midsuit
/
core-jgi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

IDEMPIERE-4618 Obfuscate ADEMPIERE_KEYSTOREPASS as suggested by jetty (#494)

This commit is contained in:
Carlos Ruiz 2020-12-31 03:04:39 +01:00 committed by GitHub
parent aa29cb6d7c
commit df47a79531
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 39 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
org.adempiere.install/META-INF/MANIFEST.MF
View File

@ -5,7 +5,8 @@ Bundle-SymbolicName: org.adempiere.install;singleton:=true
Bundle-Version: 8.2.0.qualifier Bundle-Version: 8.2.0.qualifier
Export-Package: org.adempiere.install, Export-Package: org.adempiere.install,
org.compiere.install org.compiere.install
Require-Bundle: org.adempiere.base;bundle-version="0.0.0" Require-Bundle: org.adempiere.base;bundle-version="0.0.0",
org.eclipse.jetty.util
Bundle-RequiredExecutionEnvironment: JavaSE-11 Bundle-RequiredExecutionEnvironment: JavaSE-11
Require-Capability: osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=11))" Require-Capability: osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=11))"
Import-Package: javax.mail;version="1.5", Import-Package: javax.mail;version="1.5",

1
org.adempiere.install/install.app.launch
View File

@ -74,6 +74,7 @@
<setEntry value="org.eclipse.equinox.preferences@default:default"/> <setEntry value="org.eclipse.equinox.preferences@default:default"/>
<setEntry value="org.eclipse.equinox.registry@default:default"/> <setEntry value="org.eclipse.equinox.registry@default:default"/>
<setEntry value="org.eclipse.jetty.osgi-servlet-api@default:default"/> <setEntry value="org.eclipse.jetty.osgi-servlet-api@default:default"/>
<setEntry value="org.eclipse.jetty.util@default:default"/>
<setEntry value="org.eclipse.osgi.compatibility.state@default:false"/> <setEntry value="org.eclipse.osgi.compatibility.state@default:false"/>
<setEntry value="org.eclipse.osgi.services@default:default"/> <setEntry value="org.eclipse.osgi.services@default:default"/>
<setEntry value="org.eclipse.osgi.util@default:default"/> <setEntry value="org.eclipse.osgi.util@default:default"/>

3
org.adempiere.install/install.console.app.launch
View File

@ -71,6 +71,7 @@
<setEntry value="org.eclipse.equinox.preferences@default:default"/> <setEntry value="org.eclipse.equinox.preferences@default:default"/>
<setEntry value="org.eclipse.equinox.registry@default:default"/> <setEntry value="org.eclipse.equinox.registry@default:default"/>
<setEntry value="org.eclipse.jetty.osgi-servlet-api@default:default"/> <setEntry value="org.eclipse.jetty.osgi-servlet-api@default:default"/>
<setEntry value="org.eclipse.jetty.util@default:default"/>
<setEntry value="org.eclipse.osgi.compatibility.state@default:false"/> <setEntry value="org.eclipse.osgi.compatibility.state@default:false"/>
<setEntry value="org.eclipse.osgi.services@default:default"/> <setEntry value="org.eclipse.osgi.services@default:default"/>
<setEntry value="org.eclipse.osgi.util@default:default"/> <setEntry value="org.eclipse.osgi.util@default:default"/>
@ -91,7 +92,7 @@
<setEntry value="org.compiere.db.oracle.provider@default:default"/> <setEntry value="org.compiere.db.oracle.provider@default:default"/>
<setEntry value="org.compiere.db.postgresql.provider@default:default"/> <setEntry value="org.compiere.db.postgresql.provider@default:default"/>
</setAttribute> </setAttribute>
<booleanAttribute key="show_selected_only" value="true"/> <booleanAttribute key="show_selected_only" value="false"/>
<stringAttribute key="templateConfig" value="${target_home}/configuration/config.ini"/> <stringAttribute key="templateConfig" value="${target_home}/configuration/config.ini"/>
<booleanAttribute key="tracing" value="false"/> <booleanAttribute key="tracing" value="false"/>
<booleanAttribute key="useCustomFeatures" value="false"/> <booleanAttribute key="useCustomFeatures" value="false"/>

