youys
/
ant
Not watched
1
0
Fork 1
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
Browse Source

PR 56678 - add proxy support to signjar when using the TSA. Submitted by Robbie Gibson.

master
Stefan Bodewig 11 years ago
parent
789422e131
commit
7f51882300
5 changed files with 90 additions and 9 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -0
      CONTRIBUTORS
  2. +4
    -0
      WHATSNEW
  3. +4
    -0
      contributors.xml
  4. +18
    -8
      manual/Tasks/signjar.html
  5. +63
    -1
      src/main/org/apache/tools/ant/taskdefs/SignJar.java

+ 1
- 0
CONTRIBUTORS View File

@@ -310,6 +310,7 @@ René Krell
Richard Evans
Richard Steele
Rick Beton
Robbie Gibson
Robert Anderson
Robert Clark
Robert Flaherty


+ 4
- 0
WHATSNEW View File

@@ -30,6 +30,10 @@ Fixed bugs:
Other changes:
--------------

* it is now possible to provide proxy configuration when to signjar
when using the timestamped authority.
Bugzilla Report 56678

Changes from Ant 1.9.3 TO Ant 1.9.4
===================================



+ 4
- 0
contributors.xml View File

@@ -1253,6 +1253,10 @@
<first>Rick</first>
<last>Beton</last>
</name>
<name>
<first>Robbie</first>
<last>Gibson</last>
</name>
<name>
<first>Robert</first>
<last>Anderson</last>


+ 18
- 8
manual/Tasks/signjar.html View File

@@ -27,7 +27,7 @@
<h2><a name="signjar">SignJar</a></h2>
<h3>Description</h3>
<p>Signing a jar allows users to authenticate the publisher.</p>
<p>Signs JAR files with the <a target="_blank" href="http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html"><tt>jarsigner</tt> command line tool</a>.
<p>Signs JAR files with the <a target="_blank" href="http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html"><tt>jarsigner</tt> command line tool</a>.
It will take a named file in the <tt>jar</tt> attribute, and an optional
<tt>destDir</tt> or <tt>signedJar</tt> attribute. Nested paths are also
supported; here only an (optional) <tt>destDir</tt> is allowed. If a destination
@@ -40,10 +40,10 @@ Dependency rules
<li>Nonexistent destination JARs are created/signed</li>
<li>Out of date destination JARs are created/signed</li>
<li>If a destination file and a source file are the same,
and <tt>lazy</tt> is true, the JAR is only signed if it does not
and <tt>lazy</tt> is true, the JAR is only signed if it does not
contain a signature by this alias.</li>
<li>If a destination file and a source file are the same,
and <tt>lazy</tt> is false, the JAR is signed.</li>
and <tt>lazy</tt> is false, the JAR is signed.</li>
</ul>

<h3>Parameters</h3>
@@ -91,7 +91,7 @@ and <tt>lazy</tt> is false, the JAR is signed.</li>
</tr>
<tr>
<td valign="top">signedjar</td>
<td valign="top">name of signed JAR file. This can only be set when
<td valign="top">name of signed JAR file. This can only be set when
the <tt>jar</tt> attribute is set.</td>
<td valign="top" align="center">No.</td>
</tr>
@@ -143,10 +143,20 @@ block</td>
</tr>
<tr>
<td valign="top">tsacert</td>
<td valign="top">alias in the keystore for a timestamp authority for
<td valign="top">alias in the keystore for a timestamp authority for
timestamped JAR files in Java1.5+</td>
<td valign="top" align="center">No</td>
</tr>
<tr>
<td valign="top">tsaproxyhost</td>
<td valign="top">proxy host to be used when connecting to TSA server</td>
<td valign="top" align="center">No</td>
</tr>
<tr>
<td valign="top">getTsaproxyport</td>
<td valign="top">proxy port to be used when connecting to TSA server</td>
<td valign="top" align="center">No</td>
</tr>
<tr>
<td valign="top">executable</td>
<td valign="top">Specify a particular <code>jarsigner</code> executable
@@ -156,14 +166,14 @@ block</td>
jarsigner command.
<em>since Ant 1.8.0</em>.</td>
<td align="center" valign="top">No</td>
</tr>
</tr>
<tr>
<td valign="top">force</td>
<td valign="top">Whether to force signing of the jar file even if
it doesn't seem to be out of date or already signed.
<em>since Ant 1.8.0</em>.</td>
<td align="center" valign="top">No; default false</td>
</tr>
</tr>
<tr>
<td valign="top">sigalg</td>
<td valign="top">name of signature algorithm</td>
@@ -273,7 +283,7 @@ With trusted timestamping, users can verify that signing occurred before a certi

