You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by og...@apache.org on 2008/08/21 22:15:13 UTC
svn commit: r687846 - in /maven/sandbox/trunk/mercury:
mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/
mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/
mercury-repo/merc...
Author: ogusakov
Date: Thu Aug 21 13:15:13 2008
New Revision: 687846
URL: http://svn.apache.org/viewvc?rev=687846&view=rev
Log:
Split verification for reader and writer for finer configuration, added signature verification to local repo reader.
Added:
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar (with props)
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar.asc
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.asc
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.sha1
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.asc
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.sha1
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/maven-metadata-local.xml
Modified:
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/AbstractRepository.java
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/Repository.java
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2.java
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2.java
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/Messages.properties
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2Test.java
maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2Test.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-api/src/main/java/org/apache/maven/mercury/transport/api/Server.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyDeployerTest.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyRetrieverTest.java
maven/sandbox/trunk/mercury/mercury-util/src/main/java/org/apache/maven/mercury/util/FileUtil.java
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/AbstractRepository.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/AbstractRepository.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/AbstractRepository.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/AbstractRepository.java Thu Aug 21 13:15:13 2008
@@ -210,6 +210,11 @@
return repositoryQualityRange.isAcceptedQuality( quality );
}
//---------------------------------------------------------------------------
+ public boolean hasServer()
+ {
+ return server != null;
+ }
+ //---------------------------------------------------------------------------
public Server getServer()
{
return server;
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/Repository.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/Repository.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/Repository.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-api/src/main/java/org/apache/maven/mercury/repository/api/Repository.java Thu Aug 21 13:15:13 2008
@@ -111,9 +111,10 @@
throws NonExistentProtocolException;
/**
- * returns server where this repo resides
+ * server where this repo resides. For local repo - folder as URL and stream verifiers are important.
*
* @return server
*/
+ boolean hasServer();
Server getServer();
}
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2.java Thu Aug 21 13:15:13 2008
@@ -2,10 +2,13 @@
import java.io.File;
import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import org.apache.maven.mercury.artifact.Artifact;
import org.apache.maven.mercury.artifact.ArtifactBasicMetadata;
@@ -18,6 +21,10 @@
import org.apache.maven.mercury.builder.api.MetadataProcessingException;
import org.apache.maven.mercury.builder.api.MetadataProcessor;
import org.apache.maven.mercury.builder.api.MetadataReader;
+import org.apache.maven.mercury.crypto.api.StreamObserverException;
+import org.apache.maven.mercury.crypto.api.StreamVerifier;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
+import org.apache.maven.mercury.crypto.api.StreamVerifierFactory;
import org.apache.maven.mercury.repository.api.AbstracRepositoryReader;
import org.apache.maven.mercury.repository.api.AbstractRepository;
import org.apache.maven.mercury.repository.api.LocalRepository;
