From 9af47c10c6a268877c1d232c8d71ee6df4f8a7ab Mon Sep 17 00:00:00 2001
From: Jeroen Baten <jeroen@jeroenbaten.nl>
Date: Fri, 04 Jan 2013 05:18:37 -0500
Subject: [PATCH] Dutch translation before spellcheck
---
src/com/gitblit/authority/GitblitAuthority.java | 380 +++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 287 insertions(+), 93 deletions(-)
diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java
index 7734a15..909831f 100644
--- a/src/com/gitblit/authority/GitblitAuthority.java
+++ b/src/com/gitblit/authority/GitblitAuthority.java
@@ -17,9 +17,11 @@
import java.awt.BorderLayout;
import java.awt.Container;
+import java.awt.Desktop;
import java.awt.Dimension;
import java.awt.EventQueue;
import java.awt.FlowLayout;
+import java.awt.GridLayout;
import java.awt.Insets;
import java.awt.Point;
import java.awt.event.ActionEvent;
@@ -35,6 +37,7 @@
import java.io.FileWriter;
import java.io.FilenameFilter;
import java.io.IOException;
+import java.net.URI;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -61,10 +64,13 @@
import javax.swing.JLabel;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
+import javax.swing.JPasswordField;
import javax.swing.JScrollPane;
import javax.swing.JSplitPane;
import javax.swing.JTable;
+import javax.swing.JTextArea;
import javax.swing.JTextField;
+import javax.swing.JToolBar;
import javax.swing.RowFilter;
import javax.swing.SwingConstants;
import javax.swing.UIManager;
@@ -88,6 +94,8 @@
import com.gitblit.client.HeaderPanel;
import com.gitblit.client.Translation;
import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
+import com.gitblit.utils.FileUtils;
import com.gitblit.utils.StringUtils;
import com.gitblit.utils.TimeUtils;
import com.gitblit.utils.X509Utils;
@@ -115,7 +123,7 @@
private IUserService userService;
- private String caKeystorePassword = null;
+ private String caKeystorePassword;
private JTable table;
@@ -126,6 +134,8 @@
private MailExecutor mail;
private JButton certificateDefaultsButton;
+
+ private JButton newSSLCertificate;
public static void main(String... args) {
EventQueue.invokeLater(new Runnable() {
@@ -233,7 +243,6 @@
}
gitblitSettings = new FileSettings(file.getAbsolutePath());
mail = new MailExecutor(gitblitSettings);
- caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);
String us = gitblitSettings.getString(Keys.realm.userService, "users.conf");
String ext = us.substring(us.lastIndexOf(".") + 1).toLowerCase();
IUserService service = null;
@@ -293,15 +302,54 @@
File caKeystore = new File(folder, X509Utils.CA_KEY_STORE);
if (!caKeystore.exists()) {
+
+ if (!X509Utils.unlimitedStrength) {
+ // prompt to confirm user understands JCE Standard Strength encryption
+ int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"),
+ Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE);
+ if (res != JOptionPane.YES_OPTION) {
+ if (Desktop.isDesktopSupported()) {
+ if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
+ try {
+ Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html"));
+ } catch (IOException e) {
+ }
+ }
+ }
+ System.exit(1);
+ }
+ }
+
// show certificate defaults dialog
certificateDefaultsButton.doClick();
+
+ // create "localhost" ssl certificate
+ prepareX509Infrastructure();
}
}
}
- private void prepareX509Infrastructure() {
+ private boolean prepareX509Infrastructure() {
+ if (caKeystorePassword == null) {
+ JPasswordField pass = new JPasswordField(10);
+ pass.setText(caKeystorePassword);
+ pass.addAncestorListener(new RequestFocusListener());
+ JPanel panel = new JPanel(new BorderLayout());
+ panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);
+ panel.add(pass, BorderLayout.CENTER);
+ int result = JOptionPane.showConfirmDialog(GitblitAuthority.this, panel, Translation.get("gb.password"), JOptionPane.OK_CANCEL_OPTION);
+ if (result == JOptionPane.OK_OPTION) {
+ caKeystorePassword = new String(pass.getPassword());
+ } else {
+ return false;
+ }
+ }
+
