githubFork/gitblit.git - Solinfo Gitblit

			@@ -17,6 +17,7 @@

			import java.awt.BorderLayout;
			import java.awt.Container;
			import java.awt.Desktop;
			import java.awt.Dimension;
			import java.awt.EventQueue;
			import java.awt.FlowLayout;
			@@ -35,6 +36,7 @@
			import java.io.FileWriter;
			import java.io.FilenameFilter;
			import java.io.IOException;
			import java.net.URI;
			import java.security.PrivateKey;
			import java.security.cert.CertificateFactory;
			import java.security.cert.X509Certificate;
			@@ -296,6 +298,24 @@

			File caKeystore = new File(folder, X509Utils.CA_KEY_STORE);
			if (!caKeystore.exists()) {

			if (!X509Utils.unlimitedStrength) {
			// prompt to confirm user understands JCE Standard Strength encryption
			int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"),
			Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE);
			if (res != JOptionPane.YES_OPTION) {
			if (Desktop.isDesktopSupported()) {
			if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
			try {
			Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html"));
			} catch (IOException e) {
			}
			}
			}
			System.exit(1);
			}
			}

			// show certificate defaults dialog
			certificateDefaultsButton.doClick();

			@@ -307,16 +327,9 @@

			private boolean prepareX509Infrastructure() {
			if (caKeystorePassword == null) {
			JPasswordField pass = new JPasswordField(10){
			private static final long serialVersionUID = 1L;

			public void addNotify()
			{
			super.addNotify();
			requestFocusInWindow();
			}
			};
			JPasswordField pass = new JPasswordField(10);
			pass.setText(caKeystorePassword);
			pass.addAncestorListener(new RequestFocusListener());
			JPanel panel = new JPanel(new BorderLayout());
			panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);
			panel.add(pass, BorderLayout.CENTER);
			@@ -329,6 +342,7 @@
			}

			X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
			setMetadataDefaults(metadata);
			X509Utils.prepareX509Infrastructure(metadata, folder, this);
			return true;
			}
			@@ -396,29 +410,11 @@
			}

			Date notAfter = metadata.notAfter;
			metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
			if (StringUtils.isEmpty(metadata.serverHostname)) {
			metadata.serverHostname = Constants.NAME;
			}
			UserModel user = ucm.user;

			// set default values from config file
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
			certificateConfig.update(metadata);
			}

			// restore expiration date
			setMetadataDefaults(metadata);
			metadata.notAfter = notAfter;

			// set user's specified OID values
			UserModel user = ucm.user;
			if (!StringUtils.isEmpty(user.organizationalUnit)) {
			metadata.oids.put("OU", user.organizationalUnit);
			}
			@@ -442,12 +438,8 @@
			if (ucm.expires == null \|\| metadata.notAfter.before(ucm.expires)) {
			ucm.expires = metadata.notAfter;
			}
			ucm.update(config);
			try {
			config.save();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}

			updateAuthorityConfig(ucm);

			// refresh user
			ucm.certs = null;
			@@ -818,4 +810,42 @@
			}
			return false;
			}

			private void setMetadataDefaults(X509Metadata metadata) {
			metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
			if (StringUtils.isEmpty(metadata.serverHostname)) {
			metadata.serverHostname = Constants.NAME;
			}

			// set default values from config file
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
			certificateConfig.update(metadata);
			}
			}

			private void updateAuthorityConfig(UserCertificateModel ucm) {
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			}
			ucm.update(config);
			try {
			config.save();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			}
			}