@@ -75,6 +82,11 @@
RepositoryOperationResult<DefaultArtifact> res = new RepositoryOperationResult<DefaultArtifact>();
+ Set<StreamVerifierFactory> vFacs = null;
+
+ if( _repo.hasServer() && _repo.getServer().hasReaderStreamVerifierFactories() )
+ vFacs = _repo.getServer().getReaderStreamVerifierFactories();
+
for( ArtifactBasicMetadata bmd : query )
{
DefaultArtifact da = bmd instanceof DefaultArtifact ? (DefaultArtifact)bmd : new DefaultArtifact( bmd );
@@ -195,10 +207,11 @@
continue;
}
- da.setFile( binary );
-
try // reading pom if one exists
{
+ if( checkFile( binary, vFacs ) )
+ da.setFile( binary );
+
if( "pom".equals( bmd.getType() ) )
{
da.setPomBlob( FileUtil.readRawData( binary ) );
@@ -207,14 +220,17 @@
{
File pomFile = new File( _repoDir, relPathOf( da, null, "pom", dav) );
if( pomFile.exists() )
+ {
+ if( checkFile( pomFile, vFacs ) )
da.setPomBlob( FileUtil.readRawData( pomFile ) );
+ }
else
_log.warn( _lang.getMessage( "pom.not.found", bmd.toString()) );
}
res.add( da );
}
- catch( IOException e )
+ catch( Exception e )
{
throw new RepositoryException( e );
}
@@ -222,6 +238,86 @@
return res;
}
//---------------------------------------------------------------------------------------------------------------
+ private static boolean checkFile( File f, Set<StreamVerifierFactory> vFacs )
+ throws RepositoryException, StreamVerifierException
+ {
+ if( vFacs != null )
+ {
+ String fileName = f.getAbsolutePath();
+
+ HashSet<StreamVerifier> vs = new HashSet<StreamVerifier>( vFacs.size() );
+
+ for( StreamVerifierFactory svf : vFacs )
+ {
+ StreamVerifier sv = svf.newInstance();
+ String ext = sv.getAttributes().getExtension();
+ String sigFileName = fileName+(ext.startsWith( "." )?"":".")+ext;
+ File sigFile = new File( sigFileName );
+ if( sigFile.exists() )
+ {
+ try
+ {
+ sv.initSignature( FileUtil.readRawDataAsString( sigFile ) );
+ }
+ catch( IOException e )
+ {
+ throw new RepositoryException( _lang.getMessage( "cannot.read.signature.file", sigFileName, e.getMessage() ) );
+ }
+ vs.add( sv );
+ }
+ else if( ! sv.getAttributes().isLenient() )
+ {
+ throw new RepositoryException( _lang.getMessage( "no.signature.file", ext, sigFileName ) );
+ }
+ // otherwise ignore absence of signature file, if verifier is lenient
+ }
+
+ FileInputStream fin = null;
+ try
+ {
+ fin = new FileInputStream( f );
+ byte [] buf = new byte[ 1024 ];
+ int n = -1;
+ while( (n = fin.read( buf )) != -1 )
+ {
+ for( StreamVerifier sv : vs )
+ try
+ {
+ sv.bytesReady( buf, 0, n );
+ }
+ catch( StreamObserverException e )
+ {
+ if( ! sv.getAttributes().isLenient() )
+ throw new RepositoryException(e);
+ }
+ }
+
+ for( StreamVerifier sv : vs )
+ {
+ if( sv.verifySignature() )
+ {
+ if( sv.getAttributes().isSufficient() )
+ break;
+ }
+ else
+ {
+ if( !sv.getAttributes().isLenient() )
+ throw new RepositoryException( _lang.getMessage( "signature.failed", sv.getAttributes().getExtension(), fileName ) );
+ }
+ }
+ }
+ catch( IOException e )
+ {
+ throw new RepositoryException(e);
+ }
+ finally
+ {
+ if( fin != null ) try { fin.close(); } catch( Exception any ) {}
+ }
+ }
+ return true;
+ }
+ //---------------------------------------------------------------------------------------------------------------
/**
*
*/
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2.java Thu Aug 21 13:15:13 2008
@@ -93,8 +93,8 @@
Set<StreamVerifierFactory> vFacs = null;
Server server = _repo.getServer();
- if( server != null && server.hasStreamVerifierFactories() )
- vFacs = server.getStreamVerifierFactories();
+ if( server != null && server.hasWriterStreamVerifierFactories() )
+ vFacs = server.getWriterStreamVerifierFactories();
if( vFacs == null ) // let it be empty, but not null
vFacs = new HashSet<StreamVerifierFactory>(1);
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/Messages.properties
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/Messages.properties?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/Messages.properties (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/main/java/org/apache/maven/mercury/repository/local/m2/Messages.properties Thu Aug 21 13:15:13 2008