X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
+ setMetadataDefaults(metadata);
+ metadata.notAfter = new Date(System.currentTimeMillis() + 10*TimeUtils.ONEYEAR);
X509Utils.prepareX509Infrastructure(metadata, folder, this);
+ return true;
}
private List<X509Certificate> findCerts(File folder, String username) {
@@ -356,34 +404,22 @@
}
@Override
- public void saveUser(String username, UserCertificateModel ucm) {
- userService.updateUserModel(username, ucm.user);
+ public boolean saveUser(String username, UserCertificateModel ucm) {
+ return userService.updateUserModel(username, ucm.user);
}
@Override
- public void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {
- prepareX509Infrastructure();
- Date notAfter = metadata.notAfter;
- metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, "localhost");
- UserModel user = ucm.user;
-
- // set default values from config file
- File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
- FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
- if (certificatesConfigFile.exists()) {
- try {
- config.load();
- } catch (Exception e) {
- Utils.showException(GitblitAuthority.this, e);
- }
- NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
- certificateConfig.update(metadata);
+ public boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {
+ if (!prepareX509Infrastructure()) {
+ return false;
}
-
- // restore expiration date
+
+ Date notAfter = metadata.notAfter;
+ setMetadataDefaults(metadata);
metadata.notAfter = notAfter;
// set user's specified OID values
+ UserModel user = ucm.user;
if (!StringUtils.isEmpty(user.organizationalUnit)) {
metadata.oids.put("OU", user.organizationalUnit);
}
@@ -404,15 +440,11 @@
File zip = X509Utils.newClientBundle(metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);
// save latest expiration date
- if (ucm.expires == null || metadata.notAfter.after(ucm.expires)) {
+ if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {
ucm.expires = metadata.notAfter;
}
- ucm.update(config);
- try {
- config.save();
- } catch (Exception e) {
- Utils.showException(GitblitAuthority.this, e);
- }
+
+ updateAuthorityConfig(ucm);
// refresh user
ucm.certs = null;
@@ -421,43 +453,17 @@
table.getSelectionModel().setSelectionInterval(modelIndex, modelIndex);
if (sendEmail) {
- // send email
- try {
- if (mail.isReady()) {
- Message message = mail.createMessage(user.emailAddress);
- message.setSubject("Your Gitblit client certificate for " + metadata.serverHostname);
-
- // body of email
- String body = X509Utils.processTemplate(new File(caKeystoreFile.getParentFile(), "mail.tmpl"), metadata);
- if (StringUtils.isEmpty(body)) {
- body = MessageFormat.format("Hi {0}\n\nHere is your client certificate bundle.\nInside the zip file are installation instructions.", user.getDisplayName());
- }
- Multipart mp = new MimeMultipart();
- MimeBodyPart messagePart = new MimeBodyPart();
- messagePart.setText(body);
- mp.addBodyPart(messagePart);
-
- // attach zip
- MimeBodyPart filePart = new MimeBodyPart();
- FileDataSource fds = new FileDataSource(zip);
- filePart.setDataHandler(new DataHandler(fds));
- filePart.setFileName(fds.getName());
- mp.addBodyPart(filePart);
-
- message.setContent(mp);
-
- mail.sendNow(message);
- } else {
- JOptionPane.showMessageDialog(GitblitAuthority.this, "Sorry, the mail server settings are not configured properly.\nCan not send email.", Translation.get("gb.error"), JOptionPane.ERROR_MESSAGE);
- }
- } catch (Exception e) {
- Utils.showException(GitblitAuthority.this, e);
- }
+ sendEmail(user, metadata, zip);
}
+ return true;
}
@Override
- public void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {
+ public boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {
+ if (!prepareX509Infrastructure()) {
+ return false;
+ }
+
File caRevocationList = new File(folder, X509Utils.CA_REVOCATION_LIST);
File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
