diff options
Diffstat (limited to 'tests/reproducers')
8 files changed, 483 insertions, 0 deletions
diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.html b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.html new file mode 100644 index 0000000..fe25d06 --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.html @@ -0,0 +1,46 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> <p> + +<applet code = "somecrazytestpackage.MultipleSignaturesPerJarMain" + archive = "MultipleSignaturesPerJar_A_and_B.jar,MultipleSignaturesPerJar_A_only.jar" + codebase = "." width="800" height="600"> +</applet> + +</p> </body> +</html> diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.jnlp b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.jnlp new file mode 100644 index 0000000..5cbfa98 --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMatching.jnlp @@ -0,0 +1,57 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="MultipleSignaturesPerJarMatching.jnlp" codebase="."> + <information> + <title>MultipleSignaturesPerJarMatching</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>MultipleSignaturesPerJarMatching</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="MultipleSignaturesPerJar_A_and_B.jar"/> + <jar href="MultipleSignaturesPerJar_A_only.jar"/> + </resources> + <application-desc main-class="somecrazytestpackage.MultipleSignaturesPerJarMain"> + </application-desc> + <security> + <all-permissions/> + </security> +</jnlp> diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.html b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.html new file mode 100644 index 0000000..75a95e5 --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.html @@ -0,0 +1,46 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> <p> + +<applet code = "somecrazytestpackage.MultipleSignaturesPerJarMain" + archive = "MultipleSignaturesPerJar_A_only.jar,MultipleSignaturesPerJar_B_only.jar" + codebase = "." width="800" height="600"> +</applet> + +</p> </body> +</html>
\ No newline at end of file diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.jnlp b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.jnlp new file mode 100644 index 0000000..333ee50 --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/resources/MultipleSignaturesPerJarMismatching.jnlp @@ -0,0 +1,57 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="MultipleSignaturesPerJarMismatching.jnlp" codebase="."> + <information> + <title>MultipleSignaturesPerJarMismatching</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>MultipleSignaturesPerJarMismatching</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="MultipleSignaturesPerJar_A_only.jar"/> + <jar href="MultipleSignaturesPerJar_B_only.jar"/> + </resources> + <application-desc main-class="somecrazytestpackage.MultipleSignaturesPerJarMain"> + </application-desc> + <security> + <all-permissions/> + </security> +</jnlp> diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/Makefile b/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/Makefile new file mode 100644 index 0000000..ab9807e --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/Makefile @@ -0,0 +1,56 @@ +TESTNAME=MultipleSignaturesPerJar + +JAVAC_CLASSPATH=$(TEST_EXTENSIONS_DIR):$(NETX_DIR)/lib/classes.jar +KEYTOOL=$(BOOT_DIR)/bin/keytool +JARSIGNER=$(BOOT_DIR)/bin/jarsigner +JARSIGNER_CMD=$(JARSIGNER) -keystore $(TOP_BUILD_DIR)/$(PRIVATE_KEYSTORE_NAME) -storepass $(PRIVATE_KEYSTORE_PASS) -keypass $(PRIVATE_KEYSTORE_PASS) +JAVAC=$(BOOT_DIR)/bin/javac +JAR=$(BOOT_DIR)/bin/jar + +# Index jar causes main class jar to load + +TMPDIR:=$(shell mktemp -d) + +prepare-reproducer: + echo PREPARING REPRODUCER $(TESTNAME) in $(TMPDIR) + + $(JAVAC) -d $(TMPDIR) -classpath $(JAVAC_CLASSPATH) somecrazytestpackage/MultipleSignaturesPerJarMain.java + + # Extract ReadPropertiesSigned.class for our usage + cd $(TMPDIR) ; \ + $(JAR) xf $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR)/ReadPropertiesSigned.jar