githubFork/gitblit.git - Solinfo Gitblit

			@@ -17,6 +17,7 @@

			import java.awt.BorderLayout;
			import java.awt.Container;
			import java.awt.Desktop;
			import java.awt.Dimension;
			import java.awt.EventQueue;
			import java.awt.FlowLayout;
			@@ -35,6 +36,7 @@
			import java.io.FileWriter;
			import java.io.FilenameFilter;
			import java.io.IOException;
			import java.net.URI;
			import java.security.PrivateKey;
			import java.security.cert.CertificateFactory;
			import java.security.cert.X509Certificate;
			@@ -65,6 +67,7 @@
			import javax.swing.JScrollPane;
			import javax.swing.JSplitPane;
			import javax.swing.JTable;
			import javax.swing.JTextArea;
			import javax.swing.JTextField;
			import javax.swing.RowFilter;
			import javax.swing.SwingConstants;
			@@ -90,6 +93,7 @@
			import com.gitblit.client.Translation;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.ArrayUtils;
			import com.gitblit.utils.FileUtils;
			import com.gitblit.utils.StringUtils;
			import com.gitblit.utils.TimeUtils;
			import com.gitblit.utils.X509Utils;
			@@ -296,6 +300,24 @@

			File caKeystore = new File(folder, X509Utils.CA_KEY_STORE);
			if (!caKeystore.exists()) {

			if (!X509Utils.unlimitedStrength) {
			// prompt to confirm user understands JCE Standard Strength encryption
			int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"),
			Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE);
			if (res != JOptionPane.YES_OPTION) {
			if (Desktop.isDesktopSupported()) {
			if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
			try {
			Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html"));
			} catch (IOException e) {
			}
			}
			}
			System.exit(1);
			}
			}

			// show certificate defaults dialog
			certificateDefaultsButton.doClick();

			@@ -307,16 +329,9 @@

			private boolean prepareX509Infrastructure() {
			if (caKeystorePassword == null) {
			JPasswordField pass = new JPasswordField(10){
			private static final long serialVersionUID = 1L;

			public void addNotify()
			{
			super.addNotify();
			requestFocusInWindow();
			}
			};
			JPasswordField pass = new JPasswordField(10);
			pass.setText(caKeystorePassword);
			pass.addAncestorListener(new RequestFocusListener());
			JPanel panel = new JPanel(new BorderLayout());
			panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);
			panel.add(pass, BorderLayout.CENTER);
			@@ -329,6 +344,8 @@
			}

			X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
			setMetadataDefaults(metadata);
			metadata.notAfter = new Date(System.currentTimeMillis() + 10*TimeUtils.ONEYEAR);
			X509Utils.prepareX509Infrastructure(metadata, folder, this);
			return true;
			}
			@@ -396,29 +413,11 @@
			}

			Date notAfter = metadata.notAfter;
			metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
			if (StringUtils.isEmpty(metadata.serverHostname)) {
			metadata.serverHostname = Constants.NAME;
			}
			UserModel user = ucm.user;

			// set default values from config file
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
			certificateConfig.update(metadata);
			}

			// restore expiration date
			setMetadataDefaults(metadata);
			metadata.notAfter = notAfter;

			// set user's specified OID values
			UserModel user = ucm.user;
			if (!StringUtils.isEmpty(user.organizationalUnit)) {
			metadata.oids.put("OU", user.organizationalUnit);
			}
			@@ -442,12 +441,8 @@
			if (ucm.expires == null \|\| metadata.notAfter.before(ucm.expires)) {
			ucm.expires = metadata.notAfter;
			}
			ucm.update(config);
			try {
			config.save();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}

			updateAuthorityConfig(ucm);

			// refresh user
			ucm.certs = null;
			@@ -612,7 +607,8 @@
			}
			final Date expires = dialog.getExpiration();
			final String hostname = dialog.getHostname();

			final boolean serveCertificate = dialog.isServeCertificate();