@@ -7,4 +7,7 @@
gavdir.not.found=No directory {1} for artifact {0}
pom.not.found=Artifact {0} - binary exists, but POM not found in the repository
artifact.no.stream=Cannot find either input stream or file, associated with artifact {0}
-pom.artifact.no.stream=Cannot find either pom blob, input stream or file, associated with artifact {0}
\ No newline at end of file
+pom.artifact.no.stream=Cannot find either pom blob, input stream or file, associated with artifact {0}
+no.signature.file=Verifier for {0} is mandatory, but file {1} does not exist
+signature.failed=Signature "{0}": verification failed for file {1}
+cannot.read.signature.file=Cannot read signature file {0}, error: {1}
\ No newline at end of file
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2Test.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2Test.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2Test.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryReaderM2Test.java Thu Aug 21 13:15:13 2008
@@ -2,6 +2,7 @@
import java.io.File;
import java.util.ArrayList;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
@@ -12,11 +13,15 @@
import org.apache.maven.mercury.artifact.DefaultArtifact;
import org.apache.maven.mercury.artifact.QualityRange;
import org.apache.maven.mercury.builder.api.MetadataProcessor;
+import org.apache.maven.mercury.crypto.api.StreamVerifierAttributes;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
+import org.apache.maven.mercury.crypto.api.StreamVerifierFactory;
+import org.apache.maven.mercury.crypto.pgp.PgpStreamVerifierFactory;
+import org.apache.maven.mercury.crypto.sha.SHA1VerifierFactory;
import org.apache.maven.mercury.repository.api.RepositoryException;
import org.apache.maven.mercury.repository.api.RepositoryOperationResult;
import org.apache.maven.mercury.repository.api.RepositoryReader;
-import org.apache.maven.mercury.repository.api.RepositoryWriter;
-import org.apache.maven.mercury.util.FileUtil;
+import org.apache.maven.mercury.transport.api.Server;
/**
*
@@ -34,16 +39,24 @@
List<ArtifactBasicMetadata> query;
ArtifactBasicMetadata bmd;
+
+ private static final String publicKeyFile = "/pgp/pubring.gpg";
+
+ Server server;
+ HashSet<StreamVerifierFactory> factories;
//------------------------------------------------------------------------------
@Override
protected void setUp()
throws Exception
{
- repo = new LocalRepositoryM2( "local-repo-m2", new File("./target/test-classes/repo") );
mdProcessor = new MetadataProcessorMock();
- reader = repo.getReader( mdProcessor );
-
+
query = new ArrayList<ArtifactBasicMetadata>();
+
+ server = new Server( "test", new File("./target/test-classes/repo").toURL() );
+
+ repo = new LocalRepositoryM2( server );
+ reader = repo.getReader( mdProcessor );
}
//------------------------------------------------------------------------------
public void testReadReleaseVersion()
@@ -60,6 +73,10 @@
RepositoryOperationResult<ArtifactBasicMetadata> ror = res.get( bmd );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -86,6 +103,10 @@
RepositoryOperationResult<ArtifactBasicMetadata> ror = res.get( bmd );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -125,6 +146,10 @@
RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -150,6 +175,10 @@
RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -165,8 +194,6 @@
assertTrue( da.getFile().exists() );
assertEquals( 159630, da.getFile().length() );
assertNotNull( da.getPomBlob() );
-
-System.out.println( new String(da.getPomBlob()) );
}
//------------------------------------------------------------------------------
public void testReadSnapshotTS()
@@ -178,6 +205,10 @@
RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -193,8 +224,6 @@
assertTrue( da.getFile().exists() );
assertEquals( 14800, da.getFile().length() );
assertNotNull( da.getPomBlob() );
-
-System.out.println( new String(da.getPomBlob()) );
}
//------------------------------------------------------------------------------
