aboutsummaryrefslogtreecommitdiffstats
path: root/netx/net
diff options
context:
space:
mode:
authorDanesh Dadachanji <[email protected]>2012-07-20 10:38:07 -0400
committerDanesh Dadachanji <[email protected]>2012-07-20 10:38:07 -0400
commitf1f572f1e0fd95ffd92fcc6333d9b6a0534a8838 (patch)
tree7efa45926a22cc75106a64937abbc5b3bcb5ee12 /netx/net
parent098c59976e03f2eee43b907bb223ed552ef080a8 (diff)
Fix RH838417, Fix RH838559: Disambiguate signed applet security prompt from certificate warning.
Diffstat (limited to 'netx/net')
-rw-r--r--netx/net/sourceforge/jnlp/resources/Messages.properties3
-rw-r--r--netx/net/sourceforge/jnlp/security/CertWarningPane.java23
2 files changed, 14 insertions, 12 deletions
diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
index 1095782..cd72cf7 100644
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
@@ -205,6 +205,7 @@ SSigUnverified=The application's digital signature cannot be verified. Do you wa
SSigVerified=The application's digital signature has been verified. Do you want to run the application?
SSignatureError=The application's digital signature has an error. Do you want to run the application?
SUntrustedSource=The digital signature could not be verified by a trusted source. Only run if you trust the origin of the application.
+SWarnFullPermissionsIgnorePolicy=The code executed will be given full permissions, ignoring any java policies you may have.
STrustedSource=The digital signature has been validated by a trusted source.
SClipboardReadAccess=The application has requested read-only access to the system clipboard. Do you want to allow this action?
SClipboardWriteAccess=The application has requested write-only access to the system clipboard. Do you want to allow this action?
@@ -213,7 +214,7 @@ SNetworkAccess=The application has requested permission to establish connections
SNoAssociatedCertificate=<no associated certificate>
SUnverified=(unverified)
SAlwaysTrustPublisher=Always trust content from this publisher
-SHttpsUnverified=The website's certificate cannot be verified.
+SHttpsUnverified=The website's HTTPS certificate cannot be verified.
SNotAllSignedSummary=Only parts of this application code are signed.
SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
diff --git a/netx/net/sourceforge/jnlp/security/CertWarningPane.java b/netx/net/sourceforge/jnlp/security/CertWarningPane.java
index c095212..eedd86e 100644
--- a/netx/net/sourceforge/jnlp/security/CertWarningPane.java
+++ b/netx/net/sourceforge/jnlp/security/CertWarningPane.java
@@ -1,5 +1,5 @@
/* CertWarningPane.java
- Copyright (C) 2008 Red Hat, Inc.
+ Copyright (C) 2012 Red Hat, Inc.
This file is part of IcedTea.
@@ -132,15 +132,19 @@ public class CertWarningPane extends SecurityDialogPanel {
} catch (Exception e) {
}
- //Top label
+ // Labels
String topLabelText = "";
+ String bottomLabelText = parent.getCertVerifier().getRootInCacerts() ?
+ R("STrustedSource") : R("SUntrustedSource");
String propertyName = "";
String iconLocation = "net/sourceforge/jnlp/resources/";
boolean alwaysTrustSelected = false;
if (certVerifier instanceof HttpsCertVerifier) {
- topLabelText = R("SHttpsUnverified") + " " +
- R("Continue");
+ // HTTPS certs that are verified do not prompt for a dialog.
+ // @see VariableX509TrustManager#checkServerTrusted
+ topLabelText = R("SHttpsUnverified") + " " + R("Continue");
propertyName = "OptionPane.warningIcon";
+ iconLocation += "warning.png";
} else
switch (type) {
case VERIFIED:
@@ -153,11 +157,13 @@ public class CertWarningPane extends SecurityDialogPanel {
topLabelText = R("SSigUnverified");
propertyName = "OptionPane.warningIcon";
iconLocation += "warning.png";
+ bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy");
break;
case SIGNING_ERROR:
topLabelText = R("SSignatureError");
propertyName = "OptionPane.warningIcon";
iconLocation += "warning.png";
+ bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy");
break;
}
@@ -218,20 +224,15 @@ public class CertWarningPane extends SecurityDialogPanel {
add(infoPanel);
add(buttonPanel);
- JLabel bottomLabel;
+ JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText));;
JButton moreInfo = new JButton(R("ButMoreInformation"));
moreInfo.addActionListener(new MoreInfoButtonListener());
- if (parent.getCertVerifier().getRootInCacerts())
- bottomLabel = new JLabel(htmlWrap(R("STrustedSource")));
- else
- bottomLabel = new JLabel(htmlWrap(R("SUntrustedSource")));
-
JPanel bottomPanel = new JPanel();
bottomPanel.setLayout(new BoxLayout(bottomPanel, BoxLayout.X_AXIS));
bottomPanel.add(bottomLabel);
bottomPanel.add(moreInfo);
- bottomPanel.setPreferredSize(new Dimension(500, 100));
+ bottomPanel.setPreferredSize(new Dimension(600, 100));
bottomPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
add(bottomPanel);