if (X509Utils.revoke(cert, reason, caRevocationList, caKeystoreFile, caKeystorePassword, GitblitAuthority.this)) {
@@ -485,7 +491,10 @@
tableModel.fireTableDataChanged();
table.getSelectionModel().setSelectionInterval(modelIndex, modelIndex);
+ return true;
}
+
+ return false;
}
};
@@ -527,7 +536,7 @@
certificateDefaultsButton = new JButton(new ImageIcon(getClass().getResource("/settings_16x16.png")));
certificateDefaultsButton.setFocusable(false);
- certificateDefaultsButton.setToolTipText(Translation.get("gb.certificateDefaults"));
+ certificateDefaultsButton.setToolTipText(Translation.get("gb.newCertificateDefaults"));
certificateDefaultsButton.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
@@ -558,28 +567,41 @@
}
};
- JTextField durationTF = new JTextField(4);
- durationTF.setInputVerifier(verifier);
- durationTF.setVerifyInputWhenFocusTarget(true);
- durationTF.setText("" + certificateConfig.duration);
- JPanel durationPanel = Utils.newFieldPanel(Translation.get("gb.duration"), durationTF, Translation.get("gb.duration.days").replace("{0}", "").trim());
+ JTextField siteNameTF = new JTextField(20);
+ siteNameTF.setText(gitblitSettings.getString(Keys.web.siteName, "Gitblit"));
+ JPanel siteNamePanel = Utils.newFieldPanel(Translation.get("gb.siteName"),
+ siteNameTF, Translation.get("gb.siteNameDescription"));
+
+ JTextField validityTF = new JTextField(4);
+ validityTF.setInputVerifier(verifier);
+ validityTF.setVerifyInputWhenFocusTarget(true);
+ validityTF.setText("" + certificateConfig.duration);
+ JPanel validityPanel = Utils.newFieldPanel(Translation.get("gb.validity"),
+ validityTF, Translation.get("gb.duration.days").replace("{0}", "").trim());
+
+ JPanel p1 = new JPanel(new GridLayout(0, 1, 5, 2));
+ p1.add(siteNamePanel);
+ p1.add(validityPanel);
+
DefaultOidsPanel oids = new DefaultOidsPanel(metadata);
JPanel panel = new JPanel(new BorderLayout());
- panel.add(durationPanel, BorderLayout.NORTH);
+ panel.add(p1, BorderLayout.NORTH);
panel.add(oids, BorderLayout.CENTER);
int result = JOptionPane.showConfirmDialog(GitblitAuthority.this,
- panel, Translation.get("gb.certificateDefaults"), JOptionPane.OK_CANCEL_OPTION,
+ panel, Translation.get("gb.newCertificateDefaults"), JOptionPane.OK_CANCEL_OPTION,
JOptionPane.QUESTION_MESSAGE, new ImageIcon(getClass().getResource("/settings_32x32.png")));
if (result == JOptionPane.OK_OPTION) {
try {
oids.update(metadata);
- certificateConfig.duration = Integer.parseInt(durationTF.getText());
+ certificateConfig.duration = Integer.parseInt(validityTF.getText());
certificateConfig.store(config, metadata);
config.save();
- prepareX509Infrastructure();
+ Map<String, String> updates = new HashMap<String, String>();
+ updates.put(Keys.web.siteName, siteNameTF.getText());
+ gitblitSettings.saveSettings(updates);
} catch (Exception e1) {
Utils.showException(GitblitAuthority.this, e1);
}
@@ -587,33 +609,127 @@
}
});
- JButton newWebCertificate = new JButton(new ImageIcon(getClass().getResource("/rosette_16x16.png")));
- newWebCertificate.setFocusable(false);
- newWebCertificate.setToolTipText(Translation.get("gb.newWebCertificate"));
- newWebCertificate.addActionListener(new ActionListener() {
+ newSSLCertificate = new JButton(new ImageIcon(getClass().getResource("/rosette_16x16.png")));
+ newSSLCertificate.setFocusable(false);
+ newSSLCertificate.setToolTipText(Translation.get("gb.newSSLCertificate"));
+ newSSLCertificate.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
Date defaultExpiration = new Date(System.currentTimeMillis() + 10*TimeUtils.ONEYEAR);
- NewWebCertificateDialog dialog = new NewWebCertificateDialog(GitblitAuthority.this, defaultExpiration);
+ NewSSLCertificateDialog dialog = new NewSSLCertificateDialog(GitblitAuthority.this, defaultExpiration);
dialog.setModal(true);
dialog.setVisible(true);
if (dialog.isCanceled()) {
return;
}
- prepareX509Infrastructure();
- Date expires = dialog.getExpiration();
