Mercurial > hg > release > icedtea-web-1.8
changeset 1283:c87f010b8cf7
Added more tests MixedSigningAndTrustedOnly
author | Jiri Vanek <jvanek@redhat.com> |
---|---|
date | Tue, 25 Aug 2015 18:52:07 +0200 |
parents | 18e401faa1b9 |
children | 8ab371a45c51 |
files | ChangeLog tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass1.java tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass2.java tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnly.java tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBS1.java tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBSmanifest.java tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyFSSU.java |
diffstat | 7 files changed, 521 insertions(+), 86 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Mon Aug 24 12:28:23 2015 -0400 +++ b/ChangeLog Tue Aug 25 18:52:07 2015 +0200 @@ -1,3 +1,19 @@ +2015-08-25 Jiri Vanek <jvanek@redhat.com> + + Added more tests MixedSigningAndTrustedOnly + * tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass1.java + modified to suite more compelx tests + * tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass2.java + same + * tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnly.java + same + * tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBS1.java + adapted to MixedSigningAndTrustedOnly + * tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBSmanifest.java + same + * tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyFSSU.java: + new file to test signed_>unsigned and unsigned->signed calls behaviors. First on classpath is signed + 2015-08-19 Andrew Azores <aazores@redhat.com> PolicyEditor dies given invalid -codebase -signedby or -principals arguments
--- a/tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass1.java Mon Aug 24 12:28:23 2015 -0400 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass1.java Tue Aug 25 18:52:07 2015 +0200 @@ -40,8 +40,8 @@ public class MixedSigningAndTrustedOnlyClass1 extends Applet { - private static final String ID1 = "MixedSigningAndTrustedOnlyClass1"; - private static final String ID2 = "MixedSigningAndTrustedOnlyClass2"; + private static final String ID_THIS = "MixedSigningAndTrustedOnlyClass1"; + private static final String ID_REMOTE = "MixedSigningAndTrustedOnlyClass2"; public static void main(String[] args) { runBody(args); @@ -56,7 +56,7 @@ private static void runBody(String... commands) { try { - System.out.println(ID1 + " running"); + System.out.println(ID_THIS + " running"); System.out.println("params: " + Arrays.toString(commands)); boolean canDie = true; for (String command : commands) { @@ -68,17 +68,17 @@ case "cantDie": canDie = false; break; - case ID1 + "_Normal": - doNormal(); + case ID_THIS + "_Normal": + doNormalLocal(); break; - case ID1 + "_Restricted": - doRestrictedAction(); + case ID_THIS + "_Restricted": + doRestrictedActionLocal(); break; - case ID2 + "_Normal": - MixedSigningAndTrustedOnlyClass2.doNormal(); + case ID_REMOTE + "_Normal": + MixedSigningAndTrustedOnlyClass2.doNormalRemote(); break; - case ID2 + "_Restricted": - MixedSigningAndTrustedOnlyClass2.doRestrictedAction(); + case ID_REMOTE + "_Restricted": + MixedSigningAndTrustedOnlyClass2.doRestrictedActionlRemote(); break; } @@ -91,20 +91,55 @@ } } } finally { + System.err.flush(); + System.out.flush(); System.out.println("*** APPLET FINISHED ***"); System.out.flush(); System.out.println("some garbage forcing to flush"); System.out.flush(); + System.err.println("some garbage forcing to flush"); + System.err.flush(); } } - public static void doRestrictedAction() { - System.out.println(System.getProperty("user.home")); - System.out.println(ID1 + " Property read"); + private static void doRestrictedAction() { + String a = System.getProperty("user.home"); + System.out.println(ID_THIS + " Property read"); + System.out.println(a); + System.out.flush(); + } + + private static void doNormal() { + System.out.println(ID_THIS + " confirmed"); + System.out.flush(); } - public static void doNormal() { - System.out.println(ID1 + " confirmed"); + private static final String REMOTE_CALL = "RemoteCall - "; + private static final String LOCAL_CALL = "LocalCall - "; + + public static void doNormalRemote() { + System.out.print(REMOTE_CALL); + doNormal(); + System.out.flush(); + } + + private static void doNormalLocal() { + System.out.print(LOCAL_CALL); + doNormal(); + System.out.flush(); + } + + + public static void doRestrictedActionlRemote() { + System.out.print(REMOTE_CALL); + doRestrictedAction(); + System.out.flush(); + } + + private static void doRestrictedActionLocal() { + System.out.print(LOCAL_CALL); + doRestrictedAction(); + System.out.flush(); } }
