser(final X509Certificate[] chain, final String authType,
final boolean isTrusted, final boolean hostMatched,
final String hostName) {
- if (JNLPRuntime.isTrustAll()){
- return true;
- }
- return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
YesNoSandbox r = SecurityDialogs.showCertWarningDialog(
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Wed Jun 17 17:15:52 2015 +0200
@@ -202,12 +202,12 @@
public static void checkUnsignedWithUserIfRequired(JNLPFile file) throws LaunchException {
- if (unsignedAppletsAreForbidden() || JNLPRuntime.isTrustNone()) {
+ if (unsignedAppletsAreForbidden()) {
OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Not running unsigned applet at " + file.getCodeBase() +" because unsigned applets are disallowed by security policy.");
throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedApplet"), R("LUnsignedAppletPolicyDenied"));
}
- if (!unsignedConfirmationIsRequired() || JNLPRuntime.isTrustAll()) {
+ if (!unsignedConfirmationIsRequired()) {
OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running unsigned applet at " + file.getCodeBase() +" does not require confirmation according to security policy.");
return;
}
@@ -225,16 +225,6 @@
public static void checkPartiallySignedWithUserIfRequired(SecurityDelegate securityDelegate, JNLPFile file,
CertVerifier certVerifier) throws LaunchException {
- if (JNLPRuntime.isTrustNone()) {
- OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " with only Sandbox permissions due to -Xtrustnone flag");
- securityDelegate.setRunInSandbox();
- return;
- }
- if (JNLPRuntime.isTrustAll()) {
- OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " due to -Xtrustall flag");
- return;
- }
-
if (!unsignedConfirmationIsRequired()) {
OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " does not require confirmation according to security policy.");
return;
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java Wed Jun 17 17:15:52 2015 +0200
@@ -508,8 +508,15 @@
public DialogResult readValue(String s) {
return AccessWarningPaneComplexReturn.readValue(s);
}
-
-
-
+
+ @Override
+ public DialogResult getDefaultNegativeAnswer() {
+ return new AccessWarningPaneComplexReturn(false);
+ }
+
+ @Override
+ public DialogResult getDefaultPositiveAnswer() {
+ return new AccessWarningPaneComplexReturn(true);
+ }
}
diff -r 37dfc20a1816 -r 50571bdee6ed netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java Tue Jun 16 12:11:58 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java Wed Jun 17 17:15:52 2015 +0200
@@ -50,6 +50,7 @@
import javax.swing.JPanel;
More information about the distro-pkg-dev
mailing list