You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ant.apache.org by bo...@apache.org on 2014/07/06 11:26:10 UTC
git commit: PR 56678 - add proxy support to signjar when using the TSA. Submitted by Robbie Gibson.

Repository: ant
Updated Branches:
  refs/heads/master 789422e13 -> 7f5188230


PR 56678 - add proxy support to signjar when using the TSA.  Submitted by Robbie Gibson.


Project: http://git-wip-us.apache.org/repos/asf/ant/repo
Commit: http://git-wip-us.apache.org/repos/asf/ant/commit/7f518823
Tree: http://git-wip-us.apache.org/repos/asf/ant/tree/7f518823
Diff: http://git-wip-us.apache.org/repos/asf/ant/diff/7f518823

Branch: refs/heads/master
Commit: 7f51882300a8e40ff675867e055061867ba6c8bd
Parents: 789422e
Author: Stefan Bodewig <bo...@apache.org>
Authored: Sun Jul 6 11:25:49 2014 +0200
Committer: Stefan Bodewig <bo...@apache.org>
Committed: Sun Jul 6 11:25:49 2014 +0200

----------------------------------------------------------------------
 CONTRIBUTORS                                    |  1 +
 WHATSNEW                                        |  4 ++
 contributors.xml                                |  4 ++
 manual/Tasks/signjar.html                       | 26 +++++---
 .../org/apache/tools/ant/taskdefs/SignJar.java  | 64 +++++++++++++++++++-
 5 files changed, 90 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ant/blob/7f518823/CONTRIBUTORS
----------------------------------------------------------------------
diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 4d65e56..9c234d0 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -310,6 +310,7 @@ René Krell
 Richard Evans
 Richard Steele
 Rick Beton
+Robbie Gibson
 Robert Anderson
 Robert Clark
 Robert Flaherty

http://git-wip-us.apache.org/repos/asf/ant/blob/7f518823/WHATSNEW
----------------------------------------------------------------------
diff --git a/WHATSNEW b/WHATSNEW
index d80727d..32932e8 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -30,6 +30,10 @@ Fixed bugs:
 Other changes:
 --------------
 
+ * it is now possible to provide proxy configuration when to signjar
+   when using the timestamped authority.
+   Bugzilla Report 56678
+
 Changes from Ant 1.9.3 TO Ant 1.9.4
 ===================================
 

http://git-wip-us.apache.org/repos/asf/ant/blob/7f518823/contributors.xml
----------------------------------------------------------------------
diff --git a/contributors.xml b/contributors.xml
index 8bdae0f..63e2030 100644
--- a/contributors.xml
+++ b/contributors.xml
@@ -1254,6 +1254,10 @@
     <last>Beton</last>
   </name>
   <name>
+    <first>Robbie</first>
+    <last>Gibson</last>
+  </name>
+  <name>
     <first>Robert</first>
     <last>Anderson</last>
   </name>

http://git-wip-us.apache.org/repos/asf/ant/blob/7f518823/manual/Tasks/signjar.html
----------------------------------------------------------------------
diff --git a/manual/Tasks/signjar.html b/manual/Tasks/signjar.html
index 0c317f5..c277dfa 100644
--- a/manual/Tasks/signjar.html
+++ b/manual/Tasks/signjar.html
@@ -27,7 +27,7 @@
 <h2><a name="signjar">SignJar</a></h2>
 <h3>Description</h3>
 <p>Signing a jar allows users to authenticate the publisher.</p>
-<p>Signs JAR files with the <a target="_blank" href="http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html"><tt>jarsigner</tt> command line tool</a>. 
+<p>Signs JAR files with the <a target="_blank" href="http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html"><tt>jarsigner</tt> command line tool</a>.
 It will take a named file in the <tt>jar</tt> attribute, and an optional
 <tt>destDir</tt> or <tt>signedJar</tt> attribute. Nested paths are also
 supported; here only an (optional) <tt>destDir</tt> is allowed. If a destination
@@ -40,10 +40,10 @@ Dependency rules
 <li>Nonexistent destination JARs are created/signed</li>
 <li>Out of date destination JARs are created/signed</li>
 <li>If a destination file and a source file are the same,
-and <tt>lazy</tt> is true, the JAR is only signed if it does not 
+and <tt>lazy</tt> is true, the JAR is only signed if it does not
 contain a signature by this alias.</li>
 <li>If a destination file and a source file are the same,
-and <tt>lazy</tt> is false, the JAR is signed.</li> 
+and <tt>lazy</tt> is false, the JAR is signed.</li>
 </ul>
 
