/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License.
*/
/** * Validates the syntax and semantics of one or more JNLP files. * Any other JNLP fragments referred to recursively from these files will be validated as well. * JNLP files must specify a document type, normally: * <!DOCTYPE jnlp PUBLIC "-//Sun Microsystems, Inc//DTD JNLP Descriptor 6.0//EN" "http://java.sun.com/dtd/JNLP-6.0.dtd"> * The codebase specified in the file is used as is if a file: URL; * if $$codebase, it is taken to be the immediately containing directory, to match the behavior of JnlpDownloadServlet; * if a remote URL, it is also taken to be the immediately containing directory, * since otherwise it would be impossible to validate files which were generated with intent to upload to a server. * See issue #96630.
*/ publicclass VerifyJNLP extends Task {
private List<FileSet> filesets = new ArrayList<>(); /** * Add one or more JNLP files to validate. * Use <fileset file="..."/> if you have just one. * Fragments referred to from higher JNLP files are checked automatically and do not need to be specified.
*/ publicvoid addConfiguredFileset(FileSet fs) {
filesets.add(fs);
}
private File report; /** * JUnit report file to create rather than halting build if errors are encountered.
*/ publicvoid setReport(File report) { this.report = report;
}
privateboolean failOnError = true; /** * Whether to halt the build if there is a verification error. Default true.
*/ publicvoid setFailOnError(boolean failOnError) { this.failOnError = failOnError;
}
public @Override void execute() throws BuildException {
Map<String,String> results = new LinkedHashMap<>(); for (FileSet fs : filesets) {
DirectoryScanner s = fs.getDirectoryScanner(getProject());
File basedir = s.getBasedir(); for (String incl : s.getIncludedFiles()) {
validate(new File(basedir, incl), results);
}
}
JUnitReportWriter.writeReport(this, null, failOnError ? null : report, results);
}
privatevoid validate(File jnlp, Map<String,String> results) {
log("Validating: " + jnlp);
Document doc; try {
doc = XMLUtil.parse(new InputSource(jnlp.toURI().toString()), true, false, new ErrorHandler() { publicvoid warning(SAXParseException exception) throws SAXException {
fatalError(exception);
} publicvoid error(SAXParseException exception) throws SAXException {
fatalError(exception);
} publicvoid fatalError(SAXParseException exception) throws SAXException { thrownew SAXException("parse or validation error:\n" +
exception.getSystemId() + ":" + exception.getLineNumber() + ": " + exception.getMessage());
}
}, new EntityResolver() { public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException { if ("-//Sun Microsystems, Inc//DTD JNLP Descriptor 6.0//EN".equals(publicId)) { returnnew InputSource(VerifyJNLP.class.getResource("JNLP-6.0.dtd").toString());
} else { returnnull;
}
}
});
} catch (Exception x) {
error(jnlp, results, "Parse", x.getMessage()); return;
}
String codebase = doc.getDocumentElement().getAttribute("codebase");
URI base; if (codebase.equals("$$codebase")) {
base = jnlp.getParentFile().toURI();
} else { try {
base = new URI(codebase); if (!base.isAbsolute()) {
error(jnlp, results, "Codebase", "non-absolute codebase " + base); return;
} if (!"file".equals(base.getScheme())) { // Needed for local validation of a tree intended for eventual upload to a server.
base = jnlp.getParentFile().toURI();
}
} catch (URISyntaxException x) {
error(jnlp, results, "Codebase", "invalid codebase " + codebase + "': " + x); return;
}
}
Certificate[] existingCertificates = null;
File existingSignedJar = null;
NodeList nl = doc.getElementsByTagName("*"); for (int i = 0; i < nl.getLength(); i++) {
Element el = (Element) nl.item(i);
String href = el.getAttribute("href"); if (href.length() > 0) {
URI u; try {
u = base.resolve(new URI(href));
} catch (URISyntaxException x) {
error(jnlp, results, "Href", "invalid href '" + href + "': " + x); continue;
} assert u.isAbsolute() : u + " not absolute as " + href + " resolved against " + base; if ("file".equals(u.getScheme())) {
File f = new File(u); if (!f.isFile()) { if (el.getTagName().equals("icon")) { // jnlp.xml in harness generates <icon href="${app.icon}"/> optimistically. // Does not seem to be a problem if it is missing.
log(jnlp + ": warning: no such file " + f, Project.MSG_WARN);
} elseif (! f.exists() && f.getName().startsWith("locale")) { // skip missing locale files, probably the best fix for #103301 (copied from MakeJNLP.java)
log("Localization file " + f + " is referenced, but cannot be found. Skipping.", Project.MSG_WARN);
} else {
error(jnlp, results, "Href", "no such file " + f); continue;
}
} if (el.getTagName().equals("extension")) {
validate(f, results);
} elseif (el.getTagName().equals("jar") && f.exists()) { try { // Try to find signers. try (JarFile jf = new JarFile(f, true)) {
Enumeration<JarEntry> entries = jf.entries(); while (entries.hasMoreElements()) {
JarEntry entry = entries.nextElement(); if (entry.getName().startsWith("META-INF/")) { // At least MANIFEST.MF is not signed in the normal way, it seems. continue;
} if (entry.getSize() < 1) { // Dirs are not signed. continue;
}
InputStream is = jf.getInputStream(entry); int read = 0; while (read != -1) {
read = is.read();
}
Certificate[] certs = entry.getCertificates(); /* System.err.println("existingSignedJar=" + existingSignedJar + " existingCertificates=" + Arrays.toString(existingCertificates) + " f=" + f + " certs=" + Arrays.toString(certs) + " entry.name=" + entry.getName());
*/ if (existingSignedJar != null && !Arrays.equals(certs, existingCertificates)) {
error(jnlp, results, "Signatures", "different signatures (or signing status) between " + existingSignedJar + " and " + f); break;
}
existingCertificates = certs;
existingSignedJar = f; break; // just check one representative file
}
}
} catch (IOException x) {
error(jnlp, results, "Signatures", "error examining signatures in " + f + ": " + x);
}
}
} else { try {
u.toURL().openStream().close();
} catch (IOException x) {
log(jnlp + ": could not open network URL " + u, Project.MSG_WARN); // Do not halt build; might just be a network connectivity issue.
}
}
}
}
}
}
Messung V0.5
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.12Bemerkung:
(vorverarbeitet)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
