# HG changeset patch
# User Andrew Azores <aazores@redhat.com>
# Date 1415301408 18000
# Node ID ecdb5af1e06987a209ed899b19f3a1207c49966b
# Parent  0dcef5344b233fb78a85eb256b4f10761addc842
Backported fix for NPE in CertWarningDialog for HTTPS certs

2014-11-05  Andrew Azores  <aazores@redhat.com>

	* netx/net/sourceforge/jnlp/resources/Messages.properties
	(CertWarnHTTPSAcceptTip, CertWarnHTTPSRejectTip): new messages more
	applicable for HTTPS cert warning dialogs
	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
	distinguish between HTTPS cert warnings and signed applet cert warnings.
	Display appropriate text labels and buttons corresponding to either case.
	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java:
	If any of file, securityDelegate, or linkedButton are null, simply
	disable this component and do not add component listeners dependent upon
	these fields. Also, do not add multiple groups of permissions, and do not
	add the permissions to the securityDelegate until the linkedButton is
	actually clicked (rather than when the menu item is clicked)

diff -r 0dcef5344b23 -r ecdb5af1e069 ChangeLog
--- a/ChangeLog	Tue Nov 04 17:13:34 2014 +0100
+++ b/ChangeLog	Thu Nov 06 14:16:48 2014 -0500
@@ -1,3 +1,18 @@
+2014-11-05  Andrew Azores  <aazores@redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties
+	(CertWarnHTTPSAcceptTip, CertWarnHTTPSRejectTip): new messages more
+	applicable for HTTPS cert warning dialogs
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
+	distinguish between HTTPS cert warnings and signed applet cert warnings.
+	Display appropriate text labels and buttons corresponding to either case.
+	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java:
+	If any of file, securityDelegate, or linkedButton are null, simply
+	disable this component and do not add component listeners dependent upon
+	these fields. Also, do not add multiple groups of permissions, and do not
+	add the permissions to the securityDelegate until the linkedButton is
+	actually clicked (rather than when the menu item is clicked)
+
 2014-10-21  Jiri Vanek  <jvanek@redhat.com>
 
 	Fixed case when already decoded file is wonted from cache (RH1154177)
diff -r 0dcef5344b23 -r ecdb5af1e069 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Nov 04 17:13:34 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Nov 06 14:16:48 2014 -0500
@@ -25,6 +25,8 @@
 CertWarnCancelTip=Do not run this applet
 CertWarnPolicyTip=Advanced sandbox settings
 CertWarnPolicyEditorItem=Launch PolicyEditor
+CertWarnHTTPSAcceptTip=Accept this certificate and trust the HTTPS connection
+CertWarnHTTPSRejectTip=Do not accept this certificate and do not establish the HTTPS connection
 
 AFileOnTheMachine=a file on the machine
 AlwaysAllowAction=Always allow this action
diff -r 0dcef5344b23 -r ecdb5af1e069 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Tue Nov 04 17:13:34 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Nov 06 14:16:48 2014 -0500
@@ -224,7 +224,8 @@
         infoPanel.add(nameLabel);
         infoPanel.add(publisherLabel);
 
-        if (!(certVerifier instanceof HttpsCertVerifier)) {
+        final boolean isHttpsCertTrustDialog = certVerifier instanceof HttpsCertVerifier;
+        if (!isHttpsCertTrustDialog) {
             infoPanel.add(fromLabel);
         }
 
@@ -233,15 +234,34 @@
 
         //run and cancel buttons
         buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
-        run = new JButton(R("ButRun"));
+        run = new JButton();
+        if (isHttpsCertTrustDialog) {
+            run.setText(R("ButYes"));
+        } else {
+            run.setText(R("ButRun"));
+        }
         sandbox = new JButton(R("ButSandbox"));
         advancedOptions = new TemporaryPermissionsButton(file, securityDelegate, sandbox);
-        cancel = new JButton(R("ButCancel"));
 