- String hostname = dialog.getHostname();
+ final Date expires = dialog.getExpiration();
+ final String hostname = dialog.getHostname();
+ final boolean serveCertificate = dialog.isServeCertificate();
- // read CA private key and certificate
- File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
- PrivateKey caPrivateKey = X509Utils.getPrivateKey(X509Utils.CA_ALIAS, caKeystoreFile, caKeystorePassword);
- X509Certificate caCert = X509Utils.getCertificate(X509Utils.CA_ALIAS, caKeystoreFile, caKeystorePassword);
+ AuthorityWorker worker = new AuthorityWorker(GitblitAuthority.this) {
+
+ @Override
+ protected Boolean doRequest() throws IOException {
+ if (!prepareX509Infrastructure()) {
+ return false;
+ }
+
+ // read CA private key and certificate
+ File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
+ PrivateKey caPrivateKey = X509Utils.getPrivateKey(X509Utils.CA_ALIAS, caKeystoreFile, caKeystorePassword);
+ X509Certificate caCert = X509Utils.getCertificate(X509Utils.CA_ALIAS, caKeystoreFile, caKeystorePassword);
+
+ // generate new SSL certificate
+ X509Metadata metadata = new X509Metadata(hostname, caKeystorePassword);
+ setMetadataDefaults(metadata);
+ metadata.notAfter = expires;
+ File serverKeystoreFile = new File(folder, X509Utils.SERVER_KEY_STORE);
+ X509Certificate cert = X509Utils.newSSLCertificate(metadata, caPrivateKey, caCert, serverKeystoreFile, GitblitAuthority.this);
+ boolean hasCert = cert != null;
+ if (hasCert && serveCertificate) {
+ // update Gitblit https connector alias
+ Map<String, String> updates = new HashMap<String, String>();
+ updates.put(Keys.server.certificateAlias, metadata.commonName);
+ gitblitSettings.saveSettings(updates);
+ }
+ return hasCert;
+ }
+
+ @Override
+ protected void onSuccess() {
+ if (serveCertificate) {
+ JOptionPane.showMessageDialog(GitblitAuthority.this,
+ MessageFormat.format(Translation.get("gb.sslCertificateGeneratedRestart"), hostname),
+ Translation.get("gb.newSSLCertificate"), JOptionPane.INFORMATION_MESSAGE);
+ } else {
+ JOptionPane.showMessageDialog(GitblitAuthority.this,
+ MessageFormat.format(Translation.get("gb.sslCertificateGenerated"), hostname),
+ Translation.get("gb.newSSLCertificate"), JOptionPane.INFORMATION_MESSAGE);
+ }
+ }
+ };
- // generate new SSL certificate
- X509Metadata metadata = new X509Metadata(hostname, caKeystorePassword);
- metadata.notAfter = expires;
- File serverKeystoreFile = new File(folder, X509Utils.SERVER_KEY_STORE);
- X509Utils.newSSLCertificate(metadata, caPrivateKey, caCert, serverKeystoreFile, GitblitAuthority.this);
+ worker.execute();
+ }
+ });
+
+ JButton emailBundle = new JButton(new ImageIcon(getClass().getResource("/mail_16x16.png")));
+ emailBundle.setFocusable(false);
+ emailBundle.setToolTipText(Translation.get("gb.emailCertificateBundle"));
+ emailBundle.addActionListener(new ActionListener() {
+ @Override
+ public void actionPerformed(ActionEvent e) {
+ int row = table.getSelectedRow();
+ if (row < 0) {
+ return;
+ }
+ int modelIndex = table.convertRowIndexToModel(row);
+ final UserCertificateModel ucm = tableModel.get(modelIndex);
+ if (ArrayUtils.isEmpty(ucm.certs)) {
+ JOptionPane.showMessageDialog(GitblitAuthority.this, MessageFormat.format(Translation.get("gb.pleaseGenerateClientCertificate"), ucm.user.getDisplayName()));
+ }
+ final File zip = new File(folder, X509Utils.CERTS + File.separator + ucm.user.username + File.separator + ucm.user.username + ".zip");
+ if (!zip.exists()) {
+ return;
+ }
+
+ AuthorityWorker worker = new AuthorityWorker(GitblitAuthority.this) {
+ @Override
+ protected Boolean doRequest() throws IOException {
+ X509Metadata metadata = new X509Metadata(ucm.user.username, "whocares");
+ metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
+ if (StringUtils.isEmpty(metadata.serverHostname)) {
+ metadata.serverHostname = Constants.NAME;
+ }
+ metadata.userDisplayname = ucm.user.getDisplayName();
+ return sendEmail(ucm.user, metadata, zip);
