Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Arthorne2009-08-12 19:40:40 +0000
committerJohn Arthorne2009-08-12 19:40:40 +0000
commit8132e43c4cb2b9a72066cb13c0caf23ea5cae627 (patch)
tree5983eb16db757cd2cf43f1126f5fc3a497e15007 /bundles/org.eclipse.equinox.p2.tests/src/org/eclipse
parent2a6150cecdf3bf6ce86eb638a7a72804c8fdd1b3 (diff)
downloadrt.equinox.p2-8132e43c4cb2b9a72066cb13c0caf23ea5cae627.tar.gz
rt.equinox.p2-8132e43c4cb2b9a72066cb13c0caf23ea5cae627.tar.xz
rt.equinox.p2-8132e43c4cb2b9a72066cb13c0caf23ea5cae627.zip
Bug 235526 [security] No prompt for installing unsigned content
Diffstat (limited to 'bundles/org.eclipse.equinox.p2.tests/src/org/eclipse')
-rw-r--r--bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/AllTests.java1
-rw-r--r--bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java149
2 files changed, 150 insertions, 0 deletions
diff --git a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/AllTests.java b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/AllTests.java
index c3fe46150..de18d1ac1 100644
--- a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/AllTests.java
+++ b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/AllTests.java
@@ -19,6 +19,7 @@ public class AllTests extends TestCase {
public static Test suite() {
TestSuite suite = new TestSuite(AllTests.class.getName());
+ suite.addTestSuite(CertificateCheckerTest.class);
suite.addTestSuite(DownloadManagerTest.class);
suite.addTestSuite(InstructionParserTest.class);
suite.addTestSuite(EngineTest.class);
diff --git a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java
new file mode 100644
index 000000000..d743d22ee
--- /dev/null
+++ b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java
@@ -0,0 +1,149 @@
+/*******************************************************************************
+ * Copyright (c) 2009 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.equinox.p2.tests.engine;
+
+import java.io.File;
+import java.io.IOException;
+import java.security.cert.Certificate;
+import org.eclipse.core.runtime.IStatus;
+import org.eclipse.equinox.internal.p2.engine.EngineActivator;
+import org.eclipse.equinox.internal.provisional.p2.core.IServiceUI;
+import org.eclipse.equinox.internal.provisional.p2.core.IServiceUICheckUnsigned;
+import org.eclipse.equinox.internal.provisional.p2.engine.CertificateChecker;
+import org.eclipse.equinox.p2.tests.AbstractProvisioningTest;
+import org.eclipse.equinox.p2.tests.TestData;
+import org.osgi.framework.ServiceRegistration;
+
+/**
+ * Tests for {@link CertificateChecker}.
+ */
+public class CertificateCheckerTest extends AbstractProvisioningTest {
+ class CertificateTestService implements IServiceUI, IServiceUICheckUnsigned {
+ public boolean unsignedReturnValue = true;
+ public boolean wasPrompted = false;
+
+ public AuthenticationInfo getUsernamePassword(String location) {
+ return null;
+ }
+
+ public AuthenticationInfo getUsernamePassword(String location, AuthenticationInfo previousInfo) {
+ return null;
+ }
+
+ public boolean promptForUnsignedContent(String[] details) {
+ wasPrompted = true;
+ return unsignedReturnValue;
+ }
+
+ public Certificate[] showCertificates(Certificate[][] certificates) {
+ return null;
+ }
+
+ }
+
+ CertificateChecker checker;
+ ServiceRegistration serviceReg;
+ CertificateTestService serviceUI;
+ File unsigned;
+
+ protected void setUp() throws Exception {
+ checker = new CertificateChecker();
+ try {
+ unsigned = TestData.getFile("CertificateChecker", "unsigned.jar");
+ } catch (IOException e) {
+ fail("0.99", e);
+ }
+ assertTrue("1.0", unsigned != null);
+ assertTrue("1.0", unsigned.exists());
+ serviceUI = new CertificateTestService();
+ serviceReg = EngineActivator.getContext().registerService(IServiceUI.class.getName(), serviceUI, null);
+ }
+
+ protected void tearDown() throws Exception {
+ if (serviceReg != null)
+ serviceReg.unregister();
+ }
+
+ /**
+ * Tests that installing unsigned content is not allowed when the policy says it must fail.
+ */
+ public void testPolicyAllow() {
+ try {
+ //if the service is consulted it will say no
+ serviceUI.unsignedReturnValue = false;
+ System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_ALLOW);
+ checker.add(unsigned);
+ IStatus result = checker.start();
+ assertEquals("1.0", IStatus.OK, result.getSeverity());
+ } finally {
+ System.getProperties().remove(EngineActivator.PROP_UNSIGNED_POLICY);
+ }
+ }
+
+ /**
+ * Tests that installing unsigned content is not allowed when the policy says it must fail.
+ */
+ public void testPolicyFail() {
+ try {
+ System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_FAIL);
+ checker.add(unsigned);
+ IStatus result = checker.start();
+ assertEquals("1.0", IStatus.ERROR, result.getSeverity());
+
+ } finally {
+ System.getProperties().remove(EngineActivator.PROP_UNSIGNED_POLICY);
+ }
+ }
+
+ /**
+ * Tests that installing unsigned content with the "prompt" policy and the prompt succeeds.
+ */
+ public void testPolicyPromptSuccess() {
+ try {
+ System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_PROMPT);
+ serviceUI.unsignedReturnValue = true;
+ checker.add(unsigned);
+ IStatus result = checker.start();
+ assertEquals("1.0", IStatus.OK, result.getSeverity());
+ assertTrue("1.1", serviceUI.wasPrompted);
+ } finally {
+ System.getProperties().remove(EngineActivator.PROP_UNSIGNED_POLICY);
+ }
+ }
+
+ /**
+ * Tests that the default policy for unsigned content is to prompt.
+ */
+ public void testPolicyDefault() {
+ System.getProperties().remove(EngineActivator.PROP_UNSIGNED_POLICY);
+ serviceUI.unsignedReturnValue = true;
+ checker.add(unsigned);
+ IStatus result = checker.start();
+ assertEquals("1.0", IStatus.OK, result.getSeverity());
+ assertTrue("1.1", serviceUI.wasPrompted);
+ }
+
+ /**
+ * Tests that installing unsigned content with the "prompt" policy and the prompt says no.
+ */
+ public void testPolicyPromptCancel() {
+ try {
+ System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_PROMPT);
+ serviceUI.unsignedReturnValue = false;
+ checker.add(unsigned);
+ IStatus result = checker.start();
+ assertEquals("1.0", IStatus.CANCEL, result.getSeverity());
+ assertTrue("1.1", serviceUI.wasPrompted);
+ } finally {
+ System.getProperties().remove(EngineActivator.PROP_UNSIGNED_POLICY);
+ }
+ }
+}

Back to the top