 <h3>Parameters</h3>
@@ -91,7 +91,7 @@ and <tt>lazy</tt> is false, the JAR is signed.</li>
   </tr>
   <tr>
     <td valign="top">signedjar</td>
-    <td valign="top">name of signed JAR file. This can only be set when 
+    <td valign="top">name of signed JAR file. This can only be set when
     the <tt>jar</tt> attribute is set.</td>
     <td valign="top" align="center">No.</td>
   </tr>
@@ -143,11 +143,21 @@ block</td>
   </tr>
   <tr>
     <td valign="top">tsacert</td>
-    <td valign="top">alias in the keystore for a timestamp authority for 
+    <td valign="top">alias in the keystore for a timestamp authority for
     timestamped JAR files in Java1.5+</td>
     <td valign="top" align="center">No</td>
   </tr>
   <tr>
+    <td valign="top">tsaproxyhost</td>
+    <td valign="top">proxy host to be used when connecting to TSA server</td>
+    <td valign="top" align="center">No</td>
+  </tr>
+  <tr>
+    <td valign="top">getTsaproxyport</td>
+    <td valign="top">proxy port to be used when connecting to TSA server</td>
+    <td valign="top" align="center">No</td>
+  </tr>
+  <tr>
     <td valign="top">executable</td>
     <td valign="top">Specify a particular <code>jarsigner</code> executable
       to use in place of the default binary (found in the same JDK as
@@ -156,14 +166,14 @@ block</td>
       jarsigner command.
       <em>since Ant 1.8.0</em>.</td>
     <td align="center" valign="top">No</td>
-  </tr>  
+  </tr>
   <tr>
     <td valign="top">force</td>
     <td valign="top">Whether to force signing of the jar file even if
       it doesn't seem to be out of date or already signed.
       <em>since Ant 1.8.0</em>.</td>
     <td align="center" valign="top">No; default false</td>
-  </tr>  
+  </tr>
   <tr>
     <td valign="top">sigalg</td>
     <td valign="top">name of signature algorithm</td>
@@ -273,7 +283,7 @@ With trusted timestamping, users can verify that signing occurred before a certi
 
 <p>
 Timestamped JAR files were introduced in Java1.5 and supported in Ant since
-Ant 1.7. Ant does not yet support proxy setup for this signing process. 
+Ant 1.7. Since Ant 1.9.5, Ant can use unauthenticated proxies for this signing process.
 </p>
 
 <p>Common public timestamp authorities include

http://git-wip-us.apache.org/repos/asf/ant/blob/7f518823/src/main/org/apache/tools/ant/taskdefs/SignJar.java
----------------------------------------------------------------------
diff --git a/src/main/org/apache/tools/ant/taskdefs/SignJar.java b/src/main/org/apache/tools/ant/taskdefs/SignJar.java
index 7f9b1ee..0092804 100644
--- a/src/main/org/apache/tools/ant/taskdefs/SignJar.java
+++ b/src/main/org/apache/tools/ant/taskdefs/SignJar.java
@@ -99,6 +99,16 @@ public class SignJar extends AbstractJarSignerTask {
     protected String tsaurl;
 
     /**
+     * Proxy host to be used when connecting to TSA server
+     */
+    protected String tsaproxyhost;
+
+    /**
+     * Proxy port to be used when connecting to TSA server
+     */
+    protected String tsaproxyport;
+
+    /**
      * alias for the TSA in the keystore
      */
     protected String tsacert;
@@ -251,6 +261,42 @@ public class SignJar extends AbstractJarSignerTask {
     }
 
     /**
+     * Get the proxy host to be used when connecting to the TSA url
+     * @return url or null
+     * @since Ant 1.9.5
+     */
+    public String getTsaproxyhost() {
+        return tsaproxyhost;
+    }
+
+    /**
+     *
+     * @param tsaproxyhost the proxy host to be used when connecting to the TSA.
+     * @since Ant 1.9.5
+     */
+    public void setTsaproxyhost(String tsaproxyhost) {
+        this.tsaproxyhost = tsaproxyhost;
+    }
+
+    /**
+     * Get the proxy host to be used when connecting to the TSA url
+     * @return url or null
+     * @since Ant 1.9.5
+     */
+    public String getTsaproxyport() {
+        return tsaproxyport;
+    }
+
+    /**
+     *
+     * @param tsaproxyport the proxy port to be used when connecting to the TSA.
+     * @since Ant 1.9.5
+     */
+    public void setTsaproxyport(String tsaproxyport) {
+        this.tsaproxyport = tsaproxyport;
+    }
+
+    /**
      * get the -tsacert option
      * @since Ant 1.7
      * @return a certificate alias or null
@@ -322,7 +368,7 @@ public class SignJar extends AbstractJarSignerTask {
      * @throws BuildException on errors
      */
     @Override
-	public void execute() throws BuildException {
+        public void execute() throws BuildException {
         //validation logic
         final boolean hasJar = jar != null;
         final boolean hasSignedJar = signedjar != null;
@@ -504,10 +550,26 @@ public class SignJar extends AbstractJarSignerTask {
             addValue(cmd, "-tsa");
             addValue(cmd, tsaurl);
         }
+
         if (tsacert != null) {
             addValue(cmd, "-tsacert");
             addValue(cmd, tsacert);
         }
+
+        if (tsaproxyhost != null) {
+            final String connectionType;
+            if (tsaurl.startsWith("https")) {
+                connectionType = "https";
+            } else {
+                connectionType = "http";
+            }
+
+            addValue(cmd, "-J-D" + connectionType + ".proxyHost=" + tsaproxyhost);
+
+            if (tsaproxyport != null) {
+                addValue(cmd, "-J-D" + connectionType + ".proxyPort=" + tsaproxyport);
+            }
+        }
     }
 
     /**