public void testReadLatest()
@@ -206,6 +235,10 @@
RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -235,6 +268,10 @@
RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
assertFalse( ror.hasExceptions() );
assertTrue( ror.hasResults() );
@@ -252,8 +289,129 @@
assertTrue( da.getFile().exists() );
assertEquals( 14800, da.getFile().length() );
assertNotNull( da.getPomBlob() );
+ }
+ //------------------------------------------------------------------------------
+ public void testReadAndVerifyGoodArtifact()
+ throws IllegalArgumentException, RepositoryException, StreamVerifierException
+ {
+ // verifiers
+ factories = new HashSet<StreamVerifierFactory>();
+ factories.add(
+ new PgpStreamVerifierFactory(
+ new StreamVerifierAttributes( PgpStreamVerifierFactory.DEFAULT_EXTENSION, false, true )
+ , getClass().getResourceAsStream( publicKeyFile )
+ )
+ );
+ factories.add( new SHA1VerifierFactory(false,false) );
+ server.setReaderStreamVerifierFactories(factories);
+
+ bmd = new ArtifactBasicMetadata("a:a:4");
+ query.add( bmd );
+
+ RepositoryOperationResult<DefaultArtifact> ror = reader.readArtifacts( query );
-System.out.println( new String(da.getPomBlob()) );
+ assertNotNull( ror );
+
+ if( ror.hasExceptions() )
+ System.out.println( ror.getExceptions() );
+
+ assertFalse( ror.hasExceptions() );
+ assertTrue( ror.hasResults() );
+
+ List<DefaultArtifact> res = ror.getResults();
+
+ assertNotNull( res );
+ assertEquals( 1, res.size() );
+
+ DefaultArtifact da = res.get( 0 );
+
+ assertNotNull( da );
+ assertNotNull( da.getFile() );
+ assertTrue( da.getFile().exists() );
+ assertNotNull( da.getPomBlob() );
+ }
+ //------------------------------------------------------------------------------
+ public void testReadAndVerifyArtifactNoSig()
+ throws IllegalArgumentException, StreamVerifierException
+ {
+ // verifiers
+ factories = new HashSet<StreamVerifierFactory>();
+ factories.add(
+ new PgpStreamVerifierFactory(
+ new StreamVerifierAttributes( PgpStreamVerifierFactory.DEFAULT_EXTENSION, false, true )
+ , getClass().getResourceAsStream( publicKeyFile )
+ )
+ );
+ server.setReaderStreamVerifierFactories(factories);
+
+ bmd = new ArtifactBasicMetadata("a:a:3");
+ query.add( bmd );
+
+ try
+ {
+ reader.readArtifacts( query );
+ }
+ catch( RepositoryException e )
+ {
+ System.out.println( "Expected exception: "+e.getMessage() );
+ return;
+ }
+ fail( "Artifact a:a:3 does not have .asc signature, PGP verifier is not lenient, but this did not cause a RepositoryException" );
+ }
+ //------------------------------------------------------------------------------
+ public void testReadAndVerifyArtifactBadSig()
+ throws IllegalArgumentException, StreamVerifierException
+ {
+ // verifiers
+ factories = new HashSet<StreamVerifierFactory>();
+ factories.add(
+ new PgpStreamVerifierFactory(
+ new StreamVerifierAttributes( PgpStreamVerifierFactory.DEFAULT_EXTENSION, false, true )
+ , getClass().getResourceAsStream( publicKeyFile )
+ )
+ );
+ server.setReaderStreamVerifierFactories(factories);
+
+ bmd = new ArtifactBasicMetadata("a:a:2");
+ query.add( bmd );
+
+ try
+ {
+ reader.readArtifacts( query );
+ }
+ catch( RepositoryException e )
+ {
+ System.out.println( "Expected exception: "+e.getMessage() );
+ return;
+ }
+ fail( "Artifact a:a:2 does have a bad .asc (PGP) signature, PGP verifier is not lenient, but this did not cause a RepositoryException" );
+ }
+ //------------------------------------------------------------------------------
+ public void testReadAndVerifyArtifactNoSigLenientVerifier()
+ throws IllegalArgumentException, StreamVerifierException
+ {
+ // verifiers
+ factories = new HashSet<StreamVerifierFactory>();
+ factories.add(
+ new PgpStreamVerifierFactory(
+ new StreamVerifierAttributes( PgpStreamVerifierFactory.DEFAULT_EXTENSION, true, true )
+ , getClass().getResourceAsStream( publicKeyFile )
+ )
+ );
+ factories.add( new SHA1VerifierFactory(true,false) );
+ server.setReaderStreamVerifierFactories(factories);
+
+ bmd = new ArtifactBasicMetadata("a:a:3");
