-
Bug
-
Resolution: Fixed
-
P3
-
9
-
b83
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8141806 | emb-9 | Andy Herrick | P3 | Resolved | Fixed | team |
| JDK-8140819 | 8u91 | Dmitry Markov | P3 | Resolved | Fixed | b01 |
| JDK-8137103 | 8u72 | Dmitry Markov | P3 | Closed | Fixed | b01 |
| JDK-8147108 | emb-8u91 | Dmitry Markov | P3 | Resolved | Fixed | b01 |
When adding cases to cover JDK-8132336, I found that:
when set invalid element in jnlp-checksum, for example <jnlp-checksum abc="BSAQgw8ZLyRFpOYiK4+mhQNJOmxmtNb8HNjTsyNvYaI="/>, no blocked dialog saying "Exception parsing Deployment Rule Set file" shows up.
Steps to reproduce:
1. Import self ca cert to JCP -> Security -> Manage Certificates -> Singer CA.
http://kgb.us.oracle.com:8080/DRS13Manual/lib/self.valid.cert
2. Set up DeploymentRuleSet.jar:
http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WithoutHash-kgb/DeploymentRuleSet.jar
It sets a invalid element "abc" instead of "hash": <jnlp-checksum abc="BSAQgw8ZLyRFpOYiK4+mhQNJOmxmtNb8HNjTsyNvYaI="/>
For rule set content, see http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WithoutHash-kgb/ruleset.xml
3. Open browser and load http://kgb.us.oracle.com:8080/DRS13Manual/html/testApps.html
4. Launch casinged jnlp by clicking on the link testCertsignedAllpermissionJNLPNoHref.jnlp from a browser
5. If a valid security warning dialog shows up, then this issue is reproduced.
Expected behavior:
An application blocked dialog saying "Exception parsing Deployment Rule Set file" should show up. For now, seems it's considered as "none match".
Note:
The same issue for:
1. Set invalid value for "hash", for example, <jnlp-checksum hash="abcdefg"/>. See http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WrongHash-kgb/ruleset.xml
2. Set rule set version to 1.0 and with jnlp-checksum element in ruleset.xml. See http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum--Version-kgb/ruleset.xml
3. Set empty hash valure, for example, <jnlp-checksum hash=""/>.
when set invalid element in jnlp-checksum, for example <jnlp-checksum abc="BSAQgw8ZLyRFpOYiK4+mhQNJOmxmtNb8HNjTsyNvYaI="/>, no blocked dialog saying "Exception parsing Deployment Rule Set file" shows up.
Steps to reproduce:
1. Import self ca cert to JCP -> Security -> Manage Certificates -> Singer CA.
http://kgb.us.oracle.com:8080/DRS13Manual/lib/self.valid.cert
2. Set up DeploymentRuleSet.jar:
http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WithoutHash-kgb/DeploymentRuleSet.jar
It sets a invalid element "abc" instead of "hash": <jnlp-checksum abc="BSAQgw8ZLyRFpOYiK4+mhQNJOmxmtNb8HNjTsyNvYaI="/>
For rule set content, see http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WithoutHash-kgb/ruleset.xml
3. Open browser and load http://kgb.us.oracle.com:8080/DRS13Manual/html/testApps.html
4. Launch casinged jnlp by clicking on the link testCertsignedAllpermissionJNLPNoHref.jnlp from a browser
5. If a valid security warning dialog shows up, then this issue is reproduced.
Expected behavior:
An application blocked dialog saying "Exception parsing Deployment Rule Set file" should show up. For now, seems it's considered as "none match".
Note:
The same issue for:
1. Set invalid value for "hash", for example, <jnlp-checksum hash="abcdefg"/>. See http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum-WrongHash-kgb/ruleset.xml
2. Set rule set version to 1.0 and with jnlp-checksum element in ruleset.xml. See http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar.run-Jnlp-Checksum--Version-kgb/ruleset.xml
3. Set empty hash valure, for example, <jnlp-checksum hash=""/>.
- backported by
-
JDK-8140819 DRS1.3: App is not blocked when there is a invalid attribute in jnlp-checksum
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
- relates to
-
-
- Closed
-