Mercurial > hg > release > icedtea-web-1.3
changeset 429:40776f2e940f
Fixes PR722: Now ignores unsigned content in META-INF/ during signing process
author | Adam Domurad <adomurad@redhat.com> |
---|---|
date | Tue, 12 Jun 2012 15:25:44 -0400 |
parents | bf792a768ad2 |
children | 7b8a05e4443c |
files | ChangeLog NEWS netx/net/sourceforge/jnlp/tools/JarCertVerifier.java |
diffstat | 3 files changed, 15 insertions(+), 20 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Jun 12 10:21:05 2012 +0200 +++ b/ChangeLog Tue Jun 12 15:25:44 2012 -0400 @@ -1,3 +1,11 @@ +2012-06-12 Adam Domurad <adomurad@redhat.com> + + Fixes PR722, javaws failing to run with unsigned content in META-INF/ + * NEWS: Added entry: Fixes PR722 + * netx/net/sourceforge/jnlp/tools/JarCertVerifier.java: Changed + isSignatureRelated => isMetaInfFile. Now all files under META-INF/ are + disregarded in checking the jar signage. + 2012-06-11 Jiri Vanek <jvanek@redhat.com> Implemented xml logging backend
--- a/NEWS Tue Jun 12 10:21:05 2012 +0200 +++ b/NEWS Tue Jun 12 15:25:44 2012 -0400 @@ -18,6 +18,7 @@ - PR895: IcedTea-Web searches for missing classes on each loadClass or findClass - PR861: Allow loading from non codebase hosts. Allow code to connect to hosting server - PR518: NPString.utf8characters not guaranteed to be nul-terminated + - PR722: META-INF/ unsigned entries should be ignored in signing * Common - PR918: java applet windows uses a low resulution black/white icon
--- a/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java Tue Jun 12 10:21:05 2012 +0200 +++ b/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java Tue Jun 12 15:25:44 2012 -0400 @@ -277,7 +277,7 @@ anySigned |= isSigned; boolean shouldHaveSignature = !je.isDirectory() - && !signatureRelated(name); + && !isMetaInfFile(name); hasUnsignedEntry |= shouldHaveSignature && !isSigned; @@ -438,32 +438,18 @@ } /** - * signature-related files include: + * Returns whether a file is in META-INF, and thus does not require signing. + * + * Signature-related files under META-INF include: * . META-INF/MANIFEST.MF * . META-INF/SIG-* * . META-INF/*.SF * . META-INF/*.DSA * . META-INF/*.RSA - * - * Required for verifyJar() */ - private boolean signatureRelated(String name) { + static private boolean isMetaInfFile(String name) { String ucName = name.toUpperCase(); - if (ucName.equals(JarFile.MANIFEST_NAME) || - ucName.equals(META_INF) || - (ucName.startsWith(SIG_PREFIX) && - ucName.indexOf("/") == ucName.lastIndexOf("/"))) { - return true; - } - - if (ucName.startsWith(META_INF) && - SignatureFileVerifier.isBlockOrSF(ucName)) { - // .SF/.DSA/.RSA files in META-INF subdirs - // are not considered signature-related - return (ucName.indexOf("/") == ucName.lastIndexOf("/")); - } - - return false; + return ucName.startsWith(META_INF); } /**