felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Pauls (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (FELIX-2750) JarEntry.getCodeSigners() is used in Framework Security
Date Tue, 28 Dec 2010 16:00:50 GMT

     [ https://issues.apache.org/jira/browse/FELIX-2750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Karl Pauls resolved FELIX-2750.
-------------------------------

    Resolution: Invalid
      Assignee: Karl Pauls

This is just a workaround of a bug in the sun jdk 1.5.x - getCertificates(). Basically, getCertificates
might return null there even if there are valid certificates. This is a regression bug that
has been fixed in 1.6.

We use reflection to see whether we have a SignerCertPath for the entry (available >= 1.5)
and if so check whether there are valid certificates. The reason we use reflection is that
we don't need to do this fallback so other than the stacktrace it should work just fine on
1.4 -- hence, i'll mark this issue as invalid. Please reopen if you find other issues in security.

> JarEntry.getCodeSigners() is used in Framework Security
> -------------------------------------------------------
>
>                 Key: FELIX-2750
>                 URL: https://issues.apache.org/jira/browse/FELIX-2750
>             Project: Felix
>          Issue Type: Bug
>          Components: Framework Security
>    Affects Versions: framework.security-1.4.1
>         Environment: J2SE 1.4
>            Reporter: Ikuo YAMASAKI
>            Assignee: Karl Pauls
>            Priority: Minor
>
> On J2SE1.4, running framework-3.0.7 and framework.security-1.4.1 throws Exception because
the framework security uses JarEntry.getCodeSigners(). 
> java.lang.NoSuchMethodException: java.util.jar.JarEntry.getCodeSigners()
>         at java.lang.Class.getMethod(Class.java:986)
>         at org.apache.felix.framework.security.verifier.BundleDNParser.<clinit>(BundleDNParser.java:62)
>         at org.apache.felix.framework.SecurityProviderImpl.<init>(SecurityProviderImpl.java:53)
>         at org.apache.felix.framework.SecurityActivator.start(SecurityActivator.java:204)
>         at org.apache.felix.framework.util.SecureAction$Actions.run(SecureAction.java:1243)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.java:620)
>         at org.apache.felix.framework.ExtensionManager.startExtensionBundle(ExtensionManager.java:394)
>         at org.apache.felix.framework.Felix.installBundle(Felix.java:2610)
>         at org.apache.felix.framework.Felix.installBundle(Felix.java:2429)
>         at org.apache.felix.framework.BundleContextImpl.installBundle(BundleContextImpl.java:121)
>         at org.apache.felix.framework.BundleContextImpl.installBundle(BundleContextImpl.java:107)
>         at org.apache.felix.main.AutoProcessor.processAutoDeploy(AutoProcessor.java:173)
>         at org.apache.felix.main.AutoProcessor.process(AutoProcessor.java:78)
>         at org.apache.felix.main.Main.main(Main.java:291)
> As far as I check the source, the impl catches the Exception and just calls ex.printStackTrace().
> It seems to me that the conditional permission admin can be used in Neither J2SE 1.4
nor CDC FP1.1.
> I'm not sure we can change the impl in order to allow it in either J2SE1.4 or CDC FP1.1.


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message