Hi, We would always try to read the signatures of a JarFile even when we would never use them because the JarFile was opened with verify set to false. This code path wasn't used much since the default is to open with verify = true.
2005-09-01 Mark Wielaard <[EMAIL PROTECTED]>
* java/util/jar/JarFile.java (JarEnumeration.nextElement): Only
readSignature when verifying jar.
(getEntry): Likewise.
Committed,
Mark
Index: java/util/jar/JarFile.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/util/jar/JarFile.java,v
retrieving revision 1.18
diff -u -r1.18 JarFile.java
--- java/util/jar/JarFile.java 13 Jul 2005 23:22:31 -0000 1.18
+++ java/util/jar/JarFile.java 1 Sep 2005 18:12:11 -0000
@@ -1,5 +1,5 @@
/* JarFile.java - Representation of a jar file
- Copyright (C) 2000, 2003, 2004 Free Software Foundation, Inc.
+ Copyright (C) 2000, 2003, 2004, 2005 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -351,7 +351,7 @@
synchronized(jarfile)
{
- if (!jarfile.signaturesRead)
+ if (jarfile.verify && !jarfile.signaturesRead)
try
{
jarfile.readSignatures();
@@ -408,7 +408,7 @@
jarEntry.attr = manifest.getAttributes(name);
}
- if (!signaturesRead)
+ if (verify && !signaturesRead)
try
{
readSignatures();
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Classpath-patches mailing list [email protected] http://lists.gnu.org/mailman/listinfo/classpath-patches
