/hg/release/icedtea-web-1.5: application-library-allowable-codeb...
jvanek at icedtea.classpath.org
jvanek at icedtea.classpath.org
Tue Sep 8 13:02:31 UTC 2015
changeset f45e2b0ee174 in /hg/release/icedtea-web-1.5
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.5?cmd=changeset;node=f45e2b0ee174
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Sep 08 15:02:10 2015 +0200
application-library-allowable-codebase dialog made available for unsigned apps
diffstat:
ChangeLog | 21 +++
netx/net/sourceforge/jnlp/resources/Messages.properties | 8 +-
netx/net/sourceforge/jnlp/resources/Messages_cs.properties | 4 +-
netx/net/sourceforge/jnlp/resources/Messages_de.properties | 6 +-
netx/net/sourceforge/jnlp/resources/Messages_pl.properties | 4 +-
netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java | 61 +++++++--
netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java | 3 -
tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java | 65 ++++++++++
8 files changed, 144 insertions(+), 28 deletions(-)
diffs (293 lines):
diff -r a7ed0ba86302 -r f45e2b0ee174 ChangeLog
--- a/ChangeLog Mon Jul 20 16:06:29 2015 +0200
+++ b/ChangeLog Tue Sep 08 15:02:10 2015 +0200
@@ -1,3 +1,24 @@
+2015-09-01 Jiri Vanek <jvanek at redhat.com>
+
+ application-library-allowable-codebase dialog made available for unsigned apps
+ * netx/net/sourceforge/jnlp/resources/Messages.properties: (ALACAMissingMainTitle)
+ added warning about possible consequences of resources out of docbase.
+ (ALACAMatchingMainTitle) the red higlights changed to green and added calming
+ words about it.
+ * netx/net/sourceforge/jnlp/resources/Messages_cs.properties: same
+ * netx/net/sourceforge/jnlp/resources/Messages_de.properties: same
+ * netx/net/sourceforge/jnlp/resources/Messages_pl.properties: adapted to red
+ to green recoloring
+ * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java:
+ (checkApplicationLibraryAllowableCodebaseAttribute) removed return for in case
+ of unsigned app. Fixed check for all matching resources against codebase and docbase
+ If app is unsigned, then value in manifest is ignored. Missing alaca required
+ also in low security mode
+ * tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java:
+ new file to test stripDocbase.
+ * netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java
+ removed not working checkbox for rembering the action.
+
2015-07-20 Jiri Vanek <jvanek at redhat.com>
Tuned permissions attribute behavior for unsigned jnlps
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Sep 08 15:02:10 2015 +0200
@@ -66,7 +66,7 @@
ALACAMissingMainTitle=The application <span color='red'> {0} </span> \
from <span color='red'> {1} </span> uses resources from the following remote locations: \
{2} \
-Are you sure you want to run this application?
+Be very careful when application is loading from different space then you expect. Are you sure you want to run this application?
ALACAMissingInfo=For more information see:<br/>\
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
JAR File Manifest Attributes</a> <br/> \
@@ -74,9 +74,9 @@
Preventing the Repurposing of an Application</a>
# matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \
-from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
-Are you sure you want to run this application?
+ALACAMatchingMainTitle=The application <span color=''green''> {0} </span> \
+from <span color=''green''> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
+They looks ok. Are you sure you want to run this application?
ALACAMatchingInfo=For more information you can visit:<br/>\
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
JAR File Manifest Attributes</a> <br/> \
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_cs.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Tue Sep 08 15:02:10 2015 +0200
@@ -62,7 +62,7 @@
Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed</a>
# missing Application-Library-Allowable-Codebase dialogue
-ALACAMissingMainTitle=Aplikace <span color='red'> {0} </span> z <span color='red'> {1} </span> postr\u00e1d\u00e1 atribut \u201eapplication-library-allowable-codebase\u201c. Tato aplikace pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edho vzd\u00e1len\u00e9ho um\u00edst\u011bn\u00ed:<br/> {2} Skute\u010dn\u011b chcete spustit tuto aplikaci?