--- a/tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass2.java Mon Aug 24 12:28:23 2015 -0400 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/srcs/MixedSigningAndTrustedOnlyClass2.java Tue Aug 25 18:52:07 2015 +0200 @@ -40,8 +40,8 @@ */ public class MixedSigningAndTrustedOnlyClass2 extends Applet { - private static final String ID1 = "MixedSigningAndTrustedOnlyClass2"; - private static final String ID2 = "MixedSigningAndTrustedOnlyClass1"; + private static final String ID_THIS = "MixedSigningAndTrustedOnlyClass2"; + private static final String ID_REMOTE = "MixedSigningAndTrustedOnlyClass1"; public static void main(String[] args) { runBody(args); @@ -56,7 +56,7 @@ private static void runBody(String... commands) { try { - System.out.println(ID1 + " running"); + System.out.println(ID_THIS + " running"); System.out.println("params: " + Arrays.toString(commands)); boolean canDie = true; for (String command : commands) { @@ -68,17 +68,17 @@ case "cantDie": canDie = false; break; - case ID1 + "_Normal": - doNormal(); + case ID_THIS + "_Normal": + doNormalLocal(); break; - case ID1 + "_Restricted": - doRestrictedAction(); + case ID_THIS + "_Restricted": + doRestrictedActionLocal(); break; - case ID2 + "_Normal": - MixedSigningAndTrustedOnlyClass1.doNormal(); + case ID_REMOTE + "_Normal": + MixedSigningAndTrustedOnlyClass1.doNormalRemote(); break; - case ID2 + "_Restricted": - MixedSigningAndTrustedOnlyClass1.doRestrictedAction(); + case ID_REMOTE + "_Restricted": + MixedSigningAndTrustedOnlyClass1.doRestrictedActionlRemote(); break; } @@ -98,13 +98,43 @@ } } - public static void doRestrictedAction() { - System.out.println(System.getProperty("user.home")); - System.out.println(ID1 + " Property read"); + private static void doRestrictedAction() { + String a = System.getProperty("user.home"); + System.out.println(ID_THIS + " Property read"); + System.out.println(a); + System.out.flush(); } - public static void doNormal() { - System.out.println(ID1 + " confirmed"); + private static void doNormal() { + System.out.println(ID_THIS + " confirmed"); + System.out.flush(); + } + + private static final String REMOTE_CALL = "RemoteCall - "; + private static final String LOCAL_CALL = "LocalCall - "; + + public static void doNormalRemote() { + System.out.print(REMOTE_CALL); + doNormal(); + System.out.flush(); + } + + private static void doNormalLocal() { + System.out.print(LOCAL_CALL); + doNormal(); + System.out.flush(); + } + + public static void doRestrictedActionlRemote() { + System.out.print(REMOTE_CALL); + doRestrictedAction(); + System.out.flush(); + } + + private static void doRestrictedActionLocal() { + System.out.print(LOCAL_CALL); + doRestrictedAction(); + System.out.flush(); } }
--- a/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnly.java Mon Aug 24 12:28:23 2015 -0400 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnly.java Tue Aug 25 18:52:07 2015 +0200 @@ -34,8 +34,10 @@ obligated to do so. If you do not wish to do so, delete this exception statement from your version. */ +//package MixedSigningAndTrustedOnlyPackage; package MixedSigningAndTrustedOnlyPackage; + import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -57,6 +59,7 @@ static List<String> HEADLESS = Arrays.asList(new String[]{OptionsDefinitions.OPTIONS.HEADLESS.option}); static List<String> HTML = Arrays.asList(new String[]{OptionsDefinitions.OPTIONS.HTML.option}); + static List<String> verbose = Arrays.asList(new String[]{OptionsDefinitions.OPTIONS.VERBOSE.option}); public static final String PREFIX = "MixedSigningAndTrustedOnly"; public