+ }
+
+ @Override
+ protected void onSuccess() {
+ JOptionPane.showMessageDialog(GitblitAuthority.this, MessageFormat.format(Translation.get("gb.clientCertificateBundleSent"),
+ ucm.user.getDisplayName()));
+ }
+
+ };
+ worker.execute();
+ }
+ });
+
+ JButton logButton = new JButton(new ImageIcon(getClass().getResource("/script_16x16.png")));
+ logButton.setFocusable(false);
+ logButton.setToolTipText(Translation.get("gb.log"));
+ logButton.addActionListener(new ActionListener() {
+ @Override
+ public void actionPerformed(ActionEvent e) {
+ File log = new File(folder, X509Utils.CERTS + File.separator + "log.txt");
+ if (log.exists()) {
+ String content = FileUtils.readContent(log, "\n");
+ JTextArea textarea = new JTextArea(content);
+ JScrollPane scrollPane = new JScrollPane(textarea);
+ scrollPane.setPreferredSize(new Dimension(700, 400));
+ JOptionPane.showMessageDialog(GitblitAuthority.this, scrollPane, log.getAbsolutePath(), JOptionPane.INFORMATION_MESSAGE);
+ }
}
});
@@ -629,9 +745,12 @@
}
});
- JPanel buttonControls = new JPanel(new FlowLayout(FlowLayout.LEFT, Utils.MARGIN, Utils.MARGIN));
+ JToolBar buttonControls = new JToolBar(JToolBar.HORIZONTAL);
+ buttonControls.setFloatable(false);
buttonControls.add(certificateDefaultsButton);
- buttonControls.add(newWebCertificate);
+ buttonControls.add(newSSLCertificate);
+ buttonControls.add(emailBundle);
+ buttonControls.add(logButton);
JPanel userControls = new JPanel(new FlowLayout(FlowLayout.RIGHT, Utils.MARGIN, Utils.MARGIN));
userControls.add(new JLabel(Translation.get("gb.filter")));
@@ -708,4 +827,79 @@
}
}
}
+
+ private boolean sendEmail(UserModel user, X509Metadata metadata, File zip) {
+ // send email
+ try {
+ if (mail.isReady()) {
+ Message message = mail.createMessage(user.emailAddress);
+ message.setSubject("Your Gitblit client certificate for " + metadata.serverHostname);
+
+ // body of email
+ String body = X509Utils.processTemplate(new File(folder, X509Utils.CERTS + File.separator + "mail.tmpl"), metadata);
+ if (StringUtils.isEmpty(body)) {
+ body = MessageFormat.format("Hi {0}\n\nHere is your client certificate bundle.\nInside the zip file are installation instructions.", user.getDisplayName());
+ }
+ Multipart mp = new MimeMultipart();
+ MimeBodyPart messagePart = new MimeBodyPart();
+ messagePart.setText(body);
+ mp.addBodyPart(messagePart);
+
+ // attach zip
+ MimeBodyPart filePart = new MimeBodyPart();
+ FileDataSource fds = new FileDataSource(zip);
+ filePart.setDataHandler(new DataHandler(fds));
+ filePart.setFileName(fds.getName());
+ mp.addBodyPart(filePart);
+
+ message.setContent(mp);
+
+ mail.sendNow(message);
+ return true;
+ } else {
+ JOptionPane.showMessageDialog(GitblitAuthority.this, "Sorry, the mail server settings are not configured properly.\nCan not send email.", Translation.get("gb.error"), JOptionPane.ERROR_MESSAGE);
+ }
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ return false;
+ }
+
+ private void setMetadataDefaults(X509Metadata metadata) {
+ metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
+ if (StringUtils.isEmpty(metadata.serverHostname)) {
+ metadata.serverHostname = Constants.NAME;
+ }
+
+ // set default values from config file
+ File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+ FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+ if (certificatesConfigFile.exists()) {
+ try {
+ config.load();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
+ certificateConfig.update(metadata);
+ }
+ }
+
+ private void updateAuthorityConfig(UserCertificateModel ucm) {
+ File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+ FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+ if (certificatesConfigFile.exists()) {
+ try {
+ config.load();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ }
+ ucm.update(config);
+ try {
+ config.save();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ }
}
--
Gitblit v1.9.1