Reproducer for unsigned content in META-INF/

4 files changed, 143 insertions, 0 deletions

diff --git a/tests/reproducers/custom/UnsignedContentInMETAINF/resources/UnsignedContentInMETAINF.jnlp b/tests/reproducers/custom/UnsignedContentInMETAINF/resources/UnsignedContentInMETAINF.jnlp
new file mode 100644
index 0000000..c6f3e34
--- /dev/null
+++ b/tests/reproducers/custom/UnsignedContentInMETAINF/resources/UnsignedContentInMETAINF.jnlp
@@ -0,0 +1,56 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+<!-- Uses version of signed/ReadPropertiesSigned with unsigned content in META-INF -->
+<?xml version="1.0" encoding="utf-8"?> 
+<jnlp spec="1.0"
+      codebase="./"
+      href="UnsignedContentInMETAINF.jnlp">
+    <information>
+        <title>read properties using System.getenv() with unsigned content in META-INF</title>
+        <vendor>IcedTea</vendor>
+    </information>
+    <resources>
+        <jar href="UnsignedContentInMETAINF.jar" main="true"/>
+    </resources>
+    <application-desc main-class="ReadPropertiesSigned">
+      <argument>user.name</argument>
+    </application-desc>
+    <security>
+      <all-permissions/>
+    </security>
+</jnlp>
diff --git a/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/META-INF/unsigned_file_in_metainf b/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/META-INF/unsigned_file_in_metainf
new file mode 100644
index 0000000..ae4fe1d
--- /dev/null
+++ b/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/META-INF/unsigned_file_in_metainf
@@ -0,0 +1 @@
+This is an unsigned file to be placed in the META-INF/ folder of the copied jar.
diff --git a/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/Makefile b/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/Makefile
new file mode 100644
index 0000000..15c243c
--- /dev/null
+++ b/tests/reproducers/custom/UnsignedContentInMETAINF/srcs/Makefile
@@ -0,0 +1,21 @@
+TESTNAME=UnsignedContentInMETAINF
+JAVAC_CLASSPATH=$(JNLP_TESTS_ENGINE_DIR):$(NETX_DIR)/lib/classes.jar
+DEPLOY_DIR=$(JNLP_TESTS_SERVER_DEPLOYDIR)
+JAVAC=$(BOOT_DIR)/bin/javac
+JAR=$(BOOT_DIR)/bin/jar
+ABS_SRC_PATH=$(JNLP_TESTS_SRCDIR)/custom/$(TESTNAME)/srcs
+
+prepare-reproducer:
+	echo PREPARING REPRODUCER $(TESTNAME)
+	echo "USING ABSPATH = " $(ABS_SRC_PATH)
+	cp $(DEPLOY_DIR)/ReadPropertiesSigned.jar $(DEPLOY_DIR)/UnsignedContentInMETAINF.jar
+	# Place an unsigned file in the META-INF folder
+	cd $(ABS_SRC_PATH)
+	$(JAR) uf $(DEPLOY_DIR)/UnsignedContentInMETAINF.jar META-INF/
+	echo PREPARED REPRODUCER $(TESTNAME)
+
+clean-reproducer:
+	echo CLEANING REPRODUCER $(TESTNAME)
+	rm -f UnsignedContentInMETAINF.jar
+	echo CLEANED REPRODUCER $(TESTNAME)
+
diff --git a/tests/reproducers/custom/UnsignedContentInMETAINF/testcases/UnsignedContentInMETAINF.java b/tests/reproducers/custom/UnsignedContentInMETAINF/testcases/UnsignedContentInMETAINF.java
new file mode 100644
index 0000000..e905aab
--- /dev/null
+++ b/tests/reproducers/custom/UnsignedContentInMETAINF/testcases/UnsignedContentInMETAINF.java
@@ -0,0 +1,65 @@
+/* UnsignedContentInMETAINF.java
+Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import net.sourceforge.jnlp.ServerAccess;
+import org.junit.Assert;
+import org.junit.Test;
+import net.sourceforge.jnlp.ProcessResult;;
+
+public class UnsignedContentInMETAINF {
+
+    private static ServerAccess server = new ServerAccess();
+    private final List<String> l=Collections.unmodifiableList(Arrays.asList(new String[] {"-Xtrustall"}));
+
+    String accessMatcher = "(?s).*java.security.AccessControlException.{0,5}access denied.{0,5}java.util.PropertyPermission.{0,5}" + "user.name.{0,5}read" + ".*";
+
+    @Test
+    public void ReadSignedPropertiesWithUnsignedContentInMETAINF() throws Exception {
+        //request for allpermissions
+        ProcessResult pr=server.executeJavawsHeadless(l,"/UnsignedContentInMETAINF.jnlp");
+        Assert.assertFalse("Stderr should NOT match "+accessMatcher+" but did",pr.stderr.matches(accessMatcher));
+        String ss="ClassNotFoundException";
+        Assert.assertFalse("Stderr should not contain "+ss+" but did",pr.stderr.contains(ss));
+        Assert.assertTrue("Stdout length should be >= 4 but was "+pr.stdout.length(),pr.stdout.length()>=4); // /home/user or /root or anything else :(
+        Assert.assertFalse("Should not be terminated but was",pr.wasTerminated);
+        Assert.assertEquals((Integer)0, pr.returnValue);
+    }
+  }