+ALACAMissingMainTitle=Aplikace <span color="red"> {0} </span> z <span color="red"> {1} </span> pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:{2}. Bu\u010fte velmi opatrn\u00ed pokud jde o k\u00f3d z neo\u010dek\u00e1van destinace. Ur\u010dit\u011b chcete spustit tuto aplikaci?
ALACAMissingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/>\
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
Atributy Manifestu souboru JAR</a> <br/>\
@@ -70,7 +70,7 @@
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html">\
Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed</a>
# matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Aplikace <span color='red'> {0} </span> z <span color='red'> {1} </span> vy\u017eaduje platn\u00e9 zdroje z r\u016fzn\u00fdch um\u00edst\u011bn\u00ed:<br/>{2} <br/> Na\u010dten\u00ed t\u011bchto zdroj\u016f se o\u010dek\u00e1v\u00e1. Souhlas\u00edte se spu\u0161t\u011bn\u00edm t\u00e9to aplikace?
+ALACAMatchingMainTitle=Aplikace <span color="green"> {0} </span> z <span color="green"> {1} </span> pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:<br/>{2}.<br/> Zdroje se zdaj\u00ed v po\u0159\u00e1dku. Chcete spustit tuto aplikaci?
ALACAMatchingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/>\
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
Atributy Manifestu souboru JAR</a> <br/>\
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_de.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_de.properties Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_de.properties Tue Sep 08 15:02:10 2015 +0200
@@ -77,10 +77,10 @@
Preventing the Repurposing of an Application</a>
# matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Die Anwendung \u201e<span color=\"red\">{0}</span>\u201c \
-mit der Codebasis \u201e<span color="red">{1}</span>\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:<br/>\
+ALACAMatchingMainTitle=Die Anwendung \u201e<span color=\"green\">{0}</span>\u201c \
+mit der Codebasis \u201e<span color="green">{1}</span>\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:<br/>\
{2}<br/>\
-Soll diese Anwendung wirklich ausgef\u00fchrt werden?
+Es ist richtig. Soll diese Anwendung wirklich ausgef\u00fchrt werden?
ALACAMatchingInfo=Um weitere Informationen zu erhalten siehe:<br/>\
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
JAR File Manifest Attributes</a><br/>\
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_pl.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Tue Sep 08 15:02:10 2015 +0200
@@ -76,8 +76,8 @@
Preventing the Repurposing of an Application</a>
# matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Aplikacja \u201e<span color="red">{0}</span>\u201d \
-z \u201e<span color="red">{1}</span>\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:<br/>\
+ALACAMatchingMainTitle=Aplikacja \u201e<span color="green">{0}</span>\u201d \
+z \u201e<span color="green">{1}</span>\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:<br/>\
{2}<br/>\
Czy na pewno chcesz uruchomi\u0107 t\u0105 aplikacj\u0119?
ALACAMatchingInfo=Wi\u0119cej informacji uzyskasz na:<br/>\
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Tue Sep 08 15:02:10 2015 +0200
@@ -36,6 +36,7 @@
*/
package net.sourceforge.jnlp.runtime;
+import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashSet;
import java.util.Set;
@@ -246,9 +247,6 @@
}
private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
- if (signing == SigningState.NONE) {
- return; /*when app is not signed at all, then skip this check*/
- }
//conditions
URL codebase = file.getCodeBase();
URL documentBase = null;
@@ -300,19 +298,32 @@
return;
}
- if (usedUrls.size() == 1) {
- if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
- && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
- //all resoources are from codebase or document base. it is ok to proceeed.
- OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
- return;
+
+ boolean allOk = true;
+ for (URL u : usedUrls) {
+ if (UrlUtils.equalsIgnoreLastSlash(u, codebase)
+ && UrlUtils.equalsIgnoreLastSlash(u, stripDocbase(documentBase))) {
+ OutputController.getLogger().log("OK - "+u.toExternalForm()+" is from codebase/docbase.");
+ } else {
+ allOk = false;
+ OutputController.getLogger().log("Warning! "+u.toExternalForm()+" is NOT from codebase/docbase.");
}
}
- ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
-
- if (att == null) {
- boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
- if (!a) {
+ if (allOk) {
+ //all resoources are from codebase or document base. it is ok to proceeed.
+ OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
+ return;
+ }
+
+ ClasspathMatchers att = null;
+ if (signing == SigningState.NONE) {
+ //for unsigned app we are ignoring value in manifesdt (may be faked)
+ } else {
+ att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
+ }
+ if (att == null) {
+ final boolean userApproved = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+ if (!userApproved) {
throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");
} else {
OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user");
@@ -334,4 +345,26 @@
OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user.");
}
}
+
+ //package private for testing
+ //not perfect but ok for usecase
+ static URL stripDocbase(URL documentBase) {
+ String s = documentBase.toExternalForm();
+ if (s.endsWith("/") || s.endsWith("\\")) {
+ return documentBase;
+ }
+ int i1 = s.lastIndexOf("/");
+ int i2 = s.lastIndexOf("\\");
+ int i = Math.max(i1, i2);
+ if (i <= 8 || i >= s.length()) {
+ return documentBase;
+ }
+ s = s.substring(0, i+1);
+ try {
+ documentBase = new URL(s);
+ } catch (MalformedURLException ex) {
+ OutputController.getLogger().log(ex);
+ }
+ return documentBase;
+ }
}
diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java Tue Sep 08 15:02:10 2015 +0200
@@ -55,7 +55,6 @@
import javax.swing.BoxLayout;
import javax.swing.ImageIcon;
import javax.swing.JButton;
-import javax.swing.JCheckBox;
import javax.swing.JEditorPane;
import javax.swing.JFrame;
import javax.swing.JLabel;
@@ -130,7 +129,6 @@
JButton yes = new JButton(Translator.R("ButYes"));
JButton no = new JButton(Translator.R("ButNo"));
- JCheckBox remeber = new JCheckBox(htmlWrap(Translator.R("SRememberOption")));
int buttonWidth = yes.getMinimumSize().width;
int buttonHeight = yes.getMinimumSize().height;
Dimension d = new Dimension(buttonWidth, buttonHeight);
@@ -139,7 +137,6 @@
yes.addActionListener(createSetValueListener(parent, 0));
no.addActionListener(createSetValueListener(parent, 1));
initialFocusComponent = no;
- buttonPanel.add(remeber);
buttonPanel.add(yes);
buttonPanel.add(no);
buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
diff -r a7ed0ba86302 -r f45e2b0ee174 tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java Tue Sep 08 15:02:10 2015 +0200
@@ -0,0 +1,65 @@
+/*
+ Copyright (C) 2013 Red Hat, Inc.
+
+ This file is part of IcedTea.
+
+ IcedTea is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, version 2.
+
+ IcedTea is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with IcedTea; see the file COPYING. If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library. Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module. An independent module is a module which is not derived from
+ or based on this library. If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so. If you do not wish to do so, delete this
+ exception statement from your version.
+ */
+package net.sourceforge.jnlp.runtime;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class ManifestAttributesCheckerTest {
+
+ @Test
+ public void stripDocbaseTest() throws Exception {
+ tryTest("http://aaa.bb/ccc/file.html", "http://aaa.bb/ccc/");
+ tryTest("http://aaa.bb/ccc/file.html/", "http://aaa.bb/ccc/file.html/");
+ tryTest("http://aaa.bb/ccc/dir/", "http://aaa.bb/ccc/dir/");
+ tryTest("http://aaa.bb/ccc/dir", "http://aaa.bb/ccc/");
+ tryTest("http://aaa.bb/ccc/", "http://aaa.bb/ccc/");
+ tryTest("http://aaa.bb/ccc", "http://aaa.bb/");
+ tryTest("http://aaa.bb/", "http://aaa.bb/");
+ tryTest("http://aaa.bb", "http://aaa.bb");
+ }
+
+ private static void tryTest(String src, String expected) throws MalformedURLException {
+ URL s = new URL(src);
+ URL q = ManifestAttributesChecker.stripDocbase(s);
+ //junit is failing for me on url.equls(url)...
+ Assert.assertEquals(expected, q.toExternalForm());
+ }
+
+}
More information about the distro-pkg-dev
mailing list