static final String C1 = "Class1"; @@ -64,10 +67,17 @@ static final String ID11 = PREFIX + C1; static final String ID12 = PREFIX + C2; - static final String ID21 = PREFIX + C2; - static final String ID22 = PREFIX + C1; + static final String ID21 = PREFIX + C1; + static final String ID22 = PREFIX + C2; + + static final String RUNNING = " running"; //note the space + static final String RUNNING1 = ID11 + RUNNING; + static final String RUNNING2 = ID22 + RUNNING; + static final String RESTRICTED_CONFIRM_SUFFIX = " Property read"; //note the space static final String NORMAL_CONFIRM_SUFFIX = " confirmed"; //same + static final String REMOTE_PREFIX = "RemoteCall - "; //note the space + static final String LOCAL_PREFIX = "LocalCall - "; //note the space static final String RESTRICTED11 = ID11 + RESTRICTED_CONFIRM_SUFFIX; static final String NORMAL11 = ID11 + NORMAL_CONFIRM_SUFFIX; @@ -299,16 +309,57 @@ Assert.assertEquals("<jar href=\"archive1\" />\n<jar href=\"archive2\" main=\"true\" />\n<jar href=\"archive3\" />", c4.toString()); } - static void assertAllOk(ProcessResult pr) { - Assert.assertTrue(pr.stdout.contains(NORMAL11)); - Assert.assertTrue(pr.stdout.contains(NORMAL12)); - Assert.assertTrue(pr.stdout.contains(NORMAL21)); - Assert.assertTrue(pr.stdout.contains(NORMAL22)); - Assert.assertTrue(pr.stdout.contains(RESTRICTED11)); - Assert.assertTrue(pr.stdout.contains(RESTRICTED12)); - Assert.assertTrue(pr.stdout.contains(RESTRICTED21)); - Assert.assertTrue(pr.stdout.contains(RESTRICTED22)); + static void assertAllOkC1(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING1)); + Assert.assertFalse(pr.stdout.contains(RUNNING2)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL11)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + NORMAL12)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED11)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + RESTRICTED12)); + } + + static void assertAllOkC2(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING2)); + Assert.assertFalse(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL22)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + NORMAL21)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED22)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + RESTRICTED21)); + } + + static void assertC1C1okTransNotOk(ProcessResult pr) { + Assert.assertFalse(pr.stdout.contains(RUNNING2)); + Assert.assertTrue(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL11)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED11)); + Assert.assertFalse(pr.stdout.contains(REMOTE_PREFIX)); } + + static void assertC2C2okTransNotOk(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING2)); + Assert.assertFalse(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL22)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED22)); + Assert.assertFalse(pr.stdout.contains(REMOTE_PREFIX)); + } + + + static void assertC1C1OnlyUnrestrictedokTransNotOk(ProcessResult pr) { + Assert.assertFalse(pr.stdout.contains(RUNNING2)); + Assert.assertTrue(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL11)); + Assert.assertFalse(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED11)); + Assert.assertFalse(pr.stdout.contains(REMOTE_PREFIX)); + } + + static void assertC2C2OnlyUnrestrictedokTransNotOk(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING2)); + Assert.assertFalse(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL22)); + Assert.assertFalse(pr.stdout.contains(LOCAL_PREFIX + RESTRICTED22)); + Assert.assertFalse(pr.stdout.contains(REMOTE_PREFIX)); + } + //mostly useless, all tests are killed static void assertProcessOk(ProcessResult pr) { @@ -320,22 +371,49 @@ Assert.assertNotEquals(0, pr.returnValue.intValue()); } - static void assertAllButRestricted(ProcessResult pr) { - Assert.assertTrue(pr.stdout.contains(NORMAL11)); - Assert.assertTrue(pr.stdout.contains(NORMAL12)); - Assert.assertTrue(pr.stdout.contains(NORMAL21)); - Assert.assertTrue(pr.stdout.contains(NORMAL22)); + static void assertAllButRestrictedC1(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING1)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL11)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + NORMAL12)); + assertNotRestricted(pr); + } + + static void assertAllButRestrictedC2(ProcessResult pr) { + Assert.assertTrue(pr.stdout.contains(RUNNING2)); + Assert.assertTrue(pr.stdout.contains(REMOTE_PREFIX + NORMAL21)); + Assert.assertTrue(pr.stdout.contains(LOCAL_PREFIX + NORMAL22)); + assertNotRestricted(pr); + } + + static void assertNotRestricted(ProcessResult pr) { Assert.assertFalse(pr.stdout.contains(RESTRICTED11)); Assert.assertFalse(pr.stdout.contains(RESTRICTED12)); Assert.assertFalse(pr.stdout.contains(RESTRICTED21)); Assert.assertFalse(pr.stdout.contains(RESTRICTED22)); } - + static void assertLaunchException(ProcessResult pr) { Assert.assertTrue(pr.stderr.contains("net.sourceforge.jnlp.LaunchException")); } - - static void assertNone(ProcessResult pr) { + static void assertInitError(ProcessResult pr) { + Assert.assertTrue(pr.stderr.contains("Fatal: Initialization Error")); + } + + static void assertSecurityException(ProcessResult pr) { + Assert.assertTrue(pr.stderr.contains("java.lang.SecurityException")); + } + + static void assertAccessControlException(ProcessResult pr) { + Assert.assertTrue(pr.stderr.contains("java.security.AccessControlException")); + } + + static void assertAccessDenied(ProcessResult pr) { + Assert.assertTrue(pr.stderr.contains("access denied")); + } + + static void assertNone(ProcessResult pr) { + Assert.assertFalse(pr.stdout.contains(RUNNING1)); + Assert.assertFalse(pr.stdout.contains(RUNNING2)); Assert.assertFalse(pr.stdout.contains(NORMAL11)); Assert.assertFalse(pr.stdout.contains(NORMAL12)); Assert.assertFalse(pr.stdout.contains(NORMAL21));
--- a/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBS1.java Mon Aug 24 12:28:23 2015 -0400 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBS1.java Tue Aug 25 18:52:07 2015 +0200 @@ -34,6 +34,7 @@ obligated to do so. If you do not wish to do so, delete this exception statement from your version. */ +//package MixedSigningAndTrustedOnlyPackage; package MixedSigningAndTrustedOnlyPackage; import net.sourceforge.jnlp.ProcessResult; @@ -53,27 +54,27 @@ import org.junit.AfterClass; import org.junit.BeforeClass; - /** - * - * Very simple tests. Basic behavior. jnlp and html with single signed jar, no trusted-only manifest - * note - this file is declared to be in package, but directory is wrong. Itw reproducers engine needs it like it, but your ide may complain. Try to live with. Sorry + * + * Very simple tests. Basic behavior. jnlp and html with single signed jar, no + * trusted-only manifest note - this file is declared to be in package, but + * directory is wrong. Itw reproducers engine needs it like it, but your ide may + * complain. Try to live with. Sorry */ public class MixedSigningAndTrustedOnlyBS1 extends BrowserTest { + private static DeploymentPropertiesModifier q; - private static DeploymentPropertiesModifier q; - @BeforeClass - public static void setDeploymentProperties() throws IOException{ + public static void setDeploymentProperties() throws IOException { q = setDeploymentPropertiesImpl(); } - + @AfterClass - public static void resetDeploymentProperties() throws IOException{ + public static void resetDeploymentProperties() throws IOException { q.restoreProperties(); } - + @NeedsDisplay @Test @TestInBrowsers(testIn = {Browsers.one}) @@ -81,16 +82,16 @@ String file = prepareFile(FileType.HTML, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeBrowser(file, AutoClose.CLOSE_ON_BOTH); - assertAllOk(pr); + assertAllOkC1(pr); } - + @NeedsDisplay @Test public void jnlpHtmlC1AllCommandsBS() throws Exception { String file = prepareFile(FileType.HTML, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HTML, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @Test @@ -98,7 +99,9 @@ String file = prepareFile(FileType.JNLP_APP, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllButRestricted(pr); + assertAllButRestrictedC1(pr); + assertLaunchException(pr); + assertAccessDenied(pr); } @Test @@ -106,8 +109,10 @@ public void jnlpAppletC1AllCommandsBSnosec() throws