+ query.add( bmd );
+
+ try
+ {
+ reader.readArtifacts( query );
+ }
+ catch( RepositoryException e )
+ {
+ fail( "Artifact a:a:3 does not have .asc signature, PGP verifier is lenient, but still caused a RepositoryException: "+e.getMessage() );
+ }
}
//------------------------------------------------------------------------------
//------------------------------------------------------------------------------
Modified: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2Test.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2Test.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2Test.java (original)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/java/org/apache/maven/mercury/repository/local/m2/LocalRepositoryWriterM2Test.java Thu Aug 21 13:15:13 2008
@@ -75,7 +75,7 @@
)
);
factories.add( new SHA1VerifierFactory(false,false) );
- server.setStreamVerifierFactories(factories);
+ server.setWriterStreamVerifierFactories(factories);
repo = new LocalRepositoryM2( server );
reader = repo.getReader( mdProcessor );
@@ -142,4 +142,16 @@
assertEquals( 7785, ap.length() );
}
+ public void ntestTemp()
+ throws Exception
+ {
+ Set<Artifact> set = new HashSet<Artifact>(3);
+ DefaultArtifact da = new DefaultArtifact( new ArtifactBasicMetadata("a:a:4") );
+ da.setPomBlob( FileUtil.readRawData( getClass().getResourceAsStream( "/a-4.pom" ) ) );
+ da.setStream( getClass().getResourceAsStream( "/a-4.jar" ) );
+ set.add( da );
+
+ writer.writeArtifact( set );
+ }
+
}
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar?rev=687846&view=auto
==============================================================================
Binary file - no diff available.
Propchange: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar.asc
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar.asc?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar.asc (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/2/a-2.jar.asc Thu Aug 21 13:15:13 2008
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: BCPG v1.40
+
+iEYEABECAAYFAkitxHsACgkQDttdkRQbxPI7ywCdHDfUKblJaNRHID0S4yuhXCGO
+oi8An2QRvn7A3KnrUq1v92t6bM4IKkMl
+=khMy
+-----END PGP SIGNATURE-----
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.asc
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.asc?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.asc (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.asc Thu Aug 21 13:15:13 2008
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: BCPG v1.40
+
+iEYEABECAAYFAkitxHsACgkQDttdkRQbxPI7ywCdHDfUKblJaNRHID0S4yuhXCGO
+oi8An2QRvn7A3KnrUq1v92t6bM4IKkMl
+=khMy
+-----END PGP SIGNATURE-----
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.sha1
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.sha1?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.sha1 (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.jar.sha1 Thu Aug 21 13:15:13 2008
@@ -0,0 +1 @@
+c35fe6fb7d71197acbf7c47c194c45082e4b65f2
\ No newline at end of file
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.asc
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.asc?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.asc (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.asc Thu Aug 21 13:15:13 2008
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: BCPG v1.40
+
+iEYEABECAAYFAkitxHsACgkQDttdkRQbxPLETACfaU+Tv6TEnMuoc8zHEpXsCqFA
+kQsAoIbUVY/qAn6WVUwr3HH1l23wyql3
+=yXa4
+-----END PGP SIGNATURE-----
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.sha1
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.sha1?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.sha1 (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/a-4.pom.sha1 Thu Aug 21 13:15:13 2008
@@ -0,0 +1 @@
+5e06980bdcbc3985bd872a32b7776fa5063aa6b3
\ No newline at end of file
Added: maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/maven-metadata-local.xml
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/maven-metadata-local.xml?rev=687846&view=auto
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/maven-metadata-local.xml (added)
