Mercurial > hg > release > icedtea-web-1.2
changeset 288:b56fd9cb2dfc
added XrustAll option
author | Jiri Vanek <jvanek@redhat.com> |
---|---|
date | Thu, 22 Sep 2011 17:41:51 +0200 |
parents | e9a9792ee189 |
children | 2ad1f3bbb0b5 |
files | ChangeLog netx/net/sourceforge/jnlp/runtime/Boot.java netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java |
diffstat | 5 files changed, 34 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Thu Sep 15 15:27:40 2011 +0200 +++ b/ChangeLog Thu Sep 22 17:41:51 2011 +0200 @@ -1,3 +1,14 @@ +2011-09-22 Jiri Vanek <jvanek@redhat.com> + + * netx/net/sourceforge/jnlp/runtime/Boot.java: (main): added logic to + handle -Xtrustall option + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: declared private static boolean + trustAll=false; with public getter and pkg.private setter + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (checkTrustWithUser): modified, + when XtrustAll declared, then user is not asked and certificate is trusted + * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser): modified, + when XtrustAll declared, then user is not asked and certificate is trusted + 2011-09-15 Jiri Vanek <jvanek@redhat.com> * tests/jnlp_tests/: all current reproducers (AccessClassInPackage @@ -17,6 +28,7 @@ * ChangeLog: Fixed formatting issues in previous entry. 2011-09-01 Jiri Vanek<jvanek@redhat.com> + Added functionality to allow icedtea web to be buildable with rhel5 libraries. * configure.ac: added IT_CHECK_GLIB_VERSION check.
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java Thu Sep 15 15:27:40 2011 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Thu Sep 22 17:41:51 2011 +0200 @@ -156,6 +156,9 @@ if (null != getOption("-Xnofork")) { JNLPRuntime.setForksAllowed(false); } + if (null != getOption("-Xtrustall")) { + JNLPRuntime.setTrustAll(true); + } JNLPRuntime.setInitialArgments(Arrays.asList(argsIn));
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Sep 15 15:27:40 2011 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Sep 22 17:41:51 2011 +0200 @@ -755,6 +755,9 @@ } private void checkTrustWithUser(JarSigner js) throws LaunchException { + if (JNLPRuntime.isTrustAll()){ + return; + } if (!js.getRootInCacerts()) { //root cert is not in cacerts boolean b = SecurityDialogs.showCertWarningDialog( AccessType.UNVERIFIED, file, js);
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Sep 15 15:27:40 2011 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Sep 22 17:41:51 2011 +0200 @@ -123,6 +123,9 @@ /** set to false to indicate another JVM should not be spawned, even if necessary */ private static boolean forksAllowed = true; + /** all security dialogs will be consumed and pretented as beeing verified by user and allowed.*/ + private static boolean trustAll=false; + /** contains the arguments passed to the jnlp runtime */ private static List<String> initialArguments; @@ -132,6 +135,7 @@ public static final String STDERR_FILE = "java.stderr"; public static final String STDOUT_FILE = "java.stdout"; + /** * Returns whether the JNLP runtime environment has been * initialized. Once initialized, some properties such as the @@ -732,4 +736,12 @@ } } + static void setTrustAll(boolean b) { + trustAll=b; + } + + public static boolean isTrustAll() { + return trustAll; + } + }
--- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Thu Sep 15 15:27:40 2011 +0200 +++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java Thu Sep 22 17:41:51 2011 +0200 @@ -53,6 +53,7 @@ import sun.security.validator.ValidatorException; import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; +import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; @@ -382,6 +383,9 @@ private boolean askUser(X509Certificate[] chain, String authType, boolean isTrusted, boolean hostMatched, String hostName) { + if (JNLPRuntime.isTrustAll()){ + return true; + } return SecurityDialogs.showCertWarningDialog( AccessType.UNVERIFIED, null, new HttpsCertVerifier(this, chain, authType,