ReadPropertiesSigned.class ; + + # Create jars *testname*_A_and_B.jar, *testname*_A_only.jar, *testname*_B_only.jar + # These are signed by signatures A and B, A only, B only, respectively. + + # *testname*_A_and_B.jar as well as *testname*_B_only.jar contain ReadPropertiesSigned.class, which exercises the signing. + # *testname*_A_only.jar contains MultipleSignaturesTest.class, the (reused) main class for this reproducer. + + cd $(TMPDIR) ; \ + $(JAR) cvf $(TESTNAME)_B_only.jar ReadPropertiesSigned.class ; \ + cp $(TESTNAME)_B_only.jar $(TESTNAME)_A_and_B.jar ; \ + $(JAR) cvf $(TESTNAME)_A_only.jar somecrazytestpackage ; + + # Sign with signature 'A', the signature used in the 'signed' reproducer group + cd $(TMPDIR) ; \ + for jar_to_sign in $(TESTNAME)_A_only.jar $(TESTNAME)_A_and_B.jar; do \ + $(JARSIGNER_CMD) -sigfile Alpha "$$jar_to_sign" $(TEST_CERT_ALIAS)_signed ; \ + done + + # Sign with signature 'B', the signature used in the 'signed2' reproducer group + cd $(TMPDIR) ; \ + for jar_to_sign in $(TESTNAME)_B_only.jar $(TESTNAME)_A_and_B.jar; do \ + $(JARSIGNER_CMD) -sigfile Beta "$$jar_to_sign" $(TEST_CERT_ALIAS)_signed2 ; \ + done + + # Move jars into deployment directory + cd $(TMPDIR); \ + mv $(TESTNAME)_B_only.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \ + mv $(TESTNAME)_A_only.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \ + mv $(TESTNAME)_A_and_B.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; + + echo PREPARED REPRODUCER $(TESTNAME), removing $(TMPDIR) + rm -rf $(TMPDIR) + +clean-reproducer: + echo NOTHING TO CLEAN FOR $(TESTNAME)
\ No newline at end of file diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/somecrazytestpackage/MultipleSignaturesPerJarMain.java b/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/somecrazytestpackage/MultipleSignaturesPerJarMain.java new file mode 100644 index 0000000..43452be --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/srcs/somecrazytestpackage/MultipleSignaturesPerJarMain.java @@ -0,0 +1,90 @@ + + +/* MultipleSignaturesPerJarMain.java +Copyright (C) 2012 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ +package somecrazytestpackage; + +import java.applet.Applet; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; + +public class MultipleSignaturesPerJarMain extends Applet { + + public static void main(String[] args) { + executeForeignMethodCaught(); + } + + public static void executeForeignMethodCaught() { + try { + executeForeignMethod(); + } catch (Exception ex) { + throw new RuntimeException(ex); + } + } + + public static void executeForeignMethod() throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, InstantiationException { + Class<?> clazz = Class.forName("ReadPropertiesSigned"); + Method mainMethod = clazz.getDeclaredMethod("main", String[].class); + mainMethod.invoke(clazz.newInstance(), (Object)new String[] {"user.home"}); + System.out.println("Test has finished."); + } + private class Killer extends Thread { + + public int n = 2000; + + @Override + public void run() { + try { + Thread.sleep(n); + System.exit(0); + } catch (Exception ex) { + } + } + } + private Killer killer; + + @Override + public void init() { + killer = new Killer(); + } + + @Override + public void start() { + main(null); + System.out.println("*** APPLET FINISHED ***"); + } +} diff --git a/tests/reproducers/custom/MultipleSignaturesPerJar/testcases/MultipleSignaturesPerJarTests.java b/tests/reproducers/custom/MultipleSignaturesPerJar/testcases/MultipleSignaturesPerJarTests.java new file mode 100644 index 0000000..f523ed1 --- /dev/null +++ b/tests/reproducers/custom/MultipleSignaturesPerJar/testcases/MultipleSignaturesPerJarTests.java @@ -0,0 +1,129 @@ +/* MultipleSignaturesTestTests.java +Copyright (C) 20121 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertFalse; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess.AutoClose; +import net.sourceforge.jnlp.annotations.Bug; +import