mbenson 2005/02/10 14:43:27
Modified: . WHATSNEW
src/main/org/apache/tools/ant/taskdefs SignJar.java
docs/manual/CoreTasks signjar.html
Log:
Tighten security by sending storepass and keypass to signjar
via the input stream of the forked process.
Also, create signjar's helper ExecTask instance directly rather than by
typedef discovery mechanisms.
PR: 33433
Revision Changes Path
1.745 +6 -0 ant/WHATSNEW
Index: WHATSNEW
===================================================================
RCS file: /home/cvs/ant/WHATSNEW,v
retrieving revision 1.744
retrieving revision 1.745
diff -u -r1.744 -r1.745
--- WHATSNEW 10 Feb 2005 22:32:20 -0000 1.744
+++ WHATSNEW 10 Feb 2005 22:43:27 -0000 1.745
@@ -44,6 +44,9 @@
* Commandline.describeCommand() methods would attempt to describe
arguments even when none, other than the executable name, were present.
+* Create signjar's helper ExecTask instance directly rather than by
+ typedef discovery mechanisms. Bugzilla report 33433.
+
Other changes:
--------------
@@ -110,6 +113,9 @@
* Added loginputstring attribute to the redirector type.
+* Tighten security by sending storepass and keypass to signjar
+ via the input stream of the forked process.
+
Changes from Ant 1.6.2 to current Ant 1.6 CVS version
=====================================================
1.44 +29 -13 ant/src/main/org/apache/tools/ant/taskdefs/SignJar.java
Index: SignJar.java
===================================================================
RCS file: /home/cvs/ant/src/main/org/apache/tools/ant/taskdefs/SignJar.java,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- SignJar.java 6 Jan 2005 12:05:05 -0000 1.43
+++ SignJar.java 10 Feb 2005 22:43:27 -0000 1.44
@@ -25,6 +25,7 @@
import org.apache.tools.ant.Task;
import org.apache.tools.ant.taskdefs.condition.IsSigned;
import org.apache.tools.ant.types.FileSet;
+import org.apache.tools.ant.types.RedirectorElement;
import org.apache.tools.ant.util.JavaEnvUtils;
import org.apache.tools.ant.util.FileUtils;
@@ -66,6 +67,7 @@
protected boolean internalsf;
protected boolean sectionsonly;
private boolean preserveLastModified;
+ private RedirectorElement redirector;
/** The maximum amount of memory to use for Jar signer */
private String maxMemory;
@@ -212,6 +214,7 @@
throw new BuildException("jar must be set through jar attribute "
+ "or nested filesets");
}
+ redirector = createRedirector();
if (null != jar) {
if (filesets.size() != 0) {
log("nested filesets will be ignored if the jar attribute
has"
@@ -234,6 +237,27 @@
}
/**
+ * Create the redirector to use, if any.
+ * @return a configured RedirectorElement.
+ */
+ private RedirectorElement createRedirector() {
+ if (storepass == null && keypass == null) {
+ return null;
+ }
+ RedirectorElement result = new RedirectorElement();
+ StringBuffer input = new StringBuffer();
+ if (storepass != null) {
+ input.append(storepass).append('\n');
+ }
+ if (keypass != null) {
+ input.append(keypass).append('\n');
+ }
+ result.setInputString(input.toString());
+ result.setLogInputString(false);
+ return result;
+ }
+
+ /**
* sign one jar
*/
private void doOneJar(File jarSource, File jarTarget)
@@ -252,7 +276,8 @@
}
long lastModified = jarSource.lastModified();
- final ExecTask cmd = (ExecTask) getProject().createTask("exec");
+ final ExecTask cmd = new ExecTask();
+ cmd.setProject(getProject());
cmd.setExecutable(JavaEnvUtils.getJdkExecutable("jarsigner"));
if (maxMemory != null) {
@@ -271,22 +296,10 @@
cmd.createArg().setValue(keystore);
}
}
-
- if (null != storepass) {
- cmd.createArg().setValue("-storepass");
- cmd.createArg().setValue(storepass);
- }
-
if (null != storetype) {
cmd.createArg().setValue("-storetype");
cmd.createArg().setValue(storetype);
}
-
- if (null != keypass) {
- cmd.createArg().setValue("-keypass");
- cmd.createArg().setValue(keypass);
- }
-
if (null != sigfile) {
cmd.createArg().setValue("-sigfile");
cmd.createArg().setValue(sigfile);
@@ -316,6 +329,9 @@
log("Signing JAR: " + jarSource.getAbsolutePath());
cmd.setFailonerror(true);
cmd.setTaskName(getTaskName());
+ if (redirector != null) {
+ cmd.addConfiguredRedirector(redirector);
+ }
cmd.execute();
// restore the lastModified attribute
1.15 +0 -7 ant/docs/manual/CoreTasks/signjar.html
Index: signjar.html
===================================================================
RCS file: /home/cvs/ant/docs/manual/CoreTasks/signjar.html,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- signjar.html 9 Feb 2005 07:54:11 -0000 1.14
+++ signjar.html 10 Feb 2005 22:43:27 -0000 1.15
@@ -16,13 +16,6 @@
its modification date is used as a cue as to whether to resign any JAR file.
</p>
-<p>
-<b>Security warning</b>. This task forks the <tt>jarsigner</tt> executable
-(which must of course be on the path). The store password is passed in on
-the command line, so visible in Unix to anyone running <tt>ps -ef</tt>
-on the same host, while signing takes place. Only sign on a secured system.
-</p>
-
<h3>Parameters</h3>
<table border="1" cellpadding="2" cellspacing="0">
<tr>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