<p>
Timestamped JAR files were introduced in Java1.5 and supported in Ant since
Ant 1.7. Ant does not yet support proxy setup for this signing process.
Ant 1.7. Since Ant 1.9.5, Ant can use unauthenticated proxies for this signing process.
</p>

<p>Common public timestamp authorities include


+ 63
- 1
src/main/org/apache/tools/ant/taskdefs/SignJar.java View File

@@ -98,6 +98,16 @@ public class SignJar extends AbstractJarSignerTask {
*/
protected String tsaurl;

/**
* Proxy host to be used when connecting to TSA server
*/
protected String tsaproxyhost;

/**
* Proxy port to be used when connecting to TSA server
*/
protected String tsaproxyport;

/**
* alias for the TSA in the keystore
*/
@@ -250,6 +260,42 @@ public class SignJar extends AbstractJarSignerTask {
this.tsaurl = tsaurl;
}

/**
* Get the proxy host to be used when connecting to the TSA url
* @return url or null
* @since Ant 1.9.5
*/
public String getTsaproxyhost() {
return tsaproxyhost;
}

/**
*
* @param tsaproxyhost the proxy host to be used when connecting to the TSA.
* @since Ant 1.9.5
*/
public void setTsaproxyhost(String tsaproxyhost) {
this.tsaproxyhost = tsaproxyhost;
}

/**
* Get the proxy host to be used when connecting to the TSA url
* @return url or null
* @since Ant 1.9.5
*/
public String getTsaproxyport() {
return tsaproxyport;
}

/**
*
* @param tsaproxyport the proxy port to be used when connecting to the TSA.
* @since Ant 1.9.5
*/
public void setTsaproxyport(String tsaproxyport) {
this.tsaproxyport = tsaproxyport;
}

/**
* get the -tsacert option
* @since Ant 1.7
@@ -322,7 +368,7 @@ public class SignJar extends AbstractJarSignerTask {
* @throws BuildException on errors
*/
@Override
public void execute() throws BuildException {
public void execute() throws BuildException {
//validation logic
final boolean hasJar = jar != null;
final boolean hasSignedJar = signedjar != null;
@@ -504,10 +550,26 @@ public class SignJar extends AbstractJarSignerTask {
addValue(cmd, "-tsa");
addValue(cmd, tsaurl);
}

if (tsacert != null) {
addValue(cmd, "-tsacert");
addValue(cmd, tsacert);
}

if (tsaproxyhost != null) {
final String connectionType;
if (tsaurl.startsWith("https")) {
connectionType = "https";
} else {
connectionType = "http";
}

addValue(cmd, "-J-D" + connectionType + ".proxyHost=" + tsaproxyhost);

if (tsaproxyport != null) {
addValue(cmd, "-J-D" + connectionType + ".proxyPort=" + tsaproxyport);
}
}
}

/**


Write Preview
Loading…
Cancel
Save
Please read the following content carefully:

Dear OpenI User

Thank you for your continuous support to the Openl Qizhi Community AI Collaboration Platform. In order to protect your usage rights and ensure network security, we updated the Openl Qizhi Community AI Collaboration Platform Usage Agreement in January 2024. The updated agreement specifies that users are prohibited from using intranet penetration tools. After you click "Agree and continue", you can continue to use our services. Thank you for your cooperation and understanding.

For more agreement content, please refer to the《Openl Qizhi Community AI Collaboration Platform Usage Agreement》

Agree and continue
Disagree, exit