Mercurial > hg > release > icedtea-web-1.7
changeset 541:9413fbdc5e3d
Revise MultipleSignaturesTest to demonstrate PR822
line wrap: on
line diff
--- a/ChangeLog Mon Oct 22 11:15:48 2012 -0400 +++ b/ChangeLog Mon Oct 22 11:44:07 2012 -0400 @@ -30,6 +30,33 @@ 2012-10-19 Adam Domurad <adomurad@redhat.com> + Revised multiple signatures test to check for new message. Added more + accurate reproducer for PR822. + * tests/reproducers/signed2/MultipleSignaturesTest/srcs/somecrazytestpackage/MultipleSignaturesTest.java: + Made class take a classname parameter so different out-of-package + classes could be executed. + * tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest.html: + Added main-class parameter. + * tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1.jnlp: + Same. + * tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1_requesting.jnlp: + Same. + * tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest2.jnlp: + Same. + * tests/reproducers/signed2/MultipleSignaturesTest/testcases/MultipleSignaturesTestTests.java + (multipleSignaturesTestHtmlAppletUsesPermissions): New, tests if fully + signed HTML applets with varied signers can (as they should) execute + with full permissions. Reproduces PR822. + (multipleSignaturesTestJnlpApplicationRequesting): Check for + mismatching signers JNLP failure message. Remove known-to-fail & + inaccurate bug annotation. + * tests/reproducers/signed2/MultipleSignaturesTestSamePackage/testcases/MultipleSignaturesTestTestsSamePackage.java + (multipleSignaturesTestSamePackageJnlpApplicationRequesting): Check for + mismatching signers JNLP failure message. Remove known-to-fail & + inaccurate bug annotation. + +2012-10-19 Adam Domurad <adomurad@redhat.com> + Reproduces PR822: Applets fail to load if jars have different signers. Tests for applets & JNLPs with multiple signers per jar. * tests/reproducers/signed/ReadPropertiesSigned/srcs/ReadPropertiesSigned.java:
--- a/netx-dist-tests-whitelist Mon Oct 22 11:15:48 2012 -0400 +++ b/netx-dist-tests-whitelist Mon Oct 22 11:44:07 2012 -0400 @@ -1,1 +1,1 @@ -.* +MultipleSignaturesTest
--- a/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest.html Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest.html Mon Oct 22 11:44:07 2012 -0400 @@ -37,6 +37,7 @@ --> <html><head></head><body bgcolor="red"> <p><applet code="somecrazytestpackage.MultipleSignaturesTest" archive="MultipleSignaturesTest.jar,SimpletestSigned1.jar" codebase="." width="800" height="600"> + <param name="mainclass" value="SimpletestSigned1"> </applet></p> </body> -</html> +</html> \ No newline at end of file
--- a/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1.jnlp Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1.jnlp Mon Oct 22 11:44:07 2012 -0400 @@ -50,5 +50,6 @@ <jar href="SimpletestSigned1.jar"/> </resources> <application-desc main-class="somecrazytestpackage.MultipleSignaturesTest"> + <argument>SimpletestSigned1</argument> </application-desc> </jnlp>
--- a/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1_requesting.jnlp Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest1_requesting.jnlp Mon Oct 22 11:44:07 2012 -0400 @@ -50,6 +50,7 @@ <jar href="SimpletestSigned1.jar"/> </resources> <application-desc main-class="somecrazytestpackage.MultipleSignaturesTest"> + <argument>SimpletestSigned1</argument> </application-desc> <security> <all-permissions/>
--- a/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest2.jnlp Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTest2.jnlp Mon Oct 22 11:44:07 2012 -0400 @@ -55,5 +55,6 @@ main-class="somecrazytestpackage.MultipleSignaturesTest" width="100" height="100"> + <param name="mainclass" value="SimpletestSigned1" /> </applet-desc> </jnlp>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/resources/MultipleSignaturesTestUsesPermissions.html Mon Oct 22 11:44:07 2012 -0400 @@ -0,0 +1,43 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="somecrazytestpackage.MultipleSignaturesTest" archive="MultipleSignaturesTest.jar,ReadPropertiesSigned.jar" codebase="." width="800" height="600"> + <param name="mainclass" value="ReadPropertiesSigned"> +</applet></p> +</body> +</html> \ No newline at end of file