Exception { String file = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); - ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllButRestricted(pr); + ProcessResult pr = server.executeJavaws(verbose, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertAllButRestrictedC1(pr); + assertAccessControlException(pr); + assertAccessDenied(pr); } @Test @@ -115,7 +120,7 @@ String file = prepareFile(FileType.JNLP_APP, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @Test @@ -124,7 +129,7 @@ String file = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @NeedsDisplay @@ -134,16 +139,16 @@ String file = prepareFile(FileType.HTML, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeBrowser(file, AutoClose.CLOSE_ON_BOTH); - assertAllOk(pr); + assertAllOkC2(pr); } - + @NeedsDisplay @Test public void jnlphtmlCc2llCommandsBS() throws Exception { String file = prepareFile(FileType.HTML, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HTML, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); } @Test @@ -151,7 +156,9 @@ String file = prepareFile(FileType.JNLP_APP, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllButRestricted(pr); + assertAllButRestrictedC2(pr); + assertLaunchException(pr); + assertAccessDenied(pr); } @Test @@ -159,8 +166,10 @@ public void jnlpAppletC2AllCommandsBSnosec() throws Exception { String file = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); - ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllButRestricted(pr); + ProcessResult pr = server.executeJavaws(verbose, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertAllButRestrictedC2(pr); + assertAccessControlException(pr); + assertAccessDenied(pr); } @Test @@ -168,7 +177,7 @@ String file = prepareFile(FileType.JNLP_APP, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); } @Test @@ -177,8 +186,7 @@ String file = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{BS}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); } - }
--- a/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBSmanifest.java Mon Aug 24 12:28:23 2015 -0400 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyBSmanifest.java Tue Aug 25 18:52:07 2015 +0200 @@ -34,6 +34,7 @@ obligated to do so. If you do not wish to do so, delete this exception statement from your version. */ +//package MixedSigningAndTrustedOnlyPackage; package MixedSigningAndTrustedOnlyPackage; import net.sourceforge.jnlp.ProcessResult; @@ -81,7 +82,7 @@ String file = prepareFile(FileType.HTML, C1, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeBrowser(file, AutoClose.CLOSE_ON_BOTH); - assertAllOk(pr); + assertAllOkC1(pr); } @NeedsDisplay @@ -90,7 +91,7 @@ String file = prepareFile(FileType.HTML, C1, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HTML, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @Test @@ -119,7 +120,7 @@ String file = prepareFile(FileType.JNLP_APP, C1, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @Test @@ -128,7 +129,7 @@ String file = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC1(pr); } @NeedsDisplay @@ -138,7 +139,7 @@ String file = prepareFile(FileType.HTML, C2, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeBrowser(file, AutoClose.CLOSE_ON_BOTH); - assertAllOk(pr); + assertAllOkC2(pr); } @NeedsDisplay @@ -147,7 +148,7 @@ String file = prepareFile(FileType.HTML, C2, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); ProcessResult pr = server.executeJavaws(HTML, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); } @Test @@ -176,7 +177,7 @@ String file = prepareFile(FileType.JNLP_APP, C2, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); } @Test @@ -185,7 +186,7 @@ String file = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{BSM}, new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); - assertAllOk(pr); + assertAllOkC2(pr); }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/custom/MixedSigningAndTrustedOnly/testcases/MixedSigningAndTrustedOnlyFSSU.java Tue Aug 25 18:52:07 2015 +0200 @@ -0,0 +1,267 @@ +/* + Copyright (C) 2013 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +//package MixedSigningAndTrustedOnlyPackage; +package MixedSigningAndTrustedOnlyPackage; + + +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess.AutoClose; +import net.sourceforge.jnlp.annotations.NeedsDisplay; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; + +import org.junit.Test; + +import static MixedSigningAndTrustedOnlyPackage.MixedSigningAndTrustedOnly.