			AuthorityWorker worker = new AuthorityWorker(GitblitAuthority.this) {

			@Override
			@@ -628,17 +624,31 @@

			// generate new SSL certificate
			X509Metadata metadata = new X509Metadata(hostname, caKeystorePassword);
			setMetadataDefaults(metadata);
			metadata.notAfter = expires;
			File serverKeystoreFile = new File(folder, X509Utils.SERVER_KEY_STORE);
			X509Certificate cert = X509Utils.newSSLCertificate(metadata, caPrivateKey, caCert, serverKeystoreFile, GitblitAuthority.this);
			return cert != null;
			boolean hasCert = cert != null;
			if (hasCert && serveCertificate) {
			// update Gitblit https connector alias
			Map<String, String> updates = new HashMap<String, String>();
			updates.put(Keys.server.certificateAlias, metadata.commonName);
			gitblitSettings.saveSettings(updates);
			}
			return hasCert;
			}

			@Override
			protected void onSuccess() {
			JOptionPane.showMessageDialog(GitblitAuthority.this,
			if (serveCertificate) {
			JOptionPane.showMessageDialog(GitblitAuthority.this,
			MessageFormat.format(Translation.get("gb.sslCertificateGeneratedRestart"), hostname),
			Translation.get("gb.newSSLCertificate"), JOptionPane.INFORMATION_MESSAGE);
			} else {
			JOptionPane.showMessageDialog(GitblitAuthority.this,
			MessageFormat.format(Translation.get("gb.sslCertificateGenerated"), hostname),
			Translation.get("gb.newSSLCertificate"), JOptionPane.INFORMATION_MESSAGE);
			}
			}
			};

			@@ -689,6 +699,23 @@
			}
			});

			JButton logButton = new JButton(new ImageIcon(getClass().getResource("/script_16x16.png")));
			logButton.setFocusable(false);
			logButton.setToolTipText(Translation.get("gb.log"));
			logButton.addActionListener(new ActionListener() {
			@Override
			public void actionPerformed(ActionEvent e) {
			File log = new File(folder, X509Utils.CERTS + File.separator + "log.txt");
			if (log.exists()) {
			String content = FileUtils.readContent(log, "\n");
			JTextArea textarea = new JTextArea(content);
			JScrollPane scrollPane = new JScrollPane(textarea);
			scrollPane.setPreferredSize(new Dimension(700, 400));
			JOptionPane.showMessageDialog(GitblitAuthority.this, scrollPane, log.getAbsolutePath(), JOptionPane.INFORMATION_MESSAGE);
			}
			}
			});

			final JTextField filterTextfield = new JTextField(15);
			filterTextfield.addActionListener(new ActionListener() {
			public void actionPerformed(ActionEvent e) {
			@@ -705,6 +732,7 @@
			buttonControls.add(certificateDefaultsButton);
			buttonControls.add(newSSLCertificate);
			buttonControls.add(emailBundle);
			buttonControls.add(logButton);

			JPanel userControls = new JPanel(new FlowLayout(FlowLayout.RIGHT, Utils.MARGIN, Utils.MARGIN));
			userControls.add(new JLabel(Translation.get("gb.filter")));
			@@ -818,4 +846,42 @@
			}
			return false;
			}

			private void setMetadataDefaults(X509Metadata metadata) {
			metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
			if (StringUtils.isEmpty(metadata.serverHostname)) {
			metadata.serverHostname = Constants.NAME;
			}

			// set default values from config file
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
			certificateConfig.update(metadata);
			}
			}

			private void updateAuthorityConfig(UserCertificateModel ucm) {
			File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
			FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
			if (certificatesConfigFile.exists()) {
			try {
			config.load();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			}
			ucm.update(config);
			try {
			config.save();
			} catch (Exception e) {
			Utils.showException(GitblitAuthority.this, e);
			}
			}
			}