net.sourceforge.jnlp.annotations.NeedsDisplay; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import net.sourceforge.jnlp.browsertesting.Browsers; + +import org.junit.Test; + +@Bug(id = { "PR822" }) +public class MultipleSignaturesPerJarTests extends BrowserTest { + private final List<String> TRUST_ALL = Collections.unmodifiableList(Arrays.asList(new String[] { "-Xtrustall" })); + + public static final String CORRECT_FINISH = "Test has finished."; + public static final String CNFEXCEPTION = "ClassNotFoundException"; + public static final String DIFF_CERTS_EXCEPTION = "Fatal: Application Error: The JNLP application is not fully signed by a single cert."; + public static final String ACEXCEPTION = "java.security.AccessControlException: access denied"; + + @Test + @NeedsDisplay + public void multipleSignaturesPerJarMatchingJNLP() throws Exception { + ProcessResult pr = server.executeJavawsHeadless(TRUST_ALL, "/MultipleSignaturesPerJarMatching.jnlp"); + // Assert relevant exceptions did not occur + assertFalse("stderr should NOT contain `" + CNFEXCEPTION + "`, but did", + pr.stderr.contains(CNFEXCEPTION)); + assertFalse("stderr should NOT contain `" + ACEXCEPTION + "`, but did", + pr.stderr.contains(ACEXCEPTION)); + assertFalse("stderr should NOT contain `" + DIFF_CERTS_EXCEPTION + "`, but did", + pr.stderr.contains(DIFF_CERTS_EXCEPTION)); + + // Assert that we correctly finish + assertTrue("stdout should contain `" + CORRECT_FINISH + "`, but did not", + pr.stdout.contains(CORRECT_FINISH)); + } + + @Test + @NeedsDisplay + public void multipleSignaturesPerJarMismatchingJNLP() throws Exception { + ProcessResult pr = server.executeJavawsHeadless(TRUST_ALL, "/MultipleSignaturesPerJarMismatching.jnlp"); + // Assert only for the expected exception + assertTrue("stderr should contain `" + DIFF_CERTS_EXCEPTION + "`, but did not", + pr.stderr.contains(DIFF_CERTS_EXCEPTION)); + + // Assert that we did not correctly finish + assertFalse("stdout should NOT contain " + CORRECT_FINISH + " but did", + pr.stdout.contains(CORRECT_FINISH)); + } + + private static void testForCorrectAppletExecution(ProcessResult pr) { + + // Assert relevant exceptions did not occur + assertFalse("stderr should NOT contain `" + CNFEXCEPTION + "`, but did", + pr.stderr.contains(CNFEXCEPTION)); + assertFalse("stderr should NOT contain `" + ACEXCEPTION + "`, but did", + pr.stderr.contains(ACEXCEPTION)); + assertFalse("stderr should NOT contain `" + DIFF_CERTS_EXCEPTION + "`, but did", + pr.stderr.contains(DIFF_CERTS_EXCEPTION)); + + // Assert that we correctly finish + // It is difficult to check for user.home's value here, so we only check for the ending message: + assertTrue("stdout should contain `" + CORRECT_FINISH + "`, but did not", + pr.stdout.contains(CORRECT_FINISH)); + } + + @Test + @NeedsDisplay + @TestInBrowsers(testIn = Browsers.one) + @Bug(id = { "PR822" }) + public void multipleSignaturesPerJarMismatchingApplet() throws Exception { + ProcessResult pr = server.executeBrowser("/MultipleSignaturesPerJarMismatching.html", AutoClose.CLOSE_ON_CORRECT_END); + // NB: Both this and the matching applet should pass + // Unlike JNLPs, applets pass as long as all their parts are signed by *something* + testForCorrectAppletExecution(pr); + } + + @Test + @NeedsDisplay + @TestInBrowsers(testIn = Browsers.one) + public void multipleSignaturesPerJarMatchingApplet() throws Exception { + ProcessResult pr = server.executeBrowser("/MultipleSignaturesPerJarMatching.html", AutoClose.CLOSE_ON_CORRECT_END); + testForCorrectAppletExecution(pr); + } + +}
\ No newline at end of file diff --git a/tests/reproducers/signed/ReadPropertiesSigned/README b/tests/reproducers/signed/ReadPropertiesSigned/README new file mode 100644 index 0000000..63bbd82 --- /dev/null +++ b/tests/reproducers/signed/ReadPropertiesSigned/README @@ -0,0 +1,2 @@ +This test is relied on by custom/MultipleSignaturesPerJar. +Any changes to this reproducer may require updates there.
\ No newline at end of file |