diff options
author | Holger Oehm | 2011-09-07 14:51:17 +0000 |
---|---|---|
committer | Tobias Oberlies | 2011-09-08 07:57:30 +0000 |
commit | 114c88c9dc5fa2ef2e97d58f4b30eabaec35fafb (patch) | |
tree | d861138d1e570dfb652609a8c64fba8bb3385cfe /bundles | |
parent | cca13ad4e969670bcb3025d11ac5ec6b31c1ebf3 (diff) | |
download | rt.equinox.p2-114c88c9dc5fa2ef2e97d58f4b30eabaec35fafb.tar.gz rt.equinox.p2-114c88c9dc5fa2ef2e97d58f4b30eabaec35fafb.tar.xz rt.equinox.p2-114c88c9dc5fa2ef2e97d58f4b30eabaec35fafb.zip |
DirectorApplication: trust every certificatev20110908-0757
changed default behavior to accept not only unsigned jar files but also
signed jar files that have no known root certificate
Bug: 340345
Diffstat (limited to 'bundles')
2 files changed, 81 insertions, 4 deletions
diff --git a/bundles/org.eclipse.equinox.p2.director.app/src/org/eclipse/equinox/internal/p2/director/app/DirectorApplication.java b/bundles/org.eclipse.equinox.p2.director.app/src/org/eclipse/equinox/internal/p2/director/app/DirectorApplication.java index 03a7569ad..4bdaa08fc 100644 --- a/bundles/org.eclipse.equinox.p2.director.app/src/org/eclipse/equinox/internal/p2/director/app/DirectorApplication.java +++ b/bundles/org.eclipse.equinox.p2.director.app/src/org/eclipse/equinox/internal/p2/director/app/DirectorApplication.java @@ -47,7 +47,7 @@ import org.osgi.framework.*; import org.osgi.service.packageadmin.PackageAdmin; public class DirectorApplication implements IApplication, ProvisioningListener { - class AvoidTrustPromptService extends UIServices { + public static class AvoidTrustPromptService extends UIServices { @Override public AuthenticationInfo getUsernamePassword(String location) { return null; @@ -59,8 +59,17 @@ public class DirectorApplication implements IApplication, ProvisioningListener { } @Override - public TrustInfo getTrustInfo(Certificate[][] untrustedChain, String[] unsignedDetail) { - return new TrustInfo(null, false, true); + public TrustInfo getTrustInfo(Certificate[][] untrustedChains, String[] unsignedDetail) { + final Certificate[] trusted; + if (untrustedChains == null) { + trusted = null; + } else { + trusted = new Certificate[untrustedChains.length]; + for (int i = 0; i < untrustedChains.length; i++) { + trusted[i] = untrustedChains[i][0]; + } + } + return new TrustInfo(trusted, false, true); } } diff --git a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/director/DirectorApplicationTest.java b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/director/DirectorApplicationTest.java index 415a2ed13..62f7ea21e 100644 --- a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/director/DirectorApplicationTest.java +++ b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/director/DirectorApplicationTest.java @@ -15,10 +15,14 @@ import java.io.File; import java.io.PrintStream; import java.net.MalformedURLException; import java.net.URI; +import java.security.*; +import java.security.cert.*; +import java.security.cert.Certificate; import org.eclipse.core.runtime.NullProgressMonitor; import org.eclipse.equinox.internal.p2.director.app.DirectorApplication; import org.eclipse.equinox.internal.simpleconfigurator.utils.URIUtil; -import org.eclipse.equinox.p2.core.ProvisionException; +import org.eclipse.equinox.p2.core.*; +import org.eclipse.equinox.p2.core.UIServices.TrustInfo; import org.eclipse.equinox.p2.repository.IRepositoryManager; import org.eclipse.equinox.p2.repository.artifact.IArtifactRepositoryManager; import org.eclipse.equinox.p2.repository.metadata.IMetadataRepositoryManager; @@ -716,4 +720,68 @@ public class DirectorApplicationTest extends AbstractProvisioningTest { metadataManager.removeRepository(srcRepo.toURI()); delete(destinationRepo); } + + @SuppressWarnings("unused") + private final class DummyCertificate extends Certificate { + DummyCertificate(String type) { + super(type); + } + + @Override + public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { + // + } + + @Override + public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { + // + } + + @Override + public String toString() { + return null; + } + + @Override + public PublicKey getPublicKey() { + return null; + } + + @Override + public byte[] getEncoded() throws CertificateEncodingException { + return null; + } + } + + public void testAvoidTrustPromptServiceNoUntrustedCertificates() { + final TrustInfo trustInfo = getTrustInfoFor(null); + assertNotNull(trustInfo); + assertNull(trustInfo.getTrustedCertificates()); + } + + public void testAvoidTrustPromptServiceTrustsOneCertificate() { + final Certificate certificate = new DummyCertificate(""); //$NON-NLS-1$ + final TrustInfo trustInfo = getTrustInfoFor(new Certificate[][] {{certificate}}); + assertNotNull(trustInfo); + final Certificate[] trustedCertificates = trustInfo.getTrustedCertificates(); + assertEquals(1, trustedCertificates.length); + assertSame(certificate, trustedCertificates[0]); + } + + public void testAvoidTrustPromptServiceTrustsManyCertificates() { + final Certificate certificate1 = new DummyCertificate(""); //$NON-NLS-1$ + final Certificate certificate2 = new DummyCertificate(""); //$NON-NLS-1$ + final TrustInfo trustInfo = getTrustInfoFor(new Certificate[][] { {certificate1}, {certificate2}}); + assertNotNull(trustInfo); + final Certificate[] trustedCertificates = trustInfo.getTrustedCertificates(); + assertEquals(2, trustedCertificates.length); + assertSame(certificate1, trustedCertificates[0]); + assertSame(certificate2, trustedCertificates[1]); + } + + private TrustInfo getTrustInfoFor(final Certificate[][] untrustedChain) { + UIServices avoidTrustPromptService = new DirectorApplication.AvoidTrustPromptService(); + return avoidTrustPromptService.getTrustInfo(untrustedChain, null); + } + } |