Home » Eclipse Projects » Virgo » Virgo & SecurityManager
| | |
Re: Virgo & SecurityManager [message #787324 is a reply to message #784289] |
Tue, 31 January 2012 13:03 |
Anton Kolmakov Messages: 14 Registered: January 2012 |
Junior Member |
|
|
It looks like that ConditionalPermissionAdmin does not work properly with "cn=*, ou=*, o=Eclipse.org Foundation\, Inc, l=*, st=*, c=*" distinguished name as a condition argument. According to the specification:
<string> ::= *( <stringchar> | <pair> ) | '"' *( <stringchar> | <special> | <pair> ) '"' | "#" <hex>
<pair> ::= "\" ( <special> | "\" | '"')
<special> ::= "," | "=" | <CR> | "+" | "<" | ">" | "#" | ";"
When ConditionalPermissionAdmin creates ConditionalPermissionInfo it skips escaped comma and escapes backslash. Parsed name is: "cn=*, ou=*, o=Eclipse.org Foundation\\, Inc, l=*, st=*, c=*".
I think that it is wrong, it should not escape escaped comma.
|
|
|
Re: Virgo & SecurityManager [message #787377 is a reply to message #787324] |
Tue, 31 January 2012 14:11 |
Anton Kolmakov Messages: 14 Registered: January 2012 |
Junior Member |
|
|
Also when I use BundleSignerCondition with argument "CN=*, OU=*, O=*, L=Ottawa, ST=*, C=*" to match org.eclipse.equinox.simpleconfigurator_1.0.300.v20110815-17 bundle which is signed by:
CN="Eclipse.org Foundation, Inc", OU=Digital ID Class 3 - Java Object Signing, O="Eclipse.org Foundation, Inc", L=Ottawa, ST=Ontario, C=CA
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
it fails. And I do not know the reason. Any ideas?
|
|
| |
Re: Virgo & SecurityManager [message #787421 is a reply to message #787417] |
Tue, 31 January 2012 15:06 |
Borislav Kapukaranov Messages: 80 Registered: September 2010 |
Member |
|
|
Backslashes must already be escaped in Java strings, requiring 2 backslashes in Java source code.
For example:
DN: cn = Bugs Bunny, o = ACME++, C=US
Canonical form: cn=bugs bunny,o=acme\+\+,c=us
Java String: "cn=Bugs Bunny,o=ACME\\+\\+,c=US"
Actually looking at this specification text I think you may need to escape the comma with double backslash. Does that work?
[Updated on: Tue, 31 January 2012 15:08] Report message to a moderator
|
|
| |
Re: Virgo & SecurityManager [message #788033 is a reply to message #787524] |
Wed, 01 February 2012 09:10 |
Anton Kolmakov Messages: 14 Registered: January 2012 |
Junior Member |
|
|
Quote:Also when I use BundleSignerCondition with argument "CN=*, OU=*, O=*, L=Ottawa, ST=*, C=*" to match org.eclipse.equinox.simpleconfigurator_1.0.300.v20110815-17 bundle...
I have found the reason of this problem, the pattern I was using is wrong. Because there is a DN chain the pattern should be "-; CN=*, OU=*, O=*, L=Ottawa, ST=*, C=*; -".
|
|
|
Goto Forum:
Current Time: Tue Apr 23 06:44:37 GMT 2024
Powered by FUDForum. Page generated in 0.04423 seconds
|