35
org.adempiere.install/src/org/compiere/install/ConfigurationData.java
View File

@ -56,6 +56,7 @@ import org.compiere.util.DB;
import org.compiere.util.EMail; import org.compiere.util.EMail;
import org.compiere.util.EMailAuthenticator; import org.compiere.util.EMailAuthenticator;
import org.compiere.util.Ini; import org.compiere.util.Ini;
import org.eclipse.jetty.util.security.Password;
/** /**
@ -239,6 +240,13 @@ public class ConfigurationData
if (p_properties.size() > 5) if (p_properties.size() > 5)
envLoaded = true; envLoaded = true;
// deobfuscate keystore pass
String obfKeystorePass = p_properties.getProperty(ADEMPIERE_KEYSTOREPASS);
if (obfKeystorePass.startsWith(Password.__OBFUSCATE)) {
String keystorePass = Password.deobfuscate(obfKeystorePass);
p_properties.put(ADEMPIERE_KEYSTOREPASS, keystorePass);
}
Properties loaded = new Properties(); Properties loaded = new Properties();
loaded.putAll(p_properties); loaded.putAll(p_properties);
// //
@ -829,12 +837,17 @@ public class ConfigurationData
// Save Environment // Save Environment
fileName = m_adempiereHome.getAbsolutePath() + File.separator + IDEMPIERE_ENV_FILE; fileName = m_adempiereHome.getAbsolutePath() + File.separator + IDEMPIERE_ENV_FILE;
FileOutputStream fos = null;
try try
{ {
FileOutputStream fos = new FileOutputStream(new File(fileName)); fos = new FileOutputStream(new File(fileName));
// obfuscate keystore pass
String keystorePass = p_properties.getProperty(ADEMPIERE_KEYSTOREPASS);
String obfKeystorePass = Password.obfuscate(keystorePass);
p_properties.put(ADEMPIERE_KEYSTOREPASS, obfKeystorePass);
p_properties.store(fos, IDEMPIERE_ENV_FILE); p_properties.store(fos, IDEMPIERE_ENV_FILE);
p_properties.put(ADEMPIERE_KEYSTOREPASS, keystorePass);
fos.flush(); fos.flush();
fos.close();
} }
catch (Exception e) catch (Exception e)
{ {
@ -860,6 +873,24 @@ public class ConfigurationData
System.err.println(ConfigurationPanel.res.getString("ErrorSave")); System.err.println(ConfigurationPanel.res.getString("ErrorSave"));
return false; return false;
} }
finally
{
if (fos != null) {
try {
fos.close();
} catch (IOException e) {
log.severe("Cannot close file " + fileName);
if (p_panel != null)
JOptionPane.showConfirmDialog(p_panel,
ConfigurationPanel.res.getString("ErrorSave"),
ConfigurationPanel.res.getString("AdempiereServerSetup"),
JOptionPane.DEFAULT_OPTION, JOptionPane.ERROR_MESSAGE);
else
System.err.println(ConfigurationPanel.res.getString("ErrorSave"));
return false;
}
}
}
log.info(fileName); log.info(fileName);
return saveIni(); return saveIni();
} // save } // save

1
org.adempiere.server-feature/setup/configuration/config.ini
View File

@ -45,6 +45,7 @@ osgi.bundles=org.eclipse.equinox.ds@1:start,\
org.apache.activemq.kahadb,\ org.apache.activemq.kahadb,\
javax.transaction,\ javax.transaction,\
org.eclipse.jetty.osgi-servlet-api,\ org.eclipse.jetty.osgi-servlet-api,\
org.eclipse.jetty.util,\
jakarta.annotation-api,\ jakarta.annotation-api,\
slf4j.api,\ slf4j.api,\
slf4j.jcl,\ slf4j.jcl,\