Mercurial > hg > release > icedtea-web-1.3

--- a/ChangeLog	Tue Jun 12 10:21:05 2012 +0200
+++ b/ChangeLog	Tue Jun 12 15:25:44 2012 -0400
@@ -1,3 +1,11 @@
+2012-06-12  Adam Domurad  <adomurad@redhat.com>
+
+	Fixes PR722, javaws failing to run with unsigned content in META-INF/
+	* NEWS: Added entry: Fixes PR722
+	* netx/net/sourceforge/jnlp/tools/JarCertVerifier.java: Changed
+	isSignatureRelated => isMetaInfFile. Now all files under META-INF/ are
+	disregarded in checking the jar signage.
+
 2012-06-11  Jiri Vanek  <jvanek@redhat.com>

 	Implemented xml logging backend
--- a/NEWS	Tue Jun 12 10:21:05 2012 +0200
+++ b/NEWS	Tue Jun 12 15:25:44 2012 -0400
@@ -18,6 +18,7 @@
   - PR895: IcedTea-Web searches for missing classes on each loadClass or findClass
   - PR861: Allow loading from non codebase hosts. Allow code to connect to hosting server
   - PR518: NPString.utf8characters not guaranteed to be nul-terminated
+  - PR722: META-INF/ unsigned entries should be ignored in signing
 * Common
   - PR918: java applet windows uses a low resulution black/white icon
--- a/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java	Tue Jun 12 10:21:05 2012 +0200
+++ b/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java	Tue Jun 12 15:25:44 2012 -0400
@@ -277,7 +277,7 @@
                     anySigned |= isSigned;

                     boolean shouldHaveSignature = !je.isDirectory()
-                                                && !signatureRelated(name);
+                                                && !isMetaInfFile(name);

                     hasUnsignedEntry |= shouldHaveSignature &&  !isSigned;

@@ -438,32 +438,18 @@
     }

     /**
-     * signature-related files include:
+     * Returns whether a file is in META-INF, and thus does not require signing.
+     *
+     * Signature-related files under META-INF include:
      * . META-INF/MANIFEST.MF
      * . META-INF/SIG-*
      * . META-INF/*.SF
      * . META-INF/*.DSA
      * . META-INF/*.RSA
-     *
-     * Required for verifyJar()
      */
-    private boolean signatureRelated(String name) {
+    static private boolean isMetaInfFile(String name) {
         String ucName = name.toUpperCase();
-        if (ucName.equals(JarFile.MANIFEST_NAME) ||
-                ucName.equals(META_INF) ||
-                (ucName.startsWith(SIG_PREFIX) &&
-                 ucName.indexOf("/") == ucName.lastIndexOf("/"))) {
-            return true;
-        }
-
-        if (ucName.startsWith(META_INF) &&
-                SignatureFileVerifier.isBlockOrSF(ucName)) {
-            // .SF/.DSA/.RSA files in META-INF subdirs
-            // are not considered signature-related
-            return (ucName.indexOf("/") == ucName.lastIndexOf("/"));
-        }
-
-        return false;
+        return ucName.startsWith(META_INF);
     }

     /**