-        run.setToolTipText(R("CertWarnRunTip"));
+        cancel = new JButton();
+        if (isHttpsCertTrustDialog) {
+            cancel.setText(R("ButNo"));
+        } else {
+            cancel.setText(R("ButCancel"));
+        }
+
+        if (isHttpsCertTrustDialog) {
+            run.setToolTipText(R("CertWarnHTTPSAcceptTip"));
+        } else {
+            run.setToolTipText(R("CertWarnRunTip"));
+        }
         sandbox.setToolTipText(R("CertWarnSandboxTip"));
         advancedOptions.setToolTipText(R("CertWarnPolicyTip"));
-        cancel.setToolTipText(R("CertWarnCancelTip"));
+        if (isHttpsCertTrustDialog) {
+            cancel.setToolTipText(R("CertWarnHTTPSRejectTip"));
+        } else {
+            cancel.setToolTipText(R("CertWarnCancelTip"));
+        }
 
         alwaysTrust.addActionListener(new ButtonDisableListener(sandbox));
         int buttonWidth = Math.max(run.getMinimumSize().width,
@@ -266,11 +286,12 @@
 
         initialFocusComponent = cancel;
         buttonPanel.add(run);
-        // file will be null iff this dialog is being called from VariableX509TrustManager.
-        // In this case, the "sandbox" button does not make any sense, as we are asking
-        // the user if they trust some certificate that is not being used to sign an app.
-        // Since there is no app, there is nothing to run sandboxed.
-        if (file != null) {
+        // Only iff this dialog is being invoked by VariableX509TrustManager.
+        // In this case, the "sandbox" button and temporary permissions do not make any sense,
+        // as we are asking the user if they trust some certificate that is not being used to sign an app
+        // (eg "do you trust this certificate presented for the HTTPS connection to the applet's host site")
+        // Since this dialog isn't talking about an applet/application, there is nothing to run sandboxed.
+        if (!isHttpsCertTrustDialog) {
             buttonPanel.add(sandbox);
             buttonPanel.add(advancedOptions);
         }
diff -r 0dcef5344b23 -r ecdb5af1e069 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java	Tue Nov 04 17:13:34 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java	Thu Nov 06 14:16:48 2014 -0500
@@ -48,6 +48,7 @@
 import java.net.URL;
 import java.security.Permission;
 import java.util.Collection;
+import java.util.HashSet;
 
 import javax.swing.JButton;
 import javax.swing.JMenuItem;
@@ -59,6 +60,7 @@
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow;
+import net.sourceforge.jnlp.util.logging.OutputController;
 
 public class TemporaryPermissionsButton extends JButton {
 
@@ -67,15 +69,35 @@
     private PolicyEditorWindow policyEditorWindow = null;
     private final JNLPFile file;
     private final SecurityDelegate securityDelegate;
+    private final Collection<Permission> temporaryPermissions = new HashSet<Permission>();
 
     public TemporaryPermissionsButton(final JNLPFile file, final SecurityDelegate securityDelegate, final JButton linkedButton) {
+        /* If any of the above parameters are null, then the button cannot function - in particular, a null SecurityDelegate
+         * would prevent temporary permissions from being able to be added; a null JNLPFile would prevent PolicyEditor from
+         * being launched with a sensible codebase for the current applet; and a null JButton would prevent the Sandbox button
+         * from being automatically invoked when a set of temporary permissions are selected by the user.
+         */
         super("\u2630");
         this.menu = createPolicyPermissionsMenu();
         this.linkedButton = linkedButton;
         this.file = file;
         this.securityDelegate = securityDelegate;
 
-        addMouseListener(new PolicyEditorPopupListener(this));
+        if (file == null || securityDelegate == null || linkedButton == null) {
+            this.setEnabled(false);
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Temporary Permissions Button disabled due to null fields."
+                    + " file: " + file
+                    + ", securityDelegate: " + securityDelegate
+                    + ", linkedButton: " + linkedButton);
+        } else {
+            linkedButton.addActionListener(new ActionListener() {
+                @Override
+                public void actionPerformed(final ActionEvent e) {
+                    securityDelegate.addPermissions(temporaryPermissions);
+                }
+            });
+            addMouseListener(new PolicyEditorPopupListener(this));
+        }
     }
 
     private JPopupMenu createPolicyPermissionsMenu() {
@@ -144,7 +166,8 @@
 
         @Override
         public void actionPerformed(final ActionEvent e) {
-            securityDelegate.addPermissions(permissions);
+            temporaryPermissions.clear();
+            temporaryPermissions.addAll(permissions);
             menu.setVisible(false);
             if (linkedButton != null) {
                 linkedButton.doClick();