+++ maven/sandbox/trunk/mercury/mercury-repo/mercury-repo-local-m2/src/test/resources/repo/a/a/4/maven-metadata-local.xml Thu Aug 21 13:15:13 2008
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?><metadata>
+ <groupId>a</groupId>
+ <artifactId>a</artifactId>
+ <version>4</version>
+ <versioning>
+ <versions>
+ <version>4</version>
+ </versions>
+ <lastUpdated>20080821193939</lastUpdated>
+ </versioning>
+</metadata>
\ No newline at end of file
Modified: maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-api/src/main/java/org/apache/maven/mercury/transport/api/Server.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-api/src/main/java/org/apache/maven/mercury/transport/api/Server.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-api/src/main/java/org/apache/maven/mercury/transport/api/Server.java (original)
+++ maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-api/src/main/java/org/apache/maven/mercury/transport/api/Server.java Thu Aug 21 13:15:13 2008
@@ -33,7 +33,8 @@
private boolean requireEncryption = false;
private boolean requireTrustedServer = false;
- private Set<StreamVerifierFactory> streamVerifierFactories;
+ private Set<StreamVerifierFactory> writerStreamVerifierFactories;
+ private Set<StreamVerifierFactory> readerStreamVerifierFactories;
public Server( String id, URL url )
{
@@ -97,19 +98,34 @@
return this.serverCredentials;
}
- public boolean hasStreamVerifierFactories()
+ public boolean hasWriterStreamVerifierFactories()
{
- return streamVerifierFactories != null && streamVerifierFactories.size() > 0;
+ return writerStreamVerifierFactories != null && writerStreamVerifierFactories.size() > 0;
}
- public Set<StreamVerifierFactory> getStreamVerifierFactories()
+ public Set<StreamVerifierFactory> getWriterStreamVerifierFactories()
{
- return streamVerifierFactories;
+ return writerStreamVerifierFactories;
}
- public void setStreamVerifierFactories( Set<StreamVerifierFactory> factories )
+ public void setWriterStreamVerifierFactories( Set<StreamVerifierFactory> factories )
{
- streamVerifierFactories = factories;
+ writerStreamVerifierFactories = factories;
+ }
+
+ public boolean hasReaderStreamVerifierFactories()
+ {
+ return readerStreamVerifierFactories != null && readerStreamVerifierFactories.size() > 0;
+ }
+
+ public Set<StreamVerifierFactory> getReaderStreamVerifierFactories()
+ {
+ return readerStreamVerifierFactories;
+ }
+
+ public void setReaderStreamVerifierFactories( Set<StreamVerifierFactory> factories )
+ {
+ readerStreamVerifierFactories = factories;
}
public boolean isRequireEncryption()
Modified: maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java (original)
+++ maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java Thu Aug 21 13:15:13 2008
@@ -332,7 +332,7 @@
throws StreamVerifierException
{
HashSet<StreamObserver> observers = new HashSet<StreamObserver>();
- Set<StreamVerifierFactory> factories = server.getStreamVerifierFactories();
+ Set<StreamVerifierFactory> factories = server.getWriterStreamVerifierFactories();
for (StreamVerifierFactory f:factories)
{
observers.add( f.newInstance() );
Modified: maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java (original)
+++ maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java Thu Aug 21 13:15:13 2008
@@ -314,7 +314,7 @@
HashSet<StreamObserver> observers = new HashSet<StreamObserver>();
if (server != null)
{
- Set<StreamVerifierFactory> factories = server.getStreamVerifierFactories();
+ Set<StreamVerifierFactory> factories = server.getReaderStreamVerifierFactories();
for( StreamVerifierFactory f:factories )
{
observers.add( f.newInstance() );
Modified: maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyDeployerTest.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyDeployerTest.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyDeployerTest.java (original)
+++ maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyDeployerTest.java Thu Aug 21 13:15:13 2008
@@ -182,7 +182,7 @@
, keyId, secretKeyPass
)
);
