# HG changeset patch # User Jiri Vanek # Date 1441717330 -7200 # Node ID f45e2b0ee1741e711ce6f867d9826a941ad19031 # Parent a7ed0ba863022db2d70ba3e0fb229c8ac2405534 application-library-allowable-codebase dialog made available for unsigned apps diff -r a7ed0ba86302 -r f45e2b0ee174 ChangeLog --- a/ChangeLog Mon Jul 20 16:06:29 2015 +0200 +++ b/ChangeLog Tue Sep 08 15:02:10 2015 +0200 @@ -1,3 +1,24 @@ +2015-09-01 Jiri Vanek + + application-library-allowable-codebase dialog made available for unsigned apps + * netx/net/sourceforge/jnlp/resources/Messages.properties: (ALACAMissingMainTitle) + added warning about possible consequences of resources out of docbase. + (ALACAMatchingMainTitle) the red higlights changed to green and added calming + words about it. + * netx/net/sourceforge/jnlp/resources/Messages_cs.properties: same + * netx/net/sourceforge/jnlp/resources/Messages_de.properties: same + * netx/net/sourceforge/jnlp/resources/Messages_pl.properties: adapted to red + to green recoloring + * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: + (checkApplicationLibraryAllowableCodebaseAttribute) removed return for in case + of unsigned app. Fixed check for all matching resources against codebase and docbase + If app is unsigned, then value in manifest is ignored. Missing alaca required + also in low security mode + * tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java: + new file to test stripDocbase. + * netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java + removed not working checkbox for rembering the action. + 2015-07-20 Jiri Vanek Tuned permissions attribute behavior for unsigned jnlps diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Sep 08 15:02:10 2015 +0200 @@ -66,7 +66,7 @@ ALACAMissingMainTitle=The application {0} \ from {1} uses resources from the following remote locations: \ {2} \ -Are you sure you want to run this application? +Be very careful when application is loading from different space then you expect. Are you sure you want to run this application? ALACAMissingInfo=For more information see:
\ \ JAR File Manifest Attributes
\ @@ -74,9 +74,9 @@ Preventing the Repurposing of an Application # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=The application {0} \ -from {1} uses resources from the following remote locations:
{2}
\ -Are you sure you want to run this application? +ALACAMatchingMainTitle=The application {0} \ +from {1} uses resources from the following remote locations:
{2}
\ +They looks ok. Are you sure you want to run this application? ALACAMatchingInfo=For more information you can visit:
\ \ JAR File Manifest Attributes
\ diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_cs.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties Tue Sep 08 15:02:10 2015 +0200 @@ -62,7 +62,7 @@ Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed # missing Application-Library-Allowable-Codebase dialogue -ALACAMissingMainTitle=Aplikace {0} z {1} postr\u00e1d\u00e1 atribut \u201eapplication-library-allowable-codebase\u201c. Tato aplikace pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edho vzd\u00e1len\u00e9ho um\u00edst\u011bn\u00ed:
{2} Skute\u010dn\u011b chcete spustit tuto aplikaci? +ALACAMissingMainTitle=Aplikace {0} z {1} pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:{2}. Bu\u010fte velmi opatrn\u00ed pokud jde o k\u00f3d z neo\u010dek\u00e1van destinace. Ur\u010dit\u011b chcete spustit tuto aplikaci? ALACAMissingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:
\ \ Atributy Manifestu souboru JAR
\ @@ -70,7 +70,7 @@ \ Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=Aplikace {0} z {1} vy\u017eaduje platn\u00e9 zdroje z r\u016fzn\u00fdch um\u00edst\u011bn\u00ed:
{2}
Na\u010dten\u00ed t\u011bchto zdroj\u016f se o\u010dek\u00e1v\u00e1. Souhlas\u00edte se spu\u0161t\u011bn\u00edm t\u00e9to aplikace? +ALACAMatchingMainTitle=Aplikace {0} z {1} pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:
{2}.