*; +import java.io.IOException; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.BeforeClass; + +/** + * + * jnlp and html with two jars, first signed, second unsigned, no trusted-only + * manifest note - this file is declared to be in package, but directory is + * wrong. Itw reproducers engine needs it like it, but your ide may complain. + * Try to live with. Sorry + */ +public class MixedSigningAndTrustedOnlyFSSU extends BrowserTest { + + private static DeploymentPropertiesModifier q; + + @BeforeClass + public static void setDeploymentProperties() throws IOException { + q = setDeploymentPropertiesImpl(); + } + + @AfterClass + public static void resetDeploymentProperties() throws IOException { + q.restoreProperties(); + } + + @NeedsDisplay + @Test + @TestInBrowsers(testIn = {Browsers.one}) + public void htmlC1AllCommandsFSSU() throws Exception { + String file1 = prepareFile(FileType.HTML, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT}, false); + ProcessResult pr1 = server.executeBrowser(file1, AutoClose.CLOSE_ON_BOTH); + assertC1C1okTransNotOk(pr1); + assertSecurityException(pr1); + String file2 = prepareFile(FileType.HTML, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT, COMMAND_C2_NORMAL}, false); + ProcessResult pr2 = server.executeBrowser(file2, AutoClose.CLOSE_ON_BOTH); + assertC1C1okTransNotOk(pr2); + assertSecurityException(pr2); + } + + @NeedsDisplay + @Test + public void jnlpHtmlC1AllCommandsFSSU() throws Exception { + String file = prepareFile(FileType.HTML, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT}, false); + ProcessResult pr1 = server.executeJavaws(HTML, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1okTransNotOk(pr1); + assertSecurityException(pr1); + String file2 = prepareFile(FileType.HTML, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(HTML, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1okTransNotOk(pr2); + assertSecurityException(pr2); + } + + @Test + public void jnlpAppC1AllCommandsFSSUnosec() throws Exception { + String file1 = prepareFile(FileType.JNLP_APP, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); + ProcessResult pr1 = server.executeJavaws(HEADLESS, file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1OnlyUnrestrictedokTransNotOk(pr1); + assertSecurityException(pr1); + String file2 = prepareFile(FileType.JNLP_APP, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(HEADLESS, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1OnlyUnrestrictedokTransNotOk(pr2); + assertAccessControlException(pr2); + assertAccessDenied(pr2); + } + + @Test + @NeedsDisplay + public void jnlpAppletC1AllCommandsFSSUnosec() throws Exception { + String file = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, false); + ProcessResult pr = server.executeJavaws(verbose, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1OnlyUnrestrictedokTransNotOk(pr); + assertSecurityException(pr); + String file2 = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(verbose, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC1C1OnlyUnrestrictedokTransNotOk(pr2); + assertAccessControlException(pr2); + assertAccessDenied(pr2); + } + + @Test + public void jnlpAppC1AllCommandsFSSUsec() throws Exception { + String file = prepareFile(FileType.JNLP_APP, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); + ProcessResult pr = server.executeJavaws(HEADLESS, file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertNone(pr); + assertInitError(pr); + assertLaunchException(pr); + } + + @Test + @NeedsDisplay + public void jnlpAppletC1AllCommandsFSSUsec() throws Exception { + String file = prepareFile(FileType.JNLP_APPLET, C1, new Archives[]{FS, SU}, + new String[]{COMMAND_C1_NORMAL, COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT, COMMAND_C2_RESTRICT}, true); + ProcessResult