--- a/tests/reproducers/signed2/MultipleSignaturesTest/srcs/somecrazytestpackage/MultipleSignaturesTest.java Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/srcs/somecrazytestpackage/MultipleSignaturesTest.java Mon Oct 22 11:44:07 2012 -0400 @@ -42,22 +42,25 @@ */ public class MultipleSignaturesTest extends Applet { + //Ignored when class being called is SimpletestSigned1, used with ReadPropertiesSigned + private static final String SYSTEM_PROPERTY = "user.home"; + public static void main(String[] args) { - executeForeignMethodCaught(); + executeForeignMethodCaught(args[0]); } - public static void executeForeignMethodCaught() { + public static void executeForeignMethodCaught(String classname) { try { - executeForeignMethod(); + executeForeignMethod(classname); } catch (Exception ex) { throw new RuntimeException(ex); } } - public static void executeForeignMethod() throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, InstantiationException { - Class clazz = Class.forName("SimpletestSigned1"); + public static void executeForeignMethod(String classname) throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, InstantiationException { + Class<?> clazz = Class.forName(classname); Method mainMethod = clazz.getDeclaredMethod("main", String[].class); - mainMethod.invoke(clazz.newInstance(), (Object) null); + mainMethod.invoke(clazz.newInstance(), (Object) new String[] {SYSTEM_PROPERTY}); } private class Killer extends Thread { @@ -85,6 +88,7 @@ public void start() { killer.start(); System.out.println("killer was started"); - main(null); + main(new String[]{getParameter("mainclass")}); + System.out.println("*** APPLET FINISHED ***"); } }
--- a/tests/reproducers/signed2/MultipleSignaturesTest/testcases/MultipleSignaturesTestTests.java Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTest/testcases/MultipleSignaturesTestTests.java Mon Oct 22 11:44:07 2012 -0400 @@ -36,8 +36,8 @@ */ import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess.AutoClose; import net.sourceforge.jnlp.annotations.Bug; -import net.sourceforge.jnlp.annotations.KnownToFail; import net.sourceforge.jnlp.annotations.NeedsDisplay; import net.sourceforge.jnlp.annotations.TestInBrowsers; import net.sourceforge.jnlp.browsertesting.BrowserTest; @@ -50,6 +50,8 @@ public class MultipleSignaturesTestTests extends BrowserTest{ public static final String GSJE = "Good simple javaws exapmle"; + public static final String launchExcDiffCerts = "Fatal: Application Error: The JNLP application is not fully signed by a single cert."; + public static final String accExcString = "java.security.AccessControlException: access denied"; @Test @NeedsDisplay @@ -65,16 +67,28 @@ @NeedsDisplay @TestInBrowsers(testIn=Browsers.one) public void multipleSignaturesTestHtmlApplet() throws Exception { - ProcessResult pr = server.executeBrowser("/MultipleSignaturesTest.html"); + ProcessResult pr = server.executeBrowser("/MultipleSignaturesTest.html", AutoClose.CLOSE_ON_CORRECT_END); String s = GSJE; Assert.assertTrue("stdout should contains `" + s + "`, but did not", pr.stdout.contains(s)); - String cc = "xception"; - Assert.assertFalse("stderr should NOT contains `" + cc + "`, but did", pr.stderr.contains(cc)); + Assert.assertFalse("stderr should NOT contains `" + accExcString + "`, but did", pr.stderr.contains(accExcString)); } @Test + @NeedsDisplay + @TestInBrowsers(testIn=Browsers.one) + @Bug(id={"PR822"}) + public void multipleSignaturesTestHtmlAppletUsesPermissions() throws Exception { + ProcessResult pr = server.executeBrowser("/MultipleSignaturesTestUsesPermissions.html", AutoClose.CLOSE_ON_CORRECT_END); + // This calls ReadPropertiesSigned with user.home, it is not easy to think of a pattern to match this + // Instead we make sure _something_ was printed + Assert.assertFalse("stdout should NOT be empty, but was", pr.stdout.isEmpty()); + Assert.assertFalse("stderr should NOT contains `" + accExcString + "`, but did", pr.stderr.contains(accExcString)); + } + + + @Test public void multipleSignaturesTestJnlpApplication() throws Exception { - ProcessResult pr = server.executeJavawsHeadless(null, "/MultipleSignaturesTest1.jnlp"); + ProcessResult pr = server.executeJavawsHeadless("/MultipleSignaturesTest1.jnlp"); //well this is questionable - application is signed but is not requesting // permissions, but still usage of foreign code is allowed. String s = GSJE; @@ -85,14 +99,11 @@ } @Test - @Bug(id={"PR822"}) - @KnownToFail public void multipleSignaturesTestJnlpApplicationRequesting() throws Exception { - ProcessResult pr = server.executeJavawsHeadless(null, "/MultipleSignaturesTest1_requesting.jnlp"); - //This is buggy - application is signed, but requesting for permissions fails + // This jar is fully signed - however a JNLP application requires that one of the signers signs everything + ProcessResult pr = server.executeJavawsHeadless("/MultipleSignaturesTest1_requesting.jnlp"); String s = GSJE; - Assert.assertTrue("stdout should contains `" + s + "`, but did not", pr.stdout.contains(s)); - String cc = "xception"; - Assert.assertFalse("stderr should NOT contains `" + cc + "`, but did", pr.stderr.contains(cc)); + Assert.assertFalse("stdout should NOT contain `" + s + "`, but did", pr.stdout.contains(s)); + Assert.assertTrue("stderr should contain `" + launchExcDiffCerts + "`, but did not", pr.stderr.contains(launchExcDiffCerts)); } }
--- a/tests/reproducers/signed2/MultipleSignaturesTestSamePackage/testcases/MultipleSignaturesTestTestsSamePackage.java Mon Oct 22 11:15:48 2012 -0400 +++ b/tests/reproducers/signed2/MultipleSignaturesTestSamePackage/testcases/MultipleSignaturesTestTestsSamePackage.java Mon Oct 22 11:44:07 2012 -0400 @@ -40,7 +40,6 @@ import net.sourceforge.jnlp.ProcessResult; import net.sourceforge.jnlp.ServerAccess; import net.sourceforge.jnlp.annotations.Bug; -import net.sourceforge.jnlp.annotations.KnownToFail; import net.sourceforge.jnlp.annotations.NeedsDisplay; import net.sourceforge.jnlp.annotations.TestInBrowsers; import net.sourceforge.jnlp.browsertesting.BrowserTest; @@ -49,10 +48,10 @@ import org.junit.Test; -@Bug(id={"PR822"}) public class MultipleSignaturesTestTestsSamePackage extends BrowserTest{ public static final String secExcRegex = "(?s).*java.lang.SecurityException: .* signer information does not match signer information of other classes in the same package.*"; + public static final String launchExcDiffCerts = "Fatal: Application Error: The JNLP application is not fully signed by a single cert."; public static final List<String> v = Arrays.asList(new String[] {ServerAccess.VERBOSE_OPTION}); private static final String GSJE= "Good simple javaws exapmle"; @@ -100,18 +99,11 @@ } @Test - @Bug(id={"PR822"}) - @KnownToFail public void multipleSignaturesTestSamePackageJnlpApplicationRequesting() throws Exception { ProcessResult pr = server.executeJavawsHeadless(null, "/MultipleSignaturesTest1_SamePackage_requesting.jnlp"); String s = GSJE; - Assert.assertFalse("stdout should NOT contains `"+s+"`, but did",pr.stdout.contains(s)); - String cc = "xception"; - Assert.assertTrue("stderr should contains `" + cc + "`, but did not", pr.stderr.contains(cc)); - //this is really wrong. Aplication shoud die with secExcRegex exception - //but not with Application Error: Cannot grant permissions to unsigned jars. Application requested security permissions, but jars are not signed. - //as it is now - Assert.assertTrue("stderr should match " + secExcRegex + "`, but did not", pr.stderr.matches(secExcRegex)); + Assert.assertFalse("stdout should NOT contain `"+s+"`, but did", pr.stdout.contains(s)); + Assert.assertTrue("stderr should contain `" + launchExcDiffCerts + "`, but did not", pr.stderr.contains(launchExcDiffCerts)); } }