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setWriterStreamVerifierFactories(factories);
System.err.println("Basedir = "+_baseDir.getAbsolutePath());
@@ -314,7 +314,7 @@
public void testUploadFail () throws Exception
{
factories.add(new SHA1VerifierFactory(false, true)); //!lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setWriterStreamVerifierFactories(factories);
HashSet<Binding> bindings = new HashSet<Binding>();
DeployRequestImpl request = new DeployRequestImpl();
@@ -388,7 +388,7 @@
public void testUploadFailFast () throws Exception
{
factories.add(new SHA1VerifierFactory(false, true)); //!lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setWriterStreamVerifierFactories(factories);
HashSet<Binding> bindings = new HashSet<Binding>();
DeployRequestImpl request = new DeployRequestImpl();
@@ -446,7 +446,7 @@
public void testMemoryDeployment () throws Exception
{
factories.add(new SHA1VerifierFactory(false, true)); //!lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setWriterStreamVerifierFactories(factories);
HashSet<Binding> bindings = new HashSet<Binding>();
DeployRequestImpl request = new DeployRequestImpl();
Modified: maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyRetrieverTest.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyRetrieverTest.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyRetrieverTest.java (original)
+++ maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/test/java/org/apache/maven/mercury/spi/http/client/JettyRetrieverTest.java Thu Aug 21 13:15:13 2008
@@ -164,7 +164,7 @@
throws Exception
{
factories.add( new SHA1VerifierFactory(false, true) ); //!lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -223,7 +223,7 @@
, getClass().getResourceAsStream( publicKeyFile )
)
);
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -252,7 +252,7 @@
throws Exception
{
factories.add(new SHA1VerifierFactory(false, true)); //!lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -312,7 +312,7 @@
throws Exception
{
factories.add(new SHA1VerifierFactory(true, true)); //lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -366,7 +366,7 @@
throws Exception
{
factories.add(new SHA1VerifierFactory(true, true)); //lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
DefaultRetrievalRequest request = new DefaultRetrievalRequest();
@@ -415,7 +415,7 @@
public void testValidatorSuccess() throws Exception
{
factories.add(new SHA1VerifierFactory(true, true)); //lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -469,7 +469,7 @@
public void testValidatorFailure () throws Exception
{
factories.add(new SHA1VerifierFactory(true, true)); //lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
@@ -523,7 +523,7 @@
public void testMemoryRetrieval () throws Exception
{
factories.add(new SHA1VerifierFactory(true, true)); //lenient, sufficient
- remoteServerType.setStreamVerifierFactories(factories);
+ remoteServerType.setReaderStreamVerifierFactories(factories);
//make local dir to put stuff in
dir = mkTempDir();
Modified: maven/sandbox/trunk/mercury/mercury-util/src/main/java/org/apache/maven/mercury/util/FileUtil.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-util/src/main/java/org/apache/maven/mercury/util/FileUtil.java?rev=687846&r1=687845&r2=687846&view=diff
==============================================================================
--- maven/sandbox/trunk/mercury/mercury-util/src/main/java/org/apache/maven/mercury/util/FileUtil.java (original)
+++ maven/sandbox/trunk/mercury/mercury-util/src/main/java/org/apache/maven/mercury/util/FileUtil.java Thu Aug 21 13:15:13 2008
@@ -71,6 +71,12 @@
writeRawData( fOut, fis );
}
//---------------------------------------------------------------------------------------------------------------
+ public static String readRawDataAsString( File file )
+ throws IOException
+ {
+ return new String( readRawData( file ), DEFAULT_CHARSET );
+ }
+ //---------------------------------------------------------------------------------------------------------------
public static byte[] readRawData( File file )
throws IOException
{