Zdroje se zdaj\u00ed v po\u0159\u00e1dku. Chcete spustit tuto aplikaci? ALACAMatchingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:
\ \ Atributy Manifestu souboru JAR
\ diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_de.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_de.properties Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/resources/Messages_de.properties Tue Sep 08 15:02:10 2015 +0200 @@ -77,10 +77,10 @@ Preventing the Repurposing of an Application # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=Die Anwendung \u201e{0}\u201c \ -mit der Codebasis \u201e{1}\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:
\ +ALACAMatchingMainTitle=Die Anwendung \u201e{0}\u201c \ +mit der Codebasis \u201e{1}\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:
\ {2}
\ -Soll diese Anwendung wirklich ausgef\u00fchrt werden? +Es ist richtig. Soll diese Anwendung wirklich ausgef\u00fchrt werden? ALACAMatchingInfo=Um weitere Informationen zu erhalten siehe:
\ \ JAR File Manifest Attributes
\ diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/resources/Messages_pl.properties --- a/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/resources/Messages_pl.properties Tue Sep 08 15:02:10 2015 +0200 @@ -76,8 +76,8 @@ Preventing the Repurposing of an Application # matching Application-Library-Allowable-Codebase dialogue -ALACAMatchingMainTitle=Aplikacja \u201e{0}\u201d \ -z \u201e{1}\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:
\ +ALACAMatchingMainTitle=Aplikacja \u201e{0}\u201d \ +z \u201e{1}\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:
\ {2}
\ Czy na pewno chcesz uruchomi\u0107 t\u0105 aplikacj\u0119? ALACAMatchingInfo=Wi\u0119cej informacji uzyskasz na:
\ diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java --- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Tue Sep 08 15:02:10 2015 +0200 @@ -36,6 +36,7 @@ */ package net.sourceforge.jnlp.runtime; +import java.net.MalformedURLException; import java.net.URL; import java.util.HashSet; import java.util.Set; @@ -246,9 +247,6 @@ } private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException { - if (signing == SigningState.NONE) { - return; /*when app is not signed at all, then skip this check*/ - } //conditions URL codebase = file.getCodeBase(); URL documentBase = null; @@ -300,19 +298,32 @@ return; } - if (usedUrls.size() == 1) { - if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase) - && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) { - //all resoources are from codebase or document base. it is ok to proceeed. - OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); - return; + + boolean allOk = true; + for (URL u : usedUrls) { + if (UrlUtils.equalsIgnoreLastSlash(u, codebase) + && UrlUtils.equalsIgnoreLastSlash(u, stripDocbase(documentBase))) { + OutputController.getLogger().log("OK - "+u.toExternalForm()+" is from codebase/docbase."); + } else { + allOk = false; + OutputController.getLogger().log("Warning! "+u.toExternalForm()+" is NOT from codebase/docbase."); } } - ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); - - if (att == null) { - boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); - if (!a) { + if (allOk) { + //all resoources are from codebase or document base. it is ok to proceeed. + OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check."); + return; + } + + ClasspathMatchers att = null; + if (signing == SigningState.NONE) { + //for unsigned app we are ignoring value in manifesdt (may be faked) + } else { + att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase(); + } + if (att == null) { + final boolean userApproved = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls); + if (!userApproved) { throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"); } else { OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user"); @@ -334,4 +345,26 @@ OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user."); } } + + //package private for testing + //not perfect but ok for usecase + static URL stripDocbase(URL documentBase) { + String s = documentBase.toExternalForm(); + if (s.endsWith("/") || s.endsWith("\\")) { + return documentBase; + } + int i1 = s.lastIndexOf("/"); + int i2 = s.lastIndexOf("\\"); + int i = Math.max(i1, i2); + if (i <= 8 || i >= s.length()) { + return documentBase; + } + s = s.substring(0, i+1); + try { + documentBase = new URL(s); + } catch (MalformedURLException ex) { + OutputController.getLogger().log(ex); + } + return documentBase; + } } diff -r a7ed0ba86302 -r f45e2b0ee174 netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java --- a/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java Mon Jul 20 16:06:29 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java Tue Sep 08 15:02:10 2015 +0200 @@ -55,7 +55,6 @@ import javax.swing.BoxLayout; import javax.swing.ImageIcon; import javax.swing.JButton; -import javax.swing.JCheckBox; import javax.swing.JEditorPane; import javax.swing.JFrame; import javax.swing.JLabel; @@ -130,7 +129,6 @@ JButton yes = new JButton(Translator.R("ButYes")); JButton no = new JButton(Translator.R("ButNo")); - JCheckBox remeber = new JCheckBox(htmlWrap(Translator.R("SRememberOption"))); int buttonWidth = yes.getMinimumSize().width; int buttonHeight = yes.getMinimumSize().height; Dimension d = new Dimension(buttonWidth, buttonHeight); @@ -139,7 +137,6 @@ yes.addActionListener(createSetValueListener(parent, 0)); no.addActionListener(createSetValueListener(parent, 1)); initialFocusComponent = no; - buttonPanel.add(remeber); buttonPanel.add(yes); buttonPanel.add(no); buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); diff -r a7ed0ba86302 -r f45e2b0ee174 tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java Tue Sep 08 15:02:10 2015 +0200 @@ -0,0 +1,65 @@ +/* + Copyright (C) 2013 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +package net.sourceforge.jnlp.runtime; + +import java.net.MalformedURLException; +import java.net.URL; +import org.junit.Assert; +import org.junit.Test; + +public class ManifestAttributesCheckerTest { + + @Test + public void stripDocbaseTest() throws Exception { + tryTest("http://aaa.bb/ccc/file.html", "http://aaa.bb/ccc/"); + tryTest("http://aaa.bb/ccc/file.html/", "http://aaa.bb/ccc/file.html/"); + tryTest("http://aaa.bb/ccc/dir/", "http://aaa.bb/ccc/dir/"); + tryTest("http://aaa.bb/ccc/dir", "http://aaa.bb/ccc/"); + tryTest("http://aaa.bb/ccc/", "http://aaa.bb/ccc/"); + tryTest("http://aaa.bb/ccc", "http://aaa.bb/"); + tryTest("http://aaa.bb/", "http://aaa.bb/"); + tryTest("http://aaa.bb", "http://aaa.bb"); + } + + private static void tryTest(String src, String expected) throws MalformedURLException { + URL s = new URL(src); + URL q = ManifestAttributesChecker.stripDocbase(s); + //junit is failing for me on url.equls(url)... + Assert.assertEquals(expected, q.toExternalForm()); + } + +}