pr = server.executeJavaws(file, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertNone(pr); + assertInitError(pr); + assertLaunchException(pr); + } + + @NeedsDisplay + @Test + @TestInBrowsers(testIn = {Browsers.one}) + public void htmlC2AllCommandsFSSU() throws Exception { + String file1 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr1 = server.executeBrowser(file1, AutoClose.CLOSE_ON_BOTH); + assertC2C2OnlyUnrestrictedokTransNotOk(pr1); + assertAccessDenied(pr1); + assertAccessControlException(pr1); + String file2 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT,}, false); + ProcessResult pr2 = server.executeBrowser(file2, AutoClose.CLOSE_ON_BOTH); + assertC2C2OnlyUnrestrictedokTransNotOk(pr2); + assertSecurityException(pr2); + String file3 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT,}, false); + ProcessResult pr3 = server.executeBrowser(file3, AutoClose.CLOSE_ON_BOTH); + assertC2C2OnlyUnrestrictedokTransNotOk(pr3); + assertSecurityException(pr3); + } + + @NeedsDisplay + @Test + public void jnlphtmlCc2llCommandsFSSU() throws Exception { + String file1 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr1 = server.executeJavaws(HTML, file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr1); + assertAccessDenied(pr1); + assertAccessControlException(pr1); + String file2 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(HTML, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr2); + assertSecurityException(pr2); + String file3 = prepareFile(FileType.HTML, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr3 = server.executeJavaws(HTML, file3, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr3); + assertSecurityException(pr3); + } + + @Test + public void jnlpAppC2AllCommandsFSSUnosec() throws Exception { + String file1 = prepareFile(FileType.JNLP_APP, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr1 = server.executeJavaws(HEADLESS, file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr1); + assertAccessDenied(pr1); + assertAccessControlException(pr1); + String file2 = prepareFile(FileType.JNLP_APP, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(HEADLESS, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr2); + assertSecurityException(pr2); + String file3 = prepareFile(FileType.JNLP_APP, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr3 = server.executeJavaws(HEADLESS, file3, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr3); + assertSecurityException(pr3); + } + + @Test + @NeedsDisplay + public void jnlpAppletC2AllCommandsFSSUnosec() throws Exception { + String file1 = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr1 = server.executeJavaws(verbose, file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr1); + assertAccessDenied(pr1); + assertAccessControlException(pr1); + String file2 = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr2 = server.executeJavaws(verbose, file2, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr2); + assertSecurityException(pr2); + String file3 = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, false); + ProcessResult pr3 = server.executeJavaws(verbose, file3, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertC2C2OnlyUnrestrictedokTransNotOk(pr3); + assertSecurityException(pr3); + } + + @Test + public void jnlpAppC2AllCommandsFSSUsec() throws Exception { + String file1 = prepareFile(FileType.JNLP_APP, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, true); + ProcessResult pr = server.executeJavaws(HEADLESS, file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertNone(pr); + assertInitError(pr); + assertLaunchException(pr); + } + + @Test + @NeedsDisplay + public void jnlpAppletC2AllCommandsFSSUsec() throws Exception { + String file1 = prepareFile(FileType.JNLP_APPLET, C2, new Archives[]{FS, SU}, + new String[]{COMMAND_C2_NORMAL, COMMAND_C2_RESTRICT, COMMAND_C1_NORMAL, COMMAND_C1_RESTRICT}, true); + ProcessResult pr = server.executeJavaws(file1, new AutoOkClosingListener(), new AutoErrorClosingListener()); + assertNone(pr); + assertInitError(pr); + assertLaunchException(pr);; + } + +}