Gitblit devel
parent: e571c4ae | patch | commit | ignore whitespace
James Moger
2012-11-26 db9718c71451ea9a3e450e8ffdebb196beaab144 
Password prompt for GCA
3 files modified
75 ■■■■ changed files
src/com/gitblit/authority/GitblitAuthority.java 60 ●●●● patch | view | raw | blame | history
src/com/gitblit/authority/UserCertificatePanel.java 12 ●●●●● patch | view | raw | blame | history
src/com/gitblit/wicket/GitBlitWebApp.properties 3 ●●●● patch | view | raw | blame | history 
 src/com/gitblit/authority/GitblitAuthority.java


@@ -61,6 +61,7 @@


import javax.swing.JLabel;



import javax.swing.JOptionPane;



import javax.swing.JPanel;



import javax.swing.JPasswordField;



import javax.swing.JScrollPane;



import javax.swing.JSplitPane;



import javax.swing.JTable;



@@ -116,7 +117,7 @@


    



    private IUserService userService;



    



    private String caKeystorePassword = null;



    private String caKeystorePassword;







    private JTable table;



    



@@ -234,7 +235,6 @@


        }



        gitblitSettings = new FileSettings(file.getAbsolutePath());



        mail = new MailExecutor(gitblitSettings);



        caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);



        String us = gitblitSettings.getString(Keys.realm.userService, "users.conf");



        String ext = us.substring(us.lastIndexOf(".") + 1).toLowerCase();



        IUserService service = null;



@@ -300,9 +300,34 @@


        }



    }



    



    private void prepareX509Infrastructure() {



    private boolean prepareX509Infrastructure() {



        if (caKeystorePassword == null) {



            caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);



            JPasswordField pass = new JPasswordField(10){



                private static final long serialVersionUID = 1L;







                public void addNotify()             


                {                 


                    super.addNotify();



                    requestFocusInWindow();             


                }         


            }; 


            pass.setText(caKeystorePassword);



            JPanel panel = new JPanel(new BorderLayout());



            panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);



            panel.add(pass, BorderLayout.CENTER);



            int result = JOptionPane.showConfirmDialog(GitblitAuthority.this, panel, Translation.get("gb.password"), JOptionPane.OK_CANCEL_OPTION);



            if (result == JOptionPane.OK_OPTION) {



                caKeystorePassword = new String(pass.getPassword());



            } else {



                caKeystorePassword = null;



                return false;



            }



        }







        X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);



        X509Utils.prepareX509Infrastructure(metadata, folder, this);



        return true;



    }



    



    private List<X509Certificate> findCerts(File folder, String username) {



@@ -357,13 +382,16 @@


            }



            



            @Override



            public void saveUser(String username, UserCertificateModel ucm) {



                userService.updateUserModel(username, ucm.user);



            public boolean saveUser(String username, UserCertificateModel ucm) {



                return userService.updateUserModel(username, ucm.user);



            }



            



            @Override



            public void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {



                prepareX509Infrastructure();



            public boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {



                if (!prepareX509Infrastructure()) {



                    return false;



                }







                Date notAfter = metadata.notAfter;



                metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);



                if (StringUtils.isEmpty(metadata.serverHostname)) {



@@ -408,7 +436,7 @@


                File zip = X509Utils.newClientBundle(metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);







                // save latest expiration date



                if (ucm.expires == null || metadata.notAfter.after(ucm.expires)) {



                if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {



                    ucm.expires = metadata.notAfter;



                }



                ucm.update(config);



@@ -427,10 +455,15 @@


                if (sendEmail) {



                    sendEmail(user, metadata, zip);



                }



                return true;



            }



            



            @Override



            public void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {



            public boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {



                if (!prepareX509Infrastructure()) {



                    return false;



                }







                File caRevocationList = new File(folder, X509Utils.CA_REVOCATION_LIST);



                File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);



                if (X509Utils.revoke(cert, reason, caRevocationList, caKeystoreFile, caKeystorePassword, GitblitAuthority.this)) {



@@ -458,7 +491,10 @@


                    tableModel.fireTableDataChanged();



                    table.getSelectionModel().setSelectionInterval(modelIndex, modelIndex);



                    



                    return true;



                }



				


                return false;



            }



        };



        



@@ -551,8 +587,6 @@


                        certificateConfig.duration = Integer.parseInt(durationTF.getText());



                        certificateConfig.store(config, metadata);



                        config.save();



						


                        prepareX509Infrastructure();



                    } catch (Exception e1) {



                        Utils.showException(GitblitAuthority.this, e1);



                    }



@@ -580,7 +614,9 @@






                    @Override



                    protected Boolean doRequest() throws IOException {



                        prepareX509Infrastructure();



                        if (!prepareX509Infrastructure()) {



                            return false;



                        }



                        



                        // read CA private key and certificate



                        File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);





 src/com/gitblit/authority/UserCertificatePanel.java


@@ -169,8 +169,7 @@


                    AuthorityWorker worker = new AuthorityWorker(UserCertificatePanel.this.owner) {



                        @Override



                        protected Boolean doRequest() throws IOException {



                            newCertificate(ucm, metadata, sendEmail);



                            return true;



                            return newCertificate(ucm, metadata, sendEmail);



                        }







                        @Override



@@ -241,8 +240,7 @@






                            @Override



                            protected Boolean doRequest() throws IOException {



                                revoke(ucm, cert, reason);



                                return true;



                                return revoke(ucm, cert, reason);



                            }







                            @Override



@@ -294,7 +292,7 @@


    public abstract Date getDefaultExpiration();



    public abstract boolean isAllowEmail();



    



    public abstract void saveUser(String username, UserCertificateModel ucm);



    public abstract void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail);



    public abstract void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason);



    public abstract boolean saveUser(String username, UserCertificateModel ucm);



    public abstract boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail);



    public abstract boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason);



}





 src/com/gitblit/wicket/GitBlitWebApp.properties


@@ -427,4 +427,5 @@


gb.certificate = certificate



gb.emailCertificateBundle = email client certificate bundle



gb.pleaseGenerateClientCertificate = Please generate a client certificate for {0}



gb.clientCertificateBundleSent = Client certificate bundle for {0} sent


gb.clientCertificateBundleSent = Client certificate bundle for {0} sent



gb.enterKeystorePassword = Please enter the Gitblit keystore password